Changelog for
mozilla-xulrunner192-1.9.2.28-1.17.i586.rpm :
Tue Mar 6 13:00:00 2012 wrAATTrosenauer.org
- security update to 1.9.2.28 (bnc#750044)
* MFSA 2011-55/CVE-2011-3658 (bmo#708186)
nsSVGValue out-of-bounds access
* MFSA 2012-13/CVE-2012-0455 (bmo#704354)
XSS with Drag and Drop and Javascript: URL
* MFSA 2012-14/CVE-2012-0456/CVE-2012-0457 (bmo#711653, #720103)
SVG issues found with Address Sanitizer
* MFSA 2012-16/CVE-2012-0458
Escalation of privilege with Javascript: URL as home page
* MFSA 2012-19/CVE-2012-0461/CVE-2012-0462/CVE-2012-0464/
CVE-2012-0463
Miscellaneous memory safety hazards
Thu Feb 16 13:00:00 2012 wrAATTrosenauer.org
- security update to 1.9.2.27 (bnc#747328)
* CVE-2011-3026 (bmo#727401)
libpng: integer overflow leading to heap-buffer overflow
Wed Jan 25 13:00:00 2012 wrAATTrosenauer.org
- security update to 1.9.2.26 (bnc#744275)
* MFSA 2012-01/CVE-2012-0442/CVE-2012-0443
Miscellaneous memory safety hazards
* MFSA 2012-02/CVE-2011-3670 (bmo#504014)
* MFSA 2012-04/CVE-2011-3659 (bmo#708198)
Child nodes from nsDOMAttribute still accessible after removal
of nodes
* MFSA 2012-07/CVE-2012-0444 (bmo#719612)
Potential Memory Corruption When Decoding Ogg Vorbis files
* MFSA 2012-08/CVE-2012-0449 (bmo#701806, bmo#702466)
Crash with malformed embedded XSLT stylesheets
Sat Dec 17 13:00:00 2011 wrAATTrosenauer.org
- security update to 1.9.2.25 (bnc#737533)
* MFSA 2011-59/CVE-2011-3666 (bmo#704622)
.jar not treated as executable in Firefox 3.6 on Mac
Tue Nov 1 13:00:00 2011 wrAATTrosenauer.org
- security update to 1.9.2.24 (bnc#728520)
* MFSA 2011-46/CVE-2011-3647 (bmo#680880)
loadSubScript unwraps XPCNativeWrapper scope parameter
* MFSA 2011-47/CVE-2011-3648 (bmo#690225)
Potential XSS against sites using Shift-JIS
* MFSA 2011-49/CVE-2011-3650 (bmo#674776)
Memory corruption while profiling using Firebug
Wed Sep 21 14:00:00 2011 wrAATTrosenauer.org
- security update to 1.9.2.23 (bnc#720264)
* MFSA 2011-36/CVE-2011-2996 (bmo#555018)
Miscellaneous memory safety hazards
* MFSA 2011-37/CVE-2011-2998 (bmo#684815)
Integer underflow when using JavaScript RegExp
* MFSA 2011-38/CVE-2011-2999 (bmo#665548)
XSS via plugins and shadowed window.location object
* MFSA 2011-39/CVE-2011-3000 (bmo#655389)
Defense against multiple Location headers due to CRLF Injection
* MFSA 2011-40/CVE-2011-2372/CVE-2011-3001
Code installation through holding down Enter
- bring KDE\'s dialog.xml in sync with original widget
Wed Sep 14 14:00:00 2011 wrAATTrosenauer.org
- add dbus-1-glib-devel to BuildRequires (not pulled in
automatically with 12.1)
Wed Sep 7 14:00:00 2011 pcernyAATTsuse.com
- security update to 1.9.2.22 (bnc#714931)
* Complete blocking of certificates issued by DigiNotar
(bmo#683449)
Fri Sep 2 14:00:00 2011 pcernyAATTsuse.com
- security update to 1.9.2.21 (bnc#714931)
* MFSA 2011-34
Protection against fraudulent DigiNotar certificates
(bmo#682927)
Fri Aug 5 14:00:00 2011 wrAATTrosenauer.org
