# HG changeset patch # User Wolfgang Rosenauer # Date 1430898369 -7200 # Node ID a001af1b1593bb2de41906d8fa07793567e37a45 # Parent 09609abbb55ff670535048487f7d3b1740c78dfd update to 31.6.0esr diff -r 09609abbb55f -r a001af1b1593 MozillaFirefox/MozillaFirefox.changes --- a/MozillaFirefox/MozillaFirefox.changes Sat Feb 21 00:04:54 2015 +0100 +++ b/MozillaFirefox/MozillaFirefox.changes Wed May 06 09:46:09 2015 +0200 @@ -1,7 +1,43 @@ ------------------------------------------------------------------- +Sun Mar 29 09:28:42 UTC 2015 - wr@rosenauer.org + +- update to Firefox 31.6.0esr (bnc#925368) + * MFSA 2015-30/CVE-2015-0815 + Miscellaneous memory safety hazards + * MFSA 2015-31/CVE-2015-0813 (bmo#1106596)) + Use-after-free when using the Fluendo MP3 GStreamer plugin + * MFSA 2015-33/CVE-2015-0816 (bmo#1144991) + resource:// documents can load privileged pages + * MFSA-2015-37/CVE-2015-0807 (bmo#1111834) + CORS requests should not follow 30x redirections after preflight + * MFSA-2015-40/CVE-2015-0801 (bmo#1146339) + Same-origin bypass through anchor navigation + +------------------------------------------------------------------- +Sat Mar 21 10:38:32 UTC 2015 - wr@rosenauer.org + +- update to Firefox 31.5.3 (bnc#923534) + * MFSA 2015-28/CVE-2015-0818 (bmo#1144988) + Privilege escalation through SVG navigation + * MFSA 2015-29/CVE-2015-0817 (bmo#1145255) + Code execution through incorrect JavaScript bounds checking + elimination + +------------------------------------------------------------------- Thu Feb 19 22:52:00 UTC 2015 - wr@rosenauer.org - update to Firefox 31.5.0esr (bnc#917597) + * MFSA 2015-11/CVE-2015-0836 + Miscellaneous memory safety hazards + * MFSA 2015-12/CVE-2015-0833 (bmo#945192) + Invoking Mozilla updater will load locally stored DLL files + (Windows only) + * MFSA 2015-16/CVE-2015-0831 (bmo#1130514) + Use-after-free in IndexedDB + * MFSA 2015-19/CVE-2015-0827 (bmo#1117304) + Out-of-bounds read and write while rendering SVG content + * MFSA 2015-24/CVE-2015-0822 (bmo#1110557) + Reading of local files through manipulation of form autocomplete ------------------------------------------------------------------- Sat Jan 10 17:30:10 UTC 2015 - wr@rosenauer.org diff -r 09609abbb55f -r a001af1b1593 MozillaFirefox/MozillaFirefox.spec --- a/MozillaFirefox/MozillaFirefox.spec Sat Feb 21 00:04:54 2015 +0100 +++ b/MozillaFirefox/MozillaFirefox.spec Wed May 06 09:46:09 2015 +0200 @@ -18,7 +18,7 @@ %define major 31 -%define mainver %major.5.0 +%define mainver %major.6.0 %define update_channel esr31 %if %suse_version > 1210 @@ -77,7 +77,7 @@ %endif Version: %{mainver} Release: 0 -%define releasedate 2015021900 +%define releasedate 2015032800 Provides: firefox = %{mainver} Provides: firefox = %{version}-%{release} Provides: web_browser diff -r 09609abbb55f -r a001af1b1593 MozillaFirefox/create-tar.sh --- a/MozillaFirefox/create-tar.sh Sat Feb 21 00:04:54 2015 +0100 +++ b/MozillaFirefox/create-tar.sh Wed May 06 09:46:09 2015 +0200 @@ -2,8 +2,8 @@ CHANNEL="esr31" BRANCH="releases/mozilla-$CHANNEL" -RELEASE_TAG="FIREFOX_31_5_0esr_RELEASE" -VERSION="31.5.0" +RELEASE_TAG="FIREFOX_31_6_0esr_RELEASE" +VERSION="31.6.0" # mozilla if [ -d mozilla ]; then diff -r 09609abbb55f -r a001af1b1593 MozillaFirefox/firefox-esr.changes --- a/MozillaFirefox/firefox-esr.changes Sat Feb 21 00:04:54 2015 +0100 +++ b/MozillaFirefox/firefox-esr.changes Wed May 06 09:46:09 2015 +0200 @@ -1,7 +1,43 @@ ------------------------------------------------------------------- +Sun Mar 29 09:28:42 UTC 2015 - wr@rosenauer.org + +- update to Firefox 31.6.0esr (bnc#925368) + * MFSA 2015-30/CVE-2015-0815 + Miscellaneous memory safety hazards + * MFSA 2015-31/CVE-2015-0813 (bmo#1106596)) + Use-after-free when using the Fluendo MP3 GStreamer plugin + * MFSA 2015-33/CVE-2015-0816 (bmo#1144991) + resource:// documents can load privileged pages + * MFSA-2015-37/CVE-2015-0807 (bmo#1111834) + CORS requests should not follow 30x redirections after preflight + * MFSA-2015-40/CVE-2015-0801 (bmo#1146339) + Same-origin bypass through anchor navigation + +------------------------------------------------------------------- +Sat Mar 21 10:38:32 UTC 2015 - wr@rosenauer.org + +- update to Firefox 31.5.3 (bnc#923495) + * MFSA 