--- a/MozillaFirefox/MozillaFirefox.changes Sat Feb 21 00:04:54 2015 +0100
+++ b/MozillaFirefox/MozillaFirefox.changes Wed May 06 09:46:09 2015 +0200
@@ -1,7 +1,43 @@
-------------------------------------------------------------------
+Sun Mar 29 09:28:42 UTC 2015 - wr@rosenauer.org
+
+- update to Firefox 31.6.0esr (bnc#925368)
+ * MFSA 2015-30/CVE-2015-0815
+ Miscellaneous memory safety hazards
+ * MFSA 2015-31/CVE-2015-0813 (bmo#1106596))
+ Use-after-free when using the Fluendo MP3 GStreamer plugin
+ * MFSA 2015-33/CVE-2015-0816 (bmo#1144991)
+ resource:// documents can load privileged pages
+ * MFSA-2015-37/CVE-2015-0807 (bmo#1111834)
+ CORS requests should not follow 30x redirections after preflight
+ * MFSA-2015-40/CVE-2015-0801 (bmo#1146339)
+ Same-origin bypass through anchor navigation
+
+-------------------------------------------------------------------
+Sat Mar 21 10:38:32 UTC 2015 - wr@rosenauer.org
+
+- update to Firefox 31.5.3 (bnc#923534)
+ * MFSA 2015-28/CVE-2015-0818 (bmo#1144988)
+ Privilege escalation through SVG navigation
+ * MFSA 2015-29/CVE-2015-0817 (bmo#1145255)
+ Code execution through incorrect JavaScript bounds checking
+ elimination
+
+-------------------------------------------------------------------
Thu Feb 19 22:52:00 UTC 2015 - wr@rosenauer.org
- update to Firefox 31.5.0esr (bnc#917597)
+ * MFSA 2015-11/CVE-2015-0836
+ Miscellaneous memory safety hazards
+ * MFSA 2015-12/CVE-2015-0833 (bmo#945192)
+ Invoking Mozilla updater will load locally stored DLL files
+ (Windows only)
+ * MFSA 2015-16/CVE-2015-0831 (bmo#1130514)
+ Use-after-free in IndexedDB
+ * MFSA 2015-19/CVE-2015-0827 (bmo#1117304)
+ Out-of-bounds read and write while rendering SVG content
+ * MFSA 2015-24/CVE-2015-0822 (bmo#1110557)
+ Reading of local files through manipulation of form autocomplete
-------------------------------------------------------------------
Sat Jan 10 17:30:10 UTC 2015 - wr@rosenauer.org
--- a/MozillaFirefox/MozillaFirefox.spec Sat Feb 21 00:04:54 2015 +0100
+++ b/MozillaFirefox/MozillaFirefox.spec Wed May 06 09:46:09 2015 +0200
@@ -18,7 +18,7 @@
%define major 31
-%define mainver %major.5.0
+%define mainver %major.6.0
%define update_channel esr31
%if %suse_version > 1210
@@ -77,7 +77,7 @@
%endif
Version: %{mainver}
Release: 0
-%define releasedate 2015021900
+%define releasedate 2015032800
Provides: firefox = %{mainver}
Provides: firefox = %{version}-%{release}
Provides: web_browser
--- a/MozillaFirefox/create-tar.sh Sat Feb 21 00:04:54 2015 +0100
+++ b/MozillaFirefox/create-tar.sh Wed May 06 09:46:09 2015 +0200
@@ -2,8 +2,8 @@
CHANNEL="esr31"
BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_31_5_0esr_RELEASE"
-VERSION="31.5.0"
+RELEASE_TAG="FIREFOX_31_6_0esr_RELEASE"
+VERSION="31.6.0"
# mozilla
if [ -d mozilla ]; then
--- a/MozillaFirefox/firefox-esr.changes Sat Feb 21 00:04:54 2015 +0100
+++ b/MozillaFirefox/firefox-esr.changes Wed May 06 09:46:09 2015 +0200
@@ -1,7 +1,43 @@
-------------------------------------------------------------------
+Sun Mar 29 09:28:42 UTC 2015 - wr@rosenauer.org
+
+- update to Firefox 31.6.0esr (bnc#925368)
+ * MFSA 2015-30/CVE-2015-0815
+ Miscellaneous memory safety hazards
+ * MFSA 2015-31/CVE-2015-0813 (bmo#1106596))
+ Use-after-free when using the Fluendo MP3 GStreamer plugin
+ * MFSA 2015-33/CVE-2015-0816 (bmo#1144991)
+ resource:// documents can load privileged pages
+ * MFSA-2015-37/CVE-2015-0807 (bmo#1111834)
+ CORS requests should not follow 30x redirections after preflight
+ * MFSA-2015-40/CVE-2015-0801 (bmo#1146339)
+ Same-origin bypass through anchor navigation
+
+-------------------------------------------------------------------
+Sat Mar 21 10:38:32 UTC 2015 - wr@rosenauer.org
+
+- update to Firefox 31.5.3 (bnc#923495)
+ * MFSA 2015-28/CVE-2015-0818 (bmo#1144988)
+ Privilege escalation through SVG navigation
