Hello community,
here is the log from the commit of package xulrunner for openSUSE:Factory checked in at 2012-11-22 14:45:44
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/xulrunner (Old)
and /work/SRC/openSUSE:Factory/.xulrunner.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "xulrunner", Maintainer is "gnome-maintainers@suse.de"
Changes:
--------
--- /work/SRC/openSUSE:Factory/xulrunner/xulrunner.changes 2012-10-27 13:25:18.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.xulrunner.new/xulrunner.changes 2012-11-22 14:45:52.000000000 +0100
@@ -1,0 +2,42 @@
+Tue Nov 20 20:15:23 UTC 2012 - wr@rosenauer.org
+
+- update to 17.0 (bnc#790140)
+ * MFSA 2012-91/CVE-2012-5842/CVE-2012-5843
+ Miscellaneous memory safety hazards
+ * MFSA 2012-92/CVE-2012-4202 (bmo#758200)
+ Buffer overflow while rendering GIF images
+ * MFSA 2012-93/CVE-2012-4201 (bmo#747607)
+ evalInSanbox location context incorrectly applied
+ * MFSA 2012-94/CVE-2012-5836 (bmo#792857)
+ Crash when combining SVG text on path with CSS
+ * MFSA 2012-95/CVE-2012-4203 (bmo#765628)
+ Javascript: URLs run in privileged context on New Tab page
+ * MFSA 2012-96/CVE-2012-4204 (bmo#778603)
+ Memory corruption in str_unescape
+ * MFSA 2012-97/CVE-2012-4205 (bmo#779821)
+ XMLHttpRequest inherits incorrect principal within sandbox
+ * MFSA 2012-99/CVE-2012-4208 (bmo#798264)
+ XrayWrappers exposes chrome-only properties when not in chrome
+ compartment
+ * MFSA 2012-100/CVE-2012-5841 (bmo#805807)
+ Improper security filtering for cross-origin wrappers
+ * MFSA 2012-101/CVE-2012-4207 (bmo#801681)
+ Improper character decoding in HZ-GB-2312 charset
+ * MFSA 2012-102/CVE-2012-5837 (bmo#800363)
+ Script entered into Developer Toolbar runs with chrome privileges
+ * MFSA 2012-103/CVE-2012-4209 (bmo#792405)
+ Frames can shadow top.location
+ * MFSA 2012-104/CVE-2012-4210 (bmo#796866)
+ CSS and HTML injection through Style Inspector
+ * MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/
+ CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/
+ CVE-2012-4213/CVE-2012-4217/CVE-2012-4218
+ Use-after-free and buffer overflow issues found using Address
+ Sanitizer
+ * MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2012-5838
+ Use-after-free, buffer overflow, and memory corruption issues
+ found using Address Sanitizer
+- rebased patches
+- disabled WebRTC since build is broken (bmo#776877)
+
+-------------------------------------------------------------------
Old:
----
l10n-16.0.2.tar.bz2
xulrunner-16.0.2-source.tar.bz2
New:
----
l10n-17.0.tar.bz2
xulrunner-17.0-source.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ xulrunner.spec ++++++
--- /var/tmp/diff_new_pack.DaYday/_old 2012-11-22 14:46:01.000000000 +0100
+++ /var/tmp/diff_new_pack.DaYday/_new 2012-11-22 14:46:01.000000000 +0100
@@ -44,12 +44,12 @@
%endif
BuildRequires: mozilla-nspr-devel >= 4.9.2
BuildRequires: mozilla-nss-devel >= 3.13.6
-Version: 16.0.2
+Version: 17.0
Release: 0
-%define releasedate 2012102400
-%define version_internal 16.0.2
-%define apiversion 16
-%define uaweight 1600002
+%define releasedate 2012111600
+%define version_internal 17.0
+%define apiversion 17
+%define uaweight 1700000
Summary: Mozilla Runtime Environment
License: MPL-2.0
Group: Productivity/Other
@@ -243,6 +243,7 @@
ac_add_options --enable-system-hunspell
ac_add_options --enable-startup-notification
ac_add_options --enable-shared-js
+ac_add_options --disable-webrtc # does not build with system NSPR
#ac_add_options --enable-debug
EOF
%if %suse_version > 1130
@@ -313,6 +314,8 @@
-type f -perm -111 -exec chmod a-x {} \;
find $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/ \
-name "*.js" -o -name "*.xpm" -o -name "*.png" | xargs chmod a-x
+# remove mkdir.done files from installed base
+find $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal} -name ".mkdir.done" | xargs rm
mkdir -p $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/extensions
# fixing SDK dynamic libs (symlink instead of copy)
rm $RPM_BUILD_ROOT%{_libdir}/xulrunner-devel-%{version_internal}/sdk/lib/*.so
++++++ compare-locales.tar.bz2 ++++++
++++++ create-tar.sh ++++++
--- /var/tmp/diff_new_pack.DaYday/_old 2012-11-22 14:46:01.000000000 +0100
+++ /var/tmp/diff_new_pack.DaYday/_new 2012-11-22 14:46:01.000000000 +0100
@@ -2,8 +2,8 @@
CHANNEL="release"
BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_16_0_2_RELEASE"
-VERSION="16.0.2"
+RELEASE_TAG="FIREFOX_17_0_RELEASE"
+VERSION="17.0"
# mozilla
echo "cloning $BRANCH..."
++++++ l10n-16.0.2.tar.bz2 -> l10n-17.0.tar.bz2 ++++++
/work/SRC/openSUSE:Factory/xulrunner/l10n-16.0.2.tar.bz2 /work/SRC/openSUSE:Factory/.xulrunner.new/l10n-17.0.tar.bz2 differ: char 12, line 1
++++++ mozilla-ntlm-full-path.patch ++++++
--- /var/tmp/diff_new_pack.DaYday/_old 2012-11-22 14:46:01.000000000 +0100
+++ /var/tmp/diff_new_pack.DaYday/_new 2012-11-22 14:46:01.000000000 +0100
@@ -1,12 +1,12 @@
# HG changeset patch
# User Petr Cerny