rpm/MozillaFirefox
SHA256
1
0
Fork 0
forked from pool/MozillaFirefox
Code Pull Requests Activity
403 Commits 2 Branches 0 Tags 12 MiB
087a48c8a1
Commit Graph

330 Commits

Author SHA256 Message Date
Wolfgang Rosenauer
5cd9f0a774 - security update to Firefox 39.0.3 (bnc#940918) 
* MFSA 2015-78/CVE-2015-4495 (bmo#1179262, bmo#1178058)
    Same origin violation and local file stealing via PDF reader

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=452
 2015-08-07 10:23:02 +00:00
Wolfgang Rosenauer
ea519de414 - update to Firefox 39.0 (bnc#935979) 
security fixes:
  * MFSA 2015-59/CVE-2015-2724/CVE-2015-2725/CVE-2015-2726
    Miscellaneous memory safety hazards
  * MFSA 2015-60/CVE-2015-2727 (bmo#1163422)
    Local files or privileged URLs in pages can be opened into new tabs
  * MFSA 2015-61/CVE-2015-2728 (bmo#1142210)
    Type confusion in Indexed Database Manager
  * MFSA 2015-62/CVE-2015-2729 (bmo#1122218)
    Out-of-bound read while computing an oscillator rendering range in Web Audio
  * MFSA 2015-63/CVE-2015-2731 (bmo#1149891)
    Use-after-free in Content Policy due to microtask execution error
  * MFSA 2015-64/CVE-2015-2730 (bmo#1125025)
    ECDSA signature validation fails to handle some signatures correctly
    (this fix is shipped by NSS 3.19.1 externally)
  * MFSA 2015-65/CVE-2015-2722/CVE-2015-2733 (bmo#1166924, bmo#1169867)
    Use-after-free in workers while using XMLHttpRequest
  * MFSA 2015-66/CVE-2015-2734/CVE-2015-2735/CVE-2015-2736/CVE-2015-2737
    CVE-2015-2738/CVE-2015-2739/CVE-2015-2740
    Vulnerabilities found through code inspection
  * MFSA 2015-67/CVE-2015-2741 (bmo#1147497)
    Key pinning is ignored when overridable errors are encountered
  * MFSA 2015-68/CVE-2015-2742 (bmo#1138669)
    OS X crash reports may contain entered key press information
    (not relevant under Linux)
  * MFSA 2015-69/CVE-2015-2743 (bmo#1163109)
    Privilege escalation in PDF.js
  * MFSA 2015-70/CVE-2015-4000 (bmo#1138554)
    NSS accepts export-length DHE keys with regular DHE cipher suites
    (this fix is shipped by NSS 3.19.1 externally)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=450
 2015-07-03 06:21:15 +00:00
Wolfgang Rosenauer
9353554b5d - update to Firefox 39.0 
* Share Hello URLs with social networks
  * Support for 'switch' role in ARIA 1.1 (web accessibility)
  * SafeBrowsing malware detection lookups enabled for downloads
    (Mac OS X and Linux)
  * Support for new Unicode 8.0 skin tone emoji
  * Removed support for insecure SSLv3 for network communications
  * Disable use of RC4 except for temporarily whitelisted hosts
  * NPAPI Plug-in performance improved via asynchronous initialization
- dropped mozilla-prefer_plugin_pref.patch as this feature is
  likely not worth maintaining further
- rebased patches
- require NSS 3.19.2

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=449
 2015-06-24 19:26:58 +00:00
Wolfgang Rosenauer
51e2af5d00 Accepting request 312501 from home:Andreas_Schwab:Factory 
- mozilla-arm64-libjpeg-turbo.patch: fix libjpeg-turbo configuration

OBS-URL: https://build.opensuse.org/request/show/312501
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=448
 2015-06-19 06:08:19 +00:00
Wolfgang Rosenauer
d0dd48e06c - update to Firefox 38.0.6 
* fixes bmo#1171730 which is not really relevant to oS builds
- fix KDE regression from 38.0.5 builds (bsc#933439)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=447
 2015-06-07 20:02:48 +00:00
Wolfgang Rosenauer
e03f1ffc2d - update to Firefox 38.0.5 
* Keep track of articles and videos with Pocket
  * Clean formatting for articles and blog posts with Reader View
  * Share the active tab or window in a Hello conversation
- add changes file as source for SRPM (bsc#932142)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=445
 2015-06-01 08:32:35 +00:00
Wolfgang Rosenauer
e63ccf245d OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=443 2015-05-15 11:19:14 +00:00
Wolfgang Rosenauer
13fb8d74ed Accepting request 307277 from home:michel_mno:branches:mozilla:Factory 
- add mozilla-add-glibcxx_use_cxx11_abi.patch grabbed from
  https://bugzilla.mozilla.org/show_bug.cgi?id=1153109
  This is for Firefox version 38.0
  similar request as sr #307269 previously done for version 37.0.2

OBS-URL: https://build.opensuse.org/request/show/307277
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=442
 2015-05-15 11:08:59 +00:00
Wolfgang Rosenauer
a9fdf6b5ec - update to Firefox 38.0.1 
stability and regression fixes
  * Systems with first generation NVidia Optimus graphics cards
    may crash on start-up
  * Users who import cookies from Google Chrome can end up with
    broken websites
  * Large animated images may fail to play and may stop other
    images from loading
- update to Firefox 38.0 (bnc#930622)
  * New tab-based preferences
  * Ruby annotation support
  * more info: https://www.mozilla.org/en-US/firefox/38.0/releasenotes/
  security fixes:
  * MFSA 2015-46/CVE-2015-2708/CVE-2015-2709
    Miscellaneous memory safety hazards
  * MFSA 2015-47/VE-2015-0797 (bmo#1080995)
    Buffer overflow parsing H.264 video with Linux Gstreamer
  * MFSA 2015-48/CVE-2015-2710 (bmo#1149542)
    Buffer overflow with SVG content and CSS
  * MFSA 2015-49/CVE-2015-2711 (bmo#1113431)
    Referrer policy ignored when links opened by middle-click and
    context menu
  * MFSA 2015-50/CVE-2015-2712 (bmo#1152280)
    Out-of-bounds read and write in asm.js validation
  * MFSA 2015-51/CVE-2015-2713 (bmo#1153478)
    Use-after-free during text processing with vertical text enabled
  * MFSA 2015-53/CVE-2015-2715 (bmo#988698)
    Use-after-free due to Media Decoder Thread creation during shutdown
  * MFSA 2015-54/CVE-2015-2716 (bmo#1140537)
    Buffer overflow when parsing compressed XML

