# HG changeset patch # User zaitor@opensuse.org # Date 1506892424 -7200 # Node ID 84d25951c2dba31ece20aa3c341756506fb8dad3 # Parent 37c56dbf929fbb3b4a0bdeb0620df96b33d211a2 - Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), pkgconfig(gtk+-2.0), pkgconfig(gtk+-unix-print-2.0), pkgconfig(glib-2.0), pkgconfig(gobject-2.0) and pkgconfig(gdk-x11-2.0) BuildRequires, align with what configure looks for. diff -r 37c56dbf929f -r 84d25951c2db MozillaFirefox/MozillaFirefox.changes --- a/MozillaFirefox/MozillaFirefox.changes Thu Sep 21 14:01:15 2017 +0200 +++ b/MozillaFirefox/MozillaFirefox.changes Sun Oct 01 23:13:44 2017 +0200 @@ -1,11 +1,69 @@ ------------------------------------------------------------------- -Sun Sep 17 08:07:43 UTC 2017 - wr@rosenauer.org - -- update to Firefox 56.0b12 +Sat Sep 30 20:10:50 UTC 2017 - zaitor@opensuse.org + +- Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0), + pkgconfig(gtk+-2.0), pkgconfig(gtk+-unix-print-2.0), + pkgconfig(glib-2.0), pkgconfig(gobject-2.0) and + pkgconfig(gdk-x11-2.0) BuildRequires, align with what configure + looks for. + +------------------------------------------------------------------- +Thu Sep 28 08:28:29 UTC 2017 - wr@rosenauer.org + +- update to Firefox 56.0 (boo#1060445) + * Firefox Screenshots * Find Options/Preferences more quickly with new search function * Media is no longer auto-played when opened in a background tab * Enable CSS Grid Layout View + MFSA 2017-21 + * CVE-2017-7793 (bmo#1371889) + Use-after-free with Fetch API + * CVE-2017-7817 (bmo#1356596) (Android-only) + Firefox for Android address bar spoofing through fullscreen mode + * CVE-2017-7818 (bmo#1363723) + Use-after-free during ARIA array manipulation + * CVE-2017-7819 (bmo#1380292) + Use-after-free while resizing images in design mode + * CVE-2017-7824 (bmo#1398381) + Buffer overflow when drawing and validating elements with ANGLE + * CVE-2017-7805 (bmo#1377618) (fixed via NSS requirement) + Use-after-free in TLS 1.2 generating handshake hashes + * CVE-2017-7812 (bmo#1379842) + Drag and drop of malicious page content to the tab bar can open locally stored files + * CVE-2017-7814 (bmo#1376036) + Blob and data URLs bypass phishing and malware protection warnings + * CVE-2017-7813 (bmo#1383951) + Integer truncation in the JavaScript parser + * CVE-2017-7825 (bmo#1393624, bmo#1390980) (OSX-only) + OS X fonts render some Tibetan and Arabic unicode characters as spaces + * CVE-2017-7815 (bmo#1368981) + Spoofing attack with modal dialogs on non-e10s installations + * CVE-2017-7816 (bmo#1380597) + WebExtensions can load about: URLs in extension UI + * CVE-2017-7821 (bmo#1346515) + WebExtensions can download and open non-executable files without user interaction + * CVE-2017-7823 (bmo#1396320) + CSP sandbox directive did not create a unique origin + * CVE-2017-7822 (bmo#1368859) + WebCrypto allows AES-GCM with 0-length IV + * CVE-2017-7820 (bmo#1378207) + Xray wrapper bypass with new tab and web console + * CVE-2017-7811 + Memory safety bugs fixed in Firefox 56 + * CVE-2017-7810 + Memory safety bugs fixed in Firefox 56 and Firefox ESR 52.4 - requires NSPR 4.16 and NSS 3.32.1 +- rebased patches + +------------------------------------------------------------------- +Thu