Hello community, here is the log from the commit of package seamonkey for openSUSE:Factory checked in at 2015-10-03 20:30:18 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/seamonkey (Old) and /work/SRC/openSUSE:Factory/.seamonkey.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "seamonkey" Changes: -------- --- /work/SRC/openSUSE:Factory/seamonkey/seamonkey.changes 2015-09-08 17:49:05.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.seamonkey.new/seamonkey.changes 2015-10-03 20:30:27.000000000 +0200 @@ -1,0 +2,47 @@ +Thu Oct 1 09:42:28 UTC 2015 - w...@rosenauer.org + +- update to SeaMonkey 2.38 (bnc#947003) + * based on 41.0.1 + * MFSA 2015-96/CVE-2015-4500/CVE-2015-4501 + Miscellaneous memory safety hazards + * MFSA 2015-97/CVE-2015-4503 (bmo#994337) + Memory leak in mozTCPSocket to servers + * MFSA 2015-98/CVE-2015-4504 (bmo#1132467) + Out of bounds read in QCMS library with ICC V4 profile attributes + * MFSA 2015-100/CVE-2015-4505 (bmo#1177861) (Windows only) + Arbitrary file manipulation by local user through Mozilla updater + * MFSA 2015-101/CVE-2015-4506 (bmo#1192226) + Buffer overflow in libvpx while parsing vp9 format video + * MFSA 2015-102/CVE-2015-4507 (bmo#1192401) + Crash when using debugger with SavedStacks in JavaScript + * MFSA 2015-104/CVE-2015-4510 (bmo#1200004) + Use-after-free with shared workers and IndexedDB + * MFSA 2015-105/CVE-2015-4511 (bmo#1200148) + Buffer overflow while decoding WebM video + * MFSA 2015-106/CVE-2015-4509 (bmo#1198435) + Use-after-free while manipulating HTML media content + * MFSA 2015-107/CVE-2015-4512 (bmo#1170390) + Out-of-bounds read during 2D canvas display on Linux 16-bit + color depth systems + * MFSA 2015-108/CVE-2015-4502 (bmo#1105045) + Scripted proxies can access inner window + * MFSA 2015-109/CVE-2015-4516 (bmo#904886) + JavaScript immutable property enforcement can be bypassed + * MFSA 2015-110/CVE-2015-4519 (bmo#1189814) + Dragging and dropping images exposes final URL after redirects + * MFSA 2015-111/CVE-2015-4520 (bmo#1200856, bmo#1200869) + Errors in the handling of CORS preflight request headers + * MFSA 2015-112/CVE-2015-4517/CVE-2015-4521/CVE-2015-4522/ + CVE-2015-7174/CVE-2015-7175/CVE-2015-7176/CVE-2015-7177/ + CVE-2015-7180 + Vulnerabilities found through code inspection + * MFSA 2015-113/CVE-2015-7178/CVE-2015-7179 (bmo#1189860, + bmo#1190526) (Windows only) + Memory safety errors in libGLES in the ANGLE graphics library + * MFSA 2015-114 (bmo#1167498, bmo#1153672) (Windows only) + Information disclosure via the High Resolution Time API +- removed obsolete patch + * mozilla-add-glibcxx_use_cxx11_abi.patch +- added mozilla-no-stdcxx-check.patch + +------------------------------------------------------------------- Old: ---- l10n-2.35.tar.bz2 mozilla-add-glibcxx_use_cxx11_abi.patch seamonkey-2.35-source.tar.bz2 New: ---- l10n-2.38.tar.bz2 mozilla-no-stdcxx-check.patch seamonkey-2.38-source.