diff --git a/MozillaFirefox.changes b/MozillaFirefox.changes index 6774197..b79e0ef 100644 --- a/MozillaFirefox.changes +++ b/MozillaFirefox.changes @@ -1,3 +1,52 @@ +------------------------------------------------------------------- +Wed Jul 28 08:33:14 CEST 2010 - meissner@suse.de + +- disable crash reporter for non x86/x86_64 to make it build. + +------------------------------------------------------------------- +Sat Jul 24 12:42:58 CEST 2010 - wr@rosenauer.org + +- security update to 3.6.8 (bnc#622506) + * MFSA 2010-48/CVE-2010-2755 (bmo#575836) + Dangling pointer crash regression from plugin parameter array + fix + +------------------------------------------------------------------- +Fri Jul 16 06:48:44 CEST 2010 - wr@rosenauer.org + +- security update to 3.6.7 (bnc#622506) + * MFSA 2010-34/CVE-2010-1211/CVE-2010-1212 + Miscellaneous memory safety hazards + * MFSA 2010-35/CVE-2010-1208 (bmo#572986) + DOM attribute cloning remote code execution vulnerability + * MFSA 2010-36/CVE-2010-1209 (bmo#552110) + Use-after-free error in NodeIterator + * MFSA 2010-37/CVE-2010-1214 (bmo#572985) + Plugin parameter EnsureCachedAttrParamArrays remote code + execution vulnerability + * MFSA 2010-38/CVE-2010-1215 (bmo#567069) + Arbitrary code execution using SJOW and fast native function + * MFSA 2010-39/CVE-2010-2752 (bmo#574059) + nsCSSValue::Array index integer overflow + * MFSA 2010-40/CVE-2010-2753 (bmo#571106) + nsTreeSelection dangling pointer remote code execution + vulnerability + * MFSA 2010-41/CVE-2010-1205 (bmo#570451) + Remote code execution using malformed PNG image + * MFSA 2010-42/CVE-2010-1213 (bmo#568148) + Cross-origin data disclosure via Web Workers and importScripts + * MFSA 2010-43/CVE-2010-1207 (bmo#571287) + Same-origin bypass using canvas context + * MFSA 2010-44/CVE-2010-1210 (bmo#564679) + Characters mapped to U+FFFD in 8 bit encodings cause subsequent + character to vanish + * MFSA 2010-45/CVE-2010-1206/CVE-2010-2751 (bmo#536466,556957) + Multiple location bar spoofing vulnerabilities + * MFSA 2010-46/CVE-2010-0654 (bmo#524223) + Cross-domain data theft using CSS + * MFSA 2010-47/CVE-2010-2754 (bmo#568564) + Cross-origin data leakage from script filename in error messages + ------------------------------------------------------------------- Sun Jun 27 20:24:31 CEST 2010 - wr@rosenauer.org diff --git a/MozillaFirefox.spec b/MozillaFirefox.spec index cf48048..a579d96 100644 --- a/MozillaFirefox.spec +++ b/MozillaFirefox.spec @@ -1,5 +1,5 @@ # -# spec file for package MozillaFirefox (Version 3.6.6) +# spec file for package MozillaFirefox (Version 3.6.8) # # Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. # 2006-2010 Wolfgang Rosenauer @@ -22,7 +22,7 @@ Name: MozillaFirefox %define xulrunner mozilla-xulrunner192 BuildRequires: autoconf213 gcc-c++ libcurl-devel libgnomeui-devel libidl-devel libnotify-devel python unzip update-desktop-files zip -BuildRequires: %{xulrunner}-devel = 1.9.2.6 +BuildRequires: %{xulrunner}-devel = 1.9.2.8 %if %suse_version > 1020 BuildRequires: fdupes %endif @@ -34,9 +34,9 @@ BuildRequires: wireless-tools License: GPLv2+ ; LGPLv2.1+ ; MPLv1.1+ Provides: web_browser Provides: firefox -Version: 3.6.6 +Version: 3.6.8 Release: 1 -%define releasedate 2010062600 +%define releasedate 2010072300 Summary: Mozilla Firefox Web Browser Url: http://www.mozilla.org/ Group: Productivity/Networking/Web/Browsers @@ -63,7 +63,6 @@ Patch8: firefox-appname.patch Patch9: firefox-kde.patch Patch10: firefox-ui-lockdown.patch Patch11: firefox-crashreporter.patch -Patch12: mozilla-crashreporter-x86_64.