1
0
Commit Graph

627 Commits

Author SHA256 Message Date
Wolfgang Rosenauer
7e741ea41d - Mozilla Firefox 66.0.1
MFSA 2019-09 (bsc#1130262)
  * CVE-2019-9810 (bmo#1537924)
    IonMonkey MArraySlice has incorrect alias information
  * CVE-2019-9813 (bmo#1538006)
    Ionmonkey type confusion with __proto__ mutations

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=724
2019-03-23 07:56:11 +00:00
Wolfgang Rosenauer
c35c1573d5 - Mozilla Firefox 66.0
* Increased content processes to 8
  * Added capability to search through open tabs from the tab overflow menu
  * New backend for the storage.local WebExtensions API, providing
    I/O performance improvements when the extension updates a small
    subset of the stored data
  * WebExtension keyboard shortcuts can now be managed or overridden
    from about:addons
  * Improved scrolling behavior: Firefox will now attempt to keep content
    from jumping around while a page is loading by supporting scroll
    anchoring
  * New about:privatebrowsing with search
  * A certificate error page now notifies the user of the name of the
    certificate issuer that breaks HTTPs connections on intercepted
    connections to help troubleshooting possible anti-virus software
    issues.
  * Fixed an performance issue some Linux users experienced with the
    Downloads panel (bmo#1517101)
  * Firefox now blocks all autoplay media with sound by default. Users
    can add individual sites to an exceptions list or turn the blocking
    off.
  * System title bar is hidden by default to match Gnome guideline
  MFSA 2019-07 (bsc#1129821)
  * CVE-2019-9790 (bmo#1525145)
    Use-after-free when removing in-use DOM elements
  * CVE-2019-9791 (bmo#1530958)
    Type inference is incorrect for constructors entered through on-stack
    replacement with IonMonkey
  * CVE-2019-9792 (bmo#1532599)
    IonMonkey leaks JS_OPTIMIZED_OUT magic value to script

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=723
2019-03-19 22:01:55 +00:00
Wolfgang Rosenauer
0d243c2ff1 Accepting request 681668 from home:coolo:branches:mozilla:Factory
- Do not hardcode nodejs8 but leave the prefer to the distribution
  (Tumbleweed staging wants to switch to nodejs10)

OBS-URL: https://build.opensuse.org/request/show/681668
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=721
2019-03-07 08:01:24 +00:00
Wolfgang Rosenauer
9feea8555d - Mozilla Firefox 65.0.1
* Fixed accidental requests to addons.mozilla.org when an addon
    recommendation doorhanger is shown (bmo#1526387)
  * Improved playback of interactive Netflix videos (bmo#1524500)
  * Fixed incorrect sizing of the "Clear Recent History" window in
    some situations (bmo#1523696)
  * Fixed audio & video delays while making WebRTC calls
    (bmo#1521577, bmo#1523817)
  * Fixed video sizing problems during some WebRTC calls (bmo#1520200)
  * Fixed looping CONNECT requests when using WebSockets over HTTP/2
    from behind a proxy server (bmo#1523427)
  * Fixed the "Enter" key not working on password entry fields for
    certain Linux distributions (bmo#1523635)
  MFSA 2019-04
  * CVE-2018-18356 bmo#1525817
    Use-after-free in Skia
  * CVE-2019-5785 bmo#1525433
    Integer overflow in Skia
  * CVE-2018-18511 bmo#1526218
    Cross-origin theft of images with ImageBitmapRenderingContext
- Enable LTO only for latest new toolchain (boo#1125038) for x86_64
  (with increased memory constraints)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=717
2019-02-13 08:14:35 +00:00
Wolfgang Rosenauer
6164077723 Accepting request 674399 from home:marxin:branches:mozilla:Factory
- Enable LTO only for latest toolchain (boo#1125038).

OBS-URL: https://build.opensuse.org/request/show/674399
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=716
2019-02-13 07:10:01 +00:00
Wolfgang Rosenauer
292dbe02a3 Accepting request 673283 from home:marxin:branches:mozilla:Factory
- Enable LTO for x86_64 (with increased memory constraints).

OBS-URL: https://build.opensuse.org/request/show/673283
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=714
2019-02-11 11:41:34 +00:00
Wolfgang Rosenauer
1030f9ddf5 - rebased patches
- remove workaround for build memory consumption on i586; other
  mitigations meanwhile introduced (mainly parallelity) will be
  sufficient
  mozilla-reduce-files-per-UnifiedBindings.patch

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=712
2019-02-03 06:39:38 +00:00
Wolfgang Rosenauer
4962fbcbc3 missing proper changelog before Factory submission
- Mozilla Firefox 65.0
- requires
  NSS 3.41
  rust/carge 1.30
  rust-cbindgen 0.6.7
-rebased patches

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=709
2019-01-29 18:07:12 +00:00
Wolfgang Rosenauer
59c27b8c6c Accepting request 666261 from home:marxin:branches:mozilla:Factory
- Increase disk constraint.
- Remove -v from mach build in order to work-around bmo#1500436.

OBS-URL: https://build.opensuse.org/request/show/666261
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=708
2019-01-16 09:31:29 +00:00
Wolfgang Rosenauer
68e8e12c27 Accepting request 664693 from home:marxin:branches:mozilla:Factory-new2
- Set %clang_build to false on all architectures
- Do not use -fno-delete-null-pointer-checks and -fno-strict-aliasing:
  it should not be needed.
- Do not overwrite enable-optimize and when possible
  enable --enable-debug-symbols.
- Add -v to mach in order to make build verbose.

OBS-URL: https://build.opensuse.org/request/show/664693
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=705
2019-01-12 22:48:04 +00:00
Wolfgang Rosenauer
c828807e6d Accepting request 664321 from home:AndreasStieger:branches:mozilla:Factory
64.0.2

OBS-URL: https://build.opensuse.org/request/show/664321
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=704
2019-01-10 10:25:49 +00:00
Wolfgang Rosenauer
96abfaec58 Accepting request 659329 from home:Guillaume_G:branches:mozilla:Factory
- Enable build_hardened for all architectures
- Switch back aarch64 to clang as '-fPIC' fixes bmo#1513605
- Remove obolete '--enable-pie' as -pie is always enabled for gcc and clang

OBS-URL: https://build.opensuse.org/request/show/659329
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=703
2019-01-07 19:59:56 +00:00
Wolfgang Rosenauer
f2a1d1c9f4 Accepting request 657818 from home:Guillaume_G:branches:mozilla:Factory
- Switch aarch64 builds back to gcc, not clang (bmo#1513605)
- Switch %arm builds back to gcc, not clang to avoid OOM
- Fix build flags when clang is not used
- Fix flags for clang ppc64 builds

OBS-URL: https://build.opensuse.org/request/show/657818
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=700
2018-12-13 12:15:35 +00:00
Wolfgang Rosenauer
7d565ee4aa - update to Firefox 64.0
* Better recommendations: You may see suggestions in regular browsing
    mode for new and relevant Firefox features, services, and extensions
    based on how you use the web (for US users only)
  * Enhanced tab management: You can now select multiple tabs from the
    tab bar and close, move, bookmark, or pin them quickly and easily
  * Easier performance management: The new Task Manager page found at
    about:performance lets you see how much energy each open tab consumes
    and provides access to close tabs to conserve power
  * Improved performance for Mac and Linux users, by enabling link time
    optimization (Clang LTO).
  * Added option to remove add-ons using the context menu on their
    toolbar buttons
  * RSS feed preview and live bookmarks are available only via add-ons
  * TLS certificates issued by Symantec are no longer trusted by Firefox.
    Website operators are strongly encouraged to replace any remaining
    Symantec TLS certificates as soon as possible
  MFSA 2018-29 (bsc#1119105)
  * CVE-2018-12407 bmo#1505973
    Buffer overflow with ANGLE library when using VertexBuffer11 module
  * CVE-2018-17466 bmo#1488295
    Buffer overflow and out-of-bounds read in ANGLE library with
    TextureStorage11
  * CVE-2018-18492 bmo#1499861
    Use-after-free with select element
  * CVE-2018-18493 bmo#1504452
    Buffer overflow in accelerated 2D canvas with Skia
  * CVE-2018-18494 bmo#1487964
    Same-origin policy violation using location attribute and
    performance.getEntries to steal cross-origin URLs

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=699
2018-12-12 11:35:28 +00:00
Wolfgang Rosenauer
d8b75f888e Accepting request 652365 from home:Guillaume_G:branches:mozilla:Factory
- Remove --disable-elf-hack when not available: on aarch64 and ppc64*

OBS-URL: https://build.opensuse.org/request/show/652365
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=698
2018-12-11 07:45:25 +00:00
Wolfgang Rosenauer
f6f6df084e Accepting request 651976 from home:Guillaume_G:branches:mozilla:Factory2
- Clean-up %arm build

OBS-URL: https://build.opensuse.org/request/show/651976
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=695
2018-11-26 10:42:10 +00:00
Wolfgang Rosenauer
3ce0fd3bc7 - update to Firefox 63.0.3
* Games using WebGL (created in Unity) get stuck after very short
    time of gameplay (bmo#1502748)
  * Slow page loading for some users with specific proxy configurations
    (bmo#1495024)
  * Disable HTTP response throttling by default for causing bugs with
    videos in background tabs (bmo#1503354)
  * Opening magnet links no longer works (bmo#1498934)
  * Crash fixes (bmo#1498510, bmo#1503424)
- removed mozilla-newer-cbindgen.patch; no longer needed
- requires rust-cbindgen >= 0.6.2 to build
- requires nodejs >= 8.11 to build
- added mozilla-newer-cbindgen.patch to fix build with cbindgen 0.6.7

