Hello community, here is the log from the commit of package seamonkey for openSUSE:Factory checked in at 2013-12-13 13:11:25 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/seamonkey (Old) and /work/SRC/openSUSE:Factory/.seamonkey.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "seamonkey" Changes: -------- --- /work/SRC/openSUSE:Factory/seamonkey/seamonkey.changes 2013-11-04 08:50:46.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.seamonkey.new/seamonkey.changes 2013-12-13 13:11:31.000000000 +0100 @@ -1,0 +2,40 @@ +Wed Dec 11 11:13:16 UTC 2013 - w...@rosenauer.org + +- update to SeaMonkey 2.23 (bnc#854367, bnc#854370)) + * requires NSPR 4.10.2 and NSS 3.15.3.1 + * MFSA 2013-104/CVE-2013-5609/CVE-2013-5610 + Miscellaneous memory safety hazards + * MFSA 2013-105/CVE-2013-5611 (bmo#771294) + Application Installation doorhanger persists on navigation + * MFSA 2013-106/CVE-2013-5612 (bmo#871161) + Character encoding cross-origin XSS attack + * MFSA 2013-107/CVE-2013-5614 (bmo#886262) + Sandbox restrictions not applied to nested object elements + * MFSA 2013-108/CVE-2013-5616 (bmo#938341) + Use-after-free in event listeners + * MFSA 2013-109/CVE-2013-5618 (bmo#926361) + Use-after-free during Table Editing + * MFSA 2013-110/CVE-2013-5619 (bmo#917841) + Potential overflow in JavaScript binary search algorithms + * MFSA 2013-111/CVE-2013-6671 (bmo#930281) + Segmentation violation when replacing ordered list elements + * MFSA 2013-112/CVE-2013-6672 (bmo#894736) + Linux clipboard information disclosure though selection paste + * MFSA 2013-113/CVE-2013-6673 (bmo#970380) + Trust settings for built-in roots ignored during EV certificate + validation + * MFSA 2013-114/CVE-2013-5613 (bmo#930381, bmo#932449) + Use-after-free in synthetic mouse movement + * MFSA 2013-115/CVE-2013-5615 (bmo#929261) + GetElementIC typed array stubs can be generated outside observed + typesets + * MFSA 2013-116/CVE-2013-6629/CVE-2013-6630 (bmo#891693) + JPEG information leak + * MFSA 2013-117 (bmo#946351) + Mis-issued ANSSI/DCSSI certificate + (fixed via NSS 3.15.3.1) +- rebased patches: + * mozilla-nongnome-proxies.patch + * mozilla-shared-nss-db.patch + +------------------------------------------------------------------- Old: ---- l10n-2.22.tar.bz2 seamonkey-2.22-source.tar.bz2 New: ---- l10n-2.23.tar.bz2 seamonkey-2.23-source.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ seamonkey.spec ++++++ --- /var/tmp/diff_new_pack.XAADhX/_old 2013-12-13 13:11:36.000000000 +0100 +++ /var/tmp/diff_new_pack.XAADhX/_new 2013-12-13 13:11:36.000000000 +0100 @@ -54,9 +54,9 @@ %endif Provides: web_browser Provides: browser(npapi) -Version: 2.22 +Version: 2.23 Release: 0 -%define releasedate 2013102900 +%define releasedate 2013121000 Summary: The successor of the Mozilla Application Suite License: MPL-2.0 Group: Productivity/Networking/Web/Browsers @@ -104,7 +104,7 @@ # so using %opensuse_bs is secure for now BuildRequires: mozilla-nspr-devel PreReq: mozilla-nspr >= %(rpm -q --queryformat '%{VERSION}' mozilla-nspr) -BuildRequires: mozilla-nss-devel >= 3.15.2 +BuildRequires: mozilla-nss-devel >= 3.15.3.1 PreReq: mozilla-nss >= %(rpm -q --queryformat '%{VERSION}' mozilla-nss) %description ++++++ compare-locales.tar.bz2 ++++++ ++++++ create-tar.sh ++++++ --- /var/tmp/diff_new_pack.XAADhX/_old 2013-12-13 13:11:36.000000000 +0100 +++ /var/tmp/diff_new_pack.XAADhX/_new 2013-12-13 13:11:36.000000000 +0100 @@ -2,8 +2,8 @@ CHANNEL="release" BRANCH="releases/comm-$CHANNEL" -RELEASE_TAG="SEAMONKEY_2_22_RELEASE" -VERSION="2.22" +RELEASE_TAG="SEAMONKEY_2_23_RELEASE" +VERSION="2.23" echo "cloning $BRANCH..." hg clone http://hg.mozilla.org/$BRANCH seamonkey ++++++ l10n-2.22.tar.bz2 -> l10n-2.23.