Hello community, here is the log from the commit of package xulrunner for openSUSE:Factory checked in at 2012-11-22 14:45:44 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/xulrunner (Old) and /work/SRC/openSUSE:Factory/.xulrunner.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "xulrunner", Maintainer is "[email protected]" Changes: -------- --- /work/SRC/openSUSE:Factory/xulrunner/xulrunner.changes 2012-10-27 13:25:18.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.xulrunner.new/xulrunner.changes 2012-11-22 14:45:52.000000000 +0100 @@ -1,0 +2,42 @@ +Tue Nov 20 20:15:23 UTC 2012 - [email protected] + +- update to 17.0 (bnc#790140) + * MFSA 2012-91/CVE-2012-5842/CVE-2012-5843 + Miscellaneous memory safety hazards + * MFSA 2012-92/CVE-2012-4202 (bmo#758200) + Buffer overflow while rendering GIF images + * MFSA 2012-93/CVE-2012-4201 (bmo#747607) + evalInSanbox location context incorrectly applied + * MFSA 2012-94/CVE-2012-5836 (bmo#792857) + Crash when combining SVG text on path with CSS + * MFSA 2012-95/CVE-2012-4203 (bmo#765628) + Javascript: URLs run in privileged context on New Tab page + * MFSA 2012-96/CVE-2012-4204 (bmo#778603) + Memory corruption in str_unescape + * MFSA 2012-97/CVE-2012-4205 (bmo#779821) + XMLHttpRequest inherits incorrect principal within sandbox + * MFSA 2012-99/CVE-2012-4208 (bmo#798264) + XrayWrappers exposes chrome-only properties when not in chrome + compartment + * MFSA 2012-100/CVE-2012-5841 (bmo#805807) + Improper security filtering for cross-origin wrappers + * MFSA 2012-101/CVE-2012-4207 (bmo#801681) + Improper character decoding in HZ-GB-2312 charset + * MFSA 2012-102/CVE-2012-5837 (bmo#800363) + Script entered into Developer Toolbar runs with chrome privileges + * MFSA 2012-103/CVE-2012-4209 (bmo#792405) + Frames can shadow top.location + * MFSA 2012-104/CVE-2012-4210 (bmo#796866) + CSS and HTML injection through Style Inspector + * MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/ + CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/ + CVE-2012-4213/CVE-2012-4217/CVE-2012-4218 + Use-after-free and buffer overflow issues found using Address + Sanitizer + * MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2012-5838 + Use-after-free, buffer overflow, and memory corruption issues + found using Address Sanitizer +- rebased patches +- disabled WebRTC since build is broken (bmo#776877) + +------------------------------------------------------------------- Old: ---- l10n-16.0.2.tar.bz2 xulrunner-16.0.2-source.tar.bz2 New: ---- l10n-17.0.tar.bz2 xulrunner-17.0-source.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ xulrunner.spec ++++++ --- /var/tmp/diff_new_pack.DaYday/_old 2012-11-22 14:46:01.000000000 +0100 +++ /var/tmp/diff_new_pack.DaYday/_new 2012-11-22 14:46:01.000000000 +0100 @@ -44,12 +44,12 @@ %endif BuildRequires: mozilla-nspr-devel >= 4.9.2 BuildRequires: mozilla-nss-devel >= 3.13.6 -Version: 16.0.2 +Version: 17.0 Release: 0 -%define releasedate 2012102400 -%define version_internal 16.0.2 -%define apiversion 16 -%define uaweight 1600002 +%define releasedate 2012111600 +%define version_internal 17.0 +%define apiversion 17 +%define uaweight 1700000 Summary: Mozilla Runtime