# HG changeset patch # User Wolfgang Rosenauer # Date 1287993965 -7200 # Node ID 15e53a96c9cad159d33e55512b4fd5c854d6809f # Parent 692686ab9228f169da9a5d025621e90456a22154 changelogs diff -r 692686ab9228 -r 15e53a96c9ca MozillaFirefox/MozillaFirefox.changes --- a/MozillaFirefox/MozillaFirefox.changes Wed Oct 06 07:14:29 2010 +0200 +++ b/MozillaFirefox/MozillaFirefox.changes Mon Oct 25 10:06:05 2010 +0200 @@ -1,7 +1,25 @@ ------------------------------------------------------------------- Wed Oct 6 07:13:52 CEST 2010 - wr@rosenauer.org -- security update to 3.6.11 +- security update to 3.6.11 (bnc#645315) + * MFSA 2010-64/CVE-2010-3174/CVE-2010-3175/CVE-2010-3176 + Miscellaneous memory safety hazards + * MFSA 2010-65/CVE-2010-3179 (bmo#583077) + Buffer overflow and memory corruption using document.write + * MFSA 2010-66/CVE-2010-3180 (bmo#588929) + Use-after-free error in nsBarProp + * MFSA 2010-67/CVE-2010-3183 (bmo#598669) + Dangling pointer vulnerability in LookupGetterOrSetter + * MFSA 2010-68/CVE-2010-3177 (bmo#556734) + XSS in gopher parser when parsing hrefs + * MFSA 2010-69/CVE-2010-3178 (bmo#576616) + Cross-site information disclosure via modal calls + * MFSA 2010-70/CVE-2010-3170 (bmo#578697) + SSL wildcard certificate matching IP addresses + * MFSA 2010-71/CVE-2010-3182 (bmo#590753) + Unsafe library loading vulnerabilities + * MFSA 2010-72/CVE-2010-3173 + Insecure Diffie-Hellman key exchange ------------------------------------------------------------------- Wed Sep 15 07:39:22 CEST 2010 - wr@rosenauer.org diff -r 692686ab9228 -r 15e53a96c9ca MozillaFirefox/MozillaFirefox.spec --- a/MozillaFirefox/MozillaFirefox.spec Wed Oct 06 07:14:29 2010 +0200 +++ b/MozillaFirefox/MozillaFirefox.spec Mon Oct 25 10:06:05 2010 +0200 @@ -36,7 +36,7 @@ Provides: firefox Version: 3.6.11 Release: 1 -%define releasedate 2010100500 +%define releasedate 2010101300 Summary: Mozilla Firefox Web Browser Url: http://www.mozilla.org/ Group: Productivity/Networking/Web/Browsers diff -r 692686ab9228 -r 15e53a96c9ca mozilla-xulrunner192/mozilla-xulrunner192.changes --- a/mozilla-xulrunner192/mozilla-xulrunner192.changes Wed Oct 06 07:14:29 2010 +0200 +++ b/mozilla-xulrunner192/mozilla-xulrunner192.changes Mon Oct 25 10:06:05 2010 +0200 @@ -1,7 +1,25 @@ ------------------------------------------------------------------- Wed Oct 6 07:13:34 CEST 2010 - wr@rosenauer.org -- security update to 1.9.2.11 +- security update to 1.9.2.11 (bnc#645315) + * MFSA 2010-64/CVE-2010-3174/CVE-2010-3175/CVE-2010-3176 + Miscellaneous memory safety hazards + * MFSA 2010-65/CVE-2010-3179 (bmo#583077) + Buffer overflow and memory corruption using document.write + * MFSA 2010-66/CVE-2010-3180 (bmo#588929) + Use-after-free error in nsBarProp + * MFSA 2010-67/CVE-2010-3183 (bmo#598669) + Dangling pointer vulnerability in LookupGetterOrSetter + * MFSA 2010-68/CVE-2010-3177 (bmo#556734) + XSS in gopher parser when parsing hrefs + * MFSA 2010-69/CVE-2010-3178 (bmo#576616) + Cross-site information disclosure via modal calls + * MFSA 2010-70/CVE-2010-3170 (bmo#578697) + SSL wildcard certificate matching IP addresses + * MFSA 2010-71/CVE-2010-3182 (bmo#590753) + Unsafe library loading vulnerabilities + * MFSA 2010-72/CVE-2010-3173 + Insecure Diffie-Hellman key exchange - removed upstreamed patches: * mozilla-esd.patch * mozilla-helper-app.patch diff -r 692686ab9228 -r 15e53a96c9ca mozilla-xulrunner192/mozilla-xulrunner192.spec --- a/mozilla-xulrunner192/mozilla-xulrunner192.spec Wed Oct 06 07:14:29 2010 +0200 +++ b/mozilla-xulrunner192/mozilla-xulrunner192.spec Mon Oct 25 10:06:05 2010 +0200 @@ -20,7 +20,7 @@ Name: mozilla-xulrunner192 -BuildRequires: autoconf213 gcc-c++ libcurl-devel libgnomeui-devel libidl-devel libnotify-devel python startup-notification-devel zip pkg-config +BuildRequires: autoconf213 gcc-c++ libcurl-devel libgnomeui-devel libidl-devel libnotify-devel pkg-config python startup-notification-devel zip # needed for brp-check-bytecode-version (jar, fastjar would do as well) BuildRequires: unzip %if %suse_version > 1020 @@ -41,7 +41,7 @@ License: GPLv2+ ; LGPLv2.1+ ; MPLv1.1+ Version: 1.9.2.11 Release: 1 -%define releasedate 2010100500 +%define releasedate 2010101300 %define version_internal 1.9.2.11 %define apiversion 1.9.2 %define uaweight 192110 @@ -203,6 +203,7 @@ %if %crashreporter + %package buildsymbols License: GPLv2+ ; LGPLv2.1+ ; MPLv1.1+ Summary: Breakpad buildsymbols for %{name}