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/seamonkey/l10n-2.22.tar.bz2 /work/SRC/openSUSE:Factory/.seamonkey.new/l10n-2.23.tar.bz2 differ: char 11, line 1 ++++++ mozilla-nongnome-proxies.patch ++++++ --- /var/tmp/diff_new_pack.XAADhX/_old 2013-12-13 13:11:36.000000000 +0100 +++ /var/tmp/diff_new_pack.XAADhX/_new 2013-12-13 13:11:36.000000000 +0100 @@ -9,7 +9,7 @@ diff --git a/toolkit/system/unixproxy/nsUnixSystemProxySettings.cpp b/toolkit/system/unixproxy/nsUnixSystemProxySettings.cpp --- a/toolkit/system/unixproxy/nsUnixSystemProxySettings.cpp +++ b/toolkit/system/unixproxy/nsUnixSystemProxySettings.cpp -@@ -50,24 +50,28 @@ nsUnixSystemProxySettings::GetMainThread +@@ -53,23 +53,27 @@ nsUnixSystemProxySettings::GetMainThread // dbus prevents us from being threadsafe, but this routine should not block anyhow *aMainThreadOnly = true; return NS_OK; @@ -18,7 +18,6 @@ nsresult nsUnixSystemProxySettings::Init() { -- mSchemeProxySettings.Init(5); - mGSettings = do_GetService(NS_GSETTINGSSERVICE_CONTRACTID); - if (mGSettings) { - mGSettings->GetCollectionForSchema(NS_LITERAL_CSTRING("org.gnome.system.proxy"), @@ -29,7 +28,6 @@ + // only use GSettings if that is a GNOME session + const char* sessionType = PR_GetEnv("DESKTOP_SESSION"); + if (sessionType && !strcmp(sessionType, "gnome")) { -+ mSchemeProxySettings.Init(5); + mGSettings = do_GetService(NS_GSETTINGSSERVICE_CONTRACTID); + if (mGSettings) { + mGSettings->GetCollectionForSchema(NS_LITERAL_CSTRING("org.gnome.system.proxy"), ++++++ mozilla-shared-nss-db.patch ++++++ --- /var/tmp/diff_new_pack.XAADhX/_old 2013-12-13 13:11:36.000000000 +0100 +++ /var/tmp/diff_new_pack.XAADhX/_new 2013-12-13 13:11:36.000000000 +0100 @@ -7,7 +7,7 @@ diff --git a/configure.in b/configure.in --- a/configure.in +++ b/configure.in -@@ -8289,16 +8289,31 @@ AC_SUBST(QCMS_LIBS) +@@ -8162,16 +8162,31 @@ AC_SUBST(QCMS_LIBS) dnl ======================================================== dnl HarfBuzz @@ -42,20 +42,18 @@ diff --git a/security/manager/ssl/src/Makefile.in b/security/manager/ssl/src/Makefile.in --- a/security/manager/ssl/src/Makefile.in +++ b/security/manager/ssl/src/Makefile.in -@@ -18,10 +18,13 @@ LIBXUL_LIBRARY = 1 - CSRCS += md4.c +@@ -5,8 +5,11 @@ + # file, You can obtain one at http://mozilla.org/MPL/2.0/. + EXPORT_LIBRARY = 1 DEFINES += \ -DNSS_ENABLE_ECC \ -DDLL_PREFIX=\"$(DLL_PREFIX)\" \ -DDLL_SUFFIX=\"$(DLL_SUFFIX)\" \ $(NULL) - ++ +LOCAL_INCLUDES += $(NSSHELPER_CFLAGS) +EXTRA_DSO_LDOPTS += $(NSSHELPER_LIBS) -+ - include $(topsrcdir)/config/rules.mk - diff --git a/security/manager/ssl/src/nsNSSComponent.cpp b/security/manager/ssl/src/nsNSSComponent.cpp --- a/security/manager/ssl/src/nsNSSComponent.cpp +++ b/security/manager/ssl/src/nsNSSComponent.cpp @@ -83,7 +81,7 @@ #include "nsComponentManagerUtils.h" #include "nsDirectoryServiceDefs.h" #include "nsICertOverrideService.h" -@@ -1144,18 +1151,34 @@ nsNSSComponent::InitializeNSS(bool showW +@@ -1136,18 +1143,35 @@ nsNSSComponent::InitializeNSS(bool showW ConfigureInternalPKCS11Token(); // The NSS_INIT_NOROOTINIT flag turns off the loading of the root certs @@ -94,9 +92,10 @@ uint32_t init_flags = NSS_INIT_NOROOTINIT | NSS_INIT_OPTIMIZESPACE; - SECStatus init_rv = ::NSS_Initialize(profileStr.get(), "", "", - SECMOD_DB, init_flags); ++ + SECStatus init_rv = SECFailure; +#ifdef MOZ_ENABLE_NSSHELPER -+ if (PR_GetEnv("MOZ_SM_NO_NSSHELPER")) { ++ if (PR_GetEnv("MOZ_XRE_NO_NSSHELPER")) { + init_rv = ::NSS_Initialize(profileStr.get(), "", "", + SECMOD_DB, init_flags); + } else { @@ -116,18 +115,18 @@ if (init_rv != SECSuccess) { PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("can not init NSS r/w in %s\n", profileStr.get())); - if (supress_warning_preference) { + if (suppressWarningPref) { which_nss_problem = problem_none; } else { diff --git a/toolkit/library/Makefile.in b/toolkit/library/Makefile.in --- a/toolkit/library/Makefile.in +++ b/toolkit/library/Makefile.in -@@ -490,17 +490,17 @@ ifneq (,$(or $(filter 1400,$(_MSC_VER)), - ifdef MOZ_DEBUG - EXTRA_DSO_LDOPTS += -INCREMENTAL:NO - endif - endif +@@ -473,17 +473,17 @@ LOCAL_INCLUDES += -I$(topsrcdir)/intl/un + ifneq (,$(filter OS2 WINNT,$(OS_ARCH))) + SDK_LIBRARY = $(IMPORT_LIBRARY) + else + SDK_LIBRARY = $(SHARED_LIBRARY) endif EXTRA_DSO_LDOPTS += $(LIBS_DIR) ++++++ seamonkey-2.22-source.tar.bz2 -> seamonkey-2.23-source.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/seamonkey/seamonkey-2.22-source.tar.bz2 /work/SRC/openSUSE:Factory/.seamonkey.new/seamonkey-2.23-source.tar.bz2 differ: char 11, line 1 -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org