--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/xulrunner/xulrunner-esr.changes Wed Nov 21 11:39:05 2012 +0100
@@ -0,0 +1,404 @@
+-------------------------------------------------------------------
+Wed Nov 21 10:37:50 UTC 2012 - wr@rosenauer.org
+
+- rebrand to xulrunner-esr
+
+-------------------------------------------------------------------
+Tue Nov 20 20:15:23 UTC 2012 - wr@rosenauer.org
+
+- update to 17.0 (bnc#790140)
+ * MFSA 2012-91/CVE-2012-5842/CVE-2012-5843
+ Miscellaneous memory safety hazards
+ * MFSA 2012-92/CVE-2012-4202 (bmo#758200)
+ Buffer overflow while rendering GIF images
+ * MFSA 2012-93/CVE-2012-4201 (bmo#747607)
+ evalInSanbox location context incorrectly applied
+ * MFSA 2012-94/CVE-2012-5836 (bmo#792857)
+ Crash when combining SVG text on path with CSS
+ * MFSA 2012-95/CVE-2012-4203 (bmo#765628)
+ Javascript: URLs run in privileged context on New Tab page
+ * MFSA 2012-96/CVE-2012-4204 (bmo#778603)
+ Memory corruption in str_unescape
+ * MFSA 2012-97/CVE-2012-4205 (bmo#779821)
+ XMLHttpRequest inherits incorrect principal within sandbox
+ * MFSA 2012-99/CVE-2012-4208 (bmo#798264)
+ XrayWrappers exposes chrome-only properties when not in chrome
+ compartment
+ * MFSA 2012-100/CVE-2012-5841 (bmo#805807)
+ Improper security filtering for cross-origin wrappers
+ * MFSA 2012-101/CVE-2012-4207 (bmo#801681)
+ Improper character decoding in HZ-GB-2312 charset
+ * MFSA 2012-102/CVE-2012-5837 (bmo#800363)
+ Script entered into Developer Toolbar runs with chrome privileges
+ * MFSA 2012-103/CVE-2012-4209 (bmo#792405)
+ Frames can shadow top.location
+ * MFSA 2012-104/CVE-2012-4210 (bmo#796866)
+ CSS and HTML injection through Style Inspector
+ * MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/
+ CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/
+ CVE-2012-4213/CVE-2012-4217/CVE-2012-4218
+ Use-after-free and buffer overflow issues found using Address
+ Sanitizer
+ * MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2012-5838
+ Use-after-free, buffer overflow, and memory corruption issues
+ found using Address Sanitizer
+- rebased patches
+- disabled WebRTC since build is broken (bmo#776877)
+
+-------------------------------------------------------------------
+Wed Oct 24 08:28:49 UTC 2012 - wr@rosenauer.org
+
+- update to 16.0.2 (bnc#786522)
+ * MFSA 2012-90/CVE-2012-4194/CVE-2012-4195/CVE-2012-4196
+ (bmo#800666, bmo#793121, bmo#802557)
+ Fixes for Location object issues
+
+-------------------------------------------------------------------
+Thu Oct 11 01:50:19 UTC 2012 - wr@rosenauer.org
+
+- update to 16.0.1 (bnc#783533)
+ * MFSA 2012-88/CVE-2012-4191 (bmo#798045)
+ Miscellaneous memory safety hazards
+ * MFSA 2012-89/CVE-2012-4192/CVE-2012-4193 (bmo#799952, bmo#720619)
+ defaultValue security checks not applied
+
+-------------------------------------------------------------------
+Sun Oct 7 21:41:01 UTC 2012 - wr@rosenauer.org
+
+- update to 16.0 (bnc#783533)
+ * MFSA 2012-74/CVE-2012-3982/CVE-2012-3983
+ Miscellaneous memory safety hazards
+ * MFSA 2012-75/CVE-2012-3984 (bmo#575294)
+ select element persistance allows for attacks
+ * MFSA 2012-76/CVE-2012-3985 (bmo#655649)
+ Continued access to initial origin after setting document.domain
+ * MFSA 2012-77/CVE-2012-3986 (bmo#775868)
+ Some DOMWindowUtils methods bypass security checks
+ * MFSA 2012-79/CVE-2012-3988 (bmo#725770)
+ DOS and crash with full screen and history navigation
+ * MFSA 2012-80/CVE-2012-3989 (bmo#783867)
+ Crash with invalid cast when using instanceof operator
+ * MFSA 2012-81/CVE-2012-3991 (bmo#783260)
+ GetProperty function can bypass security checks
+ * MFSA 2012-82/CVE-2012-3994 (bmo#765527)
+ top object and location property accessible by plugins
+ * MFSA 2012-83/CVE-2012-3993/CVE-2012-4184 (bmo#768101, bmo#780370)
+ Chrome Object Wrapper (COW) does not disallow acces to privileged
+ functions or properties
+ * MFSA 2012-84/CVE-2012-3992 (bmo#775009)
+ Spoofing and script injection through location.hash
+ * MFSA 2012-85/CVE-2012-3995/CVE-2012-4179/CVE-2012-4180/
+ CVE-2012-4181/CVE-2012-4182/CVE-2012-4183
+ Use-after-free, buffer overflow, and out of bounds read issues
+ found using Address Sanitizer
+ * MFSA 2012-86/CVE-2012-4185/CVE-2012-4186/CVE-2012-4187/
+ CVE-2012-4188
+ Heap memory corruption issues found using Address Sanitizer
+ * MFSA 2012-87/CVE-2012-3990 (bmo#787704)
+ Use-after-free in the IME State Manager
+- requires NSPR 4.9.2
+- removed upstreamed mozilla-crashreporter-restart-args.patch
+- updated translations-other with new languages
+
+-------------------------------------------------------------------
+Sun Aug 26 13:48:04 UTC 2012 - wr@rosenauer.org
+
+- update to 15.0 (bnc#777588)
+ * MFSA 2012-57/CVE-2012-1970
+ Miscellaneous memory safety hazards
+ * MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1975
+ CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE-2012-3959
+ CVE-2012-3960/CVE-2012-3961/CVE-2012-3962/CVE-2012-3963/CVE-2012-3964
+ Use-after-free issues found using Address Sanitizer
+ * MFSA 2012-59/CVE-2012-1956 (bmo#756719)
+ Location object can be shadowed using Object.defineProperty
+ * MFSA 2012-60/CVE-2012-3965 (bmo#769108)
+ Escalation of privilege through about:newtab
+ * MFSA 2012-61/CVE-2012-3966 (bmo#775794, bmo#775793)
+ Memory corruption with bitmap format images with negative height
+ * MFSA 2012-62/CVE-2012-3967/CVE-2012-3968
+ WebGL use-after-free and memory corruption
+ * MFSA 2012-63/CVE-2012-3969/CVE-2012-3970
+ SVG buffer overflow and use-after-free issues
+ * MFSA 2012-64/CVE-2012-3971
+ Graphite 2 memory corruption
+ * MFSA 2012-65/CVE-2012-3972 (bmo#746855)
+ Out-of-bounds read in format-number in XSLT
+ * MFSA 2012-66/CVE-2012-3973 (bmo#757128)
+ HTTPMonitor extension allows for remote debugging without explicit
+ activation
+ * MFSA 2012-68/CVE-2012-3975 (bmo#770684)
+ DOMParser loads linked resources in extensions when parsing
+ text/html
+ * MFSA 2012-69/CVE-2012-3976 (bmo#768568)
+ Incorrect site SSL certificate data display
+ * MFSA 2012-70/CVE-2012-3978 (bmo#770429)
+ Location object security checks bypassed by chrome code
+ * MFSA 2012-72/CVE-2012-3980 (bmo#771859)
+ Web console eval capable of executing chrome-privileged code
+- fix HTML5 video crash with GStreamer enabled (bmo#761030)
+- fixed filelist
+
+-------------------------------------------------------------------
+Fri Aug 17 13:09:49 UTC 2012 - dmueller@suse.com
+
+- fix build on ARM:
+ * disable crashreporter, it does not build
+ * reduce debuginfo during built to avoid running out of memory
+
+-------------------------------------------------------------------
+Sat Jul 14 19:33:44 UTC 2012 - wr@rosenauer.org
+
+- update to 14.0.1 (bnc#771583)
+ * MFSA 2012-42/CVE-2012-1949/CVE-2012-1948
+ Miscellaneous memory safety hazards
+ * MFSA 2012-43/CVE-2012-1950
+ Incorrect URL displayed in addressbar through drag and drop
+ * MFSA 2012-44/CVE-2012-1951/CVE-2012-1954/CVE-2012-1953/CVE-2012-1952
+ Gecko memory corruption
+ * MFSA 2012-45/CVE-2012-1955 (bmo#757376)
+ Spoofing issue with location
+ * MFSA 2012-46/CVE-2012-1966 (bmo#734076)
+ XSS through data: URLs
+ * MFSA 2012-47/CVE-2012-1957 (bmo#750096)
+ Improper filtering of javascript in HTML feed-view
+ * MFSA 2012-48/CVE-2012-1958 (bmo#750820)
+ use-after-free in nsGlobalWindow::PageHidden
+ * MFSA 2012-49/CVE-2012-1959 (bmo#754044, bmo#737559)
+ Same-compartment Security Wrappers can be bypassed
+ * MFSA 2012-50/CVE-2012-1960 (bmo#761014)
+ Out of bounds read in QCMS
+ * MFSA 2012-51/CVE-2012-1961 (bmo#761655)
+ X-Frame-Options header ignored when duplicated
+ * MFSA 2012-52/CVE-2012-1962 (bmo#764296)
+ JSDependentString::undepend string conversion results in memory
+ corruption
+ * MFSA 2012-53/CVE-2012-1963 (bmo#767778)
+ Content Security Policy 1.0 implementation errors cause data
+ leakage
+ * MFSA 2012-55/CVE-2012-1965 (bmo#758990)
+ feed: URLs with an innerURI inherit security context of page
+ * MFSA 2012-56/CVE-2012-1967 (bmo#758344)
+ Code execution through javascript: URLs
+- license change from tri license to MPL-2.0
+- require NSS 3.13.5
+- PPC fixes:
+ * reenabled mozilla-yarr-pcre.patch to fix build for PPC
+ * add patches for bmo#750620 and bmo#746112
+ * fix xpcshell segfault on ppc
+- build plugin-container on every arch
+
+-------------------------------------------------------------------
+Fri Jun 15 12:40:23 UTC 2012 - wr@rosenauer.org
+
+- update to 13.0.1
+ * bugfix release
+
+-------------------------------------------------------------------
+Sat Jun 2 09:16:34 UTC 2012 - wr@rosenauer.org
+
+- update to 13.0 (bnc#765204)
+ * MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101
+ Miscellaneous memory safety hazards
+ * MFSA 2012-36/CVE-2012-1944 (bmo#751422)
+ Content Security Policy inline-script bypass
+ * MFSA 2012-37/CVE-2012-1945 (bmo#670514)
+ Information disclosure though Windows file shares and shortcut
+ files
+ * MFSA 2012-38/CVE-2012-1946 (bmo#750109)
+ Use-after-free while replacing/inserting a node in a document
+ * MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941
+ Buffer overflow and use-after-free issues found using Address
+ Sanitizer
+- require NSS 3.13.4
+ * MFSA 2012-39/CVE-2012-0441 (bmo#715073)
+- reenabled crashreporter for Factory/12.2
+ (fixed in mozilla-gcc47.patch)
+
+-------------------------------------------------------------------
+Sat Apr 21 10:03:42 UTC 2012 - wr@rosenauer.org
+
+- update to 12.0 (bnc#758408)
+ * rebased patches
+ * MFSA 2012-20/CVE-2012-0467/CVE-2012-0468
+ Miscellaneous memory safety hazards
+ * MFSA 2012-22/CVE-2012-0469 (bmo#738985)
+ use-after-free in IDBKeyRange
+ * MFSA 2012-23/CVE-2012-0470 (bmo#734288)
+ Invalid frees causes heap corruption in gfxImageSurface
+ * MFSA 2012-24/CVE-2012-0471 (bmo#715319)
+ Potential XSS via multibyte content processing errors
+ * MFSA 2012-25/CVE-2012-0472 (bmo#744480)
+ Potential memory corruption during font rendering using cairo-dwrite
