Hello community, here is the log from the commit of package MozillaFirefox for openSUSE:Factory checked in at 2016-08-12 15:35:01 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old) and /work/SRC/openSUSE:Factory/.MozillaFirefox.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "MozillaFirefox" Changes: -------- --- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes 2016-07-27 16:08:48.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new/MozillaFirefox.changes 2016-08-12 15:35:03.000000000 +0200 @@ -1,0 +2,81 @@ +Fri Aug 5 13:47:12 UTC 2016 - [email protected] + +- Fix for possible buffer overrun (bsc#990856) + CVE-2016-6354 (bmo#1292534) + [mozilla-flex_buffer_overrun.patch] + +------------------------------------------------------------------- +Wed Aug 3 03:38:47 UTC 2016 - [email protected] + +- Update mozilla-gtk3_20.patch to latest version from Fedora. + +------------------------------------------------------------------- +Mon Aug 1 12:37:05 UTC 2016 - [email protected] + +- update to Firefox 48.0 (boo#991809) + * requires NSS 3.24 + * Process separation (e10s) is enabled for some of you + * Add-ons that have not been verified and signed by Mozilla will not load + * WebRTC embetterments + * The media parser has been redeveloped using the Rust programming + language + * better Canvas performance with speedy Skia support + security fixes: + * MFSA 2016-62/CVE-2016-2835/CVE-2016-2836 + Miscellaneous memory safety hazards + * MFSA 2016-63/CVE-2016-2830 (bmo#1255270) + Favicon network connection can persist when page is closed + * MFSA 2016-64/CVE-2016-2838 (bmo#1279814) + Buffer overflow rendering SVG with bidirectional content + * MFSA 2016-65/CVE-2016-2839 (bmo#1275339) + Cairo rendering crash due to memory allocation issue with FFmpeg 0.10 + * MFSA 2016-66/CVE-2016-5251 (bmo#1255570) + Location bar spoofing via data URLs with malformed/invalid mediatypes + * MFSA 2016-67/CVE-2016-5252 (bmo#1268854) + Stack underflow during 2D graphics rendering + * MFSA 2016-68/CVE-2016-0718 (bmo#1236923) + Out-of-bounds read during XML parsing in Expat library + * MFSA 2016-69/CVE-2016-5253 (bmo#1246944) + Arbitrary file manipulation by local user through Mozilla updater + and callback application path parameter (Windows-only) + * MFSA 2016-70/CVE-2016-5254 (bmo#1266963) + Use-after-free when using alt key and toplevel menus + * MFSA 2016-71/CVE-2016-5255 (bmo#1212356) + Crash in incremental garbage collection in JavaScript + * MFSA 2016-72/CVE-2016-5258 (bmo#1279146) + Use-after-free in DTLS during WebRTC session shutdown + * MFSA 2016-73/CVE-2016-5259 (bmo#1282992) + Use-after-free in service workers with nested sync events + * MFSA 2016-74/CVE-2016-5260 (bmo#1280294) + Form input type change from password to text can store plain + text password in session restore file + * MFSA 2016-75/CVE-2016-5261 (bmo#1287266) + Integer overflow in WebSockets during data buffering + * MFSA 2016-76/CVE-2016-5262 (bmo#1277475) + Scripts on marquee tag can execute in sandboxed iframes + * MFSA 2016-77/CVE-2016-2837 (bmo#1274637) + Buffer overflow in ClearKey Content Decryption Module (CDM) + during video playback + * MFSA 2016-78/CVE-2016-5263 (bmo#1276897) + Type confusion in display transformation + * MFSA 2016-79/CVE-2016-5264 (bmo#1286183) + Use-after-free when applying SVG effects + * MFSA 2016-80/CVE-2016-5265 (bmo#1278013) + Same-origin policy violation using local HTML file and saved shortcut file + * MFSA 2016-81/CVE-2016-5266 (bmo#1226977) + Information disclosure and local file manipulation through drag and drop + * MFSA 2016-82/CVE-2016-5267 (bmo#1284372) + Addressbar spoofing with right-to-left characters on Firefox for Android + (Android only) + * MFSA 2016-83/CVE-2016-5268 (bmo#1253673) + Spoofing attack through text injection into internal error pages + * MFSA 2016-84/CVE-2016-5250 (bmo#1254688) + Information disclosure through Resource Timing API during page navigation +- removed obsolete mozilla-gcc6.patch + +------------------------------------------------------------------- +Fri Jul 29 01:26:13 UTC 2016 - [email protected] + +- Update description and screenshots in appdata.xml file. + +------------------------------------------------------------------- Old: ---- firefox-47.0.1-source.tar.xz l10n-47.0.1.tar.xz mozilla-gcc6.patch New: ---- firefox-48.0-source.tar.xz l10n-48.0.tar.xz mozilla-flex_buffer_overrun.