# HG changeset patch
# User Wolfgang Rosenauer <wr@rosenauer.org>
# Date 1363442751 -3600
# Node ID b83636a2646609a385654bb2be934b11af464120
# Parent  95b8784f9466d188467b6e331179143ae471b0c7
update to 17.0.4
fix 11.2-i586 build using lower optimization
added OBS constraints

diff -r 95b8784f9466 -r b83636a26466 MozillaFirefox/_constraints
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/MozillaFirefox/_constraints	Sat Mar 16 15:05:51 2013 +0100
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<constraints>
+  <hardware>
+    <disk>
+      <size unit="G">9</size>
+    </disk>
+    <memory>
+      <size unit="M">2500</size>
+    </memory>
+  </hardware>
+</constraints>
diff -r 95b8784f9466 -r b83636a26466 MozillaFirefox/create-tar.sh
--- a/MozillaFirefox/create-tar.sh	Sun Jan 06 18:41:42 2013 +0100
+++ b/MozillaFirefox/create-tar.sh	Sat Mar 16 15:05:51 2013 +0100
@@ -2,8 +2,8 @@
 
 CHANNEL="esr17"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_17_0_2esr_RELEASE"
-VERSION="17.0.2"
+RELEASE_TAG="FIREFOX_17_0_4esr_RELEASE"
+VERSION="17.0.4"
 
 # mozilla
 echo "cloning $BRANCH..."
diff -r 95b8784f9466 -r b83636a26466 MozillaFirefox/firefox-esr.changes
--- a/MozillaFirefox/firefox-esr.changes	Sun Jan 06 18:41:42 2013 +0100
+++ b/MozillaFirefox/firefox-esr.changes	Sat Mar 16 15:05:51 2013 +0100
@@ -1,7 +1,70 @@
 -------------------------------------------------------------------
+Fri Mar  8 08:36:26 UTC 2013 - wr@rosenauer.org
+
+- update to Firefox 17.0.4 (bnc#808243)
+  * MFSA 2013-29/CVE-2013-0787 (bmo#848644)
+    Use-after-free in HTML Editor
+
+-------------------------------------------------------------------
+Sat Feb 16 17:16:35 UTC 2013 - wr@rosenauer.org
+
+- update to Firefox 17.0.3esr (bnc#804248)
+  * MFSA 2013-21/CVE-2013-0783
+    Miscellaneous memory safety hazards
+  * MFSA 2013-24/CVE-2013-0773 (bmo#809652)
+    Web content bypass of COW and SOW security wrappers
+  * MFSA 2013-25/CVE-2013-0774 (bmo#827193)
+    Privacy leak in JavaScript Workers
+  * MFSA 2013-26/CVE-2013-0775 (bmo#831095)
+    Use-after-free in nsImageLoadingContent
+  * MFSA 2013-27/CVE-2013-0776 (bmo#796475)
+    Phishing on HTTPS connection through malicious proxy
+  * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782
+    Use-after-free, out of bounds read, and buffer overflow issues
+    found using Address Sanitizer
+
+-------------------------------------------------------------------
 Sat Jan  5 14:42:07 UTC 2013 - wr@rosenauer.org
 
 - update to Firefox 17.0.2esr (bnc#796895)
+  * MFSA 2013-01/CVE-2013-0749/CVE-2013-0769/CVE-2013-0770
+    Miscellaneous memory safety hazards
+  * MFSA 2013-02/CVE-2013-0760/CVE-2013-0762/CVE-2013-0766/CVE-2013-0767
+    CVE-2013-0761/CVE-2013-0763/CVE-2013-0771/CVE-2012-5829
+    Use-after-free and buffer overflow issues found using Address Sanitizer
+  * MFSA 2013-03/CVE-2013-0768 (bmo#815795)
+    Buffer Overflow in Canvas
+  * MFSA 2013-04/CVE-2012-0759 (bmo#802026)
+    URL spoofing in addressbar during page loads
+  * MFSA 2013-05/CVE-2013-0744 (bmo#814713)
+    Use-after-free when displaying table with many columns and column groups
+  * MFSA 2013-07/CVE-2013-0764 (bmo#804237)
+    Crash due to handling of SSL on threads
+  * MFSA 2013-08/CVE-2013-0745 (bmo#794158)
+    AutoWrapperChanger fails to keep objects alive during garbage collection
+  * MFSA 2013-09/CVE-2013-0746 (bmo#816842)
+    Compartment mismatch with quickstubs returned values
+  * MFSA 2013-10/CVE-2013-0747 (bmo#733305)
+    Event manipulation in plugin handler to bypass same-origin policy
+  * MFSA 2013-11/CVE-2013-0748 (bmo#806031)
+    Address space layout leaked in XBL objects
+  * MFSA 2013-12/CVE-2013-0750 (bmo#805121)
+    Buffer overflow in Javascript string concatenation
+  * MFSA 2013-13/CVE-2013-0752 (bmo#805024)
+    Memory corruption in XBL with XML bindings containing SVG
+  * MFSA 2013-14/CVE-2013-0757 (bmo#813901)
+    Chrome Object Wrapper (COW) bypass through changing prototype
+  * MFSA 2013-15/CVE-2013-0758 (bmo#813906)
+    Privilege escalation through plugin objects
+  * MFSA 2013-16/CVE-2013-0753 (bmo#814001)
+    Use-after-free in serializeToStream
+  * MFSA 2013-17/CVE-2013-0754 (bmo#814026)
+    Use-after-free in ListenerManager
+  * MFSA 2013-18/CVE-2013-0755 (bmo#814027)
+    Use-after-free in Vibrate
+  * MFSA 2013-19/CVE-2013-0756 (bmo#814029)
+    Use-after-free in Javascript Proxy objects
+- requires NSS 3.14.1 (MFSA 2013-20, CVE-2013-0743)
 