+ * MFSA 2012-26/CVE-2012-0473 (bmo#743475)
+ WebGL.drawElements may read illegal video memory due to
+ FindMaxUshortElement error
+ * MFSA 2012-27/CVE-2012-0474 (bmo#687745, bmo#737307)
+ Page load short-circuit can lead to XSS
+ * MFSA 2012-28/CVE-2012-0475 (bmo#694576)
+ Ambiguous IPv6 in Origin headers may bypass webserver access
+ restrictions
+ * MFSA 2012-29/CVE-2012-0477 (bmo#718573)
+ Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues
+ * MFSA 2012-30/CVE-2012-0478 (bmo#727547)
+ Crash with WebGL content using textImage2D
+ * MFSA 2012-31/CVE-2011-3062 (bmo#739925)
+ Off-by-one error in OpenType Sanitizer
+ * MFSA 2012-32/CVE-2011-1187 (bmo#624621)
+ HTTP Redirections and remote content can be read by javascript errors
+ * MFSA 2012-33/CVE-2012-0479 (bmo#714631)
+ Potential site identity spoofing when loading RSS and Atom feeds
+- added mozilla-libnotify.patch to allow fallback from libnotify
+ to xul based events if no notification-daemon is running
+- gcc 4.7 fixes
+ * mozilla-gcc47.patch
+ * disabled crashreporter temporarily for Factory
+
+-------------------------------------------------------------------
+Fri Mar 9 21:49:05 UTC 2012 - wr@rosenauer.org
+
+- update to version 11.0 (bnc#750044)
+ * MFSA 2012-13/CVE-2012-0455 (bmo#704354)
+ XSS with Drag and Drop and Javascript: URL
+ * MFSA 2012-14/CVE-2012-0456/CVE-2012-0457 (bmo#711653, #720103)
+ SVG issues found with Address Sanitizer
+ * MFSA 2012-15/CVE-2012-0451 (bmo#717511)
+ XSS with multiple Content Security Policy headers
+ * MFSA 2012-16/CVE-2012-0458
+ Escalation of privilege with Javascript: URL as home page
+ * MFSA 2012-17/CVE-2012-0459 (bmo#723446)
+ Crash when accessing keyframe cssText after dynamic modification
+ * MFSA 2012-18/CVE-2012-0460 (bmo#727303)
+ window.fullScreen writeable by untrusted content
+ * MFSA 2012-19/CVE-2012-0461/CVE-2012-0462/CVE-2012-0464/
+ CVE-2012-0463
+ Miscellaneous memory safety hazards
+- fix build on ARM
+- disable jemalloc on s390(x)
+
+-------------------------------------------------------------------
+Thu Feb 16 08:51:42 UTC 2012 - wr@rosenauer.org
+
+- update to version 10.0.2 (bnc#747328)
+ * CVE-2011-3026 (bmo#727401)
+ libpng: integer overflow leading to heap-buffer overflow
+
+-------------------------------------------------------------------
+Thu Feb 9 10:20:49 UTC 2012 - wr@rosenauer.org
+
+- update to version 10.0.1 (bnc#746616)
+ * MFSA 2012-10/CVE-2012-0452 (bmo#724284)
+ use after free in nsXBLDocumentInfo::ReadPrototypeBindings
+
+-------------------------------------------------------------------
+Tue Feb 7 10:40:58 UTC 2012 - dvaleev@suse.com
+
+- Use YARR interpreter instead of PCRE on platforms where YARR JIT
+ is not supported, since PCRE doesnt build (bmo#691898)
+- fix ppc64 build (bmo#703534)
+
+-------------------------------------------------------------------
+Mon Jan 30 09:43:21 UTC 2012 - wr@rosenauer.org
+
+- update to version 10.0 (bnc#744275)
+ * MFSA 2012-01/CVE-2012-0442/CVE-2012-0443
+ Miscellaneous memory safety hazards
+ * MFSA 2012-03/CVE-2012-0445 (bmo#701071)
+ <iframe> element exposed across domains via name attribute
+ * MFSA 2012-04/CVE-2011-3659 (bmo#708198)
+ Child nodes from nsDOMAttribute still accessible after removal
+ of nodes
+ * MFSA 2012-05/CVE-2012-0446 (bmo#705651)
+ Frame scripts calling into untrusted objects bypass security
+ checks
+ * MFSA 2012-06/CVE-2012-0447 (bmo#710079)
+ Uninitialized memory appended when encoding icon images may
+ cause information disclosure
+ * MFSA 2012-07/CVE-2012-0444 (bmo#719612)
+ Potential Memory Corruption When Decoding Ogg Vorbis files
+ * MFSA 2012-08/CVE-2012-0449 (bmo#701806, bmo#702466)
+ Crash with malformed embedded XSLT stylesheets
+- removed obsolete ppc64 patch
+- disable neon for ARM as it doesn't build correctly
+
+-------------------------------------------------------------------
+Fri Dec 23 17:02:01 UTC 2011 - wr@rosenauer.org
+
+- update to Firefox 9.0.1
+ * (strongparent) parentNode of element gets lost (bmo#335998)
+
+-------------------------------------------------------------------
+Sun Dec 18 09:28:02 UTC 2011 - wr@rosenauer.org
+
+- update to release 9.0 (bnc#737533)
+ * MFSA 2011-53/CVE-2011-3660
+ Miscellaneous memory safety hazards (rv:9.0)
+ * MFSA 2011-54/CVE-2011-3661 (bmo#691299)
+ Potentially exploitable crash in the YARR regular expression
+ library
+ * MFSA 2011-55/CVE-2011-3658 (bmo#708186)
+ nsSVGValue out-of-bounds access
+ * MFSA 2011-56/CVE-2011-3663 (bmo#704482)
+ Key detection without JavaScript via SVG animation
+ * MFSA 2011-58/VE-2011-3665 (bmo#701259)
+ Crash scaling <video> to extreme sizes
+
+-------------------------------------------------------------------
+Sat Nov 12 15:20:49 UTC 2011 - wr@rosenauer.org
+
+- fix ppc64 build
+
+-------------------------------------------------------------------
+Sun Nov 6 08:23:04 UTC 2011 - wr@rosenauer.org
+
+- update to release 8.0 (bnc#728520)
+ * MFSA 2011-47/CVE-2011-3648 (bmo#690225)
+ Potential XSS against sites using Shift-JIS
+ * MFSA 2011-48/CVE-2011-3651/CVE-2011-3652/CVE-2011-3654
+ Miscellaneous memory safety hazards
+ * MFSA 2011-49/CVE-2011-3650 (bmo#674776)
+ Memory corruption while profiling using Firebug
+ * MFSA 2011-52/CVE-2011-3655 (bmo#672182)
+ Code execution via NoWaiverWrapper
+- rebased patches
+
+-------------------------------------------------------------------
+Fri Sep 30 10:59:54 UTC 2011 - wr@rosenauer.org
+
+- update to minor release 7.0.1
+ * fixed staged addon updates
+
+-------------------------------------------------------------------
+Fri Sep 23 11:36:04 UTC 2011 - wr@rosenauer.org
+
+- update to version 7.0 (bnc#720264)
+ * MFSA 2011-36/CVE-2011-2995/CVE-2011-2996/CVE-2011-2997
+ Miscellaneous memory safety hazards
+ * MFSA 2011-39/CVE-2011-3000 (bmo#655389)
+ Defense against multiple Location headers due to CRLF Injection
+ * MFSA 2011-40/CVE-2011-2372/CVE-2011-3001
+ Code installation through holding down Enter
+ * MFSA 2011-41/CVE-2011-3002/CVE-2011-3003 (bmo#680840, bmo#682335)
+ Potentially exploitable WebGL crashes
+ * MFSA 2011-42/CVE-2011-3232 (bmo#653672)
+ Potentially exploitable crash in the YARR regular expression
+ library
+ * MFSA 2011-43/CVE-2011-3004 (bmo#653926)
+ loadSubScript unwraps XPCNativeWrapper scope parameter
+ * MFSA 2011-44/CVE-2011-3005 (bmo#675747)
+ Use after free reading OGG headers
+ * MFSA 2011-45
+ Inferring keystrokes from motion data
+- removed obsolete mozilla-cairo-lcd.patch
+- rebased patches
+
+-------------------------------------------------------------------
+Tue Sep 20 11:54:28 UTC 2011 - wr@rosenauer.org
+
+- install xpt.py into SDK (mozilla-639554.patch) (bnc#639554)
+
+-------------------------------------------------------------------
+Wed Sep 14 13:07:39 UTC 2011 - wr@rosenauer.org
+
+- initial xulrunner package
+
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/xulrunner/xulrunner-esr.spec Wed Nov 21 11:39:05 2012 +0100
@@ -0,0 +1,521 @@
+#
+# spec file for package xulrunner
+#
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# 2006-2012 Wolfgang Rosenauer
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via http://bugs.opensuse.org/
+#
+
+
+Name: xulrunner
+BuildRequires: Mesa-devel
+BuildRequires: autoconf213
+BuildRequires: dbus-1-glib-devel
+BuildRequires: fdupes
+BuildRequires: gcc-c++
+BuildRequires: hunspell-devel
+BuildRequires: libcurl-devel
+BuildRequires: libgnomeui-devel
+BuildRequires: libidl-devel
+BuildRequires: libnotify-devel
+BuildRequires: nss-shared-helper-devel
+BuildRequires: pkg-config
+BuildRequires: python
+BuildRequires: startup-notification-devel
+BuildRequires: unzip
+BuildRequires: xorg-x11-libXt-devel
+BuildRequires: yasm
+BuildRequires: zip
+%if %suse_version > 1110
+BuildRequires: libiw-devel
+BuildRequires: libproxy-devel
+%else
+BuildRequires: wireless-tools
+%endif
+BuildRequires: mozilla-nspr-devel >= 4.9.2
+BuildRequires: mozilla-nss-devel >= 3.13.6
+Version: 17.0
+Release: 0
+%define releasedate 2012111600
+%define version_internal 17.0
+%define apiversion 17
+%define uaweight 1700000
+Summary: Mozilla Runtime Environment
+License: MPL-2.0
+Group: Productivity/Other
+Url: http://www.mozilla.org/
+Provides: gecko
+%ifarch %ix86
+Provides: xulrunner-32bit = %{version}-%{release}
+%endif
+Source: xulrunner-%{version}-source.tar.bz2
+Source1: l10n-%{version}.tar.bz2
+Source2: find-external-requires.sh
+Source3: %{name}-rpmlintrc
+Source4: xulrunner-openSUSE-prefs.js
+Source5: add-plugins.sh.in
+Source6: create-tar.sh
+Source7: baselibs.conf
+Source8: source-stamp.txt
+Source9: compare-locales.tar.bz2
+Patch1: toolkit-download-folder.patch
+Patch2: mozilla-pkgconfig.patch
+Patch3: mozilla-idldir.patch
+Patch4: mozilla-nongnome-proxies.patch
+Patch5: mozilla-prefer_plugin_pref.patch
+Patch6: mozilla-language.patch
+Patch7: mozilla-ntlm-full-path.patch
+Patch9: mozilla-sle11.patch
+Patch14: mozilla-ppc.patch
+BuildRoot: %{_tmppath}/%{name}-%{version}-build
+Requires: mozilla-js = %{version}
+Requires(post): update-alternatives coreutils
+Requires(preun): update-alternatives coreutils
+### build configuration ###
+%define has_system_nspr 1
+%define has_system_nss 1
+%define has_system_cairo 0
+%define localize 0
+%ifarch ppc ppc64 s390 s390x ia64 %arm
+%define crashreporter 0
+%else
+%define crashreporter 1
+%endif
+### configuration end ###
+%define _use_internal_dependency_generator 0
+%define __find_requires sh %{SOURCE2}
+%global provfind sh -c "grep -Ev 'mozsqlite3|dbusservice|unixprint' | %__find_provides"
+%global __find_provides %provfind
+%if %has_system_nspr
+Requires: mozilla-nspr >= %(rpm -q --queryformat '%{VERSION}' mozilla-nspr)
+%endif
+%if %has_system_nss
+Requires: mozilla-nss >= %(rpm -q --queryformat '%{VERSION}' mozilla-nss)
+%endif
+
+%description
+XULRunner is a single installable package that can be used to bootstrap
+multiple XUL+XPCOM applications that are as rich as Firefox and
+Thunderbird.
