# HG changeset patch
# User Wolfgang Rosenauer <wr@rosenauer.org>
# Date 1449911171 -3600
# Node ID b94dace970c610d2e4f0058cba1378f10ea58470
# Parent  abc6cbf98a30b526d43c8a784f145b8ac5a3754d
38.4.0

diff -r abc6cbf98a30 -r b94dace970c6 MozillaFirefox/MozillaFirefox.changes
--- a/MozillaFirefox/MozillaFirefox.changes	Sat Aug 22 09:10:33 2015 +0200
+++ b/MozillaFirefox/MozillaFirefox.changes	Sat Dec 12 10:06:11 2015 +0100
@@ -1,7 +1,95 @@
 -------------------------------------------------------------------
+Fri Oct 30 21:31:52 UTC 2015 - wr@rosenauer.org
+
+- update to Firefox 38.4.0 (bnc#952810)
+  * MFSA 2015-116/CVE-2015-4513/CVE-2015-4514
+    Miscellaneous memory safety hazards
+  * MFSA 2015-122/CVE-2015-7188 (bmo#1199430)
+    Trailing whitespace in IP address hostnames can bypass same-origin policy
+  * MFSA 2015-123/CVE-2015-7189 (bmo#1205900)
+    Buffer overflow during image interactions in canvas
+  * MFSA 2015-127/CVE-2015-7193 (bmo#1210302)
+    CORS preflight is bypassed when non-standard Content-Type headers
+    are received
+  * MFSA 2015-128/CVE-2015-7194 (bmo#1211262)
+    Memory corruption in libjar through zip files
+  * MFSA 2015-130/CVE-2015-7196 (bmo#1140616)
+    JavaScript garbage collection crash with Java applet
+  * MFSA 2015-131/CVE-2015-7198/CVE-2015-7199/CVE-2015-7200
+    (bmo#1188010, bmo#1204061, bmo#1204155)
+    Vulnerabilities found through code inspection
+  * MFSA 2015-132/CVE-2015-7197 (bmo#1204269)
+    Mixed content WebSocket policy bypass through workers
+  * MFSA 2015-133/CVE-2015-7181/CVE-2015-7182/CVE-2015-7183
+    (bmo#1202868, bmo#1205157)
+    NSS and NSPR memory corruption issues
+    (fixed in mozilla-nspr and mozilla-nss packages)
+- requires NSPR 4.10.10 and NSS 3.19.2.1
+
+-------------------------------------------------------------------
+Tue Sep 22 07:01:24 UTC 2015 - wr@rosenauer.org
+
+- update to Firefox 38.3.0esr (bnc#947003)
+  * MFSA 2015-96/CVE-2015-4500
+    Miscellaneous memory safety hazards
+  * MFSA 2015-100/CVE-2015-4505 (bmo#1177861) (Windows only)
+    Arbitrary file manipulation by local user through Mozilla updater
+  * MFSA 2015-101/CVE-2015-4506 (bmo#1192226)
+    Buffer overflow in libvpx while parsing vp9 format video
+  * MFSA 2015-105/CVE-2015-4511 (bmo#1200148)
+    Buffer overflow while decoding WebM video
+  * MFSA 2015-106/CVE-2015-4509 (bmo#1198435)
+    Use-after-free while manipulating HTML media content
+  * MFSA 2015-110/CVE-2015-4519 (bmo#1189814)
+    Dragging and dropping images exposes final URL after redirects
+  * MFSA 2015-111/CVE-2015-4520 (bmo#1200856, bmo#1200869)
+    Errors in the handling of CORS preflight request headers
+  * MFSA 2015-112/CVE-2015-4517/CVE-2015-4521/CVE-2015-4522/
+    CVE-2015-7174/CVE-2015-7175/CVE-2015-7176/CVE-2015-7177/
+    CVE-2015-7180
+    Vulnerabilities found through code inspection
+  * MFSA 2015-113/CVE-2015-7178/CVE-2015-7179 (bmo#1189860,
+    bmo#1190526) (Windows only)
+    Memory safety errors in libGLES in the ANGLE graphics library
+
+-------------------------------------------------------------------
+Thu Aug 27 06:03:51 UTC 2015 - wr@rosenauer.org
+
+- update to Firefox 38.2.1 (bnc#943550)
+  * MFSA 2015-94/CVE-2015-4497 (bmo#1164766, bmo#1175278)
+    Use-after-free when resizing canvas element during restyling
+  * MFSA 2015-95/CVE-2015-4498 (bmo#1042699)
+    Add-on notification bypass through data URLs
+
+-------------------------------------------------------------------
 Mon Aug 10 16:40:17 UTC 2015 - wr@rosenauer.org
 
