Hello community, here is the log from the commit of package MozillaFirefox for openSUSE:Factory checked in at 2015-07-16 17:13:07 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old) and /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "MozillaFirefox" Changes: -------- --- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes 2015-06-09 12:24:08.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes 2015-07-16 17:13:09.000000000 +0200 @@ -1,0 +2,54 @@ +Wed Jul 1 06:43:02 UTC 2015 - [email protected] + +- update to Firefox 39.0 (bnc#935979) + * Share Hello URLs with social networks + * Support for 'switch' role in ARIA 1.1 (web accessibility) + * SafeBrowsing malware detection lookups enabled for downloads + (Mac OS X and Linux) + * Support for new Unicode 8.0 skin tone emoji + * Removed support for insecure SSLv3 for network communications + * Disable use of RC4 except for temporarily whitelisted hosts + * NPAPI Plug-in performance improved via asynchronous initialization + security fixes: + * MFSA 2015-59/CVE-2015-2724/CVE-2015-2725/CVE-2015-2726 + Miscellaneous memory safety hazards + * MFSA 2015-60/CVE-2015-2727 (bmo#1163422) + Local files or privileged URLs in pages can be opened into new tabs + * MFSA 2015-61/CVE-2015-2728 (bmo#1142210) + Type confusion in Indexed Database Manager + * MFSA 2015-62/CVE-2015-2729 (bmo#1122218) + Out-of-bound read while computing an oscillator rendering range in Web Audio + * MFSA 2015-63/CVE-2015-2731 (bmo#1149891) + Use-after-free in Content Policy due to microtask execution error + * MFSA 2015-64/CVE-2015-2730 (bmo#1125025) + ECDSA signature validation fails to handle some signatures correctly + (this fix is shipped by NSS 3.19.1 externally) + * MFSA 2015-65/CVE-2015-2722/CVE-2015-2733 (bmo#1166924, bmo#1169867) + Use-after-free in workers while using XMLHttpRequest + * MFSA 2015-66/CVE-2015-2734/CVE-2015-2735/CVE-2015-2736/CVE-2015-2737 + CVE-2015-2738/CVE-2015-2739/CVE-2015-2740 + Vulnerabilities found through code inspection + * MFSA 2015-67/CVE-2015-2741 (bmo#1147497) + Key pinning is ignored when overridable errors are encountered + * MFSA 2015-68/CVE-2015-2742 (bmo#1138669) + OS X crash reports may contain entered key press information + (not relevant under Linux) + * MFSA 2015-69/CVE-2015-2743 (bmo#1163109) + Privilege escalation in PDF.js + * MFSA 2015-70/CVE-2015-4000 (bmo#1138554) + NSS accepts export-length DHE keys with regular DHE cipher suites + (this fix is shipped by NSS 3.19.1 externally) + * MFSA 2015-71/CVE-2015-2721 (bmo#1086145) + NSS incorrectly permits skipping of ServerKeyExchange + (this fix is shipped by NSS 3.19.1 externally) +- dropped mozilla-prefer_plugin_pref.patch as this feature is + likely not worth maintaining further +- rebased patches +- require NSS 3.19.2 + +------------------------------------------------------------------- +Thu Jun 18 10:30:18 UTC 2015 - [email protected] + +- mozilla-arm64-libjpeg-turbo.patch: fix libjpeg-turbo configuration + +------------------------------------------------------------------- Old: ---- firefox-38.0.6-source.tar.xz l10n-38.0.6.tar.xz mozilla-prefer_plugin_pref.patch New: ---- firefox-39.0-source.tar.xz l10n-39.0.tar.xz mozilla-arm64-libjpeg-turbo.