# HG changeset patch
# User Wolfgang Rosenauer <wr@rosenauer.org>
# Date 1342722375 -7200
# Node ID c2c5bb5248b0676c15a9f7a0f081b44212ac5589
# Parent  43deb5e6462d4ee0ebcde5511066f574d342d2ae
changelogs

diff -r 43deb5e6462d -r c2c5bb5248b0 MozillaFirefox/MozillaFirefox.changes
--- a/MozillaFirefox/MozillaFirefox.changes	Mon Jun 25 22:15:54 2012 +0200
+++ b/MozillaFirefox/MozillaFirefox.changes	Thu Jul 19 20:26:15 2012 +0200
@@ -1,21 +1,53 @@
 -------------------------------------------------------------------
-Mon Jun 25 20:13:06 UTC 2012 - wr@rosenauer.org
-
-- update to Aurora 15 (20120625)
-- fix crashreporter restart option (bmo#762780)
+Thu Jul 19 18:24:48 UTC 2012 - wr@rosenauer.org
+
+- update to Firefox 15.0b1
 - fix HTML5 video crash with GStreamer enabled (bmo#761030)
 - updated filelist
 
 -------------------------------------------------------------------
-Mon Jun 25 19:16:07 UTC 2012 - wr@rosenauer.org
-
-- update to 14.0b9
+Sat Jul 14 19:31:51 UTC 2012 - wr@rosenauer.org
+
+- update to 14.0.1 (bnc#771583)
+  * MFSA 2012-42/CVE-2012-1949/CVE-2012-1948
+    Miscellaneous memory safety hazards
+  * MFSA 2012-43/CVE-2012-1950
+    Incorrect URL displayed in addressbar through drag and drop
+  * MFSA 2012-44/CVE-2012-1951/CVE-2012-1954/CVE-2012-1953/CVE-2012-1952
+    Gecko memory corruption
+  * MFSA 2012-45/CVE-2012-1955 (bmo#757376)
+    Spoofing issue with location
+  * MFSA 2012-46/CVE-2012-1966 (bmo#734076)
+    XSS through data: URLs
+  * MFSA 2012-47/CVE-2012-1957 (bmo#750096)
+    Improper filtering of javascript in HTML feed-view
+  * MFSA 2012-48/CVE-2012-1958 (bmo#750820)
+    use-after-free in nsGlobalWindow::PageHidden
+  * MFSA 2012-49/CVE-2012-1959 (bmo#754044, bmo#737559)
+    Same-compartment Security Wrappers can be bypassed
+  * MFSA 2012-50/CVE-2012-1960 (bmo#761014)
+    Out of bounds read in QCMS
+  * MFSA 2012-51/CVE-2012-1961 (bmo#761655)
+    X-Frame-Options header ignored when duplicated
+  * MFSA 2012-52/CVE-2012-1962 (bmo#764296)
+    JSDependentString::undepend string conversion results in memory
+    corruption
+  * MFSA 2012-53/CVE-2012-1963 (bmo#767778)
+    Content Security Policy 1.0 implementation errors cause data
+    leakage
+  * MFSA 2012-55/CVE-2012-1965 (bmo#758990)
+    feed: URLs with an innerURI inherit security context of page
+  * MFSA 2012-56/CVE-2012-1967 (bmo#758344)
+    Code execution through javascript: URLs
 - license change from tri license to MPL-2.0
 - fix crashreporter restart option (bmo#762780)
-- reenabled mozilla-yarr-pcre.patch to fix build for PPC
 - require NSS 3.13.5
 - remove mozjs pacrunner obsoletes again for now
 - adopted mozilla-prefer_plugin_pref.patch
+- PPC fixes:
+  * reenabled mozilla-yarr-pcre.patch to fix build for PPC
+  * add patches for bmo#750620 and bmo#746112
+  * fix xpcshell segfault on ppc
 
 -------------------------------------------------------------------
 Fri Jun 15 12:37:09 UTC 2012 - wr@rosenauer.org
diff -r 43deb5e6462d -r c2c5bb5248b0 xulrunner/xulrunner.changes
--- a/xulrunner/xulrunner.changes	Mon Jun 25 22:15:54 2012 +0200
+++ b/xulrunner/xulrunner.changes	Thu Jul 19 20:26:15 2012 +0200
@@ -1,13 +1,49 @@
 -------------------------------------------------------------------
-Mon Jun 25 20:14:50 UTC 2012 - wr@rosenauer.org
+Thu Jul 19 18:25:48 UTC 2012 - wr@rosenauer.org
 
-- update to Aurora 15 (20120625)
+- update to 15.0b1
 
 -------------------------------------------------------------------
-Fri Jun 15 12:40:23 UTC 2012 - wr@rosenauer.org
+Sat Jul 14 19:33:44 UTC 2012 - wr@rosenauer.org
 
-- update to 13.0.1
-  * bugfix release
+- update to 14.0.1 (bnc#771583)
+  * MFSA 2012-42/CVE-2012-1949/CVE-2012-1948
+    Miscellaneous memory safety hazards
+  * MFSA 2012-43/CVE-2012-1950
+    Incorrect URL displayed in addressbar through drag and drop
+  * MFSA 2012-44/CVE-2012-1951/CVE-2012-1954/CVE-2012-1953/CVE-2012-1952
+    Gecko memory corruption
+  * MFSA 2012-45/CVE-2012-1955 (bmo#757376)
+    Spoofing issue with location
+  * MFSA 2012-46/CVE-2012-1966 (bmo#734076)
+    XSS through data: URLs
+  * MFSA 2012-47/CVE-2012-1957 (bmo#750096)
+    Improper filtering of javascript in HTML feed-view
+  * MFSA 2012-48/CVE-2012-1958 (bmo#750820)
+    use-after-free in nsGlobalWindow::PageHidden
+  * MFSA 2012-49/CVE-2012-1959 (bmo#754044, bmo#737559)
+    Same-compartment Security Wrappers can be bypassed
+  * MFSA 2012-50/CVE-2012-1960 (bmo#761014)
+    Out of bounds read in QCMS
+  * MFSA 2012-51/CVE-2012-1961 (bmo#761655)
+    X-Frame-Options header ignored when duplicated
+  * MFSA 2012-52/CVE-2012-1962 (bmo#764296)
+    JSDependentString::undepend string conversion results in memory
+    corruption
+  * MFSA 2012-53/CVE-2012-1963 (bmo#767778)
+    Content Security Policy 1.0 implementation errors cause data
+    leakage
+  * MFSA 2012-55/CVE-2012-1965 (bmo#758990)
+    feed: URLs with an innerURI inherit security context of page
+  * MFSA 2012-56/CVE-2012-1967 (bmo#758344)
+    Code execution through javascript: URLs
+- license change from tri license to MPL-2.0
+- require NSS 3.13.5
+- PPC fixes:
+  * reenabled mozilla-yarr-pcre.patch to fix build for PPC
+  * add patches for bmo#750620 and bmo#746112
+  * fix xpcshell segfault on ppc
+- build plugin-container on every arch
 
 -------------------------------------------------------------------
 Sat Jun  2 09:16:34 UTC 2012 - wr@rosenauer.org