changelog

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=218
2011-08-16 21:14:25 +00:00 · 2011-08-16 21:14:25 +00:00 · 9a1fb250a2
commit 9a1fb250a2
parent 1a25ec2cd0
1 changed files with 14 additions and 2 deletions
--- a/MozillaFirefox.changes
+++ b/MozillaFirefox.changes
@ -1,8 +1,20 @@
 -------------------------------------------------------------------
 Fri Aug 12 21:16:19 UTC 2011 - wr@rosenauer.org

- update to 6.0 (bnc#711954)
-  * included security fixes
+- update to 6.0 (bnc#712224)
+  included security fixes MFSA 2011-29
+  * CVE-2011-2989/CVE-2011-2991/CVE-2011-2992/CVE-2011-2985
+    Miscellaneous memory safety hazards
+  * CVE-2011-2993 (bmo#657267)
+    Unsigned scripts can call script inside signed JAR
+  * CVE-2011-2988 (bmo#665934)
+    Heap overflow in ANGLE library
+  * CVE-2011-0084 (bmo#648094)
+    Crash in SVGTextElement.getCharNumAtPosition()
+  * CVE-2011-2990
+    Credential leakage using Content Security Policy reports
+  * CVE-2011-2986 (bmo#655836)
+    Cross-origin data theft using canvas and Windows D2D
 - removed obsolete curl header dependency (mozilla-curl.patch)

 -------------------------------------------------------------------