Hello community,

here is the log from the commit of package xulrunner for openSUSE:Factory 
checked in at 2012-11-22 14:45:44
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/xulrunner (Old)
 and      /work/SRC/openSUSE:Factory/.xulrunner.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "xulrunner", Maintainer is "[email protected]"

Changes:
--------
--- /work/SRC/openSUSE:Factory/xulrunner/xulrunner.changes      2012-10-27 
13:25:18.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.xulrunner.new/xulrunner.changes 2012-11-22 
14:45:52.000000000 +0100
@@ -1,0 +2,42 @@
+Tue Nov 20 20:15:23 UTC 2012 - [email protected]
+
+- update to 17.0 (bnc#790140)
+  * MFSA 2012-91/CVE-2012-5842/CVE-2012-5843
+    Miscellaneous memory safety hazards
+  * MFSA 2012-92/CVE-2012-4202 (bmo#758200)
+    Buffer overflow while rendering GIF images
+  * MFSA 2012-93/CVE-2012-4201 (bmo#747607)
+    evalInSanbox location context incorrectly applied
+  * MFSA 2012-94/CVE-2012-5836 (bmo#792857)
+    Crash when combining SVG text on path with CSS
+  * MFSA 2012-95/CVE-2012-4203 (bmo#765628)
+    Javascript: URLs run in privileged context on New Tab page
+  * MFSA 2012-96/CVE-2012-4204 (bmo#778603)
+    Memory corruption in str_unescape
+  * MFSA 2012-97/CVE-2012-4205 (bmo#779821)
+    XMLHttpRequest inherits incorrect principal within sandbox
+  * MFSA 2012-99/CVE-2012-4208 (bmo#798264)
+    XrayWrappers exposes chrome-only properties when not in chrome
+    compartment
+  * MFSA 2012-100/CVE-2012-5841 (bmo#805807)
+    Improper security filtering for cross-origin wrappers
+  * MFSA 2012-101/CVE-2012-4207 (bmo#801681)
+    Improper character decoding in HZ-GB-2312 charset
+  * MFSA 2012-102/CVE-2012-5837 (bmo#800363)
+    Script entered into Developer Toolbar runs with chrome privileges
+  * MFSA 2012-103/CVE-2012-4209 (bmo#792405)
+    Frames can shadow top.location
+  * MFSA 2012-104/CVE-2012-4210 (bmo#796866)
+    CSS and HTML injection through Style Inspector
+  * MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/
+    CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/
+    CVE-2012-4213/CVE-2012-4217/CVE-2012-4218
+    Use-after-free and buffer overflow issues found using Address
+    Sanitizer
+  * MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2012-5838
+    Use-after-free, buffer overflow, and memory corruption issues
+    found using Address Sanitizer
+- rebased patches
+- disabled WebRTC since build is broken (bmo#776877)
+
+-------------------------------------------------------------------

Old:
----
  l10n-16.0.2.tar.bz2
  xulrunner-16.0.2-source.tar.bz2

New:
----
  l10n-17.0.tar.bz2
  xulrunner-17.0-source.tar.bz2

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ xulrunner.spec ++++++
--- /var/tmp/diff_new_pack.DaYday/_old  2012-11-22 14:46:01.000000000 +0100
+++ /var/tmp/diff_new_pack.DaYday/_new  2012-11-22 14:46:01.000000000 +0100
@@ -44,12 +44,12 @@
 %endif
 BuildRequires:  mozilla-nspr-devel >= 4.9.2
 BuildRequires:  mozilla-nss-devel >= 3.13.6
-Version:        16.0.2
+Version:        17.0
 Release:        0
-%define         releasedate 2012102400
-%define         version_internal 16.0.2
-%define         apiversion 16
-%define         uaweight 1600002
+%define         releasedate 2012111600
+%define         version_internal 17.0
+%define         apiversion 17
+%define         uaweight 1700000
 Summary:        Mozilla Runtime Environment
 License:        MPL-2.0
 Group:          Productivity/Other
@@ -243,6 +243,7 @@
 ac_add_options --enable-system-hunspell
 ac_add_options --enable-startup-notification
 ac_add_options --enable-shared-js
+ac_add_options --disable-webrtc   # does not build with system NSPR
 #ac_add_options --enable-debug
 EOF
 %if %suse_version > 1130
@@ -313,6 +314,8 @@
      -type f -perm -111 -exec chmod a-x {} \;
 find $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/ \
      -name "*.js" -o -name "*.xpm" -o -name "*.png" | xargs chmod a-x
+# remove mkdir.done files from installed base
+find $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal} -name 
".mkdir.done" | xargs rm
 mkdir -p $RPM_BUILD_ROOT%{_libdir}/xulrunner-%{version_internal}/extensions
 # fixing SDK dynamic libs (symlink instead of copy)
 rm $RPM_BUILD_ROOT%{_libdir}/xulrunner-devel-%{version_internal}/sdk/lib/*.so