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=441
 2015-05-15 09:20:13 +00:00
Wolfgang Rosenauer
8a0ded8a29 - update to 31.7.0 (bnc#) 
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=440
 2015-05-10 20:12:38 +00:00
Wolfgang Rosenauer
98f546d89a - update to Firefox 37.0.2 (bnc#928116) 
* MFSA 2015-45/CVE-2015-2706 (bmo#1141081)
    Memory corruption during failed plugin initialization

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=438
 2015-04-22 14:54:45 +00:00
Wolfgang Rosenauer
aece7ba539 - update to Firefox 37.0.1 
* MFSA 2015-43/CVE-2015-0798 (bmo#1147597) (Android only)
    Loading privileged content through Reader mode
  * MFSA 2015-44/CVE-2015-0799 (bmo#1148328)
    Certificate verification bypass through the HTTP/2 Alt-Svc header

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=435
 2015-04-07 07:34:55 +00:00
Wolfgang Rosenauer
c579f3ef60 - update to Firefox 37.0 
- removed obsolete patches
  * mozilla-bmo1088588.patch
  * mozilla-bmo1108834.patch
- requires NSPR 4.10.8
  mozilla-bmo1005535.patch

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=432
 2015-04-01 05:22:19 +00:00
Wolfgang Rosenauer
04d84121d1 Accepting request 292717 from home:k0da:branches:mozilla:Factory 
- Fix builds with skia on Power
  mozilla-skia-be-le.patch (patch from #bmo1136958)
  mozilla-bmo1108834.patch
  mozilla-bmo1005535.patch

OBS-URL: https://build.opensuse.org/request/show/292717
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=431
 2015-03-28 09:50:17 +00:00
Wolfgang Rosenauer
e8c38e0801 - update to Firefox 36.0.4 (bnc#923495) 
* MFSA 2015-28/CVE-2015-0818 (bmo#1144988)
    Privilege escalation through SVG navigation
  * MFSA 2015-29/CVE-2015-0817 (bmo#1145255)
    Code execution through incorrect JavaScript bounds checking
    elimination

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=428
 2015-03-22 09:37:21 +00:00
Wolfgang Rosenauer
257d91825b Accepting request 292105 from home:dimstar:Factory 
OBS-URL: https://build.opensuse.org/request/show/292105
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=427
 2015-03-21 12:49:29 +00:00
Wolfgang Rosenauer
cabc64ee55 - update to Firefox 36.0.1 
Bugfixes:
  * Disable the usage of the ANY DNS query type (bmo#1093983)
  * Hello may become inactive until restart (bmo#1137469)
  * Print preferences may not be preserved (bmo#1136855)
  * Hello contact tabs may not be visible (bmo#1137141)
  * Accept hostnames that include an underscore character ("_")
    (bmo#1136616)
  * WebGL may use significant memory with Canvas2d (bmo#1137251)
  * Option -remote has been restored (bmo#1080319)
- added mozilla-skia-bmo1136958.patch to fix build issues for
  ARM and PPC

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=425
 2015-03-07 12:10:06 +00:00
Wolfgang Rosenauer
e38465171c - update to Firefox 36.0 (bnc#917597) 
* mozilla-xremote-client was removed
  * added libclearkey.so media plugin
  * Pinned tiles on the new tab page can be synced
  * Support for the full HTTP/2 protocol. HTTP/2 enables a faster,
    more scalable, and more responsive web.
  * Locale added: Uzbek (uz)
- rebased patches
- requires NSS 3.17.4

- update to Firefox 35.0.1
  * With the Enhanced Steam extension, Firefox could crash (bmo#1123732)
  * Kerberos authentication did not work with alias (bmo#1108971)
  * SVG / CSS animation had a regression causing rendering issues on
    websites like openstreemap.org (bmo#1083079)
  * On Godaddy webmail, Firefox could crash (bmo#1113121)
  * document.baseURI did not get updated to document.location after
    base tag was removed from DOM for site with a CSP (bmo#1121857)
  * With a Right-to-left (RTL) version of Firefox, the text selection
    could be broken (bmo#1104036)
  * CSP had a change in behavior with regard to case sensitivity
    resources loading (bmo#1122445)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=422
 2015-02-23 20:32:13 +00:00
Wolfgang Rosenauer
1bda786938 - update to Firefox 35.0 (bnc#910669) 
notable features:
  * Firefox Hello with new rooms-based conversations model
  * Implemented HTTP Public Key Pinning Extension (for enhanced
    authentication of encrypted connections)
- rebased patches
- dropped explicit support for everything older than 12.3
  (including SLES11)
  * merge firefox-kde.patch and firefox-kde-114.patch
  * dropped mozilla-sle11.patch
- reworked specfile to build conditionally based on release channel
  either Firefox or Firefox Developer Edition
- added mozilla-openaes-decl.patch to fix implicit declarations
- obsolete tracker-miner-firefox < 0.15 because it leads to startup
  crashes (bnc#908892)
- rebased patches

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=419
 2015-01-14 18:32:16 +00:00
Wolfgang Rosenauer
4a13134b83 - update to Firefox 34.0.5 (bnc#908009) 
* Default search engine changed to Yahoo! for North America
  * Default search engine changed to Yandex for Belarusian, Kazakh,
    and Russian locales
  * Improved search bar (en-US only)
  * Firefox Hello real-time communication client
  * Easily switch themes/personas directly in the Customizing mode
  * Implementation of HTTP/2 (draft14) and ALPN
  * Disabled SSLv3
  * MFSA 2014-83/CVE-2014-1587/CVE-2014-1588
    Miscellaneous memory safety hazards
  * MFSA 2014-84/CVE-2014-1589 (bmo#1043787)
    XBL bindings accessible via improper CSS declarations
  * MFSA 2014-85/CVE-2014-1590 (bmo#1087633)
    XMLHttpRequest crashes with some input streams
  * MFSA 2014-86/CVE-2014-1591 (bmo#1069762)
    CSP leaks redirect data via violation reports
  * MFSA 2014-87/CVE-2014-1592 (bmo#1088635)
    Use-after-free during HTML5 parsing
  * MFSA 2014-88/CVE-2014-1593 (bmo#1085175)
    Buffer overflow while parsing media content
  * MFSA 2014-89/CVE-2014-1594 (bmo#1074280)
    Bad casting from the BasicThebesLayer to BasicContainerLayer
- rebased patches
- limit linker memory usage for %ix86

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=415
 2014-12-02 22:01:52 +00:00
Wolfgang Rosenauer
140e4a12ee - requires NSS 3.17.2 
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=414
 2014-11-10 16:05:57 +00:00
Wolfgang Rosenauer
b5acd11036 - update to Firefox 33.1 
* Adding DuckDuckGo as a search option (upstream)
  * Forget Button added
  * Enhanced Tiles
  * Privacy tour introduced
- fix typo in GStreamer Recommends
- use proper macros for ARM

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=413
 2014-11-10 15:49:04 +00:00
Wolfgang Rosenauer
849a660683 Accepting request 259749 from home:Guillaume_G:branches:mozilla:Factory 
- Disable elf-hack for aarch64
- Enable EGL for aarch64
- Limit RAM usage during link for %arm
- Fix _constraints for ARM

OBS-URL: https://build.opensuse.org/request/show/259749
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=411
 2014-11-06 20:54:53 +00:00
Wolfgang Rosenauer
ab979e2eb7 Accepting request 259483 from devel:ARM:Factory 
- use proper macros for ARM 

- use '--disable-optimize' not only on 32-bit x86, but on 32-bit arm too
  to fix compiling.
- pass '-Wl,--no-keep-memory' to linker to reduce required memory during
  linking on arm.