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ MozillaFirefox.spec ++++++ --- /var/tmp/diff_new_pack.UxfQzD/_old 2015-07-16 17:13:20.000000000 +0200 +++ /var/tmp/diff_new_pack.UxfQzD/_new 2015-07-16 17:13:20.000000000 +0200 @@ -18,10 +18,10 @@ # changed with every update -%define major 38 -%define mainver %major.0.6 +%define major 39 +%define mainver %major.0 %define update_channel release -%define releasedate 2015060500 +%define releasedate 2015063000 # general build definitions %if "%{update_channel}" != "aurora" @@ -77,7 +77,7 @@ BuildRequires: libproxy-devel BuildRequires: makeinfo BuildRequires: mozilla-nspr-devel >= 4.10.8 -BuildRequires: mozilla-nss-devel >= 3.18.1 +BuildRequires: mozilla-nss-devel >= 3.19.2 BuildRequires: nss-shared-helper-devel BuildRequires: python-devel BuildRequires: startup-notification-devel @@ -135,7 +135,6 @@ # Gecko/Toolkit Patch1: toolkit-download-folder.patch Patch2: mozilla-nongnome-proxies.patch -Patch3: mozilla-prefer_plugin_pref.patch Patch4: mozilla-shared-nss-db.patch Patch5: mozilla-kde.patch Patch6: mozilla-preferences.patch @@ -148,6 +147,7 @@ Patch14: mozilla-skia-be-le.patch Patch15: mozilla-bmo1005535.patch Patch16: mozilla-add-glibcxx_use_cxx11_abi.patch +Patch17: mozilla-arm64-libjpeg-turbo.patch # Firefox/browser Patch101: firefox-kde.patch Patch102: firefox-no-default-ualocale.patch @@ -250,7 +250,6 @@ cd $RPM_BUILD_DIR/mozilla %patch1 -p1 %patch2 -p1 -%patch3 -p1 %patch4 -p1 %patch5 -p1 %patch6 -p1 @@ -263,6 +262,7 @@ %patch14 -p1 %patch15 -p1 %patch16 -p1 +%patch17 -p1 # Firefox %patch101 -p1 %patch102 -p1 ++++++ compare-locales.tar.xz ++++++ ++++++ create-tar.sh ++++++ --- /var/tmp/diff_new_pack.UxfQzD/_old 2015-07-16 17:13:20.000000000 +0200 +++ /var/tmp/diff_new_pack.UxfQzD/_new 2015-07-16 17:13:20.000000000 +0200 @@ -2,8 +2,8 @@ CHANNEL="release" BRANCH="releases/mozilla-$CHANNEL" -RELEASE_TAG="FIREFOX_38_0_6_RELEASE" -VERSION="38.0.6" +RELEASE_TAG="FIREFOX_39_0_RELEASE" +VERSION="39.0" # mozilla if [ -d mozilla ]; then ++++++ firefox-38.0.6-source.tar.xz -> firefox-39.0-source.tar.xz ++++++ /work/SRC/openSUSE:Factory/MozillaFirefox/firefox-38.0.6-source.tar.xz /work/SRC/openSUSE:Factory/.MozillaFirefox.new/firefox-39.0-source.tar.xz differ: char 27, line 1 ++++++ firefox-kde.patch ++++++ --- /var/tmp/diff_new_pack.UxfQzD/_old 2015-07-16 17:13:20.000000000 +0200 +++ /var/tmp/diff_new_pack.UxfQzD/_new 2015-07-16 17:13:20.000000000 +0200 @@ -1,11 +1,11 @@ # HG changeset patch -# Parent 14be97741eabce611c291418a4c1774cae8b29ff +# Parent cd94ee18bd0cdda7f5eb5503d8d072efe02a8033 diff --git a/browser/base/content/browser-kde.xul b/browser/base/content/browser-kde.xul new file mode 100644 --- /dev/null +++ b/browser/base/content/browser-kde.xul -@@ -0,0 +1,1311 @@ +@@ -0,0 +1,1308 @@ +#filter substitution +<?xml version="1.0"?