Hello community, here is the log from the commit of package seamonkey for openSUSE:Factory checked in at 2016-02-01 19:55:48 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/seamonkey (Old) and /work/SRC/openSUSE:Factory/.seamonkey.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "seamonkey" Changes: -------- --- /work/SRC/openSUSE:Factory/seamonkey/seamonkey.changes 2015-11-08 14:36:25.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.seamonkey.new/seamonkey.changes 2016-02-01 19:56:00.000000000 +0100 @@ -1,0 +2,48 @@ +Tue Jan 19 16:15:28 UTC 2016 - w...@rosenauer.org + +- update to Seamonkey 2.40 (bnc#959277) + * requires NSS 3.20.2 to fix + MFSA 2015-150/CVE-2015-7575 (bmo#1158489) + MD5 signatures accepted within TLS 1.2 ServerKeyExchange in + server signature + * MFSA 2015-134/CVE-2015-7201/CVE-2015-7202 + Miscellaneous memory safety hazards + * MFSA 2015-135/CVE-2015-7204 (bmo#1216130) + Crash with JavaScript variable assignment with unboxed objects + * MFSA 2015-136/CVE-2015-7207 (bmo#1185256) + Same-origin policy violation using perfomance.getEntries and + history navigation + * MFSA 2015-137/CVE-2015-7208 (bmo#1191423) + Firefox allows for control characters to be set in cookies + * MFSA 2015-138/CVE-2015-7210 (bmo#1218326) + Use-after-free in WebRTC when datachannel is used after being + destroyed + * MFSA 2015-139/CVE-2015-7212 (bmo#1222809) + Integer overflow allocating extremely large textures + * MFSA 2015-140/CVE-2015-7215 (bmo#1160890) + Cross-origin information leak through web workers error events + * MFSA 2015-141/CVE-2015-7211 (bmo#1221444) + Hash in data URI is incorrectly parsed + * MFSA 2015-142/CVE-2015-7218/CVE-2015-7219 (bmo#1194818, bmo#1194820) + DOS due to malformed frames in HTTP/2 + * MFSA 2015-143/CVE-2015-7216/CVE-2015-7217 (bmo#1197059, bmo#1203078) + Linux file chooser crashes on malformed images due to flaws in + Jasper library + * MFSA 2015-144/CVE-2015-7203/CVE-2015-7220/CVE-2015-7221 + (bmo#1201183, bmo#1178033, bmo#1199400) + Buffer overflows found through code inspection + * MFSA 2015-145/CVE-2015-7205 (bmo#1220493) + Underflow through code inspection + * MFSA 2015-146/CVE-2015-7213 (bmo#1206211) + Integer overflow in MP4 playback in 64-bit versions + * MFSA 2015-147/CVE-2015-7222 (bmo#1216748) + Integer underflow and buffer overflow processing MP4 metadata in + libstagefright + * MFSA 2015-148/CVE-2015-7223 (bmo#1226423) + Privilege escalation vulnerabilities in WebExtension APIs + * MFSA 2015-149/CVE-2015-7214 (bmo#1228950) + Cross-site reading attack through data and view-source URIs +- rebased patches +- buildrequire xcomposite now explicitely + +------------------------------------------------------------------- Old: ---- l10n-2.39.tar.bz2 seamonkey-2.39-source.tar.bz2 New: ---- l10n-2.40.tar.bz2 seamonkey-2.40-source.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ seamonkey.spec ++++++ --- /var/tmp/diff_new_pack.prQ4Dw/_old 2016-02-01 19:56:11.000000000 +0100 +++ /var/tmp/diff_new_pack.prQ4Dw/_new 2016-02-01 19:56:11.000000000 +0100 @@ -1,8 +1,8 @@ # # spec file for package seamonkey # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. -# 2006-2015 Wolfgang Rosenauer +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# 2006-2016 Wolfgang Rosenauer # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -49,6 +49,7 @@ BuildRequires: pkgconfig(gstreamer-app-%gstreamer_ver) BuildRequires: pkgconfig(gstreamer-plugins-base-%gstreamer_ver) BuildRequires: pkgconfig(libpulse) +BuildRequires: pkgconfig(xcomposite) %if 0%{?gstreamer} == 1 Requires: libgstreamer-1_0-0 Recommends: gstreamer-fluendo-mp3 @@ -60,9 +61,9 @@ %endif Provides: web_browser Provides: browser(npapi) -Version: 2.39 +Version: 2.40 Release: 0 -%define releasedate 2015110400 +%define releasedate 2016011800 Summary: The successor of the Mozilla Application Suite License: MPL-2.0 Group: Productivity/Networking/Web/Browsers @@ -114,7 +115,7 @@ # so using %opensuse_bs is secure for now BuildRequires: mozilla-nspr-devel >= 4.10.10 PreReq: mozilla-nspr >= %(rpm -q --queryformat '%{VERSION}' mozilla-nspr) -BuildRequires: mozilla-nss-devel >= 3.19.4 +BuildRequires: mozilla-nss-devel >= 3.20.2 PreReq: mozilla-nss >= %(rpm -q --queryformat '%{VERSION}' mozilla-nss) %description ++++++ compare-locales.tar.bz2 ++++++ ++++++ create-tar.sh ++++++ --- /var/tmp/diff_new_pack.prQ4Dw/_old 2016-02-01 19:56:11.000000000 +0100 +++ /var/tmp/diff_new_pack.prQ4Dw/_new 2016-02-01 19:56:11.000000000 +0100 @@ -2,16 +2,16 @@ CHANNEL="release" BRANCH="releases/comm-$CHANNEL" -RELEASE_TAG="SEAMONKEY_2_39_RELEASE" -VERSION="2.39" +RELEASE_TAG="SEAMONKEY_2_40_RELEASE" +VERSION="2.40" echo "cloning $BRANCH..." hg clone http://hg.mozilla.org/$BRANCH seamonkey pushd seamonkey hg update -r $RELEASE_TAG echo "running client.py..." -#[ "$RELEASE_TAG" == "default" ] || \ -# _extra="--comm-rev=$RELEASE_TAG --mozilla-rev=$RELEASE_TAG --inspector-rev=$RELEASE_TAG --venkman-rev=$RELEASE_TAG --chatzilla-rev=$RELEASE_TAG" +[ "$RELEASE_TAG" == "default" ] || \ + _extra="--comm-rev=$RELEASE_TAG --mozilla-rev=$RELEASE_TAG --inspector-rev=$RELEASE_TAG --venkman-rev=$RELEASE_TAG --chatzilla-rev=$RELEASE_TAG" python client.py checkout $_extra --mozilla-repo=http://hg.mozilla.org/releases/mozilla-$CHANNEL popd echo "creating archive..." ++++++ l10n-2.39.tar.bz2 -> l10n-2.40.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/seamonkey/l10n-2.39.tar.bz2 /work/SRC/openSUSE:Factory/.seamonkey.new/l10n-2.40.tar.bz2 differ: char 11, line 1 ++++++ seamonkey-2.39-source.tar.bz2 -> seamonkey-2.40-source.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/seamonkey/seamonkey-2.39-source.tar.bz2 /work/SRC/openSUSE:Factory/.seamonkey.new/seamonkey-2.40-source.tar.bz2 differ: char 11, line 1