Mailinglist Archive: opensuse-commit (783 mails)

[root@xxxxxxxxxxxxxxx (h_root)]

Hello community,

here is the log from the commit of package mozilla-xulrunner190 for 
openSUSE:Factory
checked in at Wed Apr 29 00:46:21 CEST 2009.


--------
--- mozilla-xulrunner190/mozilla-xulrunner190.changes   2009-03-27 
09:59:20.000000000 +0100
+++ mozilla-xulrunner190/mozilla-xulrunner190.changes   2009-04-28 
10:55:55.000000000 +0200
@@ -1,0 +2,37 @@
+Tue Apr 28 10:42:23 CEST 2009 - wr@xxxxxxxxxxxxx
+
+- update to 1.9.0.10
+  * MFSA 2009-23/CVE-2009-1313 (bmo#489647)
+      Crash in nsTextFrame::ClearTextRun()
+- fix preprocessor statement to fix build with gcc 4.4
+
+-------------------------------------------------------------------
+Thu Apr 16 13:44:47 CEST 2009 - wr@xxxxxxxxxxxxx
+
+- security update to 1.9.0.9 (bnc#495473)
+  * MFSA 2009-14/CVE-2009-1302/CVE-2009-1303/CVE-2009-1304/CVE-2009-1305
+      Crashes with evidence of memory corruption (rv:1.9.0.9)
+  * MFSA 2009-15/CVE-2009-0652 (bmo#479336)
+      URL spoofing with box drawing character
+  * MFSA 2009-16/CVE-2009-1306 (bmo#474536)
+      jar: scheme ignores the content-disposition: header on the 
+      inner URI
+  * MFSA 2009-17/CVE-2009-1307 (bmo#481342)
+      Same-origin violations when Adobe Flash loaded via 
+      view-source: scheme  
+  * MFSA 2009-18/CVE-2009-1308 (bmo#481558)
+      XSS hazard using third-party stylesheets and XBL bindings
+  * MFSA 2009-19/CVE-2009-1309 (bmo#482206,478433)
+      Same-origin violations in XMLHttpRequest and 
+      XPCNativeWrapper.toString
+  * MFSA 2009-20/CVE-2009-1310 (bmo#483086)
+      Malicious search plugins can inject code into arbitrary sites
+  * MFSA 2009-21/CVE-2009-1311 (bmo#471962)
+      POST data sent to wrong site when saving web page with 
+      embedded frame
+  * MFSA 2009-22/CVE-2009-1312 (bmo#475636)
+      Firefox allows Refresh header to redirect to javascript: URIs
+- removed bnc465284-VUL-designMode.patch since it's integrated
+  in 1.9.0.9
+
+-------------------------------------------------------------------

calling whatdependson for head-i586


Old:
----
  bnc465284-VUL-designMode.patch
  l10n-1.9.0.8.tar.bz2
  xulrunner-source-1.9.0.8.tar.bz2

New:
----
  l10n-1.9.0.10.tar.bz2
  mozilla-gcc44.patch
  xulrunner-source-1.9.0.10.tar.bz2

