--- a/MozillaFirefox/MozillaFirefox.changes Mon Aug 20 08:55:43 2012 +0200
+++ b/MozillaFirefox/MozillaFirefox.changes Fri Aug 31 20:02:19 2012 +0200
@@ -1,13 +1,48 @@
-------------------------------------------------------------------
-Mon Aug 20 06:53:05 UTC 2012 - wr@rosenauer.org
-
-- update to Aurora 16.0
+Fri Aug 31 17:52:11 UTC 2012 - wr@rosenauer.org
+
+- update to Firefox 16.0b1
+- requires NSPR 4.9.2
- improve GStreamer integration (bmo#760140)
+- removed upstreamed mozilla-crashreporter-restart-args.patch
+- webapprt now included
-------------------------------------------------------------------
-Fri Aug 10 17:13:28 UTC 2012 - wr@rosenauer.org
-
-- update to Firefox 15.0b4
+Sun Aug 26 13:47:43 UTC 2012 - wr@rosenauer.org
+
+- update to Firefox 15.0 (bnc#777588)
+ * MFSA 2012-57/CVE-2012-1970
+ Miscellaneous memory safety hazards
+ * MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1975
+ CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE-2012-3959
+ CVE-2012-3960/CVE-2012-3961/CVE-2012-3962/CVE-2012-3963/CVE-2012-3964
+ Use-after-free issues found using Address Sanitizer
+ * MFSA 2012-59/CVE-2012-1956 (bmo#756719)
+ Location object can be shadowed using Object.defineProperty
+ * MFSA 2012-60/CVE-2012-3965 (bmo#769108)
+ Escalation of privilege through about:newtab
+ * MFSA 2012-61/CVE-2012-3966 (bmo#775794, bmo#775793)
+ Memory corruption with bitmap format images with negative height
+ * MFSA 2012-62/CVE-2012-3967/CVE-2012-3968
+ WebGL use-after-free and memory corruption
+ * MFSA 2012-63/CVE-2012-3969/CVE-2012-3970
+ SVG buffer overflow and use-after-free issues
+ * MFSA 2012-64/CVE-2012-3971
+ Graphite 2 memory corruption
+ * MFSA 2012-65/CVE-2012-3972 (bmo#746855)
+ Out-of-bounds read in format-number in XSLT
+ * MFSA 2012-66/CVE-2012-3973 (bmo#757128)
+ HTTPMonitor extension allows for remote debugging without explicit
+ activation
+ * MFSA 2012-68/CVE-2012-3975 (bmo#770684)
+ DOMParser loads linked resources in extensions when parsing
+ text/html
+ * MFSA 2012-69/CVE-2012-3976 (bmo#768568)
+ Incorrect site SSL certificate data display
+ * MFSA 2012-70/CVE-2012-3978 (bmo#770429)
+ Location object security checks bypassed by chrome code
+ * MFSA 2012-72/CVE-2012-3980 (bmo#771859)
+ Web console eval capable of executing chrome-privileged code
- fix HTML5 video crash with GStreamer enabled (bmo#761030)
- GStreamer is only used for MP4 (no WebM, OGG)
- updated filelist
--- a/MozillaFirefox/MozillaFirefox.spec Mon Aug 20 08:55:43 2012 +0200
+++ b/MozillaFirefox/MozillaFirefox.spec Fri Aug 31 20:02:19 2012 +0200
@@ -18,8 +18,8 @@
%define major 15
-%define mainver %major.98
-%define update_channel aurora
+%define mainver %major.99
+%define update_channel beta
Name: MozillaFirefox
BuildRequires: Mesa-devel
@@ -54,7 +54,7 @@
%endif
Version: %{mainver}
Release: 0
-%define releasedate 2012081500
+%define releasedate 2012082800
Provides: firefox = %{mainver}
Provides: firefox = %{version}-%{release}
Provides: web_browser
@@ -125,7 +125,7 @@
%define desktop_file_name %{name}
%endif
### build options
-%define branding 0
+%define branding 1
%define localize 1
%ifarch ppc ppc64 s390 s390x ia64 %arm
%define crashreporter 0
--- a/MozillaFirefox/create-tar.sh Mon Aug 20 08:55:43 2012 +0200
+++ b/MozillaFirefox/create-tar.sh Fri Aug 31 20:02:19 2012 +0200
@@ -1,9 +1,9 @@
#!/bin/bash
-CHANNEL="aurora"
+CHANNEL="beta"
BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="default"
-VERSION="15.98"
+RELEASE_TAG="FIREFOX_16_0b1_RELEASE"
+VERSION="15.99"
# mozilla
echo "cloning $BRANCH..."
