Overview

File _patchinfo of Package patchinfo.2014

<patchinfo>
  <issue id="840485" tracker="bnc">Firefox 24.0/17.0.9esr security release</issue>
  <issue id="840551" tracker="bnc">move greek tanslation to -common</issue>
  <issue id="CVE-2013-1719" tracker="cve" />
  <issue id="CVE-2013-1718" tracker="cve" />
  <issue id="CVE-2013-1721" tracker="cve" />
  <issue id="CVE-2013-1737" tracker="cve" />
  <issue id="CVE-2013-1725" tracker="cve" />
  <issue id="CVE-2013-1730" tracker="cve" />
  <issue id="CVE-2013-1732" tracker="cve" />
  <issue id="CVE-2013-1724" tracker="cve" />
  <issue id="CVE-2013-1723" tracker="cve" />
  <issue id="CVE-2013-1735" tracker="cve" />
  <issue id="CVE-2013-1736" tracker="cve" />
  <issue id="CVE-2013-1720" tracker="cve" />
  <issue id="CVE-2013-1738" tracker="cve" />
  <issue id="CVE-2013-1728" tracker="cve" />
  <issue id="CVE-2013-1722" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>wrosenauer</packager>
  <description>This MozillaFirefox update to version 24.0 fixes several 
security and non-security issues:

- move greek to the translations-common package (bnc#840551)

- update to Firefox 24.0 (bnc#840485)
  * MFSA 2013-76/CVE-2013-1718/CVE-2013-1719
    Miscellaneous memory safety hazards
  * MFSA 2013-77/CVE-2013-1720 (bmo#888820)
    Improper state in HTML5 Tree Builder with templates
  * MFSA 2013-78/CVE-2013-1721 (bmo#890277)
    Integer overflow in ANGLE library
  * MFSA 2013-79/CVE-2013-1722 (bmo#893308)
    Use-after-free in Animation Manager during stylesheet cloning
  * MFSA 2013-80/CVE-2013-1723 (bmo#891292)
    NativeKey continues handling key messages after widget is destroyed
  * MFSA 2013-81/CVE-2013-1724 (bmo#894137)
    Use-after-free with select element
  * MFSA 2013-82/CVE-2013-1725 (bmo#876762)
    Calling scope for new Javascript objects can lead to memory corruption
  * MFSA 2013-85/CVE-2013-1728 (bmo#883686)
    Uninitialized data in IonMonkey
  * MFSA 2013-88/CVE-2013-1730 (bmo#851353)
    Compartment mismatch re-attaching XBL-backed nodes
  * MFSA 2013-89/CVE-2013-1732 (bmo#883514)
    Buffer overflow with multi-column, lists, and floats
  * MFSA 2013-90/CVE-2013-1735/CVE-2013-1736 (bmo#898871, bmo#906301)
    Memory corruption involving scrolling
  * MFSA 2013-91/CVE-2013-1737 (bmo#907727)
    User-defined properties on DOM proxies get the wrong "this" object
  * MFSA 2013-92/CVE-2013-1738 (bmo#887334, bmo#882897)
    GC hazard with default compartments and frame chain restoration
- enable gstreamer explicitely via pref (gecko.js)
- require NSS 3.15.1
</description>
  <summary>update for MozillaFirefox</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places