--- a/MozillaFirefox/MozillaFirefox.changes Mon Aug 20 08:55:43 2012 +0200
+++ b/MozillaFirefox/MozillaFirefox.changes Tue Sep 11 19:27:09 2012 +0200
@@ -1,13 +1,55 @@
-------------------------------------------------------------------
-Mon Aug 20 06:53:05 UTC 2012 - wr@rosenauer.org
-
-- update to Aurora 16.0
+Tue Sep 11 09:55:36 UTC 2012 - wr@rosenauer.org
+
+- update to Aurora 17 (20120910)
+
+-------------------------------------------------------------------
+Tue Sep 11 06:16:38 UTC 2012 - wr@rosenauer.org
+
+- update to Firefox 16.0b2
+- requires NSPR 4.9.2
- improve GStreamer integration (bmo#760140)
+- removed upstreamed mozilla-crashreporter-restart-args.patch
+- webapprt now included
+- use kmozillahelper's new REVEAL command (bnc#777415)
+ (requires new API version 7)
-------------------------------------------------------------------
-Fri Aug 10 17:13:28 UTC 2012 - wr@rosenauer.org
-
-- update to Firefox 15.0b4
+Sun Aug 26 13:47:43 UTC 2012 - wr@rosenauer.org
+
+- update to Firefox 15.0 (bnc#777588)
+ * MFSA 2012-57/CVE-2012-1970
+ Miscellaneous memory safety hazards
+ * MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1975
+ CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE-2012-3959
+ CVE-2012-3960/CVE-2012-3961/CVE-2012-3962/CVE-2012-3963/CVE-2012-3964
+ Use-after-free issues found using Address Sanitizer
+ * MFSA 2012-59/CVE-2012-1956 (bmo#756719)
+ Location object can be shadowed using Object.defineProperty
+ * MFSA 2012-60/CVE-2012-3965 (bmo#769108)
+ Escalation of privilege through about:newtab
+ * MFSA 2012-61/CVE-2012-3966 (bmo#775794, bmo#775793)
+ Memory corruption with bitmap format images with negative height
+ * MFSA 2012-62/CVE-2012-3967/CVE-2012-3968
+ WebGL use-after-free and memory corruption
+ * MFSA 2012-63/CVE-2012-3969/CVE-2012-3970
+ SVG buffer overflow and use-after-free issues
+ * MFSA 2012-64/CVE-2012-3971
+ Graphite 2 memory corruption
+ * MFSA 2012-65/CVE-2012-3972 (bmo#746855)
+ Out-of-bounds read in format-number in XSLT
+ * MFSA 2012-66/CVE-2012-3973 (bmo#757128)
+ HTTPMonitor extension allows for remote debugging without explicit
+ activation
+ * MFSA 2012-68/CVE-2012-3975 (bmo#770684)
+ DOMParser loads linked resources in extensions when parsing
+ text/html
+ * MFSA 2012-69/CVE-2012-3976 (bmo#768568)
+ Incorrect site SSL certificate data display
+ * MFSA 2012-70/CVE-2012-3978 (bmo#770429)
+ Location object security checks bypassed by chrome code
+ * MFSA 2012-72/CVE-2012-3980 (bmo#771859)
+ Web console eval capable of executing chrome-privileged code
- fix HTML5 video crash with GStreamer enabled (bmo#761030)
- GStreamer is only used for MP4 (no WebM, OGG)
- updated filelist
--- a/MozillaFirefox/MozillaFirefox.spec Mon Aug 20 08:55:43 2012 +0200
+++ b/MozillaFirefox/MozillaFirefox.spec Tue Sep 11 19:27:09 2012 +0200
@@ -17,7 +17,7 @@
#
-%define major 15
+%define major 16
%define mainver %major.98
%define update_channel aurora
@@ -54,14 +54,14 @@
%endif
Version: %{mainver}
Release: 0
-%define releasedate 2012081500
+%define releasedate 2012091000
Provides: firefox = %{mainver}
Provides: firefox = %{version}-%{release}
Provides: web_browser
Provides: browser(npapi)
# this is needed to match this package with the kde4 helper package without the main package
# having a hard requirement on the kde4 package
-%define kde_helper_version 6
+%define kde_helper_version 7
Provides: mozilla-kde4-version = %{kde_helper_version}
Summary: Mozilla Firefox Web Browser
License: MPL-2.0
--- a/MozillaFirefox/create-tar.sh Mon Aug 20 08:55:43 2012 +0200
+++ b/MozillaFirefox/create-tar.sh Tue Sep 11 19:27:09 2012 +0200
@@ -3,7 +3,7 @@
CHANNEL="aurora"
BRANCH="releases/mozilla-$CHANNEL"
RELEASE_TAG="default"
-VERSION="15.98"
+VERSION="16.98"
# mozilla
echo "cloning $BRANCH..."
