# HG changeset patch
# User Wolfgang Rosenauer <wr@rosenauer.org>
# Date 1364937689 -7200
# Node ID 3a72bcb470fbba2168962b2d2b0ad1866dedb484
# Parent  b83636a2646609a385654bb2be934b11af464120
17.0.5esr update

diff -r b83636a26466 -r 3a72bcb470fb MozillaFirefox/create-tar.sh
--- a/MozillaFirefox/create-tar.sh	Sat Mar 16 15:05:51 2013 +0100
+++ b/MozillaFirefox/create-tar.sh	Tue Apr 02 23:21:29 2013 +0200
@@ -2,8 +2,8 @@
 
 CHANNEL="esr17"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_17_0_4esr_RELEASE"
-VERSION="17.0.4"
+RELEASE_TAG="FIREFOX_17_0_5esr_RELEASE"
+VERSION="17.0.5"
 
 # mozilla
 echo "cloning $BRANCH..."
diff -r b83636a26466 -r 3a72bcb470fb MozillaFirefox/firefox-esr.changes
--- a/MozillaFirefox/firefox-esr.changes	Sat Mar 16 15:05:51 2013 +0100
+++ b/MozillaFirefox/firefox-esr.changes	Tue Apr 02 23:21:29 2013 +0200
@@ -1,4 +1,22 @@
 -------------------------------------------------------------------
+Fri Mar 29 16:24:43 UTC 2013 - wr@rosenauer.org
+
+- update to Firefox 17.0.5esr (bnc#813026)
+  * requires NSPR 4.9.5 and NSS 3.14.3
+  * MFSA 2013-30/CVE-2013-0788
+    Miscellaneous memory safety hazards
+  * MFSA 2013-31/CVE-2013-0800 (bmo#825721)
+    Out-of-bounds write in Cairo library
+  * MFSA 2013-35/CVE-2013-0796 (bmo#827106)
+    WebGL crash with Mesa graphics driver on Linux
+  * MFSA 2013-36/CVE-2013-0795 (bmo#825697)
+    Bypass of SOW protections allows cloning of protected nodes
+  * MFSA 2013-37/CVE-2013-0794 (bmo#626775)
+    Bypass of tab-modal dialog origin disclosure
+  * MFSA 2013-38/CVE-2013-0793 (bmo#803870)
+    Cross-site scripting (XSS) using timed history navigations
+
+-------------------------------------------------------------------
 Fri Mar  8 08:36:26 UTC 2013 - wr@rosenauer.org
 
 - update to Firefox 17.0.4 (bnc#808243)
diff -r b83636a26466 -r 3a72bcb470fb MozillaFirefox/firefox-esr.spec
--- a/MozillaFirefox/firefox-esr.spec	Sat Mar 16 15:05:51 2013 +0100
+++ b/MozillaFirefox/firefox-esr.spec	Tue Apr 02 23:21:29 2013 +0200
@@ -18,7 +18,7 @@
 
 
 %define major 17
-%define mainver %major.0.4
+%define mainver %major.0.5
 %define update_channel release
 
 Name:           firefox-esr
@@ -44,8 +44,8 @@
 %else
 BuildRequires:  wireless-tools
 %endif
-BuildRequires:  mozilla-nspr-devel >= 4.9.4
-BuildRequires:  mozilla-nss-devel >= 3.14.1
+BuildRequires:  mozilla-nspr-devel >= 4.9.5
+BuildRequires:  mozilla-nss-devel >= 3.14.3
 BuildRequires:  nss-shared-helper-devel
 %if %suse_version > 1140
 BuildRequires:  pkgconfig(gstreamer-0.10)
@@ -54,7 +54,7 @@
 %endif
 Version:        %{mainver}
 Release:        0
-%define         releasedate 2013030700
+%define         releasedate 2013032900
 Provides:       firefox-esr = %{mainver}
 Provides:       web_browser
 Provides:       browser(npapi)
@@ -249,7 +249,7 @@
 %patch14 -p1
 %patch15 -p1
 %if %suse_version == 1120
-%ifarch %x86
+%ifarch %ix86
 %patch16 -p1
 %endif
 %endif
@@ -293,7 +293,7 @@
 export MOZ_TELEMETRY_REPORTING=1
 export CFLAGS="$RPM_OPT_FLAGS -Os -fno-strict-aliasing"
 %if %suse_version == 1120
-%ifarch %x86
+%ifarch %ix86
 export CFLAGS="$RPM_OPT_FLAGS -O1 -fno-strict-aliasing"
 %endif
 %endif
diff -r b83636a26466 -r 3a72bcb470fb xulrunner/create-tar.sh
--- a/xulrunner/create-tar.sh	Sat Mar 16 15:05:51 2013 +0100
+++ b/xulrunner/create-tar.sh	Tue Apr 02 23:21:29 2013 +0200
@@ -2,8 +2,8 @@
 
 CHANNEL="esr17"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_17_0_3esr_RELEASE"
-VERSION="17.0.3"
+RELEASE_TAG="FIREFOX_17_0_5esr_RELEASE"
+VERSION="17.0.5"
 
 # mozilla
 echo "cloning $BRANCH..."
