diff --git a/MozillaFirefox.changes b/MozillaFirefox.changes index 2bc365e..d5c537f 100644 --- a/MozillaFirefox.changes +++ b/MozillaFirefox.changes @@ -1,9 +1,44 @@ +------------------------------------------------------------------- +Thu Apr 1 11:15:38 UTC 2010 - wr@rosenauer.org + +- security update to 3.6.3 + * MFSA 2010-25/CVE-2010-1121 (bmo#555109) + Re-use of freed object due to scope confusion + ------------------------------------------------------------------- Thu Mar 18 06:43:33 CET 2010 - wr@rosenauer.org - security update to version 3.6.2 (bnc#586567) - * MFSA 2010-08/CVE-2010-1028 (bmo#552216) + * MFSA 2010-08/CVE-2010-1028 WOFF heap corruption due to integer overflow + * MFSA 2010-09/CVE-2010-0164 (bmo#547143) + Deleted frame reuse in multipart/x-mixed-replace image + * MFSA 2010-10/CVE-2010-0170 (bmo#541530) + XSS via plugins and unprotected Location object + * MFSA 2010-11/CVE-2010-0165/CVE-2010-0166/CVE-2010-0167 + Crashes with evidence of memory corruption + * MFSA 2010-12/CVE-2010-0171 (bmo#531364) + XSS using addEventListener and setTimeout on a wrapped object + * MFSA 2010-13/CVE-2010-0168 (bmo#540642) + Content policy bypass with image preloading + * MFSA 2010-14/CVE-2010-0169 (bmo#535806) + Browser chrome defacement via cached XUL stylesheets + * MFSA 2010-15/CVE-2010-0172 (bmo#537862) + Asynchronous Auth Prompt attaches to wrong window + * MFSA 2010-16/CVE-2010-0173/CVE-2010-0174 + Crashes with evidence of memory corruption + * MFSA 2010-18/CVE-2010-0176 (bmo#538308) + Dangling pointer vulnerability in nsTreeContentView + * MFSA 2010-19/CVE-2010-0177 (bmo#538310) + Dangling pointer vulnerability in nsPluginArray + * MFSA 2010-20/CVE-2010-0178 (bmo#546909) + Chrome privilege escalation via forced URL drag and drop + * MFSA 2010-22/CVE-2009-3555 (bmo#545755) + Update NSS to support TLS renegotiation indication + * MFSA 2010-23/CVE-2010-0181 (bmo#452093) + Image src redirect to mailto: URL opens email editor + * MFSA 2010-24/CVE-2010-0182 (bmo#490790) + XMLDocument::load() doesn't check nsIContentPolicy ------------------------------------------------------------------- Mon Jan 18 09:42:50 CET 2010 - wr@rosenauer.org diff --git a/MozillaFirefox.spec b/MozillaFirefox.spec index e336d1f..d203be5 100644 --- a/MozillaFirefox.spec +++ b/MozillaFirefox.spec @@ -1,5 +1,5 @@ # -# spec file for package MozillaFirefox (Version 3.6.2) +# spec file for package MozillaFirefox (Version 3.6.3) # # Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. # 2006-2010 Wolfgang Rosenauer @@ -22,7 +22,7 @@ Name: MozillaFirefox %define xulrunner mozilla-xulrunner192 BuildRequires: autoconf213 gcc-c++ libcurl-devel libgnomeui-devel libidl-devel libnotify-devel python unzip update-desktop-files zip -BuildRequires: %{xulrunner}-devel = 1.9.2.2 +BuildRequires: %{xulrunner}-devel = 1.9.2.3 %if %suse_version > 1020 BuildRequires: fdupes %endif @@ -34,9 +34,9 @@ BuildRequires: wireless-tools License: GPLv2+ ; LGPLv2.1+ ; MPLv1.1+ Provides: web_browser Provides: firefox -Version: 3.6.2 +Version: 3.6.3 Release: 1 -%define releasedate 2010031700 +%define releasedate 2010040100 Summary: Mozilla Firefox Web Browser Url: http://www.mozilla.org/ Group: Productivity/Networking/Web/Browsers diff --git a/firefox-3.6.2-source.tar.bz2 b/firefox-3.6.2-source.tar.bz2 deleted file mode 100644 index f7e87c6..0000000 --- a/firefox-3.6.2-source.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:5b355d011f3bf82266cbbfa6f2b17da9ebac6a4dfa59fe207d7f1dcd3b719001 -size 48514727 diff --git a/firefox-3.6.3-source.tar.bz2 b/firefox-3.6.3-source.tar.bz2 new file mode 100644 index 0000000..b3808d6 --- /dev/null +++ b/firefox-3.6.3-source.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:e7211b6f12ea8a582f3a483cac0d97283436e5099b7c2a629a2d0093fa822b2c +size 48515639 diff --git a/l10n-3.6.2.tar.bz2 b/l10n-3.6.2.tar.bz2 deleted file mode 100644 index eb8f168..0000000 --- a/l10n-3.6.2.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:e9e55f6ff857bae68761f3cc4c94688a86d7515181da22cbe22f5902ad7e3ceb -size 36336474 diff --git a/l10n-3.6.3.tar.bz2 b/l10n-3.6.3.tar.bz2 new file mode 100644 index 0000000..de722bd --- /dev/null +++ b/l10n-3.6.3.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:4de534dc1c5ad51a267042a409f0cf1be339b4b512a38e810fb9c84e229f23d6 +size 36338527