- security update to 1.9.2.20 (bnc#712224)
fixed security issues MFSA 2011-30
* CVE-2011-2982
Miscellaneous memory safety hazards
* CVE-2011-0084 (bmo#648094)
Crash in SVGTextElement.getCharNumAtPosition()
* CVE-2011-2981
Privilege escalation using event handlers
* CVE-2011-2378 (bmo#572129)
Privilege escalation dropping a tab element in content area
* CVE-2011-2980 (bmo#642469)
Binary planting vulnerability in ThinkPadSensor::Startup
* CVE-2011-2983 (bmo#626297)
Private data leakage using RegExp.input
- added mozilla-implicit-declarations.patch to fix rpmlint/gcc
checks
- added mozilla-curl.patch to remove obsolete header dependency
- added mozilla-linux3.patch to make python symbol dumper aware
of the \"linux3\" platform
Mon Jun 20 14:00:00 2011 wrAATTrosenauer.org
- security update to 1.9.2.18 (bnc#701296)
* MFSA 2011-19/CVE-2011-2374 CVE-2011-2376 CVE-2011-2364
CVE-2011-2365
Miscellaneous memory safety hazards
* MFSA 2011-20/CVE-2011-2373 (bmo#617247)
Use-after-free vulnerability when viewing XUL document with
script disabled
* MFSA 2011-21/CVE-2011-2377 (bmo#638018, bmo#639303)
Memory corruption due to multipart/x-mixed-replace images
* MFSA 2011-22/CVE-2011-2371 (bmo#664009)
Integer overflow and arbitrary code execution in
Array.reduceRight()
* MFSA 2011-23/CVE-2011-0083 CVE-2011-0085 CVE-2011-2363
Multiple dangling pointer vulnerabilities
* MFSA 2011-24/CVE-2011-2362 (bmo#616264)
Cookie isolation error
- speedier find-external-requires.sh
- do not build dump_syms static as it is not needed for us
- > fixes build for 12.1 and above
Wed May 11 14:00:00 2011 cgiboudeauxAATTgmx.com
- Add mozilla-gcc46.patch. Fixes various build errors with GCC4.6
Thu Apr 21 14:00:00 2011 wrAATTrosenauer.org
- security update to 1.9.2.17 (bnc#689281)
* MFSA 2011-12/ CVE-2011-0069 CVE-2011-0070 CVE-2011-0072
CVE-2011-0074 CVE-2011-0075 CVE-2011-0077 CVE-2011-0078
CVE-2011-0080 CVE-2011-0081
Miscellaneous memory safety hazards
* MFSA 2011-13/CVE-2011-0065/CVE-2011-0066/CVE-2011-0073
Multiple dangling pointer vulnerabilities
* MFSA 2011-14/CVE-2011-0067 (bmo#527935)
Information stealing via form history
* MFSA 2011-18/CVE-2011-1202 (bmo#640339)
XSLT generate-id() function heap address leak
Mon Mar 28 14:00:00 2011 llunakAATTnovell.com
- fix \'save as\' with KDE integration (bnc#557598)
Sat Mar 19 13:00:00 2011 wrAATTrosenauer.org
- security update to 1.9.2.16 (bnc#680771)
* MFSA 2011-11
Update HTTPS certificate blacklist (bmo#642395)
Fri Mar 4 13:00:00 2011 wrAATTrosenauer.org
- update to 1.9.2.15
* fix a regression introduced with previous update affecting
Java applet integration (bmo#629030)
Wed Mar 2 13:00:00 2011 pcernyAATTnovell.com
- use full path to the ntlm_auth binary (bmo#634334)
(mozilla-ntlm-full-path.patch)
Tue Feb 22 13:00:00 2011 wrAATTrosenauer.org
- security update to 1.9.2.14 (build3) (bnc#667155)
* MFSA 2011-01/CVE-2011-0053/CVE-2011-0062
