File _patchinfo of Package patchinfo

<patchinfo incident="170">
  <packager>wrosenauer</packager>
  <issue tracker="cve" id="CVE-2013-1701"></issue>
  <issue tracker="cve" id="CVE-2013-1702"></issue>
  <issue tracker="cve" id="CVE-2013-1704"></issue>
  <issue tracker="cve" id="CVE-2013-1705"></issue>
  <issue tracker="cve" id="CVE-2013-1708"></issue>
  <issue tracker="cve" id="CVE-2013-1709"></issue>
  <issue tracker="cve" id="CVE-2013-1710"></issue>
  <issue tracker="cve" id="CVE-2013-1711"></issue>
  <issue tracker="cve" id="CVE-2013-1713"></issue>
  <issue tracker="cve" id="CVE-2013-1714"></issue>
  <issue tracker="cve" id="CVE-2013-1717"></issue>
  <issue tracker="bnc" id="833389"></issue>
  <category>security</category>
  <rating>important</rating>
  <summary>Mozilla updates August 2013</summary>
  <description>This patch contains updates for 
- Firefox to 23.0
- xulrunner to 17.0.8esr
- Thunderbird to 17.0.8
- mozilla-nspr to 4.10
- mozilla-nss to 3.15,1

  * MFSA 2013-63/CVE-2013-1701/CVE-2013-1702
    Miscellaneous memory safety hazards
  * MFSA 2013-64/CVE-2013-1704 (bmo#883313)
    Use after free mutating DOM during SetBody
  * MFSA 2013-65/CVE-2013-1705 (bmo#882865)
    Buffer underflow when generating CRMF requests
  * MFSA 2013-67/CVE-2013-1708 (bmo#879924)
    Crash during WAV audio file decoding
  * MFSA 2013-68/CVE-2013-1709 (bmo#838253)
    Document URI misrepresentation and masquerading
  * MFSA 2013-69/CVE-2013-1710 (bmo#871368)
    CRMF requests allow for code execution and XSS attacks
  * MFSA 2013-70/CVE-2013-1711 (bmo#843829)
    Bypass of XrayWrappers using XBL Scopes
  * MFSA 2013-72/CVE-2013-1713 (bmo#887098)
    Wrong principal used for validating URI for some Javascript
    components
  * MFSA 2013-73/CVE-2013-1714 (bmo#879787)
    Same-origin bypass with web workers and XMLHttpRequest
  * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397)
    Local Java applets may read contents of local file system
</description>
</patchinfo>