OBS-URL: https://build.opensuse.org/request/show/259483
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=410
 2014-11-04 23:02:38 +00:00
Wolfgang Rosenauer
113f1f2433 - update to Firefox 33.0.2 
* Fix a startup crash with some combination of hardware and drivers
  33.0.1
  * Firefox displays a black screen at start-up with certain
    graphics drivers
- adjusted _constraints for ARM

- added mozilla-bmo1088588.patch to fix build with EGL (bmo#1088588)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=408
 2014-10-30 12:43:09 +00:00
Wolfgang Rosenauer
b0bbfbf8c8 - define /usr/share/myspell as additional dictionary location 
and remove add-plugins.sh finally (bnc#900639)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=407
 2014-10-25 08:51:04 +00:00
Wolfgang Rosenauer
43013532ef OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=406 2014-10-20 11:39:30 +00:00
Wolfgang Rosenauer
fd45b34aba - use Firefox default optimization flags instead of -Os 
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=405
 2014-10-19 19:45:31 +00:00
Wolfgang Rosenauer
159486ad08 Accepting request 257650 from home:Vindex17:branches:mozilla:Factory 
OBS-URL: https://build.opensuse.org/request/show/257650
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=404
 2014-10-19 19:40:39 +00:00
Wolfgang Rosenauer
3d4d28e3ed - fix build for all ppc by not enabling elf-hack 
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=402
 2014-10-15 14:13:02 +00:00
Wolfgang Rosenauer
8cec21d43a - fix build for ppc64 and ppc64le by not enabling elf-hack 
(bnc#901213)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=401
 2014-10-15 08:16:22 +00:00
Wolfgang Rosenauer
2f02270073 - update to Firefox 33.0 (bnc#900941) 
New features:
  * OpenH264 support (sandboxed)
  * Enhanced Tiles
  * Improved search experience through the location bar
  * Slimmer and faster JavaScript strings
  * New CSP (Content Security Policy) backend
  * Support for connecting to HTTP proxy over HTTPS
  * Improved reliability of the session restoration
  * Proprietary window.crypto properties/functions removed
- requires NSPR 4.10.7
- requires NSS 3.17.1
- removed obsolete patches:
  * mozilla-ppc.patch
  * mozilla-libproxy-compat.patch
- added basic appdata information

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=399
 2014-10-13 18:00:43 +00:00
Wolfgang Rosenauer
ab5934fcc8 - use some more build flags to align with upstream 
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=397
 2014-09-22 17:07:48 +00:00
Wolfgang Rosenauer
6d0dbb410f - update to Firefox 32.0.2 
* just a version bump for our builds
  * fixed the in application update process for certain environments
    (in application update is not enabled in openSUSE and Linux
    is unaffected in any case)
- build with --disable-optimize for 13.1 and above for i586 to
  workaround miscompilations (bnc#896624)

- update to Firefox 32.0.1
  * fixed stability issues for computers with multiple graphics cards
  * mixed content icon may be incorrectly displayed instead of lock
    icon for SSL sites in 32.0 (
  * WebRTC: setRemoteDescription() silently fails if no success
    callback is specified (bmo#1063971)

- update to Firefox 32.0 (bnc#894370)
  * MFSA 2014-67/CVE-2014-1553/CVE-2014-1554/CVE-2014-1562
- rebased patches
- requires NSS 3.16.4
- removed upstreamed patch
  * mozilla-aarch64-bmo-810631.patch

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=396
 2014-09-22 16:35:40 +00:00
Wolfgang Rosenauer
894acf7ddc - update to Firefox 31.1.0esr (bnc#894370) 
- changes to support compilation on 11.4
  * explicit xz BuildRequires
  * mozilla-nullptr-gcc45.patch
  * remove unresolved makeinfo BuildRequires

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=393
 2014-09-01 09:59:18 +00:00
Wolfgang Rosenauer
51d960176f - update to Firefox 31.0 (bnc#887746) 
- use EGL on ARM
- rebased patches
- requires NSS 3.16.2
- requires python-devel (not only python)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=389
 2014-07-21 09:32:46 +00:00
Wolfgang Rosenauer
46f07576a3 Accepting request 241651 from home:mayerjosua:mozilla 
use libEGL as glprovider on ARM. I believe it is safe to assume that on ARM, if we got any OpenGL, it will be at least EGL and GLES. I tested this on Cubox-i with vivante gc2000, and the webgl demo cube worked fine.

OBS-URL: https://build.opensuse.org/request/show/241651
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=388
 2014-07-20 18:10:31 +00:00
Wolfgang Rosenauer
83b187e5a4 - update to Firefox 30.0 (bnc#881874) 
* MFSA 2014-48/CVE-2014-1533/CVE-2014-1534
    (bmo#921622, bmo#967354, bmo#969517, bmo#969549, bmo#973874,
     bmo#978652, bmo#978811, bmo#988719, bmo#990868, bmo#991981,
     bmo#992274, bmo#994907, bmo#995679, bmo#995816, bmo#995817,
     bmo#996536, bmo#996715, bmo#999651, bmo#1000598,
     bmo#1000960, bmo#1002340, bmo#1005578, bmo#1007223,
     bmo#1009952, bmo#1011007)
    Miscellaneous memory safety hazards (rv:30.0)
  * MFSA 2014-49/CVE-2014-1536/CVE-2014-1537/CVE-2014-1538
    (bmo#989994, bmo#999274, bmo#1005584)
    Use-after-free and out of bounds issues found using Address
    Sanitizer
  * MFSA 2014-50/CVE-2014-1539 (bmo#995603)
    Clickjacking through cursor invisability after Flash interaction
  * MFSA 2014-51/CVE-2014-1540 (bmo#978862)
    Use-after-free in Event Listener Manager
  * MFSA 2014-52/CVE-2014-1541 (bmo#1000185)
    Use-after-free with SMIL Animation Controller
  * MFSA 2014-53/CVE-2014-1542 (bmo#991533)
    Buffer overflow in Web Audio Speex resampler
  * MFSA 2014-54/CVE-2014-1543 (bmo#1011859)
    Buffer overflow in Gamepad API
- rebased patches
- removed obsolete patches
  * firefox-browser-css.patch
  * mozilla-aarch64-bmo-962488.patch
  * mozilla-aarch64-bmo-963023.patch
  * mozilla-aarch64-bmo-963024.patch
  * mozilla-aarch64-bmo-963027.patch

