firefox

firefox 3.6.19

Firefox Web Browser

http://www.mozilla.org/projects/firefox/

Packager: Gökçen Eraslan

License: MPL-1.1, NPL-1.1, GPLv2

Actions

Build files

Bug reports

Binary packages

firefox

Release history

ReleaseRelease dateVersionUpdaterComment
1382011-08-033.6.19Gökçen EraslanVersion bump to 3.6.19:
* Cookie isolation error
* Multiple dangling pointer vulnerabilities
* Integer overflow and arbitrary code execution in Array.reduceRight()
* Memory corruption due to multipart/x-mixed-replace images
* Use-after-free vulnerability when viewing XUL document with script disabled
* Miscellaneous memory safety hazards
* XSLT generate-id() function heap address leak
* Directory traversal in resource: protocol
* Escalation of privilege through Java Embedding Plugin
* Information stealing via form history
* Multiple dangling pointer vulnerabilities
* Miscellaneous memory safety hazards
1372011-03-273.6.16Gökçen Eraslan* Firefox 3.6.16 blacklists a few invalid HTTPS certificates.
1362011-03-113.6.15Gökçen EraslanBump to latest security release to fix several security issues:
* CSRF risk with plugins and 307 redirects
* Crash caused by corrupted JPEG image
* ParanoidFragmentSink allows javascript: URLs in chrome documents
* Use-after-free error using Web Workers
* Buffer overflow in JavaScript atom map
* Buffer overflow in JavaScript upvarMap
* Use-after-free error in JSON.stringify
* Recursive eval call causes confirm dialogs to evaluate to true
* Miscellaneous memory safety hazards
* Fixed several stability issues.
* Fixed an issue where some Java applets would fail to load in Firefox 3.6.14
1352010-12-113.6.13Gökçen EraslanBump to latest security release to fix several security issues, #15557:
* XSS hazard in multiple character encodings
* Location bar SSL spoofing using network error page
* Incomplete fix for CVE-2010-0179
* Integer overflow vulnerability in NewIdArray
* Use-after-free error with nsDOMAttribute MutationObserver
* Java security bypass from LiveConnect loaded via data: URL meta refresh
* Add support for OTS font sanitizer
* Crash and remote code execution using HTML tags inside a XUL tree
* Chrome privilege escalation with window.open and isindex element
* Buffer overflow while line breaking after document.write with long string
* Miscellaneous memory safety hazards
1342010-10-283.6.12Gökçen EraslanBump to latest security release to fix CVE-2010-3765:
* Interleaving document.write and appendChild can lead to duplicate text frames and overrunning of text run buffers.
1332010-10-203.6.11Gökçen Eraslan- Version bump to new release and disable color profile support #14496
* MFSA 2010-72 Insecure Diffie-Hellman key exchange
* MFSA 2010-71 Unsafe library loading vulnerabilities
* MFSA 2010-70 SSL wildcard certificate matching IP addresses
* MFSA 2010-69 Cross-site information disclosure via modal calls
* MFSA 2010-68 XSS in gopher parser when parsing hrefs
* MFSA 2010-67 Dangling pointer vulnerability in LookupGetterOrSetter
* MFSA 2010-66 Use-after-free error in nsBarProp
* MFSA 2010-65 Buffer overflow and memory corruption using document.write
* MFSA 2010-64 Miscellaneous memory safety hazards
1322010-09-153.6.9Gökçen Eraslan- Version bump to new release:
* Introduced support for the X-FRAME-OPTIONS HTTP response
