Hello community,
here is the log from the commit of package mozilla-xulrunner192 for openSUSE:Factory
checked in at Fri Sep 10 15:01:03 CEST 2010.
--------
--- mozilla-xulrunner192/mozilla-xulrunner192.changes 2010-08-30 17:33:06.000000000 +0200
+++ mozilla-xulrunner192/mozilla-xulrunner192.changes 2010-09-08 07:25:46.000000000 +0200
@@ -1,0 +2,32 @@
+Mon Aug 30 17:34:28 CEST 2010 - wr@rosenauer.org
+
+- security update to 1.9.2.9 (bnc#637303)
+ * MFSA 2010-49/CVE-2010-3169
+ Miscellaneous memory safety hazards
+ * MFSA 2010-50/CVE-2010-2765 (bmo#576447)
+ Frameset integer overflow vulnerability
+ * MFSA 2010-51/CVE-2010-2767 (bmo#584512)
+ Dangling pointer vulnerability using DOM plugin array
+ * MFSA 2010-53/CVE-2010-3166 (bmo#579655)
+ Heap buffer overflow in nsTextFrameUtils::TransformText
+ * MFSA 2010-54/CVE-2010-2760 (bmo#585815)
+ Dangling pointer vulnerability in nsTreeSelection
+ * MFSA 2010-55/CVE-2010-3168 (bmo#576075)
+ XUL tree removal crash and remote code execution
+ * MFSA 2010-56/CVE-2010-3167 (bmo#576070)
+ Dangling pointer vulnerability in nsTreeContentView
+ * MFSA 2010-57/CVE-2010-2766 (bmo#580445)
+ Crash and remote code execution in normalizeDocument
+ * MFSA 2010-59/CVE-2010-2762 (bmo#584180)
+ SJOW creates scope chains ending in outer object
+ * MFSA 2010-61/CVE-2010-2768 (bmo#579744)
+ UTF-7 XSS by overriding document charset using <object> type
+ attribute
+ * MFSA 2010-62/CVE-2010-2769 (bmo#520189)
+ Copy-and-paste or drag-and-drop into designMode document allows
+ XSS
+ * MFSA 2010-63/CVE-2010-2764 (bmo#552090)
+ Information leak via XMLHttpRequest statusText
+- honor LANGUAGE environment variable for UI locale (bmo#583793)
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
Old:
----
l10n-1.9.2.8.tar.bz2
xulrunner-source-1.9.2.8.tar.bz2
New:
----
l10n-1.9.2.9.tar.bz2
mozilla-locale.patch
xulrunner-source-1.9.2.9.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ mozilla-xulrunner192.spec ++++++
--- /var/tmp/diff_new_pack.FnAMnd/_old 2010-09-10 14:56:27.000000000 +0200
+++ /var/tmp/diff_new_pack.FnAMnd/_new 2010-09-10 14:56:27.000000000 +0200
@@ -1,5 +1,5 @@
#
-# spec file for package mozilla-xulrunner192 (Version 1.9.2.8)
+# spec file for package mozilla-xulrunner192 (Version 1.9.2.9)
#
# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
# 2006-2010 Wolfgang Rosenauer
@@ -39,12 +39,12 @@
BuildRequires: wireless-tools
%endif
License: GPLv2+ ; LGPLv2.1+ ; MPLv1.1+
-Version: 1.9.2.8
-Release: 2
-%define releasedate 2010072300
-%define version_internal 1.9.2.8
+Version: 1.9.2.9
+Release: 1
+%define releasedate 2010082400
+%define version_internal 1.9.2.9
%define apiversion 1.9.2
-%define uaweight 192080
+%define uaweight 192090
Summary: Mozilla Runtime Environment 1.9.2
Url: http://www.mozilla.org
Group: Productivity/Other
@@ -81,10 +81,11 @@
Patch11: mozilla-gconf-backend.patch
Patch12: gecko-lockdown.patch
Patch13: toolkit-ui-lockdown.patch
-Patch14: mozilla-cairo-lcd.patch
# ---
+Patch14: mozilla-cairo-lcd.patch
Patch15: mozilla-ua-locale-pref.patch
-Patch16: mozilla-gdk-pixbuf.patch
+Patch16: mozilla-locale.patch
+Patch17: mozilla-gdk-pixbuf.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Requires: mozilla-js192 = %{version}
Requires(post): update-alternatives coreutils
@@ -235,6 +236,7 @@
# bmo#542999
%patch15 -p1
%patch16 -p1
+%patch17 -p1
%build
%if %suse_version >= 1110
++++++ create-tar.sh ++++++
--- /var/tmp/diff_new_pack.FnAMnd/_old 2010-09-10 14:56:27.000000000 +0200
+++ /var/tmp/diff_new_pack.FnAMnd/_new 2010-09-10 14:56:27.000000000 +0200
@@ -1,7 +1,7 @@
#!/bin/bash
-RELEASE_TAG="FIREFOX_3_6_8_RELEASE"
-VERSION="1.9.2.8"
+RELEASE_TAG="FIREFOX_3_6_9_RELEASE"
+VERSION="1.9.2.9"
# mozilla
hg clone http://hg.mozilla.org/releases/mozilla-1.9.2 mozilla
++++++ l10n-1.9.2.8.tar.bz2 -> l10n-1.9.2.9.tar.bz2 ++++++
mozilla-xulrunner192/l10n-1.9.2.8.tar.bz2 mozilla-xulrunner192/l10n-1.9.2.9.tar.bz2 differ: char 11, line 1
++++++ mozilla-locale.patch ++++++
# HG changeset patch
# User Wolfgang Rosenauer