Hello community,
here is the log from the commit of package mozilla-xulrunner192 for openSUSE:Factory
checked in at Fri Jul 30 16:45:27 CEST 2010.
--------
--- mozilla-xulrunner192/mozilla-xulrunner192.changes 2010-06-29 20:29:28.000000000 +0200
+++ mozilla-xulrunner192/mozilla-xulrunner192.changes 2010-07-30 07:07:24.000000000 +0200
@@ -1,0 +2,56 @@
+Wed Jul 28 07:32:50 CEST 2010 - wr@rosenauer.org
+
+- fixed sound notifications through libesd (bmo#579877)
+- updated libproxy implementation after upstream review (bmo#517655)
+- added lcd filter patch for internal cairo
+
+-------------------------------------------------------------------
+Tue Jul 27 17:04:41 CEST 2010 - meissner@suse.de
+
+- disable ipc and crashreport for ia64,ppc,ppc64,s390,s390x.
+
+-------------------------------------------------------------------
+Sat Jul 24 12:42:58 CEST 2010 - wr@rosenauer.org
+
+- security update to 1.9.2.8 (bnc#622506)
+ * MFSA 2010-48/CVE-2010-2755 (bmo#575836)
+ Dangling pointer crash regression from plugin parameter array
+ fix
+
+-------------------------------------------------------------------
+Thu Jul 15 21:45:13 CEST 2010 - wr@rosenauer.org
+
+- security update to 1.9.2.7 (bnc#622506)
+ * MFSA 2010-34/CVE-2010-1211/CVE-2010-1212
+ Miscellaneous memory safety hazards
+ * MFSA 2010-35/CVE-2010-1208 (bmo#572986)
+ DOM attribute cloning remote code execution vulnerability
+ * MFSA 2010-36/CVE-2010-1209 (bmo#552110)
+ Use-after-free error in NodeIterator
+ * MFSA 2010-37/CVE-2010-1214 (bmo#572985)
+ Plugin parameter EnsureCachedAttrParamArrays remote code
+ execution vulnerability
+ * MFSA 2010-38/CVE-2010-1215 (bmo#567069)
+ Arbitrary code execution using SJOW and fast native function
+ * MFSA 2010-39/CVE-2010-2752 (bmo#574059)
+ nsCSSValue::Array index integer overflow
+ * MFSA 2010-40/CVE-2010-2753 (bmo#571106)
+ nsTreeSelection dangling pointer remote code execution
+ vulnerability
+ * MFSA 2010-41/CVE-2010-1205 (bmo#570451)
+ Remote code execution using malformed PNG image
+ * MFSA 2010-42/CVE-2010-1213 (bmo#568148)
+ Cross-origin data disclosure via Web Workers and importScripts
+ * MFSA 2010-43/CVE-2010-1207 (bmo#571287)
+ Same-origin bypass using canvas context
+ * MFSA 2010-44/CVE-2010-1210 (bmo#564679)
+ Characters mapped to U+FFFD in 8 bit encodings cause subsequent
+ character to vanish
+ * MFSA 2010-45/CVE-2010-1206/CVE-2010-2751 (bmo#536466,556957)
+ Multiple location bar spoofing vulnerabilities
+ * MFSA 2010-46/CVE-2010-0654 (bmo#524223)
+ Cross-domain data theft using CSS
+ * MFSA 2010-47/CVE-2010-2754 (bmo#568564)
+ Cross-origin data leakage from script filename in error messages
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
Old:
----
l10n-1.9.2.6.tar.bz2
mozilla-crashreporter-x86_64.patch
mozilla-system-nspr.patch
xulrunner-source-1.9.2.6.tar.bz2
New:
----
l10n-1.9.2.8.tar.bz2
mozilla-cairo-lcd.patch
mozilla-esd.patch
xulrunner-source-1.9.2.8.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ mozilla-xulrunner192.spec ++++++
--- /var/tmp/diff_new_pack.mJ4BUU/_old 2010-07-30 16:39:38.000000000 +0200
+++ /var/tmp/diff_new_pack.mJ4BUU/_new 2010-07-30 16:39:38.000000000 +0200
@@ -1,5 +1,5 @@
#
-# spec file for package mozilla-xulrunner192 (Version 1.9.2.6)
+# spec file for package mozilla-xulrunner192 (Version 1.9.2.8)
#
# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
# 2006-2010 Wolfgang Rosenauer
@@ -39,12 +39,12 @@
BuildRequires: wireless-tools
%endif
License: GPLv2+ ; LGPLv2.1+ ; MPLv1.1+
-Version: 1.9.2.6
+Version: 1.9.2.8