header. Site owners can use this to mitigate clickjacking
attacks by ensuring that their content is not embedded
into other sites.
* Fixed several security issues.
* Fixed several stability issues.
1312010-08-053.6.8Gökçen Eraslan- Version bump to new release:
* Dangling pointer crash regression from plugin parameter array fix
* Cross-origin data leakage from script filename in error messages
* Cross-domain data theft using CSS
* Multiple location bar spoofing vulnerabilities
* Characters mapped to U+FFFD in 8 bit encodings cause subsequent character to vanish
* Same-origin bypass using canvas context
* Cross-origin data disclosure via Web Workers and importScripts
* Remote code execution using malformed PNG image
* nsTreeSelection dangling pointer remote code execution vulnerability
* nsCSSValue::Array index integer overflow
* Arbitrary code execution using SJOW and fast native function
* Plugin parameter EnsureCachedAttrParamArrays remote code execution vulnerability
* Use-after-free error in NodeIterator
* DOM attribute cloning remote code execution vulnerability
* Miscellaneous memory safety hazards (rv:1.9.2.7/ 1.9.1.11)
1302010-06-293.6.6Gökçen EraslanVersion bump to new release which just increases hang detector timeout (http://www.mozilla.com/en-US/firefox/3.6.6/releasenotes/)
1292010-06-213.6.4Gökçen Eraslan- Version bump to Firefox 3.6.4
- Firefox 3.6.4 provides uninterrupted
browsing for users when there is a crash in plugins.
1282010-05-313.6.3Gökçen EraslanAdd translate.pardus.org.tr to bookmarks toolbar by default.
1272010-05-223.6.3Gökçen EraslanVergi kimlik no bookmark entry removed.
1262010-04-273.6.3Gökçen EraslanVersion bump to new release
1252010-04-013.6.2Gökçen EraslanVersion bump to new release
1242010-04-013.6Gökçen EraslanVersion bump to new release
1232010-03-313.5.9Gökçen EraslanBump to new security release:
* XMLDocument::load() doesn't check nsIContentPolicy
* Image src redirect to mailto: URL opens email editor
* Update NSS to support TLS renegotiation indication
* Chrome privilege escalation via forced URL drag and drop
* Dangling pointer vulnerability in nsPluginArray
* Dangling pointer vulnerability in nsTreeContentView
* Remote code execution with use-after-free in nsTreeSelection
* Crashes with evidence of memory corruption (rv:1.9.2.2/ 1.9.1.9/ 1.9.0.19)
1222010-02-233.5.8Gökçen EraslanBump to new security release (#12316):
* XSS hazard using SVG document and binary Content-Type
* XSS due to window.dialogArguments being readable cross-domain
* Use-after-free crash in HTML parser
* Web Worker Array Handling Heap Corruption Vulnerability
* Crashes with evidence of memory corruption (rv:1.9.1.8/ 1.9.0.18)
1212010-01-073.5.7Gökçen EraslanVersion bump to new stability release:
* DNS resolution in MakeSN of nsAuthSSPI causing issues for proxy servers that support NTLM auth
1202009-12-143.5.6Onur KüçükDepend strictly on new cairo and gtk2, fixes bug (#11724)
1192009-12-143.5.6Gökçen EraslanVersion bump to latest stable release and also fix Sabah newspaper and Calikbank(now Aktifbank) bookmark URIs.
1182009-10-303.5.4Gökçen EraslanVersion bump to latest security release, #11473:
* MFSA 2009-64 Crashes with evidence of memory corruption (rv:1.9.1.4/ 1.9.0.15)
* MFSA 2009-63 Upgrade media libraries to fix memory safety bugs