--- a/mozilla-pkgconfig.patch Mon Aug 20 08:55:43 2012 +0200
+++ b/mozilla-pkgconfig.patch Fri Aug 31 20:02:19 2012 +0200
@@ -14,7 +14,7 @@
# Add pkg-config files to the install:: target
+# the apilibdir always ends with 1.9 as every patch update will provide a link
-+apilibdir = $(dir $(installdir))xulrunner-15
++apilibdir = $(dir $(installdir))xulrunner-16
+
pkg_config_files = \
libxul.pc \
--- a/xulrunner/create-tar.sh Mon Aug 20 08:55:43 2012 +0200
+++ b/xulrunner/create-tar.sh Fri Aug 31 20:02:19 2012 +0200
@@ -2,10 +2,11 @@
CHANNEL="beta"
BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_15_0b1_RELEASE"
-VERSION="14.99"
+RELEASE_TAG="FIREFOX_16_0b1_RELEASE"
+VERSION="15.99"
# mozilla
+echo "cloning $BRANCH..."
hg clone http://hg.mozilla.org/$BRANCH mozilla
pushd mozilla
[ "$RELEASE_TAG" == "default" ] || hg update -r $RELEASE_TAG
@@ -15,23 +16,28 @@
echo -n "REPO=" >> ../source-stamp.txt
hg showconfig paths.default 2>/dev/null | head -n1 | sed -e "s/^ssh:/http:/" >> ../source-stamp.txt
popd
+echo "creating archive..."
tar cjf xulrunner-$VERSION-source.tar.bz2 --exclude=.hgtags --exclude=.hgignore --exclude=.hg --exclude=CVS mozilla
# l10n
+echo "fetching locales..."
test ! -d l10n && mkdir l10n
for locale in $(awk '{ print $1; }' mozilla/browser/locales/shipped-locales); do
case $locale in
ja-JP-mac|en-US)
;;
*)
+ echo "fetching $locale ..."
hg clone http://hg.mozilla.org/releases/l10n/mozilla-$CHANNEL/$locale l10n/$locale
[ "$RELEASE_TAG" == "default" ] || hg -R l10n/$locale up -C -r $RELEASE_TAG
;;
esac
done
+echo "creating l10n archive..."
tar cjf l10n-$VERSION.tar.bz2 --exclude=.hgtags --exclude=.hgignore --exclude=.hg l10n
# compare-locales
+echo "creating compare-locales"
hg clone http://hg.mozilla.org/build/compare-locales
tar cjf compare-locales.tar.bz2 --exclude=.hgtags --exclude=.hgignore --exclude=.hg compare-locales
--- a/xulrunner/xulrunner.changes Mon Aug 20 08:55:43 2012 +0200
+++ b/xulrunner/xulrunner.changes Fri Aug 31 20:02:19 2012 +0200
@@ -1,7 +1,41 @@
-------------------------------------------------------------------
-Fri Jul 20 07:39:54 UTC 2012 - wr@rosenauer.org
+Sun Aug 26 13:48:04 UTC 2012 - wr@rosenauer.org
-- update to 15.0b1
+- update to 15.0 (bnc#777588)
+ * MFSA 2012-57/CVE-2012-1970
+ Miscellaneous memory safety hazards
+ * MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1975
+ CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE-2012-3959
+ CVE-2012-3960/CVE-2012-3961/CVE-2012-3962/CVE-2012-3963/CVE-2012-3964
+ Use-after-free issues found using Address Sanitizer
+ * MFSA 2012-59/CVE-2012-1956 (bmo#756719)
+ Location object can be shadowed using Object.defineProperty
+ * MFSA 2012-60/CVE-2012-3965 (bmo#769108)
+ Escalation of privilege through about:newtab
+ * MFSA 2012-61/CVE-2012-3966 (bmo#775794, bmo#775793)
+ Memory corruption with bitmap format images with negative height
+ * MFSA 2012-62/CVE-2012-3967/CVE-2012-3968
+ WebGL use-after-free and memory corruption
