Hello community, here is the log from the commit of package MozillaFirefox for openSUSE:Factory checked in at 2012-05-08 06:46:44 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old) and /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "MozillaFirefox", Maintainer is "[email protected]" Changes: -------- --- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes 2012-04-23 16:11:42.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes 2012-05-08 06:47:00.000000000 +0200 @@ -5,0 +6,28 @@ + * MFSA 2012-20/CVE-2012-0467/CVE-2012-0468 + Miscellaneous memory safety hazards + * MFSA 2012-22/CVE-2012-0469 (bmo#738985) + use-after-free in IDBKeyRange + * MFSA 2012-23/CVE-2012-0470 (bmo#734288) + Invalid frees causes heap corruption in gfxImageSurface + * MFSA 2012-24/CVE-2012-0471 (bmo#715319) + Potential XSS via multibyte content processing errors + * MFSA 2012-25/CVE-2012-0472 (bmo#744480) + Potential memory corruption during font rendering using cairo-dwrite + * MFSA 2012-26/CVE-2012-0473 (bmo#743475) + WebGL.drawElements may read illegal video memory due to + FindMaxUshortElement error + * MFSA 2012-27/CVE-2012-0474 (bmo#687745, bmo#737307) + Page load short-circuit can lead to XSS + * MFSA 2012-28/CVE-2012-0475 (bmo#694576) + Ambiguous IPv6 in Origin headers may bypass webserver access + restrictions + * MFSA 2012-29/CVE-2012-0477 (bmo#718573) + Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues + * MFSA 2012-30/CVE-2012-0478 (bmo#727547) + Crash with WebGL content using textImage2D + * MFSA 2012-31/CVE-2011-3062 (bmo#739925) + Off-by-one error in OpenType Sanitizer + * MFSA 2012-32/CVE-2011-1187 (bmo#624621) + HTTP Redirections and remote content can be read by javascript errors + * MFSA 2012-33/CVE-2012-0479 (bmo#714631) + Potential site identity spoofing when loading RSS and Atom feeds ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