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=694
2018-11-18 21:46:59 +00:00
Wolfgang Rosenauer
b19ebee19e - disable elfhack for TW and newer due to build errors
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=693
2018-11-12 11:49:28 +00:00
Wolfgang Rosenauer
2f1f7dea2a - update to Firefox 63.0.1
* Snippets are not loaded due to missing element (bmo#1503047)
  * Print preview always shows 30& scale when it is actually
    Shrink To Fit (bmo#1501952)
  * Dialog displayed when closing multiple windows shows unreplaced
    %1$S placeholder in Japanese and potentially other locales
    (bmo#1500823)
  MFSA 2018-26 (bsc#1112852)
  * CVE-2018-12391 (bmo#1478843) (Android-only)
    HTTP Live Stream audio data is accessible cross-origin
  * CVE-2018-12392 (bmo#1492823)
    Crash with nested event loops
  * CVE-2018-12393 (bmo#1495011) (only affects non-64-bit archs)
    Integer overflow during Unicode conversion while loading JavaScript
  * CVE-2018-12395 (bmo#1467523)
    WebExtension bypass of domain restrictions through header rewriting
  * CVE-2018-12396 (bmo#1483602)
    WebExtension content scripts can execute in disallowed contexts
  * CVE-2018-12397 (bmo#1487478)
    Missing warning prompt when WebExtension requests local file access
  * CVE-2018-12398 (bmo#1460538, bmo#1488061)
    CSP bypass through stylesheet injection in resource URIs
  * CVE-2018-12399 (bmo#1490276)
    Spoofing of protocol registration notification bar
  * CVE-2018-12400 (bmo#1448305) (Android only)
    Favicons are cached in private browsing mode on Firefox for Android
  * CVE-2018-12401 (bmo#1422456)
    DOS attack through special resource URI parsing
  * CVE-2018-12402 (bmo#1469916)
    SameSite cookies leak when pages are explicitly saved

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=692
2018-11-10 21:07:09 +00:00
Wolfgang Rosenauer
6bbb36ffe9 - update to Firefox 63.0
* WebExtensions now run in their own process on Linux
  * The Ctrl+Tab shortcut now displays thumbnail previews of your
    tabs and cycles through tabs in recently used order. This new
    default behavior is activated only in new profiles and can be
    changed in preferences.
  * Added support for Web Components custom elements and shadow DOM
- requires NSPR 4.20, NSS 3.39 and Rust 1.28

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=691
2018-10-29 15:21:53 +00:00
Wolfgang Rosenauer
5048a922bb Accepting request 644806 from home:Guillaume_G:branches:mozilla:Factory
- Update _constraints for armv6/7
- Add patch to fix build on armv7:
  * mozilla-bmo1463035.patch

OBS-URL: https://build.opensuse.org/request/show/644806
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=690
2018-10-29 14:09:04 +00:00
Wolfgang Rosenauer
7f0ad4c413 Accepting request 639735 from home:AndreasStieger:branches:mozilla:Factory
- Mozilla Firefox 62.0.3:
  MFSA 2018-24
  * CVE-2018-12386 (bsc#1110506, bmo#1493900)
    Type confusion in JavaScript allowed remote code execution
  * CVE-2018-12387 (bsc#1110507, bmo#1493903)
    Array.prototype.push stack pointer vulnerability may enable
    exploits in the sandboxed content process

OBS-URL: https://build.opensuse.org/request/show/639735
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=688
2018-10-03 12:24:02 +00:00
Wolfgang Rosenauer
42ab585fa7 - disable rust debug symbols to fix build on %ix86
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=686
2018-09-24 20:59:09 +00:00
Wolfgang Rosenauer
ec4afab305 Accepting request 637170 from home:AndreasStieger:branches:mozilla:Factory
Mozilla Firefox 62.0.2
  * CVE-2018-12385 (boo#1109363, bmo#1490585)

OBS-URL: https://build.opensuse.org/request/show/637170
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=684
2018-09-22 09:37:16 +00:00
Wolfgang Rosenauer
551d63d536 - update to Firefox 62.0 (build2)
- requires NSS >= 3.38
- removed obsolete patches
  mozilla-bmo1464766.patch

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=682
2018-09-05 07:16:27 +00:00
Wolfgang Rosenauer
a3dfca5f05 - update to Firefox 61.0.2
* Improved website rendering with the Retained Display List feature
    enabled (bmo#1474402)
  * Fixed broken DevTools panels with certain extensions installed
    (bmo#1474379)
  * Fixed a crash for users with some accessibility tools enabled
    (bmo#1474007)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=680
2018-08-09 18:13:29 +00:00
Wolfgang Rosenauer
b94eb6767e Accepting request 621667 from home:AndreasStieger:branches:mozilla:Factory
Firefox 61.0.1

OBS-URL: https://build.opensuse.org/request/show/621667
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=678
2018-07-09 16:46:43 +00:00
Wolfgang Rosenauer
206b6f2820 - update to Firefox 61.0
* Performance enhancements
  * Various improvements for dark theme support will provide a more
    consistent experience across the entire Firefox UI
  * OpenSearch plugins offered by web pages can now be added from the
    page action menu for easier installation
  * Improved support for allowing WebExtensions to manage and hide tabs
- requires NSS 3.37.3
- requires python >= 3.5 to build
- removed obsolete patches
  mozilla-i586-DecoderDoctorLogger.patch
  mozilla-i586-domPrefs.patch
  mozilla-fix-skia-aarch64.patch
  mozilla-bmo1375074.patch
  mozilla-enable-csd.patch
- patch for new no-return warnings (mozilla-no-return.patch)
- do not disable system installed locales (mozilla-bmo1464766.patch)

- Add conditional for pkgconfig(gconf-2.0) BuildRequires, and pass
  conditional --disable-gconf to configure: no longer pull in
  obsolete gconf2 for Tumbleweed.

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=673
2018-06-25 20:56:47 +00:00
Wolfgang Rosenauer
ea8e2a80bd - update to Firefox 60.0.2
* requires NSS 3.36.4
  MFSA 2018-14 (bsc#1096449)
  * CVE-2018-6126 (bmo#1462682)
    Heap buffer overflow rasterizing paths in SVG with Skia

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=671
2018-06-07 14:08:54 +00:00
Wolfgang Rosenauer
4a2d8988d3 Accepting request 614877 from home:Guillaume_G:branches:mozilla:Factory
- Add upstream patch to fix boo#1093059 instead of '-ffixed-x28' workaround:
  * mozilla-bmo1375074.patch

OBS-URL: https://build.opensuse.org/request/show/614877
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=670
2018-06-07 11:56:20 +00:00
Wolfgang Rosenauer
6b78971621 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=668 2018-05-26 21:36:30 +00:00
Wolfgang Rosenauer
5210fcee40 Accepting request 612415 from home:Guillaume_G:branches:mozilla:Factory
- Workaround crash on startup on aarch64, boo#1093059

OBS-URL: https://build.opensuse.org/request/show/612415
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=666
2018-05-26 15:51:56 +00:00
Wolfgang Rosenauer
45b6b99978 Accepting request 608990 from home:Guillaume_G:branches:mozilla:Factory
- Disable webrtc for aarch64 due to bmo#1434589
- Add patch to fix skia build on AArch64:
  * mozilla-fix-skia-aarch64.patch

OBS-URL: https://build.opensuse.org/request/show/608990
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=663
2018-05-23 08:43:47 +00:00
Wolfgang Rosenauer
9915e415f7 - update to Firefox 60.0.1
* Avoid overly long cycle collector pauses with some add-ons installed
    (bmo#1449033)
  * After unckecking the "Sponsored Stories" option, the New Tab page
    now immediately stops displaying "Sponsored content" cards (bmo#1458906)
  * On touchscreen devices, fixed momentum scrolling on non-zoomable pages
    (bmo#1457743)
  * Use the right default background when opening tabs or windows in
    high contrast mode (bmo#1458956)
  * Restored translations of the Preferences panels when using a
    language pack (bmo#1461590)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=661
2018-05-17 14:35:18 +00:00
Wolfgang Rosenauer
eef38bbb12 Accepting request 607198 from home:pcerny:factory
parellelise locales building (package build speedup 10%+)

OBS-URL: https://build.opensuse.org/request/show/607198
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=660
2018-05-14 16:04:59 +00:00
Wolfgang Rosenauer
19ab3bdb06 MFSA 2018-11 (bsc#1092548)
* CVE-2018-5154 (bmo#1443092)
    Use-after-free with SVG animations and clip paths
  * CVE-2018-5155 (bmo#1448774)
    Use-after-free with SVG animations and text paths
  * CVE-2018-5157 (bmo#1449898)
    Same-origin bypass of PDF Viewer to view protected PDF files
  * CVE-2018-5158 (bmo#1452075)
    Malicious PDF can inject JavaScript into PDF Viewer
  * CVE-2018-5159 (bmo#1441941)
    Integer overflow and out-of-bounds write in Skia
  * CVE-2018-5160 (bmo#1436117)
    Uninitialized memory use by WebRTC encoder
  * CVE-2018-5152 (bmo#1415644, bmo#1427289)
    WebExtensions information leak through webRequest API
  * CVE-2018-5153 (bmo#1436809)
    Out-of-bounds read in mixed content websocket messages
  * CVE-2018-5163 (bmo#1426353)
    Replacing cached data in JavaScript Start-up Bytecode Cache
  * CVE-2018-5164 (bmo#1416045)
    CSP not applied to all multipart content sent with
    multipart/x-mixed-replace
  * CVE-2018-5166 (bmo#1437325)
    WebExtension host permission bypass through filterReponseData
  * CVE-2018-5167 (bmo#1447969)
    Improper linkification of chrome: and javascript: content in
    web console and JavaScript debugger
  * CVE-2018-5168 (bmo#1449548)
    Lightweight themes can be installed without user interaction
  * CVE-2018-5169 (bmo#1319157)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=658
2018-05-09 19:58:20 +00:00
Wolfgang Rosenauer
57e0eca548 - use upstream source archive and detached signature for
source verification

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=657
2018-05-09 09:46:09 +00:00
Wolfgang Rosenauer
0344382ac8 - update to Firefox 60.0
* Added a policy engine that allows customized Firefox deployments
    in enterprise environments, using Windows Group Policy or a
    cross-platform JSON file
  * Applied Quantum CSS to render browser UI
  * Added support for Web Authentication, allowing the use of USB
    tokens for authentication to web sites
  * Locale added: Occitan (oc)
- removed obsolete patches
  0001-Bug-1435695-WebRTC-fails-to-build-with-GCC-8-r-dmino.patch
- requires NSPR 4.19 and NSS 3.36.1
- requires rust 1.24 or higher

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=655
2018-05-08 13:14:23 +00:00
Wolfgang Rosenauer
f9f24f9c98 Accepting request 603791 from home:Guillaume_G:branches:openSUSE:Factory:ARM
- Fix armv7 build by:
  * adding RUSTFLAGS="-Cdebuginfo=0"
  * updating _constraints for %arm

OBS-URL: https://build.opensuse.org/request/show/603791
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=654
2018-05-07 08:31:01 +00:00
Wolfgang Rosenauer
8f47a5e0ee Accepting request 602850 from home:AndreasStieger:branches:mozilla:Factory
- fix build in openSUSE:Leap:42.3:Update, use gcc7

OBS-URL: https://build.opensuse.org/request/show/602850
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=650
2018-05-02 07:26:13 +00:00
Wolfgang Rosenauer
f1dc5639b2 Accepting request 602833 from home:AndreasStieger:branches:mozilla:Factory
Mozilla Firefox 59.0.3

OBS-URL: https://build.opensuse.org/request/show/602833
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=649
2018-05-01 17:13:15 +00:00
Wolfgang Rosenauer
b9c534ef0d Accepting request 599877 from home:marxin:branches:mozilla:Factory
- Add 0001-Bug-1435695-WebRTC-fails-to-build-with-GCC-8-r-dmino.patch
  in order to fix boo#1090362.

