Mailinglist Archive: opensuse-commit (762 mails)

[root@xxxxxxxxxxxxxxx (h_root)]

Hello community,

here is the log from the commit of package MozillaFirefox for openSUSE:Factory
checked in at Sun Aug 1 17:17:29 CEST 2010.



--------
--- MozillaFirefox/MozillaFirefox.changes       2010-06-27 21:03:32.000000000 
+0200
+++ /mounts/work_src_done/STABLE/MozillaFirefox/MozillaFirefox.changes  
2010-07-28 08:33:32.000000000 +0200
@@ -1,0 +2,49 @@
+Wed Jul 28 08:33:14 CEST 2010 - meissner@xxxxxxx
+
+- disable crash reporter for non x86/x86_64 to make it build.
+
+-------------------------------------------------------------------
+Sat Jul 24 12:42:58 CEST 2010 - wr@xxxxxxxxxxxxx
+
+- security update to 3.6.8 (bnc#622506)
+  * MFSA 2010-48/CVE-2010-2755 (bmo#575836)
+    Dangling pointer crash regression from plugin parameter array
+    fix
+
+-------------------------------------------------------------------
+Fri Jul 16 06:48:44 CEST 2010 - wr@xxxxxxxxxxxxx
+
+- security update to 3.6.7 (bnc#622506)
+  * MFSA 2010-34/CVE-2010-1211/CVE-2010-1212
+    Miscellaneous memory safety hazards
+  * MFSA 2010-35/CVE-2010-1208 (bmo#572986)
+    DOM attribute cloning remote code execution vulnerability
+  * MFSA 2010-36/CVE-2010-1209 (bmo#552110)
+    Use-after-free error in NodeIterator
+  * MFSA 2010-37/CVE-2010-1214 (bmo#572985)
+    Plugin parameter EnsureCachedAttrParamArrays remote code
+    execution vulnerability
+  * MFSA 2010-38/CVE-2010-1215 (bmo#567069)
+    Arbitrary code execution using SJOW and fast native function
+  * MFSA 2010-39/CVE-2010-2752 (bmo#574059)
+    nsCSSValue::Array index integer overflow
+  * MFSA 2010-40/CVE-2010-2753 (bmo#571106)
+    nsTreeSelection dangling pointer remote code execution
+    vulnerability
+  * MFSA 2010-41/CVE-2010-1205 (bmo#570451)
+    Remote code execution using malformed PNG image
+  * MFSA 2010-42/CVE-2010-1213 (bmo#568148)
+    Cross-origin data disclosure via Web Workers and importScripts
+  * MFSA 2010-43/CVE-2010-1207 (bmo#571287)
+    Same-origin bypass using canvas context
+  * MFSA 2010-44/CVE-2010-1210 (bmo#564679)
+    Characters mapped to U+FFFD in 8 bit encodings cause subsequent
+    character to vanish
+  * MFSA 2010-45/CVE-2010-1206/CVE-2010-2751 (bmo#536466,556957)
+    Multiple location bar spoofing vulnerabilities
+  * MFSA 2010-46/CVE-2010-0654 (bmo#524223)
+    Cross-domain data theft using CSS
+  * MFSA 2010-47/CVE-2010-2754 (bmo#568564)
+    Cross-origin data leakage from script filename in error messages
+
+-------------------------------------------------------------------

calling whatdependson for head-i586


Old:
----
  firefox-3.6.6-source.tar.bz2
  l10n-3.6.6.tar.bz2
  mozilla-crashreporter-x86_64.patch

New:
----
  firefox-3.6.8-source.tar.bz2
  l10n-3.6.8.tar.bz2

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ MozillaFirefox.spec ++++++
--- /var/tmp/diff_new_pack.8ss6TY/_old  2010-08-01 17:17:14.000000000 +0200
+++ /var/tmp/diff_new_pack.8ss6TY/_new  2010-08-01 17:17:14.000000000 +0200
@@ -1,5 +1,5 @@
 #
-# spec file for package MozillaFirefox (Version 3.6.6)
+# spec file for package MozillaFirefox (Version 3.6.8)
 #
 # Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #               2006-2010 Wolfgang Rosenauer
@@ -22,7 +22,7 @@
 Name:           MozillaFirefox
 %define xulrunner mozilla-xulrunner192
 BuildRequires:  autoconf213 gcc-c++ libcurl-devel libgnomeui-devel 
libidl-devel libnotify-devel python unzip update-desktop-files zip
-BuildRequires:  %{xulrunner}-devel = 1.9.2.6
+BuildRequires:  %{xulrunner}-devel = 1.9.2.8
 %if %suse_version > 1020
 BuildRequires:  fdupes
 %endif
@@ -34,9 +34,9 @@
 License:        GPLv2+ ; LGPLv2.1+ ; MPLv1.1+
 Provides:       web_browser
 Provides:       firefox
-Version:        3.6.6
+Version:        3.6.8
 Release:        1
-%define         releasedate 2010062600
+%define         releasedate 2010072300
 Summary:        Mozilla Firefox Web Browser
 Url:            http://www.mozilla.org/
 Group:          Productivity/Networking/Web/Browsers
@@ -63,7 +63,6 @@
 Patch9:         firefox-kde.patch
 Patch10:        firefox-ui-lockdown.patch
 Patch11:        firefox-crashreporter.patch
-Patch12:        mozilla-crashreporter-x86_64.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 Requires(post):   coreutils shared-mime-info desktop-file-utils
 Requires(postun): shared-mime-info desktop-file-utils
@@ -88,6 +87,11 @@
 ### build options
 %define branding 1
 %define localize 1 
+%ifarch ppc ppc64 s390 s390x ia64
+%define crashreporter    0
+%else
+%define crashreporter    1
+%endif
 ### build options end
 
 %description
@@ -167,7 +171,6 @@
 %endif
 %patch10 -p1
 %patch11 -p1
-%patch12 -p1
 
 %build
 export MOZ_BUILD_DATE=%{releasedate}
@@ -361,7 +364,9 @@
 %{progdir}/%{progname}
 %{progdir}/application.ini
 %{progdir}/blocklist.xml
+%if %crashreporter
 %{progdir}/crashreporter-override.ini
+%endif
 %{_datadir}/applications/%{name}.desktop
 %{_datadir}/mime/packages/%{progname}.xml
 %{_datadir}/pixmaps/firefox*

++++++ firefox-3.6.6-source.tar.bz2 -> firefox-3.6.8-source.tar.bz2 ++++++
MozillaFirefox/firefox-3.6.6-source.tar.bz2 
/mounts/work_src_done/STABLE/MozillaFirefox/firefox-3.6.8-source.tar.bz2 
differ: char 11, line 1


++++++ l10n-3.6.6.tar.bz2 -> l10n-3.6.8.tar.bz2 ++++++
MozillaFirefox/l10n-3.6.6.tar.bz2 
/mounts/work_src_done/STABLE/MozillaFirefox/l10n-3.6.8.tar.bz2 differ: char 11, 
line 1


++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++



Remember to have fun...

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-commit+help@xxxxxxxxxxxx