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=384
 2014-06-11 08:41:30 +00:00
Wolfgang Rosenauer
25ebccd71b - update to Firefox 29.0.1 
* Seer disabled by default (bmo#1005958)
  * Session Restore failed with a corrupted sessionstore.js file
    (bmo#1001167)
  * pdf.js printing white page (bmo#1003707, bnc#876833)
- general.useragent.locale gets overwritten with en-US while it
  should be using the active langpack's setting

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=382
 2014-05-11 18:09:20 +00:00
Wolfgang Rosenauer
e3fa498b57 - update to Thunderbird 24.5.0 (bnc#875378) 
* MFSA 2014-34/CVE-2014-1518
    Miscellaneous memory safety hazards
  * MFSA 2014-37/CVE-2014-1523 (bmo#969226)
    Out of bounds read while decoding JPG images
  * MFSA 2014-38/CVE-2014-1524 (bmo#989183)
    Buffer overflow when using non-XBL object as XBL
  * MFSA 2014-42/CVE-2014-1529 (bmo#987003)
    Privilege escalation through Web Notification API
  * MFSA 2014-43/CVE-2014-1530 (bmo#895557)
    Cross-site scripting (XSS) using history navigations
  * MFSA 2014-44/CVE-2014-1531 (bmo#987140)
    Use-after-free in imgLoader while resizing images
  * MFSA 2014-46/CVE-2014-1532 (bmo#966006)
    Use-after-free in nsHostResolver
- use shipped-locales as the authoritative source for supported
  locales (some unsupported locales disappear from -other package)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=380
 2014-04-29 21:30:39 +00:00
Wolfgang Rosenauer
9d19809515 - update to Firefox 29.0 (bnc#875378) 
- rebased patches
- removed obsolete patches
  * firefox-browser-css.patch
  * mozilla-aarch64-599882cfb998.diff
  * mozilla-aarch64-bmo-963028.patch
  * mozilla-aarch64-bmo-963029.patch
  * mozilla-aarch64-bmo-963030.patch
  * mozilla-aarch64-bmo-963031.patch
- requires NSS 3.16
- added mozilla-icu-strncat.patch to fix post build checks
- add mozilla-aarch64-599882cfb998.patch,
- Add patch for bmo#973977
- Refresh mozilla-ppc64le-xpcom.patch patch
- Adapt mozilla-ppc64le-xpcom.patch to Mozilla > 24.0 build system

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=378
 2014-04-27 16:09:32 +00:00
Wolfgang Rosenauer
eda8b9c884 Accepting request 229482 from devel:ARM:Factory 
- add mozilla-aarch64-599882cfb998.patch, 
      mozilla-aarch64-bmo-810631.patch,
      mozilla-aarch64-bmo-962488.patch,
      mozilla-aarch64-bmo-963030.patch,
      mozilla-aarch64-bmo-963027.patch,
      mozilla-aarch64-bmo-963028.patch,
      mozilla-aarch64-bmo-963029.patch,
      mozilla-aarch64-bmo-963023.patch,
      mozilla-aarch64-bmo-963024.patch,
      mozilla-aarch64-bmo-963031.patch: AArch64 porting

OBS-URL: https://build.opensuse.org/request/show/229482
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=376
 2014-04-13 14:47:41 +00:00
Wolfgang Rosenauer
27336c8295 Accepting request 227348 from openSUSE:Factory:PowerPC 
Build fixes for ppc64 and ppc64le

OBS-URL: https://build.opensuse.org/request/show/227348
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=374
 2014-03-25 08:26:07 +00:00
Wolfgang Rosenauer
ee63deb207 - update to Firefox 28.0 (bnc#868603) 
* MFSA 2014-15/CVE-2014-1493/CVE-2014-1494
    Miscellaneous memory safety hazards
  * MFSA 2014-17/CVE-2014-1497 (bmo#966311)
    Out of bounds read during WAV file decoding
  * MFSA 2014-18/CVE-2014-1498 (bmo#935618)
    crypto.generateCRMFRequest does not validate type of key
  * MFSA 2014-19/CVE-2014-1499 (bmo#961512)
    Spoofing attack on WebRTC permission prompt
  * MFSA 2014-20/CVE-2014-1500 (bmo#956524)
    onbeforeunload and Javascript navigation DOS
  * MFSA 2014-22/CVE-2014-1502 (bmo#972622)
    WebGL content injection from one domain to rendering in another
  * MFSA 2014-23/CVE-2014-1504 (bmo#911547)
    Content Security Policy for data: documents not preserved by
    session restore
  * MFSA 2014-26/CVE-2014-1508 (bmo#963198)
    Information disclosure through polygon rendering in MathML
  * MFSA 2014-27/CVE-2014-1509 (bmo#966021)
    Memory corruption in Cairo during PDF font rendering
  * MFSA 2014-28/CVE-2014-1505 (bmo#941887)
    SVG filters information disclosure through feDisplacementMap
  * MFSA 2014-29/CVE-2014-1510/CVE-2014-1511 (bmo#982906, bmo#982909)
    Privilege escalation using WebIDL-implemented APIs
  * MFSA 2014-30/CVE-2014-1512 (bmo#982957)
    Use-after-free in TypeObject
  * MFSA 2014-31/CVE-2014-1513 (bmo#982974)
    Out-of-bounds read/write through neutering ArrayBuffer objects
  * MFSA 2014-32/CVE-2014-1514 (bmo#983344)
    Out-of-bounds write through TypedArrayObject after neutering

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=370
 2014-03-18 19:44:32 +00:00
Wolfgang Rosenauer
2e55657fde - update to Firefox 27.0.1 
* Fixed stability issues with Greasemonkey and other JS that used
    ClearTimeoutOrInterval
  * JS math correctness issue (bnc#941381)
- incorporate Google API key for geolocation (bnc#864170)
- updated list of "other" locales in RPM requirements

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=366
 2014-02-23 10:04:06 +00:00
Wolfgang Rosenauer
8f3bc80ce6 - update to Firefox 27.0 (bnc#) 
- requires NSS 3.15.4 or higher
- rebased/reworked patches
- removed obsolete mozilla-bug929439.patch

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=363
 2014-02-03 15:34:42 +00:00
Wolfgang Rosenauer
89fd780e78 * mozilla-ppc64le.patch: general support 
* mozilla-libffi-ppc64le.patch: libffi backport
  * mozilla-xpcom-ppc64le.patch: port xpcom

