pool/MozillaFirefox
SHA256
4
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaFirefox?expand=0&rev=28

Browse Source
This commit is contained in:
OBS User unknown 2007-11-29 17:25:24 +00:00 committed by Git OBS Bridge
parent 2d0d365ef8
commit 013a07b54c
12 changed files with 1758 additions and 1609 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
MozillaFirefox.changes
View File

@ -1,3 +1,15 @@
-------------------------------------------------------------------
Tue Nov 27 18:25:25 CET 2007 - maw@suse.de
- Security update to version 2.0.0.10 (#341905, #341591):
+ MFSA 2007-39 Referer-spoofing via window.location race condition
+ MFSA 2007-38 Memory corruption vulnerabilities (rv:1.8.1.10)
+ MFSA 2007-37 jar: URI scheme XSS hazard
+ Fixes for regressions introduced in 2.0.0.8
+ Updated dbus.patch, startup.patch, misc.dif, and configure.patch
- Add mozilla-gcc4.3-fixes.patch
- Add mozilla-canvas-1.8.1.10.patch (#341591#c10).
-------------------------------------------------------------------
Mon Nov 26 18:27:25 CET 2007 - maw@suse.de

21
MozillaFirefox.spec
View File

@ -1,5 +1,5 @@
#
# spec file for package MozillaFirefox (Version 2.0.0.8)
# spec file for package MozillaFirefox (Version 2.0.0.10)
#
# Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany.
# This file and all modifications and additions to the pristine
@ -28,8 +28,8 @@ Obsoletes: MozillaFirebird <= 1.0.7
%if %sles_version == 10
Obsoletes: mozilla
%endif
Version: 2.0.0.8
Release: 22
Version: 2.0.0.10
Release: 1
Summary: Mozilla Firefox Web Browser
Url: http://www.mozilla.org/
Group: Productivity/Networking/Web/Browsers
@ -59,6 +59,7 @@ Source18: firefox.schemas
Patch1: visibility.patch
Patch2: rpath.patch
Patch3: gcc-undefined-ops.patch
Patch4: mozilla-gcc4.3-fixes.patch
Patch5: abuild.patch
# NSPR bmo #270502
Patch6: nspr-prdtoa.patch
@ -91,9 +92,9 @@ Patch33: proxy-dev.patch
# integration
Patch34: skin-selection.patch
Patch36: greasemonkey.patch
Patch37: mozilla-canvas-1.8.1.10.patch
Patch38: tango-maxversion.patch
Patch39: x11-session.patch
Patch40: firefox-gcc4.3-fixes.patch
# gconf.patch dbus.patch startup.patch
Patch100: configure.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@ -188,6 +189,7 @@ cd $RPM_BUILD_DIR/mozilla
%patch1
%patch2
%patch3
%patch4
%patch5
%patch6
%patch7
@ -216,11 +218,11 @@ cd $RPM_BUILD_DIR/mozilla
%patch33
%patch34
%patch36
%patch37
pushd $RPM_BUILD_DIR
%patch38
popd
%patch39 -p1
%patch40 -p1
%patch100
%if %has_system_nss
#%patch101
@ -557,6 +559,15 @@ exit 0
%endif
%changelog
* Tue Nov 27 2007 - maw@suse.de
- Security update to version 2.0.0.10 (#341905, #341591):
+ MFSA 2007-39 Referer-spoofing via window.location race condition
+ MFSA 2007-38 Memory corruption vulnerabilities (rv:1.8.1.10)
+ MFSA 2007-37 jar: URI scheme XSS hazard
+ Fixes for regressions introduced in 2.0.0.8
+ Updated dbus.patch, startup.patch, misc.dif, and configure.patch
- Add mozilla-gcc4.3-fixes.patch
- Add mozilla-canvas-1.8.1.10.patch (#341591#c10).
* Mon Nov 26 2007 - maw@suse.de
- Build with -ftree-vrp -fwrapv, per advice in #342603#c17.
* Tue Nov 13 2007 - maw@suse.de