OBS-URL: https://build.opensuse.org/request/show/599877
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=647
2018-04-25 20:14:59 +00:00
Wolfgang Rosenauer
5e0222bbda Accepting request 593016 from home:badshah400:branches:mozilla:Factory
- Add back mozilla-enable-csd.patch: New rebased version from Fedora for version 59.0.x.

OBS-URL: https://build.opensuse.org/request/show/593016
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=646
2018-04-03 07:38:15 +00:00
Wolfgang Rosenauer
a07c7d7f17 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=643 2018-03-27 12:14:12 +00:00
Wolfgang Rosenauer
f3956c8162 - update to Firefox 59.0.2
* Invalid page rendering with hardware acceleration enabled (bmo#1435472)
  * Browser keyboard shortcuts (eg copy Ctrl+C) don't work on sites
    that use those keys with resistFingerprinting enabled (bmo#1433592)
  * High CPU / memory churn caused by third-party software on some
    computers (bmo#1446280)
  * Users who have configured an "automatic proxy configuration URL"
    and want to reload their proxy settings from the URL will find
    the Reload button disabled in the Connection Settings dialog when
    they select Preferences/Options>Network Proxy>Settings... (bmo#1445991)
  * URL Fragment Identifiers Break Service Worker Responses (bmo#1443850)
  * User's trying to cancel a print around the time it completes will
    continue to get intermittent crashes (bmo#1441598)
  MFSA 2018-10 (bsc#1087059)
  * CVE-2018-5148 (bmo#1440717)
    Use-after-free in compositor
- removed obsolete patch mozilla-bmo1446062.patch
  * mozilla-i586-domPrefs.patch - DOMPrefs.h

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=642
2018-03-27 12:10:14 +00:00
Wolfgang Rosenauer
59451a5643 Accepting request 590743 from home:cgrobertson:branches:mozilla:Factory
- Added patches:
  * mozilla-i586-DecoderDoctorLogger.patch - bmo#1447070
    fixes non-unified build error
  * mozilla-i586-domPrefs.patch - DOMPrefs.h 
    fixes 32bit build error

OBS-URL: https://build.opensuse.org/request/show/590743
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=641
2018-03-26 11:11:30 +00:00
Wolfgang Rosenauer
032c70a665 (mozilla-bmo1446062.patch)
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=639
2018-03-17 08:09:22 +00:00
Wolfgang Rosenauer
5257d425d0 - update to Firefox 59.0.1 (bsc#1085671)
MFSA 2018-08
  * CVE-2018-5146 (bmo#1446062)
    Vorbis audio processing out of bounds write
  * CVE-2018-5147 (bmo#1446365)
    Out of bounds memory write in libtremor

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=638
2018-03-16 18:58:54 +00:00
Wolfgang Rosenauer
a51b2db7d0 Accepting request 587943 from home:cgrobertson:branches:mozilla:Factory
- Added patch:
  * mozilla-bmo1005535.patch:
    Enable skia_gpu on big endian platforms.

OBS-URL: https://build.opensuse.org/request/show/587943
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=637
2018-03-16 16:09:39 +00:00
Wolfgang Rosenauer
3f1ee3498d - update to Firefox 59.0
* Performance enhancements
  * Drag-and-drop to rearrange Top Sites on the Firefox Home page
  * added features for Firefox Screenshots
  * Enhanced WebExtensions API
  * Improved RTC capabilities
  MFSA 2018-06 (bsc#1085130)
  * CVE-2018-5127 (bmo#1430557)
    Buffer overflow manipulating SVG animatedPathSegList
  * CVE-2018-5128 (bmo#1431336)
    Use-after-free manipulating editor selection ranges
  * CVE-2018-5129 (bmo#1428947)
    Out-of-bounds write with malformed IPC messages
  * CVE-2018-5130 (bmo#1433005)
    Mismatched RTP payload type can trigger memory corruption
  * CVE-2018-5131 (bmo#1440775)
    Fetch API improperly returns cached copies of no-store/no-cache resources
  * CVE-2018-5132 (bmo#1408194)
    WebExtension Find API can search privileged pages
  * CVE-2018-5133 (bmo#1430511, bmo#1430974)
    Value of the app.support.baseURL preference is not properly sanitized
  * CVE-2018-5134 (bmo#1429379)
    WebExtensions may use view-source: URLs to bypass content restrictions
  * CVE-2018-5135 (bmo#1431371)
    WebExtension browserAction can inject scripts into unintended contexts
  * CVE-2018-5136 (bmo#1419166)
    Same-origin policy violation with data: URL shared workers
  * CVE-2018-5137 (bmo#1432870)
    Script content can access legacy extension non-contentaccessible resources
  * CVE-2018-5138 (bmo#1432624) (Android only)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=636
2018-03-13 19:46:06 +00:00
Wolfgang Rosenauer
3ad3fa88d2 Accepting request 574856 from home:AndreasStieger:branches:mozilla:Factory
Mozilla Firefox 58.0.2

OBS-URL: https://build.opensuse.org/request/show/574856
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=634
2018-02-09 22:45:30 +00:00
Wolfgang Rosenauer
0b6de140a7 Accepting request 573267 from home:fstrba:branches:mozilla:Factory
Fix bmo#1430274, ALSA sound not working in Firefox 58 due to sandboxing

OBS-URL: https://build.opensuse.org/request/show/573267
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=632
2018-02-06 11:31:29 +00:00
Wolfgang Rosenauer
dd53ed18ec - update to Firefox 58.0.1
MFSA 2018-05
  *  Arbitrary code execution through unsanitized browser UI (bmo#1432966)
- fixed language packs (boo#1077590)
- readd mozilla-enable-csd.patch as it only lands for FF59 upstream
- allow larger number of nested elements (mozilla-bmo256180.patch)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=630
2018-01-29 22:56:59 +00:00
Wolfgang Rosenauer
725614f48e - update to Firefox 58.0
* Added Nepali (ne-NP) locale
  * Added support for form autofill for credit card
  * Optimize page load by caching JavaScript internal representation
- requires NSS 3.34.1
- requires rust 1.21
- removed obsolete patches:
  mozilla-bindgen-systemlibs.patch
  mozilla-bmo1360278.patch
  mozilla-bmo1399611-csd.patch
  mozilla-rust-1.23.patch
- rebased patches
- updated man-page

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=628
2018-01-23 09:55:12 +00:00
Wolfgang Rosenauer
339fcf649a - fixed build with latest rust (mozilla-rust-1.23.patch)
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=626
2018-01-09 18:50:27 +00:00
Wolfgang Rosenauer
0cced0c0f9 - update to Firefox 57.0.4:
https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=624
2018-01-04 22:21:28 +00:00
Wolfgang Rosenauer
b2bf73f33f - fixed regression introduced Oct 10th which made Firefox crash
when cancelling the KDE file dialog (boo#1069962)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=623
2018-01-03 13:39:46 +00:00
Wolfgang Rosenauer
a958854f92 Accepting request 560783 from home:AndreasStieger:branches:mozilla:Factory
Mozilla Firefox 57.0.3 bsc#1074235

OBS-URL: https://build.opensuse.org/request/show/560783
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=622
2017-12-31 08:46:35 +00:00
Wolfgang Rosenauer
5ab1f22724 Accepting request 555271 from home:dimstar:Factory
- Explicitly buildrequires python2-xml: The build system relies on
  it. We wrongly relied on other packages pulling it in for us.

- Escape the usage of %{VERSION} when calling out to rpm.
  RPM 4.14 has %{VERSION} defined as 'the main packages version'.

OBS-URL: https://build.opensuse.org/request/show/555271
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=619
2017-12-11 08:32:40 +00:00
Wolfgang Rosenauer
0eb4f70103 - update to Firefox 57.0.1
* Fix a video color distortion issue on YouTube and other video
    sites with some AMD devices (bmo#1417442)
  * Fix an issue with prefs.js when the profile path has non-ascii
    characters (bmo#1420427)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=617
2017-12-03 16:35:26 +00:00
Wolfgang Rosenauer
06e8aeb58c - Add mozilla-bmo1360278.patch
The new config entry is named ui.context_menus.after_mouseup
  (default : false).

- Allow experimental CSD for Gtk3 (bmo#1399611) if available and enabled
  widget.allow-client-side-decoration=true
  (mozilla-bmo1399611-csd.patch)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=615
2017-11-24 22:07:36 +00:00
Wolfgang Rosenauer
e0fb118b81 Accepting request 544148 from home:cgiboudeaux:branches:mozilla:Factory
- Add firefox-show-context-menu-on-mouse-release.patch
  This is upstream's version of the previous patch creating a
  preference to restore the Firefox < 57 behaviour.
  The new config entry is named ui.context_menus.after_mouseup
  (default : false). Fixes bmo#1360278.

OBS-URL: https://build.opensuse.org/request/show/544148
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=614
2017-11-24 21:53:29 +00:00
Wolfgang Rosenauer
fe9ab0007d Accepting request 542056 from home:cgiboudeaux:branches:mozilla:Factory
- Add show-context-menu-on-mouse-release.patch.
  Starting with Firefox 57, the context menu appears on key press.
  This patch creates a config entry to restore the
  old behaviour. Without the patch, the mouse gesture extensions
  require 2 clicks to work (bmo#1360278). The config entry is named
  "input.contextMenu.onRelease" (default: false).

