--- a/MozillaFirefox/MozillaFirefox.changes Fri Jun 19 08:18:57 2015 +0200
+++ b/MozillaFirefox/MozillaFirefox.changes Sat Jul 18 14:48:41 2015 +0200
@@ -1,11 +1,56 @@
-------------------------------------------------------------------
-Wed Jun 19 10:48:49 UTC 2015 - wr@rosenauer.org
-
-- update to Firefox 39.0b6
+Sat Jul 18 12:47:47 UTC 2015 - wr@rosenauer.org
+
+- update to Firefox 40.0b5
+
+-------------------------------------------------------------------
+Wed Jul 1 06:43:02 UTC 2015 - wr@rosenauer.org
+
+- update to Firefox 39.0 (bnc#935979)
+ * Share Hello URLs with social networks
+ * Support for 'switch' role in ARIA 1.1 (web accessibility)
+ * SafeBrowsing malware detection lookups enabled for downloads
+ (Mac OS X and Linux)
+ * Support for new Unicode 8.0 skin tone emoji
+ * Removed support for insecure SSLv3 for network communications
+ * Disable use of RC4 except for temporarily whitelisted hosts
+ * NPAPI Plug-in performance improved via asynchronous initialization
+ security fixes:
+ * MFSA 2015-59/CVE-2015-2724/CVE-2015-2725/CVE-2015-2726
+ Miscellaneous memory safety hazards
+ * MFSA 2015-60/CVE-2015-2727 (bmo#1163422)
+ Local files or privileged URLs in pages can be opened into new tabs
+ * MFSA 2015-61/CVE-2015-2728 (bmo#1142210)
+ Type confusion in Indexed Database Manager
+ * MFSA 2015-62/CVE-2015-2729 (bmo#1122218)
+ Out-of-bound read while computing an oscillator rendering range in Web Audio
+ * MFSA 2015-63/CVE-2015-2731 (bmo#1149891)
+ Use-after-free in Content Policy due to microtask execution error
+ * MFSA 2015-64/CVE-2015-2730 (bmo#1125025)
+ ECDSA signature validation fails to handle some signatures correctly
+ (this fix is shipped by NSS 3.19.1 externally)
+ * MFSA 2015-65/CVE-2015-2722/CVE-2015-2733 (bmo#1166924, bmo#1169867)
+ Use-after-free in workers while using XMLHttpRequest
+ * MFSA 2015-66/CVE-2015-2734/CVE-2015-2735/CVE-2015-2736/CVE-2015-2737
+ CVE-2015-2738/CVE-2015-2739/CVE-2015-2740
+ Vulnerabilities found through code inspection
+ * MFSA 2015-67/CVE-2015-2741 (bmo#1147497)
+ Key pinning is ignored when overridable errors are encountered
+ * MFSA 2015-68/CVE-2015-2742 (bmo#1138669)
+ OS X crash reports may contain entered key press information
+ (not relevant under Linux)
+ * MFSA 2015-69/CVE-2015-2743 (bmo#1163109)
+ Privilege escalation in PDF.js
+ * MFSA 2015-70/CVE-2015-4000 (bmo#1138554)
+ NSS accepts export-length DHE keys with regular DHE cipher suites
+ (this fix is shipped by NSS 3.19.1 externally)
+ * MFSA 2015-71/CVE-2015-2721 (bmo#1086145)
+ NSS incorrectly permits skipping of ServerKeyExchange
+ (this fix is shipped by NSS 3.19.1 externally)
- dropped mozilla-prefer_plugin_pref.patch as this feature is
likely not worth maintaining further
- rebased patches
-- require NSS 3.19.1
+- require NSS 3.19.2
-------------------------------------------------------------------
Thu Jun 18 10:30:18 UTC 2015 - schwab@suse.de
--- a/MozillaFirefox/MozillaFirefox.spec Fri Jun 19 08:18:57 2015 +0200
+++ b/MozillaFirefox/MozillaFirefox.spec Sat Jul 18 14:48:41 2015 +0200
@@ -18,10 +18,10 @@
# changed with every update
-%define major 38
+%define major 39
%define mainver %major.99
%define update_channel beta
-%define releasedate 2015060700
+%define releasedate 2015071700
# general build definitions
%if "%{update_channel}" != "aurora"
@@ -77,7 +77,7 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.10.8
-BuildRequires: mozilla-nss-devel >= 3.19.1
+BuildRequires: mozilla-nss-devel >= 3.19.2
BuildRequires: nss-shared-helper-devel
BuildRequires: python-devel
BuildRequires: startup-notification-devel
--- a/MozillaFirefox/create-tar.sh Fri Jun 19 08:18:57 2015 +0200
+++ b/MozillaFirefox/create-tar.sh Sat Jul 18 14:48:41 2015 +0200
@@ -2,8 +2,8 @@
CHANNEL="beta"
BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_39_0b6_RELEASE"
-VERSION="38.99"
+RELEASE_TAG="FIREFOX_40_0b5_RELEASE"
+VERSION="39.99"
# mozilla
if [ -d mozilla ]; then
--- a/firefox-kde.patch Fri Jun 19 08:18:57 2015 +0200
+++ b/firefox-kde.patch Sat Jul 18 14:48:41 2015 +0200
@@ -1,11 +1,11 @@
# HG changeset patch
-# Parent 14be97741eabce611c291418a4c1774cae8b29ff
+# Parent cd94ee18bd0cdda7f5eb5503d8d072efe02a8033
diff --git a/browser/base/content/browser-kde.xul b/browser/base/content/browser-kde.xul
new file mode 100644
--- /dev/null
+++ b/browser/base/content/browser-kde.xul
-@@ -0,0 +1,1311 @@
+@@ -0,0 +1,1308 @@
+#filter substitution
+<?xml version="1.0"?>
+# -*- Mode: HTML -*-
@@ -669,7 +669,7 @@
+ setfocus="false"
+ tooltip="tabbrowser-tab-tooltip"
+ stopwatchid="FX_TAB_CLICK_MS">
-+ <tab class="tabbrowser-tab" selected="true" fadein="true"/>
++ <tab class="tabbrowser-tab" selected="true" visuallyselected="true" fadein="true"/>
+ </tabs>
+
+ <toolbarbutton id="new-tab-button"
@@ -1313,9 +1313,6 @@
+# starting with an empty iframe here in browser.xul from a Ts standpoint.
+</deck>
+
-+<script type="application/javascript" src="chrome://browser/content/pocket/pktApi.js"/>
-+<script type="application/javascript" src="chrome://browser/content/pocket/main.js"/>
-+
+</window>
diff --git a/browser/base/content/browser.xul b/browser/base/content/browser.xul
--- a/browser/base/content/browser.xul