--- a/MozillaFirefox/MozillaFirefox.changes Tue Jul 16 12:35:11 2013 +0200
+++ b/MozillaFirefox/MozillaFirefox.changes Sat Sep 28 13:24:50 2013 +0200
@@ -1,9 +1,74 @@
-------------------------------------------------------------------
-Sat Jul 13 20:53:28 UTC 2013 - wr@rosenauer.org
-
-- update to Firefox 24.0pre (20130713)
+Mon Sep 16 11:59:18 UTC 2013 - lnussel@suse.de
+
+- move greek to the translations-common package (bnc#840551)
+
+-------------------------------------------------------------------
+Sat Sep 14 14:39:58 UTC 2013 - wr@rosenauer.org
+
+- update to Firefox 24.0 (bnc#840485)
+ * MFSA 2013-76/CVE-2013-1718/CVE-2013-1719
+ Miscellaneous memory safety hazards
+ * MFSA 2013-77/CVE-2013-1720 (bmo#888820)
+ Improper state in HTML5 Tree Builder with templates
+ * MFSA 2013-78/CVE-2013-1721 (bmo#890277)
+ Integer overflow in ANGLE library
+ * MFSA 2013-79/CVE-2013-1722 (bmo#893308)
+ Use-after-free in Animation Manager during stylesheet cloning
+ * MFSA 2013-80/CVE-2013-1723 (bmo#891292)
+ NativeKey continues handling key messages after widget is destroyed
+ * MFSA 2013-81/CVE-2013-1724 (bmo#894137)
+ Use-after-free with select element
+ * MFSA 2013-82/CVE-2013-1725 (bmo#876762)
+ Calling scope for new Javascript objects can lead to memory corruption
+ * MFSA 2013-85/CVE-2013-1728 (bmo#883686)
+ Uninitialized data in IonMonkey
+ * MFSA 2013-88/CVE-2013-1730 (bmo#851353)
+ Compartment mismatch re-attaching XBL-backed nodes
+ * MFSA 2013-89/CVE-2013-1732 (bmo#883514)
+ Buffer overflow with multi-column, lists, and floats
+ * MFSA 2013-90/CVE-2013-1735/CVE-2013-1736 (bmo#898871, bmo#906301)
+ Memory corruption involving scrolling
+ * MFSA 2013-91/CVE-2013-1737 (bmo#907727)
+ User-defined properties on DOM proxies get the wrong "this" object
+ * MFSA 2013-92/CVE-2013-1738 (bmo#887334, bmo#882897)
+ GC hazard with default compartments and frame chain restoration
+- enable gstreamer explicitely via pref (gecko.js)
+- require NSS 3.15.1
+
+-------------------------------------------------------------------
+Mon Aug 26 07:35:36 UTC 2013 - wr@rosenauer.org
+
+- update to Firefox 23.0.1
+ * Audio static/"burble"/breakup in Firefox to Firefox WebRTC calls
+ (bmo#901527)
+
+-------------------------------------------------------------------
+Sun Aug 4 18:30:11 UTC 2013 - wr@rosenauer.org
+
+- update to Firefox 23.0 (bnc#833389)
+ * MFSA 2013-63/CVE-2013-1701/CVE-2013-1702
+ Miscellaneous memory safety hazards
+ * MFSA 2013-64/CVE-2013-1704 (bmo#883313)
+ Use after free mutating DOM during SetBody
+ * MFSA 2013-65/CVE-2013-1705 (bmo#882865)
+ Buffer underflow when generating CRMF requests
+ * MFSA 2013-67/CVE-2013-1708 (bmo#879924)
+ Crash during WAV audio file decoding
+ * MFSA 2013-68/CVE-2013-1709 (bmo#838253)
+ Document URI misrepresentation and masquerading
+ * MFSA 2013-69/CVE-2013-1710 (bmo#871368)
+ CRMF requests allow for code execution and XSS attacks
+ * MFSA 2013-70/CVE-2013-1711 (bmo#843829)
+ Bypass of XrayWrappers using XBL Scopes
+ * MFSA 2013-72/CVE-2013-1713 (bmo#887098)
+ Wrong principal used for validating URI for some Javascript
+ components
+ * MFSA 2013-73/CVE-2013-1714 (bmo#879787)
+ Same-origin bypass with web workers and XMLHttpRequest
+ * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397)
+ Local Java applets may read contents of local file system
- requires NSPR 4.10 and NSS 3.15
-- enable gstreamer via pref
-------------------------------------------------------------------
Wed Jul 3 17:14:35 UTC 2013 - dmueller@suse.com
--- a/MozillaFirefox/MozillaFirefox.spec Tue Jul 16 12:35:11 2013 +0200
+++ b/MozillaFirefox/MozillaFirefox.spec Sat Sep 28 13:24:50 2013 +0200
@@ -17,9 +17,9 @@
#
-%define major 23
-%define mainver %major.98
-%define update_channel aurora
+%define major 24
+%define mainver %major.0.99
+%define update_channel beta
%if %suse_version > 1220
%define gstreamer_ver 0.10
@@ -51,7 +51,7 @@
BuildRequires: wireless-tools
%endif
BuildRequires: mozilla-nspr-devel >= 4.10
-BuildRequires: mozilla-nss-devel >= 3.15
+BuildRequires: mozilla-nss-devel >= 3.15.1
BuildRequires: nss-shared-helper-devel
%if %suse_version > 1210
BuildRequires: pkgconfig(gstreamer-%gstreamer_ver)
@@ -60,7 +60,7 @@
%endif
Version: %{mainver}
Release: 0
-%define releasedate 2013071300
+%define releasedate 2013091200
Provides: firefox = %{mainver}