--- a/mozilla-kde.patch Mon Aug 20 08:55:43 2012 +0200
+++ b/mozilla-kde.patch Tue Sep 11 19:27:09 2012 +0200
@@ -2249,7 +2249,7 @@
+#define KMOZILLAHELPER "/usr/lib/mozilla/kmozillahelper"
+#endif
+
-+#define KMOZILLAHELPER_VERSION 6
++#define KMOZILLAHELPER_VERSION 7
+#define MAKE_STR2( n ) #n
+#define MAKE_STR( n ) MAKE_STR2( n )
+
@@ -3810,8 +3810,8 @@
+
+ if(nsKDEUtils::kdeSupport()) {
+ nsTArray<nsCString> command;
-+ command.AppendElement( NS_LITERAL_CSTRING("OPEN") );
-+ command.AppendElement( url );
++ command.AppendElement( NS_LITERAL_CSTRING("REVEAL") );
++ command.AppendElement( mPath );
+ return nsKDEUtils::command( command ) ? NS_OK : NS_ERROR_FAILURE;
+ }
+
--- a/mozilla-pkgconfig.patch Mon Aug 20 08:55:43 2012 +0200
+++ b/mozilla-pkgconfig.patch Tue Sep 11 19:27:09 2012 +0200
@@ -14,7 +14,7 @@
# Add pkg-config files to the install:: target
+# the apilibdir always ends with 1.9 as every patch update will provide a link
-+apilibdir = $(dir $(installdir))xulrunner-15
++apilibdir = $(dir $(installdir))xulrunner-16
+
pkg_config_files = \
libxul.pc \
--- a/xulrunner/create-tar.sh Mon Aug 20 08:55:43 2012 +0200
+++ b/xulrunner/create-tar.sh Tue Sep 11 19:27:09 2012 +0200
@@ -1,11 +1,12 @@
#!/bin/bash
-CHANNEL="beta"
+CHANNEL="aurora"
BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_15_0b1_RELEASE"
-VERSION="14.99"
+RELEASE_TAG="default"
+VERSION="16.98"
# mozilla
+echo "cloning $BRANCH..."
hg clone http://hg.mozilla.org/$BRANCH mozilla
pushd mozilla
[ "$RELEASE_TAG" == "default" ] || hg update -r $RELEASE_TAG
@@ -15,23 +16,28 @@
echo -n "REPO=" >> ../source-stamp.txt
hg showconfig paths.default 2>/dev/null | head -n1 | sed -e "s/^ssh:/http:/" >> ../source-stamp.txt
popd
+echo "creating archive..."
tar cjf xulrunner-$VERSION-source.tar.bz2 --exclude=.hgtags --exclude=.hgignore --exclude=.hg --exclude=CVS mozilla
# l10n
+echo "fetching locales..."
test ! -d l10n && mkdir l10n
for locale in $(awk '{ print $1; }' mozilla/browser/locales/shipped-locales); do
case $locale in
ja-JP-mac|en-US)
;;
*)
+ echo "fetching $locale ..."
