Hello community, here is the log from the commit of package xulrunner for openSUSE:Factory checked in at 2013-01-10 16:00:25 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/xulrunner (Old) and /work/SRC/openSUSE:Factory/.xulrunner.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "xulrunner", Maintainer is "[email protected]" Changes: -------- --- /work/SRC/openSUSE:Factory/xulrunner/xulrunner.changes 2012-12-03 11:52:09.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.xulrunner.new/xulrunner.changes 2013-01-10 16:00:42.000000000 +0100 @@ -1,0 +2,47 @@ +Sat Jan 5 14:46:06 UTC 2013 - [email protected] + +- update to 17.0.2esr (bnc#796895) + * MFSA 2013-01/CVE-2013-0749/CVE-2013-0769/CVE-2013-0770 + Miscellaneous memory safety hazards + * MFSA 2013-02/CVE-2013-0760/CVE-2013-0762/CVE-2013-0766/CVE-2013-0767 + CVE-2013-0761/CVE-2013-0763/CVE-2013-0771/CVE-2012-5829 + Use-after-free and buffer overflow issues found using Address Sanitizer + * MFSA 2013-03/CVE-2013-0768 (bmo#815795) + Buffer Overflow in Canvas + * MFSA 2013-04/CVE-2012-0759 (bmo#802026) + URL spoofing in addressbar during page loads + * MFSA 2013-05/CVE-2013-0744 (bmo#814713) + Use-after-free when displaying table with many columns and column groups + * MFSA 2013-07/CVE-2013-0764 (bmo#804237) + Crash due to handling of SSL on threads + * MFSA 2013-08/CVE-2013-0745 (bmo#794158) + AutoWrapperChanger fails to keep objects alive during garbage collection + * MFSA 2013-09/CVE-2013-0746 (bmo#816842) + Compartment mismatch with quickstubs returned values + * MFSA 2013-10/CVE-2013-0747 (bmo#733305) + Event manipulation in plugin handler to bypass same-origin policy + * MFSA 2013-11/CVE-2013-0748 (bmo#806031) + Address space layout leaked in XBL objects + * MFSA 2013-12/CVE-2013-0750 (bmo#805121) + Buffer overflow in Javascript string concatenation + * MFSA 2013-13/CVE-2013-0752 (bmo#805024) + Memory corruption in XBL with XML bindings containing SVG + * MFSA 2013-14/CVE-2013-0757 (bmo#813901) + Chrome Object Wrapper (COW) bypass through changing prototype + * MFSA 2013-15/CVE-2013-0758 (bmo#813906) + Privilege escalation through plugin objects + * MFSA 2013-16/CVE-2013-0753 (bmo#814001) + Use-after-free in serializeToStream + * MFSA 2013-17/CVE-2013-0754 (bmo#814026) + Use-after-free in ListenerManager + * MFSA 2013-18/CVE-2013-0755 (bmo#814027) + Use-after-free in Vibrate + * MFSA 2013-19/CVE-2013-0756 (bmo#814029) + Use-after-free in Javascript Proxy objects +- requires NSS 3.14.1 (MFSA 2013-20, CVE-2013-0743) +- build on SLE11 + * mozilla-gcc43-enums.patch + * mozilla-gcc43-template_hacks.patch + * mozilla-gcc43-templates_instantiation.patch + +------------------------------------------------------------------- Old: ---- l10n-17.0.1.tar.bz2 xulrunner-17.0.1-source.tar.bz2 New: ---- l10n-17.0.2.tar.bz2 mozilla-gcc43-enums.patch mozilla-gcc43-template_hacks.patch mozilla-gcc43-templates_instantiation.patch xulrunner-17.0.2-source.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ xulrunner.spec ++++++ --- /var/tmp/diff_new_pack.VxmUMK/_old 2013-01-10 16:00:54.000000000 +0100 +++ /var/tmp/diff_new_pack.VxmUMK/_new 2013-01-10 16:00:54.000000000 +0100 @@ -1,7 +1,7 @@ # # spec file for package xulrunner # -# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # 2006-2012 Wolfgang Rosenauer # # All modifications and additions to the file contributed by third parties @@ -42,14 +42,14 @@ %else BuildRequires: wireless-tools %endif -BuildRequires: mozilla-nspr-devel >= 4.9.2 -BuildRequires: mozilla-nss-devel >= 3.13.6 -Version: 17.0.1 +BuildRequires: mozilla-nspr-devel >= 4.9.4 +BuildRequires: mozilla-nss-devel >= 3.14.1 +Version: 17.0.2 Release: 0 -%define releasedate 2012112800 -%define version_internal 17.0.1 +%define releasedate 2013010500 +%define version_internal 17.0.2 %define apiversion 17 -%define uaweight 1700001 +%define uaweight 1700002 Summary: Mozilla Runtime Environment License: MPL-2.0 Group: Productivity/Other @@ -77,6 +77,10 @@ Patch7: mozilla-ntlm-full-path.patch Patch9: mozilla-sle11.patch Patch14: mozilla-ppc.patch +# SLE11 patches +Patch20: mozilla-gcc43-enums.patch +Patch21: mozilla-gcc43-template_hacks.patch +Patch22: mozilla-gcc43-templates_instantiation.