update to 17.0.4
fix 11.2-i586 build using lower optimization
added OBS constraints
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/MozillaFirefox/_constraints Sat Mar 16 15:05:51 2013 +0100
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<constraints>
+ <hardware>
+ <disk>
+ <size unit="G">9</size>
+ </disk>
+ <memory>
+ <size unit="M">2500</size>
+ </memory>
+ </hardware>
+</constraints>
--- a/MozillaFirefox/create-tar.sh Sun Jan 06 18:41:42 2013 +0100
+++ b/MozillaFirefox/create-tar.sh Sat Mar 16 15:05:51 2013 +0100
@@ -2,8 +2,8 @@
CHANNEL="esr17"
BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_17_0_2esr_RELEASE"
-VERSION="17.0.2"
+RELEASE_TAG="FIREFOX_17_0_4esr_RELEASE"
+VERSION="17.0.4"
# mozilla
echo "cloning $BRANCH..."
--- a/MozillaFirefox/firefox-esr.changes Sun Jan 06 18:41:42 2013 +0100
+++ b/MozillaFirefox/firefox-esr.changes Sat Mar 16 15:05:51 2013 +0100
@@ -1,7 +1,70 @@
-------------------------------------------------------------------
+Fri Mar 8 08:36:26 UTC 2013 - wr@rosenauer.org
+
+- update to Firefox 17.0.4 (bnc#808243)
+ * MFSA 2013-29/CVE-2013-0787 (bmo#848644)
+ Use-after-free in HTML Editor
+
+-------------------------------------------------------------------
+Sat Feb 16 17:16:35 UTC 2013 - wr@rosenauer.org
+
+- update to Firefox 17.0.3esr (bnc#804248)
+ * MFSA 2013-21/CVE-2013-0783
+ Miscellaneous memory safety hazards
+ * MFSA 2013-24/CVE-2013-0773 (bmo#809652)
+ Web content bypass of COW and SOW security wrappers
+ * MFSA 2013-25/CVE-2013-0774 (bmo#827193)
+ Privacy leak in JavaScript Workers
+ * MFSA 2013-26/CVE-2013-0775 (bmo#831095)
+ Use-after-free in nsImageLoadingContent
+ * MFSA 2013-27/CVE-2013-0776 (bmo#796475)
+ Phishing on HTTPS connection through malicious proxy
+ * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782
+ Use-after-free, out of bounds read, and buffer overflow issues
+ found using Address Sanitizer
+
+-------------------------------------------------------------------
Sat Jan 5 14:42:07 UTC 2013 - wr@rosenauer.org
- update to Firefox 17.0.2esr (bnc#796895)
+ * MFSA 2013-01/CVE-2013-0749/CVE-2013-0769/CVE-2013-0770
+ Miscellaneous memory safety hazards
+ * MFSA 2013-02/CVE-2013-0760/CVE-2013-0762/CVE-2013-0766/CVE-2013-0767
+ CVE-2013-0761/CVE-2013-0763/CVE-2013-0771/CVE-2012-5829
+ Use-after-free and buffer overflow issues found using Address Sanitizer
+ * MFSA 2013-03/CVE-2013-0768 (bmo#815795)
+ Buffer Overflow in Canvas
+ * MFSA 2013-04/CVE-2012-0759 (bmo#802026)
+ URL spoofing in addressbar during page loads
+ * MFSA 2013-05/CVE-2013-0744 (bmo#814713)
+ Use-after-free when displaying table with many columns and column groups
+ * MFSA 2013-07/CVE-2013-0764 (bmo#804237)
+ Crash due to handling of SSL on threads
+ * MFSA 2013-08/CVE-2013-0745 (bmo#794158)
+ AutoWrapperChanger fails to keep objects alive during garbage collection
+ * MFSA 2013-09/CVE-2013-0746 (bmo#816842)
+ Compartment mismatch with quickstubs returned values
+ * MFSA 2013-10/CVE-2013-0747 (bmo#733305)
+ Event manipulation in plugin handler to bypass same-origin policy
+ * MFSA 2013-11/CVE-2013-0748 (bmo#806031)
+ Address space layout leaked in XBL objects
