--- a/xulrunner/create-tar.sh Mon Aug 10 18:47:18 2015 +0200
+++ b/xulrunner/create-tar.sh Sat Aug 22 09:09:59 2015 +0200
@@ -1,9 +1,9 @@
#!/bin/bash
-CHANNEL="esr31"
+CHANNEL="esr38"
BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_31_8_0esr_RELEASE"
-VERSION="31.8.0"
+RELEASE_TAG="FIREFOX_38_2_0esr_RELEASE"
+VERSION="38.2.0"
# mozilla
if [ -d mozilla ]; then
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/xulrunner/mozilla-arm-disable-edsp.patch Sat Aug 22 09:09:59 2015 +0200
@@ -0,0 +1,1 @@
+../mozilla-arm-disable-edsp.patch
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/xulrunner/mozilla-icu-strncat.patch Sat Aug 22 09:09:59 2015 +0200
@@ -0,0 +1,1 @@
+../mozilla-icu-strncat.patch
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/xulrunner/mozilla-preferences.patch Sat Aug 22 09:09:59 2015 +0200
@@ -0,0 +1,1 @@
+../mozilla-preferences.patch
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/xulrunner/mozilla-repo.patch Sat Aug 22 09:09:59 2015 +0200
@@ -0,0 +1,1 @@
+../mozilla-repo.patch
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/xulrunner/spellcheck.js Sat Aug 22 09:09:59 2015 +0200
@@ -0,0 +1,1 @@
+pref("spellchecker.dictionary_path", "/usr/share/myspell");
--- a/xulrunner/xulrunner.changes Mon Aug 10 18:47:18 2015 +0200
+++ b/xulrunner/xulrunner.changes Sat Aug 22 09:09:59 2015 +0200
@@ -1,9 +1,81 @@
+-------------------------------------------------------------------
+Mon Aug 10 16:40:17 UTC 2015 - wr@rosenauer.org
+
+- update to xulrunner 38.2.0esr (bnc#940806)
+ * MFSA 2015-79/CVE-2015-4473
+ Miscellaneous memory safety hazards
+ * MFSA 2015-80/CVE-2015-4475 (bmo#1175396)
+ Out-of-bounds read with malformed MP3 file
+ * MFSA 2015-82/CVE-2015-4478 (bmo#1105914)
+ Redefinition of non-configurable JavaScript object properties
+ * MFSA 2015-83/CVE-2015-4479/CVE-2015-4480/CVE-2015-4493
+ Overflow issues in libstagefright
+ * MFSA 2015-84/CVE-2015-4481 (bmo1171518)
+ Arbitrary file overwriting through Mozilla Maintenance Service
+ with hard links (only affected Windows)
+ * MFSA 2015-85/CVE-2015-4482 (bmo#1184500)
+ Out-of-bounds write with Updater and malicious MAR file
+ (does not affect openSUSE RPM packages which do not ship the
+ updater)
+ * MFSA 2015-87/CVE-2015-4484 (bmo#1171540)
+ Crash when using shared memory in JavaScript
+ * MFSA 2015-88/CVE-2015-4491 (bmo#1184009)
+ Heap overflow in gdk-pixbuf when scaling bitmap images
+ * MFSA 2015-89/CVE-2015-4485/CVE-2015-4486 (bmo#1177948, bmo#1178148)
+ Buffer overflows on Libvpx when decoding WebM video
+ * MFSA 2015-90/CVE-2015-4487/CVE-2015-4488/CVE-2015-4489
+ Vulnerabilities found through code inspection
+ * MFSA 2015-92/CVE-2015-4492 (bmo#1185820)
+ Use-after-free in XMLHttpRequest with shared workers
+- rebased all patches
+- dropped obsolete patches:
+ * mozilla-sle11.patch
+ * mozilla-ppc.patch
+ * mozilla-nullptr-gcc45.patch
+ * mozilla-libproxy-compat.patch
+ * mozilla-fix-compilation-gcc5-bmo-1021171.patch
+ * mozilla-fix-compilation-gcc5-bmo-1153109.patch
+ * mozilla-aarch64-bmo-810631.patch
+- added platform specific patches from Firefox package:
+ * mozilla-skia-be-le.patch
+ * mozilla-bmo1005535.patch
+ * mozilla-add-glibcxx_use_cxx11_abi.patch
+ * mozilla-arm64-libjpeg-turbo.patch
+ * mozilla-shared-nss-db.patch
+
-------------------------------------------------------------------
Sat Jun 27 15:26:00 UTC 2015 - wr@rosenauer.org
- update to 31.8.0 (bnc#935979)
+ * MFSA 2015-59/CVE-2015-2724
+ Miscellaneous memory safety hazards
+ * MFSA 2015-61/CVE-2015-2728 (bmo#1142210)
+ Type confusion in Indexed Database Manager
+ * MFSA 2015-64/CVE-2015-2730 (bmo#1125025)
+ ECDSA signature validation fails to handle some signatures correctly
+ (this fix is shipped by NSS 3.19.1 externally)
+ * MFSA 2015-65/CVE-2015-2722/CVE-2015-2733 (bmo#1166924, bmo#1169867)
+ Use-after-free in workers while using XMLHttpRequest
+ * MFSA 2015-66/CVE-2015-2734/CVE-2015-2735/CVE-2015-2736/CVE-2015-2737
+ CVE-2015-2738/CVE-2015-2739/CVE-2015-2740
+ Vulnerabilities found through code inspection
+ * MFSA 2015-69/CVE-2015-2743 (bmo#1163109)
+ Privilege escalation in PDF.js
