Hello community,
here is the log from the commit of package seamonkey for openSUSE:Factory
checked in at 2016-02-01 19:55:48
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/seamonkey (Old)
and /work/SRC/openSUSE:Factory/.seamonkey.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "seamonkey"
Changes:
--------
--- /work/SRC/openSUSE:Factory/seamonkey/seamonkey.changes 2015-11-08
14:36:25.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.seamonkey.new/seamonkey.changes 2016-02-01
19:56:00.000000000 +0100
@@ -1,0 +2,48 @@
+Tue Jan 19 16:15:28 UTC 2016 - w...@rosenauer.org
+
+- update to Seamonkey 2.40 (bnc#959277)
+ * requires NSS 3.20.2 to fix
+ MFSA 2015-150/CVE-2015-7575 (bmo#1158489)
+ MD5 signatures accepted within TLS 1.2 ServerKeyExchange in
+ server signature
+ * MFSA 2015-134/CVE-2015-7201/CVE-2015-7202
+ Miscellaneous memory safety hazards
+ * MFSA 2015-135/CVE-2015-7204 (bmo#1216130)
+ Crash with JavaScript variable assignment with unboxed objects
+ * MFSA 2015-136/CVE-2015-7207 (bmo#1185256)
+ Same-origin policy violation using perfomance.getEntries and
+ history navigation
+ * MFSA 2015-137/CVE-2015-7208 (bmo#1191423)
+ Firefox allows for control characters to be set in cookies
+ * MFSA 2015-138/CVE-2015-7210 (bmo#1218326)
+ Use-after-free in WebRTC when datachannel is used after being
+ destroyed
+ * MFSA 2015-139/CVE-2015-7212 (bmo#1222809)
+ Integer overflow allocating extremely large textures
+ * MFSA 2015-140/CVE-2015-7215 (bmo#1160890)
+ Cross-origin information leak through web workers error events
+ * MFSA 2015-141/CVE-2015-7211 (bmo#1221444)
+ Hash in data URI is incorrectly parsed
+ * MFSA 2015-142/CVE-2015-7218/CVE-2015-7219 (bmo#1194818, bmo#1194820)
+ DOS due to malformed frames in HTTP/2
+ * MFSA 2015-143/CVE-2015-7216/CVE-2015-7217 (bmo#1197059, bmo#1203078)
+ Linux file chooser crashes on malformed images due to flaws in
+ Jasper library
+ * MFSA 2015-144/CVE-2015-7203/CVE-2015-7220/CVE-2015-7221
+ (bmo#1201183, bmo#1178033, bmo#1199400)
+ Buffer overflows found through code inspection
+ * MFSA 2015-145/CVE-2015-7205 (bmo#1220493)
+ Underflow through code inspection
+ * MFSA 2015-146/CVE-2015-7213 (bmo#1206211)
+ Integer overflow in MP4 playback in 64-bit versions
+ * MFSA 2015-147/CVE-2015-7222 (bmo#1216748)
+ Integer underflow and buffer overflow processing MP4 metadata in
+ libstagefright
+ * MFSA 2015-148/CVE-2015-7223 (bmo#1226423)
+ Privilege escalation vulnerabilities in WebExtension APIs
+ * MFSA 2015-149/CVE-2015-7214 (bmo#1228950)
+ Cross-site reading attack through data and view-source URIs
+- rebased patches
+- buildrequire xcomposite now explicitely
+
+-------------------------------------------------------------------
Old:
----
l10n-2.39.tar.bz2
seamonkey-2.39-source.tar.bz2
New:
----
l10n-2.40.tar.bz2
seamonkey-2.40-source.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ seamonkey.spec ++++++
