commit mozilla-xulrunner190 for openSUSE:Factory

8 Mar 2009

Hello community,

here is the log from the commit of package mozilla-xulrunner190 for openSUSE:Factory
checked in at Mon Mar 9 00:27:10 CET 2009.


--------

--- mozilla-xulrunner190/mozilla-xulrunner190.changes	2009-02-04 23:09:35.000000000 +0100
+++ /mounts/work_src_done/STABLE/mozilla-xulrunner190/mozilla-xulrunner190.changes	2009-03-06 08:58:32.000000000 +0100
@@ -1,0 +2,25 @@
+Thu Mar  5 16:33:09 CST 2009 - pwu@suse.de
+
+- Backport a patch from xulrunner191, 
+  and fix bnc#465284 and CVE-2009-0071.
+
+-------------------------------------------------------------------
+Sun Mar  1 11:08:58 CET 2009 - wr@rosenauer.org
+
+- security update to 1.9.0.7 (bnc#478625)
+  * MFSA 2009-07 - Crashes with evidence of memory corruption
+    CVE-2009-0771 - Layout Engine Crashes
+    CVE-2009-0772 - Layout Engine Crashes
+    CVE-2009-0773 - crashes in the JavaScript engine
+    CVE-2009-0774 - Layout Engine Crashes
+  * MFSA 2009-08/CVE-2009-0775 - (bmo#474456)
+    Mozilla Firefox XUL Linked Clones Double Free Vulnerability
+  * MFSA 2009-09/CVE-2009-0776 (bmo#414540)
+    XML data theft via RDFXMLDataSource and cross-domain redirect
+  * MFSA 2009-10/CVE-2009-0040 (bmo#478901)
+    Upgrade PNG library to fix memory safety hazards
+  * MFSA 2009-11/CVE-2009-0777 (bmo#452979)
+    URL spoofing with invisible control characters
+- removed obsolete patch to configure system sqlite
+
+-------------------------------------------------------------------

calling whatdependson for head-i586


Old:
----
  l10n-1.9.0.6.tar.bz2
  mozilla-sqlite-req.patch
  xulrunner-source-1.9.0.6.tar.bz2

New:
----
  bnc465284-VUL-designMode.patch
  l10n-1.9.0.7.tar.bz2
  xulrunner-source-1.9.0.7.tar.bz2

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ mozilla-xulrunner190.spec ++++++
--- /var/tmp/diff_new_pack.h19602/_old	2009-03-09 00:26:05.000000000 +0100
+++ /var/tmp/diff_new_pack.h19602/_new	2009-03-09 00:26:05.000000000 +0100
@@ -1,5 +1,5 @@
 #
-# spec file for package mozilla-xulrunner190 (Version 1.9.0.6)
+# spec file for package mozilla-xulrunner190 (Version 1.9.0.7)
 #
 # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
@@ -32,8 +32,8 @@
 BuildRequires:  nss-shared-helper-devel
 %endif
 License:        GPL v2 or later; LGPL v2.1 or later; MOZILLA PUBLIC LICENSE (MPL/NPL)
-Version:        1.9.0.6
-Release:        2
+Version:        1.9.0.7
+Release:        1
 Summary:        Mozilla Runtime Environment 1.9
 Url:            http://www.mozilla.org
 Group:          Productivity/Other
@@ -52,7 +52,6 @@
 Patch3:         mozilla-pkgconfig.patch
 Patch4:         idldir.patch
 Patch5:         mozilla-path_len.patch
-Patch6:         mozilla-sqlite-req.patch
 Patch7:         mozilla-nongnome-proxies.patch
 Patch8:         mozilla-helper-app.patch
 Patch9:         mozilla-system-hunspell.patch.bz2
@@ -66,6 +65,7 @@
 Patch18:        toolkit-ui-lockdown.patch
 Patch22:        mozilla-shared-nss-db.patch
 Patch23:        bmo472464.patch
+Patch24:        bnc465284-VUL-designMode.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 PreReq:         libstdc++ expat pango xorg-x11-libs fontconfig freetype2
 PreReq:         gtk2 atk glib2 update-alternatives coreutils
@@ -81,10 +81,10 @@
 %if %suse_version > 1100
 %define has_system_cairo 1
 %endif
-%define releasedate 2009012700
+%define releasedate 2009022800
 %define version_internal %{version}
 %define apiversion 1.9
-%define uaweight 190600
+%define uaweight 190700
 ### configuration end ###
 %define _use_internal_dependency_generator 0
 %define __find_requires sh %{SOURCE2}
@@ -197,7 +197,6 @@
 %patch3
 %patch4
 %patch5 -p1
-%patch6
 %patch7
 %patch8
 pushd extensions
@@ -212,6 +211,7 @@
 %patch18 -p1
 %patch22
 %patch23
+%patch24 -p1
 
 %build
 MOZ_APP_DIR=%{_libdir}/%{name}-%{version_internal}
@@ -480,6 +480,25 @@
 %endif
 