 - update to Firefox 38.2.0esr (bnc#940806)
+  * MFSA 2015-79/CVE-2015-4473
+    Miscellaneous memory safety hazards
+  * MFSA 2015-80/CVE-2015-4475 (bmo#1175396)
+    Out-of-bounds read with malformed MP3 file
+  * MFSA 2015-82/CVE-2015-4478 (bmo#1105914)
+    Redefinition of non-configurable JavaScript object properties
+  * MFSA 2015-83/CVE-2015-4479/CVE-2015-4480/CVE-2015-4493
+    Overflow issues in libstagefright
+  * MFSA 2015-84/CVE-2015-4481 (bmo1171518)
+    Arbitrary file overwriting through Mozilla Maintenance Service
+    with hard links (only affected Windows)
+  * MFSA 2015-85/CVE-2015-4482 (bmo#1184500)
+    Out-of-bounds write with Updater and malicious MAR file
+    (does not affect openSUSE RPM packages which do not ship the
+     updater)
+  * MFSA 2015-87/CVE-2015-4484 (bmo#1171540)
+    Crash when using shared memory in JavaScript
+  * MFSA 2015-88/CVE-2015-4491 (bmo#1184009)
+    Heap overflow in gdk-pixbuf when scaling bitmap images
+  * MFSA 2015-89/CVE-2015-4485/CVE-2015-4486 (bmo#1177948, bmo#1178148)
+    Buffer overflows on Libvpx when decoding WebM video
+  * MFSA 2015-90/CVE-2015-4487/CVE-2015-4488/CVE-2015-4489
+    Vulnerabilities found through code inspection
+  * MFSA 2015-92/CVE-2015-4492 (bmo#1185820)
+    Use-after-free in XMLHttpRequest with shared workers
 - rebased mozilla-repo.patch
 
 -------------------------------------------------------------------
diff -r abc6cbf98a30 -r b94dace970c6 MozillaFirefox/MozillaFirefox.spec
--- a/MozillaFirefox/MozillaFirefox.spec	Sat Aug 22 09:10:33 2015 +0200
+++ b/MozillaFirefox/MozillaFirefox.spec	Sat Dec 12 10:06:11 2015 +0100
@@ -19,9 +19,9 @@
 
 # changed with every update
 %define major 38
-%define mainver %major.2.0
+%define mainver %major.4.0
 %define update_channel esr38
-%define releasedate 2015080900
+%define releasedate 2015102700
 
 # general build definitions
 %if "%{update_channel}" != "aurora"
@@ -76,8 +76,8 @@
 BuildRequires:  libnotify-devel
 BuildRequires:  libproxy-devel
 BuildRequires:  makeinfo
-BuildRequires:  mozilla-nspr-devel >= 4.10.8
-BuildRequires:  mozilla-nss-devel >= 3.19.2
+BuildRequires:  mozilla-nspr-devel >= 4.10.10
+BuildRequires:  mozilla-nss-devel >= 3.19.2.1
 BuildRequires:  nss-shared-helper-devel
 BuildRequires:  python-devel
 BuildRequires:  startup-notification-devel
diff -r abc6cbf98a30 -r b94dace970c6 MozillaFirefox/create-tar.sh
--- a/MozillaFirefox/create-tar.sh	Sat Aug 22 09:10:33 2015 +0200
+++ b/MozillaFirefox/create-tar.sh	Sat Dec 12 10:06:11 2015 +0100
@@ -2,8 +2,8 @@
 