 -------------------------------------------------------------------
 Thu Nov 29 20:13:39 UTC 2012 - wr@rosenauer.org
diff -r 95b8784f9466 -r b83636a26466 MozillaFirefox/firefox-esr.spec
--- a/MozillaFirefox/firefox-esr.spec	Sun Jan 06 18:41:42 2013 +0100
+++ b/MozillaFirefox/firefox-esr.spec	Sat Mar 16 15:05:51 2013 +0100
@@ -1,8 +1,8 @@
 #
 # spec file for package firefox-esr
 #
-# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
-#               2006-2012 Wolfgang Rosenauer
+# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
+#               2006-2013 Wolfgang Rosenauer
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -18,7 +18,7 @@
 
 
 %define major 17
-%define mainver %major.0.2
+%define mainver %major.0.4
 %define update_channel release
 
 Name:           firefox-esr
@@ -54,7 +54,7 @@
 %endif
 Version:        %{mainver}
 Release:        0
-%define         releasedate 2013010500
+%define         releasedate 2013030700
 Provides:       firefox-esr = %{mainver}
 Provides:       web_browser
 Provides:       browser(npapi)
@@ -105,6 +105,7 @@
 Patch13:        mozilla-gstreamer.patch
 Patch14:        mozilla-ppc.patch
 Patch15:        mozilla-gstreamer-760140.patch
+Patch16:        mozilla-deoptimize.patch
 # SLE11 patches
 Patch20:        mozilla-gcc43-enums.patch
 Patch21:        mozilla-gcc43-template_hacks.patch
@@ -247,8 +248,13 @@
 %patch13 -p1
 %patch14 -p1
 %patch15 -p1
+%if %suse_version == 1120
+%ifarch %x86
+%patch16 -p1
+%endif
+%endif
 # SLE patches
-%if %suse_version <= 1110
+%if %suse_version <= 1120
 %patch20 -p1
 %patch21 -p1
 %patch22 -p1
@@ -286,6 +292,11 @@
 export BUILD_OFFICIAL=1
 export MOZ_TELEMETRY_REPORTING=1
 export CFLAGS="$RPM_OPT_FLAGS -Os -fno-strict-aliasing"
+%if %suse_version == 1120
+%ifarch %x86
+export CFLAGS="$RPM_OPT_FLAGS -O1 -fno-strict-aliasing"
+%endif
+%endif
 %ifarch ppc64
 export CFLAGS="$CFLAGS -mminimal-toc"
 %endif
diff -r 95b8784f9466 -r b83636a26466 MozillaFirefox/mozilla-deoptimize.patch
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/MozillaFirefox/mozilla-deoptimize.patch	Sat Mar 16 15:05:51 2013 +0100
@@ -0,0 +1,1 @@
+../mozilla-deoptimize.patch
\ No newline at end of file
diff -r 95b8784f9466 -r b83636a26466 mozilla-deoptimize.patch
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/mozilla-deoptimize.patch	Sat Mar 16 15:05:51 2013 +0100
@@ -0,0 +1,46 @@
+Decrease optimization level for 11.2-i586 otherwise xpcshell is crashing during build
+
+diff --git a/configure.in b/configure.in
+--- a/configure.in
++++ b/configure.in
+@@ -2051,17 +2051,17 @@ ia64*-hpux*)
+     elif test "$GNU_CC" -o "$GNU_CXX"; then
+         GCC_VERSION=`$CC -v 2>&1 | awk '/^gcc version/ { print $3 }'`
+         case $GCC_VERSION in
+         4.1.*|4.2.*|4.5.*)
+             # -Os is broken on gcc 4.1.x 4.2.x, 4.5.x we need to tweak it to get good results.
+             MOZ_OPTIMIZE_SIZE_TWEAK="-finline-limit=50"
+         esac
+         MOZ_PGO_OPTIMIZE_FLAGS="-O3"
+-        MOZ_OPTIMIZE_FLAGS="-Os -freorder-blocks $MOZ_OPTIMIZE_SIZE_TWEAK"
++        MOZ_OPTIMIZE_FLAGS="-O1 -freorder-blocks $MOZ_OPTIMIZE_SIZE_TWEAK"