Release: 1
-%define releasedate 2010062600
-%define version_internal 1.9.2.6
+%define releasedate 2010072300
+%define version_internal 1.9.2.8
%define apiversion 1.9.2
-%define uaweight 192060
+%define uaweight 192080
Summary: Mozilla Runtime Environment 1.9.2
Url: http://www.mozilla.org
Group: Productivity/Other
@@ -75,21 +75,20 @@
Patch6: mozilla-helper-app.patch
Patch7: mozilla-prefer_plugin_pref.patch
Patch8: mozilla-shared-nss-db.patch
+Patch9: mozilla-esd.patch
Patch10: mozilla-kde.patch
# PATCH-FEATURE-SLED FATE#302023, FATE#302024
Patch11: mozilla-gconf-backend.patch
Patch12: gecko-lockdown.patch
Patch13: toolkit-ui-lockdown.patch
+Patch14: mozilla-cairo-lcd.patch
# ---
-Patch14: mozilla-system-nspr.patch
Patch15: mozilla-ua-locale-pref.patch
-Patch16: mozilla-crashreporter-x86_64.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Requires: mozilla-js192 = %{version}
Requires(post): update-alternatives coreutils
Requires(preun): update-alternatives coreutils
### build configuration ###
-%define crashreporter 1
%define has_system_nspr 0
%define has_system_nss 0
%define has_system_cairo 0
@@ -98,8 +97,12 @@
%define has_system_nspr 1
%define has_system_nss 1
%endif
-%if %suse_version > 1110
-%define has_system_cairo 1
+%ifarch ppc ppc64 s390 s390x ia64
+%define crashreporter 0
+%define plugincontainer 0
+%else
+%define crashreporter 1
+%define plugincontainer 1
%endif
### configuration end ###
%define _use_internal_dependency_generator 0
@@ -220,6 +223,7 @@
%patch6 -p1
%patch7 -p1
%patch8 -p1
+%patch9 -p1
%if %suse_version >= 1110
%patch10 -p1
%endif
@@ -229,7 +233,6 @@
%patch14 -p1
# bmo#542999
%patch15 -p1
-%patch16 -p1
%build
%if %suse_version >= 1110
@@ -276,10 +279,6 @@
#ac_add_options --with-system-png # no APNG support
ac_add_options --with-system-zlib
ac_add_options --with-l10n-base=../l10n
-ac_add_options --enable-xft
-ac_add_options --disable-freetype2
-ac_add_options --enable-svg
-ac_add_options --enable-canvas
ac_add_options --disable-tests
ac_add_options --disable-mochitest
ac_add_options --disable-installer
@@ -324,6 +323,12 @@
ac_add_options --disable-crashreporter
EOF
%endif
+%if ! %plugincontainer
+cat << EOF >> $MOZCONFIG
+# Chromium IPC is not ported to Power,S/390 and Itanium (currently just x86,x86_64 and arm)
+ac_add_options --disable-ipc
+EOF
+%endif
make -f client.mk build
%install
@@ -505,7 +510,9 @@
%{_libdir}/xulrunner-%{version_internal}/add-plugins.sh
%{_libdir}/xulrunner-%{version_internal}/dependentlibs.list
%{_libdir}/xulrunner-%{version_internal}/mozilla-xremote-client
+%if %plugincontainer
%{_libdir}/xulrunner-%{version_internal}/plugin-container
+%endif
%{_libdir}/xulrunner-%{version_internal}/run-mozilla.sh
%{_libdir}/xulrunner-%{version_internal}/xulrunner
%{_libdir}/xulrunner-%{version_internal}/xulrunner-bin
++++++ create-tar.sh ++++++
--- /var/tmp/diff_new_pack.mJ4BUU/_old 2010-07-30 16:39:38.000000000 +0200
+++ /var/tmp/diff_new_pack.mJ4BUU/_new 2010-07-30 16:39:38.000000000 +0200
@@ -1,7 +1,7 @@
#!/bin/bash
-RELEASE_TAG="FIREFOX_3_6_6_RELEASE"
-VERSION="1.9.2.6"
+RELEASE_TAG="FIREFOX_3_6_8_RELEASE"
+VERSION="1.9.2.8"
# mozilla
hg clone http://hg.mozilla.org/releases/mozilla-1.9.2 mozilla
++++++ l10n-1.9.2.6.tar.bz2 -> l10n-1.9.2.8.tar.bz2 ++++++
mozilla-xulrunner192/l10n-1.9.2.6.tar.bz2 mozilla-xulrunner192/l10n-1.9.2.8.tar.bz2 differ: char 11, line 1
++++++ mozilla-cairo-lcd.patch ++++++
++++ 1296 lines (skipped)
++++++ mozilla-esd.patch ++++++