diff -r b83636a26466 -r 3a72bcb470fb xulrunner/xulrunner-esr.changes
--- a/xulrunner/xulrunner-esr.changes	Sat Mar 16 15:05:51 2013 +0100
+++ b/xulrunner/xulrunner-esr.changes	Tue Apr 02 23:21:29 2013 +0200
@@ -1,3 +1,21 @@
+-------------------------------------------------------------------
+Fri Mar 29 16:27:59 UTC 2013 - wr@rosenauer.org
+
+- update to 17.0.5esr (bnc#813026)
+  * requires NSPR 4.9.5 and NSS 3.14.3
+  * MFSA 2013-30/CVE-2013-0788
+    Miscellaneous memory safety hazards
+  * MFSA 2013-31/CVE-2013-0800 (bmo#825721)
+    Out-of-bounds write in Cairo library
+  * MFSA 2013-35/CVE-2013-0796 (bmo#827106)
+    WebGL crash with Mesa graphics driver on Linux
+  * MFSA 2013-36/CVE-2013-0795 (bmo#825697)
+    Bypass of SOW protections allows cloning of protected nodes
+  * MFSA 2013-37/CVE-2013-0794 (bmo#626775)
+    Bypass of tab-modal dialog origin disclosure
+  * MFSA 2013-38/CVE-2013-0793 (bmo#803870)
+    Cross-site scripting (XSS) using timed history navigations
+
 -------------------------------------------------------------------
 Fri Mar  8 09:00:09 UTC 2013 - wr@rosenauer.org
 
diff -r b83636a26466 -r 3a72bcb470fb xulrunner/xulrunner-esr.spec
--- a/xulrunner/xulrunner-esr.spec	Sat Mar 16 15:05:51 2013 +0100
+++ b/xulrunner/xulrunner-esr.spec	Tue Apr 02 23:21:29 2013 +0200
@@ -42,14 +42,14 @@
 %else
 BuildRequires:  wireless-tools
 %endif
-BuildRequires:  mozilla-nspr-devel >= 4.9.4
-BuildRequires:  mozilla-nss-devel >= 3.14.1
-Version:        17.0.4
+BuildRequires:  mozilla-nspr-devel >= 4.9.5
+BuildRequires:  mozilla-nss-devel >= 3.14.3
+Version:        17.0.5
 Release:        0
-%define         releasedate 2013030700
-%define         version_internal 17.0.4
+%define         releasedate 2013032900
+%define         version_internal 17.0.5
 %define         apiversion 17
-%define         uaweight 1700004
+%define         uaweight 1700005
 Summary:        Mozilla Runtime Environment
 License:        MPL-2.0
 Group:          Productivity/Other
diff -r b83636a26466 -r 3a72bcb470fb xulrunner/xulrunner.changes
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/xulrunner/xulrunner.changes	Tue Apr 02 23:21:29 2013 +0200
@@ -0,0 +1,495 @@
+-------------------------------------------------------------------
+Fri Mar 29 16:27:59 UTC 2013 - wr@rosenauer.org
+
+- update to 17.0.5esr (bnc#813026)
+  * requires NSPR 4.9.5 and NSS 3.14.3
+  * MFSA 2013-30/CVE-2013-0788
+    Miscellaneous memory safety hazards
+  * MFSA 2013-31/CVE-2013-0800 (bmo#825721)
+    Out-of-bounds write in Cairo library
+  * MFSA 2013-35/CVE-2013-0796 (bmo#827106)
+    WebGL crash with Mesa graphics driver on Linux
+  * MFSA 2013-36/CVE-2013-0795 (bmo#825697)
+    Bypass of SOW protections allows cloning of protected nodes
+  * MFSA 2013-37/CVE-2013-0794 (bmo#626775)
+    Bypass of tab-modal dialog origin disclosure
+  * MFSA 2013-38/CVE-2013-0793 (bmo#803870)
+    Cross-site scripting (XSS) using timed history navigations
+
+-------------------------------------------------------------------
+Fri Mar  8 09:00:09 UTC 2013 - wr@rosenauer.org
+
+- update to 17.0.4esr (bnc#808243)
+  * MFSA 2013-29/CVE-2013-0787 (bmo#848644)
+    Use-after-free in HTML Editor
+
+-------------------------------------------------------------------
+Sat Feb 16 17:38:21 UTC 2013 - wr@rosenauer.org
+
+- update to 17.0.3esr (bnc#804248)
+  * MFSA 2013-21/CVE-2013-0783
+    Miscellaneous memory safety hazards
+  * MFSA 2013-24/CVE-2013-0773 (bmo#809652)
+    Web content bypass of COW and SOW security wrappers
+  * MFSA 2013-25/CVE-2013-0774 (bmo#827193)
+    Privacy leak in JavaScript Workers
+  * MFSA 2013-26/CVE-2013-0775 (bmo#831095)
+    Use-after-free in nsImageLoadingContent
+  * MFSA 2013-27/CVE-2013-0776 (bmo#796475)
+    Phishing on HTTPS connection through malicious proxy
+  * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782
+    Use-after-free, out of bounds read, and buffer overflow issues
+    found using Address Sanitizer
+
+-------------------------------------------------------------------
+Sat Jan  5 14:46:06 UTC 2013 - wr@rosenauer.org
+
+- update to 17.0.2esr (bnc#796895)
+  * MFSA 2013-01/CVE-2013-0749/CVE-2013-0769/CVE-2013-0770
+    Miscellaneous memory safety hazards
+  * MFSA 2013-02/CVE-2013-0760/CVE-2013-0762/CVE-2013-0766/CVE-2013-0767
+    CVE-2013-0761/CVE-2013-0763/CVE-2013-0771/CVE-2012-5829
+    Use-after-free and buffer overflow issues found using Address Sanitizer
+  * MFSA 2013-03/CVE-2013-0768 (bmo#815795)
+    Buffer Overflow in Canvas
+  * MFSA 2013-04/CVE-2012-0759 (bmo#802026)
+    URL spoofing in addressbar during page loads
+  * MFSA 2013-05/CVE-2013-0744 (bmo#814713)
+    Use-after-free when displaying table with many columns and column groups
+  * MFSA 2013-07/CVE-2013-0764 (bmo#804237)
+    Crash due to handling of SSL on threads
+  * MFSA 2013-08/CVE-2013-0745 (bmo#794158)
+    AutoWrapperChanger fails to keep objects alive during garbage collection
+  * MFSA 2013-09/CVE-2013-0746 (bmo#816842)
+    Compartment mismatch with quickstubs returned values
+  * MFSA 2013-10/CVE-2013-0747 (bmo#733305)
+    Event manipulation in plugin handler to bypass same-origin policy
+  * MFSA 2013-11/CVE-2013-0748 (bmo#806031)
+    Address space layout leaked in XBL objects
+  * MFSA 2013-12/CVE-2013-0750 (bmo#805121)
+    Buffer overflow in Javascript string concatenation
+  * MFSA 2013-13/CVE-2013-0752 (bmo#805024)
+    Memory corruption in XBL with XML bindings containing SVG
+  * MFSA 2013-14/CVE-2013-0757 (bmo#813901)
+    Chrome Object Wrapper (COW) bypass through changing prototype
+  * MFSA 2013-15/CVE-2013-0758 (bmo#813906)
+    Privilege escalation through plugin objects
+  * MFSA 2013-16/CVE-2013-0753 (bmo#814001)
+    Use-after-free in serializeToStream
+  * MFSA 2013-17/CVE-2013-0754 (bmo#814026)
+    Use-after-free in ListenerManager
+  * MFSA 2013-18/CVE-2013-0755 (bmo#814027)
+    Use-after-free in Vibrate
