# HG changeset patch # User Wolfgang Rosenauer # Date 1335354476 -7200 # Node ID df9c4a6e84f81c3e082b5366e0f95b2be1783c5b # Parent e840ed7d6878c2ae25ed6f8fca013d2dd7e5a497 update version/tree information for Aurora 14 cycle diff -r e840ed7d6878 -r df9c4a6e84f8 MozillaFirefox/MozillaFirefox.changes --- a/MozillaFirefox/MozillaFirefox.changes Mon Apr 16 14:56:32 2012 +0200 +++ b/MozillaFirefox/MozillaFirefox.changes Wed Apr 25 13:47:56 2012 +0200 @@ -1,7 +1,47 @@ ------------------------------------------------------------------- -Sun Apr 15 08:16:22 UTC 2012 - wr@rosenauer.org - -- update to Aurora 13 (20120414) +Wed Apr 25 11:45:10 UTC 2012 - wr@rosenauer.org + +- update to Aurora 14 (20120425) + +------------------------------------------------------------------- +Sat Apr 21 10:02:37 UTC 2012 - wr@rosenauer.org + +- update to Firefox 12.0 (bnc#758408) + * rebased patches + * MFSA 2012-20/CVE-2012-0467/CVE-2012-0468 + Miscellaneous memory safety hazards + * MFSA 2012-22/CVE-2012-0469 (bmo#738985) + use-after-free in IDBKeyRange + * MFSA 2012-23/CVE-2012-0470 (bmo#734288) + Invalid frees causes heap corruption in gfxImageSurface + * MFSA 2012-24/CVE-2012-0471 (bmo#715319) + Potential XSS via multibyte content processing errors + * MFSA 2012-25/CVE-2012-0472 (bmo#744480) + Potential memory corruption during font rendering using cairo-dwrite + * MFSA 2012-26/CVE-2012-0473 (bmo#743475) + WebGL.drawElements may read illegal video memory due to + FindMaxUshortElement error + * MFSA 2012-27/CVE-2012-0474 (bmo#687745, bmo#737307) + Page load short-circuit can lead to XSS + * MFSA 2012-28/CVE-2012-0475 (bmo#694576) + Ambiguous IPv6 in Origin headers may bypass webserver access + restrictions + * MFSA 2012-29/CVE-2012-0477 (bmo#718573) + Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues + * MFSA 2012-30/CVE-2012-0478 (bmo#727547) + Crash with WebGL content using textImage2D + * MFSA 2012-31/CVE-2011-3062 (bmo#739925) + Off-by-one error in OpenType Sanitizer + * MFSA 2012-32/CVE-2011-1187 (bmo#624621) + HTTP Redirections and remote content can be read by javascript errors + * MFSA 2012-33/CVE-2012-0479 (bmo#714631) + Potential site identity spoofing when loading RSS and Atom feeds +- added mozilla-libnotify.patch to allow fallback from libnotify + to xul based events if no notification-daemon is running +- gcc 4.7 fixes + * mozilla-gcc47.patch + * disabled crashreporter temporarily for Factory +- recommend libcanberra0 for proper sound notifications ------------------------------------------------------------------- Fri Mar 9 21:47:07 UTC 2012 - wr@rosenauer.org diff -r e840ed7d6878 -r df9c4a6e84f8 MozillaFirefox/MozillaFirefox.spec --- a/MozillaFirefox/MozillaFirefox.spec Mon Apr 16 14:56:32 2012 +0200 +++ b/MozillaFirefox/MozillaFirefox.spec Wed Apr 25 13:47:56 2012 +0200 @@ -17,8 +17,8 @@ # -%define major 12 -%define mainver %major.99 +%define major 13 +%define mainver %major.98 %define update_channel aurora Name: MozillaFirefox @@ -49,7 +49,7 @@ BuildRequires: nss-shared-helper-devel Version: %{mainver} Release: 0 -%define releasedate 2012041400 +%define releasedate 2012042500 Provides: firefox = %{mainver} Provides: firefox = %{version}-%{release} Provides: web_browser @@ -127,9 +127,13 @@ %define branding 0 %define localize 1 %ifarch ppc ppc64 s390 s390x ia64 %arm -%define crashreporter 0 +%define crashreporter 0 %else -%define crashreporter 1 +%define crashreporter 1 +%endif +# temporary gcc 4.7 +%if %suse_version > 1210 +%define crashreporter 0 %endif ### build options end @@ -165,7 +169,7 @@ %package translations-other Summary: Extra translations for MozillaFirefox Group: System/Localization -Provides: locale(%{name}:af;ak;as;ast;be;bg;bn_BD;bn_IN;br;bs;csb;cy;el;en_ZA;eo;es_MX;et;eu;fa;fy_NL;ga_IE;gd;gl;gu_IN;he;hi_IN;hr;hy_AM;id;is;kk;kn;ku;lg;lij;lt;lv;mai;mk;ml;mn;mr;nn_NO;nso;or;pa_IN;rm;ro;si;sk;sl;son;sq;sr;sw;ta;ta_LK;te;th;tr;uk;vi;zu) +Provides: locale(%{name}:af;ak;as;ast;be;bg;bn_BD;bn_IN;br;bs;csb;cy;el;en_ZA;eo;es_MX;et;eu;fa;fy_NL;ga_IE;gd;gl;gu_IN;he;hi_IN;hr;hy_AM;id;is;kk;km;kn;ku;lg;lij;lt;lv;mai;mk;ml;mn;mr;nn_NO;nso;or;pa_IN;rm;ro;si;sk;sl;son;sq;sr;sw;ta;ta_LK;te;th;tr;uk;vi;zu) Requires: %{name} = %{version} Obsoletes: %{name}-translations < %{version}-%{release} diff -r e840ed7d6878 -r df9c4a6e84f8 MozillaFirefox/create-tar.sh --- a/MozillaFirefox/create-tar.sh Mon Apr 16 14:56:32 2012 +0200 +++ b/MozillaFirefox/create-tar.sh Wed Apr 25 13:47:56 2012 +0200 @@ -3,7 +3,7 @@ CHANNEL="aurora" BRANCH="releases/mozilla-$CHANNEL" RELEASE_TAG="default" -VERSION="12.99" +VERSION="13.98" # mozilla echo "cloning $BRANCH..." diff -r e840ed7d6878 -r df9c4a6e84f8 xulrunner/create-tar.sh --- a/xulrunner/create-tar.sh Mon Apr 16 14:56:32 2012 +0200 +++ b/xulrunner/create-tar.sh Wed Apr 25 13:47:56 2012 +0200 @@ -1,9 +1,9 @@ #!/bin/bash -CHANNEL="beta" +CHANNEL="aurora" BRANCH="releases/mozilla-$CHANNEL" -RELEASE_TAG="FIREFOX_12_0b3_RELEASE" -VERSION="11.99" +RELEASE_TAG="default" +VERSION="13.98" # mozilla hg clone http://hg.mozilla.org/$BRANCH mozilla diff -r e840ed7d6878 -r df9c4a6e84f8 xulrunner/xulrunner.changes --- a/xulrunner/xulrunner.changes Mon Apr 16 14:56:32 2012 +0200 +++ b/xulrunner/xulrunner.changes Wed Apr 25 13:47:56 2012 +0200 @@ -1,3 +1,42 @@ +------------------------------------------------------------------- +Sat Apr 21 10:03:42 UTC 2012 - wr@rosenauer.org + +- update to 12.0 (bnc#758408) + * rebased patches + * MFSA 2012-20/CVE-2012-0467/CVE-2012-0468 + Miscellaneous memory safety hazards + * MFSA 2012-22/CVE-2012-0469 (bmo#738985) + use-after-free in IDBKeyRange + * MFSA 2012-23/CVE-2012-0470 (bmo#734288) + Invalid frees causes heap corruption in gfxImageSurface + * MFSA 2012-24/CVE-2012-0471 (bmo#715319) + Potential XSS via multibyte content processing errors + * MFSA 2012-25/CVE-2012-0472 (bmo#744480) + Potential memory corruption during font rendering using cairo-dwrite + * MFSA 2012-26/CVE-2012-0473 (bmo#743475) + WebGL.drawElements may read illegal video memory due to + FindMaxUshortElement error + * MFSA 2012-27/CVE-2012-0474 (bmo#687745, bmo#737307) + Page load short-circuit can lead to XSS + * MFSA 2012-28/CVE-2012-0475 (bmo#694576) + Ambiguous IPv6 in Origin headers may bypass webserver access + restrictions + * MFSA 2012-29/CVE-2012-0477 (bmo#718573) + Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues + * MFSA 2012-30/CVE-2012-0478 (bmo#727547) + Crash with WebGL content using textImage2D + * MFSA 2012-31/CVE-2011-3062 (bmo#739925) + Off-by-one error in OpenType Sanitizer + * MFSA 2012-32/CVE-2011-1187 (bmo#624621) + HTTP Redirections and remote content can be read by javascript errors + * MFSA 2012-33/CVE-2012-0479 (bmo#714631) + Potential site identity spoofing when loading RSS and Atom feeds +- added mozilla-libnotify.patch to allow fallback from libnotify + to xul based events if no notification-daemon is running +- gcc 4.7 fixes + * mozilla-gcc47.patch + * disabled crashreporter temporarily for Factory + ------------------------------------------------------------------- Fri Mar 9 21:49:05 UTC 2012 - wr@rosenauer.org diff -r e840ed7d6878 -r df9c4a6e84f8 xulrunner/xulrunner.spec --- a/xulrunner/xulrunner.spec Mon Apr 16 14:56:32 2012 +0200 +++ b/xulrunner/xulrunner.spec Wed Apr 25 13:47:56 2012 +0200 @@ -43,13 +43,13 @@ BuildRequires: wireless-tools %endif BuildRequires: mozilla-nspr-devel >= 4.9.0 -BuildRequires: mozilla-nss-devel >= 3.13.3 -Version: 12.99 +BuildRequires: mozilla-nss-devel >= 3.13.4 +Version: 13.98 Release: 0 -%define releasedate 2012032100 -%define version_internal 13.0 -%define apiversion 13 -%define uaweight 1300000 +%define releasedate 2012042500 +%define version_internal 14.0 +%define apiversion 14 +%define uaweight 1400000 Summary: Mozilla Runtime Environment License: MPL-1.1 or GPL-2.0+ or LGPL-2.1+ Group: Productivity/Other