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=361
 2014-01-02 21:31:24 +00:00
Wolfgang Rosenauer
65e2d4d5d7 Accepting request 211248 from openSUSE:Factory:PowerLE 
- Add support for powerpc64le-linux.
  * ppc64le-support.patch: general support
  * libffi-ppc64le.patch: libffi backport
  * xpcom-ppc64le.patch: port xpcom
- Add build fix from mainline.
  * mozilla-bug929439.patch

OBS-URL: https://build.opensuse.org/request/show/211248
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=360
 2014-01-02 20:02:50 +00:00
Wolfgang Rosenauer
2dbba8a23d - update to Firefox 26.0 (bnc#854367, bnc#854370) 
* rebased patches
  * requires NSPR 4.10.2 and NSS 3.15.3.1
  * MFSA 2013-104/CVE-2013-5609/CVE-2013-5610
    Miscellaneous memory safety hazards
  * MFSA 2013-105/CVE-2013-5611 (bmo#771294)
    Application Installation doorhanger persists on navigation
  * MFSA 2013-106/CVE-2013-5612 (bmo#871161)
    Character encoding cross-origin XSS attack
  * MFSA 2013-107/CVE-2013-5614 (bmo#886262)
    Sandbox restrictions not applied to nested object elements
  * MFSA 2013-108/CVE-2013-5616 (bmo#938341)
    Use-after-free in event listeners
  * MFSA 2013-109/CVE-2013-5618 (bmo#926361)
    Use-after-free during Table Editing
  * MFSA 2013-110/CVE-2013-5619 (bmo#917841)
    Potential overflow in JavaScript binary search algorithms
  * MFSA 2013-111/CVE-2013-6671 (bmo#930281)
    Segmentation violation when replacing ordered list elements
  * MFSA 2013-112/CVE-2013-6672 (bmo#894736)
    Linux clipboard information disclosure though selection paste
  * MFSA 2013-113/CVE-2013-6673 (bmo#970380)
    Trust settings for built-in roots ignored during EV certificate
    validation
  * MFSA 2013-114/CVE-2013-5613 (bmo#930381, bmo#932449)
    Use-after-free in synthetic mouse movement
  * MFSA 2013-115/CVE-2013-5615 (bmo#929261)
    GetElementIC typed array stubs can be generated outside observed
    typesets
  * MFSA 2013-116/CVE-2013-6629/CVE-2013-6630 (bmo#891693)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=358
 2013-12-11 08:31:54 +00:00
Wolfgang Rosenauer
bf5fb37f98 - update to Firefox 25.0 (bnc#847708) 
* rebased patches
  * requires NSS 3.15.2 or above
  * MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592
    Miscellaneous memory safety hazards
  * MFSA 2013-94/CVE-2013-5593 (bmo#868327)
    Spoofing addressbar through SELECT element
  * MFSA 2013-95/CVE-2013-5604 (bmo#914017)
    Access violation with XSLT and uninitialized data
  * MFSA 2013-96/CVE-2013-5595 (bmo#916580)
    Improperly initialized memory and overflows in some JavaScript
    functions
  * MFSA 2013-97/CVE-2013-5596 (bmo#910881)
    Writing to cycle collected object during image decoding
  * MFSA 2013-98/CVE-2013-5597 (bmo#918864)
    Use-after-free when updating offline cache
  * MFSA 2013-99/CVE-2013-5598 (bmo#920515)
    Security bypass of PDF.js checks using iframes
  * MFSA 2013-100/CVE-2013-5599/CVE-2013-5600/CVE-2013-5601
    (bmo#915210, bmo#915576, bmo#916685)
    Miscellaneous use-after-free issues found through ASAN fuzzing
  * MFSA 2013-101/CVE-2013-5602 (bmo#897678)
    Memory corruption in workers
  * MFSA 2013-102/CVE-2013-5603 (bmo#916404)
    Use-after-free in HTML document templates

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=356
 2013-10-30 14:45:02 +00:00
Wolfgang Rosenauer
a7dffc4885 - as GStreamer is not automatically required anymore but loaded 
dynamically if available, require it explicitely
- recommend optional GStreamer plugins for comprehensive media
  support

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=354
 2013-09-29 11:39:09 +00:00
Wolfgang Rosenauer
f2371498fd Accepting request 199275 from home:lnussel:branches:mozilla:Factory 
- move greek from to the translations-common package (bnc#840551)

OBS-URL: https://build.opensuse.org/request/show/199275
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=350
 2013-09-16 15:35:15 +00:00
Wolfgang Rosenauer
d2200a49cd - update to Firefox 24.0 (bnc#840485) 
- enable gstreamer via pref (gecko.js)
- require NSS 3.15.1

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=349
 2013-09-16 07:57:05 +00:00
Wolfgang Rosenauer
88e647fe19 - update to Firefox 23.0.1 
* Audio static/"burble"/breakup in Firefox to Firefox WebRTC calls
    (bmo#901527)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=347
 2013-08-27 07:42:59 +00:00
Wolfgang Rosenauer
2e3fd693c1 - update to Firefox 23.0 (bnc#833389) 
* MFSA 2013-63/CVE-2013-1701/CVE-2013-1702
    Miscellaneous memory safety hazards
  * MFSA 2013-64/CVE-2013-1704 (bmo#883313)
    Use after free mutating DOM during SetBody
  * MFSA 2013-65/CVE-2013-1705 (bmo#882865)
    Buffer underflow when generating CRMF requests
  * MFSA 2013-67/CVE-2013-1708 (bmo#879924)
    Crash during WAV audio file decoding
  * MFSA 2013-68/CVE-2013-1709 (bmo#838253)
    Document URI misrepresentation and masquerading
  * MFSA 2013-69/CVE-2013-1710 (bmo#871368)
    CRMF requests allow for code execution and XSS attacks
  * MFSA 2013-70/CVE-2013-1711 (bmo#843829)
    Bypass of XrayWrappers using XBL Scopes
  * MFSA 2013-72/CVE-2013-1713 (bmo#887098)
    Wrong principal used for validating URI for some Javascript
    components
  * MFSA 2013-73/CVE-2013-1714 (bmo#879787)
    Same-origin bypass with web workers and XMLHttpRequest
  * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397)
    Local Java applets may read contents of local file system
- requires NSPR 4.10 and NSS 3.15

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=345
 2013-08-07 12:18:59 +00:00
Wolfgang Rosenauer
a7d7992747 Accepting request 181923 from devel:ARM:Factory 
- fix build on ARM (/-g/ matches /-grecord-switches/)