+  * MFSA 2013-19/CVE-2013-0756 (bmo#814029)
+    Use-after-free in Javascript Proxy objects
+- requires NSS 3.14.1 (MFSA 2013-20, CVE-2013-0743)
+- build on SLE11
+  * mozilla-gcc43-enums.patch
+  * mozilla-gcc43-template_hacks.patch
+  * mozilla-gcc43-templates_instantiation.patch
+
+-------------------------------------------------------------------
+Thu Nov 29 20:04:34 UTC 2012 - wr@rosenauer.org
+
+- update to 17.0.1
+  * regression/compatibility fixes
+
+-------------------------------------------------------------------
+Tue Nov 20 20:15:23 UTC 2012 - wr@rosenauer.org
+
+- update to 17.0 (bnc#790140)
+  * MFSA 2012-91/CVE-2012-5842/CVE-2012-5843
+    Miscellaneous memory safety hazards
+  * MFSA 2012-92/CVE-2012-4202 (bmo#758200)
+    Buffer overflow while rendering GIF images
+  * MFSA 2012-93/CVE-2012-4201 (bmo#747607)
+    evalInSanbox location context incorrectly applied
+  * MFSA 2012-94/CVE-2012-5836 (bmo#792857)
+    Crash when combining SVG text on path with CSS
+  * MFSA 2012-95/CVE-2012-4203 (bmo#765628)
+    Javascript: URLs run in privileged context on New Tab page
+  * MFSA 2012-96/CVE-2012-4204 (bmo#778603)
+    Memory corruption in str_unescape
+  * MFSA 2012-97/CVE-2012-4205 (bmo#779821)
+    XMLHttpRequest inherits incorrect principal within sandbox
+  * MFSA 2012-99/CVE-2012-4208 (bmo#798264)
+    XrayWrappers exposes chrome-only properties when not in chrome
+    compartment
+  * MFSA 2012-100/CVE-2012-5841 (bmo#805807)
+    Improper security filtering for cross-origin wrappers
+  * MFSA 2012-101/CVE-2012-4207 (bmo#801681)
+    Improper character decoding in HZ-GB-2312 charset
+  * MFSA 2012-102/CVE-2012-5837 (bmo#800363)
+    Script entered into Developer Toolbar runs with chrome privileges
+  * MFSA 2012-103/CVE-2012-4209 (bmo#792405)
+    Frames can shadow top.location
+  * MFSA 2012-104/CVE-2012-4210 (bmo#796866)
+    CSS and HTML injection through Style Inspector
+  * MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/
+    CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/
+    CVE-2012-4213/CVE-2012-4217/CVE-2012-4218
+    Use-after-free and buffer overflow issues found using Address
+    Sanitizer
+  * MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2012-5838
+    Use-after-free, buffer overflow, and memory corruption issues
+    found using Address Sanitizer
+- rebased patches
+- disabled WebRTC since build is broken (bmo#776877)
+
+-------------------------------------------------------------------
+Wed Oct 24 08:28:49 UTC 2012 - wr@rosenauer.org
+
+- update to 16.0.2 (bnc#786522)
+  * MFSA 2012-90/CVE-2012-4194/CVE-2012-4195/CVE-2012-4196
+    (bmo#800666, bmo#793121, bmo#802557)
+    Fixes for Location object issues
+
+-------------------------------------------------------------------
+Thu Oct 11 01:50:19 UTC 2012 - wr@rosenauer.org
+
+- update to 16.0.1 (bnc#783533)
+  * MFSA 2012-88/CVE-2012-4191 (bmo#798045)
+    Miscellaneous memory safety hazards
+  * MFSA 2012-89/CVE-2012-4192/CVE-2012-4193 (bmo#799952, bmo#720619)
+    defaultValue security checks not applied
+
+-------------------------------------------------------------------
+Sun Oct  7 21:41:01 UTC 2012 - wr@rosenauer.org
+
+- update to 16.0 (bnc#783533)
+  * MFSA 2012-74/CVE-2012-3982/CVE-2012-3983
+    Miscellaneous memory safety hazards
+  * MFSA 2012-75/CVE-2012-3984 (bmo#575294)
+    select element persistance allows for attacks
+  * MFSA 2012-76/CVE-2012-3985 (bmo#655649)
+    Continued access to initial origin after setting document.domain
+  * MFSA 2012-77/CVE-2012-3986 (bmo#775868)
+    Some DOMWindowUtils methods bypass security checks
+  * MFSA 2012-79/CVE-2012-3988 (bmo#725770)
+    DOS and crash with full screen and history navigation
+  * MFSA 2012-80/CVE-2012-3989 (bmo#783867)
+    Crash with invalid cast when using instanceof operator
+  * MFSA 2012-81/CVE-2012-3991 (bmo#783260)
+    GetProperty function can bypass security checks
+  * MFSA 2012-82/CVE-2012-3994 (bmo#765527)
+    top object and location property accessible by plugins
+  * MFSA 2012-83/CVE-2012-3993/CVE-2012-4184 (bmo#768101, bmo#780370)
+    Chrome Object Wrapper (COW) does not disallow acces to privileged
+    functions or properties
+  * MFSA 2012-84/CVE-2012-3992 (bmo#775009)
+    Spoofing and script injection through location.hash
+  * MFSA 2012-85/CVE-2012-3995/CVE-2012-4179/CVE-2012-4180/
+    CVE-2012-4181/CVE-2012-4182/CVE-2012-4183
+    Use-after-free, buffer overflow, and out of bounds read issues
+    found using Address Sanitizer
+  * MFSA 2012-86/CVE-2012-4185/CVE-2012-4186/CVE-2012-4187/
+    CVE-2012-4188
+    Heap memory corruption issues found using Address Sanitizer
+  * MFSA 2012-87/CVE-2012-3990 (bmo#787704)
+    Use-after-free in the IME State Manager
+- requires NSPR 4.9.2
+- removed upstreamed mozilla-crashreporter-restart-args.patch
+- updated translations-other with new languages
+
+-------------------------------------------------------------------
+Sun Aug 26 13:48:04 UTC 2012 - wr@rosenauer.org
+
+- update to 15.0 (bnc#777588)
+  * MFSA 2012-57/CVE-2012-1970
+    Miscellaneous memory safety hazards
+  * MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1975
+    CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE-2012-3959
+    CVE-2012-3960/CVE-2012-3961/CVE-2012-3962/CVE-2012-3963/CVE-2012-3964
+    Use-after-free issues found using Address Sanitizer
+  * MFSA 2012-59/CVE-2012-1956 (bmo#756719)
+    Location object can be shadowed using Object.defineProperty
+  * MFSA 2012-60/CVE-2012-3965 (bmo#769108)
+    Escalation of privilege through about:newtab
+  * MFSA 2012-61/CVE-2012-3966 (bmo#775794, bmo#775793)
+    Memory corruption with bitmap format images with negative height
+  * MFSA 2012-62/CVE-2012-3967/CVE-2012-3968
+    WebGL use-after-free and memory corruption
+  * MFSA 2012-63/CVE-2012-3969/CVE-2012-3970
+    SVG buffer overflow and use-after-free issues
+  * MFSA 2012-64/CVE-2012-3971