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires: mozilla-js = %{version} Requires(post): update-alternatives coreutils @@ -191,6 +195,12 @@ %patch9 -p1 %endif %patch14 -p1 +# SLE patches +%if %suse_version <= 1110 +%patch20 -p1 +%patch21 -p1 +%patch22 -p1 +%endif %build # no need to add build time to binaries ++++++ compare-locales.tar.bz2 ++++++ ++++++ create-tar.sh ++++++ --- /var/tmp/diff_new_pack.VxmUMK/_old 2013-01-10 16:00:54.000000000 +0100 +++ /var/tmp/diff_new_pack.VxmUMK/_new 2013-01-10 16:00:54.000000000 +0100 @@ -1,9 +1,9 @@ #!/bin/bash -CHANNEL="release" +CHANNEL="esr17" BRANCH="releases/mozilla-$CHANNEL" -RELEASE_TAG="FIREFOX_17_0_1_RELEASE" -VERSION="17.0.1" +RELEASE_TAG="FIREFOX_17_0_2esr_RELEASE" +VERSION="17.0.2" # mozilla echo "cloning $BRANCH..." @@ -28,7 +28,7 @@ ;; *) echo "fetching $locale ..." - hg clone http://hg.mozilla.org/releases/l10n/mozilla-$CHANNEL/$locale l10n/$locale + hg clone http://hg.mozilla.org/releases/l10n/mozilla-release/$locale l10n/$locale [ "$RELEASE_TAG" == "default" ] || hg -R l10n/$locale up -C -r $RELEASE_TAG ;; esac ++++++ l10n-17.0.1.tar.bz2 -> l10n-17.0.2.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/xulrunner/l10n-17.0.1.tar.bz2 /work/SRC/openSUSE:Factory/.xulrunner.new/l10n-17.0.2.tar.bz2 differ: char 11, line 1 ++++++ mozilla-gcc43-enums.patch ++++++ # HG changeset patch # Parent 6d0e0f7dc4cf04f1d08f8b4f8e9312ac05928608 remove trailing commas in enum definitions as these are unpalatable for gcc (4.3.4) in pedantic mode diff --git a/media/webrtc/trunk/src/common_types.h b/media/webrtc/trunk/src/common_types.h --- a/media/webrtc/trunk/src/common_types.h +++ b/media/webrtc/trunk/src/common_types.h @@ -342,17 +342,17 @@ enum TelephoneEventDetectionMethods enum NsModes // type of Noise Suppression { kNsUnchanged = 0, // previously set mode kNsDefault, // platform default kNsConference, // conferencing default kNsLowSuppression, // lowest suppression kNsModerateSuppression, kNsHighSuppression, - kNsVeryHighSuppression, // highest suppression + kNsVeryHighSuppression // highest suppression }; enum AgcModes // type of Automatic Gain Control { kAgcUnchanged = 0, // previously set mode kAgcDefault, // platform default // adaptive mode for use when analog volume control exists (e.g. for // PC softphone) @@ -367,17 +367,17 @@ enum AgcModes // type o // EC modes enum EcModes // type of Echo Control { kEcUnchanged = 0, // previously set mode kEcDefault, // platform default kEcConference, // conferencing default (aggressive AEC) kEcAec, // Acoustic Echo Cancellation - kEcAecm, // AEC mobile + kEcAecm // AEC mobile }; // AECM modes enum AecmModes // mode of AECM { kAecmQuietEarpieceOrHeadset = 0, // Quiet earpiece or headset use kAecmEarpiece, // most earpiece use @@ -416,43 +416,43 @@ enum NetEqModes // NetEQ pla // Optimized trade-off between low delay and jitter robustness for two-way // communication. kNetEqDefault = 0, // Improved jitter robustness at the cost of increased delay. Can be // used in one-way communication. kNetEqStreaming = 1, // Optimzed for decodability of fax signals rather than for