Hello community,
here is the log from the commit of package patchinfo.381 for
openSUSE:13.1:Update checked in at 2016-02-01 22:33:50
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:13.1:Update/patchinfo.381 (Old)
and /work/SRC/openSUSE:13.1:Update/.patchinfo.381.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "patchinfo.381"
Changes:
--------
New Changes file:
NO CHANGES FILE!!!
New:
----
_patchinfo
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ _patchinfo ++++++
<patchinfo incident="381">
<packager>wrosenauer</packager>
<category>security</category>
<rating>important</rating>
<summary>Security update for Mozilla Firefox</summary>
<description>This update fixes the following security related issues by
updating packages to a more recent version:
Update of NSPR to 4.11
Update of NSS to 3.21
Update of Firefox to 44.0
* MFSA 2016-01/CVE-2016-1930/CVE-2016-1931
Miscellaneous memory safety hazards
* MFSA 2016-02/CVE-2016-1933 (bmo#1231761)
Out of Memory crash when parsing GIF format images
* MFSA 2016-03/CVE-2016-1935 (bmo#1220450)
Buffer overflow in WebGL after out of memory allocation
* MFSA 2016-04/CVE-2015-7208/CVE-2016-1939 (bmo#1191423, bmo#1233784)
Firefox allows for control characters to be set in cookie names
* MFSA 2016-06/CVE-2016-1937 (bmo#724353)
Missing delay following user click events in protocol handler dialog
* MFSA 2016-07/CVE-2016-1938 (bmo#1190248)
Errors in mp_div and mp_exptmod cryptographic functions in NSS
(fixed by requiring NSS 3.21)
* MFSA 2016-09/CVE-2016-1942/CVE-2016-1943 (bmo#1189082, bmo#1228590)
Addressbar spoofing attacks
* MFSA 2016-10/CVE-2016-1944/CVE-2016-1945/CVE-2016-1946
(bmo#1186621, bmo#1214782, bmo#1232096)
Unsafe memory manipulation found through code inspection
* MFSA 2016-11/CVE-2016-1947 (bmo#1237103)
Application Reputation service disabled in Firefox 43</description>
</patchinfo>