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ seamonkey.spec ++++++ --- /var/tmp/diff_new_pack.AJDfs9/_old 2015-10-03 20:30:36.000000000 +0200 +++ /var/tmp/diff_new_pack.AJDfs9/_new 2015-10-03 20:30:36.000000000 +0200 @@ -60,9 +60,9 @@ %endif Provides: web_browser Provides: browser(npapi) -Version: 2.35 +Version: 2.38 Release: 0 -%define releasedate 2015082600 +%define releasedate 2015092600 Summary: The successor of the Mozilla Application Suite License: MPL-2.0 Group: Productivity/Networking/Web/Browsers @@ -83,7 +83,7 @@ Patch3: mozilla-language.patch Patch4: mozilla-ntlm-full-path.patch Patch5: mozilla-ua-locale.patch -Patch6: mozilla-add-glibcxx_use_cxx11_abi.patch +Patch6: mozilla-no-stdcxx-check.patch Patch7: mozilla-icu-strncat.patch Patch8: mozilla-openaes-decl.patch Patch100: seamonkey-ua-locale.patch @@ -238,7 +238,7 @@ %endif ac_add_options --disable-tests ac_add_options --enable-release -ac_add_options --enable-stdcxx-compat +#ac_add_options --enable-stdcxx-compat %ifarch %ix86 %arm %if 0%{?suse_version} > 1230 ac_add_options --disable-optimize ++++++ compare-locales.tar.bz2 ++++++ ++++++ create-tar.sh ++++++ --- /var/tmp/diff_new_pack.AJDfs9/_old 2015-10-03 20:30:36.000000000 +0200 +++ /var/tmp/diff_new_pack.AJDfs9/_new 2015-10-03 20:30:36.000000000 +0200 @@ -1,9 +1,9 @@ #!/bin/bash -CHANNEL="esr38" +CHANNEL="release" BRANCH="releases/comm-$CHANNEL" -RELEASE_TAG="SEAMONKEY_2_35_RELEASE" -VERSION="2.35" +RELEASE_TAG="SEAMONKEY_2_38_RELEASE" +VERSION="2.38" echo "cloning $BRANCH..." hg clone http://hg.mozilla.org/$BRANCH seamonkey ++++++ l10n-2.35.tar.bz2 -> l10n-2.38.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/seamonkey/l10n-2.35.tar.bz2 /work/SRC/openSUSE:Factory/.seamonkey.new/l10n-2.38.tar.bz2 differ: char 11, line 1 ++++++ mozilla-icu-strncat.patch ++++++ --- /var/tmp/diff_new_pack.AJDfs9/_old 2015-10-03 20:30:36.000000000 +0200 +++ /var/tmp/diff_new_pack.AJDfs9/_new 2015-10-03 20:30:36.000000000 +0200 @@ -1,6 +1,7 @@ # HG changeset patch # Parent 29be2a4daa0f512d22bde85b97b5460839026571 # User Wolfgang Rosenauer <w...@rosenauer.org> +# Parent a7d16f0faf5d4881dbea524340f881d5850710e4 From: Jan Engelhardt <jeng...@inai.de> Reference: http://bugs.icu-project.org/trac/ticket/7808 ++++++ mozilla-language.patch ++++++ --- /var/tmp/diff_new_pack.AJDfs9/_old 2015-10-03 20:30:36.000000000 +0200 +++ /var/tmp/diff_new_pack.AJDfs9/_new 2015-10-03 20:30:36.000000000 +0200 @@ -1,6 +1,7 @@ # HG changeset patch # User Wolfgang Rosenauer <w...