+ * MFSA 2013-12/CVE-2013-0750 (bmo#805121)
+ Buffer overflow in Javascript string concatenation
+ * MFSA 2013-13/CVE-2013-0752 (bmo#805024)
+ Memory corruption in XBL with XML bindings containing SVG
+ * MFSA 2013-14/CVE-2013-0757 (bmo#813901)
+ Chrome Object Wrapper (COW) bypass through changing prototype
+ * MFSA 2013-15/CVE-2013-0758 (bmo#813906)
+ Privilege escalation through plugin objects
+ * MFSA 2013-16/CVE-2013-0753 (bmo#814001)
+ Use-after-free in serializeToStream
+ * MFSA 2013-17/CVE-2013-0754 (bmo#814026)
+ Use-after-free in ListenerManager
+ * MFSA 2013-18/CVE-2013-0755 (bmo#814027)
+ Use-after-free in Vibrate
+ * MFSA 2013-19/CVE-2013-0756 (bmo#814029)
+ Use-after-free in Javascript Proxy objects
+- requires NSS 3.14.1 (MFSA 2013-20, CVE-2013-0743)
-------------------------------------------------------------------
Thu Nov 29 20:13:39 UTC 2012 - wr@rosenauer.org
--- a/MozillaFirefox/firefox-esr.spec Sun Jan 06 18:41:42 2013 +0100
+++ b/MozillaFirefox/firefox-esr.spec Sat Mar 16 15:05:51 2013 +0100
@@ -1,8 +1,8 @@
#
# spec file for package firefox-esr
#
-# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
-# 2006-2012 Wolfgang Rosenauer
+# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# 2006-2013 Wolfgang Rosenauer
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -18,7 +18,7 @@
%define major 17
-%define mainver %major.0.2
+%define mainver %major.0.4
%define update_channel release
Name: firefox-esr
@@ -54,7 +54,7 @@
%endif
Version: %{mainver}
Release: 0
-%define releasedate 2013010500
+%define releasedate 2013030700
Provides: firefox-esr = %{mainver}
Provides: web_browser
Provides: browser(npapi)
@@ -105,6 +105,7 @@
Patch13: mozilla-gstreamer.patch
Patch14: mozilla-ppc.patch
Patch15: mozilla-gstreamer-760140.patch
+Patch16: mozilla-deoptimize.patch
# SLE11 patches
Patch20: mozilla-gcc43-enums.patch
Patch21: mozilla-gcc43-template_hacks.patch
@@ -247,8 +248,13 @@
%patch13 -p1
%patch14 -p1
%patch15 -p1
+%if %suse_version == 1120
+%ifarch %x86
+%patch16 -p1
+%endif
+%endif
# SLE patches
-%if %suse_version <= 1110
+%if %suse_version <= 1120
%patch20 -p1
%patch21 -p1
%patch22 -p1
@@ -286,6 +292,11 @@
export BUILD_OFFICIAL=1
export MOZ_TELEMETRY_REPORTING=1
export CFLAGS="$RPM_OPT_FLAGS -Os -fno-strict-aliasing"
+%if %suse_version == 1120
+%ifarch %x86
+export CFLAGS="$RPM_OPT_FLAGS -O1 -fno-strict-aliasing"
+%endif
+%endif
%ifarch ppc64
export CFLAGS="$CFLAGS -mminimal-toc"
%endif
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/MozillaFirefox/mozilla-deoptimize.patch Sat Mar 16 15:05:51 2013 +0100
@@ -0,0 +1,1 @@
+../mozilla-deoptimize.patch
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/mozilla-deoptimize.patch Sat Mar 16 15:05:51 2013 +0100
@@ -0,0 +1,46 @@
+Decrease optimization level for 11.2-i586 otherwise xpcshell is crashing during build
+
+diff --git a/configure.in b/configure.in
+--- a/configure.in
++++ b/configure.in
+@@ -2051,17 +2051,17 @@ ia64*-hpux*)
+ elif test "$GNU_CC" -o "$GNU_CXX"; then
+ GCC_VERSION=`$CC -v 2>&1 | awk '/^gcc version/ { print $3 }'`
+ case $GCC_VERSION in
+ 4.1.*|4.2.*|4.5.*)
+ # -Os is broken on gcc 4.1.x 4.2.x, 4.5.x we need to tweak it to get good results.
