# HG changeset patch
# User Wolfgang Rosenauer <wr@rosenauer.org>
# Date 1313615592 -7200
# Node ID c58dd3428f476cb7d9e7f5dff0e779908a6f200b
# Parent  9672e7276009f096e217df96ec6ae78812976ddc
changelog update with security information

diff -r 9672e7276009 -r c58dd3428f47 MozillaFirefox/MozillaFirefox.changes
--- a/MozillaFirefox/MozillaFirefox.changes	Fri Aug 12 23:56:40 2011 +0200
+++ b/MozillaFirefox/MozillaFirefox.changes	Wed Aug 17 23:13:12 2011 +0200
@@ -1,8 +1,21 @@
 -------------------------------------------------------------------
 Fri Aug 12 21:16:19 UTC 2011 - wr@rosenauer.org
 
-- update to 6.0 (bnc#711954)
-  * included security fixes
+- update to 6.0 (bnc#712224)
+  included security fixes MFSA 2011-29
+  * CVE-2011-2989/CVE-2011-2991/CVE-2011-2992/CVE-2011-2985
+    Miscellaneous memory safety hazards
+  * CVE-2011-2993 (bmo#657267)
+    Unsigned scripts can call script inside signed JAR
+  * CVE-2011-2988 (bmo#665934)
+    Heap overflow in ANGLE library
+  * CVE-2011-0084 (bmo#648094)
+    Crash in SVGTextElement.getCharNumAtPosition()
+  * CVE-2011-2990
+    Credential leakage using Content Security Policy reports
+  * CVE-2011-2986 (bmo#655836)
+    Cross-origin data theft using canvas and Windows D2D
+- removed obsolete curl header dependency (mozilla-curl.patch)
 
 -------------------------------------------------------------------
 Fri Jul 22 13:34:12 UTC 2011 - wr@rosenauer.org