Miscellaneous memory safety hazards (rv:1.9.2.14/ 1.9.1.17)
* MFSA 2011-02/CVE-2011-0051 (bmo#616659)
Recursive eval call causes confirm dialogs to evaluate to true
* MFSA 2011-03/CVE-2011-0055 (bmo#616009, bmo#619255)
Use-after-free error in JSON.stringify
* MFSA 2011-04/CVE-2011-0054 (bmo#615657)
Buffer overflow in JavaScript upvarMap
* MFSA 2011-05/CVE-2011-0056 (bmo#622015)
Buffer overflow in JavaScript atom map
* MFSA 2011-06/CVE-2011-0057 (bmo#626631)
Use-after-free error using Web Workers
* MFSA 2011-08/CVE-2010-1585 (bmo#562547)
ParanoidFragmentSink allows javascript: URLs in chrome documents
* MFSA 2011-09/CVE-2011-0061 (bmo#610601)
Crash caused by corrupted JPEG image
* MFSA 2011-10/CVE-2011-0059 (bmo#573873)
CSRF risk with plugins and 307 redirects
Thu Nov 25 13:00:00 2010 wrAATTrosenauer.org
- security update to 1.9.2.13 (bnc#657016)
* MFSA 2010-74/CVE-2010-3776/CVE-2010-3777/CVE-2010-3778
Miscellaneous memory safety hazards (rv:1.9.2.13/ 1.9.1.16)
* MFSA 2010-75/CVE-2010-3769 (bmo#608336)
Buffer overflow while line breaking after document.write with
long string
* MFSA 2010-76/CVE-2010-3771 (bmo#609437)
Chrome privilege escalation with window.open and
element
* MFSA 2010-77/CVE-2010-3772 (bmo#594547)
Crash and remote code execution using HTML tags inside a XUL tree
* MFSA 2010-78/CVE-2010-3768 (bmo#527276)
Add support for OTS font sanitizer
* MFSA 2010-79/CVE-2010-3775
Java security bypass from LiveConnect loaded via data: URL
meta refresh
* MFSA 2010-80/CVE-2010-3766 (bmo#590771)
Use-after-free error with nsDOMAttribute MutationObserver
* MFSA 2010-81/CVE-2010-3767 (bmo#599468)
Integer overflow vulnerability in NewIdArray
* MFSA 2010-82/CVE-2010-3773 (bmo#554449)
Incomplete fix for CVE-2010-0179
* MFSA 2010-83/VE-2010-3774 (bmo#602780)
Location bar SSL spoofing using network error page
* MFSA 2010-84/CVE-2010-3770 (bmo#601429)
XSS hazard in multiple character encodings
Wed Oct 27 14:00:00 2010 wrAATTrosenauer.org
- security update to 1.9.2.12 (bnc#649492)
* MFSA 2010-73/CVE-2010-3765 (bmo#607222)
Heap buffer overflow mixing document.write and DOM insertion
- ignore empty LANGUAGE environment variable (bnc#648854)
Wed Oct 6 14:00:00 2010 wrAATTrosenauer.org
- security update to 1.9.2.11 (bnc#645315)
* MFSA 2010-64/CVE-2010-3174/CVE-2010-3175/CVE-2010-3176
Miscellaneous memory safety hazards
* MFSA 2010-65/CVE-2010-3179 (bmo#583077)
Buffer overflow and memory corruption using document.write
* MFSA 2010-66/CVE-2010-3180 (bmo#588929)
Use-after-free error in nsBarProp
* MFSA 2010-67/CVE-2010-3183 (bmo#598669)
Dangling pointer vulnerability in LookupGetterOrSetter
* MFSA 2010-68/CVE-2010-3177 (bmo#556734)
XSS in gopher parser when parsing hrefs
* MFSA 2010-69/CVE-2010-3178 (bmo#576616)
Cross-site information disclosure via modal calls
* MFSA 2010-70/CVE-2010-3170 (bmo#578697)
SSL wildcard certificate matching IP addresses
* MFSA 2010-71/CVE-2010-3182 (bmo#590753)
Unsafe library loading vulnerabilities