> +# -*- Mode: HTML -*- @@ -669,7 +669,7 @@ + setfocus="false" + tooltip="tabbrowser-tab-tooltip" + stopwatchid="FX_TAB_CLICK_MS"> -+ <tab class="tabbrowser-tab" selected="true" fadein="true"/> ++ <tab class="tabbrowser-tab" selected="true" visuallyselected="true" fadein="true"/> + </tabs> + + <toolbarbutton id="new-tab-button" @@ -1313,9 +1313,6 @@ +# starting with an empty iframe here in browser.xul from a Ts standpoint. +</deck> + -+<script type="application/javascript" src="chrome://browser/content/pocket/pktApi.js"/> -+<script type="application/javascript" src="chrome://browser/content/pocket/main.js"/> -+ +</window> diff --git a/browser/base/content/browser.xul b/browser/base/content/browser.xul --- a/browser/base/content/browser.xul ++++++ l10n-38.0.6.tar.xz -> l10n-39.0.tar.xz ++++++ /work/SRC/openSUSE:Factory/MozillaFirefox/l10n-38.0.6.tar.xz /work/SRC/openSUSE:Factory/.MozillaFirefox.new/l10n-39.0.tar.xz differ: char 27, line 1 ++++++ mozilla-arm64-libjpeg-turbo.patch ++++++ Index: mozilla/configure.in =================================================================== --- mozilla.orig/configure.in +++ mozilla/configure.in @@ -6241,7 +6241,7 @@ fi dnl If we're on an ARM system which supports libjpeg-turbo's asm routines and dnl --disable-libjpeg-turbo wasn't passed, use the C compiler as the assembler. -if test -n "$LIBJPEG_TURBO_ARM_ASM" ; then +if test -n "$LIBJPEG_TURBO_ARM_ASM" -o -n "$LIBJPEG_TURBO_ARM64_ASM" ; then echo "Using $AS as the assembler for ARM code." LIBJPEG_TURBO_AS=$AS fi @@ -6252,6 +6252,8 @@ elif test -n "$LIBJPEG_TURBO_X64_ASM"; t AC_DEFINE(LIBJPEG_TURBO_X64_ASM) elif test -n "$LIBJPEG_TURBO_ARM_ASM"; then AC_DEFINE(LIBJPEG_TURBO_ARM_ASM) +elif test -n "$LIBJPEG_TURBO_ARM64_ASM"; then + AC_DEFINE(LIBJPEG_TURBO_ARM64_ASM) elif test -n "$MOZ_LIBJPEG_TURBO"; then dnl Warn if we're not building the optimized routines, even though the user dnl didn't specify --disable-libjpeg-turbo. ++++++ mozilla-shared-nss-db.patch ++++++ --- /var/tmp/diff_new_pack.UxfQzD/_old 2015-07-16 17:13:20.000000000 +0200 +++ /var/tmp/diff_new_pack.UxfQzD/_new 2015-07-16 17:13:20.000000000 +0200 @@ -7,7 +7,7 @@ diff --git a/configure.in b/configure.in --- a/configure.in +++ b/configure.in -@@ -8207,16 +8207,31 @@ if test "$MOZ_ENABLE_SKIA"; then +@@ -8247,16 +8247,31 @@ if test "$MOZ_ENABLE_SKIA"; then MOZ_ENABLE_SKIA_GPU=1 AC_DEFINE(USE_SKIA_GPU) AC_SUBST(MOZ_ENABLE_SKIA_GPU) @@ -42,9 +42,9 @@ diff --git a/security/manager/ssl/src/moz.build b/security/manager/ssl/src/moz.build --- a/security/manager/ssl/src/moz.build +++ b/security/manager/ssl/src/moz.build -@@ -77,16 +77,19 @@ SOURCES += [ - 'nsNSSVersion.cpp', - 'PSMContentListener.cpp', +@@ -74,16 +74,19 @@ UNIFIED_SOURCES += [ + SOURCES += [ + 'nsNSSCertificateDB.cpp', ] LOCAL_INCLUDES += [ @@ -87,7 +87,7 @@ #include "nsAppDirectoryServiceDefs.h" #include "nsCertVerificationThread.h" #include "nsAppDirectoryServiceDefs.h" -@@ -996,17 +1003,31 @@ nsNSSComponent::InitializeNSS() +@@ -997,17 +1004,31 @@ nsNSSComponent::InitializeNSS() if (NS_FAILED(rv)) { nsPSMInitPanic::SetPanic(); return NS_ERROR_NOT_AVAILABLE; @@ -123,7 +123,7 @@ diff --git a/toolkit/library/moz.build b/toolkit/library/moz.build --- a/toolkit/library/moz.build +++ b/toolkit/library/moz.build -@@ -208,16 +208,18 @@ if CONFIG['MOZ_B2G_CAMERA']: +@@ -207,16 +207,18 @@ if CONFIG['MOZ_B2G_CAMERA'] and CONFIG[' 'stagefright_omx', ] ++++++ source-stamp.txt ++++++ --- /var/tmp/diff_new_pack.UxfQzD/_old 2015-07-16 17:13:20.000000000 +0200 +++ /var/tmp/diff_new_pack.UxfQzD/_new 2015-07-16 17:13:20.000000000 +0200 @@ -1,2 +1,2 @@ -REV=76f8f33b6577 +REV=d3b3e57e8088 REPO=http://hg.mozilla.org/releases/mozilla-release
