From 9a4d3d856d7bf5bf26646172121f7d7138f585e2e949fb7052dce813582b37c3 Mon Sep 17 00:00:00 2001 From: Wolfgang Rosenauer Date: Wed, 16 Dec 2009 06:09:45 +0000 Subject: [PATCH] update to 3.5.6 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=134 --- MozillaFirefox.changes | 18 ++++ MozillaFirefox.spec | 19 ++-- firefox-3.5.5-source.tar.bz2 | 3 - firefox-3.5.6-source.tar.bz2 | 3 + firefox-browser-css.patch | 172 +++++++---------------------------- l10n-3.5.5.tar.bz2 | 3 - l10n-3.5.6.tar.bz2 | 3 + 7 files changed, 66 insertions(+), 155 deletions(-) delete mode 100644 firefox-3.5.5-source.tar.bz2 create mode 100644 firefox-3.5.6-source.tar.bz2 delete mode 100644 l10n-3.5.5.tar.bz2 create mode 100644 l10n-3.5.6.tar.bz2 diff --git a/MozillaFirefox.changes b/MozillaFirefox.changes index fdfa407..307db98 100644 --- a/MozillaFirefox.changes +++ b/MozillaFirefox.changes @@ -1,3 +1,21 @@ +------------------------------------------------------------------- +Thu Dec 3 21:53:59 CET 2009 - wr@rosenauer.org + +- security update to version 3.5.6 (bnc#559807) + * MFSA 2009-65/CVE-2009-3979/CVE-2009-3980/CVE-2009-3982 + Crashes with evidence of memory corruption (rv:1.9.1.6) + * MFSA 2009-66/CVE-2009-3388 (bmo#504843,bmo#523816) + Memory safety fixes in liboggplay media library + * MFSA 2009-67/CVE-2009-3389 (bmo#515882,bmo#504613) + Integer overflow, crash in libtheora video library + * MFSA 2009-68/CVE-2009-3983 (bmo#487872) + NTLM reflection vulnerability + * MFSA 2009-69/CVE-2009-3984/CVE-2009-3985 (bmo#521461,bmo#514232) + Location bar spoofing vulnerabilities + * MFSA 2009-70/VE-2009-3986 (bmo#522430) + Privilege escalation via chrome window.opener +- fixed firefox-browser-css.patch (bnc#561027) + ------------------------------------------------------------------- Mon Nov 23 22:31:21 CET 2009 - wr@rosenauer.org diff --git a/MozillaFirefox.spec b/MozillaFirefox.spec index d33d3b5..5aced55 100644 --- a/MozillaFirefox.spec +++ b/MozillaFirefox.spec @@ -1,5 +1,5 @@ # -# spec file for package MozillaFirefox (Version 3.5.5) +# spec file for package MozillaFirefox (Version 3.5.6) # # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. # Copyright (c) 2006-2009 Wolfgang Rosenauer @@ -21,15 +21,15 @@ Name: MozillaFirefox BuildRequires: autoconf213 gcc-c++ libgnomeui-devel libidl-devel orbit-devel python unzip update-desktop-files zip -BuildRequires: mozilla-xulrunner191-devel = 1.9.1.5 +BuildRequires: mozilla-xulrunner191-devel = 1.9.1.6 %if %suse_version > 1020 BuildRequires: fdupes %endif -License: GPL v2 or later ; LGPL v2.1 or later ; MPL 1.1 or later +License: GPLv2+ ; LGPLv2.1+ ; MPLv1.1+ Provides: web_browser Provides: firefox -Version: 3.5.5 -Release: 2 +Version: 3.5.6 +Release: 1 Summary: Mozilla Firefox Web Browser Url: http://www.mozilla.org/ Group: Productivity/Networking/Web/Browsers @@ -70,7 +70,7 @@ Requires: %{name}-branding = 3.5 %define __find_requires sh %{SOURCE4} %global provfind sh -c "grep -v '.so' | %__find_provides" %global __find_provides %provfind -%define releasedate 2009110300 +%define releasedate 2009120100 %define progname firefox %define progdir %{_prefix}/%_lib/%{progname} %if %suse_version > 1020 @@ -90,10 +90,9 @@ plethora of extensions. %if %localize - %package translations-common Summary: Common translations for MozillaFirefox -License: GPL v2 or later ; LGPL v2.1 or later ; MPL 1.1 or later +License: GPLv2+ ; LGPLv2.1+ ; MPLv1.1+ Provides: locale(%{name}:ar;ca;cs;da;de;en_GB;es_AR;es_CL;es_ES;fi;fr;hu;it;ja;ko;nb_NO;nl;pl;pt_BR;pt_PT;ru;sv_SE;zh_CN;zh_TW) Group: System/Localization PreReq: %{name} = %{version} @@ -106,7 +105,7 @@ of MozillaFirefox. %package translations-other Summary: Extra translations for MozillaFirefox -License: GPL v2 or later ; LGPL v2.1 or later ; MPL 1.1 or later +License: GPLv2+ ; LGPLv2.1+ ; MPLv1.1+ Provides: locale(%{name}:af;as;be;bg;bn_BD;bn_IN;cy;el;eo;es_MX;et;eu;fa;fy_NL;ga_IE;gl;gu_IN;he;hi_IN;hr;id;is;ka;kk;kn;ku;lt;lv;mk;ml;mn;mr;nn_NO;oc;or;pa_IN;rm;ro;si;sk;sl;sq;sr;ta;ta_LK;te;th;tr;uk;vi) Group: System/Localization PreReq: %{name} = %{version} @@ -120,7 +119,7 @@ of MozillaFirefox. %endif %package branding-upstream -License: GPL v2 or later ; LGPL v2.1 or later ; MPL +License: GPLv2+ ; LGPLv2.1+ ; MPLv1.1+ Summary: Upstream branding for MozillaFirefox Group: Productivity/Networking/Web/Browsers Provides: %{name}-branding = 3.5 diff --git a/firefox-3.5.5-source.tar.bz2 b/firefox-3.5.5-source.tar.bz2 deleted file mode 100644 index ac96492..0000000 --- a/firefox-3.5.5-source.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:91b28c6a77845ae69de4bdc56bc323dce54793f9424a0f61fdda8a3e8a936828 -size 46778633 diff --git a/firefox-3.5.6-source.tar.bz2 b/firefox-3.5.6-source.tar.bz2 new file mode 100644 index 0000000..db12fef --- /dev/null +++ b/firefox-3.5.6-source.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:5c58e54614331bcd4752423e0d63350ceb87d9973ccc23930a69342949021ed8 +size 46588141 diff --git a/firefox-browser-css.patch b/firefox-browser-css.patch index 44a0ff0..81caa9d 100644 --- a/firefox-browser-css.patch +++ b/firefox-browser-css.patch @@ -1,148 +1,42 @@ -From: Jakub Steiner +From: Jakub Steiner , Wolfgang Rosenauer tree > treerows { + direction: rtl; } - tabbrowser { - -moz-binding: url("chrome://browser/content/tabbrowser.xml#tabbrowser"); + #PopupAutoComplete .autocomplete-treebody { + direction: ltr; } -+ /* Remove focus lines from tabs */ -+ -+ .tabbrowser-tab > .tab-text { -+ border: 1px dotted transparent !important; -+ } -+ -+ - toolbar[printpreview="true"] { - -moz-binding: url("chrome://global/content/printPreviewBindings.xml#printpreviewtoolbar"); - } - - toolbarpaletteitem[place="palette"] > toolbaritem > hbox[type="places"] { - display: none; - } - - /* ::::: location bar ::::: */ - #urlbar { - -moz-binding: url(chrome://browser/content/urlbarBindings.xml#urlbar); -+ -moz-appearance: textfield !important; - } - -+ #urlbar .autocomplete-textbox-container { -+ background-color: -moz-Field !important; -+ -moz-appearance: none !important; -+ } -+ -+ #urlbar > .autocomplete-history-dropmarker { -+ -moz-appearance: toolbarbutton-dropdown !important; -+ margin: 0px 3px 0px 5px !important; -+ } -+ - #wrapper-urlbar-container #urlbar { - -moz-user-input: disabled; - cursor: -moz-grab; - } - - #PopupAutoComplete { - -moz-binding: url("chrome://browser/content/urlbarBindings.xml#browser-autocomplete-result-popup"); - } - - #PopupAutoCompleteRichResult { - -moz-binding: url("chrome://browser/content/urlbarBindings.xml#urlbar-rich-result-popup"); - } - -+ #PopupAutoCompleteRichResult .autocomplete-richlistitem -+ { -+ background: -moz-Field !important; -+ } -+ -+ #PopupAutoCompleteRichResult .autocomplete-richlistitem[selected="true"] -+ { -+ background: Highlight !important; -+ } -+ -+ #PopupAutoCompleteRichResult .autocomplete-richlistitem[selected="true"], -+ #PopupAutoCompleteRichResult .autocomplete-richlistitem[selected="true"] * -+ { -+ color: HighlightText !important; -+ } -+ -+ .ac-title -+ { -+ color: -moz-Fieldtext !important; -+ } -+ -+ #PopupAutoComplete .autocomplete-treebody { -+ background-color: -moz-Field !important; -+ color: -moz-Fieldtext !important; -+ } -+ -+ - #page-report-button:not([blocked]) { - display: none; - } - - #urlbar-throbber:not([busy="true"]), - #urlbar-throbber[busy="true"] + #page-proxy-favicon { - display: none; - } -@@ -59,16 +104,31 @@ toolbarpaletteitem[place="palette"] > to - visibility: collapse; - } - - #identity-box > hbox { - max-width: 22em; - min-width: 1px; - } - -+/* Identity/Bookmark pop-up improvements */ -+ -+ #identity-popup-container { -+ -moz-appearance: dialog !important; -+ } -+ -+ #editBookmarkPanel { -+ -moz-appearance: dialog !important; -+ } -+ -+ #editBMPanel_foldersExpander, #editBMPanel_tagsSelectorExpander { -+ -moz-appearance: menulist-button !important; -+ } -+ -+ - /* ::::: Unified Back-/Forward Button ::::: */ - #back-forward-dropmarker > image , - #back-forward-dropmarker > label { - display: none; - } - .unified-nav-current { - font-weight: bold; - } -@@ -154,8 +214,18 @@ window[chromehidden~="toolbar"] toolbar: - display: inline-block; - } - %endif - - /* Bug 483950 - Hide domain name in status bar pending removal */ - #security-button > label { - display: none; - } -+ -+ -+/* Support for Fission add-on */ -+ -+#urlbar[fission="fusion"] > #statusbar-icon > .progress-bar { -+ background-color: Highlight !important; -+ -moz-appearance: progresschunk !important; -+ opacity: 0.4 !important; -+ margin: 1px !important; ++#PopupAutoCompleteRichResult .autocomplete-richlistitem { ++ background-color: -moz-Field !important; +} ++ ++#PopupAutoCompleteRichResult .autocomplete-richlistitem[selected="true"], ++#PopupAutoCompleteRichResult .autocomplete-richlistitem[selected="true"] * { ++ color: HighlightText !important; ++ background: Highlight !important; ++} ++ ++.ac-title { ++ color: -moz-Fieldtext !important; ++} ++ + /* Favicon */ + #page-proxy-favicon, + #urlbar-throbber { + width: 16px; + height: 16px; + } + + #page-proxy-stack { diff --git a/l10n-3.5.5.tar.bz2 b/l10n-3.5.5.tar.bz2 deleted file mode 100644 index 59c26a7..0000000 --- a/l10n-3.5.5.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:f085b3ce7be1658c5e6843f7adefcdc7e3291b81c06ef136ed92628bb89246ca -size 36657230 diff --git a/l10n-3.5.6.tar.bz2 b/l10n-3.5.6.tar.bz2 new file mode 100644 index 0000000..03fc0f8 --- /dev/null +++ b/l10n-3.5.6.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:f3cba943e20727d62a119085c8709b84e0e1a91e1b5325a0b13267d1c2419061 +size 36687896