@rosenauer.org> # Parent 5a29924228527f8882c83cf62d470963ea1ce62e +# Parent 228ea0669fa8cc78532b71d7bdc4bad5477f246e Bug 583793 - Firefox interface language set to LANG, ignores LANGUAGE diff --git a/intl/locale/nsLocaleService.cpp b/intl/locale/nsLocaleService.cpp @@ -24,7 +25,7 @@ for( i = 0; i < LocaleListLength; i++ ) { nsresult result; -@@ -150,16 +151,21 @@ nsLocaleService::nsLocaleService(void) +@@ -158,16 +159,21 @@ nsLocaleService::nsLocaleService(void) } else { CopyASCIItoUTF16(lang, platformLocale); result = nsPosixLocale::GetXPLocale(lang, xpLocale); ++++++ mozilla-no-stdcxx-check.patch ++++++ # HG changeset patch # User Wolfgang Rosenauer <w...@rosenauer.org> # Parent af8fd72bd18717e6fc46340f467c7fa4f6d8c2ab diff --git a/config/config.mk b/config/config.mk --- a/config/config.mk +++ b/config/config.mk @@ -626,34 +626,33 @@ EXPAND_LD = $(EXPAND_LIBS_EXEC) --uselis EXPAND_MKSHLIB_ARGS = --uselist ifdef SYMBOL_ORDER EXPAND_MKSHLIB_ARGS += --symbol-order $(SYMBOL_ORDER) endif EXPAND_MKSHLIB = $(EXPAND_LIBS_EXEC) $(EXPAND_MKSHLIB_ARGS) -- $(MKSHLIB) ifneq (,$(MOZ_LIBSTDCXX_TARGET_VERSION)$(MOZ_LIBSTDCXX_HOST_VERSION)) ifneq ($(OS_ARCH),Darwin) -CHECK_STDCXX = @$(TOOLCHAIN_PREFIX)objdump -p $(1) | grep -e 'GLIBCXX_3\.4\.\(1[1-9]\|[2-9][0-9]\)' > /dev/null && echo 'TEST-UNEXPECTED-FAIL | check_stdcxx | We do not want these libstdc++ symbols to be used:' && $(TOOLCHAIN_PREFIX)objdump -T $(1) | grep -e 'GLIBCXX_3\.4\.\(1[1-9]\|[2-9][0-9]\)' && exit 1 || true +#CHECK_STDCXX = @$(TOOLCHAIN_PREFIX)objdump -p $(1) | grep -e 'GLIBCXX_3\.4\.\(1[1-9]\|[2-9][0-9]\)' > /dev/null && echo 'TEST-UNEXPECTED-FAIL | check_stdcxx | We do not want these libstdc++ symbols to be used:' && $(TOOLCHAIN_PREFIX)objdump -T $(1) | grep -e 'GLIBCXX_3\.4\.\(1[1-9]\|[2-9][0-9]\)' && exit 1 || true endif endif ifeq (,$(filter $(OS_TARGET),WINNT Darwin)) CHECK_TEXTREL = @$(TOOLCHAIN_PREFIX)readelf -d $(1) | grep TEXTREL > /dev/null && echo 'TEST-UNEXPECTED-FAIL | check_textrel | We do not want text relocations in libraries and programs' || true endif ifeq ($(MOZ_WIDGET_TOOLKIT),android) # While this is very unlikely (libc being added by the compiler at the end # of the linker command line), if libmozglue.so ends up after libc.so, all # hell breaks loose, so better safe than sorry, and check it's actually the # case. CHECK_MOZGLUE_ORDER = @$(TOOLCHAIN_PREFIX)readelf -d $(1) | grep NEEDED | awk '{ libs[$$NF] = ++n } END { if (libs["[libmozglue.so]"] && libs["[libc.so]"] < libs["[libmozglue.so]"]) { print "libmozglue.so must be linked before libc.so"; exit 1 } }' endif define CHECK_BINARY -$(call CHECK_STDCXX,$(1)) $(call CHECK_TEXTREL,$(1)) $(call LOCAL_CHECKS,$(1)) $(call CHECK_MOZGLUE_ORDER,$(1)) endef # autoconf.mk sets OBJ_SUFFIX to an error to avoid use before including # this file OBJ_SUFFIX := $(_OBJ_SUFFIX) ++++++ mozilla-ntlm-full-path.patch ++++++ --- /var/tmp/diff_new_pack.AJDfs9/_old 2015-10-03 20:30:36.000000000 +0200 +++ /var/tmp/diff_new_pack.AJDfs9/_new 2015-10-03 20:30:36.000000000 +0200 @@ -1,12 +1,13 @@ # HG changeset patch # User Petr Cerny <pce...