+         MOZ_DEBUG_FLAGS="-g"
+     fi
+ 
+     TARGET_NSPR_MDCPUCFG='\"md/_linux.cfg\"'
+ 
+     MOZ_MEMORY=1
+ 
+     case "${target_cpu}" in
+diff --git a/js/src/configure.in b/js/src/configure.in
+--- a/js/src/configure.in
++++ b/js/src/configure.in
+@@ -1679,17 +1679,17 @@ ia64*-hpux*)
+     elif test "$GNU_CC" -o "$GNU_CXX"; then
+         GCC_VERSION=`$CC -v 2>&1 | awk '/^gcc version/ { print $3 }'`
+         case $GCC_VERSION in
+         4.1.*|4.2.*|4.5.*)
+             # -Os is broken on gcc 4.1.x 4.2.x, 4.5.x we need to tweak it to get good results.
+             MOZ_OPTIMIZE_SIZE_TWEAK="-finline-limit=50"
+         esac
+         MOZ_PGO_OPTIMIZE_FLAGS="-O3"
+-        MOZ_OPTIMIZE_FLAGS="-O3 -freorder-blocks $MOZ_OPTIMIZE_SIZE_TWEAK"
++        MOZ_OPTIMIZE_FLAGS="-O1 -freorder-blocks $MOZ_OPTIMIZE_SIZE_TWEAK"
+         MOZ_DEBUG_FLAGS="-g"
+     fi
+ 
+     TARGET_NSPR_MDCPUCFG='\"md/_linux.cfg\"'
+ 
+     case "${target_cpu}" in
+     alpha*)
+     	CFLAGS="$CFLAGS -mieee"
diff -r 95b8784f9466 -r b83636a26466 series
--- a/series	Sun Jan 06 18:41:42 2013 +0100
+++ b/series	Sat Mar 16 15:05:51 2013 +0100
@@ -18,6 +18,7 @@
 mozilla-gstreamer-760140.patch
 mozilla-ppc.patch
 mozilla-idldir.patch
+mozilla-deoptimize.patch
 mozilla-gcc43-enums.patch
 mozilla-gcc43-template_hacks.patch
 mozilla-gcc43-templates_instantiation.patch
diff -r 95b8784f9466 -r b83636a26466 xulrunner/create-tar.sh
--- a/xulrunner/create-tar.sh	Sun Jan 06 18:41:42 2013 +0100
+++ b/xulrunner/create-tar.sh	Sat Mar 16 15:05:51 2013 +0100
@@ -2,8 +2,8 @@
 
 CHANNEL="esr17"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_17_0_2esr_RELEASE"
-VERSION="17.0.2"
+RELEASE_TAG="FIREFOX_17_0_3esr_RELEASE"
+VERSION="17.0.3"
 
 # mozilla
 echo "cloning $BRANCH..."
diff -r 95b8784f9466 -r b83636a26466 xulrunner/xulrunner-esr.changes
--- a/xulrunner/xulrunner-esr.changes	Sun Jan 06 18:41:42 2013 +0100
+++ b/xulrunner/xulrunner-esr.changes	Sat Mar 16 15:05:51 2013 +0100
@@ -1,7 +1,70 @@
+-------------------------------------------------------------------
+Fri Mar  8 09:00:09 UTC 2013 - wr@rosenauer.org
+
+- update to 17.0.4esr (bnc#808243)
+  * MFSA 2013-29/CVE-2013-0787 (bmo#848644)
+    Use-after-free in HTML Editor
+
+-------------------------------------------------------------------
+Sat Feb 16 17:38:21 UTC 2013 - wr@rosenauer.org
+
+- update to 17.0.3esr (bnc#804248)
+  * MFSA 2013-21/CVE-2013-0783
+    Miscellaneous memory safety hazards
+  * MFSA 2013-24/CVE-2013-0773 (bmo#809652)
+    Web content bypass of COW and SOW security wrappers
+  * MFSA 2013-25/CVE-2013-0774 (bmo#827193)
+    Privacy leak in JavaScript Workers
+  * MFSA 2013-26/CVE-2013-0775 (bmo#831095)
+    Use-after-free in nsImageLoadingContent
+  * MFSA 2013-27/CVE-2013-0776 (bmo#796475)
+    Phishing on HTTPS connection through malicious proxy
+  * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782
+    Use-after-free, out of bounds read, and buffer overflow issues
+    found using Address Sanitizer
+
 -------------------------------------------------------------------
 Sat Jan  5 14:46:06 UTC 2013 - wr@rosenauer.org
 