Provides: firefox = %{version}-%{release}
Provides: web_browser
@@ -135,7 +135,7 @@
%define desktop_file_name %{name}
%endif
### build options
-%define branding 0
+%define branding 1
%define localize 1
%ifarch ppc ppc64 s390 s390x ia64 %arm
%define crashreporter 0
@@ -165,7 +165,7 @@
%package translations-common
Summary: Common translations for Firefox
Group: System/Localization
-Provides: locale(%{name}:ar;ca;cs;da;de;en_GB;es_AR;es_CL;es_ES;fi;fr;hu;it;ja;ko;nb_NO;nl;pl;pt_BR;pt_PT;ru;sv_SE;zh_CN;zh_TW)
+Provides: locale(%{name}:ar;ca;cs;da;de;el;en_GB;es_AR;es_CL;es_ES;fi;fr;hu;it;ja;ko;nb_NO;nl;pl;pt_BR;pt_PT;ru;sv_SE;zh_CN;zh_TW)
Requires: %{name} = %{version}
Obsoletes: %{name}-translations < %{version}-%{release}
@@ -176,7 +176,7 @@
%package translations-other
Summary: Extra translations for Firefox
Group: System/Localization
-Provides: locale(%{name}:ach;af;ak;as;ast;be;bg;bn_BD;bn_IN;br;bs;csb;cy;el;en_ZA;eo;es_MX;et;eu;fa;ff;fy_NL;ga_IE;gd;gl;gu_IN;he;hi_IN;hr;hy_AM;id;is;kk;km;kn;ku;lg;lij;lt;lv;mai;mk;ml;mr;nn_NO;nso;or;pa_IN;rm;ro;si;sk;sl;son;sq;sr;ta;ta_LK;te;th;tr;uk;vi;zu)
+Provides: locale(%{name}:ach;af;ak;as;ast;be;bg;bn_BD;bn_IN;br;bs;csb;cy;en_ZA;eo;es_MX;et;eu;fa;ff;fy_NL;ga_IE;gd;gl;gu_IN;he;hi_IN;hr;hy_AM;id;is;kk;km;kn;ku;lg;lij;lt;lv;mai;mk;ml;mr;nn_NO;nso;or;pa_IN;rm;ro;si;sk;sl;son;sq;sr;ta;ta_LK;te;th;tr;uk;vi;zu)
Requires: %{name} = %{version}
Obsoletes: %{name}-translations < %{version}-%{release}
@@ -300,44 +300,30 @@
ac_add_options --enable-startup-notification
#ac_add_options --enable-chrome-format=jar
ac_add_options --enable-update-channel=%{update_channel}
-EOF
%if %suse_version > 1130
-cat << EOF >> $MOZCONFIG
ac_add_options --disable-gnomevfs
ac_add_options --enable-gio
-EOF
%endif
%if %suse_version < 1220
-cat << EOF >> $MOZCONFIG
ac_add_options --disable-gstreamer
-EOF
%endif
%if %branding
-cat << EOF >> $MOZCONFIG
ac_add_options --enable-official-branding
-EOF
%endif
%if %suse_version > 1110
-cat << EOF >> $MOZCONFIG
ac_add_options --enable-libproxy
-EOF
%endif
%if ! %crashreporter
-cat << EOF >> $MOZCONFIG
ac_add_options --disable-crashreporter
-EOF
%endif
# Disable neon for arm as it does not build correctly
%ifarch %arm
-cat << EOF >> $MOZCONFIG
ac_add_options --disable-neon
-EOF
%endif
%ifnarch %ix86 x86_64
-cat << EOF >> $MOZCONFIG
ac_add_options --disable-webrtc
+%endif
EOF
-%endif
make -f client.mk build
%install
@@ -372,7 +358,7 @@
touch %{_tmppath}/translations.{common,other}
for locale in $(awk '{ print $1; }' ../mozilla/browser/locales/shipped-locales); do
case $locale in
- ja-JP-mac|en-US|mn|ta-LK)
+ ja-JP-mac|en-US)
;;
*)
pushd $RPM_BUILD_DIR/compare-locales
@@ -389,7 +375,7 @@
rm -rf $RPM_BUILD_ROOT%{progdir}/browser/extensions/langpack-$locale@firefox.mozilla.org/hyphenation
# check against the fixed common list and sort into the right filelist
_matched=0
- for _match in ar ca cs da de en-GB es-AR es-CL es-ES fi fr hu it ja ko nb-NO nl pl pt-BR pt-PT ru sv-SE zh-CN zh-TW; do
+ for _match in ar ca cs da de el en-GB es-AR es-CL es-ES fi fr hu it ja ko nb-NO nl pl pt-BR pt-PT ru sv-SE zh-CN zh-TW; do
[ "$_match" = "$locale" ] && _matched=1
done
[ $_matched -eq 1 ] && _l10ntarget=common || _l10ntarget=other
--- a/MozillaFirefox/_constraints Tue Jul 16 12:35:11 2013 +0200
+++ b/MozillaFirefox/_constraints Sat Sep 28 13:24:50 2013 +0200
@@ -5,7 +5,7 @@
<size unit="G">9</size>
</disk>
<memory>
- <size unit="M">3000</size>
+ <size unit="M">3500</size>
</memory>
</hardware>
</constraints>
--- a/MozillaFirefox/create-tar.sh Tue Jul 16 12:35:11 2013 +0200
+++ b/MozillaFirefox/create-tar.sh Sat Sep 28 13:24:50 2013 +0200
@@ -1,9 +1,9 @@
#!/bin/bash
-CHANNEL="aurora"
+CHANNEL="beta"
BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="default"
-VERSION="23.98"
+RELEASE_TAG="FIREFOX_24_0_RELEASE"
+VERSION="24.99"
# mozilla
if [ -d mozilla ]; then
--- a/firefox-kde.patch Tue Jul 16 12:35:11 2013 +0200
+++ b/firefox-kde.patch Sat Sep 28 13:24:50 2013 +0200
@@ -2,7 +2,7 @@
new file mode 100644
--- /dev/null
+++ b/browser/base/content/browser-kde.xul
-@@ -0,0 +1,1196 @@
+@@ -0,0 +1,1097 @@
+#filter substitution
+<?xml version="1.0"?>
+# -*- Mode: HTML -*-
@@ -102,6 +102,8 @@
+ label="&bookmarkAllTabs.label;"
+ accesskey="&bookmarkAllTabs.accesskey;"
+ command="Browser:BookmarkAllTabs"/>
