-
firefox (2.0.0.21~tb.21.308+nobinonly-0ubuntu0.8.04.1) hardy-security; urgency=low
* New security/stability release 2.0.0.21 tb + 308 release
(MOZILLA_1_8_BRANCH - Fri Mar 27 11:36:18 CET 2009)
- see USN-745-2
* New security/stability release 2.0.0.21 tb release (THUNDERBIRD_2_0_0_21_RELEASE)
- see USN-728-2
* New security/stability release 2.0.0.21pre (9th Feb 2009)
- see USN-717-2
-- Alexander Sack <email address hidden> Fri, 27 Mar 2009 13:43:40 +0100
-
firefox (2.0.0.19+nobinonly1-0ubuntu0.8.04.1) hardy-security; urgency=low
* New security/stability upstream release (v2.0.0.19)
- see USN-690-2
-- Alexander Sack <email address hidden> Tue, 16 Dec 2008 16:11:31 +0100
-
firefox (2.0.0.18+nobinonly-0ubuntu0.8.04.1) hardy-security; urgency=low
* New security/stability upstream release (v2.0.0.18)
- see USN-667-1
* update configure patch (re-run autoconf2.13)
- update debian/patches/configure-autoconf2-13-reconfigure.patch
-- Alexander Sack <email address hidden> Wed, 12 Nov 2008 21:43:10 +0100
-
firefox (2.0.0.17+1nobinonly-0ubuntu0.8.04.1) hardy-security; urgency=low
* New security/stability upstream release (v2.0.0.17)
- see USN-645-1
-- Alexander Sack <email address hidden> Thu, 18 Sep 2008 15:54:15 +0200
-
firefox (2.0.0.16+1nobinonly-0ubuntu0.8.04.1) hardy-security; urgency=low
* New security/stability upstream release (v2.0.0.16)
- see USN-623-1
-- Alexander Sack <email address hidden> Wed, 16 Jul 2008 18:06:17 +0200
-
firefox (2.0.0.15+1nobinonly-0ubuntu0.8.04.2) hardy-security; urgency=low
* New security/stability upstream release (v2.0.0.15)
- see USN-619-1
[ Alexander Sack <email address hidden> ]
* fix LP: #207029 - "firefox-2 postinstall points to wrong location of
restart-required.update-notifier"; we fix the paths in firefox-2.postinst
to point to the right directory.
- update debian/firefox-2.postinst
* fix LP: #210481 - "gutsy->hardy upgrade problem"; we introduce Conflicts:
and Replaces: on old firefox 2 packages (<< 3)
- update debian/control
[ Matti Lindell <email address hidden> ]
* debian/firefox-2.links: update libsoftokn3.so link (LP: #218594).
-- Alexander Sack <email address hidden> Mon, 30 Jun 2008 13:58:32 +0200
-
firefox (2.0.0.14+2nobinonly-0ubuntu1) hardy; urgency=low
* New security/stability upstream release (v2.0.0.14)
- see USN-602-1
* fix "shipped nss links don't point to latest so version"
- update firefox-2.links
-- Alexander Sack <email address hidden> Fri, 18 Apr 2008 15:05:20 +0200
-
firefox (2.0.0.13+1nobinonly-0ubuntu1) hardy; urgency=low
* New security/stability upstream release (v2.0.0.13)
- see USN-592-1
* drop patches applied upstream
- delete debian/patches/bz399589_fix_missing_symbol_with_new_nss.patch
- update debian/patches/series
-- Alexander Sack <email address hidden> Tue, 25 Mar 2008 12:36:33 +0100
-
firefox (2.0.0.12+2nobinonly+2-0ubuntu3) hardy; urgency=low
* FF Exception upload: LP: #193319
* make firefox 2 2nd class citizen, by renaming binary packages
from firefox* to firefox-2*
* fix update-desktop database invocation to use proper path
(/usr/bin/update-desktop-database)
- update debian/firefox-2.postinst
* fix .desktop icon to refer to firefox.png again
- update debian/firefox-2.desktop
* elminate superfluous firefox-2 -> firefox links
- update debian/firefox-2-dev.links
- update debian/firefox-2.links
* provide compatibility links for several .pc files: firefox-gtkmozembed.pc,
firefox-js.pc, firefox-plugin.pc, firefox-xpcom.pc
- update debian/firefox-2-dev.links
-- Alexander Sack <email address hidden> Mon, 25 Feb 2008 10:57:06 +0100
-
firefox (2.0.0.12+2nobinonly+2-0ubuntu2) hardy; urgency=low
* update patch to support NSS for firefox 3 beta 3
- add debian/patches/bz399589_fix_missing_symbol_with_new_nss.patch
- update debian/patches/series
* improve readability of control file by unfolding Build-Depends to
multiple-lines
- update debian/control
-- Alexander Sack <email address hidden> Mon, 11 Feb 2008 15:05:16 +0100
-
firefox (2.0.0.12+2nobinonly+2-0ubuntu1) hardy; urgency=low
[ Alexander Sack ]
