1
0
MozillaFirefox/create-tar.sh

92 lines
3.0 KiB
Bash
Raw Normal View History

#!/bin/bash
- update to Firefox 46.0 (boo#977333) * Improved security of the JavaScript Just In Time (JIT) Compiler * WebRTC fixes to improve performance and stability * Added support for document.elementsFromPoint * Added HKDF support for Web Crypto API * requires NSPR 4.12 and NSS 3.22.3 * added patch to fix unchecked return value mozilla-check_return.patch * Gtk3 builds not supported at the moment security fixes: * MFSA 2016-39/CVE-2016-2804/CVE-2016-2806/CVE-2016-2807 Miscellaneous memory safety hazards * MFSA 2016-40/CVE-2016-2809 (bmo#1212939) Privilege escalation through file deletion by Maintenance Service updater (Windows only) * MFSA 2016-41/CVE-2016-2810 (bmo#1229681) Content provider permission bypass allows malicious application to access data (Android only) * MFSA 2016-42/CVE-2016-2811/CVE-2016-2812 (bmo#1252330, bmo#1261776) Use-after-free and buffer overflow in Service Workers * MFSA 2016-43/CVE-2016-2813 (bmo#1197901, bmo#2714650) Disclosure of user actions through JavaScript with motion and orientation sensors (only affects mobile variants) * MFSA 2016-44/CVE-2016-2814 (bmo#1254721) Buffer overflow in libstagefright with CENC offsets * MFSA 2016-45/CVE-2016-2816 (bmo#1223743) CSP not applied to pages sent with multipart/x-mixed-replace * MFSA 2016-46/CVE-2016-2817 (bmo#1227462) Elevation of privilege with chrome.tabs.update API in web extensions * MFSA 2016-47/CVE-2016-2808 (bmo#1246061) OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=500
2016-04-27 09:09:13 +02:00
# TODO
# http://ftp.mozilla.org/pub/firefox/candidates/48.0-candidates/build2/linux-x86_64/en-US/firefox-48.0.json
# "moz_source_stamp": "c1de04f39fa956cfce83f6065b0e709369215ed5"
# http://ftp.mozilla.org/pub/firefox/candidates/48.0-candidates/build2/l10n_changesets.txt
- update to Firefox 46.0 (boo#977333) * Improved security of the JavaScript Just In Time (JIT) Compiler * WebRTC fixes to improve performance and stability * Added support for document.elementsFromPoint * Added HKDF support for Web Crypto API * requires NSPR 4.12 and NSS 3.22.3 * added patch to fix unchecked return value mozilla-check_return.patch * Gtk3 builds not supported at the moment security fixes: * MFSA 2016-39/CVE-2016-2804/CVE-2016-2806/CVE-2016-2807 Miscellaneous memory safety hazards * MFSA 2016-40/CVE-2016-2809 (bmo#1212939) Privilege escalation through file deletion by Maintenance Service updater (Windows only) * MFSA 2016-41/CVE-2016-2810 (bmo#1229681) Content provider permission bypass allows malicious application to access data (Android only) * MFSA 2016-42/CVE-2016-2811/CVE-2016-2812 (bmo#1252330, bmo#1261776) Use-after-free and buffer overflow in Service Workers * MFSA 2016-43/CVE-2016-2813 (bmo#1197901, bmo#2714650) Disclosure of user actions through JavaScript with motion and orientation sensors (only affects mobile variants) * MFSA 2016-44/CVE-2016-2814 (bmo#1254721) Buffer overflow in libstagefright with CENC offsets * MFSA 2016-45/CVE-2016-2816 (bmo#1223743) CSP not applied to pages sent with multipart/x-mixed-replace * MFSA 2016-46/CVE-2016-2817 (bmo#1227462) Elevation of privilege with chrome.tabs.update API in web extensions * MFSA 2016-47/CVE-2016-2808 (bmo#1246061) OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=500
2016-04-27 09:09:13 +02:00
CHANNEL="release"
BRANCH="releases/mozilla-$CHANNEL"