++ <menuitem id="context_closeTabsToTheEnd" label="&closeTabsToTheEnd.label;" accesskey="&closeTabsToTheEnd.accesskey;"
++ oncommand="gBrowser.removeTabsToTheEndFrom(TabContextMenu.contextTab);"/>
+ <menuitem id="context_closeOtherTabs" label="&closeOtherTabs.label;" accesskey="&closeOtherTabs.accesskey;"
+ oncommand="gBrowser.removeAllTabsBut(TabContextMenu.contextTab);"/>
+ <menuseparator/>
@@ -235,6 +237,7 @@
+ side="right"
+ type="arrow"
+ hidden="true"
++ flip="slide"
+ rolluponmousewheel="true"
+ consumeoutsideclicks="false"
+ noautofocus="true"
@@ -289,59 +292,6 @@
+
+ <menupopup id="placesContext"/>
+
-+ <panel id="notification-popup"
-+ type="arrow"
-+ footertype="promobox"
-+ position="after_start"
-+ hidden="true"
-+ orient="vertical"
-+ role="alert"/>
-+
-+ <!-- Popup for site identity information -->
-+ <panel id="identity-popup"
-+ type="arrow"
-+ hidden="true"
-+ noautofocus="true"
-+ consumeoutsideclicks="true"
-+ onpopupshown="gIdentityHandler.onPopupShown(event);"
-+ level="top">
-+ <hbox id="identity-popup-container" align="top">
-+ <image id="identity-popup-icon"/>
-+ <vbox id="identity-popup-content-box">
-+ <label id="identity-popup-connectedToLabel"
-+ class="identity-popup-label"
-+ value="&identity.connectedTo;"/>
-+ <label id="identity-popup-connectedToLabel2"
-+ class="identity-popup-label"
-+ value="&identity.unverifiedsite2;"/>
-+ <description id="identity-popup-content-host"
-+ class="identity-popup-description"/>
-+ <label id="identity-popup-runByLabel"
-+ class="identity-popup-label"
-+ value="&identity.runBy;"/>
-+ <description id="identity-popup-content-owner"
-+ class="identity-popup-description"/>
-+ <description id="identity-popup-content-supplemental"
-+ class="identity-popup-description"/>
-+ <description id="identity-popup-content-verifier"
-+ class="identity-popup-description"/>
-+ <hbox id="identity-popup-encryption" flex="1">
-+ <vbox>
-+ <image id="identity-popup-encryption-icon"/>
-+ </vbox>
-+ <description id="identity-popup-encryption-label" flex="1"
-+ class="identity-popup-description"/>
-+ </hbox>
-+ <!-- Footer button to open security page info -->
-+ <hbox id="identity-popup-button-container" pack="end">
-+ <button id="identity-popup-more-info-button"
-+ label="&identity.moreInfoLinkText;"
-+ onblur="gIdentityHandler.hideIdentityPopup();"
-+ oncommand="gIdentityHandler.handleMoreInfoClick(event);"/>
-+ </hbox>
-+ </vbox>
-+ </hbox>
-+ </panel>
+
+ <panel id="ctrlTab-panel" class="KUI-panel" hidden="true" norestorefocus="true" level="top">
+ <hbox>
@@ -384,57 +334,7 @@
+#endif
+ </tooltip>
+
-+ <popupnotification id="webRTC-shareDevices-notification" hidden="true">
-+ <popupnotificationcontent id="webRTC-selectCamera" orient="vertical">
-+ <separator class="thin"/>
-+ <label value="&getUserMedia.selectCamera.label;"
-+ accesskey="&getUserMedia.selectCamera.accesskey;"
-+ control="webRTC-selectCamera-menulist"/>
-+ <menulist id="webRTC-selectCamera-menulist">
-+ <menupopup id="webRTC-selectCamera-menupopup"/>
-+ </menulist>
-+ </popupnotificationcontent>
-+ <popupnotificationcontent id="webRTC-selectMicrophone" orient="vertical">
-+ <separator class="thin"/>
-+ <label value="&getUserMedia.selectMicrophone.label;"
-+ accesskey="&getUserMedia.selectMicrophone.accesskey;"
-+ control="webRTC-selectMicrophone-menulist"/>
-+ <menulist id="webRTC-selectMicrophone-menulist">
-+ <menupopup id="webRTC-selectMicrophone-menupopup"/>
-+ </menulist>
-+ </popupnotificationcontent>
-+ </popupnotification>
-+
-+ <popupnotification id="geolocation-notification" hidden="true">
-+ <popupnotificationcontent orient="vertical" align="start">
-+ <separator class="thin"/>
-+ <label id="geolocation-learnmore-link" class="text-link"/>
-+ </popupnotificationcontent>
-+ </popupnotification>
-+
-+ <popupnotification id="servicesInstall-notification" hidden="true">
-+ <popupnotificationcontent orient="vertical" align="start">
-+ <separator class="thin"/>
-+ <label id="servicesInstall-learnmore-link" class="text-link"/>
-+ </popupnotificationcontent>
-+ </popupnotification>
-+
-+ <popupnotification id="pointerLock-notification" hidden="true">
-+ <popupnotificationcontent orient="vertical" align="start">
-+ <separator class="thin"/>
-+ <label id="pointerLock-cancel" value="&pointerLock.notification.message;"/>
-+ </popupnotificationcontent>
-+ </popupnotification>
-+