* MFSA 2009-62 Download filename spoofing with RTL override
* MFSA 2009-61 Cross-origin data theft through document.getSelection()
* MFSA 2009-59 Heap buffer overflow in string to number conversion
* MFSA 2009-57 Chrome privilege escalation in XPCVariant::VariantDataToJS()
* MFSA 2009-56 Heap buffer overflow in GIF color map parser
* MFSA 2009-55 Crash in proxy auto-configuration regexp parsing
* MFSA 2009-54 Crash with recursive web-worker calls
* MFSA 2009-53 Local downloaded file tampering
* MFSA 2009-52 Form history vulnerable to stealing
1172009-09-103.5.3Gökçen EraslanVersion bump to latest security release, CVE-2009-3070, #1114
1162009-08-113.5.2Gökçen EraslanFix Turkish translation of user word.
1152009-08-103.5.2Gökçen Eraslan* Images with ICC profiles now render properly on all monitors.
* Several security issues:
* Chrome privilege escalation due to incorrectly cached wrapper
* Crashes with evidence of memory corruption (rv:1.9.1.2/1.9.0.13)
* Location bar and SSL indicator spoofing via window.open() on invalid URL
* Data corruption with SOCKS5 reply containing DNS name longer than 15 characters
1142009-07-273.5.1Gökçen EraslanRemove LD_PRELOAD hack for Flash fullscreen crash bug, now it's fixed in xulrunner via a jemalloc patch.
1132009-07-173.5.1Gökçen EraslanDo not remove main Firefox directory in postRemove, it's very dangerous while using delta.
1122009-07-173.5.1Gökçen EraslanVersion bump to latest bugfix release.
1112009-07-173.5Ozan ÇağlayanEnable libgnomeui, update Dutch bookmarks.
1102009-06-303.5Gökçen EraslanBump to 3.5 final release and remove redundant /etc/env.d/10MozillaFirefox file.
1092009-06-223.5_rc1Gökçen EraslanInstall application icon from Mozilla tarball instead of the additional file.
1082009-06-193.5_rc1Gökçen EraslanDo not strip debug symbols, we need them in our debug packages.
1072009-06-133.5_rc1Gökçen EraslanVersion bump to 3.5rc1 release and add LD_PRELOAD hack for fullscreen video crashes with nvidia cards.
1062009-05-263.5_beta4Gökçen EraslanMove spellchecking related stuff including zemberek patch to xulrunner
1052009-05-113.5_beta4Gökçen EraslanVersion bump to 3.5 branch
1042009-05-013.0.10Gökçen EraslanVersion bump to new security release and make Firefox xulrunner dependant
1032009-03-303.0.8Gökçen EraslanVersion bump to new security release fixes CVE-2009-1044 and CVE-2009-1169
1022009-03-093.0.7Gökçen EraslanWith new zemberek patch, firefox now uses zemberek-server via DBus instead of socket, thanks to Faiksan. Fixes #4385.
1012009-03-053.0.7Gökçen EraslanSecurity patches for mozilla#448329 and mozilla#456757.
1002009-03-053.0.7Gökçen EraslanVersion bump to new security release
992009-03-033.0.6Ozan ÇağlayanDisable smooth scrolling as it slows down scrolling on low end computers and bad web sites.
982009-03-023.0.6Gökçen EraslanSecurity patches for mozilla#448329 and mozilla#456757.
972009-02-123.0.6Gökçen EraslanFix IHA URL in bookmarks.
962009-02-043.0.6Gökçen EraslanVersion bump to new security release
952009-01-303.0.5Gökçen EraslanFallback to English bookmarks in pt_BR locale
942008-12-263.0.5Gökçen Eraslan* Comment and GenericName keys are updated in desktop file.
* network.prefetch-next enabled as in default.
* German bookmarks added by Mustafa Ölçerman
* Use system hunspell instead of the bundled one
