File mozilla-xulrunner191.changes of Package mozilla-xulrunner191
-------------------------------------------------------------------
Thu Apr 21 11:32:57 UTC 2011 - wr@rosenauer.org
- security update to 1.9.1.19 (bnc#689281)
* MFSA 2011-12/ CVE-2011-0069 CVE-2011-0070 CVE-2011-0072
CVE-2011-0074 CVE-2011-0075 CVE-2011-0077 CVE-2011-0078
CVE-2011-0080 CVE-2011-0081
Miscellaneous memory safety hazards
* MFSA 2011-13/CVE-2011-0065/CVE-2011-0066/CVE-2011-0073
Multiple dangling pointer vulnerabilities
* MFSA 2011-14/CVE-2011-0067 (bmo#527935)
Information stealing via form history
* MFSA 2011-18/CVE-2011-1202 (bmo#640339)
XSLT generate-id() function heap address leak
-------------------------------------------------------------------
Sat Mar 19 22:17:36 UTC 2011 - wr@rosenauer.org
- security update to 1.9.1.18 (bnc#680771)
* MFSA 2011-11 (bmo#642395)
Update HTTPS certificate blacklist
-------------------------------------------------------------------
Mon Jan 31 09:18:48 UTC 2011 - wr@rosenauer.org
- security update to 1.9.1.17 (bnc#667155)
* MFSA 2010-74/CVE-2010-3777
Memory safety hazard
* MFSA 2011-01/CVE-2011-0053/CVE-2011-0062
Miscellaneous memory safety hazards (rv:1.9.2.14/ 1.9.1.17)
* MFSA 2011-02/CVE-2011-0051 (bmo#616659)
Recursive eval call causes confirm dialogs to evaluate to true
* MFSA 2011-03/CVE-2011-0055 (bmo#616009, bmo#619255)
Use-after-free error in JSON.stringify
* MFSA 2011-04/CVE-2011-0054 (bmo#615657)
Buffer overflow in JavaScript upvarMap
* MFSA 2011-05/CVE-2011-0056 (bmo#622015)
Buffer overflow in JavaScript atom map
* MFSA 2011-06/CVE-2011-0057 (bmo#626631)
Use-after-free error using Web Workers
* MFSA 2011-08/CVE-2010-1585 (bmo#562547)
ParanoidFragmentSink allows javascript: URLs in chrome documents
* MFSA 2011-10/CVE-2011-0059 (bmo#573873)
CSRF risk with plugins and 307 redirects
-------------------------------------------------------------------
Thu Nov 25 10:49:03 UTC 2010 - wr@rosenauer.org
- security update to 1.9.1.16 (bnc#657016)
* MFSA 2010-74/CVE-2010-3776/CVE-2010-3777/CVE-2010-3778
Miscellaneous memory safety hazards (rv:1.9.2.13/ 1.9.1.16)
* MFSA 2010-75/CVE-2010-3769 (bmo#608336)
Buffer overflow while line breaking after document.write with
long string
* MFSA 2010-76/CVE-2010-3771 (bmo#609437)
Chrome privilege escalation with window.open and <isindex> element
* MFSA 2010-77/CVE-2010-3772 (bmo#594547)
Crash and remote code execution using HTML tags inside a XUL tree
* MFSA 2010-78/CVE-2010-3768 (bmo#527276)
Add support for OTS font sanitizer
* MFSA 2010-79/CVE-2010-3775
Java security bypass from LiveConnect loaded via data: URL
meta refresh
* MFSA 2010-80/CVE-2010-3766 (bmo#590771)
Use-after-free error with nsDOMAttribute MutationObserver
* MFSA 2010-81/CVE-2010-3767 (bmo#599468)
Integer overflow vulnerability in NewIdArray
* MFSA 2010-82/CVE-2010-3773 (bmo#554449)
Incomplete fix for CVE-2010-0179
* MFSA 2010-83/VE-2010-3774 (bmo#602780)
Location bar SSL spoofing using network error page
* MFSA 2010-84/CVE-2010-3770 (bmo#601429)
XSS hazard in multiple character encodings
-------------------------------------------------------------------
Wed Oct 27 08:15:56 CEST 2010 - wr@rosenauer.org
- security update to 1.9.1.15 (bnc#649492)
* MFSA 2010-73/CVE-2010-3765 (bmo#607222)
Heap buffer overflow mixing document.write and DOM insertion
-------------------------------------------------------------------
Thu Oct 7 12:19:22 CEST 2010 - wr@rosenauer.org
- security update to version 1.9.1.14 (bnc#645315)
* MFSA 2010-64/CVE-2010-3174/CVE-2010-3175/CVE-2010-3176
Miscellaneous memory safety hazards
* MFSA 2010-65/CVE-2010-3179 (bmo#583077)
Buffer overflow and memory corruption using document.write
* MFSA 2010-66/CVE-2010-3180 (bmo#588929)
Use-after-free error in nsBarProp
* MFSA 2010-67/CVE-2010-3183 (bmo#598669)
