Hello community,
here is the log from the commit of package MozillaFirefox for openSUSE:Factory checked in at 2015-10-01 12:21:19
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old)
and /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "MozillaFirefox"
Changes:
--------
--- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes 2015-08-29 20:02:23.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes 2015-10-01 12:21:20.000000000 +0200
@@ -1,0 +2,50 @@
+Sat Sep 19 20:23:29 UTC 2015 - wr@rosenauer.org
+
+- update to Firefox 41.0 (bnc#947003)
+ * MFSA 2015-96/CVE-2015-4500/CVE-2015-4501
+ Miscellaneous memory safety hazards
+ * MFSA 2015-97/CVE-2015-4503 (bmo#994337)
+ Memory leak in mozTCPSocket to servers
+ * MFSA 2015-98/CVE-2015-4504 (bmo#1132467)
+ Out of bounds read in QCMS library with ICC V4 profile attributes
+ * MFSA 2015-99/CVE-2015-4476 (bmo#1162372) (Android only)
+ Site attribute spoofing on Android by pasting URL with unknown scheme
+ * MFSA 2015-100/CVE-2015-4505 (bmo#1177861) (Windows only)
+ Arbitrary file manipulation by local user through Mozilla updater
+ * MFSA 2015-101/CVE-2015-4506 (bmo#1192226)
+ Buffer overflow in libvpx while parsing vp9 format video
+ * MFSA 2015-102/CVE-2015-4507 (bmo#1192401)
+ Crash when using debugger with SavedStacks in JavaScript
+ * MFSA 2015-103/CVE-2015-4508 (bmo#1195976)
+ URL spoofing in reader mode
+ * MFSA 2015-104/CVE-2015-4510 (bmo#1200004)
+ Use-after-free with shared workers and IndexedDB
+ * MFSA 2015-105/CVE-2015-4511 (bmo#1200148)
+ Buffer overflow while decoding WebM video
+ * MFSA 2015-106/CVE-2015-4509 (bmo#1198435)
+ Use-after-free while manipulating HTML media content
+ * MFSA 2015-107/CVE-2015-4512 (bmo#1170390)
+ Out-of-bounds read during 2D canvas display on Linux 16-bit
+ color depth systems
+ * MFSA 2015-108/CVE-2015-4502 (bmo#1105045)
+ Scripted proxies can access inner window
+ * MFSA 2015-109/CVE-2015-4516 (bmo#904886)
+ JavaScript immutable property enforcement can be bypassed
+ * MFSA 2015-110/CVE-2015-4519 (bmo#1189814)
+ Dragging and dropping images exposes final URL after redirects
+ * MFSA 2015-111/CVE-2015-4520 (bmo#1200856, bmo#1200869)
+ Errors in the handling of CORS preflight request headers
+ * MFSA 2015-112/CVE-2015-4517/CVE-2015-4521/CVE-2015-4522/
+ CVE-2015-7174/CVE-2015-7175/CVE-2015-7176/CVE-2015-7177/
+ CVE-2015-7180
+ Vulnerabilities found through code inspection
+ * MFSA 2015-113/CVE-2015-7178/CVE-2015-7179 (bmo#1189860,
+ bmo#1190526) (Windows only)
+ Memory safety errors in libGLES in the ANGLE graphics library
+ * MFSA 2015-114 (bmo#1167498, bmo#1153672) (Windows only)
+ Information disclosure via the High Resolution Time API
+- rebased patches
+- removed obsolete patches
+ * mozilla-arm64-libjpeg-turbo.patch
+
+------------------------------------------------------------------
Old:
----
firefox-40.0.3-source.tar.xz
l10n-40.0.3.tar.xz
mozilla-arm64-libjpeg-turbo.patch
New:
----
firefox-41.0-source.tar.xz
l10n-41.0.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ MozillaFirefox.spec ++++++