# HG changeset patch
# User Wolfgang Rosenauer
# Parent a93100d87cc9841c6e3e4b29a47bb7b91f23415f
Bug 579877 - sound output via libesd broken if no esound daemon running. r=karlt
diff --git a/widget/src/gtk2/nsSound.cpp b/widget/src/gtk2/nsSound.cpp
--- a/widget/src/gtk2/nsSound.cpp
+++ b/widget/src/gtk2/nsSound.cpp
@@ -52,36 +52,31 @@
#include "nsCOMPtr.h"
#include "nsAutoPtr.h"
#include "nsString.h"
#include
#include
#include
-/* used with esd_open_sound */
-static int esdref = -1;
static PRLibrary *elib = nsnull;
static PRLibrary *libcanberra = nsnull;
static PRLibrary* libasound = nsnull;
// the following from esd.h
#define ESD_BITS8 (0x0000)
#define ESD_BITS16 (0x0001)
#define ESD_MONO (0x0010)
#define ESD_STEREO (0x0020)
#define ESD_STREAM (0x0000)
#define ESD_PLAY (0x1000)
#define WAV_MIN_LENGTH 44
-typedef int (*EsdOpenSoundType)(const char *host);
-typedef int (*EsdCloseType)(int);
-
/* used to play the sounds from the find symbol call */
typedef int (*EsdPlayStreamType) (int, int, const char *, const char *);
typedef int (*EsdAudioOpenType) (void);
typedef int (*EsdAudioWriteType) (const void *, int);
typedef void (*EsdAudioCloseType) (void);
/* used to find and play common system event sounds.
this interfaces with libcanberra.
@@ -126,50 +121,30 @@ NS_IMPL_ISUPPORTS2(nsSound, nsISound, ns
////////////////////////////////////////////////////////////////////////
nsSound::nsSound()
{
mInited = PR_FALSE;
}
nsSound::~nsSound()
{
- if (esdref >= 0) {
- EsdCloseType EsdClose = (EsdCloseType) PR_FindFunctionSymbol(elib, "esd_close");
- if (EsdClose)
- (*EsdClose)(esdref);
- esdref = -1;
- }
}
NS_IMETHODIMP
nsSound::Init()
{
// This function is designed so that no library is compulsory, and
// one library missing doesn't cause the other(s) to not be used.
if (mInited)
return NS_OK;
mInited = PR_TRUE;
if (!elib) {
elib = PR_LoadLibrary("libesd.so.0");
- if (elib) {
- EsdOpenSoundType EsdOpenSound =
- (EsdOpenSoundType) PR_FindFunctionSymbol(elib, "esd_open_sound");
- if (!EsdOpenSound) {
- PR_UnloadLibrary(elib);
- elib = nsnull;
- } else {
- esdref = (*EsdOpenSound)("localhost");
- if (esdref < 0) {
- PR_UnloadLibrary(elib);
- elib = nsnull;
- }
- }
- }
}
if (!libasound) {
PRFuncPtr func = PR_FindFunctionSymbolAndLibrary("snd_lib_error_set_handler",
&libasound);
if (libasound) {
snd_lib_error_set_handler_fn snd_lib_error_set_handler =
(snd_lib_error_set_handler_fn) func;
++++++ mozilla-kde.patch ++++++
--- /var/tmp/diff_new_pack.mJ4BUU/_old 2010-07-30 16:39:38.000000000 +0200
+++ /var/tmp/diff_new_pack.mJ4BUU/_new 2010-07-30 16:39:38.000000000 +0200
@@ -541,15 +541,15 @@
+#include "nsKDEUtils.h"
+#endif
+
+ #ifdef XP_MACOSX
+ #include
+ #endif
+
#define DOWNLOAD_MANAGER_BUNDLE "chrome://mozapps/locale/downloads/downloads.properties"
#define DOWNLOAD_MANAGER_ALERT_ICON "chrome://mozapps/skin/downloads/downloadIcon.png"
#define PREF_BDM_SHOWALERTONCOMPLETE "browser.download.manager.showAlertOnComplete"
#define PREF_BDM_SHOWALERTINTERVAL "browser.download.manager.showAlertInterval"
- #define PREF_BDM_RETENTION "browser.download.manager.retention"
- #define PREF_BDM_QUITBEHAVIOR "browser.download.manager.quitBehavior"
- #define PREF_BDM_ADDTORECENTDOCS "browser.download.manager.addToRecentDocs"
- #define PREF_BDM_SCANWHENDONE "browser.download.manager.scanWhenDone"
-@@ -2158,16 +2162,25 @@ nsDownload::SetState(DownloadState aStat
+@@ -2162,16 +2166,25 @@ nsDownload::SetState(DownloadState aStat
nsCOMPtr<nsIPrefBranch> pref(do_GetService(NS_PREFSERVICE_CONTRACTID));
// Master pref to control this function.
