commit MozillaFirefox for openSUSE:Factory
Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory checked in at 2016-09-25 14:29:52
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "MozillaFirefox"
Changes:
--------
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes 2016-09-01 14:02:07.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes 2016-09-25 14:29:53.000000000 +0200
@@ -1,0 +2,59 @@
+Fri Sep 23 20:36:39 UTC 2016 - astieger@suse.com
+
+- Mozilla Firefox 49.0.1:
+ * Mitigate a startup crash issue caused by Websense - bmo#1304783
+
+-------------------------------------------------------------------
+Tue Sep 20 07:09:52 UTC 2016 - wr@rosenauer.org
+
+- update to Firefox 49.0 (boo#999701)
+ new features
+ * Updated Firefox Login Manager to allow HTTPS pages to use saved
+ HTTP logins.
+ * Added features to Reader Mode that make it easier on the eyes and
+ the ears
+ * Improved video performance for users on systems that support
+ SSE3 without hardware acceleration
+ * Added context menu controls to HTML5 audio and video that let users
+ loops files or play files at 1.25x speed
+ * Improvements in about:memory reports for tracking font memory usage
+ security related
+ * MFSA 2016-85
+ CVE-2016-2827 (bmo#1289085) - Out-of-bounds read in
+ mozilla::net::IsValidReferrerPolicy
+ CVE-2016-5270 (bmo#1291016) - Heap-buffer-overflow in
+ nsCaseTransformTextRunFactory::TransformString
+ CVE-2016-5271 (bmo#1288946) - Out-of-bounds read in
+ PropertyProvider::GetSpacingInternal
+ CVE-2016-5272 (bmo#1297934) - Bad cast in nsImageGeometryMixin
+ CVE-2016-5273 (bmo#1280387) - crash in
+ mozilla::a11y::HyperTextAccessible::GetChildOffset
+ CVE-2016-5276 (bmo#1287721) - Heap-use-after-free in
+ mozilla::a11y::DocAccessible::ProcessInvalidationList
+ CVE-2016-5274 (bmo#1282076) - use-after-free in
+ nsFrameManager::CaptureFrameState
+ CVE-2016-5277 (bmo#1291665) - Heap-use-after-free in nsRefreshDriver::Tick
+ CVE-2016-5275 (bmo#1287316) - global-buffer-overflow in
+ mozilla::gfx::FilterSupport::ComputeSourceNeededRegions
+ CVE-2016-5278 (bmo#1294677) - Heap-buffer-overflow in
+ nsBMPEncoder::AddImageFrame
+ CVE-2016-5279 (bmo#1249522) - Full local path of files is available
+ to web pages after drag and drop
+ CVE-2016-5280 (bmo#1289970) - Use-after-free in
+ mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap
+ CVE-2016-5281 (bmo#1284690) - use-after-free in DOMSVGLength
+ CVE-2016-5282 (bmo#932335) - Don't allow content to request favicons
+ from non-whitelisted schemes
+ CVE-2016-5283 (bmo#928187) - <iframe src> fragment timing attack can
+ reveal cross-origin data
+ CVE-2016-5284 (bmo#1303127) - Add-on update site certificate pin expiration
+ CVE-2016-5256 - Memory safety bugs fixed in Firefox 49
+ CVE-2016-5257 - Memory safety bugs fixed in Firefox 49 and Firefox ESR 45.4
+- removed obsolete patches:
+ * mozilla-aarch64-48bit-va.patch
+ * mozilla-exclude-nametablecpp.patch
+ * mozilla-old_configure-bmo1282843.patch
+- added patch mozilla-skia-overflow.patch (bmo#1304114)
+- requires NSS 3.25
+
+-------------------------------------------------------------------
Old:
----
firefox-48.0.2-source.tar.xz
l10n-48.0.2.tar.xz
mozilla-aarch64-48bit-va.patch
mozilla-exclude-nametablecpp.patch
mozilla-old_configure-bmo1282843.patch
New:
----
firefox-49.0.1-source.tar.xz
l10n-49.0.1.tar.xz