 CHANNEL="esr38"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_38_2_0esr_RELEASE"
-VERSION="38.2.0"
+RELEASE_TAG="FIREFOX_38_4_0esr_RELEASE"
+VERSION="38.4.0"
 
 # mozilla
 if [ -d mozilla ]; then
diff -r abc6cbf98a30 -r b94dace970c6 MozillaFirefox/firefox-esr.changes
--- a/MozillaFirefox/firefox-esr.changes	Sat Aug 22 09:10:33 2015 +0200
+++ b/MozillaFirefox/firefox-esr.changes	Sat Dec 12 10:06:11 2015 +0100
@@ -1,7 +1,95 @@
 -------------------------------------------------------------------
+Fri Oct 30 21:31:52 UTC 2015 - wr@rosenauer.org
+
+- update to Firefox 38.4.0 (bnc#952810)
+  * MFSA 2015-116/CVE-2015-4513/CVE-2015-4514
+    Miscellaneous memory safety hazards
+  * MFSA 2015-122/CVE-2015-7188 (bmo#1199430)
+    Trailing whitespace in IP address hostnames can bypass same-origin policy
+  * MFSA 2015-123/CVE-2015-7189 (bmo#1205900)
+    Buffer overflow during image interactions in canvas
+  * MFSA 2015-127/CVE-2015-7193 (bmo#1210302)
+    CORS preflight is bypassed when non-standard Content-Type headers
+    are received
+  * MFSA 2015-128/CVE-2015-7194 (bmo#1211262)
+    Memory corruption in libjar through zip files
+  * MFSA 2015-130/CVE-2015-7196 (bmo#1140616)
+    JavaScript garbage collection crash with Java applet
+  * MFSA 2015-131/CVE-2015-7198/CVE-2015-7199/CVE-2015-7200
+    (bmo#1188010, bmo#1204061, bmo#1204155)
+    Vulnerabilities found through code inspection
+  * MFSA 2015-132/CVE-2015-7197 (bmo#1204269)
+    Mixed content WebSocket policy bypass through workers
+  * MFSA 2015-133/CVE-2015-7181/CVE-2015-7182/CVE-2015-7183
+    (bmo#1202868, bmo#1205157)
+    NSS and NSPR memory corruption issues
+    (fixed in mozilla-nspr and mozilla-nss packages)
+- requires NSPR 4.10.10 and NSS 3.19.2.1
+
+-------------------------------------------------------------------
+Tue Sep 22 07:01:24 UTC 2015 - wr@rosenauer.org
+
+- update to Firefox 38.3.0esr (bnc#947003)
+  * MFSA 2015-96/CVE-2015-4500
+    Miscellaneous memory safety hazards
+  * MFSA 2015-100/CVE-2015-4505 (bmo#1177861) (Windows only)
+    Arbitrary file manipulation by local user through Mozilla updater
+  * MFSA 2015-101/CVE-2015-4506 (bmo#1192226)
+    Buffer overflow in libvpx while parsing vp9 format video
+  * MFSA 2015-105/CVE-2015-4511 (bmo#1200148)
+    Buffer overflow while decoding WebM video
+  * MFSA 2015-106/CVE-2015-4509 (bmo#1198435)
+    Use-after-free while manipulating HTML media content
+  * MFSA 2015-110/CVE-2015-4519 (bmo#1189814)
+    Dragging and dropping images exposes final URL after redirects
+  * MFSA 2015-111/CVE-2015-4520 (bmo#1200856, bmo#1200869)
+    Errors in the handling of CORS preflight request headers
+  * MFSA 2015-112/CVE-2015-4517/CVE-2015-4521/CVE-2015-4522/
+    CVE-2015-7174/CVE-2015-7175/CVE-2015-7176/CVE-2015-7177/
+    CVE-2015-7180
+    Vulnerabilities found through code inspection
+  * MFSA 2015-113/CVE-2015-7178/CVE-2015-7179 (bmo#1189860,
+    bmo#1190526) (Windows only)
+    Memory safety errors in libGLES in the ANGLE graphics library
+
+-------------------------------------------------------------------
+Thu Aug 27 06:03:51 UTC 2015 - wr@rosenauer.org
+
+- update to Firefox 38.2.1 (bnc#943550)
+  * MFSA 2015-94/CVE-2015-4497 (bmo#1164766, bmo#1175278)
+    Use-after-free when resizing canvas element during restyling
+  * MFSA 2015-95/CVE-2015-4498 (bmo#1042699)
+    Add-on notification bypass through data URLs
+
+-------------------------------------------------------------------
 Mon Aug 10 16:40:17 UTC 2015 - wr@rosenauer.org
 