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ MozillaFirefox.spec ++++++ --- /var/tmp/diff_new_pack.A3qkPk/_old 2016-08-12 15:35:17.000000000 +0200 +++ /var/tmp/diff_new_pack.A3qkPk/_new 2016-08-12 15:35:17.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package MozillaFirefox # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX Products GmbH, Nuernberg, Germany. # 2006-2016 Wolfgang Rosenauer # # All modifications and additions to the file contributed by third parties @@ -18,10 +18,10 @@ # changed with every update -%define major 47 -%define mainver %major.0.1 +%define major 48 +%define mainver %major.0 %define update_channel release -%define releasedate 20160628000000 +%define releasedate 20160730000000 # PIE, full relro (x86_64 for now) %define build_hardened 1 @@ -75,7 +75,7 @@ BuildRequires: libproxy-devel BuildRequires: makeinfo BuildRequires: mozilla-nspr-devel >= 4.12 -BuildRequires: mozilla-nss-devel >= 3.23 +BuildRequires: mozilla-nss-devel >= 3.24 BuildRequires: nss-shared-helper-devel BuildRequires: python-devel BuildRequires: startup-notification-devel @@ -146,7 +146,6 @@ Patch11: mozilla-reduce-files-per-UnifiedBindings.patch Patch12: mozilla-gtk3_20.patch Patch13: mozilla-check_return.patch -Patch14: mozilla-gcc6.patch Patch15: mozilla-exclude-nametablecpp.patch Patch16: mozilla-aarch64-48bit-va.patch Patch17: mozilla-binutils-visibility.patch @@ -154,6 +153,9 @@ Patch101: firefox-kde.patch Patch102: firefox-no-default-ualocale.patch Patch103: firefox-branded-icons.patch +# hotfix +Patch150: mozilla-flex_buffer_overrun.patch + BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires(post): coreutils shared-mime-info desktop-file-utils Requires(postun): shared-mime-info desktop-file-utils @@ -262,7 +264,6 @@ %patch12 -p1 %endif %patch13 -p1 -%patch14 -p1 %patch15 -p1 %patch16 -p1 %patch17 -p1 @@ -270,6 +271,7 @@ %patch101 -p1 %patch102 -p1 %patch103 -p1 +%patch150 -p1 %build # no need to add build time to binaries @@ -322,10 +324,6 @@ mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/../obj . \$topsrcdir/browser/config/mozconfig ac_add_options --prefix=%{_prefix} -ac_add_options --libdir=%{_libdir} -ac_add_options --sysconfdir=%{_sysconfdir} -ac_add_options --mandir=%{_mandir} -ac_add_options --includedir=%{_includedir} ac_add_options --enable-release %if 0%{?firefox_use_gtk3} ac_add_options --enable-default-toolkit=cairo-gtk3 @@ -580,7 +578,6 @@ %dir %{progdir}/gtk2 %{progdir}/gtk2/libmozgtk.so %endif -%{progdir}/webapprt/ %{progdir}/gmp-clearkey/ %attr(755,root,root) %{progdir}/%{progname}.sh %{progdir}/firefox @@ -588,10 +585,10 @@ %{progdir}/application.ini %{progdir}/dependentlibs.list %{progdir}/*.so +%{progdir}/icudt56l.dat %{progdir}/omni.ja %{progdir}/platform.ini %{progdir}/plugin-container -%{progdir}/webapprt-stub %if %crashreporter %{progdir}/crashreporter %{progdir}/crashreporter.ini ++++++ compare-locales.tar.xz ++++++ ++++++ create-tar.sh ++++++ --- /var/tmp/diff_new_pack.A3qkPk/_old 2016-08-12 15:35:17.000000000 +0200 +++ /var/tmp/diff_new_pack.A3qkPk/_new 2016-08-12 15:35:17.000000000 +0200 @@ -1,14 +1,14 @@ #!/bin/bash # TODO -# http://ftp.mozilla.org/pub/firefox/candidates/46.0-candidates/build5/linux-x86_64/en-US/firefox-46.0.json -# "moz_source_stamp": "078baf501b55eaa47f3b189fda4dd28dae1fa257" -# http://ftp.mozilla.org/pub/firefox/candidates/46.0-candidates/build5/l10n_changesets.txt +# http://ftp.mozilla.org/pub/firefox/candidates/48.0-candidates/build2/linux-x86_64/en-US/firefox-48.0.json +# "moz_source_stamp": "c1de04f39fa956cfce83f6065b0e709369215ed5" +# http://ftp.mozilla.org/pub/firefox/candidates/48.0-candidates/build2/l10n_changesets.txt CHANNEL="release" BRANCH="releases/mozilla-$CHANNEL" -RELEASE_TAG="FIREFOX_47_0_1_RELEASE" -VERSION="47.0.1" +RELEASE_TAG="c1de04f39fa956cfce83f6065b0e709369215ed5" +VERSION="48.0" # mozilla if [ -d mozilla ]; then ++++++ firefox-47.0.1-source.tar.xz -> firefox-48.0-source.tar.xz ++++++ /work/SRC/openSUSE:Factory/MozillaFirefox/firefox-47.0.1-source.tar.xz /work/SRC/openSUSE:Factory/.MozillaFirefox.new/firefox-48.0-source.tar.xz differ: char 26, line 1 ++++++ firefox-appdata.xml ++++++ --- /var/tmp/diff_new_pack.A3qkPk/_old 2016-08-12 15:35:17.000000000 +0200 +++ /var/tmp/diff_new_pack.A3qkPk/_new 2016-08-12 15:35:17.000000000 +0200 @@ -4,19 +4,45 @@ so maintain a stub in here. --> -<application> +<component> <id type="desktop">firefox.desktop</id> <metadata_license>CC0-1.0</metadata_license> + <name>Firefox Web Browser</name> + <project_license>MPL-2.0</project_license> + <summary>Mozilla Firefox Web Browser</summary> + <url type="homepage">http://www.mozilla.org/</url> <description> - <p> - Mozilla Firefox is a standalone web browser, designed for standards - compliance and performance. Its functionality can be enhanced via a - plethora of addons. - </p> + <p>Mozilla Firefox is a standalone web browser, designed for privacy, security, standards +compliance and performance. Its functionality can be enhanced via a plethora of extensions.</p> + <p>Firefox makes your daily web browsing fun and easy with a number of features, including:</p> + <ul> + <li>Tabbed browsing</li> + <li>Private browsing including do-not-track enabled by default</li> + <li>Advanced phishing and malware protection</li> + <li>Spell checking</li> + <li>Incremental find within pages</li> + <li>Live bookmarking and Smart Bookmarks</li> + <li>Download manager</li> + <li>Location-aware browsing</li> + <li>Compliant with modern web standards</li> + <li>Modern web development tools</li> + <li>Available in a wide number of locales</li> + <li>A thriving ecosystem of themes and extensions at https://addons.mozilla.org</li> + </ul> </description> - <url type="homepage">https://www.mozilla.org/firefox/</url> <screenshots> - <screenshot type="default">https://addons.cdn.mozilla.net/user-media/previews/full/159/159648.png</screenshot> + <screenshot type="default"> + <image height="800" width="1280">https://support.cdn.mozilla.net/media/uploads/gallery/images/2015-05-20-16-04-21-88bff4.png</image> + <caption>New tab page with speed dials</caption> + </screenshot> + <screenshot> + <image height="439" width="620">https://support.cdn.mozilla.net/media/uploads/gallery/images/2015-12-22-15-15-05-3c0a80.png</image> + <caption>Search suggestions from home page</caption> + </screenshot> + <screenshot> + <image height="394" width="700">https://addons.cdn.mozilla.net/user-media/previews/full/159/159648.png</image> + <caption>Firefox with Adwaita theme</caption> + </screenshot> </screenshots> -</application> - + <update_contact>[email protected]</update_contact> +</component> ++++++ firefox-branded-icons.patch ++++++ --- /var/tmp/diff_new_pack.A3qkPk/_old 2016-08-12 15:35:17.000000000 +0200 +++ /var/tmp/diff_new_pack.A3qkPk/_new 2016-08-12 15:35:17.000000000 +0200 @@ -1,42 +1,17 @@ # HG changeset patch # Parent e0751ad74e835e80041a61ea00c2a63bf6fbe2de -# Parent a5764b0a088418fdbf4b774a8ff2745cc99f6706 +# Parent 2bffb52e07b587a6c755d67c6fc971fed6509783 -diff --git a/browser/app/Makefile.in b/browser/app/Makefile.in ---- a/browser/app/Makefile.in -+++ b/browser/app/Makefile.in -@@ -55,16 +55,21 @@ GARBAGE += $(addprefix $(FINAL_TARGET)/d - endif - - ifdef MOZ_WIDGET_GTK - libs:: - $(INSTALL) $(IFLAGS1) $(DIST)/branding/mozicon128.png $(FINAL_TARGET)/icons - $(INSTALL) $(IFLAGS1) $(DIST)/branding/default16.png $(FINAL_TARGET)/chrome/icons/default - $(INSTALL) $(IFLAGS1) $(DIST)/branding/default32.png $(FINAL_TARGET)/chrome/icons/default - $(INSTALL) $(IFLAGS1) $(DIST)/branding/default48.png $(FINAL_TARGET)/chrome/icons/default -+ifdef MOZ_OFFICIAL_BRANDING -+ $(INSTALL) $(IFLAGS1) $(DIST)/branding/default22.png $(FINAL_TARGET)/chrome/icons/default -+ $(INSTALL) $(IFLAGS1) $(DIST)/branding/default24.png $(FINAL_TARGET)/chrome/icons/default -+ $(INSTALL) $(IFLAGS1) $(DIST)/branding/default256.png $(FINAL_TARGET)/chrome/icons/default -+endif - endif - - # channel-prefs.js is handled separate from other prefs due to bug 756325 - libs:: $(srcdir)/profile/channel-prefs.js - $(NSINSTALL) -D $(DIST)/bin/defaults/pref - $(call py_action,preprocessor,-Fsubstitution $(PREF_PPFLAGS) $(ACDEFINES) $^ -o $(DIST)/bin/defaults/pref/channel-prefs.js) - - ifeq (cocoa,$(MOZ_WIDGET_TOOLKIT)) diff --git a/browser/branding/branding-common.mozbuild b/browser/branding/branding-common.mozbuild --- a/browser/branding/branding-common.mozbuild +++ b/browser/branding/branding-common.mozbuild -@@ -34,12 +34,15 @@ def FirefoxBranding(): +@@ -34,18 +34,24 @@ def FirefoxBranding(): 'disk.icns', 'document.icns', 'dsstore', 'firefox.icns', ] - elif CONFIG['MOZ_WIDGET_GTK']: + elif 'gtk' in CONFIG['MOZ_WIDGET_TOOLKIT']: BRANDING_FILES += [ 'default16.png', + 'default22.png', @@ -46,10 +21,19 @@ 'default48.png', 'mozicon128.png', ] + FINAL_TARGET_FILES.icons += ['mozicon128.png'] + FINAL_TARGET_FILES.chrome.icons.default += [ + 'default16.png', ++ 'default22.png', ++ 'default24.png', ++ 'default256.png', + 'default32.png', + 'default48.png', + ] diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in --- a/browser/installer/package-manifest.in +++ b/browser/installer/package-manifest.in -@@ -664,18 +664,21 @@ +@@ -650,18 +650,21 @@ @RESPATH@/browser/extensions/{972ce4c6-7e08-4474-a285-3208198ce6fd}/icon.png @RESPATH@/browser/extensions/{972ce4c6-7e08-4474-a285-3208198ce6fd}/install.rdf @RESPATH@/chrome/toolkit@JAREXT@ ++++++ firefox-kde.patch ++++++ --- /var/tmp/diff_new_pack.A3qkPk/_old 2016-08-12 15:35:17.000000000 +0200 +++ /var/tmp/diff_new_pack.A3qkPk/_new 2016-08-12 15:35:17.000000000 +0200 @@ -1,11 +1,11 @@ # HG changeset patch -# Parent 4311c6bdf61ac317bc60b25cd89ff67662a75049 +# Parent 07e419c2bbc63c486d25fd8ce117abd10e9ebdba diff --git a/browser/base/content/browser-kde.xul b/browser/base/content/browser-kde.xul new file mode 100644 --- /dev/null +++ b/browser/base/content/browser-kde.xul -@@ -0,0 +1,1160 @@ +@@ -0,0 +1,1174 @@ +#filter substitution +<?xml version="1.0"?> +# -*- Mode: HTML -*- @@ -148,7 +148,12 @@ + <panel type="autocomplete" id="PopupSearchAutoComplete" noautofocus="true" hidden="true"/> + + <!-- for url bar autocomplete --> -+ <panel type="autocomplete-richlistbox" id="PopupAutoCompleteRichResult" noautofocus="true" hidden="true"> ++ <panel type="autocomplete-richlistbox" ++ id="PopupAutoCompleteRichResult" ++ noautofocus="true" ++ hidden="true" ++ flip="none" ++ level="parent"> +#ifdef NIGHTLY_BUILD + <hbox id="urlbar-search-footer" flex="1" align="stretch" pack="end"> + <button id="urlbar-search-settings" label="&changeSearchSettings.button;" @@ -177,7 +182,6 @@ + + <panel id="editBookmarkPanel" + type="arrow" -+ footertype="promobox" + orient="vertical" + ignorekeys="true" + hidden="true" @@ -228,16 +232,14 @@ + orient="vertical" + role="alert"> + <vbox> -+ <hbox pack="end"> -+ <toolbarbutton id="UITourTooltipClose" class="close-icon" -+ tooltiptext="&uiTour.infoPanel.close;"/> -+ </hbox> + <hbox id="UITourTooltipBody"> -+ <vbox id="UITourTooltipIconContainer"> -+ <image id="UITourTooltipIcon"/> -+ </vbox> ++ <image id="UITourTooltipIcon"/> + <vbox flex="1"> -+ <label id="UITourTooltipTitle" flex="1"/> ++ <hbox id="UITourTooltipTitleContainer"> ++ <label id="UITourTooltipTitle" flex="1"/> ++ <toolbarbutton id="UITourTooltipClose" class="close-icon" ++ tooltiptext="&uiTour.infoPanel.close;"/> ++ </hbox> + <description id="UITourTooltipDescription" flex="1"/> + </vbox> + </hbox> @@ -469,12 +471,25 @@ + onpopupshowing="UpdateDynamicShortcutTooltipText(this);"/> + + <menupopup id="SyncedTabsSidebarContext"> -+ <menuitem label="&syncedTabs.context.openTab.label;" -+ accesskey="&syncedTabs.context.openTab.accesskey;" -+ id="syncedTabsOpenSelected"/> ++ <menuitem label="&syncedTabs.context.open.label;" ++ accesskey="&syncedTabs.context.open.accesskey;" ++ id="syncedTabsOpenSelected" where="current"/> ++ <menuitem label="&syncedTabs.context.openInNewTab.label;" ++ accesskey="&syncedTabs.context.openInNewTab.accesskey;" ++ id="syncedTabsOpenSelectedInTab" where="tab"/> ++ <menuitem label="&syncedTabs.context.openInNewWindow.label;" ++ accesskey="&syncedTabs.context.openInNewWindow.accesskey;" ++ id="syncedTabsOpenSelectedInWindow" where="window"/> ++ <menuitem