Hello community, here is the log from the commit of package mozilla-xulrunner192 for openSUSE:11.4 checked in at Wed Aug 17 18:27:28 CEST 2011. -------- --- old-versions/11.4/UPDATES/all/mozilla-xulrunner192/mozilla-xulrunner192.changes 2011-06-21 18:46:52.000000000 +0200 +++ 11.4/mozilla-xulrunner192/mozilla-xulrunner192.changes 2011-08-16 23:20:12.000000000 +0200 @@ -1,0 +2,23 @@ +Fri Aug 5 09:35:34 UTC 2011 - wr@rosenauer.org + +- security update to 1.9.2.20 (bnc#712224) + fixed security issues MFSA 2011-30 + * CVE-2011-2982 + Miscellaneous memory safety hazards + * CVE-2011-0084 (bmo#648094) + Crash in SVGTextElement.getCharNumAtPosition() + * CVE-2011-2981 + Privilege escalation using event handlers + * CVE-2011-2378 (bmo#572129) + Privilege escalation dropping a tab element in content area + * CVE-2011-2980 (bmo#642469) + Binary planting vulnerability in ThinkPadSensor::Startup + * CVE-2011-2983 (bmo#626297) + Private data leakage using RegExp.input +- added mozilla-implicit-declarations.patch to fix rpmlint/gcc + checks +- added mozilla-curl.patch to remove obsolete header dependency +- added mozilla-linux3.patch to make python symbol dumper aware + of the "linux3" platform + +------------------------------------------------------------------- calling whatdependson for 11.4-i586 Old: ---- l10n-1.9.2.18.tar.bz2 xulrunner-source-1.9.2.18.tar.bz2 New: ---- l10n-1.9.2.20.tar.bz2 mozilla-curl.patch mozilla-implicit-declarations.patch mozilla-linux3.patch xulrunner-source-1.9.2.20.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ mozilla-xulrunner192.spec ++++++ --- /var/tmp/diff_new_pack.vQRM1Y/_old 2011-08-17 18:26:49.000000000 +0200 +++ /var/tmp/diff_new_pack.vQRM1Y/_new 2011-08-17 18:26:49.000000000 +0200 @@ -39,12 +39,12 @@ BuildRequires: wireless-tools %endif License: MPLv1.1 or GPLv2+ or LGPLv2+ -Version: 1.9.2.18 +Version: 1.9.2.20 Release: 1.<RELEASE2> -%define releasedate 2011061300 -%define version_internal 1.9.2.18 +%define releasedate 2011080400 +%define version_internal 1.9.2.20 %define apiversion 1.9.2 -%define uaweight 192180 +%define uaweight 192200 Summary: Mozilla Runtime Environment 1.9.2 Url: http://www.mozilla.org Group: Productivity/Other @@ -88,6 +88,9 @@ Patch18: mozilla-prlog.patch Patch19: mozilla-ntlm-full-path.patch Patch20: mozilla-gcc46.patch +Patch21: mozilla-implicit-declarations.patch +Patch22: mozilla-curl.patch +Patch23: mozilla-linux3.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires: mozilla-js192 = %{version} Requires(post): update-alternatives coreutils @@ -241,6 +244,9 @@ %patch18 -p1 %patch19 -p1 %patch20 -p1 +%patch21 -p1 +%patch22 -p1 +%patch23 -p1 %build %if %suse_version >= 1110 ++++++ create-tar.sh ++++++ --- /var/tmp/diff_new_pack.vQRM1Y/_old 2011-08-17 18:26:49.000000000 +0200 +++ /var/tmp/diff_new_pack.vQRM1Y/_new 2011-08-17 18:26:49.000000000 +0200 @@ -1,7 +1,7 @@ #!/bin/bash -RELEASE_TAG="FIREFOX_3_6_18_RELEASE" -VERSION="1.9.2.18" +RELEASE_TAG="FIREFOX_3_6_20_RELEASE" +VERSION="1.9.2.20" # mozilla hg clone http://hg.mozilla.org/releases/mozilla-1.9.2 mozilla ++++++ l10n-1.9.2.18.tar.bz2 -> l10n-1.9.2.20.tar.bz2 ++++++ old-versions/11.4/UPDATES/all/mozilla-xulrunner192/l10n-1.9.2.18.tar.bz2 11.4/mozilla-xulrunner192/l10n-1.9.2.20.tar.bz2 differ: char 11, line 1 ++++++ mozilla-curl.patch ++++++ # HG changeset patch # User Evan Shaw <edsrzf@gmail.com> # Parent 2d4a2ce9f921163094c9a29c776b2a6e986febe2 bug 673072 - remove deprecated curl header curl/types.h from Breakpad includes. r=ted diff --git a/config/system-headers b/config/system-headers --- a/config/system-headers +++ b/config/system-headers @@ -198,17 +198,16 @@ crt_externs.h crypt.h