OBS-URL: https://build.opensuse.org/request/show/181923
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=343
 2013-07-05 12:52:24 +00:00
Wolfgang Rosenauer
09a0ed1d17 - update to Firefox 22.0 (bnc#825935) 
* removed obsolete patches
    + mozilla-qcms-ppc.patch
    + mozilla-gstreamer-760140.patch
  * GStreamer support does not build on 12.1 anymore (build only
    on 12.2 and later)
- Fix qcms altivec include (mozilla-qcms-ppc.patch)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=340
 2013-06-24 07:57:33 +00:00
Wolfgang Rosenauer
0fe7f2e888 Accepting request 178590 from home:k0da:ppc 
- Fix qcms altivec include (mozilla-qcms-ppc.patch)

OBS-URL: https://build.opensuse.org/request/show/178590
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=338
 2013-06-12 07:22:47 +00:00
Wolfgang Rosenauer
b0b9e15388 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=335 2013-05-15 20:58:21 +00:00
Wolfgang Rosenauer
e44b8338d6 - update to Firefox 21.0 (bnc#819204) 
* removed upstreamed patch firefox-712763.patch
  * removed disabled mozilla-disable-neon-option.patch

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=333
 2013-05-14 14:33:59 +00:00
Wolfgang Rosenauer
dbffa7026c - revert to use GStreamer 0.10 on 12.3 (bnc#814101) 
(remove mozilla-gstreamer-1.patch)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=331
 2013-04-09 10:48:15 +00:00
Wolfgang Rosenauer
55c5e9e709 Accepting request 162909 from home:AndreasSchwab:ff 
- Explicitly disable WebRTC support on non-x86, the configure script
  disables it only half-heartedly

OBS-URL: https://build.opensuse.org/request/show/162909
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=329
 2013-04-06 19:20:40 +00:00
Wolfgang Rosenauer
10b98266f1 - update to Firefox 20.0 (bnc#813026) 
* requires NSPR 4.9.5 and NSS 3.14.3
  * MFSA 2013-30/CVE-2013-0788/CVE-2013-0789
    Miscellaneous memory safety hazards
  * MFSA 2013-31/CVE-2013-0800 (bmo#825721)
    Out-of-bounds write in Cairo library
  * MFSA 2013-35/CVE-2013-0796 (bmo#827106)
    WebGL crash with Mesa graphics driver on Linux
  * MFSA 2013-36/CVE-2013-0795 (bmo#825697)
    Bypass of SOW protections allows cloning of protected nodes
  * MFSA 2013-37/CVE-2013-0794 (bmo#626775)
    Bypass of tab-modal dialog origin disclosure
  * MFSA 2013-38/CVE-2013-0793 (bmo#803870)
    Cross-site scripting (XSS) using timed history navigations
  * MFSA 2013-39/CVE-2013-0792 (bmo#722831)
    Memory corruption while rendering grayscale PNG images
- use GStreamer 1.0 starting with 12.3 (mozilla-gstreamer-1.patch)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=326
 2013-04-02 19:00:31 +00:00
Wolfgang Rosenauer
90bc4d30c6 Accepting request 158795 from devel:ARM:Factory 
- build fixes for armv7hl:
  * disable debug build as armv7hl does not have enough memory
  * disable webrtc on armv7hl as it is non-compiling

OBS-URL: https://build.opensuse.org/request/show/158795
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=324
 2013-03-14 09:58:43 +00:00
Wolfgang Rosenauer
f34b49371b - update to Firefox 19.0.2 (bnc#808243) 
* MFSA 2013-29/CVE-2013-0787 (bmo#555018)
    Use-after-free in HTML Editor

- update to Firefox 19.0.1
  * blocklist updates

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=321
 2013-03-08 13:41:22 +00:00
Wolfgang Rosenauer
6a20f50d7f - update to Firefox 19.0 (bnc#804248) 
* MFSA 2013-21/CVE-2013-0783/2013-0784
    Miscellaneous memory safety hazards
  * MFSA 2013-22/CVE-2013-0772 (bmo#801366)
    Out-of-bounds read in image rendering
  * MFSA 2013-23/CVE-2013-0765 (bmo#830614)
    Wrapped WebIDL objects can be wrapped again
  * MFSA 2013-24/CVE-2013-0773 (bmo#809652)
    Web content bypass of COW and SOW security wrappers
  * MFSA 2013-25/CVE-2013-0774 (bmo#827193)
    Privacy leak in JavaScript Workers
  * MFSA 2013-26/CVE-2013-0775 (bmo#831095)
    Use-after-free in nsImageLoadingContent
  * MFSA 2013-27/CVE-2013-0776 (bmo#796475)
    Phishing on HTTPS connection through malicious proxy
  * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782/CVE-2013-0777/
    CVE-2013-0778/CVE-2013-0779/CVE-2013-0781
    Use-after-free, out of bounds read, and buffer overflow issues
    found using Address Sanitizer
- removed obsolete patches
  * mozilla-webrtc.patch
  * mozilla-gstreamer-803287.patch
- added patch to fix session restore window order (bmo#712763)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=319
 2013-02-19 19:24:59 +00:00
Wolfgang Rosenauer
71d293a758 - update to Firefox 18.0.2 
* blocklist and CTP updates
  * fixes in JS engine

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=317
 2013-02-08 07:03:05 +00:00
Wolfgang Rosenauer
1ad53d1168 - update to Firefox 18.0.1 
* blocklist updates
  * backed out bmo#677092 (removed patch)
  * fixed problems involving HTTP proxy transactions

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=315
 2013-01-20 09:36:34 +00:00
Wolfgang Rosenauer
29bd40e39a Accepting request 148241 from home:AndreasSchwab:ff 
- Fix WebRTC to build on powerpc

OBS-URL: https://build.opensuse.org/request/show/148241
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=314
 2013-01-13 13:11:48 +00:00
Wolfgang Rosenauer
7a99168951 - added mozilla-libproxy-compat.patch for libproxy API compat 
on openSUSE 11.2 and earlier
- backed out restartless language packs as it broke multi-locale
  setup (bmo#677092, bmo#818468)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=309
 2013-01-08 15:14:02 +00:00
Wolfgang Rosenauer
16dbe14e33 - update to Firefox 18.0 (bnc#796895) 
* requires NSS 3.14.1
  * removed obsolete SLE11 patches (mozilla-gcc43*)
- ported patches
- reenable WebRTC