+    Graphite 2 memory corruption
+  * MFSA 2012-65/CVE-2012-3972 (bmo#746855)
+    Out-of-bounds read in format-number in XSLT
+  * MFSA 2012-66/CVE-2012-3973 (bmo#757128)
+    HTTPMonitor extension allows for remote debugging without explicit
+    activation
+  * MFSA 2012-68/CVE-2012-3975 (bmo#770684)
+    DOMParser loads linked resources in extensions when parsing
+    text/html
+  * MFSA 2012-69/CVE-2012-3976 (bmo#768568)
+    Incorrect site SSL certificate data display
+  * MFSA 2012-70/CVE-2012-3978 (bmo#770429)
+    Location object security checks bypassed by chrome code
+  * MFSA 2012-72/CVE-2012-3980 (bmo#771859)
+    Web console eval capable of executing chrome-privileged code
+- fix HTML5 video crash with GStreamer enabled (bmo#761030)
+- fixed filelist
+
+-------------------------------------------------------------------
+Fri Aug 17 13:09:49 UTC 2012 - dmueller@suse.com
+
+- fix build on ARM:
+  * disable crashreporter, it does not build
+  * reduce debuginfo during built to avoid running out of memory
+
+-------------------------------------------------------------------
+Sat Jul 14 19:33:44 UTC 2012 - wr@rosenauer.org
+
+- update to 14.0.1 (bnc#771583)
+  * MFSA 2012-42/CVE-2012-1949/CVE-2012-1948
+    Miscellaneous memory safety hazards
+  * MFSA 2012-43/CVE-2012-1950
+    Incorrect URL displayed in addressbar through drag and drop
+  * MFSA 2012-44/CVE-2012-1951/CVE-2012-1954/CVE-2012-1953/CVE-2012-1952
+    Gecko memory corruption
+  * MFSA 2012-45/CVE-2012-1955 (bmo#757376)
+    Spoofing issue with location
+  * MFSA 2012-46/CVE-2012-1966 (bmo#734076)
+    XSS through data: URLs
+  * MFSA 2012-47/CVE-2012-1957 (bmo#750096)
+    Improper filtering of javascript in HTML feed-view
+  * MFSA 2012-48/CVE-2012-1958 (bmo#750820)
+    use-after-free in nsGlobalWindow::PageHidden
+  * MFSA 2012-49/CVE-2012-1959 (bmo#754044, bmo#737559)
+    Same-compartment Security Wrappers can be bypassed
+  * MFSA 2012-50/CVE-2012-1960 (bmo#761014)
+    Out of bounds read in QCMS
+  * MFSA 2012-51/CVE-2012-1961 (bmo#761655)
+    X-Frame-Options header ignored when duplicated
+  * MFSA 2012-52/CVE-2012-1962 (bmo#764296)
+    JSDependentString::undepend string conversion results in memory
+    corruption
+  * MFSA 2012-53/CVE-2012-1963 (bmo#767778)
+    Content Security Policy 1.0 implementation errors cause data
+    leakage
+  * MFSA 2012-55/CVE-2012-1965 (bmo#758990)
+    feed: URLs with an innerURI inherit security context of page
+  * MFSA 2012-56/CVE-2012-1967 (bmo#758344)
+    Code execution through javascript: URLs
+- license change from tri license to MPL-2.0
+- require NSS 3.13.5
+- PPC fixes:
+  * reenabled mozilla-yarr-pcre.patch to fix build for PPC
+  * add patches for bmo#750620 and bmo#746112
+  * fix xpcshell segfault on ppc
+- build plugin-container on every arch
+
+-------------------------------------------------------------------
+Fri Jun 15 12:40:23 UTC 2012 - wr@rosenauer.org
+
+- update to 13.0.1
+  * bugfix release
+
+-------------------------------------------------------------------
+Sat Jun  2 09:16:34 UTC 2012 - wr@rosenauer.org
+
+- update to 13.0 (bnc#765204)
+  * MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101
+    Miscellaneous memory safety hazards
+  * MFSA 2012-36/CVE-2012-1944 (bmo#751422)
+    Content Security Policy inline-script bypass
+  * MFSA 2012-37/CVE-2012-1945 (bmo#670514)
+    Information disclosure though Windows file shares and shortcut
+    files
+  * MFSA 2012-38/CVE-2012-1946 (bmo#750109)
+    Use-after-free while replacing/inserting a node in a document
+  * MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941
+    Buffer overflow and use-after-free issues found using Address
+    Sanitizer
+- require NSS 3.13.4
+  * MFSA 2012-39/CVE-2012-0441 (bmo#715073)
+- reenabled crashreporter for Factory/12.2
+  (fixed in mozilla-gcc47.patch)
+
+-------------------------------------------------------------------
+Sat Apr 21 10:03:42 UTC 2012 - wr@rosenauer.org
+
+- update to 12.0 (bnc#758408)
+  * rebased patches
+  * MFSA 2012-20/CVE-2012-0467/CVE-2012-0468
+    Miscellaneous memory safety hazards
+  * MFSA 2012-22/CVE-2012-0469 (bmo#738985)
+    use-after-free in IDBKeyRange
+  * MFSA 2012-23/CVE-2012-0470 (bmo#734288)
+    Invalid frees causes heap corruption in gfxImageSurface
+  * MFSA 2012-24/CVE-2012-0471 (bmo#715319)
+    Potential XSS via multibyte content processing errors
+  * MFSA 2012-25/CVE-2012-0472 (bmo#744480)
+    Potential memory corruption during font rendering using cairo-dwrite
+  * MFSA 2012-26/CVE-2012-0473 (bmo#743475)
+    WebGL.drawElements may read illegal video memory due to
+    FindMaxUshortElement error
+  * MFSA 2012-27/CVE-2012-0474 (bmo#687745, bmo#737307)
+    Page load short-circuit can lead to XSS
+  * MFSA 2012-28/CVE-2012-0475 (bmo#694576)
+    Ambiguous IPv6 in Origin headers may bypass webserver access
+    restrictions
+  * MFSA 2012-29/CVE-2012-0477 (bmo#718573)
+    Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues
+  * MFSA 2012-30/CVE-2012-0478 (bmo#727547)
+    Crash with WebGL content using textImage2D
+  * MFSA 2012-31/CVE-2011-3062 (bmo#739925)
+    Off-by-one error in OpenType Sanitizer
+  * MFSA 2012-32/CVE-2011-1187 (bmo#624621)
+    HTTP Redirections and remote content can be read by javascript errors
+  * MFSA 2012-33/CVE-2012-0479 (bmo#714631)
+    Potential site identity spoofing when loading RSS and Atom feeds
+- added mozilla-libnotify.patch to allow fallback from libnotify
+  to xul based events if no notification-daemon is running
+- gcc 4.7 fixes
+  * mozilla-gcc47.patch
+  * disabled crashreporter temporarily for Factory
+
+-------------------------------------------------------------------
+Fri Mar  9 21:49:05 UTC 2012 - wr@rosenauer.org
+
+- update to version 11.0 (bnc#750044)
+  * MFSA 2012-13/CVE-2012-0455 (bmo#704354)
+    XSS with Drag and Drop and Javascript: URL
+  * MFSA 2012-14/CVE-2012-0456/CVE-2012-0457 (bmo#711653, #720103)