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ mozilla-xulrunner190.spec ++++++
--- /var/tmp/diff_new_pack.W21188/_old  2009-04-29 00:41:03.000000000 +0200
+++ /var/tmp/diff_new_pack.W21188/_new  2009-04-29 00:41:03.000000000 +0200
@@ -1,5 +1,5 @@
 #
-# spec file for package mozilla-xulrunner190 (Version 1.9.0.8)
+# spec file for package mozilla-xulrunner190 (Version 1.9.0.10)
 #
 # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
@@ -32,7 +32,7 @@
 BuildRequires:  nss-shared-helper-devel
 %endif
 License:        GPL v2 or later; LGPL v2.1 or later; MOZILLA PUBLIC LICENSE 
(MPL/NPL)
-Version:        1.9.0.8
+Version:        1.9.0.10
 Release:        1
 Summary:        Mozilla Runtime Environment 1.9
 Url:            http://www.mozilla.org
@@ -52,6 +52,7 @@
 Patch3:         mozilla-pkgconfig.patch
 Patch4:         idldir.patch
 Patch5:         mozilla-path_len.patch
+Patch6:         mozilla-gcc44.patch
 Patch7:         mozilla-nongnome-proxies.patch
 Patch8:         mozilla-helper-app.patch
 Patch9:         mozilla-system-hunspell.patch.bz2
@@ -65,7 +66,6 @@
 Patch18:        toolkit-ui-lockdown.patch
 Patch22:        mozilla-shared-nss-db.patch
 Patch23:        bmo472464.patch
-Patch24:        bnc465284-VUL-designMode.patch
 Patch25:        lcms-bnc479606.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 PreReq:         libstdc++ expat pango xorg-x11-libs fontconfig freetype2
@@ -82,10 +82,10 @@
 %if %suse_version > 1100
 %define has_system_cairo 1
 %endif
-%define releasedate 2009032600
+%define releasedate 2009042700
 %define version_internal %{version}
 %define apiversion 1.9
-%define uaweight 190800
+%define uaweight 190910
 ### configuration end ###
 %define _use_internal_dependency_generator 0
 %define __find_requires sh %{SOURCE2}
@@ -199,6 +199,7 @@
 %patch3
 %patch4
 %patch5 -p1
+%patch6
 %patch7
 %patch8
 pushd extensions
@@ -213,7 +214,6 @@
 %patch18 -p1
 %patch22
 %patch23
-%patch24 -p1
 pushd modules/lcms
 %patch25 -p1
 popd
@@ -484,19 +484,50 @@
 %defattr(-,root,root)
 %endif
 %changelog
+* Tue Apr 28 2009 wr@xxxxxxxxxxxxx
+- update to 1.9.0.10
+  * MFSA 2009-23/CVE-2009-1313 (bmo#489647)
+  Crash in nsTextFrame::ClearTextRun()
+- fix preprocessor statement to fix build with gcc 4.4
+* Thu Apr 16 2009 wr@xxxxxxxxxxxxx
+- security update to 1.9.0.9 (bnc#495473)
+  * MFSA 2009-14/CVE-2009-1302/CVE-2009-1303/CVE-2009-1304/CVE-2009-1305
+  Crashes with evidence of memory corruption (rv:1.9.0.9)
+  * MFSA 2009-15/CVE-2009-0652 (bmo#479336)
+  URL spoofing with box drawing character
+  * MFSA 2009-16/CVE-2009-1306 (bmo#474536)
+  jar: scheme ignores the content-disposition: header on the
+  inner URI
+  * MFSA 2009-17/CVE-2009-1307 (bmo#481342)
+  Same-origin violations when Adobe Flash loaded via
+  view-source: scheme
+  * MFSA 2009-18/CVE-2009-1308 (bmo#481558)
+  XSS hazard using third-party stylesheets and XBL bindings
+  * MFSA 2009-19/CVE-2009-1309 (bmo#482206,478433)
+  Same-origin violations in XMLHttpRequest and
+  XPCNativeWrapper.toString
+  * MFSA 2009-20/CVE-2009-1310 (bmo#483086)
+  Malicious search plugins can inject code into arbitrary sites
+  * MFSA 2009-21/CVE-2009-1311 (bmo#471962)
+  POST data sent to wrong site when saving web page with
+  embedded frame
+  * MFSA 2009-22/CVE-2009-1312 (bmo#475636)
+  Firefox allows Refresh header to redirect to javascript: URIs
+- removed bnc465284-VUL-designMode.patch since it's integrated
+  in 1.9.0.9
 * Fri Mar 27 2009 wr@xxxxxxxxxxxxx
 - security update to 1.9.0.8 (bnc#488955,489411)
   * MFSA 2009-12/CVE-2009-1169 (bmo#460090,485217)
   Crash and remote code execution in XSL transformation
   * MFSA 2009-13/CVE-2009-1044 (bmo#484320)
   Arbitrary code execution via XUL tree moveToEdgeShift
-* Fri Mar 13 2009 wr@xxxxxxxxxxxxx
+* Sat Mar 14 2009 wr@xxxxxxxxxxxxx
 - make mozjs consumers using rpath to the correct location
   to find the library at runtime (bnc#479505)
-* Wed Mar 11 2009 pwu@xxxxxxx
+* Thu Mar 12 2009 pwu@xxxxxxx
 - Fixes bnc#479610(MozillaFirefox: LittleCMS integer overflows),
   add a patch lcms-bnc479606.patch.
-* Thu Mar 05 2009 pwu@xxxxxxx
+* Fri Mar 06 2009 pwu@xxxxxxx
 - Backport a patch from xulrunner191,
   and fix bnc#465284 and CVE-2009-0071.
 * Sun Mar 01 2009 wr@xxxxxxxxxxxxx
@@ -515,7 +546,7 @@
   * MFSA 2009-11/CVE-2009-0777 (bmo#452979)
   URL spoofing with invisible control characters
 - removed obsolete patch to configure system sqlite
-* Wed Feb 04 2009 hfiguiere@xxxxxxx
+* Thu Feb 05 2009 hfiguiere@xxxxxxx
 - Review and approve changes.
 * Tue Feb 03 2009 wr@xxxxxxxxxxxxx
 - security update to 1.9.0.6 (bnc#470074)
@@ -646,7 +677,7 @@
 * Mon May 26 2008 maw@xxxxxxx
 - Fix baselibs.conf to mention mozilla-xulrunner190-translations
   (bnc#393856).
-* Tue May 20 2008 maw@xxxxxxx
+* Wed May 21 2008 maw@xxxxxxx
 - Add mozilla-pkgconfig.patch (part of bnc#381154).
 * Tue May 20 2008 maw@xxxxxxx
 - Add mozilla-fsync-bmo499050.patch (bmo#499050).