mozilla-skia-overflow.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ MozillaFirefox.spec ++++++
--- /var/tmp/diff_new_pack.Z1BsV2/_old 2016-09-25 14:30:23.000000000 +0200
+++ /var/tmp/diff_new_pack.Z1BsV2/_new 2016-09-25 14:30:23.000000000 +0200
@@ -18,10 +18,10 @@
# changed with every update
-%define major 48
-%define mainver %major.0.2
+%define major 49
+%define mainver %major.0.1
%define update_channel release
-%define releasedate 20160824000000
+%define releasedate 20160923000000
# PIE, full relro (x86_64 for now)
%define build_hardened 1
@@ -75,7 +75,7 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.12
-BuildRequires: mozilla-nss-devel >= 3.24
+BuildRequires: mozilla-nss-devel >= 3.25
BuildRequires: nss-shared-helper-devel
BuildRequires: python-devel
BuildRequires: startup-notification-devel
@@ -146,10 +146,8 @@
Patch11: mozilla-reduce-files-per-UnifiedBindings.patch
Patch12: mozilla-gtk3_20.patch
Patch13: mozilla-check_return.patch
-Patch15: mozilla-exclude-nametablecpp.patch
-Patch16: mozilla-aarch64-48bit-va.patch
+Patch14: mozilla-skia-overflow.patch
Patch17: mozilla-binutils-visibility.patch
-Patch18: mozilla-old_configure-bmo1282843.patch
# Firefox/browser
Patch101: firefox-kde.patch
Patch102: firefox-no-default-ualocale.patch
@@ -265,10 +263,8 @@
%patch12 -p1
%endif
%patch13 -p1
-%patch15 -p1
-%patch16 -p1
+%patch14 -p1
%patch17 -p1
-%patch18 -p1
# Firefox
%patch101 -p1
%patch102 -p1
++++++ compare-locales.tar.xz ++++++
++++++ create-tar.sh ++++++
--- /var/tmp/diff_new_pack.Z1BsV2/_old 2016-09-25 14:30:23.000000000 +0200
+++ /var/tmp/diff_new_pack.Z1BsV2/_new 2016-09-25 14:30:23.000000000 +0200
@@ -7,8 +7,8 @@
CHANNEL="release"
BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_48_0_2_RELEASE"
-VERSION="48.0.2"
+RELEASE_TAG="FIREFOX_49_0_1_RELEASE"
+VERSION="49.0.1"
# mozilla
if [ -d mozilla ]; then
++++++ firefox-48.0.2-source.tar.xz -> firefox-49.0.1-source.tar.xz ++++++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-48.0.2-source.tar.xz /work/SRC/openSUSE:Factory/.MozillaFirefox.new/firefox-49.0.1-source.tar.xz differ: char 25, line 1
++++++ firefox-kde.patch ++++++
--- /var/tmp/diff_new_pack.Z1BsV2/_old 2016-09-25 14:30:23.000000000 +0200
+++ /var/tmp/diff_new_pack.Z1BsV2/_new 2016-09-25 14:30:23.000000000 +0200
@@ -1,11 +1,11 @@
# HG changeset patch
-# Parent 07e419c2bbc63c486d25fd8ce117abd10e9ebdba
+# Parent 2704257a50b4ff60fa43eca8d4a547c6d70bb30e
diff --git a/browser/base/content/browser-kde.xul b/browser/base/content/browser-kde.xul
new file mode 100644
--- /dev/null
+++ b/browser/base/content/browser-kde.xul
-@@ -0,0 +1,1174 @@
+@@ -0,0 +1,1179 @@
+#filter substitution
+<?xml version="1.0"?>
+# -*- Mode: HTML -*-
@@ -16,6 +16,7 @@
+
+<?xml-stylesheet href="chrome://browser/content/browser.css" type="text/css"?>
+<?xml-stylesheet href="chrome://browser/content/places/places.css" type="text/css"?>
++<?xml-stylesheet href="chrome://browser/content/usercontext/usercontext.css" type="text/css"?>
+<?xml-stylesheet href="chrome://devtools/skin/devtools-browser.css" type="text/css"?>
+<?xml-stylesheet href="chrome://browser/skin/controlcenter/panel.css" type="text/css"?>
+<?xml-stylesheet href="chrome://browser/skin/customizableui/panelUIOverlay.css" type="text/css"?>
@@ -296,18 +297,6 @@
+ noautofocus="true"
+ position="topcenter topright"/>
+
-+
participants (1)
-
root@hilbert.suse.de