+
+
+%package -n mozilla-js
+Summary: Mozilla JS engine
+Group: Productivity/Other
+
+%description -n mozilla-js
+JavaScript is the Netscape-developed object scripting language used in millions
+of web pages and server applications worldwide. Netscape's JavaScript is a
+superset of the ECMA-262 Edition 3 (ECMAScript) standard scripting language,
+with only mild differences from the published standard.
+
+
+%package devel
+Summary: XULRunner/Gecko SDK
+Group: Development/Libraries/Other
+%if %has_system_nspr
+Requires: mozilla-nspr-devel >= %(rpm -q --queryformat '%{VERSION}' mozilla-nspr-devel)
+%endif
+%if %has_system_nss
+Requires: mozilla-nss-devel >= %(rpm -q --queryformat '%{VERSION}' mozilla-nss-devel)
+%endif
+Requires: %{name} = %{version}
+
+%description devel
+Software Development Kit to embed XUL or Gecko into other applications.
+
+%if %localize
+
+%package translations-common
+Summary: Common translations for XULRunner
+Group: System/Localization
+Requires: %{name} = %{version}
+Provides: locale(%{name}:ar;ca;cs;da;de;en_GB;es_AR;es_CL;es_ES;fi;fr;hu;it;ja;ko;nb_NO;nl;pl;pt_BR;pt_PT;ru;sv_SE;zh_CN;zh_TW)
+Obsoletes: %{name}-translations < %{version}-%{release}
+
+%description translations-common
+XULRunner is a single installable package that can be used to bootstrap
+multiple XUL+XPCOM applications that are as rich as Firefox and
+Thunderbird.
+
+This package contains the most common languages but en-US which is
+delivered in the main package.
+
+
+%package translations-other
+Summary: Extra translations for XULRunner
+Group: System/Localization
+Requires: %{name} = %{version}
+Provides: locale(%{name}:ach;af;ak;as;ast;be;bg;bn_BD;bn_IN;br;bs;csb;cy;el;en_ZA;eo;es_MX;et;eu;fa;ff;fy_NL;ga_IE;gd;gl;gu_IN;he;hi_IN;hr;hy_AM;id;is;kk;km;kn;ku;lg;lij;lt;lv;mai;mk;ml;mr;nn_NO;nso;or;pa_IN;rm;ro;si;sk;sl;son;sq;sr;ta;ta_LK;te;th;tr;uk;vi;zu)
+Obsoletes: %{name}-translations < %{version}-%{release}
+
+%description translations-other
+XULRunner is a single installable package that can be used to bootstrap
+multiple XUL+XPCOM applications that are as rich as Firefox and
+Thunderbird.
+
+This package contains rarely used languages.
+%endif
+
+%if %crashreporter
+
+%package buildsymbols
+Summary: Breakpad buildsymbols for %{name}
+Group: Development/Debug
+
+%description buildsymbols
+This subpackage contains the Breakpad created and compatible debugging
+symbols meant for upload to Mozilla's crash collector database.
+%endif
+
+%prep
+%setup -n mozilla -q -b 1 -b 9
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1
+%patch6 -p1
+%patch7 -p1
+%if %suse_version < 1120
+%patch9 -p1
+%endif
+%patch14 -p1
+
+%build
+# no need to add build time to binaries
+modified="$(sed -n '/^----/n;s/ - .*$//;p;q' "%{_sourcedir}/%{name}.changes")"
+DATE="\"$(date -d "${modified}" "+%%b %%e %%Y")\""
+TIME="\"$(date -d "${modified}" "+%%R")\""
+find . -regex ".*\.c\|.*\.cpp\|.*\.h" -exec sed -i "s/__DATE__/${DATE}/g;s/__TIME__/${TIME}/g" {} +
+#
+MOZ_APP_DIR=%{_libdir}/xulrunner-%{version_internal}
+export MOZ_BUILD_DATE=%{releasedate}
+export CFLAGS="$RPM_OPT_FLAGS -Os -fno-strict-aliasing"
+%ifarch ppc64
+export CFLAGS="$CFLAGS -mminimal-toc"
+%endif
+export LDFLAGS=" -Wl,-rpath -Wl,${MOZ_APP_DIR}"
+%ifarch %arm
+# debug symbols require too much memory during build
+export CFLAGS="${CFLAGS/-g/}"
+LDFLAGS+="-Wl,--reduce-memory-overheads -Wl,--no-keep-memory"
+%endif
+export CXXFLAGS="$CFLAGS"
+export MOZCONFIG=$RPM_BUILD_DIR/mozconfig
+export MOZILLA_OFFICIAL=1
+export BUILD_OFFICIAL=1
+export MOZ_MILESTONE_RELEASE=1
+#
+cat << EOF > $MOZCONFIG
+mk_add_options MOZILLA_OFFICIAL=1
+mk_add_options BUILD_OFFICIAL=1
+mk_add_options MOZ_MILESTONE_RELEASE=1
+mk_add_options MOZ_MAKE_FLAGS=%{?jobs:-j%jobs}
+mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/../obj
+. \$topsrcdir/xulrunner/config/mozconfig
+ac_add_options --prefix=%{_prefix}
+ac_add_options --libdir=%{_libdir}
+ac_add_options --sysconfdir=%{_sysconfdir}
+ac_add_options --mandir=%{_mandir}
+ac_add_options --includedir=%{_includedir}
+ac_add_options --enable-optimize
+ac_add_options --enable-extensions=default
+#ac_add_options --with-system-jpeg # mozilla uses internal libjpeg-turbo now
+#ac_add_options --with-system-png # no APNG support
+ac_add_options --with-system-zlib
+ac_add_options --with-l10n-base=$RPM_BUILD_DIR/l10n
+ac_add_options --disable-tests
+ac_add_options --disable-mochitest
+ac_add_options --disable-installer
+ac_add_options --disable-updater
+ac_add_options --disable-javaxpcom
+ac_add_options --enable-system-hunspell
+ac_add_options --enable-startup-notification
+ac_add_options --enable-shared-js
+ac_add_options --disable-webrtc # does not build with system NSPR
+#ac_add_options --enable-debug
+EOF
+%if %suse_version > 1130
+cat << EOF >> $MOZCONFIG
+ac_add_options --disable-gnomevfs
+ac_add_options --enable-gio
+EOF
+%endif
+%if %has_system_nspr
+cat << EOF >> $MOZCONFIG
+ac_add_options --with-system-nspr
+EOF
+%endif
+%if %has_system_nss
+cat << EOF >> $MOZCONFIG
+ac_add_options --with-system-nss
+EOF
+%endif
+%if %has_system_cairo
+cat << EOF >> $MOZCONFIG
+ac_add_options --enable-system-cairo
+EOF
+%endif
+%if %suse_version > 1110
+cat << EOF >> $MOZCONFIG
+ac_add_options --enable-libproxy
+EOF
+%endif
+%if ! %crashreporter
+cat << EOF >> $MOZCONFIG
+ac_add_options --disable-crashreporter
+EOF
+%endif
+# S/390
+%ifarch s390 s390x
+cat << EOF >> $MOZCONFIG
+ac_add_options --disable-jemalloc
+EOF
+%endif
+# ARM
+%ifarch %arm
+cat << EOF >> $MOZCONFIG
+%ifarch armv7l armv7hl
+ac_add_options --with-arch=armv7-a
+ac_add_options --with-float-abi=hard
+ac_add_options --with-fpu=vfpv3-d16
+ac_add_options --with-thumb=yes
+ac_add_options --disable-debug
+%endif
+%ifarch armv5tel
+ac_add_options --with-arch=armv5te
+ac_add_options --with-float-abi=soft
+ac_add_options --with-thumb=no
+%endif
+EOF
+%endif
+make -f client.mk build
+
+%install
+cd ../obj
+# preferences (to package in omni.jar)
+cp %{SOURCE4} dist/bin/defaults/pref/all-openSUSE.js
+%makeinstall STRIP=/bin/true
+# xpt.py is not executable
+chmod a+x $RPM_BUILD_ROOT%{_libdir}/xulrunner-devel-%{version_internal}/sdk/bin/*.py
+# remove some executable permissions
+find $RPM_BUILD_ROOT%{_includedir}/xulrunner-%{version_internal} \
+ -type f -perm -111 -exec chmod a-x {} \;
+find $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/ \
+ -name "*.js" -o -name "*.xpm" -o -name "*.png" | xargs chmod a-x
+# remove mkdir.done files from installed base
+find $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal} -name ".mkdir.done" | xargs rm
+mkdir -p $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/extensions
+# fixing SDK dynamic libs (symlink instead of copy)
+rm $RPM_BUILD_ROOT%{_libdir}/xulrunner-devel-%{version_internal}/sdk/lib/*.so
+ln -sf ../../../xulrunner-%{version_internal}/libmozjs.so \
+ $RPM_BUILD_ROOT%{_libdir}/xulrunner-devel-%{version_internal}/sdk/lib/
+ln -sf ../../../xulrunner-%{version_internal}/libxpcom.so \
+ $RPM_BUILD_ROOT%{_libdir}/xulrunner-devel-%{version_internal}/sdk/lib/
+ln -sf ../../../xulrunner-%{version_internal}/libxul.so \
+ $RPM_BUILD_ROOT%{_libdir}/xulrunner-devel-%{version_internal}/sdk/lib/
+# include basic buildenv for xulapps to use
+mkdir -p $RPM_BUILD_ROOT%{_datadir}/xulrunner-%{version_internal}
+pushd ..