++++++ l10n-1.9.0.8.tar.bz2 -> l10n-1.9.0.10.tar.bz2 ++++++
mozilla-xulrunner190/l10n-1.9.0.8.tar.bz2 
mozilla-xulrunner190/l10n-1.9.0.10.tar.bz2 differ: byte 11, line 1

++++++ mozilla-gcc44.patch ++++++
Index: ./toolkit/xre/nsAppRunner.cpp
===================================================================
RCS file: /cvsroot/mozilla/toolkit/xre/nsAppRunner.cpp,v
retrieving revision 1.215
diff -u -p -6 -r1.215 nsAppRunner.cpp
--- ./toolkit/xre/nsAppRunner.cpp       17 Nov 2008 14:36:43 -0000      1.215
+++ ./toolkit/xre/nsAppRunner.cpp       27 Apr 2009 18:24:19 -0000
@@ -1456,13 +1456,13 @@ XRE_GetBinaryPath(const char* argv0, nsI
 
   rv = NS_NewNativeLocalFile(nsDependentCString(info.name), PR_TRUE,
                              getter_AddRefs(lf));
   if (NS_FAILED(rv))
     return rv;
 
-#elif
+#else
 #error Oops, you need platform-specific code here
 #endif
 
   NS_ADDREF(*aResult = lf);
   return NS_OK;
 }
++++++ xulrunner-source-1.9.0.8.tar.bz2 -> xulrunner-source-1.9.0.10.tar.bz2 
++++++
mozilla-xulrunner190/xulrunner-source-1.9.0.8.tar.bz2 
mozilla-xulrunner190/xulrunner-source-1.9.0.10.tar.bz2 differ: byte 11, line 1


++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++



Remember to have fun...

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-commit+help@xxxxxxxxxxxx