+    SVG issues found with Address Sanitizer
+  * MFSA 2012-15/CVE-2012-0451 (bmo#717511)
+    XSS with multiple Content Security Policy headers
+  * MFSA 2012-16/CVE-2012-0458
+    Escalation of privilege with Javascript: URL as home page
+  * MFSA 2012-17/CVE-2012-0459 (bmo#723446)
+    Crash when accessing keyframe cssText after dynamic modification
+  * MFSA 2012-18/CVE-2012-0460 (bmo#727303)
+    window.fullScreen writeable by untrusted content
+  * MFSA 2012-19/CVE-2012-0461/CVE-2012-0462/CVE-2012-0464/
+    CVE-2012-0463
+    Miscellaneous memory safety hazards
+- fix build on ARM
+- disable jemalloc on s390(x)
+
+-------------------------------------------------------------------
+Thu Feb 16 08:51:42 UTC 2012 - wr@rosenauer.org
+
+- update to version 10.0.2 (bnc#747328)
+  * CVE-2011-3026 (bmo#727401)
+    libpng: integer overflow leading to heap-buffer overflow
+
+-------------------------------------------------------------------
+Thu Feb  9 10:20:49 UTC 2012 - wr@rosenauer.org
+
+- update to version 10.0.1 (bnc#746616)
+  * MFSA 2012-10/CVE-2012-0452 (bmo#724284)
+    use after free in nsXBLDocumentInfo::ReadPrototypeBindings
+
+-------------------------------------------------------------------
+Tue Feb  7 10:40:58 UTC 2012 - dvaleev@suse.com
+
+- Use YARR interpreter instead of PCRE on platforms where YARR JIT
+  is not supported, since PCRE doesnt build (bmo#691898)
+- fix ppc64 build (bmo#703534)
+
+-------------------------------------------------------------------
+Mon Jan 30 09:43:21 UTC 2012 - wr@rosenauer.org
+
+- update to version 10.0 (bnc#744275)
+  * MFSA 2012-01/CVE-2012-0442/CVE-2012-0443
+    Miscellaneous memory safety hazards
+  * MFSA 2012-03/CVE-2012-0445 (bmo#701071)
+    <iframe> element exposed across domains via name attribute
+  * MFSA 2012-04/CVE-2011-3659 (bmo#708198)
+    Child nodes from nsDOMAttribute still accessible after removal
+    of nodes
+  * MFSA 2012-05/CVE-2012-0446 (bmo#705651)
+    Frame scripts calling into untrusted objects bypass security
+    checks
+  * MFSA 2012-06/CVE-2012-0447 (bmo#710079)
+    Uninitialized memory appended when encoding icon images may
+    cause information disclosure
+  * MFSA 2012-07/CVE-2012-0444 (bmo#719612)
+    Potential Memory Corruption When Decoding Ogg Vorbis files
+  * MFSA 2012-08/CVE-2012-0449 (bmo#701806, bmo#702466)
+    Crash with malformed embedded XSLT stylesheets
+- removed obsolete ppc64 patch
+- disable neon for ARM as it doesn't build correctly
+
+-------------------------------------------------------------------
+Fri Dec 23 17:02:01 UTC 2011 - wr@rosenauer.org
+
+- update to Firefox 9.0.1
+  * (strongparent) parentNode of element gets lost (bmo#335998)
+
+-------------------------------------------------------------------
+Sun Dec 18 09:28:02 UTC 2011 - wr@rosenauer.org
+
+- update to release 9.0 (bnc#737533)
+  * MFSA 2011-53/CVE-2011-3660
+    Miscellaneous memory safety hazards (rv:9.0)
+  * MFSA 2011-54/CVE-2011-3661 (bmo#691299)
+    Potentially exploitable crash in the YARR regular expression
+    library
+  * MFSA 2011-55/CVE-2011-3658 (bmo#708186)
+    nsSVGValue out-of-bounds access
+  * MFSA 2011-56/CVE-2011-3663 (bmo#704482)
+    Key detection without JavaScript via SVG animation
+  * MFSA 2011-58/VE-2011-3665 (bmo#701259)
+    Crash scaling <video> to extreme sizes
+
+-------------------------------------------------------------------
+Sat Nov 12 15:20:49 UTC 2011 - wr@rosenauer.org
+
+- fix ppc64 build
+
+-------------------------------------------------------------------
+Sun Nov  6 08:23:04 UTC 2011 - wr@rosenauer.org
+
+- update to release 8.0 (bnc#728520)
+  * MFSA 2011-47/CVE-2011-3648 (bmo#690225)
+    Potential XSS against sites using Shift-JIS
+  * MFSA 2011-48/CVE-2011-3651/CVE-2011-3652/CVE-2011-3654
+    Miscellaneous memory safety hazards
+  * MFSA 2011-49/CVE-2011-3650 (bmo#674776)
+    Memory corruption while profiling using Firebug
+  * MFSA 2011-52/CVE-2011-3655 (bmo#672182)
+    Code execution via NoWaiverWrapper
+- rebased patches
+
+-------------------------------------------------------------------
+Fri Sep 30 10:59:54 UTC 2011 - wr@rosenauer.org
+
+- update to minor release 7.0.1
+  * fixed staged addon updates
+
+-------------------------------------------------------------------
+Fri Sep 23 11:36:04 UTC 2011 - wr@rosenauer.org
+
+- update to version 7.0 (bnc#720264)
+  * MFSA 2011-36/CVE-2011-2995/CVE-2011-2996/CVE-2011-2997
+    Miscellaneous memory safety hazards
+  * MFSA 2011-39/CVE-2011-3000 (bmo#655389)
+    Defense against multiple Location headers due to CRLF Injection
+  * MFSA 2011-40/CVE-2011-2372/CVE-2011-3001
+    Code installation through holding down Enter
+  * MFSA 2011-41/CVE-2011-3002/CVE-2011-3003 (bmo#680840, bmo#682335)
+    Potentially exploitable WebGL crashes
+  * MFSA 2011-42/CVE-2011-3232 (bmo#653672)
+    Potentially exploitable crash in the YARR regular expression
+    library
+  * MFSA 2011-43/CVE-2011-3004 (bmo#653926)
+    loadSubScript unwraps XPCNativeWrapper scope parameter
+  * MFSA 2011-44/CVE-2011-3005 (bmo#675747)
+    Use after free reading OGG headers
+  * MFSA 2011-45
+    Inferring keystrokes from motion data
+- removed obsolete mozilla-cairo-lcd.patch
+- rebased patches
+
+-------------------------------------------------------------------
+Tue Sep 20 11:54:28 UTC 2011 - wr@rosenauer.org
+
+- install xpt.py into SDK (mozilla-639554.patch) (bnc#639554)
+
+-------------------------------------------------------------------
+Wed Sep 14 13:07:39 UTC 2011 - wr@rosenauer.org
+
+- initial xulrunner package
+
diff -r b83636a26466 -r 3a72bcb470fb xulrunner/xulrunner.spec
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/xulrunner/xulrunner.spec	Tue Apr 02 23:21:29 2013 +0200
@@ -0,0 +1,531 @@
+#
+# spec file for package xulrunner
+#
+# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
+#               2006-2013 Wolfgang Rosenauer
