--- a/MozillaFirefox/create-tar.sh Thu Jul 19 00:11:54 2012 +0200
+++ b/MozillaFirefox/create-tar.sh Tue Aug 28 20:52:20 2012 +0200
@@ -2,8 +2,8 @@
CHANNEL="esr10"
BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_10_0_6esr_RELEASE"
-VERSION="10.0.6"
+RELEASE_TAG="FIREFOX_10_0_7esr_RELEASE"
+VERSION="10.0.7"
# mozilla
hg clone -r $RELEASE_TAG http://hg.mozilla.org/$BRANCH mozilla
--- a/MozillaFirefox/firefox-esr.changes Thu Jul 19 00:11:54 2012 +0200
+++ b/MozillaFirefox/firefox-esr.changes Tue Aug 28 20:52:20 2012 +0200
@@ -1,3 +1,29 @@
+-------------------------------------------------------------------
+Sun Aug 26 13:56:19 UTC 2012 - wr@rosenauer.org
+
+- update to Firefox 10.0.7esr (bnc#777588)
+ * MFSA 2012-57/CVE-2012-1970
+ Miscellaneous memory safety hazards
+ * MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1975
+ CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE-2012-3959
+ CVE-2012-3960/CVE-2012-3961/CVE-2012-3962/CVE-2012-3963/CVE-2012-3964
+ Use-after-free issues found using Address Sanitizer
+ * MFSA 2012-61/CVE-2012-3966 (bmo#775794, bmo#775793)
+ Memory corruption with bitmap format images with negative height
+ * MFSA 2012-62/CVE-2012-3967/CVE-2012-3968
+ WebGL use-after-free and memory corruption
+ * MFSA 2012-63/CVE-2012-3969/CVE-2012-3970
+ SVG buffer overflow and use-after-free issues
+ * MFSA 2012-65/CVE-2012-3972 (bmo#746855)
+ Out-of-bounds read in format-number in XSLT
+ * MFSA 2012-69/CVE-2012-3976 (bmo#768568)
+ Incorrect site SSL certificate data display
+ * MFSA 2012-70/CVE-2012-3978 (bmo#770429)
+ Location object security checks bypassed by chrome code
+ * MFSA 2012-72/CVE-2012-3980 (bmo#771859)
+ Web console eval capable of executing chrome-privileged code
+- fixed gcc 4.7 related build errors
+
-------------------------------------------------------------------
Sat Jul 14 18:27:24 UTC 2012 - wr@rosenauer.org
--- a/MozillaFirefox/firefox-esr.spec Thu Jul 19 00:11:54 2012 +0200
+++ b/MozillaFirefox/firefox-esr.spec Tue Aug 28 20:52:20 2012 +0200
@@ -18,7 +18,7 @@
%define major 10
-%define mainver %major.0.6
+%define mainver %major.0.7
Name: firefox-esr
BuildRequires: Mesa-devel
@@ -48,7 +48,7 @@
BuildRequires: nss-shared-helper-devel
Version: %{mainver}
Release: 0
-%define releasedate 2012071300
+%define releasedate 2012082500
Provides: web_browser
Provides: firefox-esr = %{mainver}
# this is needed to match this package with the kde4 helper package without the main package
@@ -98,6 +98,7 @@
Patch14: mozilla-disable-neon-option.patch
Patch15: mozilla-bmo703534.patch
Patch16: mozilla-yarr-pcre.patch
+Patch17: mozilla-gcc47.patch
# Firefox/browser
Patch31: firefox-browser-css.patch
Patch32: firefox-cross-desktop.patch
@@ -236,6 +237,7 @@
%patch14 -p1
%patch15 -p1
%patch16 -p1
+%patch17 -p1
#
%patch31 -p1
%patch32 -p1
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/MozillaFirefox/mozilla-gcc47.patch Tue Aug 28 20:52:20 2012 +0200
@@ -0,0 +1,1 @@
+../mozilla-gcc47.patch
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/mozilla-gcc47.patch Tue Aug 28 20:52:20 2012 +0200
@@ -0,0 +1,27 @@
+# HG changeset patch
+# Parent 99660507abe258fca89e10da3cb245bdb4282810
+# User Wolfgang Rosenauer <wr@rosenauer.org>
+Bug 706724 - firefox-beta repository: file_util.cc:228:35: error: ‘ftruncate’ was not declared in this scope
+
+diff --git a/ipc/chromium/src/base/file_util.cc b/ipc/chromium/src/base/file_util.cc
+--- a/ipc/chromium/src/base/file_util.cc
++++ b/ipc/chromium/src/base/file_util.cc
+@@ -3,17 +3,17 @@
+ // found in the LICENSE file.