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires(post): coreutils shared-mime-info desktop-file-utils Requires(postun): shared-mime-info desktop-file-utils @@ -88,6 +87,11 @@ Requires: %{name}-branding >= 3.5 ### build options %define branding 1 %define localize 1 +%ifarch ppc ppc64 s390 s390x ia64 +%define crashreporter 0 +%else +%define crashreporter 1 +%endif ### build options end %description @@ -167,7 +171,6 @@ install -m 644 %{SOURCE6} browser/app/profile/kde.js %endif %patch10 -p1 %patch11 -p1 -%patch12 -p1 %build export MOZ_BUILD_DATE=%{releasedate} @@ -361,7 +364,9 @@ fi %{progdir}/%{progname} %{progdir}/application.ini %{progdir}/blocklist.xml +%if %crashreporter %{progdir}/crashreporter-override.ini +%endif %{_datadir}/applications/%{name}.desktop %{_datadir}/mime/packages/%{progname}.xml %{_datadir}/pixmaps/firefox* diff --git a/firefox-3.6.6-source.tar.bz2 b/firefox-3.6.6-source.tar.bz2 deleted file mode 100644 index d6ff653..0000000 --- a/firefox-3.6.6-source.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:9394ebaa0580fef4cdc04ac81259a91b0138150c9ebbe0c97fd12a71f1a041d0 -size 51012567 diff --git a/firefox-3.6.8-source.tar.bz2 b/firefox-3.6.8-source.tar.bz2 new file mode 100644 index 0000000..04677f7 --- /dev/null +++ b/firefox-3.6.8-source.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:38a76dbd1f566b13d375362d7ac15a615dec2e3572aef144f3765e38fb843fac +size 50974426 diff --git a/l10n-3.6.6.tar.bz2 b/l10n-3.6.6.tar.bz2 deleted file mode 100644 index 918cd1c..0000000 --- a/l10n-3.6.6.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:b7c1bd3113a10ec90677086bac7ad0a7188f81c9e834ecb5682c39a216b2a2de -size 37223689 diff --git a/l10n-3.6.8.tar.bz2 b/l10n-3.6.8.tar.bz2 new file mode 100644 index 0000000..c70610f --- /dev/null +++ b/l10n-3.6.8.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:574120c6e4918fafb2bf912bfaf3ffe6bb90ed30c1158cc595e9db1cb9688767 +size 37225202 diff --git a/mozilla-crashreporter-x86_64.patch b/mozilla-crashreporter-x86_64.patch deleted file mode 100644 index 16ec047..0000000 --- a/mozilla-crashreporter-x86_64.patch +++ /dev/null @@ -1,38 +0,0 @@ -# HG changeset patch -# User Ted Mielczarek -# Date 1269522979 14400 -# Node ID a00284a2b2f0063b0f053938c1775cf207fe25bb -# Parent 33d05f60932bac3d66231a54840cbdd173297fff -bug 554021 - enable compiling Breakpad on Linux/x86-64 by default - -diff --git a/configure.in b/configure.in ---- a/configure.in -+++ b/configure.in -@@ -5858,13 +5858,20 @@ - dnl = Breakpad crash reporting (on by default on supported platforms) - dnl ======================================================== - --if (test "$OS_ARCH" = "WINNT" -a -z "$GNU_CC" \ -- || test "$OS_ARCH" = "Darwin" \ -- || test "$OS_ARCH" = "Linux" -a "$CPU_ARCH" = "x86" \ -- || test "$OS_ARCH" = "SunOS") \ -- && test -z "$HAVE_64BIT_OS"; then -- MOZ_CRASHREPORTER=1 --fi -+case $target in -+i?86-*-mingw*) -+ MOZ_CRASHREPORTER=1 -+ ;; -+i?86-apple-darwin*|powerpc-apple-darwin*) -+ MOZ_CRASHREPORTER=1 -+ ;; -+i?86-*-linux*|x86_64-*-linux*) -+ MOZ_CRASHREPORTER=1 -+ ;; -+*solaris*) -+ MOZ_CRASHREPORTER=1 -+ ;; -+esac - - MOZ_ARG_DISABLE_BOOL(crashreporter, - [ --disable-crashreporter Disable breakpad crash reporting],