3020
configure.patch
View File

File diff suppressed because it is too large Load Diff

27
dbus.patch
View File

@ -77,7 +77,7 @@ Index: configure.in
MOZ_EXTENSIONS=`echo $MOZ_EXTENSIONS | sed -e 's|venkman||'`
--- extensions/dbus/Makefile.in
+++ extensions/dbus/Makefile.in
@@ -0,0 +1,68 @@
@@ -0,0 +1,70 @@
+# ###### BEGIN LICENSE BLOCK ######
+# Version: NPL 1.1/GPL 2.0/LGPL 2.1
+#
@ -134,9 +134,11 @@ Index: configure.in
+ embedcomponents \
+ $(NULL)
+
+EXTRA_DSO_LDOPTS = $(MOZ_DBUS_GLIB_LIBS) \
+ $(MOZ_GTHREAD_LIBS) \
+ $(MOZ_COMPONENT_LIBS)
+EXTRA_DSO_LDOPTS = $(XPCOM_GLUE_LDOPTS) \
+ $(NSPR_LIBS) \
+ $(MOZ_DBUS_GLIB_LIBS) \
+ $(MOZ_GTHREAD_LIBS) \
+ $(NULL)
+
+CPPSRCS = \
+ nsDBusModule.cpp \
@ -563,3 +565,20 @@ Index: configure.in
+};
+
+NS_IMPL_NSGETMODULE(nsDBusModule, components)
Index: config/system-headers
===================================================================
RCS file: /cvsroot/mozilla/config/system-headers,v
retrieving revision 3.4.4.3
diff -u -r3.4.4.3 system-headers
--- config/system-headers 18 Dec 2006 23:48:58 -0000 3.4.4.3
+++ config/system-headers 13 Nov 2007 23:04:10 -0000
@@ -141,6 +141,9 @@
curses.h
cxxabi.h
DateTimeUtils.h
+dbus/dbus.h
+dbus/dbus-glib.h
+dbus/dbus-glib-lowlevel.h
ddeml.h
Debug.h
dem.h

3
firefox-2.0.0.10-source.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:c68728943863b7c7f7363c9446ec1e087198f67897cca58a3373e761a2f595ca
size 37474489

3
firefox-2.0.0.8-source.tar.bz2
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:1c75b8dc9fcec51a3d5d7a6af9e199cc532813ae93262840ec8402a34e64d785
size 37685739