-+ <popupnotification id="mixed-content-blocked-notification" hidden="true">
-+ <popupnotificationcontent orient="vertical" align="start">
-+ <separator/>
-+ <description id="mixed-content-blocked-moreinfo">&mixedContentBlocked.moreinfo;</description>
-+ <separator/>
-+ <label id="mixed-content-blocked-helplink" class="text-link"
-+ value="&mixedContentBlocked.helplink;"/>
-+ </popupnotificationcontent>
-+ </popupnotification>
++#include popup-notifications.inc
+
+ </popupset>
+
@@ -552,6 +452,7 @@
+ <image id="webapps-notification-icon" class="notification-anchor-icon" role="button"/>
+ <image id="plugins-notification-icon" class="notification-anchor-icon" role="button"/>
+ <image id="web-notifications-notification-icon" class="notification-anchor-icon" role="button"/>
++ <image id="alert-plugins-notification-icon" class="notification-anchor-icon" role="button"/>
+ <image id="blocked-plugins-notification-icon" class="notification-anchor-icon" role="button"/>
+ <image id="plugin-install-notification-icon" class="notification-anchor-icon" role="button"/>
+ <image id="mixed-content-blocked-notification-icon" class="notification-anchor-icon" role="button"/>
@@ -745,6 +646,9 @@
+ hidden="true"
+ skipintoolbarset="true"
+ observes="socialActiveBroadcaster">
++ <toolbarbutton id="social-notification-icon" class="default-notification-icon toolbarbutton-1 notification-anchor-icon"
++ oncommand="PopupNotifications._reshowNotifications(this,
++ document.getElementById('social-sidebar-browser'));"/>
+ <toolbarbutton id="social-provider-button"
+ class="toolbarbutton-1"
+ type="menu">
@@ -957,7 +861,6 @@
+ ondrop="DownloadsIndicatorView.onDrop(event);"
+ ondragover="DownloadsIndicatorView.onDragOver(event);"
+ ondragenter="DownloadsIndicatorView.onDragOver(event);"
-+ ondragleave="DownloadsIndicatorView.onDragLeave(event);"
+ label="&downloads.label;"
+ tooltiptext="&downloads.tooltip;"/>
+
@@ -1085,6 +988,7 @@
+ context="contentAreaContextMenu"
+ disableglobalhistory="true"
+ tooltip="aHTMLTooltip"
++ popupnotificationanchor="social-notification-icon"
+ flex="1"
+ style="min-width: 14em; width: 18em; max-width: 36em;"/>
+ </vbox>
@@ -1124,11 +1028,8 @@
+ tooltiptext="&devToolbarCloseButton.tooltiptext;"/>
+#endif
+ <stack class="gclitoolbar-stack-node" flex="1">
-+ <hbox class="gclitoolbar-prompt">
-+ <label class="gclitoolbar-prompt-label">»</label>
-+ </hbox>
++ <textbox class="gclitoolbar-input-node" rows="1"/>
+ <hbox class="gclitoolbar-complete-node"/>
-+ <textbox class="gclitoolbar-input-node" rows="1"/>
+ </stack>
+ <toolbarbutton id="developer-toolbar-toolbox-button"
+ class="developer-toolbar-button"
--- a/mozilla-ppc.patch Tue Jul 16 12:35:11 2013 +0200
+++ b/mozilla-ppc.patch Sat Sep 28 13:24:50 2013 +0200
@@ -1,5 +1,5 @@
# HG changeset patch
-# Parent 2c9bf1336fd0811e0112953334df4c81c717e6ff
+# Parent 21d0e194954e451f0f1935d0ed68ee9eae432ddf
# User Wolfgang Rosenauer <wr@rosenauer.org>
Bug 746112 - RegExp hang on ppc64 in execute.
Bug 750620 - Make double-conversion portable to exotic architectures. TM: mozilla15
@@ -7,7 +7,7 @@
diff --git a/js/src/yarr/YarrInterpreter.h b/js/src/yarr/YarrInterpreter.h
--- a/js/src/yarr/YarrInterpreter.h
+++ b/js/src/yarr/YarrInterpreter.h
-@@ -159,17 +159,17 @@ struct ByteTerm {
+@@ -162,17 +162,17 @@ struct ByteTerm {
, m_invert(invert)
{
atom.characterClass = characterClass;
@@ -26,7 +26,7 @@
atom.parenthesesDisjunction = parenthesesInfo;
atom.quantityType = QuantifierFixedCount;
atom.quantityCount = 1;
-@@ -180,17 +180,17 @@ struct ByteTerm {
+@@ -183,17 +183,17 @@ struct ByteTerm {
: type(type)
, m_capture(false)
, m_invert(invert)
@@ -48,7 +48,7 @@
diff --git a/js/src/yarr/YarrPattern.h b/js/src/yarr/YarrPattern.h
--- a/js/src/yarr/YarrPattern.h
+++ b/js/src/yarr/YarrPattern.h
-@@ -179,17 +179,17 @@ struct PatternTerm {
+@@ -180,17 +180,17 @@ struct PatternTerm {
, m_capture(false)
, m_invert(invert)
{
@@ -70,7 +70,7 @@
diff --git a/memory/mozjemalloc/jemalloc.c b/memory/mozjemalloc/jemalloc.c
--- a/memory/mozjemalloc/jemalloc.c
+++ b/memory/mozjemalloc/jemalloc.c
-@@ -1099,17 +1099,19 @@ struct arena_s {
+@@ -1099,17 +1099,17 @@ struct arena_s {
static unsigned ncpus;
#endif
@@ -79,17 +79,16 @@
* controlling the malloc behavior are defined as compile-time constants
* for best performance and cannot be altered at runtime.