+# this list has been compiled by trial and error for prism
+tar --exclude=*.cpp --exclude=*.mm \
+ -cvjf $RPM_BUILD_ROOT%{_datadir}/xulrunner-%{version_internal}/mozilla-src.tar.bz2 \
+ mozilla/configure.in mozilla/Makefile.in mozilla/client.py mozilla/allmakefiles.sh \
+ mozilla/config mozilla/client.mk mozilla/aclocal.m4 mozilla/build mozilla/js/src/* \
+ mozilla/testing mozilla/toolkit/mozapps/installer mozilla/probes mozilla/memory \
+ mozilla/toolkit/xre mozilla/nsprpub/config mozilla/tools mozilla/xpcom/build
+popd
+# install add-plugins.sh
+sed "s:%%PROGDIR:%{_libdir}/xulrunner-%{version_internal}:g" \
+ %{SOURCE5} > $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/add-plugins.sh
+chmod 755 $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/add-plugins.sh
+# ghosts
+touch $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/global.reginfo
+# install additional locales
+%if %localize
+rm -f %{_tmppath}/translations.*
+touch %{_tmppath}/translations.{common,other}
+for locale in $(awk '{ print $1; }' ../mozilla/browser/locales/shipped-locales); do
+ case $locale in
+ ja-JP-mac|en-US)
+ ;;
+ *)
+ pushd $RPM_BUILD_DIR/compare-locales
+ PYTHONPATH=lib \
+ scripts/compare-locales -m ../l10n-merged/$locale \
+ ../mozilla/toolkit/locales/l10n.ini ../l10n $locale
+ popd
+ LOCALE_MERGEDIR=$RPM_BUILD_DIR/l10n-merged/$locale \
+ make -C toolkit/locales langpack-$locale
+ cp dist/xpi-stage/locale-$locale \
+ $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/extensions/langpack-$locale@firefox.mozilla.org
+ # remove prefs and profile defaults from langpack
+ rm -rf $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/extensions/langpack-$locale@firefox.mozilla.org/defaults
+ # check against the fixed common list and sort into the right filelist
+ _matched=0
+ for _match in ar ca cs da de en-GB es-AR es-CL es-ES fi fr hu it ja ko nb-NO nl pl pt-BR pt-PT ru sv-SE zh-CN zh-TW; do
+ [ "$_match" = "$locale" ] && _matched=1
+ done
+ [ $_matched -eq 1 ] && _l10ntarget=common || _l10ntarget=other
+ echo %{_libdir}/xulrunner-%{version_internal}/extensions/langpack-$locale@firefox.mozilla.org \ \
+ >> %{_tmppath}/translations.$_l10ntarget
+ esac
+done
+%endif
+# API symlink
+ln -sf xulrunner-%{version_internal} $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{apiversion}
+# compat links
+%if 0%{?ga_version:1}
+touch $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{ga_version}
+%endif
+# excludes
+%if %suse_version < 1120
+rm -f $RPM_BUILD_ROOT%{_bindir}/xulrunner
+%endif
+rm -f $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/updater
+rm -f $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/update.locale
+rm -f $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/LICENSE
+rm -f $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/README.txt
+rm -f $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/dictionaries/en-US*
+rm -f $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/nspr-config
+rm -f $RPM_BUILD_ROOT%{_libdir}/pkgconfig/mozilla-plugin.pc
+# fdupes
+%fdupes $RPM_BUILD_ROOT%{_includedir}/xulrunner-%{version_internal}/
+%fdupes $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/
+# create breakpad debugsymbols
+%if %crashreporter
+SYMBOLS_NAME="xulrunner-%{version}-%{release}.%{_arch}-%{suse_version}-symbols"
+make buildsymbols \
+ SYMBOL_INDEX_NAME="$SYMBOLS_NAME.txt" \
+ SYMBOL_FULL_ARCHIVE_BASENAME="$SYMBOLS_NAME-full" \
+ SYMBOL_ARCHIVE_BASENAME="$SYMBOLS_NAME"
+if [ -e dist/*symbols.zip ]; then
+ mkdir -p $RPM_BUILD_ROOT%{_datadir}/mozilla/
+ cp dist/*symbols.zip $RPM_BUILD_ROOT%{_datadir}/mozilla/
+fi
+%endif
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+%if %localize
+rm -rf %{_tmppath}/translations.*
+%endif
+
+%post
+/usr/sbin/update-alternatives --install %{_bindir}/xulrunner \
+ xulrunner %{_libdir}/xulrunner-%{apiversion}/xulrunner %{uaweight} || :
+%{_libdir}/xulrunner-%{apiversion}/add-plugins.sh > /dev/null 2>&1
+exit 0
+
+%posttrans
+# needed for updates which transition directory to symlink
+%if 0%{?ga_version:1}
+test -d %{_libdir}/xulrunner-%{ga_version} && rm -rf %{_libdir}/xulrunner-%{ga_version}
+ln -sf xulrunner-%{version_internal} %{_libdir}/xulrunner-%{ga_version}
+%endif
+[ -e %{_libdir}/xulrunner-%{version_internal}/add-plugins.sh ] && \
+ %{_libdir}/xulrunner-%{version_internal}/add-plugins.sh > /dev/null 2>&1
+exit 0
+
+%preun
+if [ "$1" = "0" ]; then # deinstallation
+ # that's not quite nice since old versions should be removed on update as well
+ # but that's problematic for updates w/o raising the version number
+ /usr/sbin/update-alternatives --remove xulrunner %{_libdir}/xulrunner-%{apiversion}/xulrunner
+fi
+rm -f %{_libdir}/xulrunner-%{version_internal}/dictionaries/*
+exit 0
+
+%triggerin -- myspell-dictionary
+%{_libdir}/xulrunner-%{version_internal}/add-plugins.sh > /dev/null 2>&1
+exit 0
+
+%triggerpostun -- myspell-dictionary
+%{_libdir}/xulrunner-%{version_internal}/add-plugins.sh > /dev/null 2>&1
+exit 0
+
+%files
+%defattr(-,root,root)
+%dir %{_libdir}/xulrunner-%{version_internal}/
+%dir %{_libdir}/xulrunner-%{version_internal}/chrome/
+%dir %{_libdir}/xulrunner-%{version_internal}/dictionaries/
+%dir %{_libdir}/xulrunner-%{version_internal}/extensions/
+%{_libdir}/xulrunner-%{version_internal}/chrome/icons/
+%{_libdir}/xulrunner-%{version_internal}/components/
+%{_libdir}/xulrunner-%{version_internal}/plugins/
+%{_libdir}/xulrunner-%{version_internal}/*.so
+%exclude %{_libdir}/xulrunner-%{version_internal}/libmozjs.so
+%{_libdir}/xulrunner-%{version_internal}/add-plugins.sh
+%{_libdir}/xulrunner-%{version_internal}/chrome.manifest
+%{_libdir}/xulrunner-%{version_internal}/dependentlibs.list
+%{_libdir}/xulrunner-%{version_internal}/mozilla-xremote-client
+%{_libdir}/xulrunner-%{version_internal}/plugin-container
+%{_libdir}/xulrunner-%{version_internal}/xulrunner
+%{_libdir}/xulrunner-%{version_internal}/xulrunner-stub
+%{_libdir}/xulrunner-%{version_internal}/platform.ini
+%{_libdir}/xulrunner-%{version_internal}/omni.ja
+%{_libdir}/xulrunner-%{version_internal}/README.xulrunner
+# crashreporter files
+%if %crashreporter
+%{_libdir}/xulrunner-%{version_internal}/crashreporter
+%{_libdir}/xulrunner-%{version_internal}/crashreporter.ini
+%{_libdir}/xulrunner-%{version_internal}/Throbber-small.gif
+%endif
+# ghosts
+%ghost %{_libdir}/xulrunner-%{version_internal}/global.reginfo
+%if %suse_version >= 1120
+%ghost %{_bindir}/xulrunner
+%endif
+# API symlink (already in mozilla-js)
+#%{_libdir}/xulrunner-%{apiversion}
+# compat symlinks
+%if 0%{?ga_version:1}
+%ghost %{_libdir}/xulrunner-%{ga_version}
+%endif
+
+%files -n mozilla-js
+%defattr(-,root,root)
+%dir %{_libdir}/xulrunner-%{version_internal}/
+%{_libdir}/xulrunner-%{apiversion}
+%{_libdir}/xulrunner-%{version_internal}/libmozjs.so
+
+%files devel
+%defattr(-,root,root)
+%{_libdir}/xulrunner-devel-%{version_internal}/
+# FIXME symlink dynamic libs below sdk/lib
+%attr(644,root,root) %{_libdir}/pkgconfig/*
+%{_includedir}/xulrunner-%{version_internal}/
+%{_datadir}/xulrunner-%{version_internal}/
+
+%if %localize
+
+%files translations-common -f %{_tmppath}/translations.common
+%defattr(-,root,root)
+%dir %{_libdir}/xulrunner-%{version_internal}/
+%dir %{_libdir}/xulrunner-%{version_internal}/chrome/
+
+%files translations-other -f %{_tmppath}/translations.other
+%defattr(-,root,root)
+%dir %{_libdir}/xulrunner-%{version_internal}/
+%dir %{_libdir}/xulrunner-%{version_internal}/chrome/
+%endif
+
+%if %crashreporter
+
+%files buildsymbols
+%defattr(-,root,root)
+%{_datadir}/mozilla/
+%endif
+
+%changelog
--- a/xulrunner/xulrunner.changes Wed Nov 21 11:38:37 2012 +0100
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,404 +0,0 @@
--------------------------------------------------------------------
-Wed Nov 21 10:37:50 UTC 2012 - wr@rosenauer.org
-
-- rebrand to xulrunner-esr
-
--------------------------------------------------------------------
-Tue Nov 20 20:15:23 UTC 2012 - wr@rosenauer.org
-
-- update to 17.0 (bnc#790140)
- * MFSA 2012-91/CVE-2012-5842/CVE-2012-5843
- Miscellaneous memory safety hazards
- * MFSA 2012-92/CVE-2012-4202 (bmo#758200)
- Buffer overflow while rendering GIF images
- * MFSA 2012-93/CVE-2012-4201 (bmo#747607)
- evalInSanbox location context incorrectly applied
- * MFSA 2012-94/CVE-2012-5836 (bmo#792857)
- Crash when combining SVG text on path with CSS