+ * MFSA 2015-70/CVE-2015-4000 (bmo#1138554)
+ NSS accepts export-length DHE keys with regular DHE cipher suites
+ (this fix is shipped by NSS 3.19.1 externally)
+ * MFSA 2015-71/CVE-2015-2721 (bmo#1086145)
+ NSS incorrectly permits skipping of ServerKeyExchange
+ (this fix is shipped by NSS 3.19.1 externally)
- requires NSS 3.19.2
+--------------------------------------------------------------------
+Sun Jun 21 09:39:51 UTC 2015 - antoine.belvire@laposte.net
+
+- Fix compilation with GCC5 (bmo#1153109, bmo#1021171)
+ * add mozilla-fix-compilation-gcc5-bmo-1153109.patch
+ * add mozilla-fix-compilation-gcc5-bmo-1021171.patch
+
-------------------------------------------------------------------
Wed May 6 07:49:53 UTC 2015 - wr@rosenauer.org
--- a/xulrunner/xulrunner.spec Mon Aug 10 18:47:18 2015 +0200
+++ b/xulrunner/xulrunner.spec Sat Aug 22 09:09:59 2015 +0200
@@ -17,10 +17,10 @@
#
-%define version_internal 31.8.0
-%define apiversion 31
-%define uaweight 3180000
-%define releasedate 2015062600
+%define version_internal 38.2.0
+%define apiversion 38
+%define uaweight 3820000
+%define releasedate 2015080900
%define shared_js 0
%define has_system_nspr 1
%define has_system_nss 1
@@ -67,7 +67,7 @@
%else
BuildRequires: wireless-tools
%endif
-BuildRequires: mozilla-nspr-devel >= 4.10.6
+BuildRequires: mozilla-nspr-devel >= 4.10.8
BuildRequires: mozilla-nss-devel >= 3.19.2
BuildRequires: pkgconfig(libpulse)
%if %suse_version > 1210
@@ -105,23 +105,21 @@
Source8: source-stamp.txt
Source9: compare-locales.tar.xz
Patch1: toolkit-download-folder.patch
-Patch2: mozilla-nongnome-proxies.patch
-Patch3: mozilla-prefer_plugin_pref.patch
-Patch4: mozilla-pkgconfig.patch
+Patch2: mozilla-pkgconfig.patch
+Patch3: mozilla-nongnome-proxies.patch
+Patch4: mozilla-prefer_plugin_pref.patch
+Patch5: mozilla-shared-nss-db.patch
Patch6: mozilla-preferences.patch
Patch7: mozilla-language.patch
Patch8: mozilla-ntlm-full-path.patch
Patch9: mozilla-repo.patch
-Patch10: mozilla-sle11.patch
-Patch11: mozilla-icu-strncat.patch
-Patch12: mozilla-arm-disable-edsp.patch
-Patch13: mozilla-ppc.patch
-Patch14: mozilla-libproxy-compat.patch
-Patch15: mozilla-nullptr-gcc45.patch
-Patch16: mozilla-idldir.patch
-# Gecko/Toolkit AArch64 Porting
-Patch30: mozilla-aarch64-bmo-810631.patch
-
+Patch10: mozilla-icu-strncat.patch
+Patch11: mozilla-arm-disable-edsp.patch
+Patch12: mozilla-idldir.patch
+Patch13: mozilla-skia-be-le.patch
+Patch14: mozilla-bmo1005535.patch
+Patch15: mozilla-add-glibcxx_use_cxx11_abi.patch
+Patch16: mozilla-arm64-libjpeg-turbo.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%if 0%{?shared_js} == 1
Requires: mozilla-js = %{version}
@@ -220,20 +218,18 @@
%patch2 -p1
%patch3 -p1
%patch4 -p1
+%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch9 -p1
-%if %suse_version < 1120
%patch10 -p1
-%endif
%patch11 -p1
%patch12 -p1
%patch13 -p1
%patch14 -p1
%patch15 -p1
%patch16 -p1
-%patch30 -p1
%build
# no need to add build time to binaries
@@ -431,6 +427,8 @@
rm -f $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/dictionaries/en-US*
rm -f $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/nspr-config
rm -f $RPM_BUILD_ROOT%{_libdir}/pkgconfig/mozilla-plugin.pc
+rm -rf $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/gmp-fake/
+rm -rf $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/gmp-fakeopenh264/
# fdupes
%fdupes $RPM_BUILD_ROOT%{_includedir}/xulrunner-%{version_internal}/
%fdupes $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/
@@ -483,12 +481,12 @@
%{_libdir}/xulrunner-%{version_internal}/chrome/icons/
%{_libdir}/xulrunner-%{version_internal}/components/
%{_libdir}/xulrunner-%{version_internal}/*.so
+%{_libdir}/xulrunner-%{version_internal}/gmp-clearkey/
%if 0%{?shared_js} == 1
%exclude %{_libdir}/xulrunner-%{version_internal}/libmozjs.so
%endif
%{_libdir}/xulrunner-%{version_internal}/chrome.manifest
%{_libdir}/xulrunner-%{version_internal}/dependentlibs.list
-%{_libdir}/xulrunner-%{version_internal}/mozilla-xremote-client
%{_libdir}/xulrunner-%{version_internal}/plugin-container
%{_libdir}/xulrunner-%{version_internal}/xulrunner
%{_libdir}/xulrunner-%{version_internal}/xulrunner-stub