* about:about URI removed as upstream suggested.
932008-12-183.0.5Gökçen EraslanVersion bump to security release
922008-12-143.0.4Ozan ÇağlayanFix a translation bug in CTRL+F toolbar.
912008-11-263.0.4Ozan ÇağlayanDon't show about:rights if the user has already accepted EULA.
902008-11-203.0.4Ozan Çağlayan- Fixes the issue of missing mozilla plugins when KDE restores firefox upon logout (Fixes #7592),
- Add ozgurlukicin.com as well as pardus.org.tr to the startup pages (Fixes #7172),
- Fix several bugs in Turkish bookmarks and update some icons (Fixes #7987),
- Fix several Turkish translation issues,
- Remove EULA and add popup toolbar for showing user rights.
- Use system sqlite instead of the one comes with Firefox
892008-11-203.0.4Gökçen EraslanVersion bump to 3.0.4
882008-11-113.0.3Gökçen EraslanFix Turkish translation of Find in Edit menu
872008-09-273.0.3Gökçen EraslanVersion bump to fresh bugfix release
862008-09-263.0.2Gökçen EraslanVersion bump to 3.0.2 to fix severeal security issues
852008-08-273.0.1Gökçen EraslanSwedish translations added
842008-07-313.0.1Gökçen EraslanFix font problems, do not set fixed and minimum font sizes to 12, 15 is OK for most of the web sites. Set serif type as DejaVu Serif, not DejaVu Sans.
832008-07-173.0.1Gökçen EraslanVersion bump from rc1 to stable release
822008-07-143.0.1Gökçen EraslanVersion bump, pl and ca locales added
812008-06-183.0Gökçen EraslanVersion bump to stable release
802008-06-053.0_rc2Gökçen EraslanVersion bump
792008-05-233.0_rc1Gökçen EraslanVersion bump
782008-05-123.0_beta5Faik UygurZemberek support
772008-04-073.0_beta5Gökçen EraslanSome patches from SuSE and Ubuntu about reloading new plugins, default browser and no update
762008-04-033.0_beta5Gökçen EraslanVersion bump
752008-03-223.0_beta4Gökçen EraslanVersion bump
742008-02-073.0_pre20080207İsmail DönmezVersion bump
732007-12-012.0.0.11İsmail DönmezRegression fix release
722007-11-272.0.0.10İsmail DönmezSecurity update
712007-11-152.0.0.9İsmail DönmezFix Mozilla bug #369814 and #403331
702007-11-022.0.0.9İsmail DönmezStable update
692007-10-192.0.0.8İsmail DönmezSecurity update
682007-10-022.0.0.6İsmail DönmezMore updates to default bookmarks
672007-09-012.0.0.6İsmail DönmezUpdates to default bookmarks
662007-08-262.0.0.6Eren TürkayAdd google linux search plugin
652007-07-312.0.0.6İsmail DönmezSecurity update
642007-07-252.0.0.5İsmail DönmezFix wikipedia urls, bug #6133
632007-07-182.0.0.5İsmail DönmezStable update
622007-07-092.0.0.4İsmail DönmezFix Mozilla bug #387333 and #363897
612007-07-082.0.0.4İsmail DönmezRevert last
602007-07-082.0.0.4İsmail DönmezFix #6016
592007-07-052.0.0.4Mehmet D. AkınFix slowdown on spellchecking large editboxes
582007-06-202.0.0.4İsmail DönmezFix Mozilla bug #381300
572007-05-302.0.0.4İsmail DönmezStable update
562007-05-302.0.0.3İsmail DönmezSexify buttons and checkboxes
552007-05-242.0.0.3İsmail DönmezFix a problem with Turkish translation
542007-05-222.0.0.3İsmail DönmezGenerate .autoreg file while installing to fix #5006 and similar problems
532007-05-132.0.0.3İsmail DönmezAdd power patch from http://www.linuxpowertop.org/patches/firefox-2.0.patch
522007-05-102.0.0.3İsmail DönmezCorrect build date
512007-03-262.0.0.3İsmail DönmezFix #4449
502007-03-242.0.0.3Ahmet AYGÜNSearch plugin corrections.