hg clone http://hg.mozilla.org/releases/l10n/mozilla-$CHANNEL/$locale l10n/$locale
[ "$RELEASE_TAG" == "default" ] || hg -R l10n/$locale up -C -r $RELEASE_TAG
;;
esac
done
+echo "creating l10n archive..."
tar cjf l10n-$VERSION.tar.bz2 --exclude=.hgtags --exclude=.hgignore --exclude=.hg l10n
# compare-locales
+echo "creating compare-locales"
hg clone http://hg.mozilla.org/build/compare-locales
tar cjf compare-locales.tar.bz2 --exclude=.hgtags --exclude=.hgignore --exclude=.hg compare-locales
--- a/xulrunner/xulrunner.changes Mon Aug 20 08:55:43 2012 +0200
+++ b/xulrunner/xulrunner.changes Tue Sep 11 19:27:09 2012 +0200
@@ -1,7 +1,53 @@
-------------------------------------------------------------------
-Fri Jul 20 07:39:54 UTC 2012 - wr@rosenauer.org
+Tue Sep 11 09:26:09 UTC 2012 - wr@rosenauer.org
+
+- update to 16.0b2
+
+-------------------------------------------------------------------
+Sun Aug 26 13:48:04 UTC 2012 - wr@rosenauer.org
-- update to 15.0b1
+- update to 15.0 (bnc#777588)
+ * MFSA 2012-57/CVE-2012-1970
+ Miscellaneous memory safety hazards
+ * MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1975
+ CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE-2012-3959
+ CVE-2012-3960/CVE-2012-3961/CVE-2012-3962/CVE-2012-3963/CVE-2012-3964
+ Use-after-free issues found using Address Sanitizer
+ * MFSA 2012-59/CVE-2012-1956 (bmo#756719)
+ Location object can be shadowed using Object.defineProperty
+ * MFSA 2012-60/CVE-2012-3965 (bmo#769108)
+ Escalation of privilege through about:newtab
+ * MFSA 2012-61/CVE-2012-3966 (bmo#775794, bmo#775793)
+ Memory corruption with bitmap format images with negative height
+ * MFSA 2012-62/CVE-2012-3967/CVE-2012-3968
+ WebGL use-after-free and memory corruption
+ * MFSA 2012-63/CVE-2012-3969/CVE-2012-3970
+ SVG buffer overflow and use-after-free issues
+ * MFSA 2012-64/CVE-2012-3971
+ Graphite 2 memory corruption
+ * MFSA 2012-65/CVE-2012-3972 (bmo#746855)
+ Out-of-bounds read in format-number in XSLT
+ * MFSA 2012-66/CVE-2012-3973 (bmo#757128)
+ HTTPMonitor extension allows for remote debugging without explicit
+ activation
+ * MFSA 2012-68/CVE-2012-3975 (bmo#770684)
+ DOMParser loads linked resources in extensions when parsing
+ text/html
+ * MFSA 2012-69/CVE-2012-3976 (bmo#768568)
+ Incorrect site SSL certificate data display
+ * MFSA 2012-70/CVE-2012-3978 (bmo#770429)
+ Location object security checks bypassed by chrome code
+ * MFSA 2012-72/CVE-2012-3980 (bmo#771859)
+ Web console eval capable of executing chrome-privileged code
+- fix HTML5 video crash with GStreamer enabled (bmo#761030)
+- fixed filelist
+
+-------------------------------------------------------------------
+Fri Aug 17 13:09:49 UTC 2012 - dmueller@suse.com
+
+- fix build on ARM:
+ * disable crashreporter, it does not build
+ * reduce debuginfo during built to avoid running out of memory
-------------------------------------------------------------------
Sat Jul 14 19:33:44 UTC 2012 - wr@rosenauer.org