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=308
 2013-01-07 20:49:28 +00:00
Wolfgang Rosenauer
401b2f7bae - update to Firefox 17.0.1 
* revert some useragent changes introduced in 17.0
  * leaving private browsing with social enabled doesn't reset all
    social components (bmo#815042)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=306
 2012-11-30 09:28:25 +00:00
Wolfgang Rosenauer
662e67c339 - update to Firefox 17.0 (bnc#790140) 
* MFSA 2012-91/CVE-2012-5842/CVE-2012-5843
    Miscellaneous memory safety hazards
  * MFSA 2012-92/CVE-2012-4202 (bmo#758200)
    Buffer overflow while rendering GIF images
  * MFSA 2012-93/CVE-2012-4201 (bmo#747607)
    evalInSanbox location context incorrectly applied
  * MFSA 2012-94/CVE-2012-5836 (bmo#792857)
    Crash when combining SVG text on path with CSS
  * MFSA 2012-95/CVE-2012-4203 (bmo#765628)
    Javascript: URLs run in privileged context on New Tab page
  * MFSA 2012-96/CVE-2012-4204 (bmo#778603)
    Memory corruption in str_unescape
  * MFSA 2012-97/CVE-2012-4205 (bmo#779821)
    XMLHttpRequest inherits incorrect principal within sandbox
  * MFSA 2012-99/CVE-2012-4208 (bmo#798264)
    XrayWrappers exposes chrome-only properties when not in chrome
    compartment
  * MFSA 2012-100/CVE-2012-5841 (bmo#805807)
    Improper security filtering for cross-origin wrappers
  * MFSA 2012-101/CVE-2012-4207 (bmo#801681)
    Improper character decoding in HZ-GB-2312 charset
  * MFSA 2012-102/CVE-2012-5837 (bmo#800363)
    Script entered into Developer Toolbar runs with chrome privileges
  * MFSA 2012-103/CVE-2012-4209 (bmo#792405)
    Frames can shadow top.location
  * MFSA 2012-104/CVE-2012-4210 (bmo#796866)
    CSS and HTML injection through Style Inspector
  * MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/
    CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=303
 2012-11-20 20:34:15 +00:00
Wolfgang Rosenauer
42ce70cbed - update to Firefox 16.0.2 (bnc#786522) 
* MFSA 2012-90/CVE-2012-4194/CVE-2012-4195/CVE-2012-4196
    (bmo#800666, bmo#793121, bmo#802557)
    Fixes for Location object issues
- bring back Obsoletes for libproxy's mozjs plugin for distributions
  before 12.2 to avoid crashes

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=301
 2012-10-26 21:49:26 +00:00
Wolfgang Rosenauer
7513245175 - update to Firefox 16.0.1 (bnc#783533) 
* MFSA 2012-88/CVE-2012-4191 (bmo#798045)
    Miscellaneous memory safety hazards
  * MFSA 2012-89/CVE-2012-4192/CVE-2012-4193 (bmo#799952, bmo#720619)
    defaultValue security checks not applied

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=299
 2012-10-12 06:40:31 +00:00
Wolfgang Rosenauer
6f2059ff99 - update to Firefox 16.0 (bnc#783533) 
- requires NSPR 4.9.2
- improve GStreamer integration (bmo#760140)
- removed upstreamed mozilla-crashreporter-restart-args.patch
- webapprt now included
- use kmozillahelper's new REVEAL command (bnc#777415)
  (requires mozilla-kde4-integration >= 0.6.4)
- updated translations-other with new languages

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=295
 2012-10-09 11:14:08 +00:00
Wolfgang Rosenauer
a1842748f3 - update to Firefox 15.0.1 (bnc#779936) 
* Sites visited while in Private Browsing mode could be found
    through manual browser cache inspection (bmo#787743)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=293
 2012-09-12 10:14:03 +00:00
Wolfgang Rosenauer
84ebf9d464 - update to Firefox 15.0 (bnc#777588) 
* MFSA 2012-57/CVE-2012-1970
    Miscellaneous memory safety hazards
  * MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1975
    CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE-2012-3959
    CVE-2012-3960/CVE-2012-3961/CVE-2012-3962/CVE-2012-3963/CVE-2012-3964
    Use-after-free issues found using Address Sanitizer
  * MFSA 2012-59/CVE-2012-1956 (bmo#756719)
    Location object can be shadowed using Object.defineProperty
  * MFSA 2012-60/CVE-2012-3965 (bmo#769108)
    Escalation of privilege through about:newtab
  * MFSA 2012-61/CVE-2012-3966 (bmo#775794, bmo#775793)
    Memory corruption with bitmap format images with negative height
  * MFSA 2012-62/CVE-2012-3967/CVE-2012-3968
    WebGL use-after-free and memory corruption
  * MFSA 2012-63/CVE-2012-3969/CVE-2012-3970
    SVG buffer overflow and use-after-free issues
  * MFSA 2012-64/CVE-2012-3971
    Graphite 2 memory corruption
  * MFSA 2012-65/CVE-2012-3972 (bmo#746855)
    Out-of-bounds read in format-number in XSLT
  * MFSA 2012-66/CVE-2012-3973 (bmo#757128)
    HTTPMonitor extension allows for remote debugging without explicit
    activation
  * MFSA 2012-68/CVE-2012-3975 (bmo#770684)
    DOMParser loads linked resources in extensions when parsing
    text/html
  * MFSA 2012-69/CVE-2012-3976 (bmo#768568)
    Incorrect site SSL certificate data display
  * MFSA 2012-70/CVE-2012-3978 (bmo#770429)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=291
 2012-08-28 18:40:50 +00:00
Wolfgang Rosenauer
e5beda73e6 - PPC fixes: 
* reenabled mozilla-yarr-pcre.patch to fix build for PPC
  * add patches for bmo#750620 and bmo#746112
  * fix xpcshell segfault on ppc

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=285
 2012-07-16 18:54:48 +00:00
Wolfgang Rosenauer
ec5d636a3c - update to 14.0.1 (bnc#) 
- license change from tri license to MPL-2.0
- fix crashreporter restart option (bmo#762780)
- reenabled mozilla-yarr-pcre.patch to fix build for PPC
- require NSS 3.13.5
- remove mozjs pacrunner obsoletes again for now
- adopted mozilla-prefer_plugin_pref.patch

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=284
 2012-07-16 08:13:51 +00:00
Wolfgang Rosenauer
ad9947e5f3 - update to Firefox 13.0.1 
* bugfix release
- obsolete libproxy's mozjs pacrunner (bnc#759123)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=282
 2012-06-15 20:14:41 +00:00
Wolfgang Rosenauer
a7f369b4c2 - update to Firefox 13.0 (bnc#765204) 
* MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101
    Miscellaneous memory safety hazards
  * MFSA 2012-36/CVE-2012-1944 (bmo#751422)
    Content Security Policy inline-script bypass
  * MFSA 2012-37/CVE-2012-1945 (bmo#670514)
    Information disclosure though Windows file shares and shortcut
    files
  * MFSA 2012-38/CVE-2012-1946 (bmo#750109)
    Use-after-free while replacing/inserting a node in a document
  * MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941
    Buffer overflow and use-after-free issues found using Address
    Sanitizer
- require NSS 3.13.4
  * MFSA 2012-39/CVE-2012-0441 (bmo#715073)
- fix sound notifications when filename/path contains a whitespace
  (bmo#749739)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=280
 2012-06-05 18:01:53 +00:00
Wolfgang Rosenauer
233fa87cb3 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=278 2012-05-25 07:14:05 +00:00
Wolfgang Rosenauer
5cbfe5dc1a Accepting request 122016 from openSUSE:Factory:ARM 
explicit disable EDSP on arm, support is broken

