From 137de8fd48dc4e437d1f4a890f5a5ed76494682a91913d85cf5eeab7c97fdedb Mon Sep 17 00:00:00 2001
From: Wolfgang Rosenauer <wolfgang@rosenauer.org>
Date: Tue, 8 Jan 2013 18:14:01 +0000
Subject: [PATCH] * MFSA 2013-01/CVE-2013-0749/CVE-2013-0769/CVE-2013-0770    
 Miscellaneous memory safety hazards   * MFSA
 2013-02/CVE-2013-0760/CVE-2013-0762/CVE-2013-0766/CVE-2013-0767    
 CVE-2013-0761/CVE-2013-0763/CVE-2013-0771/CVE-2012-5829     Use-after-free
 and buffer overflow issues found using Address Sanitizer   * MFSA
 2013-03/CVE-2013-0768 (bmo#815795)     Buffer Overflow in Canvas   * MFSA
 2013-04/CVE-2012-0759 (bmo#802026)     URL spoofing in addressbar during page
 loads   * MFSA 2013-05/CVE-2013-0744 (bmo#814713)     Use-after-free when
 displaying table with many columns and column groups   * MFSA
 2013-06/CVE-2013-0751 (bmo#790454)     Touch events are shared across iframes
   * MFSA 2013-07/CVE-2013-0764 (bmo#804237)     Crash due to handling of SSL
 on threads   * MFSA 2013-08/CVE-2013-0745 (bmo#794158)     AutoWrapperChanger
 fails to keep objects alive during garbage collection   * MFSA
 2013-09/CVE-2013-0746 (bmo#816842)     Compartment mismatch with quickstubs
 returned values   * MFSA 2013-10/CVE-2013-0747 (bmo#733305)     Event
 manipulation in plugin handler to bypass same-origin policy   * MFSA
 2013-11/CVE-2013-0748 (bmo#806031)     Address space layout leaked in XBL
 objects   * MFSA 2013-12/CVE-2013-0750 (bmo#805121)     Buffer overflow in
 Javascript string concatenation   * MFSA 2013-13/CVE-2013-0752 (bmo#805024)  
   Memory corruption in XBL with XML bindings containing SVG   * MFSA
 2013-14/CVE-2013-0757 (bmo#813901)     Chrome Object Wrapper (COW) bypass
 through changing prototype   * MFSA 2013-15/CVE-2013-0758 (bmo#813906)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=311
---
 MozillaFirefox.changes | 1 +
 1 file changed, 1 insertion(+)

diff --git a/MozillaFirefox.changes b/MozillaFirefox.changes
index 2f5086d..e978c91 100644
--- a/MozillaFirefox.changes
+++ b/MozillaFirefox.changes
@@ -40,6 +40,7 @@ Sun Jan  6 21:54:18 UTC 2013 - wr@rosenauer.org
   * MFSA 2013-18/CVE-2013-0755 (bmo#814027)
     Use-after-free in Vibrate
   * MFSA 2013-19/CVE-2013-0756 (bmo#814029)
+    Use-after-free in Javascript Proxy objects
 - requires NSS 3.14.1 (MFSA 2013-20, CVE-2013-0743)
 - removed obsolete SLE11 patches (mozilla-gcc43*)
 - reenable WebRTC