+ MOZ_OPTIMIZE_SIZE_TWEAK="-finline-limit=50"
+ esac
+ MOZ_PGO_OPTIMIZE_FLAGS="-O3"
+- MOZ_OPTIMIZE_FLAGS="-Os -freorder-blocks $MOZ_OPTIMIZE_SIZE_TWEAK"
++ MOZ_OPTIMIZE_FLAGS="-O1 -freorder-blocks $MOZ_OPTIMIZE_SIZE_TWEAK"
+ MOZ_DEBUG_FLAGS="-g"
+ fi
+
+ TARGET_NSPR_MDCPUCFG='\"md/_linux.cfg\"'
+
+ MOZ_MEMORY=1
+
+ case "${target_cpu}" in
+diff --git a/js/src/configure.in b/js/src/configure.in
+--- a/js/src/configure.in
++++ b/js/src/configure.in
+@@ -1679,17 +1679,17 @@ ia64*-hpux*)
+ elif test "$GNU_CC" -o "$GNU_CXX"; then
+ GCC_VERSION=`$CC -v 2>&1 | awk '/^gcc version/ { print $3 }'`
+ case $GCC_VERSION in
+ 4.1.*|4.2.*|4.5.*)
+ # -Os is broken on gcc 4.1.x 4.2.x, 4.5.x we need to tweak it to get good results.
+ MOZ_OPTIMIZE_SIZE_TWEAK="-finline-limit=50"
+ esac
+ MOZ_PGO_OPTIMIZE_FLAGS="-O3"
+- MOZ_OPTIMIZE_FLAGS="-O3 -freorder-blocks $MOZ_OPTIMIZE_SIZE_TWEAK"
++ MOZ_OPTIMIZE_FLAGS="-O1 -freorder-blocks $MOZ_OPTIMIZE_SIZE_TWEAK"
+ MOZ_DEBUG_FLAGS="-g"
+ fi
+
+ TARGET_NSPR_MDCPUCFG='\"md/_linux.cfg\"'
+
+ case "${target_cpu}" in
+ alpha*)
+ CFLAGS="$CFLAGS -mieee"
--- a/series Sun Jan 06 18:41:42 2013 +0100
+++ b/series Sat Mar 16 15:05:51 2013 +0100
@@ -18,6 +18,7 @@
mozilla-gstreamer-760140.patch
mozilla-ppc.patch
mozilla-idldir.patch
+mozilla-deoptimize.patch
mozilla-gcc43-enums.patch
mozilla-gcc43-template_hacks.patch
mozilla-gcc43-templates_instantiation.patch
--- a/xulrunner/create-tar.sh Sun Jan 06 18:41:42 2013 +0100
+++ b/xulrunner/create-tar.sh Sat Mar 16 15:05:51 2013 +0100
@@ -2,8 +2,8 @@
CHANNEL="esr17"
BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_17_0_2esr_RELEASE"
-VERSION="17.0.2"
+RELEASE_TAG="FIREFOX_17_0_3esr_RELEASE"
+VERSION="17.0.3"
# mozilla
echo "cloning $BRANCH..."