--- /var/tmp/diff_new_pack.2lLGnJ/_old 2015-10-01 12:21:33.000000000 +0200
+++ /var/tmp/diff_new_pack.2lLGnJ/_new 2015-10-01 12:21:33.000000000 +0200
@@ -18,10 +18,10 @@
# changed with every update
-%define major 40
-%define mainver %major.0.3
+%define major 41
+%define mainver %major.0
%define update_channel release
-%define releasedate 2015082600
+%define releasedate 2015091800
# general build definitions
%if "%{update_channel}" != "aurora"
@@ -146,8 +146,7 @@
Patch12: mozilla-openaes-decl.patch
Patch14: mozilla-skia-be-le.patch
Patch15: mozilla-bmo1005535.patch
-Patch16: mozilla-arm64-libjpeg-turbo.patch
-Patch17: mozilla-no-stdcxx-check.patch
+Patch16: mozilla-no-stdcxx-check.patch
# Firefox/browser
Patch101: firefox-kde.patch
Patch102: firefox-no-default-ualocale.patch
@@ -261,7 +260,6 @@
%patch14 -p1
%patch15 -p1
%patch16 -p1
-%patch17 -p1
# Firefox
%patch101 -p1
%patch102 -p1
++++++ compare-locales.tar.xz ++++++
++++++ create-tar.sh ++++++
--- /var/tmp/diff_new_pack.2lLGnJ/_old 2015-10-01 12:21:33.000000000 +0200
+++ /var/tmp/diff_new_pack.2lLGnJ/_new 2015-10-01 12:21:33.000000000 +0200
@@ -2,8 +2,8 @@
CHANNEL="release"
BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_40_0_3_RELEASE"
-VERSION="40.0.3"
+RELEASE_TAG="FIREFOX_41_0_RELEASE"
+VERSION="41.0"
# mozilla
if [ -d mozilla ]; then
++++++ firefox-40.0.3-source.tar.xz -> firefox-41.0-source.tar.xz ++++++
/work/SRC/openSUSE:Factory/MozillaFirefox/firefox-40.0.3-source.tar.xz /work/SRC/openSUSE:Factory/.MozillaFirefox.new/firefox-41.0-source.tar.xz differ: char 26, line 1
++++++ firefox-kde.patch ++++++
--- /var/tmp/diff_new_pack.2lLGnJ/_old 2015-10-01 12:21:33.000000000 +0200
+++ /var/tmp/diff_new_pack.2lLGnJ/_new 2015-10-01 12:21:33.000000000 +0200
@@ -1,11 +1,11 @@
# HG changeset patch
-# Parent c6048238765dab77cd0c9a45e7afb1157316938b
+# Parent 8d1e0e3997402b94742eded6477abed4b559f373
diff --git a/browser/base/content/browser-kde.xul b/browser/base/content/browser-kde.xul
new file mode 100644
--- /dev/null
+++ b/browser/base/content/browser-kde.xul
-@@ -0,0 +1,1314 @@
+@@ -0,0 +1,1264 @@
+#filter substitution
+<?xml version="1.0"?>
+# -*- Mode: HTML -*-
@@ -17,6 +17,7 @@
+<?xml-stylesheet href="chrome://browser/content/browser.css" type="text/css"?>
+<?xml-stylesheet href="chrome://browser/content/places/places.css" type="text/css"?>
+<?xml-stylesheet href="chrome://browser/skin/devtools/common.css" type="text/css"?>
++<?xml-stylesheet href="chrome://browser/skin/controlcenter/panel.css" type="text/css"?>
+<?xml-stylesheet href="chrome://browser/skin/customizableui/panelUIOverlay.css" type="text/css"?>
+<?xml-stylesheet href="chrome://browser/skin/" type="text/css"?>
+<?xml-stylesheet href="chrome://browser/skin/browser-lightweightTheme.css" type="text/css"?>
@@ -159,7 +160,11 @@
+ work correctly on the menupopup. ContentSelectDropdown expects the
+ popuponly menulist to be its immediate parent. -->
+ <menulist popuponly="true" id="ContentSelectDropdown" hidden="true">
-+ <menupopup rolluponmousewheel="true"/>
++