cstdio cstdlib cstring ctime ctype.h curl/curl.h curl/easy.h -curl/types.h curses.h cxxabi.h DateTimeUtils.h dbus/dbus.h dbus/dbus-glib.h dbus/dbus-glib-lowlevel.h ddeml.h Debug.h diff --git a/js/src/config/system-headers b/js/src/config/system-headers --- a/js/src/config/system-headers +++ b/js/src/config/system-headers @@ -198,17 +198,16 @@ crt_externs.h crypt.h cstdio cstdlib cstring ctime ctype.h curl/curl.h curl/easy.h -curl/types.h curses.h cxxabi.h DateTimeUtils.h dbus/dbus.h dbus/dbus-glib.h dbus/dbus-glib-lowlevel.h ddeml.h Debug.h diff --git a/toolkit/crashreporter/google-breakpad/src/common/linux/http_upload.cc b/toolkit/crashreporter/google-breakpad/src/common/linux/http_upload.cc --- a/toolkit/crashreporter/google-breakpad/src/common/linux/http_upload.cc +++ b/toolkit/crashreporter/google-breakpad/src/common/linux/http_upload.cc @@ -26,17 +26,16 @@ // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. #include <cassert> #include <dlfcn.h> #include <curl/curl.h> #include <curl/easy.h> -#include <curl/types.h> #include "common/linux/http_upload.h" namespace { // Callback to get the response data from server. static size_t WriteCallback(void *ptr, size_t size, size_t nmemb, void *userp) { diff --git a/toolkit/crashreporter/google-breakpad/src/common/linux/libcurl_wrapper.cc b/toolkit/crashreporter/google-breakpad/src/common/linux/libcurl_wrapper.cc --- a/toolkit/crashreporter/google-breakpad/src/common/linux/libcurl_wrapper.cc +++ b/toolkit/crashreporter/google-breakpad/src/common/linux/libcurl_wrapper.cc @@ -24,17 +24,16 @@ // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. #include <curl/curl.h> #include <curl/easy.h> -#include <curl/types.h> #include <dlfcn.h> #include <string> #include "common/linux/libcurl_wrapper.h" #include "third_party/linux/include/glog/logging.h" namespace google_breakpad { ++++++ mozilla-implicit-declarations.patch ++++++ # HG changeset patch # Parent e3c883f8276a5fd4afab00e226cf19031d6fc5ae diff --git a/gfx/qcms/iccread.c b/gfx/qcms/iccread.c --- a/gfx/qcms/iccread.c +++ b/gfx/qcms/iccread.c @@ -18,16 +18,17 @@ // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. #include <math.h> #include <assert.h> #include <stdlib.h> +#include <string.h> #include "qcmsint.h" //XXX: use a better typename typedef uint32_t __be32; typedef uint16_t __be16; #if 0 not used yet ++++++ mozilla-linux3.patch ++++++ # HG changeset patch # Parent bf7c3e1c6174630743f9f94808c4dd3a2edc0c6b diff --git a/toolkit/crashreporter/tools/symbolstore.py b/toolkit/crashreporter/tools/symbolstore.py --- a/toolkit/crashreporter/tools/symbolstore.py +++ b/toolkit/crashreporter/tools/symbolstore.py @@ -376,16 +376,17 @@ def GetVCSFilename(file, srcdirs): return (file.replace("\", "/"), root) def GetPlatformSpecificDumper(**kwargs): """This function simply returns a instance of a subclass of Dumper that is appropriate for the current platform.""" return {'win32': Dumper_Win32, 'cygwin': Dumper_Win32, 'linux2': Dumper_Linux, + 'linux3': Dumper_Linux, 'sunos5': Dumper_Solaris, 'darwin': Dumper_Mac}[sys.platform](**kwargs) def SourceIndex(fileStream, outputPath, vcs_root): """Takes a list of files, writes info to a data block in a .stream file""" # Creates a .pdb.stream file in the mozilla\objdir to be used for source indexing # Create the srcsrv data block that indexes the pdb file result = True ++++++ xulrunner-source-1.9.2.18.tar.bz2 -> xulrunner-source-1.9.2.20.tar.bz2 ++++++ old-versions/11.4/UPDATES/all/mozilla-xulrunner192/xulrunner-source-1.9.2.18.tar.bz2 11.4/mozilla-xulrunner192/xulrunner-source-1.9.2.20.tar.bz2 differ: char 11, line 1 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org