--- /var/tmp/diff_new_pack.prQ4Dw/_old 2016-02-01 19:56:11.000000000 +0100
+++ /var/tmp/diff_new_pack.prQ4Dw/_new 2016-02-01 19:56:11.000000000 +0100
@@ -1,8 +1,8 @@
#
# spec file for package seamonkey
#
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
-# 2006-2015 Wolfgang Rosenauer
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
+# 2006-2016 Wolfgang Rosenauer
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -49,6 +49,7 @@
BuildRequires: pkgconfig(gstreamer-app-%gstreamer_ver)
BuildRequires: pkgconfig(gstreamer-plugins-base-%gstreamer_ver)
BuildRequires: pkgconfig(libpulse)
+BuildRequires: pkgconfig(xcomposite)
%if 0%{?gstreamer} == 1
Requires: libgstreamer-1_0-0
Recommends: gstreamer-fluendo-mp3
@@ -60,9 +61,9 @@
%endif
Provides: web_browser
Provides: browser(npapi)
-Version: 2.39
+Version: 2.40
Release: 0
-%define releasedate 2015110400
+%define releasedate 2016011800
Summary: The successor of the Mozilla Application Suite
License: MPL-2.0
Group: Productivity/Networking/Web/Browsers
@@ -114,7 +115,7 @@
# so using %opensuse_bs is secure for now
BuildRequires: mozilla-nspr-devel >= 4.10.10
PreReq: mozilla-nspr >= %(rpm -q --queryformat '%{VERSION}'
mozilla-nspr)
-BuildRequires: mozilla-nss-devel >= 3.19.4
+BuildRequires: mozilla-nss-devel >= 3.20.2
PreReq: mozilla-nss >= %(rpm -q --queryformat '%{VERSION}' mozilla-nss)
%description
++++++ compare-locales.tar.bz2 ++++++
++++++ create-tar.sh ++++++
--- /var/tmp/diff_new_pack.prQ4Dw/_old 2016-02-01 19:56:11.000000000 +0100
+++ /var/tmp/diff_new_pack.prQ4Dw/_new 2016-02-01 19:56:11.000000000 +0100
@@ -2,16 +2,16 @@
CHANNEL="release"
BRANCH="releases/comm-$CHANNEL"
-RELEASE_TAG="SEAMONKEY_2_39_RELEASE"
-VERSION="2.39"
+RELEASE_TAG="SEAMONKEY_2_40_RELEASE"
+VERSION="2.40"
echo "cloning $BRANCH..."
hg clone http://hg.mozilla.org/$BRANCH seamonkey
pushd seamonkey
hg update -r $RELEASE_TAG
echo "running client.py..."
-#[ "$RELEASE_TAG" == "default" ] || \
-# _extra="--comm-rev=$RELEASE_TAG --mozilla-rev=$RELEASE_TAG
--inspector-rev=$RELEASE_TAG --venkman-rev=$RELEASE_TAG
--chatzilla-rev=$RELEASE_TAG"
+[ "$RELEASE_TAG" == "default" ] || \
+ _extra="--comm-rev=$RELEASE_TAG --mozilla-rev=$RELEASE_TAG
--inspector-rev=$RELEASE_TAG --venkman-rev=$RELEASE_TAG
--chatzilla-rev=$RELEASE_TAG"
python client.py checkout $_extra
--mozilla-repo=http://hg.mozilla.org/releases/mozilla-$CHANNEL
popd
echo "creating archive..."
++++++ l10n-2.39.tar.bz2 -> l10n-2.40.tar.bz2 ++++++
/work/SRC/openSUSE:Factory/seamonkey/l10n-2.39.tar.bz2
/work/SRC/openSUSE:Factory/.seamonkey.new/l10n-2.40.tar.bz2 differ: char 11,
line 1
++++++ seamonkey-2.39-source.tar.bz2 -> seamonkey-2.40-source.tar.bz2 ++++++
/work/SRC/openSUSE:Factory/seamonkey/seamonkey-2.39-source.tar.bz2
/work/SRC/openSUSE:Factory/.seamonkey.new/seamonkey-2.40-source.tar.bz2 differ:
char 11, line 1