* MFSA 2010-72/CVE-2010-3173
Insecure Diffie-Hellman key exchange
- removed upstreamed patches:
* mozilla-esd.patch
* mozilla-helper-app.patch
- build and runtime requirement is NSS 3.12.8
Wed Sep 15 14:00:00 2010 wrAATTrosenauer.org
- update to 1.9.2.10
* fixing startup topcrash (bmo#594699)
Mon Aug 30 14:00:00 2010 wrAATTrosenauer.org
- security update to 1.9.2.9 (bnc#637303)
* MFSA 2010-49/CVE-2010-3169
Miscellaneous memory safety hazards
* MFSA 2010-50/CVE-2010-2765 (bmo#576447)
Frameset integer overflow vulnerability
* MFSA 2010-51/CVE-2010-2767 (bmo#584512)
Dangling pointer vulnerability using DOM plugin array
* MFSA 2010-53/CVE-2010-3166 (bmo#579655)
Heap buffer overflow in nsTextFrameUtils::TransformText
* MFSA 2010-54/CVE-2010-2760 (bmo#585815)
Dangling pointer vulnerability in nsTreeSelection
* MFSA 2010-55/CVE-2010-3168 (bmo#576075)
XUL tree removal crash and remote code execution
* MFSA 2010-56/CVE-2010-3167 (bmo#576070)
Dangling pointer vulnerability in nsTreeContentView
* MFSA 2010-57/CVE-2010-2766 (bmo#580445)
Crash and remote code execution in normalizeDocument
* MFSA 2010-59/CVE-2010-2762 (bmo#584180)
SJOW creates scope chains ending in outer object
* MFSA 2010-61/CVE-2010-2768 (bmo#579744)
UTF-7 XSS by overriding document charset using
type attribute * MFSA 2010-62/CVE-2010-2769 (bmo#520189) Copy-and-paste or drag-and-drop into designMode document allows XSS * MFSA 2010-63/CVE-2010-2764 (bmo#552090) Information leak via XMLHttpRequest statusText - honor LANGUAGE environment variable for UI locale (bmo#583793) - fixed compilation against NSPR < 4.8.6 (mozilla-prlog.patch) (bmo#567620) Mon Aug 30 14:00:00 2010 wrAATTrosenauer.org - fixed build with latest Gnome in Factory (mozilla-gdk-pixbuf.patch Wed Jul 28 14:00:00 2010 wrAATTrosenauer.org - fixed sound notifications through libesd (bmo#579877) - updated libproxy implementation after upstream review (bmo#517655) - added lcd filter patch for internal cairo Tue Jul 27 14:00:00 2010 meissnerAATTsuse.de - disable ipc and crashreport for ia64,ppc,ppc64,s390,s390x. Sat Jul 24 14:00:00 2010 wrAATTrosenauer.org - security update to 1.9.2.8 (bnc#622506) * MFSA 2010-48/CVE-2010-2755 (bmo#575836) Dangling pointer crash regression from plugin parameter array fix Thu Jul 15 14:00:00 2010 wrAATTrosenauer.org - security update to 1.9.2.7 (bnc#622506) * MFSA 2010-34/CVE-2010-1211/CVE-2010-1212 Miscellaneous memory safety hazards * MFSA 2010-35/CVE-2010-1208 (bmo#572986) DOM attribute cloning remote code execution vulnerability * MFSA 2010-36/CVE-2010-1209 (bmo#552110) Use-after-free error in NodeIterator * MFSA 2010-37/CVE-2010-1214 (bmo#572985) Plugin parameter EnsureCachedAttrParamArrays remote code execution vulnerability * MFSA 2010-38/CVE-2010-1215 (bmo#567069) Arbitrary code execution using SJOW and fast native function * MFSA 2010-39/CVE-2010-2752 (bmo#574059) nsCSSValue::Array index integer