- * MFSA 2012-95/CVE-2012-4203 (bmo#765628)
- Javascript: URLs run in privileged context on New Tab page
- * MFSA 2012-96/CVE-2012-4204 (bmo#778603)
- Memory corruption in str_unescape
- * MFSA 2012-97/CVE-2012-4205 (bmo#779821)
- XMLHttpRequest inherits incorrect principal within sandbox
- * MFSA 2012-99/CVE-2012-4208 (bmo#798264)
- XrayWrappers exposes chrome-only properties when not in chrome
- compartment
- * MFSA 2012-100/CVE-2012-5841 (bmo#805807)
- Improper security filtering for cross-origin wrappers
- * MFSA 2012-101/CVE-2012-4207 (bmo#801681)
- Improper character decoding in HZ-GB-2312 charset
- * MFSA 2012-102/CVE-2012-5837 (bmo#800363)
- Script entered into Developer Toolbar runs with chrome privileges
- * MFSA 2012-103/CVE-2012-4209 (bmo#792405)
- Frames can shadow top.location
- * MFSA 2012-104/CVE-2012-4210 (bmo#796866)
- CSS and HTML injection through Style Inspector
- * MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/
- CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/
- CVE-2012-4213/CVE-2012-4217/CVE-2012-4218
- Use-after-free and buffer overflow issues found using Address
- Sanitizer
- * MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2012-5838
- Use-after-free, buffer overflow, and memory corruption issues
- found using Address Sanitizer
-- rebased patches
-- disabled WebRTC since build is broken (bmo#776877)
-
--------------------------------------------------------------------
-Wed Oct 24 08:28:49 UTC 2012 - wr@rosenauer.org
-
-- update to 16.0.2 (bnc#786522)
- * MFSA 2012-90/CVE-2012-4194/CVE-2012-4195/CVE-2012-4196
- (bmo#800666, bmo#793121, bmo#802557)
- Fixes for Location object issues
-
--------------------------------------------------------------------
-Thu Oct 11 01:50:19 UTC 2012 - wr@rosenauer.org
-
-- update to 16.0.1 (bnc#783533)
- * MFSA 2012-88/CVE-2012-4191 (bmo#798045)
- Miscellaneous memory safety hazards
- * MFSA 2012-89/CVE-2012-4192/CVE-2012-4193 (bmo#799952, bmo#720619)
- defaultValue security checks not applied
-
--------------------------------------------------------------------
-Sun Oct 7 21:41:01 UTC 2012 - wr@rosenauer.org
-
-- update to 16.0 (bnc#783533)
- * MFSA 2012-74/CVE-2012-3982/CVE-2012-3983
- Miscellaneous memory safety hazards
- * MFSA 2012-75/CVE-2012-3984 (bmo#575294)
- select element persistance allows for attacks
- * MFSA 2012-76/CVE-2012-3985 (bmo#655649)
- Continued access to initial origin after setting document.domain
- * MFSA 2012-77/CVE-2012-3986 (bmo#775868)
- Some DOMWindowUtils methods bypass security checks
- * MFSA 2012-79/CVE-2012-3988 (bmo#725770)
- DOS and crash with full screen and history navigation
- * MFSA 2012-80/CVE-2012-3989 (bmo#783867)
- Crash with invalid cast when using instanceof operator
- * MFSA 2012-81/CVE-2012-3991 (bmo#783260)
- GetProperty function can bypass security checks
- * MFSA 2012-82/CVE-2012-3994 (bmo#765527)
- top object and location property accessible by plugins
- * MFSA 2012-83/CVE-2012-3993/CVE-2012-4184 (bmo#768101, bmo#780370)
- Chrome Object Wrapper (COW) does not disallow acces to privileged
- functions or properties
- * MFSA 2012-84/CVE-2012-3992 (bmo#775009)
- Spoofing and script injection through location.hash
- * MFSA 2012-85/CVE-2012-3995/CVE-2012-4179/CVE-2012-4180/
- CVE-2012-4181/CVE-2012-4182/CVE-2012-4183
- Use-after-free, buffer overflow, and out of bounds read issues
- found using Address Sanitizer
- * MFSA 2012-86/CVE-2012-4185/CVE-2012-4186/CVE-2012-4187/
- CVE-2012-4188
- Heap memory corruption issues found using Address Sanitizer
- * MFSA 2012-87/CVE-2012-3990 (bmo#787704)
- Use-after-free in the IME State Manager
-- requires NSPR 4.9.2
-- removed upstreamed mozilla-crashreporter-restart-args.patch
-- updated translations-other with new languages
-
--------------------------------------------------------------------
-Sun Aug 26 13:48:04 UTC 2012 - wr@rosenauer.org
-
-- update to 15.0 (bnc#777588)
- * MFSA 2012-57/CVE-2012-1970
- Miscellaneous memory safety hazards
- * MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1975
- CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE-2012-3959
- CVE-2012-3960/CVE-2012-3961/CVE-2012-3962/CVE-2012-3963/CVE-2012-3964
- Use-after-free issues found using Address Sanitizer
- * MFSA 2012-59/CVE-2012-1956 (bmo#756719)
- Location object can be shadowed using Object.defineProperty
- * MFSA 2012-60/CVE-2012-3965 (bmo#769108)
- Escalation of privilege through about:newtab
- * MFSA 2012-61/CVE-2012-3966 (bmo#775794, bmo#775793)
- Memory corruption with bitmap format images with negative height
- * MFSA 2012-62/CVE-2012-3967/CVE-2012-3968
- WebGL use-after-free and memory corruption
- * MFSA 2012-63/CVE-2012-3969/CVE-2012-3970
- SVG buffer overflow and use-after-free issues
- * MFSA 2012-64/CVE-2012-3971
- Graphite 2 memory corruption
- * MFSA 2012-65/CVE-2012-3972 (bmo#746855)
- Out-of-bounds read in format-number in XSLT
- * MFSA 2012-66/CVE-2012-3973 (bmo#757128)
- HTTPMonitor extension allows for remote debugging without explicit
- activation
- * MFSA 2012-68/CVE-2012-3975 (bmo#770684)
- DOMParser loads linked resources in extensions when parsing
- text/html
- * MFSA 2012-69/CVE-2012-3976 (bmo#768568)
- Incorrect site SSL certificate data display
- * MFSA 2012-70/CVE-2012-3978 (bmo#770429)
- Location object security checks bypassed by chrome code
- * MFSA 2012-72/CVE-2012-3980 (bmo#771859)
- Web console eval capable of executing chrome-privileged code
-- fix HTML5 video crash with GStreamer enabled (bmo#761030)
-- fixed filelist
-
--------------------------------------------------------------------
-Fri Aug 17 13:09:49 UTC 2012 - dmueller@suse.com
-
-- fix build on ARM:
- * disable crashreporter, it does not build
- * reduce debuginfo during built to avoid running out of memory
-
--------------------------------------------------------------------
-Sat Jul 14 19:33:44 UTC 2012 - wr@rosenauer.org
-
-- update to 14.0.1 (bnc#771583)
- * MFSA 2012-42/CVE-2012-1949/CVE-2012-1948
- Miscellaneous memory safety hazards
- * MFSA 2012-43/CVE-2012-1950
- Incorrect URL displayed in addressbar through drag and drop
- * MFSA 2012-44/CVE-2012-1951/CVE-2012-1954/CVE-2012-1953/CVE-2012-1952
- Gecko memory corruption
- * MFSA 2012-45/CVE-2012-1955 (bmo#757376)
- Spoofing issue with location
- * MFSA 2012-46/CVE-2012-1966 (bmo#734076)
- XSS through data: URLs
- * MFSA 2012-47/CVE-2012-1957 (bmo#750096)
- Improper filtering of javascript in HTML feed-view
- * MFSA 2012-48/CVE-2012-1958 (bmo#750820)
- use-after-free in nsGlobalWindow::PageHidden
- * MFSA 2012-49/CVE-2012-1959 (bmo#754044, bmo#737559)
- Same-compartment Security Wrappers can be bypassed
- * MFSA 2012-50/CVE-2012-1960 (bmo#761014)
- Out of bounds read in QCMS
- * MFSA 2012-51/CVE-2012-1961 (bmo#761655)
- X-Frame-Options header ignored when duplicated
- * MFSA 2012-52/CVE-2012-1962 (bmo#764296)
- JSDependentString::undepend string conversion results in memory
- corruption
- * MFSA 2012-53/CVE-2012-1963 (bmo#767778)
- Content Security Policy 1.0 implementation errors cause data
- leakage
- * MFSA 2012-55/CVE-2012-1965 (bmo#758990)
- feed: URLs with an innerURI inherit security context of page
- * MFSA 2012-56/CVE-2012-1967 (bmo#758344)
- Code execution through javascript: URLs
-- license change from tri license to MPL-2.0
-- require NSS 3.13.5
-- PPC fixes:
- * reenabled mozilla-yarr-pcre.patch to fix build for PPC
- * add patches for bmo#750620 and bmo#746112
- * fix xpcshell segfault on ppc
-- build plugin-container on every arch
-
--------------------------------------------------------------------
-Fri Jun 15 12:40:23 UTC 2012 - wr@rosenauer.org
-
-- update to 13.0.1
- * bugfix release
-
--------------------------------------------------------------------
-Sat Jun 2 09:16:34 UTC 2012 - wr@rosenauer.org
-
-- update to 13.0 (bnc#765204)
- * MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101
- Miscellaneous memory safety hazards
- * MFSA 2012-36/CVE-2012-1944 (bmo#751422)
- Content Security Policy inline-script bypass
- * MFSA 2012-37/CVE-2012-1945 (bmo#670514)
- Information disclosure though Windows file shares and shortcut
- files
- * MFSA 2012-38/CVE-2012-1946 (bmo#750109)
- Use-after-free while replacing/inserting a node in a document
- * MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941
- Buffer overflow and use-after-free issues found using Address
- Sanitizer
-- require NSS 3.13.4