 - update to Firefox 38.2.0esr (bnc#940806)
+  * MFSA 2015-79/CVE-2015-4473
+    Miscellaneous memory safety hazards
+  * MFSA 2015-80/CVE-2015-4475 (bmo#1175396)
+    Out-of-bounds read with malformed MP3 file
+  * MFSA 2015-82/CVE-2015-4478 (bmo#1105914)
+    Redefinition of non-configurable JavaScript object properties
+  * MFSA 2015-83/CVE-2015-4479/CVE-2015-4480/CVE-2015-4493
+    Overflow issues in libstagefright
+  * MFSA 2015-84/CVE-2015-4481 (bmo1171518)
+    Arbitrary file overwriting through Mozilla Maintenance Service
+    with hard links (only affected Windows)
+  * MFSA 2015-85/CVE-2015-4482 (bmo#1184500)
+    Out-of-bounds write with Updater and malicious MAR file
+    (does not affect openSUSE RPM packages which do not ship the
+     updater)
+  * MFSA 2015-87/CVE-2015-4484 (bmo#1171540)
+    Crash when using shared memory in JavaScript
+  * MFSA 2015-88/CVE-2015-4491 (bmo#1184009)
+    Heap overflow in gdk-pixbuf when scaling bitmap images
+  * MFSA 2015-89/CVE-2015-4485/CVE-2015-4486 (bmo#1177948, bmo#1178148)
+    Buffer overflows on Libvpx when decoding WebM video
+  * MFSA 2015-90/CVE-2015-4487/CVE-2015-4488/CVE-2015-4489
+    Vulnerabilities found through code inspection
+  * MFSA 2015-92/CVE-2015-4492 (bmo#1185820)
+    Use-after-free in XMLHttpRequest with shared workers
 - rebased mozilla-repo.patch
 
 -------------------------------------------------------------------
diff -r abc6cbf98a30 -r b94dace970c6 MozillaFirefox/firefox-esr.spec
--- a/MozillaFirefox/firefox-esr.spec	Sat Aug 22 09:10:33 2015 +0200
+++ b/MozillaFirefox/firefox-esr.spec	Sat Dec 12 10:06:11 2015 +0100
@@ -19,9 +19,9 @@
 
 # changed with every update
 %define major 38
-%define mainver %major.2.0
+%define mainver %major.4.0
 %define update_channel esr38
-%define releasedate 2015080900
+%define releasedate 2015102700
 
