Hello community, here is the log from the commit of package seamonkey for openSUSE:Factory checked in at 2015-03-18 13:06:50 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/seamonkey (Old) and /work/SRC/openSUSE:Factory/.seamonkey.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "seamonkey" Changes: -------- --- /work/SRC/openSUSE:Factory/seamonkey/seamonkey.changes 2015-01-20 12:39:04.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.seamonkey.new/seamonkey.changes 2015-03-18 13:07:22.000000000 +0100 @@ -1,0 +2,56 @@ +Mon Mar 16 08:48:08 UTC 2015 - [email protected] + +- update to SeaMonkey 2.33 (bnc#917597) + * MFSA 2015-11/CVE-2015-0835/CVE-2015-0836 + Miscellaneous memory safety hazards + * MFSA 2015-12/CVE-2015-0833 (bmo#945192) + Invoking Mozilla updater will load locally stored DLL files + (Windows only) + * MFSA 2015-13/CVE-2015-0832 (bmo#1065909) + Appended period to hostnames can bypass HPKP and HSTS protections + * MFSA 2015-14/CVE-2015-0830 (bmo#1110488) + Malicious WebGL content crash when writing strings + * MFSA 2015-15/CVE-2015-0834 (bmo#1098314) + TLS TURN and STUN connections silently fail to simple TCP connections + * MFSA 2015-16/CVE-2015-0831 (bmo#1130514) + Use-after-free in IndexedDB + * MFSA 2015-17/CVE-2015-0829 (bmo#1128939) + Buffer overflow in libstagefright during MP4 video playback + * MFSA 2015-18/CVE-2015-0828 (bmo#1030667, bmo#988675) + Double-free when using non-default memory allocators with a + zero-length XHR + * MFSA 2015-19/CVE-2015-0827 (bmo#1117304) + Out-of-bounds read and write while rendering SVG content + * MFSA 2015-20/CVE-2015-0826 (bmo#1092363) + Buffer overflow during CSS restyling + * MFSA 2015-21/CVE-2015-0825 (bmo#1092370) + Buffer underflow during MP3 playback + * MFSA 2015-22/CVE-2015-0824 (bmo#1095925) + Crash using DrawTarget in Cairo graphics library + * MFSA 2015-23/CVE-2015-0823 (bmo#1098497) + Use-after-free in Developer Console date with OpenType Sanitiser + * MFSA 2015-24/CVE-2015-0822 (bmo#1110557) + Reading of local files through manipulation of form autocomplete + * MFSA 2015-25/CVE-2015-0821 (bmo#1111960) + Local files or privileged URLs in pages can be opened into new tabs + * MFSA 2015-26/CVE-2015-0819 (bmo#1079554) + UI Tour whitelisted sites in background tab can spoof foreground + tabs + * MFSA 2015-27CVE-2015-0820 (bmo#1125398) + Caja Compiler JavaScript sandbox bypass +- rebased patches +- requires NSS 3.17.4 +- removed obsolete seamonkey-fix-signed-char.patch +- mozilla-xremote-client was removed upstream + +------------------------------------------------------------------- +Sat Feb 7 09:52:07 UTC 2015 - [email protected] + +- update to SeaMonkey 2.32.1 + * fixed MailNews feeds not updating + * fixed selected profile in Profile Manager not remembered + * fixed opening a bookmark folder in tabs on Linux + * fixed Troubleshooting Information (about:support) with the + Modern theme + +------------------------------------------------------------------- Old: ---- l10n-2.32.tar.bz2 seamonkey-2.32-source.tar.bz2 seamonkey-fix-signed-char.patch New: ---- l10n-2.33.tar.bz2 seamonkey-2.33-source.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ seamonkey.spec ++++++ --- /var/tmp/diff_new_pack.H3NyTH/_old 2015-03-18 13:07:31.000000000 +0100 +++ /var/tmp/diff_new_pack.H3NyTH/_new 2015-03-18 13:07:31.000000000 +0100 @@ -1,7 +1,7 @@ # # spec file for package seamonkey # -# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # 2006-2015 Wolfgang Rosenauer # # All modifications and additions to the file contributed by third parties @@ -60,9 +60,9 @@ %endif Provides: web_browser Provides: browser(npapi) -Version: 2.32 +Version: 2.33 Release: 0 -%define releasedate 2015011400 +%define releasedate 2015030600 Summary: The successor of the Mozilla Application Suite License: MPL-2.0 Group: Productivity/Networking/Web/Browsers @@ -88,7 +88,6 @@ Patch12: mozilla-openaes-decl.patch Patch13: mozilla-fix-prototype.patch Patch100: seamonkey-ua-locale.patch -Patch101: seamonkey-fix-signed-char.