- * MFSA 2012-39/CVE-2012-0441 (bmo#715073)
-- reenabled crashreporter for Factory/12.2
- (fixed in mozilla-gcc47.patch)
-
--------------------------------------------------------------------
-Sat Apr 21 10:03:42 UTC 2012 - wr@rosenauer.org
-
-- update to 12.0 (bnc#758408)
- * rebased patches
- * MFSA 2012-20/CVE-2012-0467/CVE-2012-0468
- Miscellaneous memory safety hazards
- * MFSA 2012-22/CVE-2012-0469 (bmo#738985)
- use-after-free in IDBKeyRange
- * MFSA 2012-23/CVE-2012-0470 (bmo#734288)
- Invalid frees causes heap corruption in gfxImageSurface
- * MFSA 2012-24/CVE-2012-0471 (bmo#715319)
- Potential XSS via multibyte content processing errors
- * MFSA 2012-25/CVE-2012-0472 (bmo#744480)
- Potential memory corruption during font rendering using cairo-dwrite
- * MFSA 2012-26/CVE-2012-0473 (bmo#743475)
- WebGL.drawElements may read illegal video memory due to
- FindMaxUshortElement error
- * MFSA 2012-27/CVE-2012-0474 (bmo#687745, bmo#737307)
- Page load short-circuit can lead to XSS
- * MFSA 2012-28/CVE-2012-0475 (bmo#694576)
- Ambiguous IPv6 in Origin headers may bypass webserver access
- restrictions
- * MFSA 2012-29/CVE-2012-0477 (bmo#718573)
- Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues
- * MFSA 2012-30/CVE-2012-0478 (bmo#727547)
- Crash with WebGL content using textImage2D
- * MFSA 2012-31/CVE-2011-3062 (bmo#739925)
- Off-by-one error in OpenType Sanitizer
- * MFSA 2012-32/CVE-2011-1187 (bmo#624621)
- HTTP Redirections and remote content can be read by javascript errors
- * MFSA 2012-33/CVE-2012-0479 (bmo#714631)
- Potential site identity spoofing when loading RSS and Atom feeds
-- added mozilla-libnotify.patch to allow fallback from libnotify
- to xul based events if no notification-daemon is running
-- gcc 4.7 fixes
- * mozilla-gcc47.patch
- * disabled crashreporter temporarily for Factory
-
--------------------------------------------------------------------
-Fri Mar 9 21:49:05 UTC 2012 - wr@rosenauer.org
-
-- update to version 11.0 (bnc#750044)
- * MFSA 2012-13/CVE-2012-0455 (bmo#704354)
- XSS with Drag and Drop and Javascript: URL
- * MFSA 2012-14/CVE-2012-0456/CVE-2012-0457 (bmo#711653, #720103)
- SVG issues found with Address Sanitizer
- * MFSA 2012-15/CVE-2012-0451 (bmo#717511)
- XSS with multiple Content Security Policy headers
- * MFSA 2012-16/CVE-2012-0458
- Escalation of privilege with Javascript: URL as home page
- * MFSA 2012-17/CVE-2012-0459 (bmo#723446)
- Crash when accessing keyframe cssText after dynamic modification
- * MFSA 2012-18/CVE-2012-0460 (bmo#727303)
- window.fullScreen writeable by untrusted content
- * MFSA 2012-19/CVE-2012-0461/CVE-2012-0462/CVE-2012-0464/
- CVE-2012-0463
- Miscellaneous memory safety hazards
-- fix build on ARM
-- disable jemalloc on s390(x)
-
--------------------------------------------------------------------
-Thu Feb 16 08:51:42 UTC 2012 - wr@rosenauer.org
-
-- update to version 10.0.2 (bnc#747328)
- * CVE-2011-3026 (bmo#727401)
- libpng: integer overflow leading to heap-buffer overflow
-
--------------------------------------------------------------------
-Thu Feb 9 10:20:49 UTC 2012 - wr@rosenauer.org
-
-- update to version 10.0.1 (bnc#746616)
- * MFSA 2012-10/CVE-2012-0452 (bmo#724284)
- use after free in nsXBLDocumentInfo::ReadPrototypeBindings
-
--------------------------------------------------------------------
-Tue Feb 7 10:40:58 UTC 2012 - dvaleev@suse.com
-
-- Use YARR interpreter instead of PCRE on platforms where YARR JIT
- is not supported, since PCRE doesnt build (bmo#691898)
-- fix ppc64 build (bmo#703534)
-
--------------------------------------------------------------------
-Mon Jan 30 09:43:21 UTC 2012 - wr@rosenauer.org
-
-- update to version 10.0 (bnc#744275)
- * MFSA 2012-01/CVE-2012-0442/CVE-2012-0443
- Miscellaneous memory safety hazards
- * MFSA 2012-03/CVE-2012-0445 (bmo#701071)
- <iframe> element exposed across domains via name attribute
- * MFSA 2012-04/CVE-2011-3659 (bmo#708198)
- Child nodes from nsDOMAttribute still accessible after removal
- of nodes
- * MFSA 2012-05/CVE-2012-0446 (bmo#705651)
- Frame scripts calling into untrusted objects bypass security
- checks
- * MFSA 2012-06/CVE-2012-0447 (bmo#710079)
- Uninitialized memory appended when encoding icon images may
- cause information disclosure
- * MFSA 2012-07/CVE-2012-0444 (bmo#719612)
- Potential Memory Corruption When Decoding Ogg Vorbis files
- * MFSA 2012-08/CVE-2012-0449 (bmo#701806, bmo#702466)
- Crash with malformed embedded XSLT stylesheets
-- removed obsolete ppc64 patch
-- disable neon for ARM as it doesn't build correctly
-
--------------------------------------------------------------------
-Fri Dec 23 17:02:01 UTC 2011 - wr@rosenauer.org
-
-- update to Firefox 9.0.1
- * (strongparent) parentNode of element gets lost (bmo#335998)
-
--------------------------------------------------------------------
-Sun Dec 18 09:28:02 UTC 2011 - wr@rosenauer.org
-
-- update to release 9.0 (bnc#737533)
- * MFSA 2011-53/CVE-2011-3660
- Miscellaneous memory safety hazards (rv:9.0)
- * MFSA 2011-54/CVE-2011-3661 (bmo#691299)
- Potentially exploitable crash in the YARR regular expression
- library
- * MFSA 2011-55/CVE-2011-3658 (bmo#708186)
- nsSVGValue out-of-bounds access
- * MFSA 2011-56/CVE-2011-3663 (bmo#704482)
- Key detection without JavaScript via SVG animation
- * MFSA 2011-58/VE-2011-3665 (bmo#701259)
- Crash scaling <video> to extreme sizes
-
--------------------------------------------------------------------
-Sat Nov 12 15:20:49 UTC 2011 - wr@rosenauer.org
-
-- fix ppc64 build
-
--------------------------------------------------------------------
-Sun Nov 6 08:23:04 UTC 2011 - wr@rosenauer.org
-
-- update to release 8.0 (bnc#728520)
- * MFSA 2011-47/CVE-2011-3648 (bmo#690225)
- Potential XSS against sites using Shift-JIS
- * MFSA 2011-48/CVE-2011-3651/CVE-2011-3652/CVE-2011-3654
- Miscellaneous memory safety hazards
- * MFSA 2011-49/CVE-2011-3650 (bmo#674776)
- Memory corruption while profiling using Firebug
- * MFSA 2011-52/CVE-2011-3655 (bmo#672182)
- Code execution via NoWaiverWrapper
-- rebased patches
-
--------------------------------------------------------------------
-Fri Sep 30 10:59:54 UTC 2011 - wr@rosenauer.org
-
-- update to minor release 7.0.1
- * fixed staged addon updates
-
--------------------------------------------------------------------
-Fri Sep 23 11:36:04 UTC 2011 - wr@rosenauer.org
-
-- update to version 7.0 (bnc#720264)
- * MFSA 2011-36/CVE-2011-2995/CVE-2011-2996/CVE-2011-2997
- Miscellaneous memory safety hazards
- * MFSA 2011-39/CVE-2011-3000 (bmo#655389)
- Defense against multiple Location headers due to CRLF Injection
- * MFSA 2011-40/CVE-2011-2372/CVE-2011-3001
- Code installation through holding down Enter
- * MFSA 2011-41/CVE-2011-3002/CVE-2011-3003 (bmo#680840, bmo#682335)
- Potentially exploitable WebGL crashes
- * MFSA 2011-42/CVE-2011-3232 (bmo#653672)
- Potentially exploitable crash in the YARR regular expression
- library
- * MFSA 2011-43/CVE-2011-3004 (bmo#653926)
- loadSubScript unwraps XPCNativeWrapper scope parameter
- * MFSA 2011-44/CVE-2011-3005 (bmo#675747)
- Use after free reading OGG headers
- * MFSA 2011-45
- Inferring keystrokes from motion data
-- removed obsolete mozilla-cairo-lcd.patch
-- rebased patches
-
--------------------------------------------------------------------
-Tue Sep 20 11:54:28 UTC 2011 - wr@rosenauer.org
-
-- install xpt.py into SDK (mozilla-639554.patch) (bnc#639554)
-
--------------------------------------------------------------------
-Wed Sep 14 13:07:39 UTC 2011 - wr@rosenauer.org
-
-- initial xulrunner package
-
--- a/xulrunner/xulrunner.spec Wed Nov 21 11:38:37 2012 +0100
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,521 +0,0 @@
-#
-# spec file for package xulrunner
-#
-# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
-# 2006-2012 Wolfgang Rosenauer
-#
-# All modifications and additions to the file contributed by third parties
-# remain the property of their copyright owners, unless otherwise agreed
-# upon. The license for this file, and modifications and additions to the
-# file, is the same license as for the pristine package itself (unless the
-# license for the pristine package is not an Open Source License, in which
-# case the license is the MIT License). An "Open Source License" is a
-# license that conforms to the Open Source Definition (Version 1.9)
-# published by the Open Source Initiative.