OBS-URL: https://build.opensuse.org/request/show/542056
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=613
2017-11-18 08:20:26 +00:00
Wolfgang Rosenauer
c3624659ef - update to Firefox 57.0b14
* Firefox Quantum
  * Photon UI
  * Unified address and search bar
  * AMD VP9 hardware video decoder support
  * Added support for Date/Time input
  * stricter security sandbox blocking filesystem reading and
    writing on Linux systems
  * middle mouse paste in the content area no longer navigates to
    URLs by default on Unix systems
  MFSA 2017-24
  * CVE-2017-7828 (bmo#1406750. bmo#1412252)
    Use-after-free of PressShell while restyling layout
  * CVE-2017-7830 (bmo#1408990)
    Cross-origin URL information leak through Resource Timing API
  * CVE-2017-7831 (bmo#1392026)
    Information disclosure of exposed properties on JavaScript proxy
    objects
  * CVE-2017-7832 (bmo#1408782)
    Domain spoofing through use of dotless 'i' character followed
    by accent markers
  * CVE-2017-7833 (bmo#1370497)
    Domain spoofing with Arabic and Indic vowel marker characters
  * CVE-2017-7834 (bmo#1358009)
    data: URLs opened in new tabs bypass CSP protections
  * CVE-2017-7835 (bmo#1402363)
    Mixed content blocking incorrectly applies with redirects
  * CVE-2017-7836 (bmo#1401339)
    Pingsender dynamically loads libcurl on Linux and OS X
  * CVE-2017-7837 (bmo#1325923)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=610
2017-11-14 23:17:59 +00:00
Wolfgang Rosenauer
238d2bd9f9 - update to Firefox 56.0.2
* Disable Form Autofill completely on user request (bmo#1404531)
  * Fix for video-related crashes on Windows 7 (bmo#1409141)
  * Correct detection for 64-bit GSSAPI authentication (bmo#1409275)
  * Fix for shutdown crash (bmo#1404105)

- update to Firefox 56.0.1
  * Block D3D11 when using Intel drivers on Windows 7 systems with
    partial AVX support (bmo#1403353)
  -> just to sync the version number
- enable stylo for TW (requires LLVM >= 3.9)
- queue KDE filepicker requests to avoid non-opening file dialogs
  happening in certain situations (contributed by Ignaz Forster)
- the placeholder dot in KDE file dialog in case of empty filenames
  was removed, apparently not required (anymore)
  (contributed by Ignaz Forster)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=609
2017-10-30 06:56:57 +00:00
Wolfgang Rosenauer
9eeb1263a0 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=606 2017-10-01 21:11:38 +00:00
Wolfgang Rosenauer
263c14d0f3 Accepting request 530202 from home:Zaitor:branches:mozilla:Factory
- Drop libgnomeui-devel, and replace it with pkgconfig(gconf-2.0),
  pkgconfig(gtk+-2.0), pkgconfig(gtk+-unix-print-2.0),
  pkgconfig(glib-2.0), pkgconfig(gobject-2.0) and
  pkgconfig(gdk-x11-2.0) BuildRequires, align with what configure
  looks for.

OBS-URL: https://build.opensuse.org/request/show/530202
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=605
2017-10-01 21:08:36 +00:00
Wolfgang Rosenauer
9b2ce29f83 - update to Firefox 56.0 (boo#1060445)
* Find Options/Preferences more quickly with new search function
  * Media is no longer auto-played when opened in a background tab
  * Enable CSS Grid Layout View
- requires NSPR 4.16 and NSS 3.32.1

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=603
2017-09-28 08:44:46 +00:00
Wolfgang Rosenauer
8462a9b8f6 Accepting request 529098 from home:dimstar:Factory
- Add alsa-devel BuildRequires: we care for ALSA support to be
  built and thus need to ensure we get the dependencies in place.
  In the past, alsa-devel was pulled in by accident: we
  buildrequire libgnome-devel. This required esound-devel and that
  in turn pulled in alsa-devel for us. libgnome is being fixed to
  no longer require esound-devel.

OBS-URL: https://build.opensuse.org/request/show/529098
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=602
2017-09-28 08:27:23 +00:00
Wolfgang Rosenauer
f0b77e0133 - update to Firefox 55.0.3
* Fix an issue with addons when using a path containing non-ascii
    characters (bmo#1389160)
  * Fix file uploads to some websites, including YouTube (bmo#1383518)
- fix Google API key build integration
- add mozilla-ucontext.patch to fix Tumbleweed build
- do not enable XINPUT2 for now (boo#1053959)

- update to Firefox 55.0.1
  * Fix a regression the tab restoration process (bmo#1388160)
  * Fix a problem causing What's new pages not to be displayed (bmo#1386224)
  * Fix a rendering issue with some PKCS#11 libraries (bmo#1388370)
  * Disable the predictor prefetch (bmo#1388160)

- update to Firefox 55.0 (boo#1052829)
  * Browsing sessions with a high number of tabs are now restored
    in an instant
  * Sidebar (bookmarks, history, synced tabs) can now be moved to
    the right edge of the window
  * Fine-tune your browser performance from the Preferences/Options page.
  * Make screenshots of webpages, and save them locally or upload
    them to the cloud. This feature will undergo A/B testing and
    will not be visible for some users.
  * Added Belarusian (be) locale
  * Simplify print jobs from within print preview
  * Use virtual reality devices with the web with the introduction
    of WebVR
  * Search suggestions are now enabled by default for users who
    haven't explicitly opted-out
  * Search with any installed search engine directly from the

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=601
2017-09-05 10:10:37 +00:00
Wolfgang Rosenauer
00cbc455c9 Accepting request 515330 from home:Andreas_Schwab:Factory
- mozilla-ucontext.patch: use ucontext_t instead of struct ucontext

OBS-URL: https://build.opensuse.org/request/show/515330
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=599
2017-08-09 10:10:53 +00:00
Wolfgang Rosenauer
b7e1035064 - update to Firefox 52.3esr (boo#1052829)
MFSA 2017-19
  * CVE-2017-7798 (bmo#1371586, bmo#1372112)
    XUL injection in the style editor in devtools
  * CVE-2017-7800 (bmo#1374047)
    Use-after-free in WebSockets during disconnection
  * CVE-2017-7801 (bmo#1371259)
    Use-after-free with marquee during window resizing
  * CVE-2017-7784 (bmo#1376087)
    Use-after-free with image observers
  * CVE-2017-7802 (bmo#1378147)
    Use-after-free resizing image elements
  * CVE-2017-7785 (bmo#1356985)
    Buffer overflow manipulating ARIA attributes in DOM
  * CVE-2017-7786 (bmo#1365189)
    Buffer overflow while painting non-displayable SVG
  * CVE-2017-7753 (bmo#1353312)
    Out-of-bounds read with cached style data and pseudo-elements#
  * CVE-2017-7787 (bmo#1322896)
    Same-origin policy bypass with iframes through page reloads
  * CVE-2017-7807 (bmo#1376459)
    Domain hijacking through AppCache fallback
  * CVE-2017-7792 (bmo#1368652)
    Buffer overflow viewing certificates with an extremely long OID
  * CVE-2017-7804 (bmo#1372849)
    Memory protection bypass through WindowsDllDetourPatcher
  * CVE-2017-7791 (bmo#1365875)
    Spoofing following page navigation with data: protocol and modal alerts
  * CVE-2017-7782 (bmo#1344034)
    WindowsDllDetourPatcher allocates memory without DEP protections

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=598
2017-08-08 19:59:47 +00:00
Wolfgang Rosenauer
39f69ee80f Accepting request 508300 from home:AndreasStieger:branches:mozilla:Factory
Mozilla Firefox 52.2.1esr, with a slightly faster create-tar.sh

OBS-URL: https://build.opensuse.org/request/show/508300
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=596
2017-07-14 07:51:30 +00:00
Wolfgang Rosenauer
09b85d1e80 - update to Firefox 52.2esr (boo#1043960)
MFSA 2017-16
  * CVE-2017-5472 (bmo#1365602)
    Use-after-free using destroyed node when regenerating trees
  * CVE-2017-7749 (bmo#1355039)
    Use-after-free during docshell reloading
  * CVE-2017-7750 (bmo#1356558)
    Use-after-free with track elements
  * CVE-2017-7751 (bmo#1363396)
    Use-after-free with content viewer listeners
  * CVE-2017-7752 (bmo#1359547)
    Use-after-free with IME input
  * CVE-2017-7754 (bmo#1357090)
    Out-of-bounds read in WebGL with ImageInfo object
  * CVE-2017-7755 (bmo#1361326)
    Privilege escalation through Firefox Installer with same
    directory DLL files (Windows only)
  * CVE-2017-7756 (bmo#1366595)
    Use-after-free and use-after-scope logging XHR header errors
  * CVE-2017-7757 (bmo#1356824)
    Use-after-free in IndexedDB
  * CVE-2017-7778, CVE-2017-7778, CVE-2017-7771, CVE-2017-7772,
    CVE-2017-7773, CVE-2017-7774, CVE-2017-7775, CVE-2017-7776,
    CVE-2017-7777
    Vulnerabilities in the Graphite 2 library
  * CVE-2017-7758 (bmo#1368490)
    Out-of-bounds read in Opus encoder
  * CVE-2017-7760 (bmo#1348645)
    File manipulation and privilege escalation via callback parameter
    in Mozilla Windows Updater and Maintenance Service (Windows only)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=594
2017-06-14 09:43:07 +00:00
Wolfgang Rosenauer
1dc1d33afa - remove -fno-inline-small-functions and explicitely optimize with
-O2 for openSUSE > 13.2/Leap 42 to work with gcc7 (boo#1040105)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=592
2017-05-24 18:34:48 +00:00
Wolfgang Rosenauer
cce32d5c86 - remove -fno-inline-small-functions which breaks with gcc7
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=591
2017-05-24 14:54:04 +00:00
Wolfgang Rosenauer
278dea96e3 - remove -fno-inline-small-functions
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=590
2017-05-23 14:01:40 +00:00
Wolfgang Rosenauer
878eeecd5a - only optimize with -O2 for openSUSE > 13.2/Leap 42 (gcc7)
(boo#1040105)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=589
2017-05-22 11:55:44 +00:00
Wolfgang Rosenauer
f3477f70fa - update to Firefox 52.1.1
MFSA 2017-14
  * CVE-2017-5031: Use after free in ANGLE (bmo#1328762)
                   (Windows only, Linux not affected)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=587
2017-05-09 05:56:43 +00:00
Wolfgang Rosenauer
4dba6b7fdf Accepting request 493612 from home:AndreasStieger:branches:mozilla:Factory
actually remove patch