*/
-+#if !(defined(__powerpc__))
+-#if !defined(__ia64__) && !defined(__sparc__) && !defined(__mips__)
++#if !defined(__ia64__) && !defined(__sparc__) && !defined(__mips__) && !(defined(__powerpc__))
#define MALLOC_STATIC_SIZES 1
-+#endif
+ #endif
#ifdef MALLOC_STATIC_SIZES
/*
* VM page size. It must divide the runtime CPU page size or the code
* will abort.
- * Platform specific page size conditions copied from js/public/HeapAPI.h
- */
diff --git a/mfbt/double-conversion/utils.h b/mfbt/double-conversion/utils.h
--- a/mfbt/double-conversion/utils.h
+++ b/mfbt/double-conversion/utils.h
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/xulrunner/_constraints Sat Sep 28 13:24:50 2013 +0200
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<constraints>
+ <hardware>
+ <disk>
+ <size unit="G">9</size>
+ </disk>
+ <memory>
+ <size unit="M">3500</size>
+ </memory>
+ </hardware>
+</constraints>
--- a/xulrunner/create-tar.sh Tue Jul 16 12:35:11 2013 +0200
+++ b/xulrunner/create-tar.sh Sat Sep 28 13:24:50 2013 +0200
@@ -1,14 +1,33 @@
#!/bin/bash
-CHANNEL="beta"
+CHANNEL="release"
BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_18_0b2_RELEASE"
-VERSION="17.99"
+RELEASE_TAG="FIREFOX_24_0_RELEASE"
+VERSION="24.0"
# mozilla
-echo "cloning $BRANCH..."
-hg clone http://hg.mozilla.org/$BRANCH mozilla
+if [ -d mozilla ]; then
+ pushd mozilla
+ _repourl=$(hg paths)
+ case "$_repourl" in
+ *$BRANCH*)
+ echo "updating previous tree"
+ hg pull
+ popd
+ ;;
+ * )
+ echo "removing obsolete tree"
+ popd
+ rm -rf mozilla
+ ;;
+ esac
+fi
+if [ ! -d mozilla ]; then
+ echo "cloning new $BRANCH..."
+ hg clone http://hg.mozilla.org/$BRANCH mozilla
+fi
pushd mozilla
+hg update --check
[ "$RELEASE_TAG" == "default" ] || hg update -r $RELEASE_TAG
# get repo and source stamp
echo -n "REV=" > ../source-stamp.txt
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/xulrunner/mozilla-libproxy-compat.patch Sat Sep 28 13:24:50 2013 +0200
@@ -0,0 +1,1 @@
+../mozilla-libproxy-compat.patch
\ No newline at end of file
--- a/xulrunner/xulrunner.changes Tue Jul 16 12:35:11 2013 +0200
+++ b/xulrunner/xulrunner.changes Sat Sep 28 13:24:50 2013 +0200
@@ -1,3 +1,186 @@
+-------------------------------------------------------------------
+Wed Sep 18 14:39:34 UTC 2013 - wr@rosenauer.org
+
+- update to 24.0 (bnc#840485)
+ * MFSA 2013-76/CVE-2013-1718/CVE-2013-1719
+ Miscellaneous memory safety hazards
+ * MFSA 2013-77/CVE-2013-1720 (bmo#888820)
+ Improper state in HTML5 Tree Builder with templates
+ * MFSA 2013-78/CVE-2013-1721 (bmo#890277)
+ Integer overflow in ANGLE library
+ * MFSA 2013-79/CVE-2013-1722 (bmo#893308)
+ Use-after-free in Animation Manager during stylesheet cloning
+ * MFSA 2013-80/CVE-2013-1723 (bmo#891292)
+ NativeKey continues handling key messages after widget is destroyed
+ * MFSA 2013-81/CVE-2013-1724 (bmo#894137)
+ Use-after-free with select element
+ * MFSA 2013-82/CVE-2013-1725 (bmo#876762)
+ Calling scope for new Javascript objects can lead to memory corruption
+ * MFSA 2013-85/CVE-2013-1728 (bmo#883686)
+ Uninitialized data in IonMonkey
+ * MFSA 2013-88/CVE-2013-1730 (bmo#851353)
+ Compartment mismatch re-attaching XBL-backed nodes
+ * MFSA 2013-89/CVE-2013-1732 (bmo#883514)
+ Buffer overflow with multi-column, lists, and floats
+ * MFSA 2013-90/CVE-2013-1735/CVE-2013-1736 (bmo#898871, bmo#906301)
+ Memory corruption involving scrolling
+ * MFSA 2013-91/CVE-2013-1737 (bmo#907727)
+ User-defined properties on DOM proxies get the wrong "this" object
+ * MFSA 2013-92/CVE-2013-1738 (bmo#887334, bmo#882897)
+ GC hazard with default compartments and frame chain restoration
+- require NSPR 4.10 and NSS 3.15.1
+
+-------------------------------------------------------------------
+Fri Aug 2 10:56:43 UTC 2013 - wr@rosenauer.org
+
+- update to 17.0.8esr (bnc#833389)
+ * MFSA 2013-63/CVE-2013-1701
+ Miscellaneous memory safety hazards
+ * MFSA 2013-68/CVE-2013-1709 (bmo#838253)
+ Document URI misrepresentation and masquerading
+ * MFSA 2013-69/CVE-2013-1710 (bmo#871368)
+ CRMF requests allow for code execution and XSS attacks
+ * MFSA 2013-72/CVE-2013-1713 (bmo#887098)
+ Wrong principal used for validating URI for some Javascript
+ components
+ * MFSA 2013-73/CVE-2013-1714 (bmo#879787)
+ Same-origin bypass with web workers and XMLHttpRequest
+ * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397)
+ Local Java applets may read contents of local file system
+