 - update to 17.0.2esr (bnc#796895)
+  * MFSA 2013-01/CVE-2013-0749/CVE-2013-0769/CVE-2013-0770
+    Miscellaneous memory safety hazards
+  * MFSA 2013-02/CVE-2013-0760/CVE-2013-0762/CVE-2013-0766/CVE-2013-0767
+    CVE-2013-0761/CVE-2013-0763/CVE-2013-0771/CVE-2012-5829
+    Use-after-free and buffer overflow issues found using Address Sanitizer
+  * MFSA 2013-03/CVE-2013-0768 (bmo#815795)
+    Buffer Overflow in Canvas
+  * MFSA 2013-04/CVE-2012-0759 (bmo#802026)
+    URL spoofing in addressbar during page loads
+  * MFSA 2013-05/CVE-2013-0744 (bmo#814713)
+    Use-after-free when displaying table with many columns and column groups
+  * MFSA 2013-07/CVE-2013-0764 (bmo#804237)
+    Crash due to handling of SSL on threads
+  * MFSA 2013-08/CVE-2013-0745 (bmo#794158)
+    AutoWrapperChanger fails to keep objects alive during garbage collection
+  * MFSA 2013-09/CVE-2013-0746 (bmo#816842)
+    Compartment mismatch with quickstubs returned values
+  * MFSA 2013-10/CVE-2013-0747 (bmo#733305)
+    Event manipulation in plugin handler to bypass same-origin policy
+  * MFSA 2013-11/CVE-2013-0748 (bmo#806031)
+    Address space layout leaked in XBL objects
+  * MFSA 2013-12/CVE-2013-0750 (bmo#805121)
+    Buffer overflow in Javascript string concatenation
+  * MFSA 2013-13/CVE-2013-0752 (bmo#805024)
+    Memory corruption in XBL with XML bindings containing SVG
+  * MFSA 2013-14/CVE-2013-0757 (bmo#813901)
+    Chrome Object Wrapper (COW) bypass through changing prototype
+  * MFSA 2013-15/CVE-2013-0758 (bmo#813906)
+    Privilege escalation through plugin objects
+  * MFSA 2013-16/CVE-2013-0753 (bmo#814001)
+    Use-after-free in serializeToStream
+  * MFSA 2013-17/CVE-2013-0754 (bmo#814026)
+    Use-after-free in ListenerManager
+  * MFSA 2013-18/CVE-2013-0755 (bmo#814027)
+    Use-after-free in Vibrate
+  * MFSA 2013-19/CVE-2013-0756 (bmo#814029)
+    Use-after-free in Javascript Proxy objects
+- requires NSS 3.14.1 (MFSA 2013-20, CVE-2013-0743)
 
 -------------------------------------------------------------------
 Thu Nov 29 20:15:37 UTC 2012 - wr@rosenauer.org
diff -r 95b8784f9466 -r b83636a26466 xulrunner/xulrunner-esr.spec
--- a/xulrunner/xulrunner-esr.spec	Sun Jan 06 18:41:42 2013 +0100
+++ b/xulrunner/xulrunner-esr.spec	Sat Mar 16 15:05:51 2013 +0100
@@ -1,8 +1,8 @@
 #
 # spec file for package xulrunner-esr
 #
-# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
-#               2006-2012 Wolfgang Rosenauer
+# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
+#               2006-2013 Wolfgang Rosenauer
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -44,12 +44,12 @@
 %endif
 BuildRequires:  mozilla-nspr-devel >= 4.9.4
 BuildRequires:  mozilla-nss-devel >= 3.14.1
-Version:        17.0.2
+Version:        17.0.4
 Release:        0
-%define         releasedate 2013010500
-%define         version_internal 17.0.2
+%define         releasedate 2013030700
+%define         version_internal 17.0.4
 %define         apiversion 17
-%define         uaweight 1700002
+%define         uaweight 1700004
 Summary:        Mozilla Runtime Environment
 License:        MPL-2.0
 Group:          Productivity/Other