forked from pool/MozillaFirefox
Security:
* MFSA 2014-74/CVE-2014-1574/CVE-2014-1575 Miscellaneous memory safety hazards * MFSA 2014-75/CVE-2014-1576 (bmo#1041512) Buffer overflow during CSS manipulation * MFSA 2014-76/CVE-2014-1577 (bmo#1012609) Web Audio memory corruption issues with custom waveforms * MFSA 2014-77/CVE-2014-1578 (bmo#1063327) Out-of-bounds write with WebM video * MFSA 2014-78/CVE-2014-1580 (bmo#1063733) Further uninitialized memory use during GIF rendering * MFSA 2014-79/CVE-2014-1581 (bmo#1068218) Use-after-free interacting with text directionality * MFSA 2014-80/CVE-2014-1582/CVE-2014-1584 (bmo#1049095, bmo#1066190) Key pinning bypasses * MFSA 2014-81/CVE-2014-1585/CVE-2014-1586 (bmo#1062876, bmo#1062981) Inconsistent video sharing within iframe * MFSA 2014-82/CVE-2014-1583 (bmo#1015540) Accessing cross-origin objects via the Alarms API (only relevant for installed web apps) OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=400
This commit is contained in:
parent
2f02270073
commit
637aa82eee
@ -11,6 +11,26 @@ Sat Oct 11 08:48:24 UTC 2014 - wr@rosenauer.org
|
|||||||
* Support for connecting to HTTP proxy over HTTPS
|
* Support for connecting to HTTP proxy over HTTPS
|
||||||
* Improved reliability of the session restoration
|
* Improved reliability of the session restoration
|
||||||
* Proprietary window.crypto properties/functions removed
|
* Proprietary window.crypto properties/functions removed
|
||||||
|
Security:
|
||||||
|
* MFSA 2014-74/CVE-2014-1574/CVE-2014-1575
|
||||||
|
Miscellaneous memory safety hazards
|
||||||
|
* MFSA 2014-75/CVE-2014-1576 (bmo#1041512)
|
||||||
|
Buffer overflow during CSS manipulation
|
||||||
|
* MFSA 2014-76/CVE-2014-1577 (bmo#1012609)
|
||||||
|
Web Audio memory corruption issues with custom waveforms
|
||||||
|
* MFSA 2014-77/CVE-2014-1578 (bmo#1063327)
|
||||||
|
Out-of-bounds write with WebM video
|
||||||
|
* MFSA 2014-78/CVE-2014-1580 (bmo#1063733)
|
||||||
|
Further uninitialized memory use during GIF rendering
|
||||||
|
* MFSA 2014-79/CVE-2014-1581 (bmo#1068218)
|
||||||
|
Use-after-free interacting with text directionality
|
||||||
|
* MFSA 2014-80/CVE-2014-1582/CVE-2014-1584 (bmo#1049095, bmo#1066190)
|
||||||
|
Key pinning bypasses
|
||||||
|
* MFSA 2014-81/CVE-2014-1585/CVE-2014-1586 (bmo#1062876, bmo#1062981)
|
||||||
|
Inconsistent video sharing within iframe
|
||||||
|
* MFSA 2014-82/CVE-2014-1583 (bmo#1015540)
|
||||||
|
Accessing cross-origin objects via the Alarms API
|
||||||
|
(only relevant for installed web apps)
|
||||||
- requires NSPR 4.10.7
|
- requires NSPR 4.10.7
|
||||||
- requires NSS 3.17.1
|
- requires NSS 3.17.1
|
||||||
- removed obsolete patches:
|
- removed obsolete patches:
|
||||||
|
Loading…
Reference in New Issue
Block a user