+
+ #include "base/file_util.h"
+
+ #if defined(OS_WIN)
+ #include <io.h>
+ #endif
+ #include <stdio.h>
+-#if defined(ANDROID)
++#if defined(ANDROID) || defined(OS_POSIX)
+ #include <unistd.h>
+ #endif
+
+ #include <fstream>
+
+ #include "base/file_path.h"
+ #include "base/logging.h"
+ #include "base/string_util.h"
--- a/series Thu Jul 19 00:11:54 2012 +0200
+++ b/series Tue Aug 28 20:52:20 2012 +0200
@@ -20,6 +20,7 @@
mozilla-disable-neon-option.patch
mozilla-bmo703534.patch
mozilla-yarr-pcre.patch
+mozilla-gcc47.patch
# Firefox patches
firefox-browser-css.patch
--- a/xulrunner/create-tar.sh Thu Jul 19 00:11:54 2012 +0200
+++ b/xulrunner/create-tar.sh Tue Aug 28 20:52:20 2012 +0200
@@ -2,8 +2,8 @@
CHANNEL="esr10"
BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_10_0_6esr_RELEASE"
-VERSION="10.0.6"
+RELEASE_TAG="FIREFOX_10_0_7esr_RELEASE"
+VERSION="10.0.7"
# mozilla
hg clone -r $RELEASE_TAG http://hg.mozilla.org/$BRANCH mozilla
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/xulrunner/mozilla-gcc47.patch Tue Aug 28 20:52:20 2012 +0200
@@ -0,0 +1,1 @@
+../mozilla-gcc47.patch
\ No newline at end of file
--- a/xulrunner/xulrunner-esr.changes Thu Jul 19 00:11:54 2012 +0200
+++ b/xulrunner/xulrunner-esr.changes Tue Aug 28 20:52:20 2012 +0200
@@ -1,3 +1,29 @@
+-------------------------------------------------------------------
+Sun Aug 26 13:56:33 UTC 2012 - wr@rosenauer.org
+
+- update to 10.0.7esr (bnc#777588)
+ * MFSA 2012-57/CVE-2012-1970
+ Miscellaneous memory safety hazards
+ * MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1975
+ CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE-2012-3959
+ CVE-2012-3960/CVE-2012-3961/CVE-2012-3962/CVE-2012-3963/CVE-2012-3964
+ Use-after-free issues found using Address Sanitizer
+ * MFSA 2012-61/CVE-2012-3966 (bmo#775794, bmo#775793)
+ Memory corruption with bitmap format images with negative height
+ * MFSA 2012-62/CVE-2012-3967/CVE-2012-3968
+ WebGL use-after-free and memory corruption
+ * MFSA 2012-63/CVE-2012-3969/CVE-2012-3970
+ SVG buffer overflow and use-after-free issues
+ * MFSA 2012-65/CVE-2012-3972 (bmo#746855)
+ Out-of-bounds read in format-number in XSLT
+ * MFSA 2012-69/CVE-2012-3976 (bmo#768568)
+ Incorrect site SSL certificate data display
+ * MFSA 2012-70/CVE-2012-3978 (bmo#770429)
+ Location object security checks bypassed by chrome code
+ * MFSA 2012-72/CVE-2012-3980 (bmo#771859)
+ Web console eval capable of executing chrome-privileged code
+- fixed gcc 4.7 related build errors
+
-------------------------------------------------------------------
Sat Jul 14 18:33:47 UTC 2012 - wr@rosenauer.org
--- a/xulrunner/xulrunner-esr.spec Thu Jul 19 00:11:54 2012 +0200
+++ b/xulrunner/xulrunner-esr.spec Tue Aug 28 20:52:20 2012 +0200
@@ -44,12 +44,12 @@
%endif
BuildRequires: mozilla-nspr-devel >= 4.9.0
BuildRequires: mozilla-nss-devel >= 3.13.5
-Version: 10.0.6
+Version: 10.0.7
Release: 0
-%define releasedate 2012071300
-%define version_internal 10.0.6
+%define releasedate 2012082500
+%define version_internal 10.0.7
%define apiversion 10
-%define uaweight 1000006
+%define uaweight 1000007
Summary: Mozilla Runtime Environment ESR
License: MPL-1.1 or GPL-2.0+ or LGPL-2.1+
Group: Productivity/Other
@@ -84,6 +84,7 @@
Patch16: mozilla-disable-neon-option.patch
Patch17: mozilla-bmo703534.patch
Patch18: mozilla-yarr-pcre.patch
+Patch19: mozilla-gcc47.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Requires: mozilla-js = %{version}
Requires(post): update-alternatives coreutils
@@ -205,6 +206,7 @@
%patch16 -p1
%patch17 -p1
%patch18 -p1
+%patch19 -p1
%build
# no need to add build time to binaries