# HG changeset patch # User Wolfgang Rosenauer # Date 1346178468 -7200 # Node ID 778ac1dfbf6b364dcb5b97a07f715e89962ed337 # Parent dcb74847085a6815d47720237b5622229671d3cb Firefox 15.0 final release diff -r dcb74847085a -r 778ac1dfbf6b MozillaFirefox/MozillaFirefox.changes --- a/MozillaFirefox/MozillaFirefox.changes Tue Aug 28 16:04:36 2012 +0200 +++ b/MozillaFirefox/MozillaFirefox.changes Tue Aug 28 20:27:48 2012 +0200 @@ -1,7 +1,39 @@ ------------------------------------------------------------------- -Tue Aug 21 04:34:36 UTC 2012 - wr@rosenauer.org - -- update to Firefox 15.0b5 +Sun Aug 26 13:47:43 UTC 2012 - wr@rosenauer.org + +- update to Firefox 15.0 (bnc#777588) + * MFSA 2012-57/CVE-2012-1970 + Miscellaneous memory safety hazards + * MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1975 + CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE-2012-3959 + CVE-2012-3960/CVE-2012-3961/CVE-2012-3962/CVE-2012-3963/CVE-2012-3964 + Use-after-free issues found using Address Sanitizer + * MFSA 2012-59/CVE-2012-1956 (bmo#756719) + Location object can be shadowed using Object.defineProperty + * MFSA 2012-60/CVE-2012-3965 (bmo#769108) + Escalation of privilege through about:newtab + * MFSA 2012-61/CVE-2012-3966 (bmo#775794, bmo#775793) + Memory corruption with bitmap format images with negative height + * MFSA 2012-62/CVE-2012-3967/CVE-2012-3968 + WebGL use-after-free and memory corruption + * MFSA 2012-63/CVE-2012-3969/CVE-2012-3970 + SVG buffer overflow and use-after-free issues + * MFSA 2012-64/CVE-2012-3971 + Graphite 2 memory corruption + * MFSA 2012-65/CVE-2012-3972 (bmo#746855) + Out-of-bounds read in format-number in XSLT + * MFSA 2012-66/CVE-2012-3973 (bmo#757128) + HTTPMonitor extension allows for remote debugging without explicit + activation + * MFSA 2012-68/CVE-2012-3975 (bmo#770684) + DOMParser loads linked resources in extensions when parsing + text/html + * MFSA 2012-69/CVE-2012-3976 (bmo#768568) + Incorrect site SSL certificate data display + * MFSA 2012-70/CVE-2012-3978 (bmo#770429) + Location object security checks bypassed by chrome code + * MFSA 2012-72/CVE-2012-3980 (bmo#771859) + Web console eval capable of executing chrome-privileged code - fix HTML5 video crash with GStreamer enabled (bmo#761030) - GStreamer is only used for MP4 (no WebM, OGG) - updated filelist diff -r dcb74847085a -r 778ac1dfbf6b MozillaFirefox/MozillaFirefox.spec --- a/MozillaFirefox/MozillaFirefox.spec Tue Aug 28 16:04:36 2012 +0200 +++ b/MozillaFirefox/MozillaFirefox.spec Tue Aug 28 20:27:48 2012 +0200 @@ -17,9 +17,9 @@ # -%define major 14 -%define mainver %major.99 -%define update_channel beta +%define major 15 +%define mainver %major.0 +%define update_channel release Name: MozillaFirefox BuildRequires: Mesa-devel @@ -54,7 +54,7 @@ %endif Version: %{mainver} Release: 0 -%define releasedate 2012081500 +%define releasedate 2012082500 Provides: firefox = %{mainver} Provides: firefox = %{version}-%{release} Provides: web_browser @@ -166,7 +166,7 @@ %package translations-other Summary: Extra translations for MozillaFirefox Group: System/Localization -Provides: locale(%{name}:af;ak;as;ast;be;bg;bn_BD;bn_IN;br;bs;csb;cy;el;en_ZA;eo;es_MX;et;eu;fa;ff;fy_NL;ga_IE;gd;gl;gu_IN;he;hi_IN;hr;hy_AM;id;is;kk;km;kn;ku;lg;lij;lt;lv;mai;mk;ml;mn;mr;nn_NO;nso;or;pa_IN;rm;ro;si;sk;sl;son;sq;sr;sw;ta;ta_LK;te;th;tr;uk;vi;zu) +Provides: locale(%{name}:af;ak;as;ast;be;bg;bn_BD;bn_IN;br;bs;csb;cy;el;en_ZA;eo;es_MX;et;eu;fa;ff;fy_NL;ga_IE;gd;gl;gu_IN;he;hi_IN;hr;hy_AM;id;is;kk;km;kn;ku;lg;lij;lt;lv;mai;mk;ml;mr;nn_NO;nso;or;pa_IN;rm;ro;si;sk;sl;son;sq;sr;ta;ta_LK;te;th;tr;uk;vi;zu) Requires: %{name} = %{version} Obsoletes: %{name}-translations < %{version}-%{release} diff -r dcb74847085a -r 778ac1dfbf6b MozillaFirefox/create-tar.sh --- a/MozillaFirefox/create-tar.sh Tue Aug 28 16:04:36 2012 +0200 +++ b/MozillaFirefox/create-tar.sh Tue Aug 28 20:27:48 2012 +0200 @@ -1,9 +1,9 @@ #!