Sep 28 07:53:13 UTC 2017 - dimstar@opensuse.org + +- Add alsa-devel BuildRequires: we care for ALSA support to be + built and thus need to ensure we get the dependencies in place. + In the past, alsa-devel was pulled in by accident: we + buildrequire libgnome-devel. This required esound-devel and that + in turn pulled in alsa-devel for us. libgnome is being fixed to + no longer require esound-devel. ------------------------------------------------------------------- Mon Sep 4 18:27:44 UTC 2017 - wr@rosenauer.org diff -r 37c56dbf929f -r 84d25951c2db MozillaFirefox/MozillaFirefox.spec --- a/MozillaFirefox/MozillaFirefox.spec Thu Sep 21 14:01:15 2017 +0200 +++ b/MozillaFirefox/MozillaFirefox.spec Sun Oct 01 23:13:44 2017 +0200 @@ -16,20 +16,21 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # + # changed with every update %define major 56 %define mainver %major.0 %define update_channel release %define branding 1 -%define releasedate 20170918210324 +%define releasedate 20170926190823 # PIE, full relro (x86_64 for now) %define build_hardened 1 # Firefox only supports i686 %ifarch %ix86 -ExclusiveArch: i586 i686 -BuildArch: i686 +ExclusiveArch: i586 i686 +BuildArch: i686 %{expand:%%global optflags %(echo "%optflags"|sed -e s/i586/i686/) -march=i686 -mtune=generic} %endif @@ -54,6 +55,7 @@ Name: %{pkgname} BuildRequires: Mesa-devel +BuildRequires: alsa-devel BuildRequires: autoconf213 BuildRequires: dbus-1-glib-devel BuildRequires: fdupes @@ -62,9 +64,9 @@ %else BuildRequires: gcc-c++ %endif +BuildRequires: cargo BuildRequires: libXcomposite-devel BuildRequires: libcurl-devel -BuildRequires: libgnomeui-devel BuildRequires: libidl-devel BuildRequires: libiw-devel BuildRequires: libnotify-devel @@ -73,21 +75,24 @@ BuildRequires: mozilla-nspr-devel >= 4.16 BuildRequires: mozilla-nss-devel >= 3.32.1 BuildRequires: python-devel +BuildRequires: rust >= 1.15.1 +BuildRequires: rust-std BuildRequires: startup-notification-devel BuildRequires: unzip BuildRequires: update-desktop-files BuildRequires: xorg-x11-libXt-devel BuildRequires: yasm BuildRequires: zip -BuildRequires: pkgconfig(libpulse) -BuildRequires: pkgconfig(libffi) -BuildRequires: pkgconfig(glib-2.0) +BuildRequires: pkgconfig(gconf-2.0) +BuildRequires: pkgconfig(gdk-x11-2.0) +BuildRequires: pkgconfig(glib-2.0) >= 2.22 BuildRequires: pkgconfig(gobject-2.0) +BuildRequires: pkgconfig(gtk+-2.0) >= 2.18.0 BuildRequires: pkgconfig(gtk+-3.0) >= 3.4.0 +BuildRequires: pkgconfig(gtk+-unix-print-2.0) BuildRequires: pkgconfig(gtk+-unix-print-3.0) -BuildRequires: cargo -BuildRequires: rust >= 1.15.1 -BuildRequires: rust-std +BuildRequires: pkgconfig(libffi) +BuildRequires: pkgconfig(libpulse) #BuildRequires: llvm-clang-devel >= 3.9.0 # libavcodec is required for H.264 support but the # openSUSE version is currently not able to play H.264 diff -r 37c56dbf929f -r 84d25951c2db MozillaFirefox/create-tar.sh --- a/MozillaFirefox/create-tar.sh Thu Sep 21 14:01:15 2017 +0200 +++ b/MozillaFirefox/create-tar.sh Sun Oct 01 23:13:44 2017 +0200 @@ -7,7 +7,7 @@ CHANNEL="release" BRANCH="releases/mozilla-$CHANNEL" -RELEASE_TAG="2bb9e6526ce959abb5416e69226d4dac88851eda" # 56 build1 +RELEASE_TAG="8fbf05f4b92125e081984f5e39b559b83e5cc729" # 56 build6 VERSION="56.0" # mozilla