++++++ compare-locales.tar.bz2 ++++++

++++++ create-tar.sh ++++++
--- /var/tmp/diff_new_pack.DaYday/_old  2012-11-22 14:46:01.000000000 +0100
+++ /var/tmp/diff_new_pack.DaYday/_new  2012-11-22 14:46:01.000000000 +0100
@@ -2,8 +2,8 @@
 
 CHANNEL="release"
 BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_16_0_2_RELEASE"
-VERSION="16.0.2"
+RELEASE_TAG="FIREFOX_17_0_RELEASE"
+VERSION="17.0"
 
 # mozilla
 echo "cloning $BRANCH..."

++++++ l10n-16.0.2.tar.bz2 -> l10n-17.0.tar.bz2 ++++++
/work/SRC/openSUSE:Factory/xulrunner/l10n-16.0.2.tar.bz2 
/work/SRC/openSUSE:Factory/.xulrunner.new/l10n-17.0.tar.bz2 differ: char 12, 
line 1

++++++ mozilla-ntlm-full-path.patch ++++++
--- /var/tmp/diff_new_pack.DaYday/_old  2012-11-22 14:46:01.000000000 +0100
+++ /var/tmp/diff_new_pack.DaYday/_new  2012-11-22 14:46:01.000000000 +0100
@@ -1,12 +1,12 @@
 # HG changeset patch
 # User Petr Cerny <[email protected]>
-# Parent 4f5fe2278cd5cff898ad762457312f60a7e82a67
+# Parent 7308e4a7c1f769f4bbbc90870b849cadd99495a6
 Bug 634334 - call to the ntlm_auth helper fails
 
 diff --git a/extensions/auth/nsAuthSambaNTLM.cpp 
b/extensions/auth/nsAuthSambaNTLM.cpp
 --- a/extensions/auth/nsAuthSambaNTLM.cpp
 +++ b/extensions/auth/nsAuthSambaNTLM.cpp
-@@ -168,17 +168,17 @@ static PRUint8* ExtractMessage(const nsA
+@@ -168,17 +168,17 @@ static uint8_t* ExtractMessage(const nsA
  nsresult
  nsAuthSambaNTLM::SpawnNTLMAuthHelper()
  {
@@ -20,7 +20,7 @@
          "--helper-protocol", "ntlmssp-client-1",
          "--use-cached-creds",
          "--username", username,
-         nsnull
+         nullptr
      };
  
      bool isOK = SpawnIOChild(const_cast<char* const*>(args), &mChildPID, 
&mFromChildFD, &mToChildFD);

++++++ mozilla-pkgconfig.patch ++++++
--- /var/tmp/diff_new_pack.DaYday/_old  2012-11-22 14:46:01.000000000 +0100
+++ /var/tmp/diff_new_pack.DaYday/_new  2012-11-22 14:46:01.000000000 +0100
@@ -4,7 +4,7 @@
 diff --git a/xulrunner/installer/Makefile.in b/xulrunner/installer/Makefile.in
 --- a/xulrunner/installer/Makefile.in
 +++ b/xulrunner/installer/Makefile.in
-@@ -69,16 +69,19 @@ ifndef MOZ_PLATFORM_MAEMO
+@@ -39,16 +39,19 @@ ifndef MOZ_PLATFORM_MAEMO
  GENERATE_CACHE = 1
  endif
  
@@ -14,7 +14,7 @@
  # Add pkg-config files to the install:: target
  
 +# the apilibdir always ends with 1.9 as every patch update will provide a link
-+apilibdir = $(dir $(installdir))xulrunner-16
++apilibdir = $(dir $(installdir))xulrunner-17
 +
  pkg_config_files = \
        libxul.pc \
@@ -24,7 +24,7 @@
        $(NULL)
  
  ifdef MOZ_NATIVE_NSPR
-@@ -106,16 +109,17 @@ pkg_config_files += mozilla-nss.pc
+@@ -76,16 +79,17 @@ pkg_config_files += mozilla-nss.pc
  endif
  