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via http://bugs.opensuse.org/
+#
+
+
+Name:           xulrunner
+BuildRequires:  Mesa-devel
+BuildRequires:  autoconf213
+BuildRequires:  dbus-1-glib-devel
+BuildRequires:  fdupes
+BuildRequires:  gcc-c++
+BuildRequires:  hunspell-devel
+BuildRequires:  libcurl-devel
+BuildRequires:  libgnomeui-devel
+BuildRequires:  libidl-devel
+BuildRequires:  libnotify-devel
+BuildRequires:  nss-shared-helper-devel
+BuildRequires:  pkg-config
+BuildRequires:  python
+BuildRequires:  startup-notification-devel
+BuildRequires:  unzip
+BuildRequires:  xorg-x11-libXt-devel
+BuildRequires:  yasm
+BuildRequires:  zip
+%if %suse_version > 1110
+BuildRequires:  libiw-devel
+BuildRequires:  libproxy-devel
+%else
+BuildRequires:  wireless-tools
+%endif
+BuildRequires:  mozilla-nspr-devel >= 4.9.5
+BuildRequires:  mozilla-nss-devel >= 3.14.3
+Version:        17.0.5
+Release:        0
+%define         releasedate 2013032900
+%define         version_internal 17.0.5
+%define         apiversion 17
+%define         uaweight 1700005
+Summary:        Mozilla Runtime Environment
+License:        MPL-2.0
+Group:          Productivity/Other
+Url:            http://www.mozilla.org/
+Provides:       gecko
+%ifarch %ix86
+Provides:       xulrunner-32bit = %{version}-%{release}
+%endif
+Source:         xulrunner-%{version}-source.tar.bz2
+Source1:        l10n-%{version}.tar.bz2
+Source2:        find-external-requires.sh
+Source3:        %{name}-rpmlintrc
+Source4:        xulrunner-openSUSE-prefs.js
+Source5:        add-plugins.sh.in
+Source6:        create-tar.sh
+Source7:        baselibs.conf
+Source8:        source-stamp.txt
+Source9:        compare-locales.tar.bz2
+Patch1:         toolkit-download-folder.patch
+Patch2:         mozilla-pkgconfig.patch
+Patch3:         mozilla-idldir.patch
+Patch4:         mozilla-nongnome-proxies.patch
+Patch5:         mozilla-prefer_plugin_pref.patch
+Patch6:         mozilla-language.patch
+Patch7:         mozilla-ntlm-full-path.patch
+Patch9:         mozilla-sle11.patch
+Patch14:        mozilla-ppc.patch
+# SLE11 patches
+Patch20:        mozilla-gcc43-enums.patch
+Patch21:        mozilla-gcc43-template_hacks.patch
+Patch22:        mozilla-gcc43-templates_instantiation.patch
+BuildRoot:      %{_tmppath}/%{name}-%{version}-build
+Requires:       mozilla-js = %{version}
+Requires(post):  update-alternatives coreutils
+Requires(preun): update-alternatives coreutils
+### build configuration ###
+%define has_system_nspr  1
+%define has_system_nss   1
+%define has_system_cairo 0
+%define localize 0
+%ifarch ppc ppc64 s390 s390x ia64 %arm
+%define crashreporter    0
+%else
+%define crashreporter    1
+%endif
+### configuration end ###
+%define _use_internal_dependency_generator 0
+%define __find_requires sh %{SOURCE2}
+%global provfind sh -c "grep -Ev 'mozsqlite3|dbusservice|unixprint' | %__find_provides"
+%global __find_provides %provfind
+%if %has_system_nspr
+Requires:       mozilla-nspr >= %(rpm -q --queryformat '%{VERSION}' mozilla-nspr)
+%endif
+%if %has_system_nss
+Requires:       mozilla-nss >= %(rpm -q --queryformat '%{VERSION}' mozilla-nss)
+%endif
+
+%description
+XULRunner is a single installable package that can be used to bootstrap
+multiple XUL+XPCOM applications that are as rich as Firefox and
+Thunderbird.
+
+
+%package -n mozilla-js
+Summary:        Mozilla JS engine
+Group:          Productivity/Other
+
+%description -n mozilla-js
+JavaScript is the Netscape-developed object scripting language used in millions
+of web pages and server applications worldwide. Netscape's JavaScript is a
+superset of the ECMA-262 Edition 3 (ECMAScript) standard scripting language,
+with only mild differences from the published standard.
+
+
+%package devel
+Summary:        XULRunner/Gecko SDK
+Group:          Development/Libraries/Other
+%if %has_system_nspr
+Requires:       mozilla-nspr-devel >= %(rpm -q --queryformat '%{VERSION}' mozilla-nspr-devel)
+%endif
+%if %has_system_nss
+Requires:       mozilla-nss-devel >= %(rpm -q --queryformat '%{VERSION}' mozilla-nss-devel)
+%endif
+Requires:       %{name} = %{version}
+
+%description devel
+Software Development Kit to embed XUL or Gecko into other applications.
+
+%if %localize
+
+%package translations-common
+Summary:        Common translations for XULRunner
+Group:          System/Localization
+Requires:       %{name} = %{version}
+Provides:       locale(%{name}:ar;ca;cs;da;de;en_GB;es_AR;es_CL;es_ES;fi;fr;hu;it;ja;ko;nb_NO;nl;pl;pt_BR;pt_PT;ru;sv_SE;zh_CN;zh_TW)
+Obsoletes:      %{name}-translations < %{version}-%{release}
+
+%description translations-common
+XULRunner is a single installable package that can be used to bootstrap
+multiple XUL+XPCOM applications that are as rich as Firefox and
+Thunderbird.
+
+This package contains the most common languages but en-US which is
+delivered in the main package.
+
+
+%package translations-other
+Summary:        Extra translations for XULRunner
+Group:          System/Localization
+Requires:       %{name} = %{version}
+Provides:       locale(%{name}:ach;af;ak;as;ast;be;bg;bn_BD;bn_IN;br;bs;csb;cy;el;en_ZA;eo;es_MX;et;eu;fa;ff;fy_NL;ga_IE;gd;gl;gu_IN;he;hi_IN;hr;hy_AM;id;is;kk;km;kn;ku;lg;lij;lt;lv;mai;mk;ml;mr;nn_NO;nso;or;pa_IN;rm;ro;si;sk;sl;son;sq;sr;ta;ta_LK;te;th;tr;uk;vi;zu)
+Obsoletes:      %{name}-translations < %{version}-%{release}
+
+%description translations-other
+XULRunner is a single installable package that can be used to bootstrap
+multiple XUL+XPCOM applications that are as rich as Firefox and
+Thunderbird.
+
+This package contains rarely used languages.
+%endif
+
+%if %crashreporter
+
+%package buildsymbols
+Summary:        Breakpad buildsymbols for %{name}
+Group:          Development/Debug
+
+%description buildsymbols
+This subpackage contains the Breakpad created and compatible debugging
+symbols meant for upload to Mozilla's crash collector database.
