Mailinglist Archive: opensuse-commit (1092 mails)

< Previous

Next >

Hello community,

here is the log from the commit of package seamonkey
checked in at Fri Feb 15 01:46:34 CET 2008.

--------
--- seamonkey/seamonkey.changes 2008-01-17 18:24:39.000000000 +0100
+++ /mounts/work_src_done/STABLE/seamonkey/seamonkey.changes 2008-02-12
00:43:25.205292000 +0100
@@ -1,0 +2,20 @@
+Tue Feb 12 00:45:18 CET 2008 - maw@xxxxxxx
+
+- Security update to version 1.1.8 (bnc#354469) (thanks, Wolfgang)
+ + MFSA 2008-10/CVE-2008-0593 URL token stealing via stylesheet
+ redirect
+ + MFSA 2008-09/CVE-2008-0592 Mishandling of locally-saved plain
+ text files
+ + MFSA 2008-06/CVE-2008-0419 Web browsing history and forward
+ navigation stealing
+ + MFSA 2008-05/CVE-2008-0418 Directory traversal via chrome:
+ URI
+ + MFSA 2008-03/CVE-2008-0415 Privilege escalation, XSS, Remote
+ Code Execution
+ + MFSA 2008-02/CVE-2008-0414 Multiple file input focus stealing
+ vulnerabilities
+ + MFSA 2008-01/CVE-2008-0412 Crashes with evidence of memory
+ corruption (rv:1.8.1.12)
+- Update enigmail to version 0.95.6.
+
+-------------------------------------------------------------------

Old:
----
enigmail-0.95.3.tar.gz
mozilla-maxpathlen.patch
seamonkey-source-1.1.5.tar.bz2

New:
----
enigmail-0.95.6.tar.gz
mozilla-path_len.patch
seamonkey-source-1.1.8.tar.bz2

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ seamonkey.spec ++++++
--- /var/tmp/diff_new_pack.G22916/_old 2008-02-15 01:45:49.000000000 +0100
+++ /var/tmp/diff_new_pack.G22916/_new 2008-02-15 01:45:49.000000000 +0100
@@ -1,5 +1,5 @@
#
-# spec file for package seamonkey (Version 1.1.5)
+# spec file for package seamonkey (Version 1.1.8)
#
# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany.
# This file and all modifications and additions to the pristine
@@ -10,12 +10,29 @@

# norootforbuild

+
Name: seamonkey
+# Checklist for updating:
+# * Copy new sources (don't forget enigmail) and patches
+# to your package checkout.
+# * Increment Version: as necessary
+# * Update releasedate
+# * Ensure patches are in sync among all releases
+# * configure.patch should be the last patch applied against the mozilla
+# source itself; the following patches apply to other tarballs.
+# * configure.patch is regenerated (when necessary) by applying
+# pango-cairo.patch, dbus.patch, startup.patch to an unpacked source,
+# and then running autoconf 2.13. debian.suse.de used to have this
+# version installed. For more info see
+# http://developer.mozilla.org/en/docs/How_Mozilla's_build_system_works
+# * Update the .changes file
+# * Update this checklist if necessary and keep it in sync on all supported
+# platforms.
BuildRequires: fdupes gcc-c++ libgnomeui-devel libidl-devel orbit-devel unzip
update-desktop-files zip
License: GPL v2 or later; LGPL v2.1 or later; MOZILLA PUBLIC LICENSE
(MPL/NPL)
Provides: web_browser
-Version: 1.1.5
-Release: 27
+Version: 1.1.8
+Release: 1
Summary: The successor of the Mozilla Application Suite
Url: http://www.mozilla.org/projects/seamonkey
Group: Productivity/Networking/Web/Browsers
@@ -31,7 +48,7 @@
Source5: LEOPlugin_MN.zip
Source6: search-addons.tar.bz2
Source8: addon-certs.txt
-Source9: enigmail-0.95.3.tar.gz
+Source9: enigmail-0.95.6.tar.gz
Source11: rebuild-databases.sh.in
Source12: README.installed-chrome
Source13: mozilla-make-package.pl
@@ -53,15 +70,15 @@
Patch15: autoconf.dif
Patch16: canvas-xlibs.patch
Patch17: mozilla-default-plugin-less-annoying.patch
+Patch19: mozilla-path_len.patch
Patch22: cjk-postscript-fonts.dif
Patch27: postscript.patch
Patch29: cups-paper.patch
Patch30: seamonkey-gcc4.3-fixes.patch
-Patch31: mozilla-maxpathlen.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
PreReq: libstdc++ fileutils textutils /bin/sh
%define _unpackaged_files_terminate_build 0
-%define releasedate 2007080300
+%define releasedate 2008020300
%define progname seamonkey
%define prefix /usr
%define progdir %_libdir/%{progname}
@@ -220,11 +237,11 @@
%patch15
%patch16
%patch17 -p2
+%patch19 -p1
%patch22
%patch27
%patch29
%patch30 -p1
-%patch31 -p1
# additional CA certificates
cd $RPM_BUILD_DIR/mozilla/security/nss/lib/ckfw/builtins
cat %{SOURCE8} >> certdata.txt
@@ -239,9 +256,9 @@
export CFLAGS="$CFLAGS -fstack-protector"
%endif
%if %suse_version > 1020
-%ifarch x86_64 s390 s390x
+#% #ifarch x86_64 s390 s390x
export ac_cv_visibility_hidden="no"
-%endif
+# % # endif
%endif
export CXXFLAGS="$CFLAGS"
./configure --enable-application=suite \
@@ -678,6 +695,23 @@
%dir %{progdir}/dictionaries