Dangling pointer vulnerability in LookupGetterOrSetter
* MFSA 2010-68/CVE-2010-3177 (bmo#556734)
XSS in gopher parser when parsing hrefs
* MFSA 2010-69/CVE-2010-3178 (bmo#576616)
Cross-site information disclosure via modal calls
* MFSA 2010-70/CVE-2010-3170 (bmo#578697)
SSL wildcard certificate matching IP addresses
* MFSA 2010-71/CVE-2010-3182 (bmo#590753)
Unsafe library loading vulnerabilities
* MFSA 2010-72/CVE-2010-3173
Insecure Diffie-Hellman key exchange
-------------------------------------------------------------------
Wed Sep 15 20:09:04 CEST 2010 - wr@rosenauer.org
- update to version 1.9.1.13
* fixing startup topcrash (bmo#594699)
-------------------------------------------------------------------
Tue Sep 7 21:30:12 CEST 2010 - wr@rosenauer.org
- security update to version 1.9.1.12 (bnc#637303)
* MFSA 2010-49/CVE-2010-3169
Miscellaneous memory safety hazards
* MFSA 2010-50/CVE-2010-2765 (bmo#576447)
Frameset integer overflow vulnerability
* MFSA 2010-51/CVE-2010-2767 (bmo#584512)
Dangling pointer vulnerability using DOM plugin array
* MFSA 2010-53/CVE-2010-3166 (bmo#579655)
Heap buffer overflow in nsTextFrameUtils::TransformText
* MFSA 2010-54/CVE-2010-2760 (bmo#585815)
Dangling pointer vulnerability in nsTreeSelection
* MFSA 2010-55/CVE-2010-3168 (bmo#576075)
XUL tree removal crash and remote code execution
* MFSA 2010-56/CVE-2010-3167 (bmo#576070)
Dangling pointer vulnerability in nsTreeContentView
* MFSA 2010-57/CVE-2010-2766 (bmo#580445)
Crash and remote code execution in normalizeDocument
* MFSA 2010-60/CVE-2010-2763 (bmo#585284)
XSS using SJOW scripted function
* MFSA 2010-61/CVE-2010-2768 (bmo#579744)
UTF-7 XSS by overriding document charset using <object> type
attribute
* MFSA 2010-62/CVE-2010-2769 (bmo#520189)
Copy-and-paste or drag-and-drop into designMode document allows
XSS
* MFSA 2010-63/CVE-2010-2764 (bmo#552090)
Information leak via XMLHttpRequest statusText
-------------------------------------------------------------------
Fri Jul 16 08:14:55 CEST 2010 - wr@rosenauer.org
- security update to version 1.9.1.11 (bnc#622506)
* MFSA 2010-34/CVE-2010-1211/CVE-2010-1212
Miscellaneous memory safety hazards
* MFSA 2010-35/CVE-2010-1208 (bmo#572986)
DOM attribute cloning remote code execution vulnerability
* MFSA 2010-36/CVE-2010-1209 (bmo#552110)
Use-after-free error in NodeIterator
* MFSA 2010-37/CVE-2010-1214 (bmo#572985)
Plugin parameter EnsureCachedAttrParamArrays remote code
execution vulnerability
* MFSA 2010-39/CVE-2010-2752 (bmo#574059)
nsCSSValue::Array index integer overflow
* MFSA 2010-40/CVE-2010-2753 (bmo#571106)
nsTreeSelection dangling pointer remote code execution
vulnerability
* MFSA 2010-41/CVE-2010-1205 (bmo#570451)
Remote code execution using malformed PNG image
* MFSA 2010-42/CVE-2010-1213 (bmo#568148)
Cross-origin data disclosure via Web Workers and importScripts
* MFSA 2010-45/CVE-2010-1206/CVE-2010-2751 (bmo#536466,556957)
Multiple location bar spoofing vulnerabilities
* MFSA 2010-46/CVE-2010-0654 (bmo#524223)
Cross-domain data theft using CSS
* MFSA 2010-47/CVE-2010-2754 (bmo#568564)
Cross-origin data leakage from script filename in error messages
-------------------------------------------------------------------
Fri May 7 07:31:01 CEST 2010 - wr@rosenauer.org
- security update to version 1.9.1.10 (bnc#603356)
* MFSA 2010-25/CVE-2010-1121 (bmo#555109)
Re-use of freed object due to scope confusion
* MFSA 2010-26/CVE-2010-1200/CVE-2010-1201/CVE-2010-1202/
CVE-2010-1203
Crashes with evidence of memory corruption (rv:1.9.1.10)
* MFSA 2010-27/CVE-2010-0183 (bmo#557174)
Use-after-free error in nsCycleCollector::MarkRoots()
* MFSA 2010-28/CVE-2010-1198 (bmo#532246)
Freed object reuse across plugin instances
* MFSA 2010-29/CVE-2010-1196 (bmo#534666)
Heap buffer overflow in nsGenericDOMDataNode::SetTextInternal