/bin/bash -CHANNEL="beta" +CHANNEL="release" BRANCH="releases/mozilla-$CHANNEL" -RELEASE_TAG="FIREFOX_15_0b5_RELEASE" -VERSION="14.99" +RELEASE_TAG="FIREFOX_15_0_RELEASE" +VERSION="15.0" # mozilla echo "cloning $BRANCH..." diff -r dcb74847085a -r 778ac1dfbf6b xulrunner/create-tar.sh --- a/xulrunner/create-tar.sh Tue Aug 28 16:04:36 2012 +0200 +++ b/xulrunner/create-tar.sh Tue Aug 28 20:27:48 2012 +0200 @@ -1,9 +1,9 @@ #!/bin/bash -CHANNEL="beta" +CHANNEL="release" BRANCH="releases/mozilla-$CHANNEL" -RELEASE_TAG="FIREFOX_15_0b5_RELEASE" -VERSION="14.99" +RELEASE_TAG="FIREFOX_15_0_RELEASE" +VERSION="15.0" # mozilla hg clone http://hg.mozilla.org/$BRANCH mozilla diff -r dcb74847085a -r 778ac1dfbf6b xulrunner/mozilla-gstreamer.patch --- a/xulrunner/mozilla-gstreamer.patch Tue Aug 28 16:04:36 2012 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,1 +0,0 @@ -../mozilla-gstreamer.patch \ No newline at end of file diff -r dcb74847085a -r 778ac1dfbf6b xulrunner/xulrunner.changes --- a/xulrunner/xulrunner.changes Tue Aug 28 16:04:36 2012 +0200 +++ b/xulrunner/xulrunner.changes Tue Aug 28 20:27:48 2012 +0200 @@ -1,8 +1,41 @@ ------------------------------------------------------------------- -Tue Aug 21 05:08:37 UTC 2012 - wr@rosenauer.org +Sun Aug 26 13:48:04 UTC 2012 - wr@rosenauer.org -- update to 15.0b5 +- update to 15.0 (bnc#777588) + * MFSA 2012-57/CVE-2012-1970 + Miscellaneous memory safety hazards + * MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1975 + CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE-2012-3959 + CVE-2012-3960/CVE-2012-3961/CVE-2012-3962/CVE-2012-3963/CVE-2012-3964 + Use-after-free issues found using Address Sanitizer + * MFSA 2012-59/CVE-2012-1956 (bmo#756719) + Location object can be shadowed using Object.defineProperty + * MFSA 2012-60/CVE-2012-3965 (bmo#769108) + Escalation of privilege through about:newtab + * MFSA 2012-61/CVE-2012-3966 (bmo#775794, bmo#775793) + Memory corruption with bitmap format images with negative height + * MFSA 2012-62/CVE-2012-3967/CVE-2012-3968 + WebGL use-after-free and memory corruption + * MFSA 2012-63/CVE-2012-3969/CVE-2012-3970 + SVG buffer overflow and use-after-free issues + * MFSA 2012-64/CVE-2012-3971 + Graphite 2 memory corruption + * MFSA 2012-65/CVE-2012-3972 (bmo#746855) + Out-of-bounds read in format-number in XSLT + * MFSA 2012-66/CVE-2012-3973 (bmo#757128) + HTTPMonitor extension allows for remote debugging without explicit + activation + * MFSA 2012-68/CVE-2012-3975 (bmo#770684) + DOMParser loads linked resources in extensions when parsing + text/html + * MFSA 2012-69/CVE-2012-3976 (bmo#768568) + Incorrect site SSL certificate data display + * MFSA 2012-70/CVE-2012-3978 (bmo#770429) + Location object security checks bypassed by chrome code + * MFSA 2012-72/CVE-2012-3980 (bmo#771859) + Web console eval capable of executing chrome-privileged code - fix HTML5 video crash with GStreamer enabled (bmo#761030) +- fixed filelist ------------------------------------------------------------------- Sat Jul 14 19:33:44 UTC 2012 - wr@rosenauer.org diff -r dcb74847085a -r 778ac1dfbf6b xulrunner/xulrunner.spec --- a/xulrunner/xulrunner.spec Tue Aug 28 16:04:36 2012 +0200 +++ b/xulrunner/xulrunner.spec Tue Aug 28 20:27:48 2012 +0200 @@ -44,9 +44,9 @@ %endif BuildRequires: mozilla-nspr-devel >= 4.9.1 BuildRequires: mozilla-nss-devel >= 3.13.6 -Version: 14.99 +Version: 15.0 Release: 0 -%define releasedate 2012081500 +%define releasedate 2012082500 %define version_internal 15.0 %define apiversion 15 %define uaweight 1500000 @@ -454,9 +454,7 @@ %{_libdir}/xulrunner-%{version_internal}/dependentlibs.list %{_libdir}/xulrunner-%{version_internal}/mozilla-xremote-client %{_libdir}/xulrunner-%{version_internal}/plugin-container -%{_libdir}/xulrunner-%{version_internal}/run-mozilla.sh %{_libdir}/xulrunner-%{version_internal}/xulrunner -%{_libdir}/xulrunner-%{version_internal}/xulrunner-bin %{_libdir}/xulrunner-%{version_internal}/xulrunner-stub %{_libdir}/xulrunner-%{version_internal}/platform.ini %{_libdir}/xulrunner-%{version_internal}/omni.ja