%changelog
+* Tue Feb 12 2008 maw@xxxxxxx
+- Security update to version 1.1.8 (bnc#354469) (thanks, Wolfgang)
+ + MFSA 2008-10/CVE-2008-0593 URL token stealing via stylesheet
+ redirect
+ + MFSA 2008-09/CVE-2008-0592 Mishandling of locally-saved plain
+ text files
+ + MFSA 2008-06/CVE-2008-0419 Web browsing history and forward
+ navigation stealing
+ + MFSA 2008-05/CVE-2008-0418 Directory traversal via chrome:
+ URI
+ + MFSA 2008-03/CVE-2008-0415 Privilege escalation, XSS, Remote
+ Code Execution
+ + MFSA 2008-02/CVE-2008-0414 Multiple file input focus stealing
+ vulnerabilities
+ + MFSA 2008-01/CVE-2008-0412 Crashes with evidence of memory
+ corruption (rv:1.8.1.12)
+- Update enigmail to version 0.95.6.
* Thu Jan 17 2008 maw@xxxxxxx
- Add mozilla-maxpathlen.patch (#354150 and bmo #412610).
* Tue Nov 13 2007 maw@xxxxxxx
@@ -874,7 +908,7 @@
* Fri Sep 24 2004 stark@xxxxxxx
- enabled logging for non-debug builds to be able to get some
logfiles for debugging
-* Fri Sep 17 2004 stark@xxxxxxx
+* Sat Sep 18 2004 stark@xxxxxxx
- fixed broken patch-file
* Fri Sep 17 2004 stark@xxxxxxx
- added security fix for mozilla bug #258005
@@ -955,7 +989,7 @@
- renewed bookmark-changes
* Tue Mar 09 2004 stark@xxxxxxx
- patch for keeping ui fonts (#35236)
-* Sun Mar 07 2004 ro@xxxxxxx
+* Mon Mar 08 2004 ro@xxxxxxx
- match function declaration in enigmail mimedummy.cpp
* Wed Mar 03 2004 stark@xxxxxxx
- fixed enigmail file-list (#35302)
@@ -1401,7 +1435,7 @@
* Tue Feb 20 2001 egger@xxxxxxx
- Integrated a reworked version of Bernd Kaindls
patch to get the beast running from anywhere again.
-* Mon Feb 19 2001 egger@xxxxxxx
+* Tue Feb 20 2001 egger@xxxxxxx
- Use BuildRoot.
- Reworked specfile.
- Corrected -devel package.
@@ -1424,7 +1458,7 @@
- Enabled JAR file creation.
- Added GNOME icon.
- New wrapper script.
-* Sun Dec 24 2000 bk@xxxxxxx
+* Mon Dec 25 2000 bk@xxxxxxx
- set CFLAGS and CXXFLAGS for confgure to $RPM_OPT_FLAGS. With our
configure flags(--enable-optimize -> adds -O after CFLAGS) enabled
this enables only the i486 arch code which brought me 5%% speed
@@ -1434,7 +1468,7 @@
- Added: Provides: web_browser to the specfile.
* Tue Dec 12 2000 egger@xxxxxxx
- Update to the real version 0.6.
-* Fri Dec 08 2000 bk@xxxxxxx
+* Sat Dec 09 2000 bk@xxxxxxx
- updated to Mozilla 0.6 (milestone release based on the same branch
as Netscape 6), looks good!
- fixed cp -r install to cp -rL(for forcing to follow the links...)
@@ -1536,7 +1570,7 @@
* Sun Apr 09 2000 bk@xxxxxxx
- added suse update config macro
- added automake to list of packages needed for building mozilla
-* Tue Mar 28 2000 ro@xxxxxxx
+* Wed Mar 29 2000 ro@xxxxxxx
- removed optimize
* Thu Mar 23 2000 ro@xxxxxxx
- update to M14-no-crypto