* MFSA 2010-30/CVE-2010-1199 (bmo#554255)
Integer Overflow in XSLT Node Sorting
* MFSA 2010-31/CVE-2010-1125 (bmo#552255)
focus() behavior can be used to inject or steal keystrokes
* MFSA 2010-32/CVE-2010-1197 (bmo#537120)
Content-Disposition: attachment ignored if
Content-Type: multipart also present
* MFSA 2010-33/CVE-2008-5913 (bmo#475585)
User tracking across sites using Math.random()
-------------------------------------------------------------------
Wed Mar 17 20:59:03 CET 2010 - wr@rosenauer.org
- security update to version 1.9.1.9 (bnc#586567)
* MFSA 2010-16/CVE-2010-0173/CVE-2010-0174
Crashes with evidence of memory corruption
* MFSA 2010-17/CVE-2010-0175 (bmo#540100,375928)
Remote code execution with use-after-free in nsTreeSelection
* MFSA 2010-18/CVE-2010-0176 (bmo#538308)
Dangling pointer vulnerability in nsTreeContentView
* MFSA 2010-19/CVE-2010-0177 (bmo#538310)
Dangling pointer vulnerability in nsPluginArray
* MFSA 2010-20/CVE-2010-0178 (bmo#546909)
Chrome privilege escalation via forced URL drag and drop
* MFSA 2010-22/CVE-2009-3555 (bmo#545755)
Update NSS to support TLS renegotiation indication
* MFSA 2010-23/CVE-2010-0181 (bmo#452093)
Image src redirect to mailto: URL opens email editor
* MFSA 2010-24/CVE-2010-0182 (bmo#490790)
XMLDocument::load() doesn't check nsIContentPolicy
- clean up correctly on update (bnc#589094)
-------------------------------------------------------------------
Fri Feb 5 17:49:30 CET 2010 - wr@rosenauer.org
- update to version 1.9.1.8 (bnc#576969)
* MFSA-2010-01/CVE-2010-0159
Crashes with evidence of memory corruption
* MFSA-2010-02/CVE-2010-0160
Web Worker Array Handling Heap Corruption Vulnerability
* MFSA-2010-03/CVE-2009-1571 (bmo#526500)
Use-after-free crash in HTML parser
* MFSA-2010-04/CVE-2009-3988 (bmo#504862)
XSS due to window.dialogArguments being readable cross-domain
* MFSA-2010-05/CVE-2010-0162 (bmo#455472)
XSS hazard using SVG document and binary Content-Type
-------------------------------------------------------------------
Fri Dec 25 09:37:02 CET 2009 - wr@rosenauer.org
- update to version 1.9.1.7 (bnc#568011)
* DNS resolution in MakeSN of nsAuthSSPI causing issues for
proxy servers that support NTLM auth (bmo#535193)
- added missing lockdown preferences (bnc#567131)
-------------------------------------------------------------------
Thu Dec 17 19:55:59 CET 2009 - wr@rosenauer.org
- fixed new gconf backend and reenabled lockdown feature
(bnc#546158)
- add baselibs.conf to source package
-------------------------------------------------------------------
Fri Dec 4 15:34:01 CET 2009 - wr@rosenauer.org
- security update to version 1.9.1.6 (bnc#559807)
* MFSA 2009-65/CVE-2009-3979/CVE-2009-3980/CVE-2009-3982
Crashes with evidence of memory corruption (rv:1.9.1.6)
* MFSA 2009-66/CVE-2009-3388 (bmo#504843,bmo#523816)
Memory safety fixes in liboggplay media library
* MFSA 2009-67/CVE-2009-3389 (bmo#515882,bmo#504613)
Integer overflow, crash in libtheora video library
* MFSA 2009-68/CVE-2009-3983 (bmo#487872)
NTLM reflection vulnerability
* MFSA 2009-69/CVE-2009-3984/CVE-2009-3985 (bmo#521461,bmo#514232)
Location bar spoofing vulnerabilities
* MFSA 2009-70/VE-2009-3986 (bmo#522430)
Privilege escalation via chrome window.opener
- use internal cairo up to 11.1
- provide mozilla-kde4-version to make KDE helper version
more version independent
- use .autoreg file for autoregistration when needed (bnc#440872)
-------------------------------------------------------------------
Tue Nov 24 12:59:56 CET 2009 - wr@rosenauer.org
- added mozilla-clipboard.patch fixing a common crash
(bmo#495392, bnc#556886)
-------------------------------------------------------------------
Mon Nov 23 13:44:57 CET 2009 - llunak@novell.com
- KDE, use mimetype for opening url if known (bnc#556156)