Environment License: MPL-2.0 Group: Productivity/Other @@ -243,6 +243,7 @@ ac_add_options --enable-system-hunspell ac_add_options --enable-startup-notification ac_add_options --enable-shared-js +ac_add_options --disable-webrtc # does not build with system NSPR #ac_add_options --enable-debug EOF %if %suse_version > 1130 @@ -313,6 +314,8 @@ -type f -perm -111 -exec chmod a-x {} \; find $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/ \ -name "*.js" -o -name "*.xpm" -o -name "*.png" | xargs chmod a-x +# remove mkdir.done files from installed base +find $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal} -name ".mkdir.done" | xargs rm mkdir -p $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/extensions # fixing SDK dynamic libs (symlink instead of copy) rm $RPM_BUILD_ROOT%{_libdir}/xulrunner-devel-%{version_internal}/sdk/lib/*.so ++++++ compare-locales.tar.bz2 ++++++ ++++++ create-tar.sh ++++++ --- /var/tmp/diff_new_pack.DaYday/_old 2012-11-22 14:46:01.000000000 +0100 +++ /var/tmp/diff_new_pack.DaYday/_new 2012-11-22 14:46:01.000000000 +0100 @@ -2,8 +2,8 @@ CHANNEL="release" BRANCH="releases/mozilla-$CHANNEL" -RELEASE_TAG="FIREFOX_16_0_2_RELEASE" -VERSION="16.0.2" +RELEASE_TAG="FIREFOX_17_0_RELEASE" +VERSION="17.0" # mozilla echo "cloning $BRANCH..." ++++++ l10n-16.0.2.tar.bz2 -> l10n-17.0.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/xulrunner/l10n-16.0.2.tar.bz2 /work/SRC/openSUSE:Factory/.xulrunner.new/l10n-17.0.tar.bz2 differ: char 12, line 1 ++++++ mozilla-ntlm-full-path.patch ++++++ --- /var/tmp/diff_new_pack.DaYday/_old 2012-11-22 14:46:01.000000000 +0100 +++ /var/tmp/diff_new_pack.DaYday/_new 2012-11-22 14:46:01.000000000 +0100 @@ -1,12 +1,12 @@ # HG changeset patch # User Petr Cerny <[email protected]> -# Parent 4f5fe2278cd5cff898ad762457312f60a7e82a67 +# Parent 7308e4a7c1f769f4bbbc90870b849cadd99495a6 Bug 634334 - call to the ntlm_auth helper fails diff --git a/extensions/auth/nsAuthSambaNTLM.cpp b/extensions/auth/nsAuthSambaNTLM.cpp --- a/extensions/auth/nsAuthSambaNTLM.cpp +++ b/extensions/auth/nsAuthSambaNTLM.cpp -@@ -168,17 +168,17 @@ static PRUint8* ExtractMessage(const nsA +@@ -168,17 +168,17 @@ static uint8_t* ExtractMessage(const nsA nsresult nsAuthSambaNTLM::SpawnNTLMAuthHelper() { @@ -20,7 +20,7 @@ "--helper-protocol", "ntlmssp-client-1", "--use-cached-creds", "--username", username, - nsnull + nullptr }; bool isOK = SpawnIOChild(const_cast<char* const*>(args), &mChildPID, &mFromChildFD, &mToChildFD); ++++++ mozilla-pkgconfig.patch ++++++ --- /var/tmp/diff_new_pack.DaYday/_old 2012-11-22 14:46:01.000000000 +0100 +++ /var/tmp/diff_new_pack.DaYday/_new 2012-11-22 14:46:01.000000000 +0100 @@ -4,7 +4,7 @@ diff --git a/xulrunner/installer/Makefile.in b/xulrunner/installer/Makefile.in --- a/xulrunner/installer/Makefile.in +++ b/xulrunner/installer/Makefile.in -@@ -69,16 +69,19 @@ ifndef MOZ_PLATFORM_MAEMO +@@ -39,16 +39,19 @@ ifndef MOZ_PLATFORM_MAEMO GENERATE_CACHE = 1 endif @@ -14,7 +14,7 @@ # Add pkg-config files to the install:: target +# the apilibdir always ends with 1.9 as every patch update will provide a link -+apilibdir = $(dir $(installdir))xulrunner-16 ++apilibdir = $(dir $(installdir))xulrunner-17 + pkg_config_files = \ libxul.pc \ @@ -24,7 +24,7 @@ $(NULL) ifdef MOZ_NATIVE_NSPR -@@ -106,16 +109,17 @@ pkg_config_files += mozilla-nss.pc +@@ -76,16 +79,17 @@ pkg_config_files += mozilla-nss.pc endif %.pc: $(srcdir)/%.pc.in $(GLOBAL_DEPS) ++++++ mozilla-prefer_plugin_pref.patch ++++++ --- /var/tmp/diff_new_pack.DaYday/_old 2012-11-22 14:46:01.000000000 +0100 +++ /var/tmp/diff_new_pack.DaYday/_new 2012-11-22 14:46:01.000000000 +0100 @@ -4,15 +4,15 @@ diff --git a/dom/plugins/base/nsPluginHost.cpp b/dom/plugins/base/nsPluginHost.cpp --- a/dom/plugins/base/nsPluginHost.cpp +++ b/dom/plugins/base/nsPluginHost.cpp -@@ -1561,17 +1561,45 @@ nsPluginHost::FindPluginForType(const ch - bool aCheckEnabled) - { +@@ -1588,17 +1588,51 @@ nsPluginHost::FindPluginForType(const ch if (!aMimeType) { - return nsnull; + return nullptr; } LoadPlugins(); + InfallibleTArray<nsPluginTag*> matchingPlugins; + + char *preferredPluginPath = NULL; + nsCAutoString mimetypePrefString ("modules.plugins.mimetype."); + mimetypePrefString.Append(aMimeType); @@ -23,30 +23,36 @@ nsPluginTag *plugin = mPlugins; + + if(preferredPluginPath) { -+ while (nsnull != plugin) { -+ if (0 == PL_strcasecmp(plugin->mFileName.get(), preferredPluginPath) || -+ 0 == PL_strcasecmp(plugin->mFullPath.get(), preferredPluginPath)) { -+ return plugin; ++ while (plugin) { ++ if (!aCheckEnabled || plugin->IsEnabled()) { ++ if (0 == PL_strcasecmp(plugin->mFileName.get(), preferredPluginPath) || ++ 0 == PL_strcasecmp(plugin->mFullPath.get(), preferredPluginPath)) { ++ matchingPlugins.AppendElement(plugin); ++ } + } + plugin = plugin->mNext; + } + + // now lets search for substrings + plugin = mPlugins; -+ while (nsnull != plugin) { -+ if (nsnull != PL_strstr(plugin->mFileName.get(), preferredPluginPath) || -+ nsnull != PL_strstr(plugin->mFullPath.get(), preferredPluginPath)) { -+ return plugin; ++ while (plugin) { ++ if (!aCheckEnabled || plugin->IsEnabled()) { ++ if (nullptr != PL_strstr(plugin->mFileName.get(), preferredPluginPath) || ++ nullptr != PL_strstr(plugin->mFullPath.get(), preferredPluginPath)) { ++ matchingPlugins.AppendElement(plugin); ++ } + } + plugin = plugin->mNext; + } ++ ++ return FindPreferredPlugin(matchingPlugins); + } + while (plugin) { if (!aCheckEnabled || plugin->IsEnabled()) { - PRInt32 mimeCount = plugin->mMimeTypes.Length(); - for (PRInt32 i = 0; i < mimeCount; i++) { + int32_t mimeCount = plugin->mMimeTypes.Length(); + for (int32_t i = 0; i < mimeCount; i++) { if (0 == PL_strcasecmp(plugin->mMimeTypes[i].get(), aMimeType)) { - return plugin; + matchingPlugins.AppendElement(plugin); + break; } - } ++++++ source-stamp.txt ++++++ --- /var/tmp/diff_new_pack.DaYday/_old 2012-11-22 14:46:01.000000000 +0100 +++ /var/tmp/diff_new_pack.DaYday/_new 2012-11-22 14:46:01.000000000 +0100 @@ -1,2 +1,2 @@ -REV=e0c8343d2809 +REV=0af23f8db35d REPO=http://hg.mozilla.org/releases/mozilla-release ++++++ xulrunner-16.0.2-source.tar.bz2 -> xulrunner-17.0-source.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/xulrunner/xulrunner-16.0.2-source.tar.bz2 /work/SRC/openSUSE:Factory/.xulrunner.new/xulrunner-17.0-source.tar.bz2 differ: char 11, line 1 -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