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build PreReq: /bin/sh coreutils Provides: seamonkey-mail = %{version} @@ -116,7 +115,7 @@ # so using %opensuse_bs is secure for now BuildRequires: mozilla-nspr-devel >= 4.10.7 PreReq: mozilla-nspr >= %(rpm -q --queryformat '%{VERSION}' mozilla-nspr) -BuildRequires: mozilla-nss-devel >= 3.17.2 +BuildRequires: mozilla-nss-devel >= 3.17.4 PreReq: mozilla-nss >= %(rpm -q --queryformat '%{VERSION}' mozilla-nss) %description @@ -198,7 +197,6 @@ popd # comm patches %patch100 -p1 -%patch101 -p1 %build # no need to add build time to binaries @@ -408,7 +406,7 @@ %{progdir}/chrome.manifest %{progdir}/dependentlibs.list %{progdir}/*.so -%{progdir}/mozilla-xremote-client +#%{progdir}/mozilla-xremote-client %{progdir}/omni.ja %{progdir}/platform.ini %{progdir}/plugin-container ++++++ compare-locales.tar.bz2 ++++++ ++++++ create-tar.sh ++++++ --- /var/tmp/diff_new_pack.H3NyTH/_old 2015-03-18 13:07:31.000000000 +0100 +++ /var/tmp/diff_new_pack.H3NyTH/_new 2015-03-18 13:07:31.000000000 +0100 @@ -2,8 +2,8 @@ CHANNEL="release" BRANCH="releases/comm-$CHANNEL" -RELEASE_TAG="SEAMONKEY_2_32_RELEASE" -VERSION="2.32" +RELEASE_TAG="SEAMONKEY_2_33_RELEASE" +VERSION="2.33" echo "cloning $BRANCH..." hg clone http://hg.mozilla.org/$BRANCH seamonkey ++++++ l10n-2.32.tar.bz2 -> l10n-2.33.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/seamonkey/l10n-2.32.tar.bz2 /work/SRC/openSUSE:Factory/.seamonkey.new/l10n-2.33.tar.bz2 differ: char 11, line 1 ++++++ mozilla-shared-nss-db.patch ++++++ --- /var/tmp/diff_new_pack.H3NyTH/_old 2015-03-18 13:07:31.000000000 +0100 +++ /var/tmp/diff_new_pack.H3NyTH/_new 2015-03-18 13:07:31.000000000 +0100 @@ -7,7 +7,7 @@ diff --git a/configure.in b/configure.in --- a/configure.in +++ b/configure.in -@@ -8302,16 +8302,31 @@ if test "$MOZ_ENABLE_SKIA"; then +@@ -8268,16 +8268,31 @@ if test "$MOZ_ENABLE_SKIA"; then MOZ_ENABLE_SKIA_GPU=1 AC_DEFINE(USE_SKIA_GPU) AC_SUBST(MOZ_ENABLE_SKIA_GPU) @@ -42,26 +42,26 @@ diff --git a/security/manager/ssl/src/moz.build b/security/manager/ssl/src/moz.build --- a/security/manager/ssl/src/moz.build +++ b/security/manager/ssl/src/moz.build -@@ -95,16 +95,19 @@ FAIL_ON_WARNINGS = True - - FINAL_LIBRARY = 'xul' +@@ -77,16 +77,19 @@ SOURCES += [ + 'nsNSSVersion.cpp', + 'PSMContentListener.cpp', + ] LOCAL_INCLUDES += [ - '../../../certverifier', - '../../../pkix/include', + '/security/manager/boot/src', ] +CXXFLAGS += sorted(CONFIG['NSSHELPER_CFLAGS']) +OS_LIBS += sorted(CONFIG['NSSHELPER_LIBS']) + - if CONFIG['NSS_DISABLE_DBM']: - DEFINES['NSS_DISABLE_DBM'] = '1' - - DEFINES['SSL_DISABLE_DEPRECATED_CIPHER_SUITE_NAMES'] = 'True' - DEFINES['NSS_ENABLE_ECC'] = 'True' - for var in ('DLL_PREFIX', 'DLL_SUFFIX'): - DEFINES[var] = '"%s"' % CONFIG[var] + if not CONFIG['MOZ_NO_SMART_CARDS']: + UNIFIED_SOURCES += [ + 'nsSmartCardMonitor.cpp', + ] + if CONFIG['MOZ_XUL']: + UNIFIED_SOURCES += [ + 'nsCertTree.cpp', diff --git a/security/manager/ssl/src/nsNSSComponent.cpp b/security/manager/ssl/src/nsNSSComponent.cpp --- a/security/manager/ssl/src/nsNSSComponent.cpp +++ b/security/manager/ssl/src/nsNSSComponent.cpp @@ -87,7 +87,7 @@ #include "nsCertVerificationThread.h" #include "nsAppDirectoryServiceDefs.h" #include "nsComponentManagerUtils.h" -@@ -945,17 +952,31 @@ nsNSSComponent::InitializeNSS() +@@ -986,17 +993,31 @@ nsNSSComponent::InitializeNSS() if (NS_FAILED(rv)) { nsPSMInitPanic::SetPanic(); return NS_ERROR_NOT_AVAILABLE; @@ -123,7 +123,7 @@ diff --git a/toolkit/library/moz.build b/toolkit/library/moz.build --- a/toolkit/library/moz.build +++ b/toolkit/library/moz.build -@@ -213,16 +213,18 @@ if CONFIG['MOZ_B2G_CAMERA']: +@@ -208,16 +208,18 @@ if CONFIG['MOZ_B2G_CAMERA']: 'stagefright_omx', ] ++++++ seamonkey-2.32-source.tar.bz2 -> seamonkey-2.33-source.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/seamonkey/seamonkey-2.32-source.tar.bz2 /work/SRC/openSUSE:Factory/.seamonkey.new/seamonkey-2.33-source.tar.bz2 differ: char 11, line 1 -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