+ * MFSA 2012-63/CVE-2012-3969/CVE-2012-3970
+ SVG buffer overflow and use-after-free issues
+ * MFSA 2012-64/CVE-2012-3971
+ Graphite 2 memory corruption
+ * MFSA 2012-65/CVE-2012-3972 (bmo#746855)
+ Out-of-bounds read in format-number in XSLT
+ * MFSA 2012-66/CVE-2012-3973 (bmo#757128)
+ HTTPMonitor extension allows for remote debugging without explicit
+ activation
+ * MFSA 2012-68/CVE-2012-3975 (bmo#770684)
+ DOMParser loads linked resources in extensions when parsing
+ text/html
+ * MFSA 2012-69/CVE-2012-3976 (bmo#768568)
+ Incorrect site SSL certificate data display
+ * MFSA 2012-70/CVE-2012-3978 (bmo#770429)
+ Location object security checks bypassed by chrome code
+ * MFSA 2012-72/CVE-2012-3980 (bmo#771859)
+ Web console eval capable of executing chrome-privileged code
+- fix HTML5 video crash with GStreamer enabled (bmo#761030)
+- fixed filelist
-------------------------------------------------------------------
Sat Jul 14 19:33:44 UTC 2012 - wr@rosenauer.org
--- a/xulrunner/xulrunner.spec Mon Aug 20 08:55:43 2012 +0200
+++ b/xulrunner/xulrunner.spec Fri Aug 31 20:02:19 2012 +0200
@@ -42,14 +42,14 @@
%else
BuildRequires: wireless-tools
%endif
-BuildRequires: mozilla-nspr-devel >= 4.9.1
+BuildRequires: mozilla-nspr-devel >= 4.9.2
BuildRequires: mozilla-nss-devel >= 3.13.6
-Version: 15.98
+Version: 15.99
Release: 0
-%define releasedate 2012071800
-%define version_internal 15.0
-%define apiversion 15
-%define uaweight 1500000
+%define releasedate 2012082800
+%define version_internal 16.0
+%define apiversion 16
+%define uaweight 1600000
Summary: Mozilla Runtime Environment
License: MPL-2.0
Group: Productivity/Other
@@ -70,12 +70,13 @@
Source9: compare-locales.tar.bz2
Patch1: toolkit-download-folder.patch
Patch2: mozilla-pkgconfig.patch
+Patch3: idldir.patch
Patch4: mozilla-nongnome-proxies.patch
Patch5: mozilla-prefer_plugin_pref.patch
Patch6: mozilla-language.patch
Patch7: mozilla-ntlm-full-path.patch
Patch9: mozilla-sle11.patch
-Patch13: mozilla-gstreamer.patch
+Patch12: mozilla-crashreporter-restart-args.patch
Patch14: mozilla-ppc.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Requires: mozilla-js = %{version}
@@ -182,6 +183,7 @@
%setup -n mozilla -q -b 1 -b 9
%patch1 -p1
%patch2 -p1
+%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
@@ -189,7 +191,7 @@
%if %suse_version < 1120
%patch9 -p1
%endif
-%patch13 -p1
+%patch12 -p1
%patch14 -p1
%build
@@ -452,9 +454,7 @@
%{_libdir}/xulrunner-%{version_internal}/dependentlibs.list
%{_libdir}/xulrunner-%{version_internal}/mozilla-xremote-client
%{_libdir}/xulrunner-%{version_internal}/plugin-container
-%{_libdir}/xulrunner-%{version_internal}/run-mozilla.sh
%{_libdir}/xulrunner-%{version_internal}/xulrunner
-%{_libdir}/xulrunner-%{version_internal}/xulrunner-bin
%{_libdir}/xulrunner-%{version_internal}/xulrunner-stub
%{_libdir}/xulrunner-%{version_internal}/platform.ini
%{_libdir}/xulrunner-%{version_internal}/omni.ja