-------------------------------------------------------------------
Mon Nov 16 16:06:20 CET 2009 - llunak@novell.com
- fix KDE filepicker (bnc#548267,bnc#555438)
-------------------------------------------------------------------
Fri Nov 13 22:50:53 CET 2009 - llunak@novell.com
- avoid possible deadlock with KDE integration (bnc#555202)
-------------------------------------------------------------------
Thu Nov 5 19:43:48 UTC 2009 - wr@rosenauer.org
- update to version 1.9.1.5 (bnc#553172)
- strip unneeded update-desktop-files from BuildRequires
-------------------------------------------------------------------
Sun Oct 18 13:06:15 CEST 2009 - wr@rosenauer.org
- security update to version 1.9.1.4 (bnc#545277)
* MFSA 2009-52/CVE-2009-3370 (bmo#511615)
Form history vulnerable to stealing
* MFSA 2009-53/CVE-2009-3274 (bmo#514823)
Local downloaded file tampering
* MFSA 2009-54/CVE-2009-3371 (bmo#514554)
Crash with recursive web-worker calls
* MFSA 2009-55/CVE-2009-3372 (bmo#500644)
Crash in proxy auto-configuration regexp parsing
* MFSA 2009-56/CVE-2009-3373 (bmo#511689)
Heap buffer overflow in GIF color map parser
* MFSA 2009-57/CVE-2009-3374 (bmo#505988)
Chrome privilege escalation in XPCVariant::VariantDataToJS()
* MFSA 2009-59/CVE-2009-1563 (bmo#516396, bmo#516862)
Heap buffer overflow in string to number conversion
* MFSA 2009-61/CVE-2009-3375 (bmo#503226)
Cross-origin data theft through document.getSelection()
* MFSA 2009-62/CVE-2009-3376 (bmo#511521)
Download filename spoofing with RTL override
* MFSA 2009-63/CVE-2009-3377/CVE-2009-3379/CVE-2009-3378
Upgrade media libraries to fix memory safety bugs
* MFSA 2009-64/CVE-2009-3380/CVE-2009-3381/CVE-2009-3383
Crashes with evidence of memory corruption
- removed upstreamed patches
* mozilla-protocol_handler.patch
* mozilla-sysplugin-biarch.patch
- removed unneeded PreReq and morphed some to usual Requires
-------------------------------------------------------------------
Mon Oct 12 09:55:28 CEST 2009 - wr@rosenauer.org
- fix startup notification (bnc#518603)
- disable lockdown feature as it bitrotted and breaks a11y
(bnc#508611)
-------------------------------------------------------------------
Fri Oct 2 22:58:45 CEST 2009 - wr@rosenauer.org
- extend list of supported architectures as ABI identifier
(mozilla-abi.patch) (bnc#543460)
- prepare (but not use) libproxy implementation
-------------------------------------------------------------------
Fri Sep 11 08:26:01 CEST 2009 - wr@rosenauer.org
- added KDE integration patch from llunak@novell.com
(mozilla-kde.patch)
* support for knotify, making -kde4-addon obsolete
* KDE-specific support functional (bnc#170055)
- filter libsqlite3.so from provides (bnc#538094)
- minor update of mozilla-helper-app.patch
-------------------------------------------------------------------
Thu Sep 10 09:34:26 CEST 2009 - wr@rosenauer.org
- security update to version 1.9.1.3 (bnc#534458)
* MFSA 2009-47/CVE-2009-3069/CVE-2009-3070/CVE-2009-3071/
CVE-2009-3072/CVE-2009-3073/CVE-2009-3074/CVE-2009-3075
Crashes with evidence of memory corruption
* MFSA 2009-49/CVE-2009-3077 (bmo#506871)
TreeColumns dangling pointer vulnerability
* MFSA 2009-50/CVE-2009-3078 (bmo#453827)
Location bar spoofing via tall line-height Unicode characters
* MFSA 2009-51/CVE-2009-3079 (bmo#454363)
Chrome privilege escalation with FeedWriter
- removed obsolete mozilla-jemalloc_deepbind.patch
-------------------------------------------------------------------
Wed Aug 19 22:12:06 CEST 2009 - wr@rosenauer.org
- remove obsolete code for protocol handlers (bmo#389732)
(mozilla-protocol_handler.patch)
-------------------------------------------------------------------
Sat Aug 8 00:04:49 CEST 2009 - wr@rosenauer.org
- split -translations package into -common and -other
(bnc#529180)
-------------------------------------------------------------------