@novell.com> # Parent 7308e4a7c1f769f4bbbc90870b849cadd99495a6 +# Parent 03565086f1e230cf6f0f6c01bf9a792c732de50b Bug 634334 - call to the ntlm_auth helper fails diff --git a/extensions/auth/nsAuthSambaNTLM.cpp b/extensions/auth/nsAuthSambaNTLM.cpp --- a/extensions/auth/nsAuthSambaNTLM.cpp +++ b/extensions/auth/nsAuthSambaNTLM.cpp -@@ -168,17 +168,17 @@ static uint8_t* ExtractMessage(const nsA +@@ -169,17 +169,17 @@ static uint8_t* ExtractMessage(const nsA nsresult nsAuthSambaNTLM::SpawnNTLMAuthHelper() { ++++++ mozilla-openaes-decl.patch ++++++ --- /var/tmp/diff_new_pack.AJDfs9/_old 2015-10-03 20:30:36.000000000 +0200 +++ /var/tmp/diff_new_pack.AJDfs9/_new 2015-10-03 20:30:36.000000000 +0200 @@ -1,7 +1,7 @@ # HG changeset patch # Parent 33024abb3c58dab7239e32388df58e14f99defd5 # User Wolfgang Rosenauer <w...@rosenauer.org> -# Parent 12305a99d90ce098f8f11f5609571cd709b6e2de +# Parent 17196b2f3cd2bcba6a5b54f4496b5762a593c5b3 diff --git a/media/gmp-clearkey/0.1/openaes/oaes_lib.c b/media/gmp-clearkey/0.1/openaes/oaes_lib.c --- a/media/gmp-clearkey/0.1/openaes/oaes_lib.c @@ -20,7 +20,7 @@ #include <time.h> #include <string.h> + #include "mozilla/Snprintf.h" + #ifdef WIN32 #include <process.h> - #endif - ++++++ mozilla-shared-nss-db.patch ++++++ --- /var/tmp/diff_new_pack.AJDfs9/_old 2015-10-03 20:30:36.000000000 +0200 +++ /var/tmp/diff_new_pack.AJDfs9/_new 2015-10-03 20:30:36.000000000 +0200 @@ -7,7 +7,7 @@ diff --git a/configure.in b/configure.in --- a/configure.in +++ b/configure.in -@@ -8207,16 +8207,31 @@ if test "$MOZ_ENABLE_SKIA"; then +@@ -8296,16 +8296,31 @@ if test "$MOZ_ENABLE_SKIA"; then MOZ_ENABLE_SKIA_GPU=1 AC_DEFINE(USE_SKIA_GPU) AC_SUBST(MOZ_ENABLE_SKIA_GPU) @@ -39,32 +39,32 @@ if test "$MOZ_XUL"; then AC_DEFINE(MOZ_XUL) else -diff --git a/security/manager/ssl/src/moz.build b/security/manager/ssl/src/moz.build ---- a/security/manager/ssl/src/moz.build -+++ b/security/manager/ssl/src/moz.build -@@ -77,16 +77,19 @@ SOURCES += [ - 'nsNSSVersion.cpp', - 'PSMContentListener.cpp', - ] +diff --git a/security/manager/ssl/moz.build b/security/manager/ssl/moz.build +--- a/security/manager/ssl/moz.build ++++ b/security/manager/ssl/moz.build +@@ -156,16 +156,19 @@ FAIL_ON_WARNINGS = True + FINAL_LIBRARY = 'xul' LOCAL_INCLUDES += [ - '/security/manager/boot/src', + '/dom/base', + '/security/certverifier', + '/security/pkix/include', ] +CXXFLAGS += sorted(CONFIG['NSSHELPER_CFLAGS']) +OS_LIBS += sorted(CONFIG['NSSHELPER_LIBS']) + - if not CONFIG['MOZ_NO_SMART_CARDS']: - UNIFIED_SOURCES += [ - 'nsSmartCardMonitor.cpp', - ] + GENERATED_INCLUDES += [ + '/dist/public/nss', + ] - if CONFIG['MOZ_XUL']: - UNIFIED_SOURCES += [ - 'nsCertTree.cpp', -diff --git a/security/manager/ssl/src/nsNSSComponent.cpp b/security/manager/ssl/src/nsNSSComponent.cpp ---- a/security/manager/ssl/src/nsNSSComponent.cpp -+++ b/security/manager/ssl/src/nsNSSComponent.cpp + if CONFIG['NSS_DISABLE_DBM']: + DEFINES['NSS_DISABLE_DBM'] = '1' + + DEFINES['SSL_DISABLE_DEPRECATED_CIPHER_SUITE_NAMES'] = 'True' +diff --git a/security/manager/ssl/nsNSSComponent.cpp b/security/manager/ssl/nsNSSComponent.cpp +--- a/security/manager/ssl/nsNSSComponent.cpp ++++ b/security/manager/ssl/nsNSSComponent.cpp @@ -1,14 +1,21 @@ /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- * @@ -87,16 +87,15 @@ #include "nsAppDirectoryServiceDefs.h" #include "nsCertVerificationThread.h" #include "nsAppDirectoryServiceDefs.h" -@@ -996,17 +1003,31 @@ nsNSSComponent::InitializeNSS() - if (NS_FAILED(rv)) { - nsPSMInitPanic::SetPanic(); +@@ -1015,17 +1022,31 @@ nsNSSComponent::InitializeNSS() return NS_ERROR_NOT_AVAILABLE; } SECStatus init_rv = SECFailure; - if (!profileStr.IsEmpty()) { + bool nocertdb = Preferences::GetBool("security.nocertdb", false); + + if (!nocertdb && !profileStr.IsEmpty()) { // First try to initialize the NSS DB in read/write mode. -- SECStatus init_rv = ::mozilla::psm::InitializeNSS(profileStr.get(), false); +#ifdef MOZ_ENABLE_NSSHELPER + if (PR_GetEnv("MOZ_SM_NO_NSSHELPER")) { + init_rv = ::mozilla::psm::InitializeNSS(profileStr.get(), false); @@ -105,25 +104,25 @@ + init_rv = ::nsshelp_open_db ("Seamonkey", profileStr.get(), flags); + + if (init_rv != SECSuccess) { -+ PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("can not init NSS using nsshelp_open_db in %s\n", profileStr.get())); ++ MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("can not init NSS using nsshelp_open_db in %s\n", profileStr.get())); + init_rv = ::mozilla::psm::InitializeNSS(profileStr.get(), false); + } + } +#else -+ init_rv = ::mozilla::psm::InitializeNSS(profileStr.get(), false); + init_rv = ::mozilla::psm::InitializeNSS(profileStr.get(), false); +#endif // If that fails, attempt read-only mode. if (init_rv != SECSuccess) { - PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("could not init NSS r/w in %s\n", profileStr.get())); + MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("could not init NSS r/w in %s\n", profileStr.get())); init_rv = ::mozilla::psm::InitializeNSS(profileStr.get(), true); } if (init_rv != SECSuccess) { - PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("could not init in r/o either\n")); + MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("could not init in r/o either\n")); } diff --git a/toolkit/library/moz.build b/toolkit/library/moz.build --- a/toolkit/library/moz.build +++ b/toolkit/library/moz.build -@@ -208,16 +208,18 @@ if CONFIG['MOZ_B2G_CAMERA']: +@@ -203,16 +203,18 @@ if CONFIG['MOZ_B2G_CAMERA'] and CONFIG[' 'stagefright_omx', ] ++++++ seamonkey-2.35-source.tar.bz2 -> seamonkey-2.38-source.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/seamonkey/seamonkey-2.35-source.tar.bz2 /work/SRC/openSUSE:Factory/.seamonkey.new/seamonkey-2.38-source.tar.bz2 differ: char 11, line 1