+%endif
+
+%prep
+%setup -n mozilla -q -b 1 -b 9
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1
+%patch6 -p1
+%patch7 -p1
+%if %suse_version < 1120
+%patch9 -p1
+%endif
+%patch14 -p1
+# SLE patches
+%if %suse_version <= 1110
+%patch20 -p1
+%patch21 -p1
+%patch22 -p1
+%endif
+
+%build
+# no need to add build time to binaries
+modified="$(sed -n '/^----/n;s/ - .*$//;p;q' "%{_sourcedir}/%{name}.changes")"
+DATE="\"$(date -d "${modified}" "+%%b %%e %%Y")\""
+TIME="\"$(date -d "${modified}" "+%%R")\""
+find . -regex ".*\.c\|.*\.cpp\|.*\.h" -exec sed -i "s/__DATE__/${DATE}/g;s/__TIME__/${TIME}/g" {} +
+#
+MOZ_APP_DIR=%{_libdir}/xulrunner-%{version_internal}
+export MOZ_BUILD_DATE=%{releasedate}
+export CFLAGS="$RPM_OPT_FLAGS -Os -fno-strict-aliasing"
+%ifarch ppc64
+export CFLAGS="$CFLAGS -mminimal-toc"
+%endif
+export LDFLAGS=" -Wl,-rpath -Wl,${MOZ_APP_DIR}"
+%ifarch %arm
+# debug symbols require too much memory during build
+export CFLAGS="${CFLAGS/-g/}"
+LDFLAGS+="-Wl,--reduce-memory-overheads -Wl,--no-keep-memory"
+%endif
+export CXXFLAGS="$CFLAGS"
+export MOZCONFIG=$RPM_BUILD_DIR/mozconfig
+export MOZILLA_OFFICIAL=1
+export BUILD_OFFICIAL=1
+export MOZ_MILESTONE_RELEASE=1
+#
+cat << EOF > $MOZCONFIG
+mk_add_options MOZILLA_OFFICIAL=1
+mk_add_options BUILD_OFFICIAL=1
+mk_add_options MOZ_MILESTONE_RELEASE=1
+mk_add_options MOZ_MAKE_FLAGS=%{?jobs:-j%jobs}
+mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/../obj
+. \$topsrcdir/xulrunner/config/mozconfig
+ac_add_options --prefix=%{_prefix}
+ac_add_options --libdir=%{_libdir}
+ac_add_options --sysconfdir=%{_sysconfdir}
+ac_add_options --mandir=%{_mandir}
+ac_add_options --includedir=%{_includedir}
+ac_add_options --enable-optimize
+ac_add_options --enable-extensions=default
+#ac_add_options --with-system-jpeg # mozilla uses internal libjpeg-turbo now
+#ac_add_options --with-system-png  # no APNG support
+ac_add_options --with-system-zlib
+ac_add_options --with-l10n-base=$RPM_BUILD_DIR/l10n
+ac_add_options --disable-tests
+ac_add_options --disable-mochitest
+ac_add_options --disable-installer
+ac_add_options --disable-updater
+ac_add_options --disable-javaxpcom
+ac_add_options --enable-system-hunspell
+ac_add_options --enable-startup-notification
+ac_add_options --enable-shared-js
+ac_add_options --disable-webrtc   # does not build with system NSPR
+#ac_add_options --enable-debug
+EOF
+%if %suse_version > 1130
+cat << EOF >> $MOZCONFIG
+ac_add_options --disable-gnomevfs
+ac_add_options --enable-gio
+EOF
+%endif
+%if %has_system_nspr
+cat << EOF >> $MOZCONFIG
+ac_add_options --with-system-nspr
+EOF
+%endif
+%if %has_system_nss
+cat << EOF >> $MOZCONFIG
+ac_add_options --with-system-nss
+EOF
+%endif
+%if %has_system_cairo
+cat << EOF >> $MOZCONFIG
+ac_add_options --enable-system-cairo
+EOF
+%endif
+%if %suse_version > 1110
+cat << EOF >> $MOZCONFIG
+ac_add_options --enable-libproxy
+EOF
+%endif
+%if ! %crashreporter
+cat << EOF >> $MOZCONFIG
+ac_add_options --disable-crashreporter
+EOF
+%endif
+# S/390
+%ifarch s390 s390x
+cat << EOF >> $MOZCONFIG
+ac_add_options --disable-jemalloc
+EOF
+%endif
+# ARM
+%ifarch %arm
+cat << EOF >> $MOZCONFIG
+%ifarch armv7l armv7hl
+ac_add_options --with-arch=armv7-a
+ac_add_options --with-float-abi=hard
+ac_add_options --with-fpu=vfpv3-d16
+ac_add_options --with-thumb=yes
+ac_add_options --disable-debug
+%endif
+%ifarch armv5tel
+ac_add_options --with-arch=armv5te
+ac_add_options --with-float-abi=soft
+ac_add_options --with-thumb=no
+%endif
+EOF
+%endif
+make -f client.mk build
+
+%install
+cd ../obj
+# preferences (to package in omni.jar)
+cp %{SOURCE4} dist/bin/defaults/pref/all-openSUSE.js
+%makeinstall STRIP=/bin/true
+# xpt.py is not executable
+chmod a+x $RPM_BUILD_ROOT%{_libdir}/xulrunner-devel-%{version_internal}/sdk/bin/*.py
+# remove some executable permissions
+find $RPM_BUILD_ROOT%{_includedir}/xulrunner-%{version_internal} \
+     -type f -perm -111 -exec chmod a-x {} \;
+find $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/ \
+     -name "*.js" -o -name "*.xpm" -o -name "*.png" | xargs chmod a-x
+# remove mkdir.done files from installed base
+find $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal} -name ".mkdir.done" | xargs rm
+mkdir -p $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/extensions
+# fixing SDK dynamic libs (symlink instead of copy)
+rm $RPM_BUILD_ROOT%{_libdir}/xulrunner-devel-%{version_internal}/sdk/lib/*.so
+ln -sf ../../../xulrunner-%{version_internal}/libmozjs.so \
+       $RPM_BUILD_ROOT%{_libdir}/xulrunner-devel-%{version_internal}/sdk/lib/
+ln -sf ../../../xulrunner-%{version_internal}/libxpcom.so \
+       $RPM_BUILD_ROOT%{_libdir}/xulrunner-devel-%{version_internal}/sdk/lib/
+ln -sf ../../../xulrunner-%{version_internal}/libxul.so \
+       $RPM_BUILD_ROOT%{_libdir}/xulrunner-devel-%{version_internal}/sdk/lib/
+# include basic buildenv for xulapps to use
+mkdir -p $RPM_BUILD_ROOT%{_datadir}/xulrunner-%{version_internal}
+pushd ..
+# this list has been compiled by trial and error for prism
+tar --exclude=*.cpp --exclude=*.mm \
+   -cvjf $RPM_BUILD_ROOT%{_datadir}/xulrunner-%{version_internal}/mozilla-src.tar.bz2 \
+    mozilla/configure.in mozilla/Makefile.in mozilla/client.py mozilla/allmakefiles.sh \
+    mozilla/config mozilla/client.mk mozilla/aclocal.m4 mozilla/build mozilla/js/src/* \
+    mozilla/testing mozilla/toolkit/mozapps/installer mozilla/probes mozilla/memory \
+    mozilla/toolkit/xre mozilla/nsprpub/config mozilla/tools mozilla/xpcom/build
+popd
+# install add-plugins.sh
+sed "s:%%PROGDIR:%{_libdir}/xulrunner-%{version_internal}:g" \
+  %{SOURCE5} > $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/add-plugins.sh
+chmod 755 $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/add-plugins.sh
+# ghosts
+touch $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/global.reginfo
+# install additional locales
+%if %localize
+rm -f %{_tmppath}/translations.*
+touch %{_tmppath}/translations.{common,other}
+for locale in $(awk '{ print $1; }' ../mozilla/browser/locales/shipped-locales); do
+  case $locale in
+   ja-JP-mac|en-US)
+      ;;
+   *)
+      pushd $RPM_BUILD_DIR/compare-locales
+      PYTHONPATH=lib \
+        scripts/compare-locales -m ../l10n-merged/$locale \
+	../mozilla/toolkit/locales/l10n.ini ../l10n $locale
+      popd
+      LOCALE_MERGEDIR=$RPM_BUILD_DIR/l10n-merged/$locale \