+-------------------------------------------------------------------
+Mon Jun 24 15:26:27 UTC 2013 - wr@rosenauer.org
+
+- update to 17.0.7esr (bnc#825935)
+ * MFSA 2013-49/CVE-2013-1682
+ Miscellaneous memory safety hazards
+ * MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686
+ Memory corruption found using Address Sanitizer
+ * MFSA 2013-51/CVE-2013-1687 (bmo#863933, bmo#866823)
+ Privileged content access and execution via XBL
+ * MFSA 2013-53/CVE-2013-1690 (bmo#857883)
+ Execution of unmapped memory through onreadystatechange event
+ * MFSA 2013-54/CVE-2013-1692 (bmo#866915)
+ Data in the body of XHR HEAD requests leads to CSRF attacks
+ * MFSA 2013-55/CVE-2013-1693 (bmo#711043)
+ SVG filters can lead to information disclosure
+ * MFSA 2013-56/CVE-2013-1694 (bmo#848535)
+ PreserveWrapper has inconsistent behavior
+ * MFSA 2013-59/CVE-2013-1697 (bmo#858101)
+ XrayWrappers can be bypassed to run user defined methods in a
+ privileged context
+
+-------------------------------------------------------------------
+Tue Jun 4 16:24:51 UTC 2013 - dvaleev@suse.com
+
+- Fix build on powerpc (ppc-xpcshell.patch)
+
+-------------------------------------------------------------------
+Fri May 10 17:27:23 UTC 2013 - wr@rosenauer.org
+
+- update to 17.0.6esr (bnc#819204)
+ * MFSA 2013-41/CVE-2013-0801/CVE-2013-1669
+ Miscellaneous memory safety hazards
+ * MFSA 2013-42/CVE-2013-1670 (bmo#853709)
+ Privileged access for content level constructor
+ * MFSA 2013-46/CVE-2013-1674 (bmo#860971)
+ Use-after-free with video and onresize event
+ * MFSA 2013-47/CVE-2013-1675 (bmo#866825)
+ Uninitialized functions in DOMSVGZoomEvent
+ * MFSA 2013-48/CVE-2013-1676/CVE-2013-1677/CVE-2013-1678/
+ CVE-2013-1679/CVE-2013-1680/CVE-2013-1681
+ Memory corruption found using Address Sanitizer
+
+-------------------------------------------------------------------
+Fri Mar 29 16:27:59 UTC 2013 - wr@rosenauer.org
+
+- update to 17.0.5esr (bnc#813026)
+ * requires NSPR 4.9.5 and NSS 3.14.3
+ * MFSA 2013-30/CVE-2013-0788
+ Miscellaneous memory safety hazards
+ * MFSA 2013-31/CVE-2013-0800 (bmo#825721)
+ Out-of-bounds write in Cairo library
+ * MFSA 2013-35/CVE-2013-0796 (bmo#827106)
+ WebGL crash with Mesa graphics driver on Linux
+ * MFSA 2013-36/CVE-2013-0795 (bmo#825697)
+ Bypass of SOW protections allows cloning of protected nodes
+ * MFSA 2013-37/CVE-2013-0794 (bmo#626775)
+ Bypass of tab-modal dialog origin disclosure
+ * MFSA 2013-38/CVE-2013-0793 (bmo#803870)
+ Cross-site scripting (XSS) using timed history navigations
+
+-------------------------------------------------------------------
+Fri Mar 8 09:00:09 UTC 2013 - wr@rosenauer.org
+
+- update to 17.0.4esr (bnc#808243)
+ * MFSA 2013-29/CVE-2013-0787 (bmo#848644)
+ Use-after-free in HTML Editor
+
+-------------------------------------------------------------------
+Sat Feb 16 17:38:21 UTC 2013 - wr@rosenauer.org
+
+- update to 17.0.3esr (bnc#804248)
+ * MFSA 2013-21/CVE-2013-0783
+ Miscellaneous memory safety hazards
+ * MFSA 2013-24/CVE-2013-0773 (bmo#809652)
+ Web content bypass of COW and SOW security wrappers
+ * MFSA 2013-25/CVE-2013-0774 (bmo#827193)
+ Privacy leak in JavaScript Workers
+ * MFSA 2013-26/CVE-2013-0775 (bmo#831095)
+ Use-after-free in nsImageLoadingContent
+ * MFSA 2013-27/CVE-2013-0776 (bmo#796475)
+ Phishing on HTTPS connection through malicious proxy
+ * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782
+ Use-after-free, out of bounds read, and buffer overflow issues
+ found using Address Sanitizer
+
+-------------------------------------------------------------------
+Sat Jan 5 14:46:06 UTC 2013 - wr@rosenauer.org
+
+- update to 17.0.2esr (bnc#796895)
+ * MFSA 2013-01/CVE-2013-0749/CVE-2013-0769/CVE-2013-0770
+ Miscellaneous memory safety hazards
+ * MFSA 2013-02/CVE-2013-0760/CVE-2013-0762/CVE-2013-0766/CVE-2013-0767
+ CVE-2013-0761/CVE-2013-0763/CVE-2013-0771/CVE-2012-5829
+ Use-after-free and buffer overflow issues found using Address Sanitizer
+ * MFSA 2013-03/CVE-2013-0768 (bmo#815795)
+ Buffer Overflow in Canvas
+ * MFSA 2013-04/CVE-2012-0759 (bmo#802026)
+ URL spoofing in addressbar during page loads
+ * MFSA 2013-05/CVE-2013-0744 (bmo#814713)
+ Use-after-free when displaying table with many columns and column groups
+ * MFSA 2013-07/CVE-2013-0764 (bmo#804237)
+ Crash due to handling of SSL on threads
+ * MFSA 2013-08/CVE-2013-0745 (bmo#794158)
+ AutoWrapperChanger fails to keep objects alive during garbage collection