OBS-URL: https://build.opensuse.org/request/show/493612
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=586
2017-05-09 05:44:35 +00:00
Wolfgang Rosenauer
7578571bec - switch to Mozilla's geolocation service (boo#1026989)
- removed mozilla-preferences.patch obsoleted by overriding via
  firefox.js
- fixed KDE integration to avoid crash caused by filepicker
  (boo#1015998)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=584
2017-04-28 21:32:26 +00:00
Wolfgang Rosenauer
fcfd6f2d1c - update to Firefox 52.1.0esr (boo#1035082)
MFSA 2017-12
  * CVE-2017-5443 (bmo#1342661)
    Out-of-bounds write during BinHex decoding
  * CVE-2017-5429 (bmo#1341096, bmo#1342823, bmo#1343261, bmo#1348894,
     bmo#1348941, bmo#1349340, bmo#1350844, bmo#1352926, bmo#1353088)
    Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and
    Firefox ESR 52.1
  * CVE-2017-5464 (bmo#1347075)
    Memory corruption with accessibility and DOM manipulation
  * CVE-2017-5465 (bmo#1347617)
    Out-of-bounds read in ConvolvePixel
  * CVE-2017-5466 (bmo#1353975)
    Origin confusion when reloading isolated data:text/html URL
  * CVE-2017-5467 (bmo#1347262)
    Memory corruption when drawing Skia content
  * CVE-2017-5460 (bmo#1343642)
    Use-after-free in frame selection
  * CVE-2017-5461 (bmo#1344380)
    Out-of-bounds write in Base64 encoding in NSS
  * CVE-2017-5448 (bmo#1346648)
    Out-of-bounds write in ClearKeyDecryptor
  * CVE-2017-5449 (bmo#1340127)
    Crash during bidirectional unicode manipulation with animation
  * CVE-2017-5446 (bmo#1343505)
    Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data
  * CVE-2017-5447 (bmo#1343552)
    Out-of-bounds read during glyph processing
  * CVE-2017-5444 (bmo#1344461)
    Buffer overflow while parsing application/http-index-format content

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=583
2017-04-20 21:02:48 +00:00
Wolfgang Rosenauer
ef1a98917f - update to Firefox 52.0.2
* Use Nirmala UI as fallback font for additional Indic languages (bmo#1342787)
  * Fix loading tab icons on session restore (bmo#1338009)
  * Fix a crash on startup on Linux (bmo#1345413)
  * Fix new installs erroneously not prompting to change the default
    browser setting (bmo#1343938)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=581
2017-04-03 07:23:02 +00:00
Wolfgang Rosenauer
e7dba2d7e9 - explicitely add libffi build requirement
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=579
2017-03-20 16:28:50 +00:00
Wolfgang Rosenauer
ae8683e30d - disable rust usage for everything but x86(-64)
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=578
2017-03-20 16:07:00 +00:00
Wolfgang Rosenauer
43203c9622 - disable rust usage for PPC64LE
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=577
2017-03-20 15:41:53 +00:00
Wolfgang Rosenauer
39f56adaf0 - update to Firefox 52.0.1 (boo#1029822)
MFSA 2017-08
  CVE-2017-5428: integer overflow in createImageBitmap() (bmo#1348168)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=576
2017-03-17 22:39:31 +00:00
Wolfgang Rosenauer
6ea21fb6f9 - reenable ALSA support which was removed by default upstream
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=575
2017-03-09 12:31:02 +00:00
Wolfgang Rosenauer
14ce29297b - update to Firefox 52.0
* requires NSS >= 3.28.3
  * Pages containing insecure password fields now display a warning
    directly within username and password fields.
  * Windows 8 touch screen support for multiprocess Firefox
  * Send and open a tab from one device to another with Sync
  * Removed NPAPI support for plugins other than Flash. Silverlight,
    Java, Acrobat and the like are no longer supported.
  * Removed Battery Status API to reduce fingerprinting of users by
    trackers
- removed obsolete patches
  * mozilla-binutils-visibility.patch
  * mozilla-check_return.patch
  * mozilla-disable-skia-be.patch
  * mozilla-skia-overflow.patch
  * mozilla-skia-ppc-endianess.patch
- rebased patches
- enable rust usage for Tumbleweed

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=572
2017-03-07 08:35:10 +00:00
Wolfgang Rosenauer
3ce0e89892 Accepting request 453042 from home:AndreasStieger:branches:mozilla:Factory
Mozilla Firefox 51.0.1

OBS-URL: https://build.opensuse.org/request/show/453042
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=570
2017-01-27 21:48:32 +00:00
Wolfgang Rosenauer
4a4070a0e9 - fix build without skia (big endian archs) (bmo#1319374)
(mozilla-disable-skia-be.patch)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=569
2017-01-27 17:39:50 +00:00
Wolfgang Rosenauer
d2c8956ec2 - add upstream patch to fix PPC64LE (bmo#1319389)
(mozilla-skia-ppc-endianess.patch)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=568
2017-01-27 15:01:24 +00:00
Wolfgang Rosenauer
0f2d4906dd - update to Firefox 51.0
* requires NSPR >= 4.13.1, NSS >= 3.28.1
  * Added support for FLAC (Free Lossless Audio Codec) playback
  * Added support for WebGL 2
  * Added Georgian (ka) and Kabyle (kab) locales
  * Support saving passwords for forms without 'submit' events
  * Improved video performance for users without GPU acceleration
  * Zoom indicator is shown in the URL bar if the zoom level is not
    at default level
  * View passwords from the prompt before saving them
  * Remove Belarusian (be) locale
  * Use Skia for content rendering (Linux)
  * MFSA 2017-01
    CVE-2017-5375: Excessive JIT code allocation allows bypass of
                   ASLR and DEP (bmo#1325200, boo#1021814)
    CVE-2017-5376: Use-after-free in XSL (bmo#1311687, boo#1021817)
    CVE-2017-5377: Memory corruption with transforms to create
                   gradients in Skia (bmo#1306883, boo#1021826)
    CVE-2017-5378: Pointer and frame data leakage of Javascript objects
                   (bmo#1312001, bmo#1330769, boo#1021818)
    CVE-2017-5379: Use-after-free in Web Animations
                   (bmo#1309198,boo#1021827)
    CVE-2017-5380: Potential use-after-free during DOM manipulations
                   (bmo#1322107, boo#1021819)
    CVE-2017-5390: Insecure communication methods in Developer Tools
                   JSON viewer (bmo#1297361, boo#1021820)
    CVE-2017-5389: WebExtensions can install additional add-ons via
                   modified host requests (bmo#1308688, boo#1021828)
    CVE-2017-5396: Use-after-free with Media Decoder
                   (bmo#1329403, boo#1021821)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=567
2017-01-25 10:27:08 +00:00
Wolfgang Rosenauer
f6f1953e39 Accepting request 451698 from home:bjoernv:branches:mozilla:Factory
Firefox could not open Google, Wikipedia etc. with HTTPS anymore after update of NSS to 3.28
Sources:
- https://bugs.gentoo.org/show_bug.cgi?id=603622
- https://bugzilla.redhat.com/show_bug.cgi?id=1413303#c5
- https://bugzilla.mozilla.org/show_bug.cgi?id=1290037

OBS-URL: https://build.opensuse.org/request/show/451698
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=566
2017-01-21 08:10:15 +00:00
Wolfgang Rosenauer
0e804587d5 - update to Firefox 50.1.0 (boo#)
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=563
2016-12-12 21:26:20 +00:00
Wolfgang Rosenauer
a7b507dd76 Accepting request 445492 from home:cgrobertson:branches:mozilla:Factory
- added patch mozilla-aarch64-startup-crash.patch (bsc#1011922)

OBS-URL: https://build.opensuse.org/request/show/445492
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=562
2016-12-12 18:36:34 +00:00
Wolfgang Rosenauer
3b8276a497 - update to Firefox 50.0.2
security fixes (in 50.0.1): (boo#1012807)
  * MFSA 2016-91
    CVE-2016-9078: data: URL can inherit wrong origin after an
                   HTTP redirect (bmo#1317641)
  security fixes (in 50.0.2)
  * MFSA 2016-92
    CVE-2016-9079: Use-after-free in SVG Animation (bmo#1321066)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=558
2016-12-01 03:05:24 +00:00
Wolfgang Rosenauer
087a48c8a1 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=556 2016-11-15 20:27:35 +00:00
Wolfgang Rosenauer
a1ebdac66f - update to Firefox 50.0 (boo#1009026)
* requires NSS 3.26.2
  new features
  * Updates to keyboard shortcuts
    Set a preference to have Ctrl+Tab cycle through tabs in recently
    used order
    View a page in Reader Mode by using Ctrl+Alt+R
  * Added option to Find in page that allows users to limit search to
    whole words only
  * Added download protection for a large number of executable file
    types on Windows, Mac and Linux
  * Fixed rendering of dashed and dotted borders with rounded corners
    (border-radius)
  * Added a built-in Emoji set for operating systems without native
    Emoji fonts (Windows 8.0 and lower and Linux)
  * Blocked versions of libavcodec older than 54.35.1
  * additional locale
  security fixes:
  * MFSA 2016-89
    CVE-2016-5296: Heap-buffer-overflow WRITE in rasterize_edges_1
                   (bmo#1292443)
    CVE-2016-5292: URL parsing causes crash (bmo#1288482)
    CVE-2016-5293: Write to arbitrary file with updater and moz
                   maintenance service using updater.log hardlink
		   (Windows only) (bmo#1246945)
    CVE-2016-5294: Arbitrary target directory for result files of
                   update process (Windows only) (bmo#1246972)
    CVE-2016-5297: Incorrect argument length checking in Javascript
                   (bmo#1303678)
    CVE-2016-9064: Addons update must verify IDs match between

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=555
2016-11-15 18:06:29 +00:00
Wolfgang Rosenauer
6f15368db9 Accepting request 437089 from home:AndreasStieger:branches:mozilla:Factory
Mozilla Firefox 49.0.2
  * CVE-2016-5287: Crash in nsTArray_base (bsc#1006475)
  * CVE-2016-5288: Web content can read cache entries (bsc#1006476)

OBS-URL: https://build.opensuse.org/request/show/437089
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=553
2016-10-24 11:40:07 +00:00
Wolfgang Rosenauer
140f76446a Accepting request 434641 from home:badshah400:firefox-gtk3
**Please wait until successful builds

- Drop mozilla-gtk3_20.patch; obsoleted by Firefox version 49.0
  and fixes have been incorporated by upstream.