- Mozilla Firefox 67.0 * Firefox 67 will be able to run different Firefox installs side by side https://blog.nightly.mozilla.org/2019/01/14/moving-to-a-profile-per-install-architecture/ * Tabs can now be pinned from the Page Actions menu in the address bar * Users can block known cryptominers and fingerprinters in the Custom settings or their Content Blocking preferences * The Import Data from Another Browser feature is now also available from the File menu * Firefox will now protect you against running older versions which can lead to data corruption and stability issues * Easier access to your list of saved logins from the main menu and login autocomplete * We’ve added a toolbar menu for your Firefox Account to provide more transparency for when you are synced, sharing data across devices and with Firefox. Personalize the appearance of the menu with your own avatar * Enable FIDO U2F API, and permit registrations for Google Accounts * Enabled AV1 support on Linux MFSA 2019-13 * CVE-2019-9815 (bmo#1546544) Disable hyperthreading on content JavaScript threads on macOS * CVE-2019-9816 (bmo#1536768) Type confusion with object groups and UnboxedObjects * CVE-2019-9817 (bmo#1540221) Stealing of cross-domain images using canvas * CVE-2019-9818 (bmo#1542581) (Windows only) Use-after-free in crash generation server * CVE-2019-9819 (bmo#1532553) Compartment mismatch with fetch API * CVE-2019-9820 (bmo#1536405) OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=736
2019-05-22 22:38:29 +02:00
RELEASE_TAG="2a7896ba9aa5d982abe01f859d771d411fda8101"
VERSION="67.0"
VERSION_SUFFIX=""
LOCALE_FILE="firefox-$VERSION/browser/locales/l10n-changesets.json"
# check required tools
test -x /usr/bin/hg || ( echo "hg missing: execute zypper in mercurial"; exit 5 )
test -x /usr/bin/jq || ( echo "jq missing: execute zypper in jq"; exit 5 )
# use parallel compression, if available
compression='-J'
pixz -h > /dev/null 2>&1
if (($? != 127)); then
compression='-Ipixz'
fi
# we might have an upstream archive already and can skip the checkout
if [ -e firefox-$VERSION$VERSION_SUFFIX.source.tar.xz ]; then
echo "skip firefox checkout and use available archive"
# still need to extract the locale information from the archive
echo "extract locale changesets"
tar -xf firefox-$VERSION$VERSION_SUFFIX.source.tar.xz $LOCALE_FILE
else
# mozilla
if [ -d firefox-$VERSION ]; then
pushd firefox-$VERSION
_repourl=$(hg paths)
case "$_repourl" in
*$BRANCH*)
echo "updating previous tree"
hg pull
popd
;;
* )
echo "removing obsolete tree"
popd
rm -rf firefox-$VERSION
;;
esac
fi
if [ ! -d firefox-$VERSION ]; then
echo "cloning new $BRANCH..."
hg clone http://hg.mozilla.org/$BRANCH firefox-$VERSION
fi
pushd firefox-$VERSION
hg update --check
[ "$RELEASE_TAG" == "default" ] || hg update -r $RELEASE_TAG
# get repo and source stamp
echo -n "REV=" > ../source-stamp.txt
hg -R . parent --template="{node|short}\n" >> ../source-stamp.txt
echo -n "REPO=" >> ../source-stamp.txt
hg showconfig paths.default 2>/dev/null | head -n1 | sed -e "s/^ssh:/http:/" >> ../source-stamp.txt
popd
echo "creating archive..."
tar $compression -cf firefox-$VERSION$VERSION_SUFFIX.source.tar.xz --exclude=.hgtags --exclude=.hgignore --exclude=.hg --exclude=CVS firefox-$VERSION
fi
# l10n
echo "fetching locales..."
test ! -d l10n && mkdir l10n
jq -r 'to_entries[]| "\(.key) \(.value|.revision)"' $LOCALE_FILE | \
while read locale changeset ; do
case $locale in
ja-JP-mac|en-US)
;;
*)
echo "reading changeset information for $locale"
echo "fetching $locale changeset $changeset ..."
hg clone http://hg.mozilla.org/l10n-central/$locale l10n/$locale
[ "$RELEASE_TAG" == "default" ] || hg -R l10n/$locale up -C -r $changeset
;;
esac
done
echo "creating l10n archive..."
tar $compression -cf l10n-$VERSION$VERSION_SUFFIX.tar.xz --exclude=.hgtags --exclude=.hgignore --exclude=.hg l10n
# compare-locales
echo "creating compare-locales"
hg clone http://hg.mozilla.org/build/compare-locales
tar $compression -cf compare-locales.tar.xz --exclude=.hgtags --exclude=.hgignore --exclude=.hg compare-locales