 # general build definitions
 %if "%{update_channel}" != "aurora"
@@ -76,8 +76,8 @@
 BuildRequires:  libnotify-devel
 BuildRequires:  libproxy-devel
 BuildRequires:  makeinfo
-BuildRequires:  mozilla-nspr-devel >= 4.10.8
-BuildRequires:  mozilla-nss-devel >= 3.19.2
+BuildRequires:  mozilla-nspr-devel >= 4.10.10
+BuildRequires:  mozilla-nss-devel >= 3.19.2.1
 BuildRequires:  nss-shared-helper-devel
 BuildRequires:  python-devel
 BuildRequires:  startup-notification-devel
diff -r abc6cbf98a30 -r b94dace970c6 mozilla-kde.patch
--- a/mozilla-kde.patch	Sat Aug 22 09:10:33 2015 +0200
+++ b/mozilla-kde.patch	Sat Dec 12 10:06:11 2015 +0100
@@ -1,5 +1,5 @@
 # HG changeset patch
-# Parent  214f99f3ce4f1f8ae9b3d18da44e5d66b3105663
+# Parent  879df970cffe74db62f72f5b815b559dab63418a
 Description: Add KDE integration to Firefox (toolkit parts)
 Author: Wolfgang Rosenauer <wolfgang@rosenauer.org>
 Author: Lubos Lunak <lunak@suse.com>
@@ -3148,11 +3148,11 @@
  using namespace mozilla;
  
  #define MAX_PREVIEW_SIZE 180
+ // bug 1184009
+ #define MAX_PREVIEW_SOURCE_SIZE 4096
  
  nsIFile *nsFilePicker::mPrevDisplayDirectory = nullptr;
- 
- void
-@@ -238,17 +240,19 @@ nsFilePicker::AppendFilters(int32_t aFil
+@@ -243,17 +245,19 @@ nsFilePicker::AppendFilters(int32_t aFil
    return nsBaseFilePicker::AppendFilters(aFilterMask);
  }
  
@@ -3173,7 +3173,7 @@
  
    mFilters.AppendElement(filter);
    mFilterNames.AppendElement(name);
-@@ -363,16 +367,32 @@ nsFilePicker::Show(int16_t *aReturn)
+@@ -368,16 +372,32 @@ nsFilePicker::Show(int16_t *aReturn)
  
  NS_IMETHODIMP
  nsFilePicker::Open(nsIFilePickerShownCallback *aCallback)
@@ -3206,7 +3206,7 @@
  
    GtkFileChooserAction action = GetGtkFileChooserAction(mMode);
    const gchar *accept_button = (action == GTK_FILE_CHOOSER_ACTION_SAVE)
-@@ -551,8 +571,235 @@ nsFilePicker::Done(GtkWidget* file_choos
+@@ -556,8 +576,235 @@ nsFilePicker::Done(GtkWidget* file_choos
    if (mCallback) {
      mCallback->Done(result);
      mCallback = nullptr;
diff -r abc6cbf98a30 -r b94dace970c6 xulrunner/create-tar.sh
--- a/xulrunner/create-tar.sh	Sat Aug 22 09:10:33 2015 +0200
+++ b/xulrunner/create-tar.sh	Sat Dec 12 10:06:11 2015 +0100
@@ -2,8 +2,8 @@
 
 CHANNEL="esr38"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_38_2_0esr_RELEASE"
-VERSION="38.2.0"
+RELEASE_TAG="FIREFOX_38_4_0esr_RELEASE"
+VERSION="38.4.0"
 