OBS-URL: https://build.opensuse.org/request/show/434641
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=551
2016-10-17 13:11:43 +00:00
Wolfgang Rosenauer
9afb5946e2 Accepting request 429896 from home:AndreasStieger:branches:mozilla:Factory
Mozilla Firefox 49.0.1

OBS-URL: https://build.opensuse.org/request/show/429896
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=549
2016-09-24 06:25:23 +00:00
Wolfgang Rosenauer
ad9a2b532d new features
* Updated Firefox Login Manager to allow HTTPS pages to use saved
    HTTP logins.
  * Added features to Reader Mode that make it easier on the eyes and
    the ears
  * Improved video performance for users on systems that support
    SSE3 without hardware acceleration
  * Added context menu controls to HTML5 audio and video that let users
    loops files or play files at 1.25x speed
  * Improvements in about:memory reports for tracking font memory usage
  security related
  * MFSA 2016-85
    CVE-2016-2827 (bmo#1289085) - Out-of-bounds read in
    mozilla::net::IsValidReferrerPolicy
    CVE-2016-5270 (bmo#1291016) - Heap-buffer-overflow in
    nsCaseTransformTextRunFactory::TransformString
    CVE-2016-5271 (bmo#1288946) - Out-of-bounds read in
    PropertyProvider::GetSpacingInternal
    CVE-2016-5272 (bmo#1297934) - Bad cast in nsImageGeometryMixin
    CVE-2016-5273 (bmo#1280387) - crash in
    mozilla::a11y::HyperTextAccessible::GetChildOffset
    CVE-2016-5276 (bmo#1287721) - Heap-use-after-free in
    mozilla::a11y::DocAccessible::ProcessInvalidationList
    CVE-2016-5274 (bmo#1282076) - use-after-free in
    nsFrameManager::CaptureFrameState
    CVE-2016-5277 (bmo#1291665) - Heap-use-after-free in nsRefreshDriver::Tick
    CVE-2016-5275 (bmo#1287316) - global-buffer-overflow in
    mozilla::gfx::FilterSupport::ComputeSourceNeededRegions
    CVE-2016-5278 (bmo#1294677) - Heap-buffer-overflow in
    nsBMPEncoder::AddImageFrame

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=548
2016-09-21 21:34:48 +00:00
Wolfgang Rosenauer
23d3134ccb - update to Firefox 49.0 (boo#999701)
- removed obsolete patches:
  * mozilla-aarch64-48bit-va.patch
  * mozilla-exclude-nametablecpp.patch
  * mozilla-old_configure-bmo1282843.patch
- requires NSS 3.25

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=547
2016-09-20 16:19:47 +00:00
Wolfgang Rosenauer
8f3a8c45f5 Accepting request 423949 from home:AndreasStieger:branches:mozilla:Factory
Mozilla Firefox 48.0.2

OBS-URL: https://build.opensuse.org/request/show/423949
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=545
2016-08-31 08:13:42 +00:00
Wolfgang Rosenauer
7c9c7e7cc9 Accepting request 420691 from home:AndreasStieger:branches:mozilla:Factory
Mozilla Firefox 48.0.1

OBS-URL: https://build.opensuse.org/request/show/420691
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=543
2016-08-20 21:38:42 +00:00
Wolfgang Rosenauer
d47b90bdde - added upstream patch so system plugins/extensions are correctly
loaded again on x86-64 (bmo#1282843)
  (mozilla-old_configure-bmo1282843.patch)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=542
2016-08-18 06:59:29 +00:00
Wolfgang Rosenauer
b20061a222 Accepting request 417132 from home:pcerny:mozilla:Factory
flex hotfix

OBS-URL: https://build.opensuse.org/request/show/417132
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=539
2016-08-05 19:11:43 +00:00
Wolfgang Rosenauer
cde22f592f OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=535 2016-08-02 22:00:28 +00:00
Wolfgang Rosenauer
2c7b769dd2 -fno-inline-small-functions to CFLAGS
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=532
2016-07-24 20:58:14 +00:00
Wolfgang Rosenauer
1d67894392 Accepting request 414914 from home:1Antoine1:branches:mozilla:Factory
Disable some GCC optimizations to fix sigsev at startup on i586. boo#986541

OBS-URL: https://build.opensuse.org/request/show/414914
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=531
2016-07-24 20:38:24 +00:00
Wolfgang Rosenauer
3052298781 Accepting request 405481 from home:AndreasStieger:branches:mozilla:Factory
Mozilla Firefox 47.0.1

OBS-URL: https://build.opensuse.org/request/show/405481
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=528
2016-06-29 13:54:41 +00:00
Wolfgang Rosenauer
336127b83a Accepting request 402731 from home:AndreasStieger:branches:mozilla:Factory
patch for boo#984637 can be applied on all targets
add reference to boo#984637

OBS-URL: https://build.opensuse.org/request/show/402731
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=527
2016-06-16 14:00:48 +00:00
Wolfgang Rosenauer
6401669759 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=526 2016-06-16 12:53:47 +00:00
Wolfgang Rosenauer
a9b20ddf51 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=525 2016-06-15 20:40:11 +00:00
Wolfgang Rosenauer
1f8e55111d - mozilla-binutils-visibility.patch to fix build issues with
gcc/binutils combination used in Leap 42.2

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=524
2016-06-15 07:55:15 +00:00
Wolfgang Rosenauer
0f3c39840c Accepting request 401909 from home:algraf:branches:mozilla:Factory
- Fix running on 48bit va aarch64 (bsc#984126)
  - Add patch mozilla-aarch64-48bit-va.patch

OBS-URL: https://build.opensuse.org/request/show/401909
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=521
2016-06-14 19:48:50 +00:00
Wolfgang Rosenauer
c3cb365ab6 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=519 2016-06-08 17:47:55 +00:00
Wolfgang Rosenauer
b9792ce771 - update to Firefox 47.0 (boo#983549)
* Enable VP9 video codec for users with fast machines
  * Embedded YouTube videos now play with HTML5 video if Flash is
    not installed
  * View and search open tabs from your smartphone or another
    computer in a sidebar
  * Allow no-cache on back/forward navigations for https resources
  security fixes:
  * MFSA 2016-49/CVE-2016-2815/CVE-2016-2818
    (boo#983638)
    (bmo#1241896, bmo#1242798, bmo#1243466, bmo#1245743,
     bmo#1264300, bmo#1271037, bmo#1234147, bmo#1256493,
     bmo#1256739, bmo#1256968, bmo#1261230, bmo#1261752,
     bmo#1263384, bmo#1264575, bmo#1265577, bmo#1267130,
     bmo#1269729, bmo#1273202, bmo#1273701)
    Miscellaneous memory safety hazards (rv:47.0 / rv:45.2)
  * MFSA 2016-50/CVE-2016-2819 (boo#983655) (bmo#1270381)
    Buffer overflow parsing HTML5 fragments
  * MFSA 2016-51/CVE-2016-2821 (bsc#983653) (bmo#1271460)
    Use-after-free deleting tables from a contenteditable document
  * MFSA 2016-52/CVE-2016-2822 (boo#983652) (bmo#1273129)
    Addressbar spoofing though the SELECT element
  * MFSA 2016-53/CVE-2016-2824 (boo#983651) (bmo#1248580)
    Out-of-bounds write with WebGL shader
  * MFSA 2016-54/CVE-2016-2825 (boo#983649) (bmo#1193093)
    Partial same-origin-policy through setting location.host
    through data URI
  * MFSA 2016-56/CVE-2016-2828 (boo#983646) (bmo#1223810)
    Use-after-free when textures are used in WebGL operations
    after recycle pool destruction

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=518
2016-06-08 12:26:29 +00:00
Wolfgang Rosenauer
424ee97030 Accepting request 398058 from home:badshah400:branches:mozilla:Factory
Fix building for non-factory openSUSE. The patches have guards themselves wherever needed, we don't need to be paranoid about applying them unconditionally. Sorry for breaking the build earlier.

OBS-URL: https://build.opensuse.org/request/show/398058
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=516
2016-05-26 05:57:29 +00:00
Wolfgang Rosenauer
a5bfddd988 Accepting request 397775 from home:badshah400:branches:openSUSE:Factory:Rings:2-TestDVD
Add patches to build against gcc6, apply these patches only if gcc >= 6 is actually used during compilation.

