--- a/MozillaFirefox/firefox-esr.changes	Thu Oct 24 20:12:34 2013 +0200
+++ b/MozillaFirefox/firefox-esr.changes	Sun Nov 03 18:39:18 2013 +0100
@@ -1,8 +1,30 @@
 -------------------------------------------------------------------
 Thu Oct 24 16:46:31 UTC 2013 - wr@rosenauer.org
 
-- update to Firefox 24.1.0esr (bnc#)
+- update to Firefox 24.1.0esr (bnc#847708)
   * requires NSS 3.15.2 or above
+  * MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592
+    Miscellaneous memory safety hazards
+  * MFSA 2013-94/CVE-2013-5593 (bmo#868327)
+    Spoofing addressbar through SELECT element
+  * MFSA 2013-95/CVE-2013-5604 (bmo#914017)
+    Access violation with XSLT and uninitialized data
+  * MFSA 2013-96/CVE-2013-5595 (bmo#916580)
+    Improperly initialized memory and overflows in some JavaScript
+    functions
+  * MFSA 2013-97/CVE-2013-5596 (bmo#910881)
+    Writing to cycle collected object during image decoding
+  * MFSA 2013-98/CVE-2013-5597 (bmo#918864)
+    Use-after-free when updating offline cache
+  * MFSA 2013-99/CVE-2013-5598 (bmo#920515)
+    Security bypass of PDF.js checks using iframes
+  * MFSA 2013-100/CVE-2013-5599/CVE-2013-5600/CVE-2013-5601
+    (bmo#915210, bmo#915576, bmo#916685)
+    Miscellaneous use-after-free issues found through ASAN fuzzing
+  * MFSA 2013-101/CVE-2013-5602 (bmo#897678)
+    Memory corruption in workers
+  * MFSA 2013-102/CVE-2013-5603 (bmo#916404)
+    Use-after-free in HTML document templates
 
 -------------------------------------------------------------------
 Sat Oct  5 18:10:39 UTC 2013 - wr@rosenauer.org