++++++ enigmail-0.95.3.tar.gz -> enigmail-0.95.6.tar.gz ++++++
++++ 21294 lines of diff (skipped)

++++++ mozilla-path_len.patch ++++++
From: upstream
Subject: crashes with Factory's glibc
References:
https://bugzilla.novell.com/show_bug.cgi?id=354150
https://bugzilla.mozilla.org/show_bug.cgi?id=412610

--- mozilla/toolkit/xre/nsAppRunner.h.old 2007-09-25 18:01:56.000000000
+0200
+++ mozilla/toolkit/xre/nsAppRunner.h 2007-09-25 18:02:23.000000000 +0200
@@ -48,7 +48,8 @@
#elif defined(CCHMAXPATH)
#define MAXPATHLEN CCHMAXPATH
#else
-#define MAXPATHLEN 1024
+#include <limits.h>
+#define MAXPATHLEN PATH_MAX
#endif
#endif

diff -up mozilla/toolkit/mozapps/update/src/updater/updater.cpp.old
mozilla/toolkit/mozapps/update/src/updater/updater.cpp
--- mozilla/toolkit/mozapps/update/src/updater/updater.cpp.old 2007-09-25
18:00:26.000000000 +0200
+++ mozilla/toolkit/mozapps/update/src/updater/updater.cpp 2007-09-25
18:00:53.000000000 +0200
@@ -107,7 +107,8 @@ void LaunchChild(int argc, char **argv);
# elif defined(CCHMAXPATH)
# define MAXPATHLEN CCHMAXPATH
# else
-# define MAXPATHLEN 1024
+# include <limits.h>
+# define MAXPATHLEN PATH_MAX
# endif
#endif

diff -up mozilla/xpcom/io/SpecialSystemDirectory.cpp.old
mozilla/xpcom/io/SpecialSystemDirectory.cpp
--- mozilla/xpcom/io/SpecialSystemDirectory.cpp.old 2007-09-25
18:04:25.000000000 +0200
+++ mozilla/xpcom/io/SpecialSystemDirectory.cpp 2007-09-25 18:04:48.000000000
+0200
@@ -109,7 +109,8 @@
#elif defined(CCHMAXPATH)
#define MAXPATHLEN CCHMAXPATH
#else
-#define MAXPATHLEN 1024
+#include <limits.h>
+#define MAXPATHLEN PATH_MAX
#endif
#endif

diff -up mozilla/xpcom/obsolete/nsFileSpecUnix.cpp.old
mozilla/xpcom/obsolete/nsFileSpecUnix.cpp
--- mozilla/xpcom/obsolete/nsFileSpecUnix.cpp.old 2006-11-28
01:18:37.000000000 +0100
+++ mozilla/xpcom/obsolete/nsFileSpecUnix.cpp 2007-09-25 18:05:49.000000000
+0200
@@ -79,7 +79,8 @@
#endif

#ifndef MAXPATHLEN
-#define MAXPATHLEN 1024 /* Guessing this is okay. Works for SCO. */
+#include <limits.h>
+#define MAXPATHLEN PATH_MAX /* Guessing this is okay. Works for SCO. */
#endif