perceived audio // quality. - kNetEqFax = 2, + kNetEqFax = 2 }; enum NetEqBgnModes // NetEQ Background Noise (BGN) configurations { // BGN is always on and will be generated when the incoming RTP stream // stops (default). kBgnOn = 0, // The BGN is faded to zero (complete silence) after a few seconds. kBgnFade = 1, // BGN is not used at all. Silence is produced after speech extrapolation // has faded. - kBgnOff = 2, + kBgnOff = 2 }; enum OnHoldModes // On Hold direction { kHoldSendAndPlay = 0, // Put both sending and playing in on-hold state. kHoldSendOnly, // Put only sending in on-hold state. kHoldPlayOnly // Put only playing in on-hold state. }; enum AmrMode { kRfc3267BwEfficient = 0, kRfc3267OctetAligned = 1, - kRfc3267FileStorage = 2, + kRfc3267FileStorage = 2 }; // ================================================================== // Video specific types // ================================================================== // Raw video types enum RawVideoType ++++++ mozilla-gcc43-template_hacks.patch ++++++ # HG changeset patch # Parent 993c5b5a44ca18c5273b74c75704b418c2477d28 bmo#783505 - bump gcc version required for building without template hacks diff --git a/js/src/jstypedarray.cpp b/js/src/jstypedarray.cpp --- a/js/src/jstypedarray.cpp +++ b/js/src/jstypedarray.cpp @@ -1404,17 +1404,17 @@ class TypedArrayTemplate // retrieves a given Value, probably from a slot on the object. template<Value ValueGetter(JSObject *obj)> static JSBool Getter(JSContext *cx, unsigned argc, Value *vp) { CallArgs args = CallArgsFromVp(argc, vp); // FIXME: Hack to keep us building with gcc 4.2. Remove this once we // drop support for gcc 4.2. See bug 783505 for the details. -#if defined(__GNUC__) && __GNUC_MINOR__ <= 2 +#if defined(__GNUC__) && __GNUC_MINOR__ <= 3 return CallNonGenericMethod(cx, IsThisClass, GetterImpl<ValueGetter>, args); #else return CallNonGenericMethod<ThisTypeArray::IsThisClass, ThisTypeArray::GetterImpl<ValueGetter> >(cx, args); #endif } // Define an accessor for a read-only property that invokes a native getter ++++++ mozilla-gcc43-templates_instantiation.patch ++++++ # HG changeset patch # Parent 2e78665a1ab70f4dc3884965428bda14da684ef6 bmo#732340 - explicitly instantiate templates diff --git a/gfx/harfbuzz/src/hb-ot-layout.cc b/gfx/harfbuzz/src/hb-ot-layout.cc --- a/gfx/harfbuzz/src/hb-ot-layout.cc +++ b/gfx/harfbuzz/src/hb-ot-layout.cc @@ -479,8 +479,12 @@ hb_ot_layout_position_lookup (hb_font_t return hb_ot_layout_from_face (font->face)->gpos->position_lookup (&c, lookup_index); } void hb_ot_layout_position_finish (hb_font_t *font, hb_buffer_t *buffer, hb_bool_t zero_width_attached_marks) { GPOS::position_finish (font, buffer, zero_width_attached_marks); } + +template int SortedArrayOf<Record<LangSys> >::search<unsigned int>(unsigned int const &) const; +template int SortedArrayOf<Record<Script> >::search<unsigned int>(unsigned int const &) const; +template int SortedArrayOf<IntType<unsigned short> >::search<unsigned int>(unsigned int const &) const; ++++++ source-stamp.txt ++++++ --- /var/tmp/diff_new_pack.VxmUMK/_old 2013-01-10 16:00:54.000000000 +0100 +++ /var/tmp/diff_new_pack.VxmUMK/_new 2013-01-10 16:00:54.000000000 +0100 @@ -1,2 +1,2 @@ -REV=c23c45132139 -REPO=http://hg.mozilla.org/releases/mozilla-release +REV=023401f37090 +REPO=http://hg.mozilla.org/releases/mozilla-esr17 ++++++ xulrunner-17.0.1-source.tar.bz2 -> xulrunner-17.0.2-source.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/xulrunner/xulrunner-17.0.1-source.tar.bz2 /work/SRC/openSUSE:Factory/.xulrunner.new/xulrunner-17.0.2-source.tar.bz2 differ: char 11, line 1 -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
