Hello community, here is the log from the commit of package mozilla-xulrunner191 for openSUSE:Factory checked in at Wed Dec 16 09:38:48 CET 2009. -------- --- mozilla-xulrunner191/mozilla-xulrunner191.changes 2009-11-23 13:44:19.000000000 +0100 +++ /mounts/work_src_done/STABLE/mozilla-xulrunner191/mozilla-xulrunner191.changes 2009-12-16 06:50:53.000000000 +0100 @@ -1,0 +2,27 @@ +Fri Dec 4 15:34:01 CET 2009 - wr@rosenauer.org + +- security update to version 1.9.1.6 (bnc#559807) + * MFSA 2009-65/CVE-2009-3979/CVE-2009-3980/CVE-2009-3982 + Crashes with evidence of memory corruption (rv:1.9.1.6) + * MFSA 2009-66/CVE-2009-3388 (bmo#504843,bmo#523816) + Memory safety fixes in liboggplay media library + * MFSA 2009-67/CVE-2009-3389 (bmo#515882,bmo#504613) + Integer overflow, crash in libtheora video library + * MFSA 2009-68/CVE-2009-3983 (bmo#487872) + NTLM reflection vulnerability + * MFSA 2009-69/CVE-2009-3984/CVE-2009-3985 (bmo#521461,bmo#514232) + Location bar spoofing vulnerabilities + * MFSA 2009-70/VE-2009-3986 (bmo#522430) + Privilege escalation via chrome window.opener +- use internal cairo up to 11.1 +- provide mozilla-kde4-version to make KDE helper version + more version independent +- use .autoreg file for autoregistration when needed (bnc#440872) + +------------------------------------------------------------------- +Tue Nov 24 12:59:56 CET 2009 - wr@rosenauer.org + +- added mozilla-clipboard.patch fixing a common crash + (bmo#495392, bnc#556886) + +------------------------------------------------------------------- calling whatdependson for head-i586 Old: ---- l10n-1.9.1.5.tar.bz2 xulrunner-source-1.9.1.5.tar.bz2 New: ---- l10n-1.9.1.6.tar.bz2 mozilla-clipboard.patch xulrunner-source-1.9.1.6.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ mozilla-xulrunner191.spec ++++++ --- /var/tmp/diff_new_pack.QcWVwT/_old 2009-12-16 09:35:34.000000000 +0100 +++ /var/tmp/diff_new_pack.QcWVwT/_new 2009-12-16 09:35:34.000000000 +0100 @@ -1,5 +1,5 @@ # -# spec file for package mozilla-xulrunner191 (Version 1.9.1.5) +# spec file for package mozilla-xulrunner191 (Version 1.9.1.6) # # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. # Copyright (c) 2006-2009 Wolfgang Rosenauer @@ -35,9 +35,9 @@ #%if %suse_version > 1110 #BuildRequires: libproxy-devel #%endif -License: GPLv2+ ; LGPLv2.1+ ; MPL 1.1 or later -Version: 1.9.1.5 -Release: 3 +License: GPLv2+ ; LGPLv2.1+ ; MPLv1.1+ +Version: 1.9.1.6 +Release: 1 Summary: Mozilla Runtime Environment 1.9.1 Url: http://www.mozilla.org Group: Productivity/Other @@ -46,6 +46,7 @@ # this is needed to match this package with the kde4 helper package without the main package # having a hard requirement on the kde4 package %define kde_helper_version 6 +Provides: mozilla-kde4-version = %{kde_helper_version} Provides: mozilla-xulrunner191-kde4-version = %{kde_helper_version} %endif %ifarch %ix86 @@ -63,6 +64,7 @@ Patch3: mozilla-pkgconfig.patch Patch4: idldir.patch Patch5: mozilla-path_len.patch +Patch6: mozilla-clipboard.patch Patch7: mozilla-nongnome-proxies.patch Patch8: mozilla-helper-app.patch Patch9: mozilla-system-hunspell.patch.bz2 @@ -87,13 +89,13 @@ %define has_system_nspr 1 %define has_system_nss 1 %endif -%if %suse_version > 1100 +%if %suse_version > 1110 %define has_system_cairo 1 %endif -%define releasedate 2009110300 +%define releasedate 2009120100 %define version_internal %{version} %define apiversion 1.9.1 -%define uaweight 191050 +%define uaweight 191060 ### configuration end ### %define _use_internal_dependency_generator 0 %define __find_requires sh %{SOURCE2} @@ -116,7 +118,7 @@ %package devel -License: GPLv2+ ; LGPLv2.1+ ; MPL 1.1 or later +License: GPLv2+ ; LGPLv2.1+ ; MPLv1.1+ Summary: XULRunner/Gecko SDK 1.9.1 Group: Development/Libraries/Other %if %has_system_nspr @@ -132,7 +134,7 @@ %package translations-common -License: GPLv2+ ; LGPLv2.1+ ; MPL 1.1 or later +License: GPLv2+ ; LGPLv2.1+ ; MPLv1.1+ Summary: Common translations for XULRunner 1.9.1 Group: System/Localization PreReq: %{name} = %{version} @@ -149,7 +151,7 @@ %package translations-other -License: GPLv2+ ; LGPLv2.1+ ; MPL 1.1 or later +License: GPLv2+ ; LGPLv2.1+ ; MPLv1.1+ Summary: Extra translations for XULRunner 1.9.1 Group: System/Localization PreReq: %{name} = %{version} @@ -165,7 +167,7 @@ %package gnomevfs -License: GPLv2+ ; LGPLv2.1+ ; MPL +License: GPLv2+ ; LGPLv2.1+ ; MPLv1.1+ Summary: XULRunner components depending on gnome-vfs Group: Productivity/Other PreReq: %{name} = %{version}-%{release} @@ -178,7 +180,7 @@ %package -n python-xpcom191 -License: GPLv2+ ; LGPLv2.1+ ; MPL .. +License: GPLv2+ ; LGPLv2.1+ ; MPLv1.1+ Summary: Python XPCOM bindings Group: Development/Languages/Python Provides: python-xpcom @@ -198,6 +200,7 @@ %patch3 -p1 %patch4 %patch5 -p1 +%patch6 -p1 %patch7 %patch8 -p1 pushd extensions @@ -384,6 +387,8 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/LICENSE rm -f $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/README.txt rm -f $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/dictionaries/en-US* +# autoreg +touch $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/.autoreg # fdupes %if %suse_version > 1020 %fdupes $RPM_BUILD_ROOT%{_includedir}/xulrunner-%{version_internal}/ @@ -429,6 +434,10 @@ %{_libdir}/xulrunner-%{version_internal}/add-plugins.sh > /dev/null 2>&1 exit 0 +%post gnomevfs +touch %{_libdir}/xulrunner-%{version_internal}/.autoreg +exit 0 + %files %defattr(-,root,root) %dir %{_libdir}/xulrunner-%{version_internal}/ @@ -455,6 +464,7 @@ %{_libdir}/xulrunner-%{version_internal}/plugins/ %{_libdir}/xulrunner-%{version_internal}/res/ %{_libdir}/xulrunner-%{version_internal}/*.so +%{_libdir}/xulrunner-%{version_internal}/.autoreg %{_libdir}/xulrunner-%{version_internal}/add-plugins.sh %{_libdir}/xulrunner-%{version_internal}/dependentlibs.list %{_libdir}/xulrunner-%{version_internal}/mozilla-xremote-client ++++++ create-tar.sh ++++++ --- /var/tmp/diff_new_pack.QcWVwT/_old 2009-12-16 09:35:34.000000000 +0100 +++ /var/tmp/diff_new_pack.QcWVwT/_new 2009-12-16 09:35:34.000000000 +0100 @@ -1,7 +1,7 @@ #!/bin/bash -RELEASE_TAG="FIREFOX_3_5_5_RELEASE" -VERSION="1.9.1.5" +RELEASE_TAG="FIREFOX_3_5_6_RELEASE" +VERSION="1.9.1.6" # mozilla hg clone http://hg.mozilla.org/releases/mozilla-1.9.1 mozilla ++++++ l10n-1.9.1.5.tar.bz2 -> l10n-1.9.1.6.tar.bz2 ++++++ mozilla-xulrunner191/l10n-1.9.1.5.tar.bz2 /mounts/work_src_done/STABLE/mozilla-xulrunner191/l10n-1.9.1.6.tar.bz2 differ: byte 11, line 1 ++++++ mozilla-clipboard.patch ++++++ From: Martin Stránský Subject: Fix crash in clipboard handling References: https://bugzilla.mozilla.org/show_bug.cgi?id=495392 diff --git a/widget/src/gtk2/nsClipboard.cpp b/widget/src/gtk2/nsClipboard.cpp --- a/widget/src/gtk2/nsClipboard.cpp +++ b/widget/src/gtk2/nsClipboard.cpp @@ -440,21 +440,21 @@ nsClipboard::HasDataMatchingFlavors(cons if (!strcmp(aFlavorList[i], kUnicodeMime) && gtk_selection_data_targets_include_text(selection_data)) { *_retval = PR_TRUE; break; } for (PRInt32 j = 0; j < n_targets; j++) { gchar *atom_name = gdk_atom_name(targets[j]); - if (!strcmp(atom_name, aFlavorList[i])) + if (!g_strcmp0(atom_name, aFlavorList[i])) *_retval = PR_TRUE; // X clipboard wants image/jpeg, not image/jpg - if (!strcmp(aFlavorList[i], kJPEGImageMime) && !strcmp(atom_name, "image/jpeg")) + if (!g_strcmp0(aFlavorList[i], kJPEGImageMime) && !g_strcmp0(atom_name, "image/jpeg")) *_retval = PR_TRUE; g_free(atom_name); if (*_retval) break; } } diff --git a/widget/src/gtk2/nsDragService.cpp b/widget/src/gtk2/nsDragService.cpp --- a/widget/src/gtk2/nsDragService.cpp +++ b/widget/src/gtk2/nsDragService.cpp @@ -796,46 +796,43 @@ nsDragService::IsDataFlavorSupported(con GList *tmp; for (tmp = mTargetDragContext->targets; tmp; tmp = tmp->next) { /* Bug 331198 */ GdkAtom atom = GDK_POINTER_TO_ATOM(tmp->data); gchar *name = NULL; name = gdk_atom_name(atom); PR_LOG(sDragLm, PR_LOG_DEBUG, ("checking %s against %s\n", name, aDataFlavor)); - if (name && (strcmp(name, aDataFlavor) == 0)) { + if (g_strcmp0(name, aDataFlavor) == 0) { PR_LOG(sDragLm, PR_LOG_DEBUG, ("good!\n")); *_retval = PR_TRUE; } // check for automatic text/uri-list -> text/x-moz-url mapping if (*_retval == PR_FALSE && - name && - (strcmp(name, gTextUriListType) == 0) && - (strcmp(aDataFlavor, kURLMime) == 0)) { + (g_strcmp0(name, gTextUriListType) == 0) && + (g_strcmp0(aDataFlavor, kURLMime) == 0)) { PR_LOG(sDragLm, PR_LOG_DEBUG, ("good! ( it's text/uri-list and \ we're checking against text/x-moz-url )\n")); *_retval = PR_TRUE; } // check for automatic _NETSCAPE_URL -> text/x-moz-url mapping if (*_retval == PR_FALSE && - name && - (strcmp(name, gMozUrlType) == 0) && - (strcmp(aDataFlavor, kURLMime) == 0)) { + (g_strcmp0(name, gMozUrlType) == 0) && + (g_strcmp0(aDataFlavor, kURLMime) == 0)) { PR_LOG(sDragLm, PR_LOG_DEBUG, ("good! ( it's _NETSCAPE_URL and \ we're checking against text/x-moz-url )\n")); *_retval = PR_TRUE; } // check for auto text/plain -> text/unicode mapping if (*_retval == PR_FALSE && - name && - (strcmp(name, kTextMime) == 0) && - ((strcmp(aDataFlavor, kUnicodeMime) == 0) || - (strcmp(aDataFlavor, kFileMime) == 0))) { + (g_strcmp0(name, kTextMime) == 0) && + ((g_strcmp0(aDataFlavor, kUnicodeMime) == 0) || + (g_strcmp0(aDataFlavor, kFileMime) == 0))) { PR_LOG(sDragLm, PR_LOG_DEBUG, ("good! ( it's text plain and we're checking \ against text/unicode or application/x-moz-file)\n")); *_retval = PR_TRUE; } g_free(name); } return NS_OK; @@ -946,17 +943,17 @@ nsDragService::IsTargetContextList(void) // walk the list of context targets and see if one of them is a list // of items. for (tmp = mTargetDragContext->targets; tmp; tmp = tmp->next) { /* Bug 331198 */ GdkAtom atom = GDK_POINTER_TO_ATOM(tmp->data); gchar *name = NULL; name = gdk_atom_name(atom); - if (strcmp(name, gMimeListType) == 0) + if (g_strcmp0(name, gMimeListType) == 0) retval = PR_TRUE; g_free(name); if (retval) break; } return retval; } ++++++ xulrunner-source-1.9.1.5.tar.bz2 -> xulrunner-source-1.9.1.6.tar.bz2 ++++++ mozilla-xulrunner191/xulrunner-source-1.9.1.5.tar.bz2 /mounts/work_src_done/STABLE/mozilla-xulrunner191/xulrunner-source-1.9.1.6.tar.bz2 differ: byte 11, line 1 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org