-
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
-#
-
-
-Name: xulrunner
-BuildRequires: Mesa-devel
-BuildRequires: autoconf213
-BuildRequires: dbus-1-glib-devel
-BuildRequires: fdupes
-BuildRequires: gcc-c++
-BuildRequires: hunspell-devel
-BuildRequires: libcurl-devel
-BuildRequires: libgnomeui-devel
-BuildRequires: libidl-devel
-BuildRequires: libnotify-devel
-BuildRequires: nss-shared-helper-devel
-BuildRequires: pkg-config
-BuildRequires: python
-BuildRequires: startup-notification-devel
-BuildRequires: unzip
-BuildRequires: xorg-x11-libXt-devel
-BuildRequires: yasm
-BuildRequires: zip
-%if %suse_version > 1110
-BuildRequires: libiw-devel
-BuildRequires: libproxy-devel
-%else
-BuildRequires: wireless-tools
-%endif
-BuildRequires: mozilla-nspr-devel >= 4.9.2
-BuildRequires: mozilla-nss-devel >= 3.13.6
-Version: 17.0
-Release: 0
-%define releasedate 2012111600
-%define version_internal 17.0
-%define apiversion 17
-%define uaweight 1700000
-Summary: Mozilla Runtime Environment
-License: MPL-2.0
-Group: Productivity/Other
-Url: http://www.mozilla.org/
-Provides: gecko
-%ifarch %ix86
-Provides: xulrunner-32bit = %{version}-%{release}
-%endif
-Source: xulrunner-%{version}-source.tar.bz2
-Source1: l10n-%{version}.tar.bz2
-Source2: find-external-requires.sh
-Source3: %{name}-rpmlintrc
-Source4: xulrunner-openSUSE-prefs.js
-Source5: add-plugins.sh.in
-Source6: create-tar.sh
-Source7: baselibs.conf
-Source8: source-stamp.txt
-Source9: compare-locales.tar.bz2
-Patch1: toolkit-download-folder.patch
-Patch2: mozilla-pkgconfig.patch
-Patch3: mozilla-idldir.patch
-Patch4: mozilla-nongnome-proxies.patch
-Patch5: mozilla-prefer_plugin_pref.patch
-Patch6: mozilla-language.patch
-Patch7: mozilla-ntlm-full-path.patch
-Patch9: mozilla-sle11.patch
-Patch14: mozilla-ppc.patch
-BuildRoot: %{_tmppath}/%{name}-%{version}-build
-Requires: mozilla-js = %{version}
-Requires(post): update-alternatives coreutils
-Requires(preun): update-alternatives coreutils
-### build configuration ###
-%define has_system_nspr 1
-%define has_system_nss 1
-%define has_system_cairo 0
-%define localize 0
-%ifarch ppc ppc64 s390 s390x ia64 %arm
-%define crashreporter 0
-%else
-%define crashreporter 1
-%endif
-### configuration end ###
-%define _use_internal_dependency_generator 0
-%define __find_requires sh %{SOURCE2}
-%global provfind sh -c "grep -Ev 'mozsqlite3|dbusservice|unixprint' | %__find_provides"
-%global __find_provides %provfind
-%if %has_system_nspr
-Requires: mozilla-nspr >= %(rpm -q --queryformat '%{VERSION}' mozilla-nspr)
-%endif
-%if %has_system_nss
-Requires: mozilla-nss >= %(rpm -q --queryformat '%{VERSION}' mozilla-nss)
-%endif
-
-%description
-XULRunner is a single installable package that can be used to bootstrap
-multiple XUL+XPCOM applications that are as rich as Firefox and
-Thunderbird.
-
-
-%package -n mozilla-js
-Summary: Mozilla JS engine
-Group: Productivity/Other
-
-%description -n mozilla-js
-JavaScript is the Netscape-developed object scripting language used in millions
-of web pages and server applications worldwide. Netscape's JavaScript is a
-superset of the ECMA-262 Edition 3 (ECMAScript) standard scripting language,
-with only mild differences from the published standard.
-
-
-%package devel
-Summary: XULRunner/Gecko SDK
-Group: Development/Libraries/Other
-%if %has_system_nspr
-Requires: mozilla-nspr-devel >= %(rpm -q --queryformat '%{VERSION}' mozilla-nspr-devel)
-%endif
-%if %has_system_nss
-Requires: mozilla-nss-devel >= %(rpm -q --queryformat '%{VERSION}' mozilla-nss-devel)
-%endif
-Requires: %{name} = %{version}
-
-%description devel
-Software Development Kit to embed XUL or Gecko into other applications.
-
-%if %localize
-
-%package translations-common
-Summary: Common translations for XULRunner
-Group: System/Localization
-Requires: %{name} = %{version}
-Provides: locale(%{name}:ar;ca;cs;da;de;en_GB;es_AR;es_CL;es_ES;fi;fr;hu;it;ja;ko;nb_NO;nl;pl;pt_BR;pt_PT;ru;sv_SE;zh_CN;zh_TW)
-Obsoletes: %{name}-translations < %{version}-%{release}
-
-%description translations-common
-XULRunner is a single installable package that can be used to bootstrap
-multiple XUL+XPCOM applications that are as rich as Firefox and
-Thunderbird.
-
-This package contains the most common languages but en-US which is
-delivered in the main package.
-
-
-%package translations-other
-Summary: Extra translations for XULRunner
-Group: System/Localization
-Requires: %{name} = %{version}
-Provides: locale(%{name}:ach;af;ak;as;ast;be;bg;bn_BD;bn_IN;br;bs;csb;cy;el;en_ZA;eo;es_MX;et;eu;fa;ff;fy_NL;ga_IE;gd;gl;gu_IN;he;hi_IN;hr;hy_AM;id;is;kk;km;kn;ku;lg;lij;lt;lv;mai;mk;ml;mr;nn_NO;nso;or;pa_IN;rm;ro;si;sk;sl;son;sq;sr;ta;ta_LK;te;th;tr;uk;vi;zu)
-Obsoletes: %{name}-translations < %{version}-%{release}
-
-%description translations-other
-XULRunner is a single installable package that can be used to bootstrap
-multiple XUL+XPCOM applications that are as rich as Firefox and
-Thunderbird.
-
-This package contains rarely used languages.
-%endif
-
-%if %crashreporter
-
-%package buildsymbols
-Summary: Breakpad buildsymbols for %{name}
-Group: Development/Debug
-
-%description buildsymbols
-This subpackage contains the Breakpad created and compatible debugging
-symbols meant for upload to Mozilla's crash collector database.
-%endif
-
-%prep
-%setup -n mozilla -q -b 1 -b 9
-%patch1 -p1
-%patch2 -p1
-%patch3 -p1
-%patch4 -p1
-%patch5 -p1
-%patch6 -p1
-%patch7 -p1
-%if %suse_version < 1120
-%patch9 -p1
-%endif
-%patch14 -p1
-
-%build
-# no need to add build time to binaries
-modified="$(sed -n '/^----/n;s/ - .*$//;p;q' "%{_sourcedir}/%{name}.changes")"
-DATE="\"$(date -d "${modified}" "+%%b %%e %%Y")\""
-TIME="\"$(date -d "${modified}" "+%%R")\""
-find . -regex ".*\.c\|.*\.cpp\|.*\.h" -exec sed -i "s/__DATE__/${DATE}/g;s/__TIME__/${TIME}/g" {} +
-#
-MOZ_APP_DIR=%{_libdir}/xulrunner-%{version_internal}
-export MOZ_BUILD_DATE=%{releasedate}
-export CFLAGS="$RPM_OPT_FLAGS -Os -fno-strict-aliasing"
-%ifarch ppc64
-export CFLAGS="$CFLAGS -mminimal-toc"
-%endif
-export LDFLAGS=" -Wl,-rpath -Wl,${MOZ_APP_DIR}"
-%ifarch %arm
-# debug symbols require too much memory during build
-export CFLAGS="${CFLAGS/-g/}"
-LDFLAGS+="-Wl,--reduce-memory-overheads -Wl,--no-keep-memory"
-%endif
-export CXXFLAGS="$CFLAGS"
-export MOZCONFIG=$RPM_BUILD_DIR/mozconfig
-export MOZILLA_OFFICIAL=1
-export BUILD_OFFICIAL=1
-export MOZ_MILESTONE_RELEASE=1
-#
-cat << EOF > $MOZCONFIG
-mk_add_options MOZILLA_OFFICIAL=1
-mk_add_options BUILD_OFFICIAL=1
-mk_add_options MOZ_MILESTONE_RELEASE=1
-mk_add_options MOZ_MAKE_FLAGS=%{?jobs:-j%jobs}
-mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/../obj
-. \$topsrcdir/xulrunner/config/mozconfig
-ac_add_options --prefix=%{_prefix}
-ac_add_options --libdir=%{_libdir}
-ac_add_options --sysconfdir=%{_sysconfdir}
-ac_add_options --mandir=%{_mandir}
-ac_add_options --includedir=%{_includedir}
-ac_add_options --enable-optimize
-ac_add_options --enable-extensions=default
-#ac_add_options --with-system-jpeg # mozilla uses internal libjpeg-turbo now
-#ac_add_options --with-system-png # no APNG support
-ac_add_options --with-system-zlib
-ac_add_options --with-l10n-base=$RPM_BUILD_DIR/l10n
-ac_add_options --disable-tests
-ac_add_options --disable-mochitest
-ac_add_options --disable-installer
-ac_add_options --disable-updater
-ac_add_options --disable-javaxpcom
-ac_add_options --enable-system-hunspell
-ac_add_options --enable-startup-notification
-ac_add_options --enable-shared-js
-ac_add_options --disable-webrtc # does not build with system NSPR
-#ac_add_options --enable-debug
-EOF
-%if %suse_version > 1130
-cat << EOF >> $MOZCONFIG
-ac_add_options --disable-gnomevfs
-ac_add_options --enable-gio
-EOF
-%endif
-%if %has_system_nspr
-cat << EOF >> $MOZCONFIG
-ac_add_options --with-system-nspr
-EOF
-%endif
-%if %has_system_nss
-cat << EOF >> $MOZCONFIG
-ac_add_options --with-system-nss
-EOF
-%endif
-%if %has_system_cairo
-cat << EOF >> $MOZCONFIG
-ac_add_options --enable-system-cairo
-EOF
-%endif
-%if %suse_version > 1110
-cat << EOF >> $MOZCONFIG
-ac_add_options --enable-libproxy
-EOF
-%endif
-%if ! %crashreporter
-cat << EOF >> $MOZCONFIG
-ac_add_options --disable-crashreporter
-EOF
-%endif
-# S/390
-%ifarch s390 s390x
-cat << EOF >> $MOZCONFIG
-ac_add_options --disable-jemalloc
-EOF
-%endif
-# ARM
-%ifarch %arm
-cat << EOF >> $MOZCONFIG
-%ifarch armv7l armv7hl
-ac_add_options --with-arch=armv7-a
-ac_add_options --with-float-abi=hard
-ac_add_options --with-fpu=vfpv3-d16
-ac_add_options --with-thumb=yes
-ac_add_options --disable-debug
-%endif
-%ifarch armv5tel
-ac_add_options --with-arch=armv5te
-ac_add_options --with-float-abi=soft
-ac_add_options --with-thumb=no
-%endif
-EOF
-%endif
-make -f client.mk build
-
-%install
-cd ../obj
-# preferences (to package in omni.jar)
-cp %{SOURCE4} dist/bin/defaults/pref/all-openSUSE.js
-%makeinstall STRIP=/bin/true
-# xpt.py is not executable
-chmod a+x $RPM_BUILD_ROOT%{_libdir}/xulrunner-devel-%{version_internal}/sdk/bin/*.py
-# remove some executable permissions
-find $RPM_BUILD_ROOT%{_includedir}/xulrunner-%{version_internal} \
- -type f -perm -111 -exec chmod a-x {} \;
-find $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/ \
- -name "*.js" -o -name "*.xpm" -o -name "*.png" | xargs chmod a-x
-# remove mkdir.done files from installed base
-find $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal} -name ".mkdir.done" | xargs rm
-mkdir -p $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/extensions
-# fixing SDK dynamic libs (symlink instead of copy)
-rm $RPM_BUILD_ROOT%{_libdir}/xulrunner-devel-%{version_internal}/sdk/lib/*.so
-ln -sf ../../../xulrunner-%{version_internal}/libmozjs.so \
- $RPM_BUILD_ROOT%{_libdir}/xulrunner-devel-%{version_internal}/sdk/lib/
-ln -sf ../../../xulrunner-%{version_internal}/libxpcom.so \
- $RPM_BUILD_ROOT%{_libdir}/xulrunner-devel-%{version_internal}/sdk/lib/
-ln -sf ../../../xulrunner-%{version_internal}/libxul.so \
- $RPM_BUILD_ROOT%{_libdir}/xulrunner-devel-%{version_internal}/sdk/lib/
-# include basic buildenv for xulapps to use
-mkdir -p $RPM_BUILD_ROOT%{_datadir}/xulrunner-%{version_internal}
-pushd ..