#if defined(__QNX__)
diff -up mozilla/xpcom/build/nsXPCOMPrivate.h.old
mozilla/xpcom/build/nsXPCOMPrivate.h
--- mozilla/xpcom/build/nsXPCOMPrivate.h.old 2007-09-25 18:02:58.000000000
+0200
+++ mozilla/xpcom/build/nsXPCOMPrivate.h 2007-09-25 18:03:15.000000000
+0200
@@ -252,7 +252,8 @@ NS_GetFrozenFunctions(XPCOMFunctions *en
#elif defined(CCHMAXPATH)
#define MAXPATHLEN CCHMAXPATH
#else
-#define MAXPATHLEN 1024
+#include <limits.h>
+#define MAXPATHLEN PATH_MAX
#endif
#endif

diff -up mozilla/dbm/include/mcom_db.h.old mozilla/dbm/include/mcom_db.h
--- mozilla/dbm/include/mcom_db.h.old 2007-09-25 17:57:09.000000000 +0200
+++ mozilla/dbm/include/mcom_db.h 2007-09-25 17:57:49.000000000 +0200
@@ -214,7 +214,8 @@
#endif /* __DBINTERFACE_PRIVATE */

#ifdef SCO
-#define MAXPATHLEN 1024
+#include <limits.h>
+#define MAXPATHLEN PATH_MAX
#endif

#include <fcntl.h>
diff -up mozilla/js/src/jsfile.c.old mozilla/js/src/jsfile.c
--- mozilla/js/src/jsfile.c.old 2006-07-26 20:55:08.000000000 +0200
+++ mozilla/js/src/jsfile.c 2007-09-25 18:22:52.000000000 +0200
@@ -105,7 +105,8 @@
#define utfstring "binary"
#define unicodestring "unicode"

-#define MAX_PATH_LENGTH 1024
+#include <limits.h>
+#define MAX_PATH_LENGTH PATH_MAX
#define MODE_SIZE 256
#define NUMBER_SIZE 32
#define MAX_LINE_LENGTH 256
diff -up mozilla/xpcom/typelib/xpidl/xpidl_java.c.old
mozilla/xpcom/typelib/xpidl/xpidl_java.c
--- mozilla/xpcom/typelib/xpidl/xpidl_java.c.old 2007-09-25
18:38:52.000000000 +0200
+++ mozilla/xpcom/typelib/xpidl/xpidl_java.c 2007-09-25 18:39:17.000000000
+0200
@@ -44,6 +44,7 @@
#include "xpidl.h"
#include <ctype.h>
#include <glib.h>
+#include <limits.h>

#ifdef XP_WIN
#include <windef.h>
diff -up mozilla/widget/src/xremoteclient/XRemoteClient.cpp.old
mozilla/widget/src/xremoteclient/XRemoteClient.cpp
--- mozilla/widget/src/xremoteclient/XRemoteClient.cpp.old 2007-09-25
18:14:08.000000000 +0200
+++ mozilla/widget/src/xremoteclient/XRemoteClient.cpp 2007-09-25
18:36:55.000000000 +0200
@@ -76,7 +76,8 @@
#endif

#ifndef MAX_PATH
-#define MAX_PATH 1024
+#include <limits.h>
+#define MAX_PATH PATH_MAX
#endif

#define ARRAY_LENGTH(array_) (sizeof(array_)/sizeof(array_[0]))
diff -up mozilla/modules/libreg/src/reg.c.old mozilla/modules/libreg/src/reg.c
--- mozilla/modules/libreg/src/reg.c.old 2007-09-25 18:25:02.000000000
+0200
+++ mozilla/modules/libreg/src/reg.c 2007-09-25 18:27:46.000000000 +0200
@@ -96,7 +96,8 @@
#define MAX_PATH PATH_MAX
#elif defined(XP_UNIX)
#ifndef MAX_PATH
-#define MAX_PATH 1024
+#include <limits.h>
+#define MAX_PATH PATH_MAX
#endif
#elif defined(XP_OS2)
#ifndef MAX_PATH
diff -up mozilla/config/pathsub.h.old mozilla/config/pathsub.h
--- mozilla/config/pathsub.h.old 2004-04-18 16:17:25.000000000 +0200
+++ mozilla/config/pathsub.h 2007-09-25 18:48:13.000000000 +0200
@@ -46,7 +46,7 @@
#include <sys/types.h>

#ifndef PATH_MAX
-#define PATH_MAX 1024
+#error "PATH_MAX is not defined!"
#endif