label="&syncedTabs.context.openInNewPrivateWindow.label;" ++ accesskey="&syncedTabs.context.openInNewPrivateWindow.accesskey;" ++ id="syncedTabsOpenSelectedInPrivateWindow" where="window" private="true"/> ++ <menuseparator/> + <menuitem label="&syncedTabs.context.bookmarkSingleTab.label;" + accesskey="&syncedTabs.context.bookmarkSingleTab.accesskey;" + id="syncedTabsBookmarkSelected"/> ++ <menuitem label="&syncedTabs.context.copy.label;" ++ accesskey="&syncedTabs.context.copy.accesskey;" ++ id="syncedTabsCopySelected"/> + <menuseparator/> + <menuitem label="&syncSyncNowItem.label;" + accesskey="&syncSyncNowItem.accesskey;" @@ -684,7 +699,7 @@ + <textbox id="urlbar" flex="1" + placeholder="&urlbar.placeholder2;" + type="autocomplete" -+ autocompletesearch="urlinline history" ++ autocompletesearch="unifiedcomplete" + autocompletesearchparam="enable-actions" + autocompletepopup="PopupAutoCompleteRichResult" + completeselectedindex="true" @@ -693,7 +708,7 @@ + showcommentcolumn="true" + showimagecolumn="true" + enablehistory="true" -+ maxrows="6" ++ maxrows="10" + newlines="stripsurroundingwhitespace" + ontextentered="this.handleCommand(param);" + ontextreverted="return this.handleRevert();" @@ -713,8 +728,6 @@ + aria-label="&urlbar.loginFillNotificationAnchor.label;"/> + <image id="password-notification-icon" class="notification-anchor-icon" role="button" + aria-label="&urlbar.passwordNotificationAnchor.label;"/> -+ <image id="webapps-notification-icon" class="notification-anchor-icon" role="button" -+ aria-label="&urlbar.webappsNotificationAnchor.label;"/> + <image id="plugins-notification-icon" class="notification-anchor-icon" role="button" + aria-label="&urlbar.pluginsNotificationAnchor.label;"/> + <image id="web-notifications-notification-icon" class="notification-anchor-icon" role="button" @@ -865,7 +878,7 @@ + </menu> + <menu id="BMB_unsortedBookmarks" + class="menu-iconic bookmark-item subviewbutton" -+ label="&bookmarksMenuButton.unsorted.label;" ++ label="&bookmarksMenuButton.other.label;" + container="true"> + <menupopup id="BMB_unsortedBookmarksPopup" + placespopup="true" @@ -887,7 +900,8 @@ + <!-- This is a placeholder for the Downloads Indicator. It is visible + during the customization of the toolbar, in the palette, and before + the Downloads Indicator overlay is loaded. --> -+ <toolbarbutton id="downloads-button" class="toolbarbutton-1 chromeclass-toolbar-additional" ++ <toolbarbutton id="downloads-button" ++ class="toolbarbutton-1 chromeclass-toolbar-additional badged-button" + key="key_openDownloads" + oncommand="DownloadsIndicatorView.onCommand(event);" + ondrop="DownloadsIndicatorView.onDrop(event);" @@ -1169,7 +1183,7 @@ diff --git a/browser/base/jar.mn b/browser/base/jar.mn --- a/browser/base/jar.mn +++ b/browser/base/jar.mn -@@ -71,16 +71,18 @@ browser.jar: +@@ -69,16 +69,18 @@ browser.jar: content/browser/aboutTabCrashed.css (content/aboutTabCrashed.css) content/browser/aboutTabCrashed.js (content/aboutTabCrashed.js) content/browser/aboutTabCrashed.xhtml (content/aboutTabCrashed.xhtml) @@ -1185,9 +1199,9 @@ content/browser/browser-customization.js (content/browser-customization.js) content/browser/browser-data-submission-info-bar.js (content/browser-data-submission-info-bar.js) content/browser/browser-devedition.js (content/browser-devedition.js) - content/browser/browser-eme.js (content/browser-eme.js) content/browser/browser-feeds.js (content/browser-feeds.js) content/browser/browser-fullScreen.js (content/browser-fullScreen.js) + content/browser/browser-fullZoom.js (content/browser-fullZoom.js) diff --git a/browser/components/build/nsModule.cpp b/browser/components/build/nsModule.cpp --- a/browser/components/build/nsModule.cpp +++ b/browser/components/build/nsModule.cpp @@ -1311,11 +1325,11 @@ SOURCES += [ 'nsMacShellService.cpp', ] - elif CONFIG['MOZ_WIDGET_GTK']: + elif 'gtk' in CONFIG['MOZ_WIDGET_TOOLKIT']: SOURCES += [ 'nsGNOMEShellService.cpp', -+ 'nsKDEShellService.cpp', -+ 'nsUnixShellService.cpp', ++ 'nsKDEShellService.cpp', ++ 'nsUnixShellService.cpp', ] if SOURCES: @@ -1617,7 +1631,7 @@ diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in --- a/browser/installer/package-manifest.in +++ b/browser/installer/package-manifest.in -@@ -697,16 +697,17 @@ +@@ -689,16 +689,17 @@ @RESPATH@/greprefs.js @RESPATH@/defaults/autoconfig/prefcalls.js @RESPATH@/browser/defaults/permissions ++++++ firefox-no-default-ualocale.patch ++++++ --- /var/tmp/diff_new_pack.A3qkPk/_old 2016-08-12 15:35:17.000000000 +0200 +++ /var/tmp/diff_new_pack.A3qkPk/_new 2016-08-12 15:35:17.000000000 +0200 @@ -1,13 +1,13 @@ # HG changeset patch # User Wolfgang Rosenauer <[email protected]> # Parent 099312626f5f7c9cb5573a61d0230574ee12a660 -# Parent 8015dc2ad5992bfc7d33091fc92edf18ea220a89 +# Parent b692fb539e9d0641ff557cb4b984b5e211aec572 Do not overwrite the locale dynamic pref from xulrunner's all.js with a wrong default value diff --git a/browser/app/profile/firefox.js b/browser/app/profile/firefox.js --- a/browser/app/profile/firefox.js +++ b/browser/app/profile/firefox.js -@@ -216,17 +216,17 @@ pref("browser.uitour.readerViewTrigger", +@@ -240,17 +240,17 @@ pref("browser.uitour.readerViewTrigger", pref("browser.uitour.surveyDuration", 7200); pref("browser.customizemode.tip0.shown", false); ++++++ l10n-47.0.1.tar.xz -> l10n-48.0.tar.xz ++++++ /work/SRC/openSUSE:Factory/MozillaFirefox/l10n-47.0.1.tar.xz /work/SRC/openSUSE:Factory/.MozillaFirefox.new/l10n-48.0.tar.xz differ: char 25, line 1 ++++++ l10n_changesets.txt ++++++ --- /var/tmp/diff_new_pack.A3qkPk/_old 2016-08-12 15:35:17.000000000 +0200 +++ /var/tmp/diff_new_pack.A3qkPk/_new 2016-08-12 15:35:17.000000000 +0200 @@ -1,92 +1,92 @@ ach 9a0c8e338b70 -af 431e02c10881 -an fe436c75f71d -ar bbcf06888dc5 -as 8313f975ae77 -ast 0300b60cd340 -az db362112cd4d +af 9347b8c9ba47 +an 1ecc480527e8 +ar ac8018039f0f +as 39c28ddc51af +ast 719f95e0804a +az 58d1d9f5ebc6 be b72077740aac bg 9f7507dd2b92 bn-BD 1dac94619464 bn-IN a2ea6b87d80d -br e4c45f737a88 +br d36eef485e1f bs cfee6f5b1e50 ca 55814ed0a2ee -cak 244b8a568146 -cs a98b5d34950d -cy 02a8a09a2a24 -da 1976f45a00fb -de 69c491b3e8dd -dsb 60185ee5350d +cak 318aec440030 +cs 76c75ca48864 +cy 927c83f85620 +da f1eafef10b33 +de 3d5d819eedd7 +dsb 91c722147298 el 22b959c9a739 -en-GB ac4d309f11aa +en-GB 595e192dd7a4 en-ZA 52a936eeeea1 -eo 9402e7dc1816 -es-AR d3e6fdb0980e -es-CL 247114b95260 -es-ES 05251e5fad44 +eo 1928e5a7ee7d +es-AR 4c9cfef714f5 +es-CL c34f36c5864f +es-ES d069f54e79f2 es-MX 198b582408f2 -et ecae9df9c92a -eu 5b00fd411da4 +et 0568132def4f +eu 4a534a844d9b fa c64ea222eb3a ff 8373353b43c4 -fi 485cd6730972 -fr 262385fe83a0 -fy-NL d133532b4a76 -ga-IE 2217b283ff59 -gd 664cfe62d15b +fi 4133735f9efd +fr 94568a74633b +fy-NL c001da131ecd +ga-IE 1665e942f19f +gd b4f76dd70e9a gl c869caff337a gn 65b2894520b6 gu-IN 6245b4309461 -he 2d122d643e0b +he 1a14924e99aa hi-IN bba2a926e4f8 hr 5e68406d5630 -hsb ed7044697b0a -hu ea25586b7644 +hsb a9ba140dbbf2 +hu d78bc92a737a hy-AM 723627d1c0a4 id d84757c01f40 -is 0b19292ab8a3 -it 9ada32a4f24b -ja 6374f9dd3854 -ja-JP-mac 28d0060377c0 -kk 58b2a6152124 +is e45ec009a0fc +it f04290f688b9 +ja 7546335099a5 +ja-JP-mac 9ecf2e1d8ea0 +kk 188c4eac0a48 km 339790840ac1 kn a7e2c93d27ad -ko 4c2bafb385f3 +ko cbaf8af7159e lij e9113fac3a93 -lt 64c104a758bf +lt 70491a0f5ef0 lv 918ea0cd0aca mai ce010a305377 mk ffdf2a789185 ml 1b85d75836cd -mr 943d62e6e06d +mr a6fa1813c5c9 ms 41bbf86ac0d9 -nb-NO bee48c9ea2d4 -nl 3bdea753600d -nn-NO 1deb8231f357 +nb-NO 5155fd334299 +nl c6d2a72aec88 +nn-NO 3569b6691b3b or febd1b04dbfc pa-IN 6c5ed1be55fb -pl c9e8c3b4977c +pl 19563918fa48 pt-BR ba6e3510ab03 -pt-PT 89d85625e259 +pt-PT 258b18a5c29b rm 5c20929daf23 ro b1baa279bda4 -ru 2248b98b11c2 +ru 622cafa42a39 si 03a3b09a2203 -sk b1a81bf66ed4 +sk 342049b6b66a sl 6079300745a1 -son 3ae9a4ff0453 +son d135d14fa4ea sq bc47aefcea37 -sr 93d5749016bd -sv-SE 711ed419239c -ta f9dbc2cca1fb +sr 2b6454805bc1 +sv-SE 44ab4d9a6718 +ta 17f88001ad3b te 286ff9885ea2 -th d630f05d665f -tr 4c05084f5ef2 -uk 6b23f6bb9dcb +th b7e1170de8c9 +tr 13c52b19c0a1 +uk c84dad1572cf uz 1209fe62df1c vi 68ce305343a3 xh 8466fb6c8797 -zh-CN bedbf795f45e -zh-TW 8a8fcc28bce0 +zh-CN 693cfbea8412 +zh-TW 380aaa88dbf5 ++++++ mozilla-flex_buffer_overrun.patch ++++++ # HG changeset patch # Parent c8e8364b303892fdb5a574b96411d2d8f699a15e Patch