Hello community, here is the log from the commit of package MozillaFirefox for openSUSE:Factory checked in at Tue Nov 10 10:49:35 CET 2009. -------- --- MozillaFirefox/MozillaFirefox.changes 2009-10-17 23:19:38.000000000 +0200 +++ /mounts/work_src_done/STABLE/MozillaFirefox/MozillaFirefox.changes 2009-11-07 10:30:30.000000000 +0100 @@ -1,0 +2,5 @@ +Thu Nov 5 19:49:33 UTC 2009 - wr@rosenauer.org + +- update to version 3.5.5 (bnc#553172) + +------------------------------------------------------------------- @@ -4,0 +10,22 @@ + * MFSA 2009-52/CVE-2009-3370 (bmo#511615) + Form history vulnerable to stealing + * MFSA 2009-53/CVE-2009-3274 (bmo#514823) + Local downloaded file tampering + * MFSA 2009-54/CVE-2009-3371 (bmo#514554) + Crash with recursive web-worker calls + * MFSA 2009-55/CVE-2009-3372 (bmo#500644) + Crash in proxy auto-configuration regexp parsing + * MFSA 2009-56/CVE-2009-3373 (bmo#511689) + Heap buffer overflow in GIF color map parser + * MFSA 2009-57/CVE-2009-3374 (bmo#505988) + Chrome privilege escalation in XPCVariant::VariantDataToJS() + * MFSA 2009-59/CVE-2009-1563 (bmo#516396, bmo#516862) + Heap buffer overflow in string to number conversion + * MFSA 2009-61/CVE-2009-3375 (bmo#503226) + Cross-origin data theft through document.getSelection() + * MFSA 2009-62/CVE-2009-3376 (bmo#511521) + Download filename spoofing with RTL override + * MFSA 2009-63/CVE-2009-3377/CVE-2009-3379/CVE-2009-3378 + Upgrade media libraries to fix memory safety bugs + * MFSA 2009-64/CVE-2009-3380/CVE-2009-3381/CVE-2009-3383 + Crashes with evidence of memory corruption calling whatdependson for head-i586 Old: ---- firefox-3.5.4-source.tar.bz2 l10n-3.5.4.tar.bz2 New: ---- firefox-3.5.5-source.tar.bz2 l10n-3.5.5.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ MozillaFirefox.spec ++++++ --- /var/tmp/diff_new_pack.RQkEUh/_old 2009-11-10 10:48:16.000000000 +0100 +++ /var/tmp/diff_new_pack.RQkEUh/_new 2009-11-10 10:48:16.000000000 +0100 @@ -1,5 +1,5 @@ # -# spec file for package MozillaFirefox (Version 3.5.4) +# spec file for package MozillaFirefox (Version 3.5.5) # # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. # Copyright (c) 2006-2009 Wolfgang Rosenauer @@ -21,14 +21,14 @@ Name: MozillaFirefox BuildRequires: autoconf213 gcc-c++ libgnomeui-devel libidl-devel orbit-devel python unzip update-desktop-files zip -BuildRequires: mozilla-xulrunner191-devel = 1.9.1.4 +BuildRequires: mozilla-xulrunner191-devel = 1.9.1.5 %if %suse_version > 1020 BuildRequires: fdupes %endif License: GPL v2 or later ; LGPL v2.1 or later ; MPL 1.1 or later Provides: web_browser Provides: firefox -Version: 3.5.4 +Version: 3.5.5 Release: 1 Summary: Mozilla Firefox Web Browser Url: http://www.mozilla.org/ @@ -70,7 +70,7 @@ %define __find_requires sh %{SOURCE4} %global provfind sh -c "grep -v '.so' | %__find_provides" %global __find_provides %provfind -%define releasedate 2009101600 +%define releasedate 2009110300 %define progname firefox %define progdir %{_prefix}/%_lib/%{progname} %if %suse_version > 1020 ++++++ firefox-3.5.4-source.tar.bz2 -> firefox-3.5.5-source.tar.bz2 ++++++ MozillaFirefox/firefox-3.5.4-source.tar.bz2 /mounts/work_src_done/STABLE/MozillaFirefox/firefox-3.5.5-source.tar.bz2 differ: byte 11, line 1 ++++++ l10n-3.5.4.tar.bz2 -> l10n-3.5.5.tar.bz2 ++++++ MozillaFirefox/l10n-3.5.4.tar.bz2 /mounts/work_src_done/STABLE/MozillaFirefox/l10n-3.5.5.tar.bz2 differ: byte 11, line 1 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org