Sun Aug 2 23:10:55 CEST 2009 - wr@rosenauer.org
- security update to version 1.9.1.2
* MFSA 2009-38/CVE-2009-2470 (bmo#459524)
Data corruption with SOCKS5 reply containing DNS name longer
than 15 characters
* MFSA 2009-44/CVE-2009-2654 (bmo#451898)
Location bar and SSL indicator spoofing via window.open() on
invalid URL
* MFSA 2009-45
Crashes with evidence of memory corruption
* MFSA 2009-46 (bmo#498897)
Chrome privilege escalation due to incorrectly cached wrapper
* various other stability fixes
- removed obsolete mozilla-restart-cmd.patch
(applications now have to export MOZ_APP_LAUNCHER to set the
correct restart command) (bmo#453689)
- allow alternative button order for Gtk filechooser (bnc#527418)
-------------------------------------------------------------------
Tue Jul 28 13:05:58 CEST 2009 - wr@rosenauer.org
- fixed %exclude usage
-------------------------------------------------------------------
Wed Jul 15 19:39:43 CEST 2009 - wr@rosenauer.org
- security update to version 1.9.1.1
* MFSA 2009-41
Corrupt JIT state after deep return from native function
-------------------------------------------------------------------
Wed Jul 8 12:35:45 CEST 2009 - wr@rosenauer.org
- fixed mozilla-sysplugin-biarch.patch to accept 64bit plugins in
/usr/lib64/mozilla/plugins
-------------------------------------------------------------------
Thu Jul 2 21:24:22 CEST 2009 - wr@rosenauer.org
- added mozilla-jemalloc_deepbind.patch to fix various possible
crashes (bnc#503151, bmo#493541)
-------------------------------------------------------------------
Tue Jun 30 08:44:57 CEST 2009 - wr@rosenauer.org
- update to final 1.9.1.0 (20090623)
-------------------------------------------------------------------
Fri Jun 19 20:06:18 CEST 2009 - wr@rosenauer.org
- removed locale.patch and added the pref to build specific ones
- added mozilla-prefer_plugin_pref.patch to introduce a new set of
prefs to support preferring certain plugins for mime-types
-------------------------------------------------------------------
Thu Jun 18 00:33:29 CEST 2009 - wr@rosenauer.org
- update to 1.9.1rc2 (20090617)
* added or locale
-------------------------------------------------------------------
Wed Jun 10 08:52:38 CEST 2009 - wr@rosenauer.org
- removed outdated mozilla-deprecated-gtk-macros.patch for now
to fix build
-------------------------------------------------------------------
Sat Jun 6 16:23:38 CEST 2009 - wr@rosenauer.org
- update to 1.9.1b99 (20090604)
- adapted supported locale list
- added mozilla-sysplugin-biarch.patch to use
/usr/$LIB/mozilla/plugins as system plugin dir (bmo#496708)
- added mozilla-deprecated-gtk-macros.patch to change GTK_macros
to G_TYPE (bmo#461277)
-------------------------------------------------------------------
Fri May 8 10:36:25 CEST 2009 - wr@rosenauer.org
- fixing rpath linker flags (part of bnc#501174)
- improved pkgconfig files
- use non-localized Downloads folder (bnc#501724)
-------------------------------------------------------------------
Mon Apr 27 09:08:30 CEST 2009 - wr@rosenauer.org
- update to 1.9.1b4
- removed obsolete pango and gcc4.4 patches
- added newly supported locales
-------------------------------------------------------------------
Tue Mar 24 21:45:40 CET 2009 - wr@rosenauer.org
- add patch to compile with gcc 4.4 (bmo#483956)
-------------------------------------------------------------------
Tue Mar 17 14:07:35 CET 2009 - wr@rosenauer.org
- update to 1.9.1b3
- added Pango patch needed for API change (bmo#481193)
- make mozjs consumers using rpath to the correct location
to find the library at runtime (bnc#479505)
- don't use system sqlite (missing FTS3 support)
-------------------------------------------------------------------
Mon Aug 25 09:14:54 CEST 2008 - wr@rosenauer.org
- initial package
