--- a/MozillaFirefox/MozillaFirefox.changes Wed Sep 20 21:52:01 2017 +0200
+++ b/MozillaFirefox/MozillaFirefox.changes Mon Oct 02 22:24:46 2017 +0200
@@ -1,11 +1,81 @@
-------------------------------------------------------------------
-Sun Sep 17 08:07:43 UTC 2017 - wr@rosenauer.org
-
-- update to Firefox 56.0b12
+Mon Oct 2 19:57:40 UTC 2017 - wr@rosenauer.org
+
+- enable stylo for TW (requires LLVM >= 3.9)
+
+-------------------------------------------------------------------
+Sun Oct 1 18:25:16 UTC 2017 - stefan.bruens@rwth-aachen.de
+
+- Correct plugin directory for aarch64 (boo#1061207). The wrapper
+ script was not detecting aarch64 as a 64 bit architecture, thus
+ used /usr/lib/browser-plugins/.
+
+-------------------------------------------------------------------
+Sat Sep 30 20:10:50 UTC 2017 - zaitor@opensuse.org
+
+- Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0),
+ pkgconfig(gtk+-2.0), pkgconfig(gtk+-unix-print-2.0),
+ pkgconfig(glib-2.0), pkgconfig(gobject-2.0) and
+ pkgconfig(gdk-x11-2.0) BuildRequires, align with what configure
+ looks for.
+
+-------------------------------------------------------------------
+Thu Sep 28 08:28:29 UTC 2017 - wr@rosenauer.org
+
+- update to Firefox 56.0 (boo#1060445)
+ * Firefox Screenshots
* Find Options/Preferences more quickly with new search function
* Media is no longer auto-played when opened in a background tab
* Enable CSS Grid Layout View
+ MFSA 2017-21
+ * CVE-2017-7793 (bmo#1371889)
+ Use-after-free with Fetch API
+ * CVE-2017-7817 (bmo#1356596) (Android-only)
+ Firefox for Android address bar spoofing through fullscreen mode
+ * CVE-2017-7818 (bmo#1363723)
+ Use-after-free during ARIA array manipulation
+ * CVE-2017-7819 (bmo#1380292)
+ Use-after-free while resizing images in design mode
+ * CVE-2017-7824 (bmo#1398381)
+ Buffer overflow when drawing and validating elements with ANGLE
+ * CVE-2017-7805 (bmo#1377618) (fixed via NSS requirement)
+ Use-after-free in TLS 1.2 generating handshake hashes
+ * CVE-2017-7812 (bmo#1379842)
+ Drag and drop of malicious page content to the tab bar can open locally stored files
+ * CVE-2017-7814 (bmo#1376036)
+ Blob and data URLs bypass phishing and malware protection warnings
+ * CVE-2017-7813 (bmo#1383951)
+ Integer truncation in the JavaScript parser
+ * CVE-2017-7825 (bmo#1393624, bmo#1390980) (OSX-only)
+ OS X fonts render some Tibetan and Arabic unicode characters as spaces
+ * CVE-2017-7815 (bmo#1368981)
+ Spoofing attack with modal dialogs on non-e10s installations
+ * CVE-2017-7816 (bmo#1380597)
+ WebExtensions can load about: URLs in extension UI
+ * CVE-2017-7821 (bmo#1346515)
+ WebExtensions can download and open non-executable files without user interaction
+ * CVE-2017-7823 (bmo#1396320)
+ CSP sandbox directive did not create a unique origin
+ * CVE-2017-7822 (bmo#1368859)
+ WebCrypto allows AES-GCM with 0-length IV
+ * CVE-2017-7820 (bmo#1378207)
+ Xray wrapper bypass with new tab and web console
+ * CVE-2017-7811
+ Memory safety bugs fixed in Firefox 56
+ * CVE-2017-7810
+ Memory safety bugs fixed in Firefox 56 and Firefox ESR 52.4
- requires NSPR 4.16 and NSS 3.32.1
+- rebased patches
+
+-------------------------------------------------------------------
+Thu Sep 28 07:53:13 UTC 2017 - dimstar@opensuse.org
+
+- Add alsa-devel BuildRequires: we care for ALSA support to be
+ built and thus need to ensure we get the dependencies in place.
+ In the past, alsa-devel was pulled in by accident: we
+ buildrequire libgnome-devel. This required esound-devel and that
+ in turn pulled in alsa-devel for us. libgnome is being fixed to
+ no longer require esound-devel.