  %.pc: $(srcdir)/%.pc.in $(GLOBAL_DEPS)

++++++ mozilla-prefer_plugin_pref.patch ++++++
--- /var/tmp/diff_new_pack.DaYday/_old  2012-11-22 14:46:01.000000000 +0100
+++ /var/tmp/diff_new_pack.DaYday/_new  2012-11-22 14:46:01.000000000 +0100
@@ -4,15 +4,15 @@
 diff --git a/dom/plugins/base/nsPluginHost.cpp 
b/dom/plugins/base/nsPluginHost.cpp
 --- a/dom/plugins/base/nsPluginHost.cpp
 +++ b/dom/plugins/base/nsPluginHost.cpp
-@@ -1561,17 +1561,45 @@ nsPluginHost::FindPluginForType(const ch
-                                 bool aCheckEnabled)
- {
+@@ -1588,17 +1588,51 @@ nsPluginHost::FindPluginForType(const ch
    if (!aMimeType) {
-     return nsnull;
+     return nullptr;
    }
  
    LoadPlugins();
  
+   InfallibleTArray<nsPluginTag*> matchingPlugins;
+ 
 +  char *preferredPluginPath = NULL;
 +  nsCAutoString mimetypePrefString ("modules.plugins.mimetype.");
 +  mimetypePrefString.Append(aMimeType);
@@ -23,30 +23,36 @@
    nsPluginTag *plugin = mPlugins;
 +
 +  if(preferredPluginPath) {
-+    while (nsnull != plugin) {
-+      if (0 == PL_strcasecmp(plugin->mFileName.get(), preferredPluginPath) ||
-+          0 == PL_strcasecmp(plugin->mFullPath.get(), preferredPluginPath)) {
-+        return plugin;
++    while (plugin) {
++      if (!aCheckEnabled || plugin->IsEnabled()) {
++        if (0 == PL_strcasecmp(plugin->mFileName.get(), preferredPluginPath) 
||
++            0 == PL_strcasecmp(plugin->mFullPath.get(), preferredPluginPath)) 
{
++          matchingPlugins.AppendElement(plugin);
++        }
 +      }
 +      plugin = plugin->mNext;
 +    }
 +
 +    // now lets search for substrings
 +    plugin = mPlugins;
-+    while (nsnull != plugin) {
-+      if (nsnull != PL_strstr(plugin->mFileName.get(), preferredPluginPath) ||
-+          nsnull != PL_strstr(plugin->mFullPath.get(), preferredPluginPath)) {
-+        return plugin;
++    while (plugin) {
++      if (!aCheckEnabled || plugin->IsEnabled()) {
++        if (nullptr != PL_strstr(plugin->mFileName.get(), 
preferredPluginPath) ||
++            nullptr != PL_strstr(plugin->mFullPath.get(), 
preferredPluginPath)) {
++          matchingPlugins.AppendElement(plugin);
++        }
 +      }
 +      plugin = plugin->mNext;
 +    }
++
++    return FindPreferredPlugin(matchingPlugins);
 +  }
 +
    while (plugin) {
      if (!aCheckEnabled || plugin->IsEnabled()) {
-       PRInt32 mimeCount = plugin->mMimeTypes.Length();
-       for (PRInt32 i = 0; i < mimeCount; i++) {
+       int32_t mimeCount = plugin->mMimeTypes.Length();
+       for (int32_t i = 0; i < mimeCount; i++) {
          if (0 == PL_strcasecmp(plugin->mMimeTypes[i].get(), aMimeType)) {
-           return plugin;
+           matchingPlugins.AppendElement(plugin);
+           break;
          }
-       }

++++++ source-stamp.txt ++++++
--- /var/tmp/diff_new_pack.DaYday/_old  2012-11-22 14:46:01.000000000 +0100
+++ /var/tmp/diff_new_pack.DaYday/_new  2012-11-22 14:46:01.000000000 +0100
@@ -1,2 +1,2 @@
-REV=e0c8343d2809
+REV=0af23f8db35d
 REPO=http://hg.mozilla.org/releases/mozilla-release

++++++ xulrunner-16.0.2-source.tar.bz2 -> xulrunner-17.0-source.tar.bz2 ++++++
/work/SRC/openSUSE:Factory/xulrunner/xulrunner-16.0.2-source.tar.bz2 
/work/SRC/openSUSE:Factory/.xulrunner.new/xulrunner-17.0-source.tar.bz2 differ: 
char 11, line 1

-- 
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to