lexical parser files generated by flex which may be potentially exploitable in a buffer overrun. These seem to come from an upstream projects (CMU Sphinx and ANGLE) so it should be fixed there in the first place. CVE-2016-6354 https://bugzilla.suse.com/show_bug.cgi?id=990856 diff --git a/gfx/angle/src/compiler/preprocessor/Tokenizer.cpp b/gfx/angle/src/compiler/preprocessor/Tokenizer.cpp --- a/gfx/angle/src/compiler/preprocessor/Tokenizer.cpp +++ b/gfx/angle/src/compiler/preprocessor/Tokenizer.cpp @@ -1375,17 +1375,17 @@ static int yy_get_next_buffer (yyscan_t if ( YY_CURRENT_BUFFER_LVALUE->yy_buffer_status == YY_BUFFER_EOF_PENDING ) /* don't do the read, it's not guaranteed to return an EOF, * just force an EOF */ YY_CURRENT_BUFFER_LVALUE->yy_n_chars = yyg->yy_n_chars = 0; else { - yy_size_t num_to_read = + int num_to_read = YY_CURRENT_BUFFER_LVALUE->yy_buf_size - number_to_move - 1; while ( num_to_read <= 0 ) { /* Not enough room in the buffer - grow it. */ /* just a shorter name for the current buffer */ YY_BUFFER_STATE b = YY_CURRENT_BUFFER_LVALUE; diff --git a/gfx/angle/src/compiler/translator/glslang_lex.cpp b/gfx/angle/src/compiler/translator/glslang_lex.cpp --- a/gfx/angle/src/compiler/translator/glslang_lex.cpp +++ b/gfx/angle/src/compiler/translator/glslang_lex.cpp @@ -2269,17 +2269,17 @@ static int yy_get_next_buffer (yyscan_t if ( YY_CURRENT_BUFFER_LVALUE->yy_buffer_status == YY_BUFFER_EOF_PENDING ) /* don't do the read, it's not guaranteed to return an EOF, * just force an EOF */ YY_CURRENT_BUFFER_LVALUE->yy_n_chars = yyg->yy_n_chars = 0; else { - yy_size_t num_to_read = + int num_to_read = YY_CURRENT_BUFFER_LVALUE->yy_buf_size - number_to_move - 1; while ( num_to_read <= 0 ) { /* Not enough room in the buffer - grow it. */ /* just a shorter name for the current buffer */ YY_BUFFER_STATE b = YY_CURRENT_BUFFER_LVALUE; diff --git a/media/sphinxbase/src/libsphinxbase/lm/jsgf_scanner.c b/media/sphinxbase/src/libsphinxbase/lm/jsgf_scanner.c --- a/media/sphinxbase/src/libsphinxbase/lm/jsgf_scanner.c +++ b/media/sphinxbase/src/libsphinxbase/lm/jsgf_scanner.c @@ -1242,17 +1242,17 @@ static int yy_get_next_buffer (yyscan_t if ( YY_CURRENT_BUFFER_LVALUE->yy_buffer_status == YY_BUFFER_EOF_PENDING ) /* don't do the read, it's not guaranteed to return an EOF, * just force an EOF */ YY_CURRENT_BUFFER_LVALUE->yy_n_chars = yyg->yy_n_chars = 0; else { - yy_size_t num_to_read = + int num_to_read = YY_CURRENT_BUFFER_LVALUE->yy_buf_size - number_to_move - 1; while ( num_to_read <= 0 ) { /* Not enough room in the buffer - grow it. */ /* just a shorter name for the current buffer */ YY_BUFFER_STATE b = YY_CURRENT_BUFFER_LVALUE; ++++++ mozilla-gtk3_20.patch ++++++ ++++ 3710 lines (skipped) ++++ between /work/SRC/openSUSE:Factory/MozillaFirefox/mozilla-gtk3_20.patch ++++ and /work/SRC/openSUSE:Factory/.MozillaFirefox.new/mozilla-gtk3_20.patch ++++++ mozilla-kde.patch ++++++ --- /var/tmp/diff_new_pack.A3qkPk/_old 2016-08-12 15:35:17.000000000 +0200 +++ /var/tmp/diff_new_pack.A3qkPk/_new 2016-08-12 15:35:17.000000000 +0200 @@ -1,5 +1,5 @@ # HG changeset patch -# Parent d153e2141b97a77b90ba0b9befe2d80330dcd472 +# Parent 972c67cdd5dd4463abbee60036b686d4cb78e616 Description: Add KDE integration to Firefox (toolkit parts) Author: Wolfgang Rosenauer <[email protected]> Author: Lubos Lunak <[email protected]> @@ -27,7 +27,7 @@ #include "prefread.h" #include "prefapi_private_data.h" -@@ -1138,16 +1139,34 @@ pref_LoadPrefsInDir(nsIFile* aDir, char +@@ -1145,16 +1146,34 @@ pref_LoadPrefsInDir(nsIFile* aDir, char static nsresult pref_LoadPrefsInDirList(const char *listId) { @@ -62,7 +62,7 @@ return NS_OK; bool hasMore; -@@ -1163,17 +1182,17 @@ static nsresult pref_LoadPrefsInDirList( +@@ -1170,17 +1189,17 @@ static nsresult pref_LoadPrefsInDirList( nsAutoCString leaf; path->GetNativeLeafName(leaf); @@ -81,7 +81,7 @@ { nsZipItemPtr<char> manifest(jarReader, name, true); NS_ENSURE_TRUE(manifest.Buffer(), NS_ERROR_NOT_AVAILABLE); -@@ -1267,24 +1286,36 @@ static nsresult pref_InitInitialObjects( +@@ -1274,24 +1293,36 @@ static nsresult pref_InitInitialObjects( /* these pref file names should not be used: we