 # mozilla
 if [ -d mozilla ]; then
diff -r abc6cbf98a30 -r b94dace970c6 xulrunner/xulrunner.changes
--- a/xulrunner/xulrunner.changes	Sat Aug 22 09:10:33 2015 +0200
+++ b/xulrunner/xulrunner.changes	Sat Dec 12 10:06:11 2015 +0100
@@ -1,3 +1,57 @@
+-------------------------------------------------------------------
+Sat Oct 31 09:32:17 UTC 2015 - wr@rosenauer.org
+
+- update to xulrunner 38.4.0 (bnc#952810)
+  * MFSA 2015-116/CVE-2015-4513/CVE-2015-4514
+    Miscellaneous memory safety hazards
+  * MFSA 2015-122/CVE-2015-7188 (bmo#1199430)
+    Trailing whitespace in IP address hostnames can bypass same-origin policy
+  * MFSA 2015-123/CVE-2015-7189 (bmo#1205900)
+    Buffer overflow during image interactions in canvas
+  * MFSA 2015-127/CVE-2015-7193 (bmo#1210302)
+    CORS preflight is bypassed when non-standard Content-Type headers
+    are received
+  * MFSA 2015-128/CVE-2015-7194 (bmo#1211262)
+    Memory corruption in libjar through zip files
+  * MFSA 2015-130/CVE-2015-7196 (bmo#1140616)
+    JavaScript garbage collection crash with Java applet
+  * MFSA 2015-131/CVE-2015-7198/CVE-2015-7199/CVE-2015-7200
+    (bmo#1188010, bmo#1204061, bmo#1204155)
+    Vulnerabilities found through code inspection
+  * MFSA 2015-132/CVE-2015-7197 (bmo#1204269)
+    Mixed content WebSocket policy bypass through workers
+  * MFSA 2015-133/CVE-2015-7181/CVE-2015-7182/CVE-2015-7183
+    (bmo#1202868, bmo#1205157)
+    NSS and NSPR memory corruption issues
+    (fixed in mozilla-nspr and mozilla-nss packages)
+- requires NSPR 4.10.10 and NSS 3.19.2.1
+
+-------------------------------------------------------------------
+Wed Sep 23 05:47:20 UTC 2015 - wr@rosenauer.org
+
+- update to xulrunner 38.3.0 (bnc#947003)
+  * MFSA 2015-96/CVE-2015-4500
+    Miscellaneous memory safety hazards
+  * MFSA 2015-100/CVE-2015-4505 (bmo#1177861) (Windows only)
+    Arbitrary file manipulation by local user through Mozilla updater
+  * MFSA 2015-101/CVE-2015-4506 (bmo#1192226)
+    Buffer overflow in libvpx while parsing vp9 format video
+  * MFSA 2015-105/CVE-2015-4511 (bmo#1200148)
+    Buffer overflow while decoding WebM video
+  * MFSA 2015-106/CVE-2015-4509 (bmo#1198435)
+    Use-after-free while manipulating HTML media content
+  * MFSA 2015-110/CVE-2015-4519 (bmo#1189814)
+    Dragging and dropping images exposes final URL after redirects
+  * MFSA 2015-111/CVE-2015-4520 (bmo#1200856, bmo#1200869)
+    Errors in the handling of CORS preflight request headers
+  * MFSA 2015-112/CVE-2015-4517/CVE-2015-4521/CVE-2015-4522/
+    CVE-2015-7174/CVE-2015-7175/CVE-2015-7176/CVE-2015-7177/
+    CVE-2015-7180
+    Vulnerabilities found through code inspection
+  * MFSA 2015-113/CVE-2015-7178/CVE-2015-7179 (bmo#1189860,
+    bmo#1190526) (Windows only)
+    Memory safety errors in libGLES in the ANGLE graphics library
+
 -------------------------------------------------------------------
 Mon Aug 10 16:40:17 UTC 2015 - wr@rosenauer.org
 
diff -r abc6cbf98a30 -r b94dace970c6 xulrunner/xulrunner.spec
--- a/xulrunner/xulrunner.spec	Sat Aug 22 09:10:33 2015 +0200
+++ b/xulrunner/xulrunner.spec	Sat Dec 12 10:06:11 2015 +0100
@@ -17,10 +17,10 @@
 #
 
 
-%define version_internal 38.2.0
+%define version_internal 38.4.0
 %define apiversion 38
-%define uaweight 3820000
-%define releasedate 2015080900
+%define uaweight 3840000
+%define releasedate 2015102700
 %define shared_js 0
 %define has_system_nspr  1
 %define has_system_nss   1
@@ -67,8 +67,8 @@
 %else
 BuildRequires:  wireless-tools
 %endif
-BuildRequires:  mozilla-nspr-devel >= 4.10.8
-BuildRequires:  mozilla-nss-devel >= 3.19.2
+BuildRequires:  mozilla-nspr-devel >= 4.10.10
+BuildRequires:  mozilla-nss-devel >= 3.19.2.1
 BuildRequires:  pkgconfig(libpulse)
 %if %suse_version > 1210
 BuildRequires:  pkgconfig(gstreamer-%gstreamer_ver)