@@ -575,7 +575,7 @@
PRInt64 goat = PR_Now() - mStartTime;
showTaskbarAlert = goat > alertIntervalUSec;
-@@ -2193,16 +2206,17 @@ nsDownload::SetState(DownloadState aStat
+@@ -2197,16 +2210,17 @@ nsDownload::SetState(DownloadState aStat
// because if it is, they'll click open the download manager and
// the items they downloaded will have been removed.
alerts->ShowAlertNotification(
@@ -586,7 +586,7 @@
}
+ } // end non-KDE block
}
- #if defined(XP_WIN) && !defined(WINCE)
+ #if (defined(XP_WIN) && !defined(WINCE)) || defined(XP_MACOSX)
nsCOMPtr<nsIFileURL> fileURL = do_QueryInterface(mTarget);
nsCOMPtr<nsIFile> file;
nsAutoString path;
++++++ mozilla-libproxy.patch ++++++
--- /var/tmp/diff_new_pack.mJ4BUU/_old 2010-07-30 16:39:38.000000000 +0200
+++ /var/tmp/diff_new_pack.mJ4BUU/_new 2010-07-30 16:39:38.000000000 +0200
@@ -6,7 +6,7 @@
diff --git a/config/autoconf.mk.in b/config/autoconf.mk.in
--- a/config/autoconf.mk.in
+++ b/config/autoconf.mk.in
-@@ -539,16 +539,20 @@ FT2_CFLAGS = @FT2_CFLAGS@
+@@ -542,16 +542,20 @@ FT2_CFLAGS = @FT2_CFLAGS@
FT2_LIBS = @FT2_LIBS@
MOZ_PANGO_CFLAGS = @MOZ_PANGO_CFLAGS@
@@ -30,7 +30,7 @@
diff --git a/config/system-headers b/config/system-headers
--- a/config/system-headers
+++ b/config/system-headers
-@@ -1013,8 +1013,11 @@ hunspell.hxx
+@@ -1013,11 +1013,14 @@ hunspell.hxx
#if MOZ_NATIVE_BZ2==1
bzlib.h
#endif
@@ -42,10 +42,13 @@
+#ifdef MOZ_ENABLE_LIBPROXY
+proxy.h
+#endif
+ #if MOZ_NATIVE_LIBEVENT==1
+ event.h
+ #endif
diff --git a/configure.in b/configure.in
--- a/configure.in
+++ b/configure.in
-@@ -5289,16 +5289,39 @@ then
+@@ -5325,16 +5325,39 @@ then
AC_DEFINE(MOZ_ENABLE_DBUS)
fi
fi
@@ -166,7 +169,7 @@
new file mode 100644
--- /dev/null
+++ b/toolkit/system/unixproxy/nsLibProxySettings.cpp
-@@ -0,0 +1,162 @@
+@@ -0,0 +1,167 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* ***** BEGIN LICENSE BLOCK *****
+ * Version: MPL 1.1/GPL 2.0/LGPL 2.1
@@ -185,7 +188,7 @@
+ *
+ * The Initial Developer of the Original Code is
+ * Wolfgang Rosenauer .
-+ * Portions created by the Initial Developer are Copyright (C) 2009
++ * Portions created by the Initial Developer are Copyright (C) 2010
+ * the Initial Developer. All Rights Reserved.