OBS-URL: https://build.opensuse.org/request/show/397775
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=515
2016-05-25 07:27:59 +00:00
Wolfgang Rosenauer
44ae32c807 Accepting request 396840 from home:dsterba:branches:mozilla:Factory
- enable build with PIE and full relro on x86_64 (boo#980384)

OBS-URL: https://build.opensuse.org/request/show/396840
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=513
2016-05-20 11:04:12 +00:00
Wolfgang Rosenauer
55af92fdfe - update to Firefox 46.0.1
Fixed:
  * Search plugin issue for various locales
  * Add-on signing certificate expiration
  * Service worker update issue
  * Build issue when jit is disabled
  * Limit Sync registration updates
- removed now obsolete mozilla-jit_branch64.patch

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=510
2016-05-07 19:37:00 +00:00
Wolfgang Rosenauer
3779639588 - add mozilla-jit_branch64.patch to avoid PowerPC build failure
(from bmo#1266366)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=508
2016-05-03 20:35:52 +00:00
Wolfgang Rosenauer
e9dadb94d7 Accepting request 393478 from home:michel_mno:branches:mozilla:Factory
new mozilla_add_branch64.patch to avoid PowerPC build failure.
to complete previous request that failed on staging:F

OBS-URL: https://build.opensuse.org/request/show/393478
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=507
2016-05-03 20:02:49 +00:00
Wolfgang Rosenauer
97bd16c7cb - update to Firefox 46.0 (boo#977333)
* Improved security of the JavaScript Just In Time (JIT) Compiler
  * WebRTC fixes to improve performance and stability
  * Added support for document.elementsFromPoint
  * Added HKDF support for Web Crypto API
  * requires NSPR 4.12 and NSS 3.22.3
  * added patch to fix unchecked return value
    mozilla-check_return.patch
  * Gtk3 builds not supported at the moment
  security fixes:
  * MFSA 2016-39/CVE-2016-2804/CVE-2016-2806/CVE-2016-2807
    Miscellaneous memory safety hazards
  * MFSA 2016-40/CVE-2016-2809 (bmo#1212939)
    Privilege escalation through file deletion by Maintenance Service updater
    (Windows only)
  * MFSA 2016-41/CVE-2016-2810 (bmo#1229681)
    Content provider permission bypass allows malicious application
    to access data (Android only)
  * MFSA 2016-42/CVE-2016-2811/CVE-2016-2812 (bmo#1252330, bmo#1261776)
    Use-after-free and buffer overflow in Service Workers
  * MFSA 2016-43/CVE-2016-2813 (bmo#1197901, bmo#2714650)
    Disclosure of user actions through JavaScript with motion and
    orientation sensors (only affects mobile variants)
  * MFSA 2016-44/CVE-2016-2814 (bmo#1254721)
    Buffer overflow in libstagefright with CENC offsets
  * MFSA 2016-45/CVE-2016-2816 (bmo#1223743)
    CSP not applied to pages sent with multipart/x-mixed-replace
  * MFSA 2016-46/CVE-2016-2817 (bmo#1227462)
    Elevation of privilege with chrome.tabs.update API in web extensions
  * MFSA 2016-47/CVE-2016-2808 (bmo#1246061)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=500
2016-04-27 07:09:13 +00:00
Wolfgang Rosenauer
946a2cf79c Accepting request 389750 from devel:ARM:Factory
- build fixes for arm/aarch64:
  * disable webrtc for arm/aarch64
  * switch away from openGL-ES backend to default for arm/aarch64
   since it almost never builds
  * reenable neon
- reenable webrtc for powerpc as it seems to build

OBS-URL: https://build.opensuse.org/request/show/389750
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=497
2016-04-14 10:14:02 +00:00
Wolfgang Rosenauer
58d2070b38 - Compile against gtk3 depending on whether the macro
%firefox_use_gtk3 is defined or not (e.g., at the prjconf
  level); macro is undefined by default and so gtk2 is used as the
  default toolkit.
- Add BuildRequires for additional packages needed when building
  against gtk3: pkgconfig(glib-2.0), pkgconfig(gobject-2.0),
  pkgconfig(gtk+-3.0) >= 3.4.0, pkgconfig(gtk+-unix-print-3.0).
- Add firefox-gtk3_20.patch to fix appearance with gtk3 >= 3.20;
  patch taken from Fedora (bmo#1230955).

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=496
2016-04-12 21:13:00 +00:00
Wolfgang Rosenauer
bb1a23845f Accepting request 387816 from home:AndreasStieger:branches:mozilla:Factory
Mozilla Firefox 45.0.2

OBS-URL: https://build.opensuse.org/request/show/387816
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=495
2016-04-12 16:26:19 +00:00
Wolfgang Rosenauer
f9d87d6387 Accepting request 375147 from home:AndreasStieger:branches:mozilla:Factory
Mozilla Firefox 45.0.1

OBS-URL: https://build.opensuse.org/request/show/375147
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=493
2016-03-19 08:13:45 +00:00
Wolfgang Rosenauer
2d4b618151 - update to Firefox 45.0
* requires NSPR 4.12 / NSS 3.21.1
  * Instant browser tab sharing through Hello
  * Synced Tabs button in button bar
  * Tabs synced via Firefox Accounts from other devices are now shown
    in dropdown area of Awesome Bar when searching
  * Introduce a new preference (network.dns.blockDotOnion) to allow
    blocking .onion at the DNS level
  * Tab Groups (Panorama) feature removed

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=490
2016-03-07 16:25:29 +00:00
Wolfgang Rosenauer
f75dc0e2d0 Accepting request 366570 from home:olh:branches:mozilla:Factory
- Remove B_CNT from symbols.zip filename to reduce build-compare noise

OBS-URL: https://build.opensuse.org/request/show/366570
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=489
2016-03-06 16:21:37 +00:00
Wolfgang Rosenauer
a3bc9c3699 Accepting request 361943 from home:AndreasStieger:branches:mozilla:Factory
- fix build problems on i586, caused by too large unified compile units


Server build is still running, let's see...

OBS-URL: https://build.opensuse.org/request/show/361943
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=486
2016-02-26 21:04:29 +00:00
Wolfgang Rosenauer
3253c98249 - update to Firefox 44.0.2
* MFSA 2016-13/CVE-2016-1949 (bmo#1245724, boo#966438)
    Same-origin-policy violation using Service Workers with plugins
  * Fix issue which could lead to the removal of stored passwords
    under certain circumstances (bmo#1242176)
  * Allows spaces in cookie names (bmo#1244505)
  * Disable opus/vorbis audio with H.264 (bmo#1245696)
  * Fix for graphics startup crash (GNU/Linux) (bmo#1222171)
  * Fix a crash in cache networking (bmo#1244076)
  * Fix using WebSockets in service worker controlled pages (bmo#1243942)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=484
2016-02-12 14:47:06 +00:00
Wolfgang Rosenauer
2ea3069057 - update to Firefox 44.0 (boo#963520)
* MFSA 2016-01/CVE-2016-1930/CVE-2016-1931
    Miscellaneous memory safety hazards
  * MFSA 2016-02/CVE-2016-1933 (bmo#1231761)
    Out of Memory crash when parsing GIF format images
  * MFSA 2016-03/CVE-2016-1935 (bmo#1220450)
    Buffer overflow in WebGL after out of memory allocation
  * MFSA 2016-04/CVE-2015-7208/CVE-2016-1939 (bmo#1191423, bmo#1233784)
    Firefox allows for control characters to be set in cookie names
  * MFSA 2016-06/CVE-2016-1937 (bmo#724353)
    Missing delay following user click events in protocol handler dialog
  * MFSA 2016-07/CVE-2016-1938 (bmo#1190248)
    Errors in mp_div and mp_exptmod cryptographic functions in NSS
    (fixed by requiring NSS 3.21)
  * MFSA 2016-09/CVE-2016-1942/CVE-2016-1943 (bmo#1189082, bmo#1228590)
    Addressbar spoofing attacks
  * MFSA 2016-10/CVE-2016-1944/CVE-2016-1945/CVE-2016-1946
    (bmo#1186621, bmo#1214782, bmo#1232096)
    Unsafe memory manipulation found through code inspection
  * MFSA 2016-11/CVE-2016-1947 (bmo#1237103)
    Application Reputation service disabled in Firefox 43
  * requires NSPR 4.11
  * requires NSS 3.21
- prepare mozilla-kde.patch for Gtk3 builds
- rebased patches

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=480
2016-01-26 22:39:03 +00:00
Wolfgang Rosenauer
38f5c0b4e7 Accepting request 352991 from home:AndreasStieger:branches:mozilla:Factory
Mozilla Firefox 43.0.4

OBS-URL: https://build.opensuse.org/request/show/352991
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=478
2016-01-11 08:19:52 +00:00
Wolfgang Rosenauer
913aba2599 - explicitely requires libXcomposite-devel
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=477
2015-12-29 20:30:21 +00:00
Wolfgang Rosenauer
947695d633 - update to Firefox 43.0.3
* requires NSS 3.20.2 to fix
    MFSA 2015-150/CVE-2015-7575 (bmo#1158489)
    MD5 signatures accepted within TLS 1.2 ServerKeyExchange in
    server signature
  * various changes to support Windows update (SHA-1 vs. SHA-2)
  * workaround Youtube user agent detection issue (bmo#1233970)
- fix file download regression for multi user systems
  (bmo#1233434) (mozilla-bmo1233434.patch)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=475
2015-12-26 13:06:31 +00:00
Wolfgang Rosenauer
5fcce29637 - update to Firefox 43.0 (bnc#959277)
* Improved API support for m4v video playback
  * Users can opt-in to receive search suggestions from the Awesome Bar
  * WebRTC streaming on multiple monitors
  * User selectable second block list for Private Browsing's Tracking
    Protection
  security fixes:
  * MFSA 2015-134/CVE-2015-7201/CVE-2015-7202
    Miscellaneous memory safety hazards
  * MFSA 2015-135/CVE-2015-7204 (bmo#1216130)
    Crash with JavaScript variable assignment with unboxed objects
  * MFSA 2015-136/CVE-2015-7207 (bmo#1185256)
    Same-origin policy violation using perfomance.getEntries and
    history navigation
  * MFSA 2015-137/CVE-2015-7208 (bmo#1191423)
    Firefox allows for control characters to be set in cookies
  * MFSA 2015-138/CVE-2015-7210 (bmo#1218326)
    Use-after-free in WebRTC when datachannel is used after being
    destroyed
  * MFSA 2015-139/CVE-2015-7212 (bmo#1222809)
    Integer overflow allocating extremely large textures
  * MFSA 2015-140/CVE-2015-7215 (bmo#1160890)
    Cross-origin information leak through web workers error events
  * MFSA 2015-141/CVE-2015-7211 (bmo#1221444)
    Hash in data URI is incorrectly parsed
  * MFSA 2015-142/CVE-2015-7218/CVE-2015-7219 (bmo#1194818, bmo#1194820)
    DOS due to malformed frames in HTTP/2
  * MFSA 2015-143/CVE-2015-7216/CVE-2015-7217 (bmo#1197059, bmo#1203078)
    Linux file chooser crashes on malformed images due to flaws in
    Jasper library

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=473
2015-12-17 00:06:36 +00:00
Wolfgang Rosenauer
d7dbc2da9b - Add desktop menu action for private browsing window to desktop
- remove obsolete patch mozilla-bmo1005535.patch completely from
  source package to avoid automatic check failures