2015-28/CVE-2015-0818 (bmo#1144988) + Privilege escalation through SVG navigation + * MFSA 2015-29/CVE-2015-0817 (bmo#1145255) + Code execution through incorrect JavaScript bounds checking + elimination + +------------------------------------------------------------------- Thu Feb 19 22:52:00 UTC 2015 - wr@rosenauer.org - update to Firefox 31.5.0esr (bnc#917597) + * MFSA 2015-11/CVE-2015-0836 + Miscellaneous memory safety hazards + * MFSA 2015-12/CVE-2015-0833 (bmo#945192) + Invoking Mozilla updater will load locally stored DLL files + (Windows only) + * MFSA 2015-16/CVE-2015-0831 (bmo#1130514) + Use-after-free in IndexedDB + * MFSA 2015-19/CVE-2015-0827 (bmo#1117304) + Out-of-bounds read and write while rendering SVG content + * MFSA 2015-24/CVE-2015-0822 (bmo#1110557) + Reading of local files through manipulation of form autocomplete ------------------------------------------------------------------- Sat Jan 10 17:30:10 UTC 2015 - wr@rosenauer.org diff -r 09609abbb55f -r a001af1b1593 MozillaFirefox/firefox-esr.spec --- a/MozillaFirefox/firefox-esr.spec Sat Feb 21 00:04:54 2015 +0100 +++ b/MozillaFirefox/firefox-esr.spec Wed May 06 09:46:09 2015 +0200 @@ -18,7 +18,7 @@ %define major 31 -%define mainver %major.5.0 +%define mainver %major.6.0 %define update_channel esr31 %if %suse_version > 1210 @@ -77,7 +77,7 @@ %endif Version: %{mainver} Release: 0 -%define releasedate 2015021900 +%define releasedate 2015032800 Provides: firefox-esr = %{mainver} Provides: firefox-esr = %{version}-%{release} Provides: web_browser diff -r 09609abbb55f -r a001af1b1593 xulrunner/create-tar.sh --- a/xulrunner/create-tar.sh Sat Feb 21 00:04:54 2015 +0100 +++ b/xulrunner/create-tar.sh Wed May 06 09:46:09 2015 +0200 @@ -2,8 +2,8 @@ CHANNEL="esr31" BRANCH="releases/mozilla-$CHANNEL" -RELEASE_TAG="FIREFOX_31_4_0esr_RELEASE" -VERSION="31.4.0" +RELEASE_TAG="FIREFOX_31_6_0esr_RELEASE" +VERSION="31.6.0" # mozilla if [ -d mozilla ]; then diff -r 09609abbb55f -r a001af1b1593 xulrunner/xulrunner.changes --- a/xulrunner/xulrunner.changes Sat Feb 21 00:04:54 2015 +0100 +++ b/xulrunner/xulrunner.changes Wed May 06 09:46:09 2015 +0200 @@ -1,7 +1,33 @@ +------------------------------------------------------------------- +Mon Mar 30 07:56:19 UTC 2015 - wr@rosenauer.org + +- update to 31.6.0 (bnc#925368) + * MFSA 2015-30/CVE-2015-0815 + Miscellaneous memory safety hazards + * MFSA 2015-31/CVE-2015-0813 (bmo#1106596)) + Use-after-free when using the Fluendo MP3 GStreamer plugin + * MFSA 2015-33/CVE-2015-0816 (bmo#1144991) + resource:// documents can load privileged pages + * MFSA-2015-37/CVE-2015-0807 (bmo#1111834) + CORS requests should not follow 30x redirections after preflight + * MFSA-2015-40/CVE-2015-0801 (bmo#1146339) + Same-origin bypass through anchor navigation + ------------------------------------------------------------------- Thu Feb 19 22:56:55 UTC 2015 - wr@rosenauer.org - update to 31.5.0 (bnc#917597) + * MFSA 2015-11/CVE-2015-0836 + Miscellaneous memory safety hazards + * MFSA 2015-12/CVE-2015-0833 (bmo#945192) + Invoking Mozilla updater will load locally stored DLL files + (Windows only) + * MFSA 2015-16/CVE-2015-0831 (bmo#1130514) + Use-after-free in IndexedDB + * MFSA 2015-19/CVE-2015-0827 (bmo#1117304) + Out-of-bounds read and write while rendering SVG content + * MFSA 2015-24/CVE-2015-0822 (bmo#1110557) + Reading of local files through manipulation of form autocomplete ------------------------------------------------------------------- Sat Jan 10 17:33:51 UTC 2015 - wr@rosenauer.org diff -r 09609abbb55f -r a001af1b1593 xulrunner/xulrunner.spec --- a/xulrunner/xulrunner.spec Sat Feb 21 00:04:54 2015 +0100 +++ b/xulrunner/xulrunner.spec Wed May 06 09:46:09 2015 +0200 @@ -1,7 +1,7 @@ # # spec file for package xulrunner # -# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # 2006-2015 Wolfgang Rosenauer # # All modifications and additions to the file contributed by third parties @@ -17,10 +17,10 @@ # -%define version_internal 31.5.0 +%define version_internal 31.6.0 %define apiversion 31 -%define uaweight 3150000 -%define releasedate 2015021900 +%define uaweight 3160000 +%define releasedate 2015032800 %define shared_js 0 %define has_system_nspr 1 %define has_system_nss 1