* New stability upstream release (v2.0.0.12)
* MFSA 2008-01 aka CVE-2008-0412: Crashes with evidence of memory corruption
v1.8.1.12 (Browser crashes)
* MFSA 2008-01 aka CVE-2008-0413: Crashes with evidence of memory corruption
v1.8.1.12 (javascript crashes)
* MFSA 2008-02 aka CVE-2008-0414: Multiple file input focus stealing
vulnerabilities: 1. Focus shifting bugs and 2. Selective keystroke
blocking bugs
* MFSA 2008-03 aka CVE-2008-0415: Privilege escalation, XSS, Remote Code
Execution (JavaScript privilege escalation bugs)
* MFSA 2008-04 aka CVE-2008-0416: Multiple XSS vulnerabilities from
character encoding
* MFSA 2008-05 aka CVE-2008-0417: Stored password corruption
* MFSA 2008-06 aka CVE-2008-0418: Directory traversal via chrome: URI
* MFSA 2008-07 aka CVE-2008-0419: Web browsing history and forward
navigation
stealing
* MFSA 2008-08 aka CVE-2008-0420: Possible information disclosure in BMP
decoder
* MFSA 2008-09 aka CVE-2008-0591: File action dialog tampering
* MFSA 2008-10 aka CVE-2008-0592: Mishandling of locally-saved plain text
files
* MFSA 2008-11 aka CVE-2008-0593: URL token stealing via stylesheet redirect
* MFSA 2008-12 aka CVE-2008-0594: Web forgery overwrite with div overlay
* updated diverged patches
- debian/patches/ubuntu-look-and-feel-patch.patch
- debian/patches/configure-autoconf2-13-reconfigure.patch
- debian/patches/series
* remove patches applied upstream
- debian/patches/bz391028_att284556.patch
-- Alexander Sack <email address hidden> Mon, 11 Feb 2008 00:28:46 +0100
-
firefox (2.0.0.10+2nobinonly-0ubuntu2) hardy; urgency=low
New security/stability upstream release (v2.0.0.10):
* include follow up patch to fix 2.0.0.10 regression (bz391028):
- add debian/patches/bz391028_att284556.patch
- update debian/patches/series
* include patch for cairo Xlib build failure (bz344818):
- add bz344818_att264996.patch
- update debian/patches/series
- update debian/patches/configure-autoconf2-13-reconfigure.patch
firefox (2.0.0.10+2nobinonly-0ubuntu1.7.10.1) gutsy-security; urgency=low
* New security/stability upstream release (v2.0.0.10)
* MFSA 2007-37 aka CVE-2007-5947
* MFSA 2007-38 aka CVE-2007-5959
* MFSA 2007-39 aka CVE-2007-5960
* debian/patches/bz384304_lp117575_linkrecursion_fix_in_startscript.patch,
series: drop patch applied upstream.
* debian/patches/configure-autoconf2-13-reconfigure.patch: rerun
autconf2.13 to resolve upstream merge conflicts.
-- Alexander Sack <email address hidden> Wed, 28 Nov 2007 17:14:46 +0100
-
firefox (2.0.0.8+2nobinonly-0ubuntu3) hardy; urgency=low
* debian/control: fix package description to not include "development
version disclaimer (LP: #150791).
firefox (2.0.0.8+2nobinonly-0ubuntu2) hardy; urgency=low
* debian/rules: define LIB_DIR to set mozillla-five-home appropriately
(LP: #157126).
firefox (2.0.0.8+2nobinonly-0ubuntu1) gutsy-security; urgency=low
New security/stability upstream release (v2.0.0.8):
* MFSA 2007-29 aka CVE-2007-5339 (browser), CVE-2007-5340 (javascript)
* MFSA 2007-30 aka CVE-2007-1095
* MFSA 2007-31 aka CVE-2007-2292
* MFSA 2007-32 aka CVE-2007-3511, CVE-2006-2894
* MFSA 2007-33 aka CVE-2007-5334
* MFSA 2007-34 aka CVE-2007-5337
* MFSA 2007-35 aka CVE-2007-5338
* MFSA 2007-36 aka CVE-2007-4841 (windows only)
Packaging changes:
* debian/patches/bz389801-theme-crash-with-GtkOptionMenu-indicator_size-and-indicator_spacing.patch,
series: drop patch - applied upstream.
* debian/patches/build-system-garbage.patch: drop allmakefiles.sh hunk -
applied upstream.
* debian/patches/configure-autoconf2-13-reconfigure.patch: rerun
autoconf2.13
-- Alexander Sack <email address hidden> Sun, 28 Oct 2007 18:22:42 +0100
-
firefox (2.0.0.6+2nobinonly-0ubuntu1) gutsy; urgency=low
* Reupload source tarball without binaries (LP: #121734) - sanitized using
debian/remove.binonly.sh
* debian/remove.binonly.sh: add script to strip original tarball from
binary only cruft.
* debian/debsearch.src: debsearch plugin now searches for gutsy packages
(LP: #150503).
-- Alexander Sack <email address hidden> Mon, 08 Oct 2007 13:04:06 +0200