+ *
+ * Contributor(s):
@@ -221,17 +224,16 @@
+ NS_DECL_ISUPPORTS
+ NS_DECL_NSISYSTEMPROXYSETTINGS
+
-+ nsUnixSystemProxySettings() {}
++ nsUnixSystemProxySettings() { mProxyFactory = nsnull; }
+ nsresult Init();
+
+private:
+ ~nsUnixSystemProxySettings() {
-+ if (mProxyFactory)
-+ px_proxy_factory_free(mProxyFactory);
++ if (mProxyFactory)
++ px_proxy_factory_free(mProxyFactory);
+ }
+
+ pxProxyFactory *mProxyFactory;
-+ nsCOMPtr<nsIIOService> mIOService;
+};
+
+NS_IMPL_ISUPPORTS1(nsUnixSystemProxySettings, nsISystemProxySettings)
@@ -239,7 +241,6 @@
+nsresult
+nsUnixSystemProxySettings::Init()
+{
-+ mProxyFactory = nsnull;
+ return NS_OK;
+}
+
@@ -259,12 +260,10 @@
+ if (!mProxyFactory) {
+ mProxyFactory = px_proxy_factory_new();
+ }
-+ NS_ENSURE_TRUE(mProxyFactory, NS_ERROR_OUT_OF_MEMORY);
++ NS_ENSURE_TRUE(mProxyFactory, NS_ERROR_NOT_AVAILABLE);
+
-+ if (!mIOService) {
-+ mIOService = do_GetIOService();
-+ }
-+ NS_ENSURE_TRUE(mIOService, NS_ERROR_FAILURE);
++ nsCOMPtr<nsIIOService> ios = do_GetIOService(&rv);
++ NS_ENSURE_SUCCESS(rv, rv);
+
+ nsCAutoString spec;
+ rv = aURI->GetSpec(spec);
@@ -272,14 +271,18 @@
+
+ char **proxyArray = nsnull;
+ proxyArray = px_proxy_factory_get_proxies(mProxyFactory, (char*)(spec.get()));
-+ NS_ENSURE_TRUE(proxyArray, NS_ERROR_FAILURE);
++ NS_ENSURE_TRUE(proxyArray, NS_ERROR_NOT_AVAILABLE);
+
-+ // PAC string accepts
-+ // http, proxy, socks, socks4, socks5, direct, unknown
-+ // example: "PROXY proxy1.foo.com:8080; PROXY proxy2.foo.com:8080; DIRECT"
++ // Translate libproxy's output to PAC string as expected
++ // libproxy returns an array of proxies in the format:
++ // <procotol>://[username:password@]proxy:port
++ // or
++ // direct://
++ //
++ // PAC format: "PROXY proxy1.foo.com:8080; PROXY proxy2.foo.com:8080; DIRECT"
+ int c = 0;
+ while (proxyArray[c] != NULL) {
-+ if (c != 0) {
++ if (!aResult.IsEmpty()) {
+ aResult.AppendLiteral("; ");
+ }
+
@@ -288,11 +291,14 @@
+ nsXPIDLCString hostPortString;
+ nsCOMPtr<nsIURI> proxyURI;
+
-+ rv = mIOService->NewURI(nsDependentCString(proxyArray[c]),
-+ nsnull,
-+ nsnull,
-+ getter_AddRefs(proxyURI));
-+ NS_ENSURE_SUCCESS(rv, rv);
++ rv = ios->NewURI(nsDependentCString(proxyArray[c]),
++ nsnull,
++ nsnull,
++ getter_AddRefs(proxyURI));
++ if (NS_FAILED(rv)) {
++ c++;
++ continue;
++ }
+
+ proxyURI->GetScheme(schemeString);
+ if (NS_SUCCEEDED(proxyURI->SchemeIs("http", &isScheme)) && isScheme) {
@@ -309,7 +315,9 @@
+ c++;
+ }
+
-+//printf("returned PAC proxy string: %s\n", PromiseFlatCString(aResult).get());
++#ifdef DEBUG
++ printf("returned PAC proxy string: %s\n", PromiseFlatCString(aResult).get());
++#endif
+
+ PR_Free(proxyArray);
+ return NS_OK;
++++++ xulrunner-source-1.9.2.6.tar.bz2 -> xulrunner-source-1.9.2.8.tar.bz2 ++++++
mozilla-xulrunner192/xulrunner-source-1.9.2.6.tar.bz2 mozilla-xulrunner192/xulrunner-source-1.9.2.8.tar.bz2 differ: char 11, line 1
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org