--- a/xulrunner/xulrunner-esr.changes Sun Jan 06 18:41:42 2013 +0100
+++ b/xulrunner/xulrunner-esr.changes Sat Mar 16 15:05:51 2013 +0100
@@ -1,7 +1,70 @@
+-------------------------------------------------------------------
+Fri Mar 8 09:00:09 UTC 2013 - wr@rosenauer.org
+
+- update to 17.0.4esr (bnc#808243)
+ * MFSA 2013-29/CVE-2013-0787 (bmo#848644)
+ Use-after-free in HTML Editor
+
+-------------------------------------------------------------------
+Sat Feb 16 17:38:21 UTC 2013 - wr@rosenauer.org
+
+- update to 17.0.3esr (bnc#804248)
+ * MFSA 2013-21/CVE-2013-0783
+ Miscellaneous memory safety hazards
+ * MFSA 2013-24/CVE-2013-0773 (bmo#809652)
+ Web content bypass of COW and SOW security wrappers
+ * MFSA 2013-25/CVE-2013-0774 (bmo#827193)
+ Privacy leak in JavaScript Workers
+ * MFSA 2013-26/CVE-2013-0775 (bmo#831095)
+ Use-after-free in nsImageLoadingContent
+ * MFSA 2013-27/CVE-2013-0776 (bmo#796475)
+ Phishing on HTTPS connection through malicious proxy
+ * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782
+ Use-after-free, out of bounds read, and buffer overflow issues
+ found using Address Sanitizer
+
-------------------------------------------------------------------
Sat Jan 5 14:46:06 UTC 2013 - wr@rosenauer.org
- update to 17.0.2esr (bnc#796895)
+ * MFSA 2013-01/CVE-2013-0749/CVE-2013-0769/CVE-2013-0770
+ Miscellaneous memory safety hazards
+ * MFSA 2013-02/CVE-2013-0760/CVE-2013-0762/CVE-2013-0766/CVE-2013-0767
+ CVE-2013-0761/CVE-2013-0763/CVE-2013-0771/CVE-2012-5829
+ Use-after-free and buffer overflow issues found using Address Sanitizer
+ * MFSA 2013-03/CVE-2013-0768 (bmo#815795)
+ Buffer Overflow in Canvas
+ * MFSA 2013-04/CVE-2012-0759 (bmo#802026)
+ URL spoofing in addressbar during page loads
+ * MFSA 2013-05/CVE-2013-0744 (bmo#814713)
+ Use-after-free when displaying table with many columns and column groups
+ * MFSA 2013-07/CVE-2013-0764 (bmo#804237)
+ Crash due to handling of SSL on threads
+ * MFSA 2013-08/CVE-2013-0745 (bmo#794158)
+ AutoWrapperChanger fails to keep objects alive during garbage collection
+ * MFSA 2013-09/CVE-2013-0746 (bmo#816842)
+ Compartment mismatch with quickstubs returned values
+ * MFSA 2013-10/CVE-2013-0747 (bmo#733305)
+ Event manipulation in plugin handler to bypass same-origin policy
+ * MFSA 2013-11/CVE-2013-0748 (bmo#806031)
+ Address space layout leaked in XBL objects
+ * MFSA 2013-12/CVE-2013-0750 (bmo#805121)
+ Buffer overflow in Javascript string concatenation
+ * MFSA 2013-13/CVE-2013-0752 (bmo#805024)
+ Memory corruption in XBL with XML bindings containing SVG
+ * MFSA 2013-14/CVE-2013-0757 (bmo#813901)
+ Chrome Object Wrapper (COW) bypass through changing prototype
+ * MFSA 2013-15/CVE-2013-0758 (bmo#813906)
+ Privilege escalation through plugin objects
+ * MFSA 2013-16/CVE-2013-0753 (bmo#814001)
+ Use-after-free in serializeToStream
+ * MFSA 2013-17/CVE-2013-0754 (bmo#814026)
+ Use-after-free in ListenerManager
+ * MFSA 2013-18/CVE-2013-0755 (bmo#814027)
+ Use-after-free in Vibrate
+ * MFSA 2013-19/CVE-2013-0756 (bmo#814029)
+ Use-after-free in Javascript Proxy objects
+- requires NSS 3.14.1 (MFSA 2013-20, CVE-2013-0743)
-------------------------------------------------------------------
Thu Nov 29 20:15:37 UTC 2012 - wr@rosenauer.org
--- a/xulrunner/xulrunner-esr.spec Sun Jan 06 18:41:42 2013 +0100
+++ b/xulrunner/xulrunner-esr.spec Sat Mar 16 15:05:51 2013 +0100
@@ -1,8 +1,8 @@
#
# spec file for package xulrunner-esr
#
-# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
-# 2006-2012 Wolfgang Rosenauer
+# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# 2006-2013 Wolfgang Rosenauer
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -44,12 +44,12 @@
%endif
BuildRequires: mozilla-nspr-devel >= 4.9.4
BuildRequires: mozilla-nss-devel >= 3.14.1
-Version: 17.0.2
+Version: 17.0.4
Release: 0
-%define releasedate 2013010500
-%define version_internal 17.0.2
+%define releasedate 2013030700
+%define version_internal 17.0.4
%define apiversion 17
-%define uaweight 1700002
+%define uaweight 1700004
Summary: Mozilla Runtime Environment
License: MPL-2.0
Group: Productivity/Other