+ * MFSA 2013-09/CVE-2013-0746 (bmo#816842)
+ Compartment mismatch with quickstubs returned values
+ * MFSA 2013-10/CVE-2013-0747 (bmo#733305)
+ Event manipulation in plugin handler to bypass same-origin policy
+ * MFSA 2013-11/CVE-2013-0748 (bmo#806031)
+ Address space layout leaked in XBL objects
+ * MFSA 2013-12/CVE-2013-0750 (bmo#805121)
+ Buffer overflow in Javascript string concatenation
+ * MFSA 2013-13/CVE-2013-0752 (bmo#805024)
+ Memory corruption in XBL with XML bindings containing SVG
+ * MFSA 2013-14/CVE-2013-0757 (bmo#813901)
+ Chrome Object Wrapper (COW) bypass through changing prototype
+ * MFSA 2013-15/CVE-2013-0758 (bmo#813906)
+ Privilege escalation through plugin objects
+ * MFSA 2013-16/CVE-2013-0753 (bmo#814001)
+ Use-after-free in serializeToStream
+ * MFSA 2013-17/CVE-2013-0754 (bmo#814026)
+ Use-after-free in ListenerManager
+ * MFSA 2013-18/CVE-2013-0755 (bmo#814027)
+ Use-after-free in Vibrate
+ * MFSA 2013-19/CVE-2013-0756 (bmo#814029)
+ Use-after-free in Javascript Proxy objects
+- requires NSS 3.14.1 (MFSA 2013-20, CVE-2013-0743)
+- build on SLE11
+ * mozilla-gcc43-enums.patch
+ * mozilla-gcc43-template_hacks.patch
+ * mozilla-gcc43-templates_instantiation.patch
+
-------------------------------------------------------------------
Thu Nov 29 20:04:34 UTC 2012 - wr@rosenauer.org
--- a/xulrunner/xulrunner.spec Tue Jul 16 12:35:11 2013 +0200
+++ b/xulrunner/xulrunner.spec Sat Sep 28 13:24:50 2013 +0200
@@ -1,8 +1,8 @@
#
# spec file for package xulrunner
#
-# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
-# 2006-2012 Wolfgang Rosenauer
+# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# 2006-2013 Wolfgang Rosenauer
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -16,6 +16,11 @@
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
+%if %suse_version > 1220
+%define gstreamer_ver 0.10
+%else
+%define gstreamer_ver 0.10
+%endif
Name: xulrunner
BuildRequires: Mesa-devel
@@ -42,14 +47,19 @@
%else
BuildRequires: wireless-tools
%endif
-BuildRequires: mozilla-nspr-devel >= 4.9.2
-BuildRequires: mozilla-nss-devel >= 3.14
-Version: 17.99
+BuildRequires: mozilla-nspr-devel >= 4.10
+BuildRequires: mozilla-nss-devel >= 3.15.1
+%if %suse_version > 1210
+BuildRequires: pkgconfig(gstreamer-%gstreamer_ver)
+BuildRequires: pkgconfig(gstreamer-app-%gstreamer_ver)
+BuildRequires: pkgconfig(gstreamer-plugins-base-%gstreamer_ver)
+%endif
+Version: 24.0
Release: 0
-%define releasedate 2012112800
-%define version_internal 18.0
-%define apiversion 18
-%define uaweight 1800000
+%define releasedate 2013091000
+%define version_internal 24.0
+%define apiversion 24
+%define uaweight 2400000
Summary: Mozilla Runtime Environment
License: MPL-2.0
Group: Productivity/Other
@@ -76,16 +86,19 @@
Patch6: mozilla-language.patch
Patch7: mozilla-ntlm-full-path.patch
Patch9: mozilla-sle11.patch
-Patch14: mozilla-ppc.patch
+Patch10: mozilla-ppc.patch
+Patch11: mozilla-libproxy-compat.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Requires: mozilla-js = %{version}
Requires(post): update-alternatives coreutils
Requires(preun): update-alternatives coreutils
+Provides: xulrunner-esr = %{version}
+Obsoletes: xulrunner-esr < 24.0
### build configuration ###
%define has_system_nspr 1
%define has_system_nss 1
%define has_system_cairo 0
-%define localize 0
+%define localize 1
%ifarch ppc ppc64 s390 s390x ia64 %arm
%define crashreporter 0
%else
@@ -140,7 +153,7 @@
Summary: Common translations for XULRunner
Group: System/Localization
Requires: %{name} = %{version}
-Provides: locale(%{name}:ar;ca;cs;da;de;en_GB;es_AR;es_CL;es_ES;fi;fr;hu;it;ja;ko;nb_NO;nl;pl;pt_BR;pt_PT;ru;sv_SE;zh_CN;zh_TW)
+Provides: locale(%{name}:ar;ca;cs;da;de;el;en_GB;es_AR;es_CL;es_ES;fi;fr;hu;it;ja;ko;nb_NO;nl;pl;pt_BR;pt_PT;ru;sv_SE;zh_CN;zh_TW)
Obsoletes: %{name}-translations < %{version}-%{release}
%description translations-common
@@ -156,7 +169,7 @@
Summary: Extra translations for XULRunner
Group: System/Localization
Requires: %{name} = %{version}
-Provides: locale(%{name}:ach;af;ak;as;ast;be;bg;bn_BD;bn_IN;br;bs;csb;cy;el;en_ZA;eo;es_MX;et;eu;fa;ff;fy_NL;ga_IE;gd;gl;gu_IN;he;hi_IN;hr;hy_AM;id;is;kk;km;kn;ku;lg;lij;lt;lv;mai;mk;ml;mr;nn_NO;nso;or;pa_IN;rm;ro;si;sk;sl;son;sq;sr;ta;ta_LK;te;th;tr;uk;vi;zu)
+Provides: locale(%{name}:ach;af;ak;as;ast;be;bg;bn_BD;bn_IN;br;bs;csb;cy;en_ZA;eo;es_MX;et;eu;fa;ff;fy_NL;ga_IE;gd;gl;gu_IN;he;hi_IN;hr;hy_AM;id;is;kk;km;kn;ku;lg;lij;lt;lv;mai;mk;ml;mr;nn_NO;nso;or;pa_IN;rm;ro;si;sk;sl;son;sq;sr;ta;ta_LK;te;th;tr;uk;vi;zu)