overflow * MFSA 2010-40/CVE-2010-2753 (bmo#571106) nsTreeSelection dangling pointer remote code execution vulnerability * MFSA 2010-41/CVE-2010-1205 (bmo#570451) Remote code execution using malformed PNG image * MFSA 2010-42/CVE-2010-1213 (bmo#568148) Cross-origin data disclosure via Web Workers and importScripts * MFSA 2010-43/CVE-2010-1207 (bmo#571287) Same-origin bypass using canvas context * MFSA 2010-44/CVE-2010-1210 (bmo#564679) Characters mapped to U+FFFD in 8 bit encodings cause subsequent character to vanish * MFSA 2010-45/CVE-2010-1206/CVE-2010-2751 (bmo#536466,556957) Multiple location bar spoofing vulnerabilities * MFSA 2010-46/CVE-2010-0654 (bmo#524223) Cross-domain data theft using CSS * MFSA 2010-47/CVE-2010-2754 (bmo#568564) Cross-origin data leakage from script filename in error messages Sun Jun 27 14:00:00 2010 wrAATTrosenauer.org - update to 1.9.2.6 release * modifies the crash protection feature to increase the amount of time that plugins are allowed to be non-responsive before being terminated. - require exact matching version of mozilla-js192 Wed Jun 23 14:00:00 2010 wrAATTrosenauer.org - update to final 1.9.2.4 release (bnc#603356) * MFSA 2010-26/CVE-2010-1200/CVE-2010-1201/CVE-2010-1202/ CVE-2010-1203 Crashes with evidence of memory corruption (rv:1.9.2.4) * MFSA 2010-28/CVE-2010-1198 (bmo#532246) Freed object reuse across plugin instances * MFSA 2010-29/CVE-2010-1196 (bmo#534666) Heap buffer overflow in nsGenericDOMDataNode::SetTextInternal * MFSA 2010-30/CVE-2010-1199 (bmo#554255) Integer Overflow in XSLT Node Sorting * MFSA 2010-31/CVE-2010-1125 (bmo#552255) focus() behavior can be used to inject or steal keystrokes * MFSA 2010-32/CVE-2010-1197 (bmo#537120) Content-Disposition: attachment ignored if Content-Type: multipart also present * MFSA 2010-33/CVE-2008-5913 (bmo#475585) User tracking across sites using Math.random() Mon Jun 7 14:00:00 2010 wrAATTrosenauer.org - update to 1.9.2.4(build6) Tue May 4 14:00:00 2010 wrAATTrosenauer.org - security update to 1.9.2.4 (Lorentz) * enable crashreporter also for x86-64 * provide mozilla-runtime to host NPAPI out of process plugins - removed libproxy debug message (bnc#604711) Mon Apr 26 14:00:00 2010 wrAATTrosenauer.org - point alternatives link to the stable version to improve robustness (bnc#589037) Sat Apr 24 14:00:00 2010 cooloAATTnovell.com - buildrequire pkg-config to fix provides Thu Apr 1 14:00:00 2010 wrAATTrosenauer.org - security update to 1.9.2.3 * MFSA 2010-25/CVE-2010-1121 (bmo#555109) Re-use of freed object due to scope confusion Thu Mar 25 13:00:00 2010 wrAATTrosenauer.org - security update to 1.9.2.2 (bnc#586567) * MFSA 2010-08/CVE-2010-1028 WOFF heap corruption due to integer overflow * MFSA 2010-09/CVE-2010-0164 (bmo#547143) Deleted frame reuse in multipart/x-mixed-replace image * MFSA 2010-10/CVE-2010-0170 (bmo#541530) XSS via plugins and unprotected Location object * MFSA 