84
firefox-gcc4.3-fixes.patch
View File

@ -1,84 +0,0 @@
diff --git a/modules/libpr0n/encoders/jpeg/nsJPEGEncoder.h b/modules/libpr0n/encoders/jpeg/nsJPEGEncoder.h
index 8a63354..655c8da 100644
--- a/modules/libpr0n/encoders/jpeg/nsJPEGEncoder.h
+++ b/modules/libpr0n/encoders/jpeg/nsJPEGEncoder.h
@@ -39,8 +39,10 @@
#include "imgIEncoder.h"
#ifdef MOZILLA_1_8_BRANCH
#define imgIEncoder imgIEncoder_MOZILLA_1_8_BRANCH
+#ifndef NS_DECL_IMGIENCODER
#define NS_DECL_IMGIENCODER NS_DECL_IMGIENCODER_MOZILLA_1_8_BRANCH
#endif
+#endif
// needed for JPEG library
#include <stdio.h>
@@ -69,6 +71,13 @@ public:
nsJPEGEncoder();
+ NS_IMETHOD InitFromData(const PRUint8* aData,
+ PRUint32 aLength, // (unused, req'd by JS)
+ PRUint32 aWidth,
+ PRUint32 aHeight,
+ PRUint32 aStride,
+ PRUint32 aInputFormat,
+ const nsAString& aOutputOptions);
private:
~nsJPEGEncoder();
diff --git a/modules/libpr0n/encoders/png/nsPNGEncoder.h b/modules/libpr0n/encoders/png/nsPNGEncoder.h
index ff85949..83766f1 100644
--- a/modules/libpr0n/encoders/png/nsPNGEncoder.h
+++ b/modules/libpr0n/encoders/png/nsPNGEncoder.h
@@ -38,8 +38,10 @@
#include "imgIEncoder.h"
#ifdef MOZILLA_1_8_BRANCH
#define imgIEncoder imgIEncoder_MOZILLA_1_8_BRANCH
+#ifndef NS_DECL_IMGIENCODER
#define NS_DECL_IMGIENCODER NS_DECL_IMGIENCODER_MOZILLA_1_8_BRANCH
#endif
+#endif
#include <png.h>
@@ -63,6 +65,14 @@ public:
nsPNGEncoder();
+ NS_IMETHOD InitFromData(const PRUint8* aData,
+ PRUint32 aLength, // (unused, req'd by JS)
+ PRUint32 aWidth,
+ PRUint32 aHeight,
+ PRUint32 aStride,
+ PRUint32 aInputFormat,
+ const nsAString& aOutputOptions);
+
private:
~nsPNGEncoder();
diff --git a/modules/libpr0n/public/imgIContainer.idl b/modules/libpr0n/public/imgIContainer.idl
index f975b16..4819158 100644
--- a/modules/libpr0n/public/imgIContainer.idl
+++ b/modules/libpr0n/public/imgIContainer.idl
@@ -38,7 +38,7 @@
* ***** END LICENSE BLOCK ***** */
#include "nsISupports.idl"
-#include "gfxtypes.idl"
+#include <gfxtypes.idl>
#include "gfxIFormats.idl"
interface gfxIImageFrame;
diff --git a/modules/libpr0n/public/imgIEncoder.idl b/modules/libpr0n/public/imgIEncoder.idl
index 120b3bf..562bf42 100755
--- a/modules/libpr0n/public/imgIEncoder.idl
+++ b/modules/libpr0n/public/imgIEncoder.idl
@@ -96,6 +96,6 @@ interface nsIFile;
[scriptable, uuid(CCC5B3AD-3E67-4e3d-97E1-B06B2E96FEF8)]
interface imgIEncoder : nsISupports
{
- void encodeClipboardImage(in nsIClipboardImage aClipboardImage, out nsIFile aImageFile);
+ /* void encodeClipboardImage(in nsIClipboardImage aClipboardImage, out nsIFile aImageFile); */
};

3
l10n-2.0.0.10.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:9d3322932cf719c1f58a1651fb99a4e0b627a51856193f0ddf35434b4df8dc84
size 12358182

3
l10n-2.0.0.8.tar.bz2
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:a09d1e74961a06afe93d34c59f239060fc2b96e8c4d704b7a774084244204b1d
size 10104949

26
mozilla-canvas-1.8.1.10.patch Normal file
View File

@ -0,0 +1,26 @@
Index: content/canvas/src/nsCanvasRenderingContext2D.cpp
===================================================================
RCS file: /cvsroot/mozilla/content/canvas/src/nsCanvasRenderingContext2D.cpp,v
retrieving revision 1.102
diff -u -8 -p -r1.102 nsCanvasRenderingContext2D.cpp
--- content/canvas/src/nsCanvasRenderingContext2D.cpp 10 Oct 2007 20:31:45 -0000 1.102
+++ content/canvas/src/nsCanvasRenderingContext2D.cpp 11 Oct 2007 23:31:32 -0000
@@ -2140,17 +2140,17 @@ nsCanvasRenderingContext2D::CairoSurface
getter_AddRefs(imgRequest));
NS_ENSURE_SUCCESS(rv, rv);
if (!imgRequest)
// XXX ERRMSG we need to report an error to developers here! (bug 329026)
return NS_ERROR_NOT_AVAILABLE;
PRUint32 status;
imgRequest->GetImageStatus(&status);
- if (status != imgIRequest::STATUS_LOAD_COMPLETE)
+ if ((status & imgIRequest::STATUS_LOAD_COMPLETE) == 0)
return NS_ERROR_NOT_AVAILABLE;
nsCOMPtr<nsIURI> uri;
rv = imageLoader->GetCurrentURI(uriOut);
NS_ENSURE_SUCCESS(rv, rv);
*forceWriteOnlyOut = PR_FALSE;