OBS-URL: https://build.opensuse.org/request/show/122016
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=277
 2012-05-25 07:01:36 +00:00
Wolfgang Rosenauer
03a2b96996 - reenabled crashreporter for Factory/12.2 
(fix in mozilla-gcc47.patch)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=275
 2012-05-16 05:35:58 +00:00
Wolfgang Rosenauer
3c4317c1ff - update to Firefox 12.0 (bnc#758408) 
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=271
 2012-04-21 10:42:40 +00:00
Wolfgang Rosenauer
1d2bc7dc71 - update to Firefox 12.0b6 
* rebased patches
- added mozilla-libnotify.patch to allow fallback from libnotify
  to xul based events if no notification-daemon is running
- gcc 4.7 fixes
  * mozilla-gcc47.patch
  * disabled crashreporter temporarily for Factory
- recommend libcanberra0 for proper sound notifications

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=270
 2012-04-20 19:18:58 +00:00
Wolfgang Rosenauer
9b8c7a10ed - update to Firefox 11.0 (bnc#750044) 
* MFSA 2012-13/CVE-2012-0455 (bmo#704354)
    XSS with Drag and Drop and Javascript: URL
  * MFSA 2012-14/CVE-2012-0456/CVE-2012-0457 (bmo#711653, #720103)
    SVG issues found with Address Sanitizer
  * MFSA 2012-15/CVE-2012-0451 (bmo#717511)
    XSS with multiple Content Security Policy headers
  * MFSA 2012-16/CVE-2012-0458
    Escalation of privilege with Javascript: URL as home page
  * MFSA 2012-17/CVE-2012-0459 (bmo#723446)
    Crash when accessing keyframe cssText after dynamic modification
  * MFSA 2012-18/CVE-2012-0460 (bmo#727303)
    window.fullScreen writeable by untrusted content
  * MFSA 2012-19/CVE-2012-0461/CVE-2012-0462/CVE-2012-0464/
    CVE-2012-0463
    Miscellaneous memory safety hazards

- add Provides: browser(npapi) FATE#313084

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=268
 2012-03-14 07:27:10 +00:00
Wolfgang Rosenauer
86129f9536 Accepting request 107981 from home:vdziewiecki:branches:mozilla:Factory 
- add Provides: browser(npapi) FATE#313084

OBS-URL: https://build.opensuse.org/request/show/107981
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=266
 2012-03-05 13:38:22 +00:00
Wolfgang Rosenauer
934bfffd3c OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=265 2012-03-01 09:11:44 +00:00
Wolfgang Rosenauer
3dcefa43db - update to version 11.0b5 
- ported and reenabled KDE integration (bnc#746591)
- explicitely build-require X libs

- better plugin directory resolution (bnc#747320)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=264
 2012-03-01 09:09:12 +00:00
Wolfgang Rosenauer
debdb7d238 Accepting request 107062 from openSUSE:Factory:ARM 
- fix buildrequires for Factory

OBS-URL: https://build.opensuse.org/request/show/107062
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=263
 2012-02-28 07:27:36 +00:00
Wolfgang Rosenauer
48942bb06f - update to Firefox 10.0.2 (bnc#747328) 
* CVE-2011-3026 (bmo#727401)
    libpng: integer overflow leading to heap-buffer overflow

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=261
 2012-02-16 13:41:23 +00:00
Wolfgang Rosenauer
9dd1e5949c - update to Firefox 10.0.1 (bnc#746616) 
* MFSA 2012-10/CVE-2012-0452 (bmo#724284)
    use after free in nsXBLDocumentInfo::ReadPrototypeBindings

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=258
 2012-02-12 22:09:22 +00:00
Wolfgang Rosenauer
eee92765e6 - Use YARR interpreter instead of PCRE on platforms where YARR JIT 
is not supported, since PCRE doesnt build (bmo#691898)
- fix ppc64 build (bmo#703534)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=255
 2012-02-07 18:15:47 +00:00
Wolfgang Rosenauer
54fa2b53dd - update to Firefox 10.0 (bnc#744275) 
* MFSA 2012-01/CVE-2012-0442/CVE-2012-0443
    Miscellaneous memory safety hazards
  * MFSA 2012-03/CVE-2012-0445 (bmo#701071)
    <iframe> element exposed across domains via name attribute
  * MFSA 2012-04/CVE-2011-3659 (bmo#708198)
    Child nodes from nsDOMAttribute still accessible after removal
    of nodes
  * MFSA 2012-05/CVE-2012-0446 (bmo#705651)
    Frame scripts calling into untrusted objects bypass security
    checks
  * MFSA 2012-06/CVE-2012-0447 (bmo#710079)
    Uninitialized memory appended when encoding icon images may
    cause information disclosure
  * MFSA 2012-07/CVE-2012-0444 (bmo#719612)
    Potential Memory Corruption When Decoding Ogg Vorbis files
  * MFSA 2012-08/CVE-2012-0449 (bmo#701806, bmo#702466)
    Crash with malformed embedded XSLT stylesheets
- KDE integration has been disabled since it needs refactoring
- removed obsolete ppc64 patch

- Disable neon for arm as it doesn't build correctly

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=252
 2012-02-01 13:37:15 +00:00
Wolfgang Rosenauer
f33289d5ff - update to Firefox 9.0.1 
* (strongparent) parentNode of element gets lost (bmo#335998)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=249
 2011-12-23 20:44:10 +00:00
Wolfgang Rosenauer
3017ae6323 - update to Firefox 9 (bnc#737533) 
* MFSA 2011-53/CVE-2011-3660
    Miscellaneous memory safety hazards (rv:9.0)
  * MFSA 2011-54/CVE-2011-3661 (bmo#691299)
    Potentially exploitable crash in the YARR regular expression
    library
  * MFSA 2011-55/CVE-2011-3658 (bmo#708186)
    nsSVGValue out-of-bounds access
  * MFSA 2011-56/CVE-2011-3663 (bmo#704482)
    Key detection without JavaScript via SVG animation
  * MFSA 2011-58/VE-2011-3665 (bmo#701259)
    Crash scaling <video> to extreme sizes

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=246
 2011-12-20 20:07:17 +00:00
Wolfgang Rosenauer
a4c123508f Accepting request 96954 from openSUSE:Factory:ARM 
fixed build for arm, not finally tested with v9 yet...

OBS-URL: https://build.opensuse.org/request/show/96954
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=245
 2011-12-19 13:17:53 +00:00
Wolfgang Rosenauer
3df3bcb178 - update to Firefox 9 
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=244
 2011-12-18 13:13:18 +00:00