process them after all other application pref files for backwards compatibility */ static const char* specialFiles[] = { #if defined(XP_MACOSX) @@ -187,7 +187,7 @@ diff --git a/toolkit/components/downloads/moz.build b/toolkit/components/downloads/moz.build --- a/toolkit/components/downloads/moz.build +++ b/toolkit/components/downloads/moz.build -@@ -64,15 +64,16 @@ if not CONFIG['MOZ_SUITE']: +@@ -60,15 +60,16 @@ if not CONFIG['MOZ_SUITE']: 'nsDownloadManagerUI.js', 'nsDownloadManagerUI.manifest', ] @@ -2296,7 +2296,7 @@ 'nsNativeAppSupportQt.cpp', 'nsQAppInstance.cpp', ] - elif CONFIG['MOZ_ENABLE_GTK']: + elif 'gtk' in CONFIG['MOZ_WIDGET_TOOLKIT']: + EXPORTS += ['nsKDEUtils.h'] UNIFIED_SOURCES += [ + 'nsKDEUtils.cpp', @@ -2715,11 +2715,11 @@ osdir + '/nsOSHelperAppService.cpp', ] - if CONFIG['MOZ_ENABLE_GTK']: + if 'gtk' in CONFIG['MOZ_WIDGET_TOOLKIT']: UNIFIED_SOURCES += [ + 'unix/nsCommonRegistry.cpp', 'unix/nsGNOMERegistry.cpp', -+ 'unix/nsKDERegistry.cpp', ++ 'unix/nsKDERegistry.cpp', 'unix/nsMIMEInfoUnix.cpp', ] elif CONFIG['MOZ_WIDGET_TOOLKIT'] == 'android': @@ -3164,7 +3164,7 @@ diff --git a/widget/gtk/moz.build b/widget/gtk/moz.build --- a/widget/gtk/moz.build +++ b/widget/gtk/moz.build -@@ -86,16 +86,17 @@ else: +@@ -90,16 +90,17 @@ else: include('/ipc/chromium/chromium-config.mozbuild') FINAL_LIBRARY = 'xul' @@ -3684,7 +3684,7 @@ + '/toolkit/xre' ] - if CONFIG['MOZ_WIDGET_GTK']: + if 'gtk' in CONFIG['MOZ_WIDGET_TOOLKIT']: CXXFLAGS += CONFIG['TK_CFLAGS'] diff --git a/xpcom/io/nsLocalFileUnix.cpp b/xpcom/io/nsLocalFileUnix.cpp --- a/xpcom/io/nsLocalFileUnix.cpp ++++++ mozilla-shared-nss-db.patch ++++++ --- /var/tmp/diff_new_pack.A3qkPk/_old 2016-08-12 15:35:17.000000000 +0200 +++ /var/tmp/diff_new_pack.A3qkPk/_new 2016-08-12 15:35:17.000000000 +0200 @@ -7,7 +7,7 @@ diff --git a/old-configure.in b/old-configure.in --- a/old-configure.in +++ b/old-configure.in -@@ -8187,16 +8187,31 @@ if test "$MOZ_ENABLE_SKIA"; then +@@ -6495,16 +6495,31 @@ if test "$MOZ_ENABLE_SKIA"; then AC_DEFINE(USE_SKIA_GPU) AC_SUBST(MOZ_ENABLE_SKIA_GPU) fi @@ -42,26 +42,26 @@ diff --git a/security/manager/ssl/moz.build b/security/manager/ssl/moz.build --- a/security/manager/ssl/moz.build +++ b/security/manager/ssl/moz.build -@@ -160,16 +160,19 @@ UNIFIED_SOURCES += [ - FINAL_LIBRARY = 'xul' +@@ -159,16 +159,19 @@ if CONFIG['MOZ_XUL']: + ] - LOCAL_INCLUDES += [ - '/dom/base', - '/security/certverifier', - '/security/pkix/include', + UNIFIED_SOURCES += [ + 'md4.c', ] + FINAL_LIBRARY = 'xul' + +CXXFLAGS += sorted(CONFIG['NSSHELPER_CFLAGS']) +OS_LIBS += sorted(CONFIG['NSSHELPER_LIBS']) + LOCAL_INCLUDES += [ - '!/dist/public/nss', + '/dom/base', + '/dom/crypto', + '/security/certverifier', + '/security/pkix/include', ] - if CONFIG['NSS_DISABLE_DBM']: - DEFINES['NSS_DISABLE_DBM'] = '1' - - DEFINES['SSL_DISABLE_DEPRECATED_CIPHER_SUITE_NAMES'] = 'True' + LOCAL_INCLUDES += [ diff --git a/security/manager/ssl/nsNSSComponent.cpp b/security/manager/ssl/nsNSSComponent.cpp --- a/security/manager/ssl/nsNSSComponent.cpp +++ b/security/manager/ssl/nsNSSComponent.cpp @@ -83,11 +83,11 @@ #include "ExtendedValidation.h" #include "NSSCertDBTrustDomain.h" + #include "ScopedNSSTypes.h" #include "SharedSSLState.h" - #include "mozilla/Preferences.h" - #include "mozilla/PublicSSL.h" - #include "mozilla/Services.h" -@@ -1017,17 +1024,31 @@ nsNSSComponent::InitializeNSS() + #include "cert.h" + #include "certdb.h" +@@ -1491,17 +1498,31 @@ nsNSSComponent::InitializeNSS() return rv; } } @@ -133,11 +133,11 @@ +OS_LIBS += sorted(CONFIG['NSSHELPER_LIBS']) + - if CONFIG['MOZ_NATIVE_JPEG']: + if CONFIG['MOZ_SYSTEM_JPEG']: OS_LIBS += CONFIG['MOZ_JPEG_LIBS'] - if CONFIG['MOZ_NATIVE_PNG']: + if CONFIG['MOZ_SYSTEM_PNG']: OS_LIBS += CONFIG['MOZ_PNG_LIBS'] - if CONFIG['MOZ_NATIVE_HUNSPELL']: + if CONFIG['MOZ_SYSTEM_HUNSPELL']: OS_LIBS += CONFIG['MOZ_HUNSPELL_LIBS'] ++++++ source-stamp.txt ++++++ --- /var/tmp/diff_new_pack.A3qkPk/_old 2016-08-12 15:35:18.000000000 +0200 +++ /var/tmp/diff_new_pack.A3qkPk/_new 2016-08-12 15:35:18.000000000 +0200 @@ -1,2 +1,2 @@ -REV=7f5abf95991b +REV=c1de04f39fa9 REPO=http://hg.mozilla.org/releases/mozilla-release