/*
diff -up mozilla/modules/libjar/nsZipArchive.cpp.old
mozilla/modules/libjar/nsZipArchive.cpp
--- mozilla/modules/libjar/nsZipArchive.cpp.old 2006-09-13 20:32:37.000000000
+0200
+++ mozilla/modules/libjar/nsZipArchive.cpp 2007-09-25 18:51:00.000000000
+0200
@@ -121,7 +121,7 @@ char * strdup(const char *src)
# define S_IFLNK 0120000
# endif
# ifndef PATH_MAX
-# define PATH_MAX 1024
+# include <limits.h>
# endif
#endif /* XP_UNIX */

diff -up mozilla/nsprpub/config/pathsub.h.old mozilla/nsprpub/config/pathsub.h
--- mozilla/nsprpub/config/pathsub.h.old 2004-04-25 17:00:34.000000000
+0200
+++ mozilla/nsprpub/config/pathsub.h 2007-09-25 18:57:51.000000000 +0200
@@ -50,7 +50,7 @@
#endif

#ifndef PATH_MAX
-#define PATH_MAX 1024
+#error "PATH_MAX is not defined!"
#endif

/*
diff -up mozilla/security/coreconf/nsinstall/pathsub.h.old
mozilla/security/coreconf/nsinstall/pathsub.h
--- mozilla/security/coreconf/nsinstall/pathsub.h.old 2004-04-25
17:02:18.000000000 +0200
+++ mozilla/security/coreconf/nsinstall/pathsub.h 2007-09-25
19:00:35.000000000 +0200
@@ -49,7 +49,7 @@
#endif

#ifndef PATH_MAX
-#define PATH_MAX 1024
+#error "PATH_MAX is not defined!"
#endif

/*

++++++ prefs.patch ++++++
--- /var/tmp/diff_new_pack.G22916/_old 2008-02-15 01:45:51.000000000 +0100
+++ /var/tmp/diff_new_pack.G22916/_new 2008-02-15 01:45:51.000000000 +0100
@@ -1,10 +1,10 @@
Index: xpfe/browser/resources/locale/en-US/region.properties
===================================================================
-RCS file:
/cvsroot/mozilla/xpfe/browser/resources/locale/en-US/region.properties,v
-retrieving revision 1.17.4.2
-diff -u -r1.17.4.2 region.properties
---- xpfe/browser/resources/locale/en-US/region.properties 28 Jun 2006
03:35:13 -0000 1.17.4.2
-+++ xpfe/browser/resources/locale/en-US/region.properties 29 Aug 2006
07:27:00 -0000
+RCS file:
/cvsroot/mozilla/xpfe/browser/resources/locale/en-US/Attic/region.properties,v
+retrieving revision 1.17.4.3
+diff -u -r1.17.4.3 region.properties
+--- xpfe/browser/resources/locale/en-US/region.properties 28 Nov 2007
16:42:31 -0000 1.17.4.3
++++ xpfe/browser/resources/locale/en-US/region.properties 4 Feb 2008
21:59:22 -0000
@@ -1,5 +1,5 @@
# navigator.properties
-homePageDefault=http://www.mozilla.org/
@@ -16,14 +16,14 @@
#
# all.js
#
--browser.startup.homepage=http://www.mozilla.org/projects/seamonkey/start/
+-browser.startup.homepage=http://www.seamonkey-project.org/start/
+browser.startup.homepage=about:blank
- browser.throbber.url=http://www.mozilla.org/projects/seamonkey/
+ browser.throbber.url=http://www.seamonkey-project.org/
browser.search.defaulturl=http://www.google.com/search?q=
general.useragent.contentlocale=US
@@ -17,4 +17,4 @@

#config.js
#
--startup.homepage_override_url=http://www.mozilla.org/projects/seamonkey/start/
+-startup.homepage_override_url=http://www.seamonkey-project.org/start/
+startup.homepage_override_url=about:blank

++++++ seamonkey-source-1.1.5.tar.bz2 -> seamonkey-source-1.1.8.tar.bz2 ++++++
seamonkey/seamonkey-source-1.1.5.tar.bz2
/mounts/work_src_done/STABLE/seamonkey/seamonkey-source-1.1.8.tar.bz2 differ:
byte 11, line 1

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Remember to have fun...

---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-commit+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-commit+help@xxxxxxxxxxxx

< Previous

Next >

Mailinglist Archive: opensuse-commit (1092 mails)

commit seamonkey

Search this list

List Navigation

This Thread