+      make -C toolkit/locales langpack-$locale
+      cp dist/xpi-stage/locale-$locale \
+         $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/extensions/langpack-$locale@firefox.mozilla.org
+      # remove prefs and profile defaults from langpack
+      rm -rf $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/extensions/langpack-$locale@firefox.mozilla.org/defaults
+      # check against the fixed common list and sort into the right filelist
+      _matched=0
+      for _match in ar ca cs da de en-GB es-AR es-CL es-ES fi fr hu it ja ko nb-NO nl pl pt-BR pt-PT ru sv-SE zh-CN zh-TW; do
+        [ "$_match" = "$locale" ] && _matched=1
+      done
+      [ $_matched -eq 1 ] && _l10ntarget=common || _l10ntarget=other
+      echo %{_libdir}/xulrunner-%{version_internal}/extensions/langpack-$locale@firefox.mozilla.org \ \
+         >> %{_tmppath}/translations.$_l10ntarget
+  esac
+done
+%endif
+# API symlink
+ln -sf xulrunner-%{version_internal} $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{apiversion}
+# compat links
+%if 0%{?ga_version:1}
+touch $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{ga_version}
+%endif
+# excludes
+%if %suse_version < 1120
+rm -f $RPM_BUILD_ROOT%{_bindir}/xulrunner
+%endif
+rm -f $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/updater
+rm -f $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/update.locale
+rm -f $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/LICENSE
+rm -f $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/README.txt
+rm -f $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/dictionaries/en-US*
+rm -f $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/nspr-config
+rm -f $RPM_BUILD_ROOT%{_libdir}/pkgconfig/mozilla-plugin.pc
+# fdupes
+%fdupes $RPM_BUILD_ROOT%{_includedir}/xulrunner-%{version_internal}/
+%fdupes $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/
+# create breakpad debugsymbols
+%if %crashreporter
+SYMBOLS_NAME="xulrunner-%{version}-%{release}.%{_arch}-%{suse_version}-symbols"
+make buildsymbols \
+  SYMBOL_INDEX_NAME="$SYMBOLS_NAME.txt" \
+  SYMBOL_FULL_ARCHIVE_BASENAME="$SYMBOLS_NAME-full" \
+  SYMBOL_ARCHIVE_BASENAME="$SYMBOLS_NAME"
+if [ -e dist/*symbols.zip ]; then
+  mkdir -p $RPM_BUILD_ROOT%{_datadir}/mozilla/
+  cp dist/*symbols.zip $RPM_BUILD_ROOT%{_datadir}/mozilla/
+fi
+%endif
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+%if %localize
+rm -rf %{_tmppath}/translations.*
+%endif
+
+%post
+/usr/sbin/update-alternatives --install %{_bindir}/xulrunner \
+  xulrunner %{_libdir}/xulrunner-%{apiversion}/xulrunner %{uaweight} || :
+%{_libdir}/xulrunner-%{apiversion}/add-plugins.sh > /dev/null 2>&1
+exit 0
+
+%posttrans
+# needed for updates which transition directory to symlink
+%if 0%{?ga_version:1}
+test -d %{_libdir}/xulrunner-%{ga_version} && rm -rf %{_libdir}/xulrunner-%{ga_version}
+ln -sf xulrunner-%{version_internal} %{_libdir}/xulrunner-%{ga_version}
+%endif
+[ -e %{_libdir}/xulrunner-%{version_internal}/add-plugins.sh ] && \
+  %{_libdir}/xulrunner-%{version_internal}/add-plugins.sh > /dev/null 2>&1
+exit 0
+
+%preun
+if [ "$1" = "0" ]; then # deinstallation
+  # that's not quite nice since old versions should be removed on update as well
+  # but that's problematic for updates w/o raising the version number
+  /usr/sbin/update-alternatives --remove xulrunner %{_libdir}/xulrunner-%{apiversion}/xulrunner
+fi
+rm -f %{_libdir}/xulrunner-%{version_internal}/dictionaries/*
+exit 0
+
+%triggerin -- myspell-dictionary
+%{_libdir}/xulrunner-%{version_internal}/add-plugins.sh > /dev/null 2>&1
+exit 0
+
+%triggerpostun -- myspell-dictionary
+%{_libdir}/xulrunner-%{version_internal}/add-plugins.sh > /dev/null 2>&1
+exit 0
+
+%files
+%defattr(-,root,root)
+%dir %{_libdir}/xulrunner-%{version_internal}/
+%dir %{_libdir}/xulrunner-%{version_internal}/chrome/
+%dir %{_libdir}/xulrunner-%{version_internal}/dictionaries/
+%dir %{_libdir}/xulrunner-%{version_internal}/extensions/
+%{_libdir}/xulrunner-%{version_internal}/chrome/icons/
+%{_libdir}/xulrunner-%{version_internal}/components/
+%{_libdir}/xulrunner-%{version_internal}/plugins/
+%{_libdir}/xulrunner-%{version_internal}/*.so
+%exclude %{_libdir}/xulrunner-%{version_internal}/libmozjs.so
+%{_libdir}/xulrunner-%{version_internal}/add-plugins.sh
+%{_libdir}/xulrunner-%{version_internal}/chrome.manifest
+%{_libdir}/xulrunner-%{version_internal}/dependentlibs.list
+%{_libdir}/xulrunner-%{version_internal}/mozilla-xremote-client
+%{_libdir}/xulrunner-%{version_internal}/plugin-container
+%{_libdir}/xulrunner-%{version_internal}/xulrunner
+%{_libdir}/xulrunner-%{version_internal}/xulrunner-stub
+%{_libdir}/xulrunner-%{version_internal}/platform.ini
+%{_libdir}/xulrunner-%{version_internal}/omni.ja
+%{_libdir}/xulrunner-%{version_internal}/README.xulrunner
+# crashreporter files
+%if %crashreporter
+%{_libdir}/xulrunner-%{version_internal}/crashreporter
+%{_libdir}/xulrunner-%{version_internal}/crashreporter.ini
+%{_libdir}/xulrunner-%{version_internal}/Throbber-small.gif
+%endif
+# ghosts
+%ghost %{_libdir}/xulrunner-%{version_internal}/global.reginfo
+%if %suse_version >= 1120
+%ghost %{_bindir}/xulrunner
+%endif
+# API symlink (already in mozilla-js)
+#%{_libdir}/xulrunner-%{apiversion}
+# compat symlinks
+%if 0%{?ga_version:1}
+%ghost %{_libdir}/xulrunner-%{ga_version}
+%endif
+
+%files -n mozilla-js
+%defattr(-,root,root)
+%dir %{_libdir}/xulrunner-%{version_internal}/
+%{_libdir}/xulrunner-%{apiversion}
+%{_libdir}/xulrunner-%{version_internal}/libmozjs.so
+
+%files devel
+%defattr(-,root,root)
+%{_libdir}/xulrunner-devel-%{version_internal}/
+# FIXME symlink dynamic libs below sdk/lib
+%attr(644,root,root) %{_libdir}/pkgconfig/*
+%{_includedir}/xulrunner-%{version_internal}/
+%{_datadir}/xulrunner-%{version_internal}/
+
+%if %localize
+
+%files translations-common -f %{_tmppath}/translations.common
+%defattr(-,root,root)
+%dir %{_libdir}/xulrunner-%{version_internal}/
+%dir %{_libdir}/xulrunner-%{version_internal}/chrome/
+
+%files translations-other -f %{_tmppath}/translations.other
+%defattr(-,root,root)
+%dir %{_libdir}/xulrunner-%{version_internal}/
+%dir %{_libdir}/xulrunner-%{version_internal}/chrome/
+%endif
+
+%if %crashreporter
+
+%files buildsymbols
+%defattr(-,root,root)
+%{_datadir}/mozilla/
+%endif
+
+%changelog