2010-11/CVE-2010-0165/CVE-2010-0166/CVE-2010-0167 Crashes with evidence of memory corruption * MFSA 2010-12/CVE-2010-0171 (bmo#531364) XSS using addEventListener and setTimeout on a wrapped object * MFSA 2010-13/CVE-2010-0168 (bmo#540642) Content policy bypass with image preloading * MFSA 2010-14/CVE-2010-0169 (bmo#535806) Browser chrome defacement via cached XUL stylesheets * MFSA 2010-15/CVE-2010-0172 (bmo#537862) Asynchronous Auth Prompt attaches to wrong window * MFSA 2010-16/CVE-2010-0173/CVE-2010-0174 Crashes with evidence of memory corruption * MFSA 2010-18/CVE-2010-0176 (bmo#538308) Dangling pointer vulnerability in nsTreeContentView * MFSA 2010-19/CVE-2010-0177 (bmo#538310) Dangling pointer vulnerability in nsPluginArray * MFSA 2010-20/CVE-2010-0178 (bmo#546909) Chrome privilege escalation via forced URL drag and drop * MFSA 2010-22/CVE-2009-3555 (bmo#545755) Update NSS to support TLS renegotiation indication * MFSA 2010-23/CVE-2010-0181 (bmo#452093) Image src redirect to mailto: URL opens email editor * MFSA 2010-24/CVE-2010-0182 (bmo#490790) XMLDocument::load() doesn\'t check nsIContentPolicy - general.useragent.locale in profile overrides intl.locale.matchOS (bmo#542999) - split mozilla-js192 package which contains libmozjs only to allow its installation w/o all GUI dependencies Mon Jan 18 13:00:00 2010 wrAATTrosenauer.org - update to 1.9.2rc2 - add update-alternatives %ghost file to filelist starting with 11.2 (%ghost files are conflicting in earlier versions) - fixed mozilla-plugin.pc (remove obsolete stable reference) Wed Jan 6 13:00:00 2010 wrAATTrosenauer.org - update to 1.9.2rc1 * removed obsolete mozilla-breakpad.patch - expand -translations- * and -gnome filelists to clean up the filesystem for upgrades and removals correctly - enable crashreporter and create breakpad buildsymbols package for mozilla crashreporter (for ix86) - drop PreReq usage by cleaning up the different Requires tags Thu Dec 24 13:00:00 2009 wrAATTrosenauer.org - update to 1.9.2b5 - removed upstreamed mozilla-abi.patch - integrated mozilla-kde.patch - use .autoreg file for autoregistration when needed (bnc#440872) - enable libproxy support from 11.2 on - renamed -gnomevfs subpackage to -gnome - readded lockdown patches and preferences - fix baselibs.conf Tue Nov 10 13:00:00 2009 wrAATTrosenauer.org - update to 1.9.2b2 - merge from xulrunner191 package Sun Nov 1 13:00:00 2009 wrAATTrosenauer.org - update to 1.9.2b1 - use newer internal cairo for 11.1 and older Sun Oct 18 14:00:00 2009 wrAATTrosenauer.org - reworked PreReq list Fri Oct 16 14:00:00 2009 wrAATTrosenauer.org - update to snapshot 1.9.2b2pre (20091015) (entering beta phase) Mon Sep 21 14:00:00 2009 wrAATTrosenauer.org - BuildRequire libiw-devel instead of wireless-tools from 11.2 on Wed Sep 16 14:00:00 2009 wrAATTrosenauer.org - new snapshot (20090916) Mon Aug 24 14:00:00 2009 wrAATTrosenauer.org - first alpha package of XULRunner 1.9.2