Obsoletes: %{name}-translations < %{version}-%{release}
%description translations-other
@@ -190,7 +203,8 @@
%if %suse_version < 1120
%patch9 -p1
%endif
-%patch14 -p1
+%patch10 -p1
+%patch11 -p1
%build
# no need to add build time to binaries
@@ -243,7 +257,6 @@
ac_add_options --enable-system-hunspell
ac_add_options --enable-startup-notification
ac_add_options --enable-shared-js
-ac_add_options --disable-webrtc # does not build with system NSPR
#ac_add_options --enable-debug
EOF
%if %suse_version > 1130
@@ -252,6 +265,11 @@
ac_add_options --enable-gio
EOF
%endif
+%if %suse_version < 1220
+cat << EOF >> $MOZCONFIG
+ac_add_options --disable-gstreamer
+EOF
+%endif
%if %has_system_nspr
cat << EOF >> $MOZCONFIG
ac_add_options --with-system-nspr
@@ -277,27 +295,15 @@
ac_add_options --disable-crashreporter
EOF
%endif
-# S/390
-%ifarch s390 s390x
-cat << EOF >> $MOZCONFIG
-ac_add_options --disable-jemalloc
-EOF
-%endif
# ARM
%ifarch %arm
cat << EOF >> $MOZCONFIG
-%ifarch armv7l armv7hl
-ac_add_options --with-arch=armv7-a
-ac_add_options --with-float-abi=hard
-ac_add_options --with-fpu=vfpv3-d16
-ac_add_options --with-thumb=yes
-ac_add_options --disable-debug
+ac_add_options --disable-neon
+EOF
%endif
-%ifarch armv5tel
-ac_add_options --with-arch=armv5te
-ac_add_options --with-float-abi=soft
-ac_add_options --with-thumb=no
-%endif
+%ifnarch %ix86 x86_64
+cat << EOF >> $MOZCONFIG
+ac_add_options --disable-webrtc
EOF
%endif
make -f client.mk build
@@ -315,14 +321,12 @@
find $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/ \
-name "*.js" -o -name "*.xpm" -o -name "*.png" | xargs chmod a-x
# remove mkdir.done files from installed base
-find $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal} -name ".mkdir.done" | xargs rm
+#find $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal} -name ".mkdir.done" | xargs rm
mkdir -p $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/extensions
# fixing SDK dynamic libs (symlink instead of copy)
rm $RPM_BUILD_ROOT%{_libdir}/xulrunner-devel-%{version_internal}/sdk/lib/*.so
ln -sf ../../../xulrunner-%{version_internal}/libmozjs.so \
$RPM_BUILD_ROOT%{_libdir}/xulrunner-devel-%{version_internal}/sdk/lib/
-ln -sf ../../../xulrunner-%{version_internal}/libxpcom.so \
- $RPM_BUILD_ROOT%{_libdir}/xulrunner-devel-%{version_internal}/sdk/lib/
ln -sf ../../../xulrunner-%{version_internal}/libxul.so \
$RPM_BUILD_ROOT%{_libdir}/xulrunner-devel-%{version_internal}/sdk/lib/
# include basic buildenv for xulapps to use
@@ -331,7 +335,7 @@
# this list has been compiled by trial and error for prism
tar --exclude=*.cpp --exclude=*.mm \
-cvjf $RPM_BUILD_ROOT%{_datadir}/xulrunner-%{version_internal}/mozilla-src.tar.bz2 \
- mozilla/configure.in mozilla/Makefile.in mozilla/client.py mozilla/allmakefiles.sh \
+ mozilla/configure.in mozilla/Makefile.in mozilla/client.py \
mozilla/config mozilla/client.mk mozilla/aclocal.m4 mozilla/build mozilla/js/src/* \
mozilla/testing mozilla/toolkit/mozapps/installer mozilla/probes mozilla/memory \
mozilla/toolkit/xre mozilla/nsprpub/config mozilla/tools mozilla/xpcom/build
@@ -364,7 +368,7 @@
rm -rf $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/extensions/langpack-$locale@firefox.mozilla.org/defaults
# check against the fixed common list and sort into the right filelist
_matched=0
- for _match in ar ca cs da de en-GB es-AR es-CL es-ES fi fr hu it ja ko nb-NO nl pl pt-BR pt-PT ru sv-SE zh-CN zh-TW; do
+ for _match in ar ca cs da de el en-GB es-AR es-CL es-ES fi fr hu it ja ko nb-NO nl pl pt-BR pt-PT ru sv-SE zh-CN zh-TW; do
[ "$_match" = "$locale" ] && _matched=1
done
[ $_matched -eq 1 ] && _l10ntarget=common || _l10ntarget=other
@@ -453,7 +457,6 @@
%dir %{_libdir}/xulrunner-%{version_internal}/extensions/
%{_libdir}/xulrunner-%{version_internal}/chrome/icons/
%{_libdir}/xulrunner-%{version_internal}/components/
-%{_libdir}/xulrunner-%{version_internal}/plugins/
%{_libdir}/xulrunner-%{version_internal}/*.so
%exclude %{_libdir}/xulrunner-%{version_internal}/libmozjs.so
%{_libdir}/xulrunner-%{version_internal}/add-plugins.sh
@@ -493,6 +496,7 @@
%files devel
%defattr(-,root,root)
%{_libdir}/xulrunner-devel-%{version_internal}/
+%{_libdir}/xulrunner-%{version_internal}/js-gdb.py
# FIXME symlink dynamic libs below sdk/lib
%attr(644,root,root) %{_libdir}/pkgconfig/*
%{_includedir}/xulrunner-%{version_internal}/