--- a/xulrunner/xulrunner.spec Mon Aug 20 08:55:43 2012 +0200
+++ b/xulrunner/xulrunner.spec Tue Sep 11 19:27:09 2012 +0200
@@ -42,14 +42,14 @@
%else
BuildRequires: wireless-tools
%endif
-BuildRequires: mozilla-nspr-devel >= 4.9.1
+BuildRequires: mozilla-nspr-devel >= 4.9.2
BuildRequires: mozilla-nss-devel >= 3.13.6
-Version: 15.98
+Version: 16.98
Release: 0
-%define releasedate 2012071800
-%define version_internal 15.0
-%define apiversion 15
-%define uaweight 1500000
+%define releasedate 2012091000
+%define version_internal 17.0
+%define apiversion 17
+%define uaweight 1700000
Summary: Mozilla Runtime Environment
License: MPL-2.0
Group: Productivity/Other
@@ -70,12 +70,13 @@
Source9: compare-locales.tar.bz2
Patch1: toolkit-download-folder.patch
Patch2: mozilla-pkgconfig.patch
+Patch3: idldir.patch
Patch4: mozilla-nongnome-proxies.patch
Patch5: mozilla-prefer_plugin_pref.patch
Patch6: mozilla-language.patch
Patch7: mozilla-ntlm-full-path.patch
Patch9: mozilla-sle11.patch
-Patch13: mozilla-gstreamer.patch
+Patch12: mozilla-crashreporter-restart-args.patch
Patch14: mozilla-ppc.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Requires: mozilla-js = %{version}
@@ -86,7 +87,7 @@
%define has_system_nss 1
%define has_system_cairo 0
%define localize 0
-%ifarch ppc ppc64 s390 s390x ia64
+%ifarch ppc ppc64 s390 s390x ia64 %arm
%define crashreporter 0
%else
%define crashreporter 1
@@ -182,6 +183,7 @@
%setup -n mozilla -q -b 1 -b 9
%patch1 -p1
%patch2 -p1
+%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
@@ -189,7 +191,7 @@
%if %suse_version < 1120
%patch9 -p1
%endif
-%patch13 -p1
+%patch12 -p1
%patch14 -p1
%build
@@ -205,8 +207,13 @@
%ifarch ppc64
export CFLAGS="$CFLAGS -mminimal-toc"
%endif
+export LDFLAGS=" -Wl,-rpath -Wl,${MOZ_APP_DIR}"
+%ifarch %arm
+# debug symbols require too much memory during build
+export CFLAGS="${CFLAGS/-g/}"
+LDFLAGS+="-Wl,--reduce-memory-overheads -Wl,--no-keep-memory"
+%endif
export CXXFLAGS="$CFLAGS"
-export LDFLAGS="-Wl,-rpath -Wl,${MOZ_APP_DIR}"
export MOZCONFIG=$RPM_BUILD_DIR/mozconfig
export MOZILLA_OFFICIAL=1
export BUILD_OFFICIAL=1
@@ -280,11 +287,12 @@
# ARM
%ifarch %arm
cat << EOF >> $MOZCONFIG
-%ifarch armv7l
+%ifarch armv7l armv7hl
ac_add_options --with-arch=armv7-a
ac_add_options --with-float-abi=hard
ac_add_options --with-fpu=vfpv3-d16
ac_add_options --with-thumb=yes
+ac_add_options --disable-debug
%endif
%ifarch armv5tel
ac_add_options --with-arch=armv5te
@@ -452,9 +460,7 @@
%{_libdir}/xulrunner-%{version_internal}/dependentlibs.list
%{_libdir}/xulrunner-%{version_internal}/mozilla-xremote-client
%{_libdir}/xulrunner-%{version_internal}/plugin-container
-%{_libdir}/xulrunner-%{version_internal}/run-mozilla.sh
%{_libdir}/xulrunner-%{version_internal}/xulrunner
-%{_libdir}/xulrunner-%{version_internal}/xulrunner-bin
%{_libdir}/xulrunner-%{version_internal}/xulrunner-stub
%{_libdir}/xulrunner-%{version_internal}/platform.ini
%{_libdir}/xulrunner-%{version_internal}/omni.ja