492007-03-212.0.0.3İsmail DönmezStable update
482007-03-052.0.0.2S.Çağlar OnurAdd pt_BR
472007-02-232.0.0.2İsmail DönmezFix Mozilla bug #371375
462007-02-232.0.0.2İsmail DönmezStable update to fix multiple vulnerabilities
452007-01-192.0.0.1S.Çağlar OnurEnable shared libs as Furkan requested
442006-12-212.0.0.1İsmail DönmezRevert last
432006-12-212.0.0.1İsmail DönmezRe-enable visibility, it works on i386
422006-12-212.0.0.1İsmail DönmezMimetype fixes
412006-12-202.0.0.1İsmail DönmezSecurity update
402006-12-122.0İsmail DönmezSupport OpenOffice 1.x formats
392006-12-122.0S.Çağlar OnurFix #3708
382006-12-092.0S.Çağlar OnurFix #4446
372006-12-082.0İsmail DönmezFix pkgconfig files
362006-12-032.0Faik UygurUse zemberek, heyo!
352006-12-022.0İsmail DönmezDon't use aoss
342006-11-282.0S.Çağlar OnurStable update
332006-11-071.5.0.8İsmail DönmezStable update
322006-11-051.5.0.7İsmail DönmezFix Uluzilla #2244
312006-09-151.5.0.7İsmail DönmezVersion bump to fix various security bugs
302006-07-311.5.0.5S.Çağlar OnurFix "ppdClose from /usr/lib/libcups.so.2" seg. fault
292006-07-281.5.0.5S.Çağlar OnurVersion bump for several sec. fix, fix #2458 and add ~22 language to firefox
282006-07-111.5.0.4İsmail DönmezFix Milliyet's url
272006-07-111.5.0.4S.Çağlar OnurFix #382, #1305, #2432. Remove hacky wrapper which means faster startup times, update preload file. Fix printing issues from upstream. Update some additional files
262006-07-071.5.0.4İsmail DönmezRevert back min. font size to 12pt
252006-06-231.5.0.4İsmail DönmezMake direct mms link work
242006-06-201.5.0.4S.Çağlar Onurfix #248, set font.minimum-size.* to 10
232006-06-191.5.0.4Gökmen GökselSet font.minimum-size.* to null
222006-06-021.5.0.4İsmail DönmezSecurity/Bugfix release
212006-05-011.5.0.2İsmail DönmezFix mozilla bug #334515
202006-04-201.5.0.2S.Çağlar OnurVersion bump
192006-04-071.5.0.1S.Çağlar Onurfix #2458, cleanup and sync
182006-03-251.5.0.1A. Murat ErenDefault bookmarks updated
172006-03-071.5.0.1S.Çağlar OnurVersion bump
162006-01-281.5.0İsmail DönmezMake all fonts Sans
152006-01-181.5.0S.Çağlar OnurZemberek support by Faik Uygur
142006-01-011.5.0İsmail DönmezUse system nss/nspr and fix upstream bug #305970
132005-12-311.5.0İsmail DönmezFix all font problems
122005-12-281.5.0İsmail DönmezFix small font problems by always using X's dpi
112005-11-301.5.0İsmail DönmezFinal stable version for 1.5
102005-11-281.5_rc3İsmail DönmezFix #265
92005-11-251.5_rc3İsmail DönmezAdd default mimetypes
82005-11-181.5_rc3İsmail DönmezUpdate to version 1.5rc3, fix GTK+ 2.8 support and enable SVG
72005-11-111.5_rc2İsmail DönmezUpdate to version 1.5rc2
62005-11-051.5_rc1İsmail DönmezUpdate translations
52005-11-021.5_rc1İsmail DönmezUpdate to version 1.5rc1
42005-11-011.5_beta2S.Çağlar OnurAdd preload support for rootfs 0.2
32005-10-141.5_beta2Bahadır KandemirUluzilla search plugin added.
22005-08-101.5_beta2S.Çağlar Onurfirefox-devel depens firefox
12005-08-101.5_beta2S.Çağlar OnurInitial import

Patches

mozconfig.patch
suse/firefox-appname.patch
suse/firefox-kde.patch
suse/firefox-browser-css.patch
suse/firefox-ui-lockdown.patch
suse/firefox-cross-desktop.patch
pardus/fix-kde-session.patch
pardus/as-needed.diff
pardus/fix-downloaddir-translation.diff
pardus/fix-double-turkish-option.diff
pardus/autoconf-213-hack.diff