+ * MFSA 2015-29/CVE-2015-0817 (bmo#1145255)
+ Code execution through incorrect JavaScript bounds checking
+ elimination
+
+-------------------------------------------------------------------
Thu Feb 19 22:52:00 UTC 2015 - wr@rosenauer.org
- update to Firefox 31.5.0esr (bnc#917597)
+ * MFSA 2015-11/CVE-2015-0836
+ Miscellaneous memory safety hazards
+ * MFSA 2015-12/CVE-2015-0833 (bmo#945192)
+ Invoking Mozilla updater will load locally stored DLL files
+ (Windows only)
+ * MFSA 2015-16/CVE-2015-0831 (bmo#1130514)
+ Use-after-free in IndexedDB
+ * MFSA 2015-19/CVE-2015-0827 (bmo#1117304)
+ Out-of-bounds read and write while rendering SVG content
+ * MFSA 2015-24/CVE-2015-0822 (bmo#1110557)
+ Reading of local files through manipulation of form autocomplete
-------------------------------------------------------------------
Sat Jan 10 17:30:10 UTC 2015 - wr@rosenauer.org
--- a/MozillaFirefox/firefox-esr.spec Sat Feb 21 00:04:54 2015 +0100
+++ b/MozillaFirefox/firefox-esr.spec Wed May 06 09:46:09 2015 +0200
@@ -18,7 +18,7 @@
%define major 31
-%define mainver %major.5.0
+%define mainver %major.6.0
%define update_channel esr31
%if %suse_version > 1210
@@ -77,7 +77,7 @@
%endif
Version: %{mainver}
Release: 0
-%define releasedate 2015021900
+%define releasedate 2015032800
Provides: firefox-esr = %{mainver}
Provides: firefox-esr = %{version}-%{release}
Provides: web_browser
--- a/xulrunner/create-tar.sh Sat Feb 21 00:04:54 2015 +0100
+++ b/xulrunner/create-tar.sh Wed May 06 09:46:09 2015 +0200
@@ -2,8 +2,8 @@
CHANNEL="esr31"
BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_31_4_0esr_RELEASE"
-VERSION="31.4.0"
+RELEASE_TAG="FIREFOX_31_6_0esr_RELEASE"
+VERSION="31.6.0"
# mozilla
if [ -d mozilla ]; then
--- a/xulrunner/xulrunner.changes Sat Feb 21 00:04:54 2015 +0100
+++ b/xulrunner/xulrunner.changes Wed May 06 09:46:09 2015 +0200
@@ -1,7 +1,33 @@
+-------------------------------------------------------------------
+Mon Mar 30 07:56:19 UTC 2015 - wr@rosenauer.org
+
+- update to 31.6.0 (bnc#925368)
+ * MFSA 2015-30/CVE-2015-0815
+ Miscellaneous memory safety hazards
+ * MFSA 2015-31/CVE-2015-0813 (bmo#1106596))
+ Use-after-free when using the Fluendo MP3 GStreamer plugin
+ * MFSA 2015-33/CVE-2015-0816 (bmo#1144991)
+ resource:// documents can load privileged pages
+ * MFSA-2015-37/CVE-2015-0807 (bmo#1111834)
+ CORS requests should not follow 30x redirections after preflight
+ * MFSA-2015-40/CVE-2015-0801 (bmo#1146339)
+ Same-origin bypass through anchor navigation
+
-------------------------------------------------------------------
Thu Feb 19 22:56:55 UTC 2015 - wr@rosenauer.org
- update to 31.5.0 (bnc#917597)
+ * MFSA 2015-11/CVE-2015-0836
+ Miscellaneous memory safety hazards
+ * MFSA 2015-12/CVE-2015-0833 (bmo#945192)
+ Invoking Mozilla updater will load locally stored DLL files
+ (Windows only)
+ * MFSA 2015-16/CVE-2015-0831 (bmo#1130514)
+ Use-after-free in IndexedDB
+ * MFSA 2015-19/CVE-2015-0827 (bmo#1117304)
+ Out-of-bounds read and write while rendering SVG content
+ * MFSA 2015-24/CVE-2015-0822 (bmo#1110557)
+ Reading of local files through manipulation of form autocomplete
-------------------------------------------------------------------
Sat Jan 10 17:33:51 UTC 2015 - wr@rosenauer.org
--- a/xulrunner/xulrunner.spec Sat Feb 21 00:04:54 2015 +0100
+++ b/xulrunner/xulrunner.spec Wed May 06 09:46:09 2015 +0200
@@ -1,7 +1,7 @@
#
# spec file for package xulrunner
#
-# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
# 2006-2015 Wolfgang Rosenauer
#
# All modifications and additions to the file contributed by third parties
@@ -17,10 +17,10 @@
#
-%define version_internal 31.5.0
+%define version_internal 31.6.0
%define apiversion 31
-%define uaweight 3150000
-%define releasedate 2015021900
+%define uaweight 3160000
+%define releasedate 2015032800
%define shared_js 0
%define has_system_nspr 1
%define has_system_nss 1