 %changelog
+* Thu Mar 05 2009 pwu@suse.de
+- Backport a patch from xulrunner191,
+  and fix bnc#465284 and CVE-2009-0071.
+* Sun Mar 01 2009 wr@rosenauer.org
+- security update to 1.9.0.7 (bnc#478625)
+  * MFSA 2009-07 - Crashes with evidence of memory corruption
+  CVE-2009-0771 - Layout Engine Crashes
+  CVE-2009-0772 - Layout Engine Crashes
+  CVE-2009-0773 - crashes in the JavaScript engine
+  CVE-2009-0774 - Layout Engine Crashes
+  * MFSA 2009-08/CVE-2009-0775 - (bmo#474456)
+  Mozilla Firefox XUL Linked Clones Double Free Vulnerability
+  * MFSA 2009-09/CVE-2009-0776 (bmo#414540)
+  XML data theft via RDFXMLDataSource and cross-domain redirect
+  * MFSA 2009-10/CVE-2009-0040 (bmo#478901)
+  Upgrade PNG library to fix memory safety hazards
+  * MFSA 2009-11/CVE-2009-0777 (bmo#452979)
+  URL spoofing with invisible control characters
+- removed obsolete patch to configure system sqlite
 * Wed Feb 04 2009 hfiguiere@suse.de
 - Review and approve changes.
 * Tue Feb 03 2009 wr@rosenauer.org

++++++ bnc465284-VUL-designMode.patch ++++++
# HG changeset patch
# User Mats Palmgren <mats.palmgren@bredband.net>
# Date 1235030140 -46800
# Node ID 2d759ec1998c9dd16a41d6939faf60b234775c33
# Parent  5302e1700561991b48e4c09f86a95552f0991333
Bug 448329. Make selection code more robust when the selection boundary is not in a block. r+sr=peterv

diff -r 5302e1700561 -r 2d759ec1998c editor/libeditor/html/nsHTMLCSSUtils.cpp
--- a/editor/libeditor/html/nsHTMLCSSUtils.cpp	Thu Feb 19 20:52:54 2009 +1300
+++ b/editor/libeditor/html/nsHTMLCSSUtils.cpp	Thu Feb 19 20:55:40 2009 +1300
@@ -843,6 +843,9 @@
       case eCSSEditableProperty_width:
         *aAtom = nsEditProperty::cssWidth;
         break;
+      case eCSSEditableProperty_NONE:
+        // intentionally empty
+        break;
     }
   }
 }
@@ -1406,6 +1409,11 @@
   nsresult res;
   res = node->GetNodeType(&type);
   if (NS_FAILED(res)) return res;
+
+  if (nsIDOMNode::DOCUMENT_NODE == type) {
+    return NS_ERROR_NULL_POINTER;
+  }
+
   // loop until we find an element
   while (node && nsIDOMNode::ELEMENT_NODE != type) {
     parentNode = node;
diff -r 5302e1700561 -r 2d759ec1998c editor/libeditor/html/nsHTMLEditor.cpp
--- a/editor/libeditor/html/nsHTMLEditor.cpp	Thu Feb 19 20:52:54 2009 +1300
+++ b/editor/libeditor/html/nsHTMLEditor.cpp	Thu Feb 19 20:55:40 2009 +1300
@@ -2365,7 +2365,8 @@
   PRInt32 offset;
   res = GetStartNodeAndOffset(selection, address_of(parent), &offset);
   if (NS_FAILED(res)) return res;
-  
+  if (!parent) return NS_ERROR_NULL_POINTER;
+
   // is the selection collapsed?
   PRBool bCollapsed;
   res = selection->GetIsCollapsed(&bCollapsed);
@@ -2399,6 +2400,8 @@
     nsCOMPtr<nsIDOMNode> blockParent = nodeToExamine;
     if (!isBlock) {
       blockParent = GetBlockNodeParent(nodeToExamine);
+      if (!blockParent)
+        return NS_OK;
     }
 
     // Make sure to not walk off onto the Document node
++++++ l10n-1.9.0.6.tar.bz2 -> l10n-1.9.0.7.tar.bz2 ++++++
mozilla-xulrunner190/l10n-1.9.0.6.tar.bz2 /mounts/work_src_done/STABLE/mozilla-xulrunner190/l10n-1.9.0.7.tar.bz2 differ: byte 11, line 1

++++++ xulrunner-source-1.9.0.6.tar.bz2 -> xulrunner-source-1.9.0.7.tar.bz2 ++++++
mozilla-xulrunner190/xulrunner-source-1.9.0.6.tar.bz2 /mounts/work_src_done/STABLE/mozilla-xulrunner190/xulrunner-source-1.9.0.7.tar.bz2 differ: byte 11, line 1


++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++



Remember to have fun...

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org

    

commit mozilla-xulrunner190 for openSUSE:Factory

root＠Hilbert.suse.de