-# this list has been compiled by trial and error for prism
-tar --exclude=*.cpp --exclude=*.mm \
- -cvjf $RPM_BUILD_ROOT%{_datadir}/xulrunner-%{version_internal}/mozilla-src.tar.bz2 \
- mozilla/configure.in mozilla/Makefile.in mozilla/client.py mozilla/allmakefiles.sh \
- mozilla/config mozilla/client.mk mozilla/aclocal.m4 mozilla/build mozilla/js/src/* \
- mozilla/testing mozilla/toolkit/mozapps/installer mozilla/probes mozilla/memory \
- mozilla/toolkit/xre mozilla/nsprpub/config mozilla/tools mozilla/xpcom/build
-popd
-# install add-plugins.sh
-sed "s:%%PROGDIR:%{_libdir}/xulrunner-%{version_internal}:g" \
- %{SOURCE5} > $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/add-plugins.sh
-chmod 755 $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/add-plugins.sh
-# ghosts
-touch $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/global.reginfo
-# install additional locales
-%if %localize
-rm -f %{_tmppath}/translations.*
-touch %{_tmppath}/translations.{common,other}
-for locale in $(awk '{ print $1; }' ../mozilla/browser/locales/shipped-locales); do
- case $locale in
- ja-JP-mac|en-US)
- ;;
- *)
- pushd $RPM_BUILD_DIR/compare-locales
- PYTHONPATH=lib \
- scripts/compare-locales -m ../l10n-merged/$locale \
- ../mozilla/toolkit/locales/l10n.ini ../l10n $locale
- popd
- LOCALE_MERGEDIR=$RPM_BUILD_DIR/l10n-merged/$locale \
- make -C toolkit/locales langpack-$locale
- cp dist/xpi-stage/locale-$locale \
- $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/extensions/langpack-$locale@firefox.mozilla.org
- # remove prefs and profile defaults from langpack
- rm -rf $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/extensions/langpack-$locale@firefox.mozilla.org/defaults
- # check against the fixed common list and sort into the right filelist
- _matched=0
- for _match in ar ca cs da de en-GB es-AR es-CL es-ES fi fr hu it ja ko nb-NO nl pl pt-BR pt-PT ru sv-SE zh-CN zh-TW; do
- [ "$_match" = "$locale" ] && _matched=1
- done
- [ $_matched -eq 1 ] && _l10ntarget=common || _l10ntarget=other
- echo %{_libdir}/xulrunner-%{version_internal}/extensions/langpack-$locale@firefox.mozilla.org \ \
- >> %{_tmppath}/translations.$_l10ntarget
- esac
-done
-%endif
-# API symlink
-ln -sf xulrunner-%{version_internal} $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{apiversion}
-# compat links
-%if 0%{?ga_version:1}
-touch $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{ga_version}
-%endif
-# excludes
-%if %suse_version < 1120
-rm -f $RPM_BUILD_ROOT%{_bindir}/xulrunner
-%endif
-rm -f $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/updater
-rm -f $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/update.locale
-rm -f $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/LICENSE
-rm -f $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/README.txt
-rm -f $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/dictionaries/en-US*
-rm -f $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/nspr-config
-rm -f $RPM_BUILD_ROOT%{_libdir}/pkgconfig/mozilla-plugin.pc
-# fdupes
-%fdupes $RPM_BUILD_ROOT%{_includedir}/xulrunner-%{version_internal}/
-%fdupes $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/
-# create breakpad debugsymbols
-%if %crashreporter
-SYMBOLS_NAME="xulrunner-%{version}-%{release}.%{_arch}-%{suse_version}-symbols"
-make buildsymbols \
- SYMBOL_INDEX_NAME="$SYMBOLS_NAME.txt" \
- SYMBOL_FULL_ARCHIVE_BASENAME="$SYMBOLS_NAME-full" \
- SYMBOL_ARCHIVE_BASENAME="$SYMBOLS_NAME"
-if [ -e dist/*symbols.zip ]; then
- mkdir -p $RPM_BUILD_ROOT%{_datadir}/mozilla/
- cp dist/*symbols.zip $RPM_BUILD_ROOT%{_datadir}/mozilla/
-fi
-%endif
-
-%clean
-rm -rf $RPM_BUILD_ROOT
-%if %localize
-rm -rf %{_tmppath}/translations.*
-%endif
-
-%post
-/usr/sbin/update-alternatives --install %{_bindir}/xulrunner \
- xulrunner %{_libdir}/xulrunner-%{apiversion}/xulrunner %{uaweight} || :
-%{_libdir}/xulrunner-%{apiversion}/add-plugins.sh > /dev/null 2>&1
-exit 0
-
-%posttrans
-# needed for updates which transition directory to symlink
-%if 0%{?ga_version:1}
-test -d %{_libdir}/xulrunner-%{ga_version} && rm -rf %{_libdir}/xulrunner-%{ga_version}
-ln -sf xulrunner-%{version_internal} %{_libdir}/xulrunner-%{ga_version}
-%endif
-[ -e %{_libdir}/xulrunner-%{version_internal}/add-plugins.sh ] && \
- %{_libdir}/xulrunner-%{version_internal}/add-plugins.sh > /dev/null 2>&1
-exit 0
-
-%preun
-if [ "$1" = "0" ]; then # deinstallation
- # that's not quite nice since old versions should be removed on update as well
- # but that's problematic for updates w/o raising the version number
- /usr/sbin/update-alternatives --remove xulrunner %{_libdir}/xulrunner-%{apiversion}/xulrunner
-fi
-rm -f %{_libdir}/xulrunner-%{version_internal}/dictionaries/*
-exit 0
-
-%triggerin -- myspell-dictionary
-%{_libdir}/xulrunner-%{version_internal}/add-plugins.sh > /dev/null 2>&1
-exit 0
-
-%triggerpostun -- myspell-dictionary
-%{_libdir}/xulrunner-%{version_internal}/add-plugins.sh > /dev/null 2>&1
-exit 0
-
-%files
-%defattr(-,root,root)
-%dir %{_libdir}/xulrunner-%{version_internal}/
-%dir %{_libdir}/xulrunner-%{version_internal}/chrome/
-%dir %{_libdir}/xulrunner-%{version_internal}/dictionaries/
-%dir %{_libdir}/xulrunner-%{version_internal}/extensions/
-%{_libdir}/xulrunner-%{version_internal}/chrome/icons/
-%{_libdir}/xulrunner-%{version_internal}/components/
-%{_libdir}/xulrunner-%{version_internal}/plugins/
-%{_libdir}/xulrunner-%{version_internal}/*.so
-%exclude %{_libdir}/xulrunner-%{version_internal}/libmozjs.so
-%{_libdir}/xulrunner-%{version_internal}/add-plugins.sh
-%{_libdir}/xulrunner-%{version_internal}/chrome.manifest
-%{_libdir}/xulrunner-%{version_internal}/dependentlibs.list
-%{_libdir}/xulrunner-%{version_internal}/mozilla-xremote-client
-%{_libdir}/xulrunner-%{version_internal}/plugin-container
-%{_libdir}/xulrunner-%{version_internal}/xulrunner
-%{_libdir}/xulrunner-%{version_internal}/xulrunner-stub
-%{_libdir}/xulrunner-%{version_internal}/platform.ini
-%{_libdir}/xulrunner-%{version_internal}/omni.ja
-%{_libdir}/xulrunner-%{version_internal}/README.xulrunner
-# crashreporter files
-%if %crashreporter
-%{_libdir}/xulrunner-%{version_internal}/crashreporter
-%{_libdir}/xulrunner-%{version_internal}/crashreporter.ini
-%{_libdir}/xulrunner-%{version_internal}/Throbber-small.gif
-%endif
-# ghosts
-%ghost %{_libdir}/xulrunner-%{version_internal}/global.reginfo
-%if %suse_version >= 1120
-%ghost %{_bindir}/xulrunner
-%endif
-# API symlink (already in mozilla-js)
-#%{_libdir}/xulrunner-%{apiversion}
-# compat symlinks
-%if 0%{?ga_version:1}
-%ghost %{_libdir}/xulrunner-%{ga_version}
-%endif
-
-%files -n mozilla-js
-%defattr(-,root,root)
-%dir %{_libdir}/xulrunner-%{version_internal}/
-%{_libdir}/xulrunner-%{apiversion}
-%{_libdir}/xulrunner-%{version_internal}/libmozjs.so
-
-%files devel
-%defattr(-,root,root)
-%{_libdir}/xulrunner-devel-%{version_internal}/
-# FIXME symlink dynamic libs below sdk/lib
-%attr(644,root,root) %{_libdir}/pkgconfig/*
-%{_includedir}/xulrunner-%{version_internal}/
-%{_datadir}/xulrunner-%{version_internal}/
-
-%if %localize
-
-%files translations-common -f %{_tmppath}/translations.common
-%defattr(-,root,root)
-%dir %{_libdir}/xulrunner-%{version_internal}/
-%dir %{_libdir}/xulrunner-%{version_internal}/chrome/
-
-%files translations-other -f %{_tmppath}/translations.other
-%defattr(-,root,root)
-%dir %{_libdir}/xulrunner-%{version_internal}/
-%dir %{_libdir}/xulrunner-%{version_internal}/chrome/
-%endif
-
-%if %crashreporter
-
-%files buildsymbols
-%defattr(-,root,root)
-%{_datadir}/mozilla/
-%endif
-
-%changelog