-------------------------------------------------------------------
Mon Sep 4 18:27:44 UTC 2017 - wr@rosenauer.org
--- a/MozillaFirefox/MozillaFirefox.spec Wed Sep 20 21:52:01 2017 +0200
+++ b/MozillaFirefox/MozillaFirefox.spec Mon Oct 02 22:24:46 2017 +0200
@@ -16,20 +16,21 @@
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
+
# changed with every update
-%define major 55
+%define major 56
%define mainver %major.99
%define update_channel beta
%define branding 1
-%define releasedate 20170914000000
+%define releasedate 20170926190823
# PIE, full relro (x86_64 for now)
%define build_hardened 1
# Firefox only supports i686
%ifarch %ix86
-ExclusiveArch: i586 i686
-BuildArch: i686
+ExclusiveArch: i586 i686
+BuildArch: i686
%{expand:%%global optflags %(echo "%optflags"|sed -e s/i586/i686/) -march=i686 -mtune=generic}
%endif
@@ -54,6 +55,7 @@
Name: %{pkgname}
BuildRequires: Mesa-devel
+BuildRequires: alsa-devel
BuildRequires: autoconf213
BuildRequires: dbus-1-glib-devel
BuildRequires: fdupes
@@ -62,9 +64,9 @@
%else
BuildRequires: gcc-c++
%endif
+BuildRequires: cargo
BuildRequires: libXcomposite-devel
BuildRequires: libcurl-devel
-BuildRequires: libgnomeui-devel
BuildRequires: libidl-devel
BuildRequires: libiw-devel
BuildRequires: libnotify-devel
@@ -73,22 +75,27 @@
BuildRequires: mozilla-nspr-devel >= 4.16
BuildRequires: mozilla-nss-devel >= 3.32.1
BuildRequires: python-devel
+BuildRequires: rust >= 1.15.1
+BuildRequires: rust-std
BuildRequires: startup-notification-devel
BuildRequires: unzip
BuildRequires: update-desktop-files
BuildRequires: xorg-x11-libXt-devel
BuildRequires: yasm
BuildRequires: zip
-BuildRequires: pkgconfig(libpulse)
-BuildRequires: pkgconfig(libffi)
-BuildRequires: pkgconfig(glib-2.0)
+BuildRequires: pkgconfig(gconf-2.0)
+BuildRequires: pkgconfig(gdk-x11-2.0)
+BuildRequires: pkgconfig(glib-2.0) >= 2.22
BuildRequires: pkgconfig(gobject-2.0)
+BuildRequires: pkgconfig(gtk+-2.0) >= 2.18.0
BuildRequires: pkgconfig(gtk+-3.0) >= 3.4.0
+BuildRequires: pkgconfig(gtk+-unix-print-2.0)
BuildRequires: pkgconfig(gtk+-unix-print-3.0)
-BuildRequires: cargo
-BuildRequires: rust >= 1.15.1
-BuildRequires: rust-std
-#BuildRequires: llvm-clang-devel >= 3.9.0
+BuildRequires: pkgconfig(libffi)
+BuildRequires: pkgconfig(libpulse)
+%if 0%{?suse_version} > 1320
+BuildRequires: llvm-clang-devel >= 3.9.0
+%endif
# libavcodec is required for H.264 support but the
# openSUSE version is currently not able to play H.264
# therefore the Packman version is required
@@ -350,7 +357,9 @@
ac_add_options --enable-update-channel=%{update_channel}
ac_add_options --with-mozilla-api-keyfile=%{SOURCE18}
ac_add_options --with-google-api-keyfile=%{SOURCE19}
+%if 0%{?suse_version} > 1320
ac_add_options --disable-stylo
+%endif
%if %branding
ac_add_options --enable-official-branding
%endif
--- a/MozillaFirefox/create-tar.sh Wed Sep 20 21:52:01 2017 +0200
+++ b/MozillaFirefox/create-tar.sh Mon Oct 02 22:24:46 2017 +0200
@@ -7,8 +7,8 @@
CHANNEL="beta"
BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_56_0b12_RELEASE" # 55.0.3 build2
-VERSION="55.99"
+RELEASE_TAG="FIREFOX_57_0b4_RELEASE"
+VERSION="56.99"
# mozilla
if [ -d mozilla ]; then
--- a/MozillaFirefox/l10n_changesets.txt Wed Sep 20 21:52:01 2017 +0200
+++ b/MozillaFirefox/l10n_changesets.txt Mon Oct 02 22:24:46 2017 +0200
@@ -47,8 +47,8 @@
id 80d249bfce07
is df02eb864aba
it 54ebd710b0b9
-ja 34cddaa3f554
-ja-JP-mac 1cca7e5654d2
+ja 0f3bea597ba3
+ja-JP-mac 7f49be227f5d
ka ee6c8ed935e1
kab f53aac551d7a
kk 07823d99b937
--- a/MozillaFirefox/mozilla.sh.in Wed Sep 20 21:52:01 2017 +0200
+++ b/MozillaFirefox/mozilla.sh.in Mon Oct 02 22:24:46 2017 +0200
@@ -72,7 +72,7 @@
mozilla_lib=`file $MOZ_PROGRAM`
LIB=lib
-echo $mozilla_lib | grep -q -E 'ELF.64-bit.*(x86-64|S/390|PowerPC)' && LIB=lib64
+echo $mozilla_lib | grep -q -E 'ELF.64-bit.*(x86-64|S/390|PowerPC|ARM aarch64)' && LIB=lib64
BROWSER_PLUGIN_DIR=/usr/$LIB/browser-plugins
if [ ! -d $BROWSER_PLUGIN_DIR ]; then