# HG changeset patch # User Wolfgang Rosenauer # Date 1425215605 -3600 # Node ID 12530a091878bb18f999d01f9bdde73174acdf03 # Parent ac54f3b3e13c809d5ff2f340b8a1a31c54f3648c prepare 37 beta cycle diff -r ac54f3b3e13c -r 12530a091878 MozillaFirefox/MozillaFirefox.changes --- a/MozillaFirefox/MozillaFirefox.changes Fri Feb 20 23:51:50 2015 +0100 +++ b/MozillaFirefox/MozillaFirefox.changes Sun Mar 01 14:13:25 2015 +0100 @@ -1,10 +1,58 @@ ------------------------------------------------------------------- -Thu Feb 19 22:43:47 UTC 2015 - wr@rosenauer.org - -- update to Firefox 36.0b10 - * rebased patches +Sun Mar 1 13:11:49 UTC 2015 - wr@rosenauer.org + +- update to Firefox 37.0b1 +- requires NSPR 4.10.8 + +------------------------------------------------------------------- +Fri Feb 20 22:53:39 UTC 2015 - wr@rosenauer.org + +- update to Firefox 36.0 (bnc#917597) * mozilla-xremote-client was removed * added libclearkey.so media plugin + * Pinned tiles on the new tab page can be synced + * Support for the full HTTP/2 protocol. HTTP/2 enables a faster, + more scalable, and more responsive web. + * Locale added: Uzbek (uz) + security fixes: + * MFSA 2015-11/CVE-2015-0835/CVE-2015-0836 + Miscellaneous memory safety hazards + * MFSA 2015-12/CVE-2015-0833 (bmo#945192) + Invoking Mozilla updater will load locally stored DLL files + (Windows only) + * MFSA 2015-13/CVE-2015-0832 (bmo#1065909) + Appended period to hostnames can bypass HPKP and HSTS protections + * MFSA 2015-14/CVE-2015-0830 (bmo#1110488) + Malicious WebGL content crash when writing strings + * MFSA 2015-15/CVE-2015-0834 (bmo#1098314) + TLS TURN and STUN connections silently fail to simple TCP connections + * MFSA 2015-16/CVE-2015-0831 (bmo#1130514) + Use-after-free in IndexedDB + * MFSA 2015-17/CVE-2015-0829 (bmo#1128939) + Buffer overflow in libstagefright during MP4 video playback + * MFSA 2015-18/CVE-2015-0828 (bmo#1030667, bmo#988675) + Double-free when using non-default memory allocators with a + zero-length XHR + * MFSA 2015-19/CVE-2015-0827 (bmo#1117304) + Out-of-bounds read and write while rendering SVG content + * MFSA 2015-20/CVE-2015-0826 (bmo#1092363) + Buffer overflow during CSS restyling + * MFSA 2015-21/CVE-2015-0825 (bmo#1092370) + Buffer underflow during MP3 playback + * MFSA 2015-22/CVE-2015-0824 (bmo#1095925) + Crash using DrawTarget in Cairo graphics library + * MFSA 2015-23/CVE-2015-0823 (bmo#1098497) + Use-after-free in Developer Console date with OpenType Sanitiser + * MFSA 2015-24/CVE-2015-0822 (bmo#1110557) + Reading of local files through manipulation of form autocomplete + * MFSA 2015-25/CVE-2015-0821 (bmo#1111960) + Local files or privileged URLs in pages can be opened into new tabs + * MFSA 2015-26/CVE-2015-0819 (bmo#1079554) + UI Tour whitelisted sites in background tab can spoof foreground + tabs + * MFSA 2015-27CVE-2015-0820 (bmo#1125398) + Caja Compiler JavaScript sandbox bypass +- rebased patches - requires NSS 3.17.4 ------------------------------------------------------------------- diff -r ac54f3b3e13c -r 12530a091878 MozillaFirefox/MozillaFirefox.spec --- a/MozillaFirefox/MozillaFirefox.spec Fri Feb 20 23:51:50 2015 +0100 +++ b/MozillaFirefox/MozillaFirefox.spec Sun Mar 01 14:13:25 2015 +0100 @@ -1,7 +1,7 @@ # # spec file for package MozillaFirefox # -# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # 2006-2015 Wolfgang Rosenauer # # All modifications and additions to the file contributed by third parties @@ -16,11 +16,12 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # + # changed with every update -%define major 35 +%define major 36 %define mainver %major.99 %define update_channel beta -%define releasedate 2015021800 +%define releasedate 2015022800 # general build definitions %if "%{update_channel}" != "aurora" @@ -71,8 +72,13 @@ BuildRequires: libcurl-devel BuildRequires: libgnomeui-devel BuildRequires: libidl-devel +BuildRequires: libiw-devel BuildRequires: libnotify-devel +BuildRequires: libproxy-devel BuildRequires: makeinfo +BuildRequires: mozilla-nspr-devel >= 4.10.8 +BuildRequires: mozilla-nss-devel >= 3.17.4 +BuildRequires: nss-shared-helper-devel BuildRequires: python-devel BuildRequires: startup-notification-devel BuildRequires: unzip @@ -80,15 +86,10 @@ BuildRequires: xorg-x11-libXt-devel BuildRequires: yasm BuildRequires: zip -BuildRequires: libiw-devel -BuildRequires: libproxy-devel -BuildRequires: mozilla-nspr-devel >= 4.10.7 -BuildRequires: mozilla-nss-devel >= 3.17.4 -BuildRequires: nss-shared-helper-devel -BuildRequires: pkgconfig(libpulse) BuildRequires: pkgconfig(gstreamer-%gstreamer_ver) BuildRequires: pkgconfig(gstreamer-app-%gstreamer_ver) BuildRequires: pkgconfig(gstreamer-plugins-base-%gstreamer_ver) +BuildRequires: pkgconfig(libpulse) %if 0%{?gstreamer} == 1 Requires: libgstreamer-1_0-0 Recommends: gstreamer-fluendo-mp3 @@ -197,7 +198,7 @@ %package translations-other Summary: Extra translations for %{appname} Group: System/Localization -Provides: locale(%{name}:ach;af;ak;as;ast;be;bg;bn_BD;bn_IN;br;bs;csb;cy;en_ZA;eo;es_MX;et;eu;fa;ff;fy_NL;ga_IE;gd;gl;gu_IN;he;hi_IN;hr;hy_AM;id;is;kk;km;kn;ku;lg;lij;lt;lv;mai;mk;ml;mr;nn_NO;nso;or;pa_IN;rm;ro;si;sk;sl;son;sq;sr;ta;ta_LK;te;th;tr;uk;vi;zu) +Provides: locale(%{name}:ach;af;ak;as;ast;be;bg;bn_BD;bn_IN;br;bs;csb;cy;en_ZA;eo;es_MX;et;eu;fa;ff;fy_NL;ga_IE;gd;gl;gu_IN;he;hi_IN;hr;hy_AM;id;is;kk;km;kn;ku;lg;lij;lt;lv;mai;mk;ml;mr;nn_NO;nso;or;pa_IN;rm;ro;si;sk;sl;son;sq;sr;ta;ta_LK;te;th;tr;uk;uz;vi;zu) Requires: %{name} = %{version} Obsoletes: %{name}-translations < %{version}-%{release} diff -r ac54f3b3e13c -r 12530a091878 MozillaFirefox/create-tar.sh --- a/MozillaFirefox/create-tar.sh Fri Feb 20 23:51:50 2015 +0100 +++ b/MozillaFirefox/create-tar.sh Sun Mar 01 14:13:25 2015 +0100 @@ -2,8 +2,8 @@ CHANNEL="beta" BRANCH="releases/mozilla-$CHANNEL" -RELEASE_TAG="FIREFOX_36_0b10_RELEASE" -VERSION="35.99" +RELEASE_TAG="FIREFOX_37_0b1_RELEASE" +VERSION="36.99" # mozilla if [ -d mozilla ]; then