146
mozilla-gcc4.3-fixes.patch Normal file
View File

@ -0,0 +1,146 @@
References:
https://bugzilla.mozilla.org/show_bug.cgi?id=403675
https://bugzilla.mozilla.org/show_bug.cgi?id=386362
Index: modules/libpr0n/encoders/png/nsPNGEncoder.h
===================================================================
RCS file: /cvsroot/mozilla/modules/libpr0n/encoders/png/nsPNGEncoder.h,v
retrieving revision 1.1.18.1
diff -u -p -6 -r1.1.18.1 nsPNGEncoder.h
--- modules/libpr0n/encoders/png/nsPNGEncoder.h 20 May 2006 17:20:49 -0000 1.1.18.1
+++ modules/libpr0n/encoders/png/nsPNGEncoder.h 13 Nov 2007 22:07:36 -0000
@@ -35,14 +35,16 @@
*
* ***** END LICENSE BLOCK ***** */
#include "imgIEncoder.h"
#ifdef MOZILLA_1_8_BRANCH
#define imgIEncoder imgIEncoder_MOZILLA_1_8_BRANCH
+#ifndef NS_DECL_IMGIENCODER
#define NS_DECL_IMGIENCODER NS_DECL_IMGIENCODER_MOZILLA_1_8_BRANCH
#endif
+#endif
#include <png.h>
#define NS_PNGENCODER_CID \
{ /* 38d1592e-b81e-432b-86f8-471878bbfe07 */ \
0x38d1592e, \
@@ -60,12 +62,20 @@ public:
NS_DECL_ISUPPORTS
NS_DECL_IMGIENCODER
NS_DECL_NSIINPUTSTREAM
nsPNGEncoder();
+ NS_IMETHOD InitFromData(const PRUint8* aData,
+ PRUint32 aLength, // (unused, req'd by JS)
+ PRUint32 aWidth,
+ PRUint32 aHeight,
+ PRUint32 aStride,
+ PRUint32 aInputFormat,
+ const nsAString& aOutputOptions);
+
private:
~nsPNGEncoder();
protected:
void ConvertHostARGBRow(const PRUint8* aSrc, PRUint8* aDest,
PRUint32 aPixelWidth, PRBool aUseTransparency);
Index: modules/libpr0n/encoders/jpeg/nsJPEGEncoder.h
===================================================================
RCS file: /cvsroot/mozilla/modules/libpr0n/encoders/jpeg/nsJPEGEncoder.h,v
retrieving revision 1.1.14.1
diff -u -p -6 -r1.1.14.1 nsJPEGEncoder.h
--- modules/libpr0n/encoders/jpeg/nsJPEGEncoder.h 20 May 2006 17:20:48 -0000 1.1.14.1
+++ modules/libpr0n/encoders/jpeg/nsJPEGEncoder.h 13 Nov 2007 22:07:57 -0000
@@ -36,14 +36,16 @@
*
* ***** END LICENSE BLOCK ***** */
#include "imgIEncoder.h"
#ifdef MOZILLA_1_8_BRANCH
#define imgIEncoder imgIEncoder_MOZILLA_1_8_BRANCH
+#ifndef NS_DECL_IMGIENCODER
#define NS_DECL_IMGIENCODER NS_DECL_IMGIENCODER_MOZILLA_1_8_BRANCH
#endif
+#endif
// needed for JPEG library
#include <stdio.h>
extern "C" {
#include "jpeglib.h"
@@ -66,12 +68,20 @@ public:
NS_DECL_ISUPPORTS
NS_DECL_IMGIENCODER
NS_DECL_NSIINPUTSTREAM
nsJPEGEncoder();
+ NS_IMETHOD InitFromData(const PRUint8* aData,
+ PRUint32 aLength, // (unused, req'd by JS)
+ PRUint32 aWidth,
+ PRUint32 aHeight,
+ PRUint32 aStride,
+ PRUint32 aInputFormat,
+ const nsAString& aOutputOptions);
+
private:
~nsJPEGEncoder();
protected:
void ConvertHostARGBRow(const PRUint8* aSrc, PRUint8* aDest,
Index: modules/libpr0n/public/imgIEncoder.idl
===================================================================
RCS file: /cvsroot/mozilla/modules/libpr0n/public/imgIEncoder.idl,v
retrieving revision 1.1.10.3
diff -u -p -r1.1.10.3 imgIEncoder.idl
--- modules/libpr0n/public/imgIEncoder.idl 20 May 2006 17:20:49 -0000 1.1.10.3
+++ modules/libpr0n/public/imgIEncoder.idl 14 Nov 2007 10:41:40 -0000
@@ -96,6 +96,6 @@ interface nsIFile;
[scriptable, uuid(CCC5B3AD-3E67-4e3d-97E1-B06B2E96FEF8)]
interface imgIEncoder : nsISupports
{
- void encodeClipboardImage(in nsIClipboardImage aClipboardImage, out nsIFile aImageFile);
+ /* void encodeClipboardImage(in nsIClipboardImage aClipboardImage, out nsIFile aImageFile); */
};
Index: xpcom/obsolete/component/nsFileSpecImpl.h
===================================================================
RCS file: /cvsroot/mozilla/xpcom/obsolete/component/nsFileSpecImpl.h,v
retrieving revision 1.3
diff -u -p -6 -r1.3 nsFileSpecImpl.h
--- xpcom/obsolete/component/nsFileSpecImpl.h 18 Apr 2004 14:18:15 -0000 1.3
+++ xpcom/obsolete/component/nsFileSpecImpl.h 14 Nov 2007 12:11:12 -0000
@@ -40,13 +40,13 @@
#include "nscore.h"
#include "nsIFileSpec.h"
#include "nsFileSpec.h"
//========================================================================================
-class nsFileSpecImpl
+class NS_COM nsFileSpecImpl
//========================================================================================
: public nsIFileSpec
{
public:
@@ -78,13 +78,13 @@ class nsFileSpecImpl
private:
~nsFileSpecImpl();
}; // class nsFileSpecImpl
//========================================================================================
-class nsDirectoryIteratorImpl
+class NS_COM nsDirectoryIteratorImpl
//========================================================================================
: public nsIDirectoryIterator
{
public:

19
startup.patch
View File

@ -1193,3 +1193,22 @@ diff -u -p -6 -r1.113.2.23 nsAppRunner.cpp
+
return NS_FAILED(rv) ? 1 : 0;
}
Index: config/system-headers
===================================================================
RCS file: /cvsroot/mozilla/config/system-headers,v
retrieving revision 3.4.4.3
diff -u -r3.4.4.3 system-headers
--- config/system-headers 18 Dec 2006 23:48:58 -0000 3.4.4.3
+++ config/system-headers 14 Nov 2007 09:20:50 -0000
@@ -931,3 +934,11 @@
#if MOZ_NATIVE_ZLIB==1
zlib.h
#endif
+#ifdef MOZ_ENABLE_STARTUP_NOTIFICATION
+libsn/sn.h
+libsn/sn-common.h
+libsn/sn-launchee.h
+libsn/sn-launcher.h
+libsn/sn-monitor.h
+libsn/sn-util.h
+#endif