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=471
2015-11-15 19:53:12 +00:00
Wolfgang Rosenauer
4461643420 - update to Firefox 42.0 (bnc#952810)
* Private Browsing with Tracking Protection blocks certain Web
    elements that could be used to record your behavior across sites
  * Control Center that contains site security and privacy controls
  * Login Manager improvements
  * WebRTC improvements
  * Indicator added to tabs that play audio with one-click muting
  * Media Source Extension for HTML5 video available for all sites
- requires NSPR 4.10.10 and NSS 3.19.4
- removed obsolete patches
  * mozilla-arm-disable-edsp.patch
  * mozilla-icu-strncat.patch
  * mozilla-skia-be-le.patch
  * toolkit-download-folder.patch
- fixed build with enable-libproxy (bmo#1220399)
  * mozilla-libproxy.patch

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=467
2015-11-03 15:49:03 +00:00
Wolfgang Rosenauer
2de666dd50 - update to Firefox 41.0.2 (bnc#950686)
* MFSA 2015-115/CVE-2015-7184 (bmo#1208339, bmo#1212669)
    Cross-origin restriction bypass using Fetch
- added explicit appdata provides (bnc#949983)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=465
2015-10-16 10:49:41 +00:00
Wolfgang Rosenauer
0e6478e65d - do not build with --enable-stdcxx-compat
(this starts to fail build on various toolchain combinations
  and is not required for openSUSE builds in general

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=463
2015-10-04 09:21:58 +00:00
Wolfgang Rosenauer
a49d69320c - update to Firefox 41.0.1
* Fix a startup crash related to Yandex toolbar and Adblock Plus
    (bmo#1209124)
  * Fix potential hangs with Flash plugins (bmo#1185639)
  * Fix a regression in the bookmark creation (bmo#1206376)
  * Fix a startup crash with some Intel Media Accelerator 3150
    graphic cards (bmo#1207665)
  * Fix a graphic crash, occurring occasionally on Facebook (bmo#1178601)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=462
2015-10-01 18:39:43 +00:00
Wolfgang Rosenauer
7ffa28996e - update to Firefox 41.0 (bnc#)
- rebased patches
- removed obsolete patches
  * mozilla-arm64-libjpeg-turbo.patch

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=458
2015-09-22 06:10:40 +00:00
Wolfgang Rosenauer
97ab9cb840 - update to Firefox 40.0.3 (bnc#943550)
* Disable the asynchronous plugin initialization (bmo#1198590)
  * Fix a segmentation fault in the GStreamer support (bmo#1145230)
  * Fix a regression with some Japanese fonts used in the <input>
    field (bmo#1194055)
  * On some sites, the selection in a select combox box using the
    mouse could be broken (bmo#1194733)
  security fixes
  * MFSA 2015-94/CVE-2015-4497 (bmo#1164766, bmo#1175278)
    Use-after-free when resizing canvas element during restyling
  * MFSA 2015-95/CVE-2015-4498 (bmo#1042699)
    Add-on notification bypass through data URLs

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=456
2015-08-28 05:30:26 +00:00
Wolfgang Rosenauer
c24ccd4afb - update to Firefox 40.0 (bnc#940806)
* Added protection against unwanted software downloads
  * Suggested Tiles show sites of interest, based on categories
    from your recent browsing history
  * Hello allows adding a link to conversations to provide context
    on what the conversation will be about
  * New style for add-on manager based on the in-content
    preferences style
  * Improved scrolling, graphics, and video playback performance
    with off main thread compositing (GNU/Linux only)
  * Graphic blocklist mechanism improved: Firefox version ranges
    can be specified, limiting the number of devices blocked
  security fixes:
  * MFSA 2015-79/CVE-2015-4473/CVE-2015-4474
    Miscellaneous memory safety hazards
  * MFSA 2015-80/CVE-2015-4475 (bmo#1175396)
    Out-of-bounds read with malformed MP3 file
  * MFSA 2015-81/CVE-2015-4477 (bmo#1179484)
    Use-after-free in MediaStream playback
  * MFSA 2015-82/CVE-2015-4478 (bmo#1105914)
    Redefinition of non-configurable JavaScript object properties
  * MFSA 2015-83/CVE-2015-4479/CVE-2015-4480/CVE-2015-4493
    Overflow issues in libstagefright
  * MFSA 2015-84/CVE-2015-4481 (bmo1171518)
    Arbitrary file overwriting through Mozilla Maintenance Service
    with hard links (only affected Windows)
  * MFSA 2015-85/CVE-2015-4482 (bmo#1184500)
    Out-of-bounds write with Updater and malicious MAR file
    (does not affect openSUSE RPM packages which do not ship the
     updater)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=454
2015-08-12 07:11:49 +00:00
Wolfgang Rosenauer
5cd9f0a774 - security update to Firefox 39.0.3 (bnc#940918)
* MFSA 2015-78/CVE-2015-4495 (bmo#1179262, bmo#1178058)
    Same origin violation and local file stealing via PDF reader

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=452
2015-08-07 10:23:02 +00:00
Wolfgang Rosenauer
ea519de414 - update to Firefox 39.0 (bnc#935979)
security fixes:
  * MFSA 2015-59/CVE-2015-2724/CVE-2015-2725/CVE-2015-2726
    Miscellaneous memory safety hazards
  * MFSA 2015-60/CVE-2015-2727 (bmo#1163422)
    Local files or privileged URLs in pages can be opened into new tabs
  * MFSA 2015-61/CVE-2015-2728 (bmo#1142210)
    Type confusion in Indexed Database Manager
  * MFSA 2015-62/CVE-2015-2729 (bmo#1122218)
    Out-of-bound read while computing an oscillator rendering range in Web Audio
  * MFSA 2015-63/CVE-2015-2731 (bmo#1149891)
    Use-after-free in Content Policy due to microtask execution error
  * MFSA 2015-64/CVE-2015-2730 (bmo#1125025)
    ECDSA signature validation fails to handle some signatures correctly
    (this fix is shipped by NSS 3.19.1 externally)
  * MFSA 2015-65/CVE-2015-2722/CVE-2015-2733 (bmo#1166924, bmo#1169867)
    Use-after-free in workers while using XMLHttpRequest
  * MFSA 2015-66/CVE-2015-2734/CVE-2015-2735/CVE-2015-2736/CVE-2015-2737
    CVE-2015-2738/CVE-2015-2739/CVE-2015-2740
    Vulnerabilities found through code inspection
  * MFSA 2015-67/CVE-2015-2741 (bmo#1147497)
    Key pinning is ignored when overridable errors are encountered
  * MFSA 2015-68/CVE-2015-2742 (bmo#1138669)
    OS X crash reports may contain entered key press information
    (not relevant under Linux)
  * MFSA 2015-69/CVE-2015-2743 (bmo#1163109)
    Privilege escalation in PDF.js
  * MFSA 2015-70/CVE-2015-4000 (bmo#1138554)
    NSS accepts export-length DHE keys with regular DHE cipher suites
    (this fix is shipped by NSS 3.19.1 externally)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=450
2015-07-03 06:21:15 +00:00
Wolfgang Rosenauer
9353554b5d - update to Firefox 39.0
* Share Hello URLs with social networks
  * Support for 'switch' role in ARIA 1.1 (web accessibility)
  * SafeBrowsing malware detection lookups enabled for downloads
    (Mac OS X and Linux)
  * Support for new Unicode 8.0 skin tone emoji
  * Removed support for insecure SSLv3 for network communications
  * Disable use of RC4 except for temporarily whitelisted hosts
  * NPAPI Plug-in performance improved via asynchronous initialization
- dropped mozilla-prefer_plugin_pref.patch as this feature is
  likely not worth maintaining further
- rebased patches
- require NSS 3.19.2

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=449
2015-06-24 19:26:58 +00:00
Wolfgang Rosenauer
51e2af5d00 Accepting request 312501 from home:Andreas_Schwab:Factory
- mozilla-arm64-libjpeg-turbo.patch: fix libjpeg-turbo configuration

OBS-URL: https://build.opensuse.org/request/show/312501
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=448
2015-06-19 06:08:19 +00:00
Wolfgang Rosenauer
d0dd48e06c - update to Firefox 38.0.6
* fixes bmo#1171730 which is not really relevant to oS builds
- fix KDE regression from 38.0.5 builds (bsc#933439)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=447
2015-06-07 20:02:48 +00:00
Wolfgang Rosenauer
e03f1ffc2d - update to Firefox 38.0.5
* Keep track of articles and videos with Pocket
  * Clean formatting for articles and blog posts with Reader View
  * Share the active tab or window in a Hello conversation
- add changes file as source for SRPM (bsc#932142)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=445
2015-06-01 08:32:35 +00:00
Wolfgang Rosenauer
e63ccf245d OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=443 2015-05-15 11:19:14 +00:00
Wolfgang Rosenauer
13fb8d74ed Accepting request 307277 from home:michel_mno:branches:mozilla:Factory
- add mozilla-add-glibcxx_use_cxx11_abi.patch grabbed from
  https://bugzilla.mozilla.org/show_bug.cgi?id=1153109
  This is for Firefox version 38.0
  similar request as sr #307269 previously done for version 37.0.2

OBS-URL: https://build.opensuse.org/request/show/307277
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=442
2015-05-15 11:08:59 +00:00
Wolfgang Rosenauer
a9fdf6b5ec - update to Firefox 38.0.1
stability and regression fixes
  * Systems with first generation NVidia Optimus graphics cards
    may crash on start-up
  * Users who import cookies from Google Chrome can end up with
    broken websites
  * Large animated images may fail to play and may stop other
    images from loading
- update to Firefox 38.0 (bnc#930622)
  * New tab-based preferences
  * Ruby annotation support
  * more info: https://www.mozilla.org/en-US/firefox/38.0/releasenotes/
  security fixes:
  * MFSA 2015-46/CVE-2015-2708/CVE-2015-2709
    Miscellaneous memory safety hazards
  * MFSA 2015-47/VE-2015-0797 (bmo#1080995)
    Buffer overflow parsing H.264 video with Linux Gstreamer
  * MFSA 2015-48/CVE-2015-2710 (bmo#1149542)
    Buffer overflow with SVG content and CSS
  * MFSA 2015-49/CVE-2015-2711 (bmo#1113431)
    Referrer policy ignored when links opened by middle-click and
    context menu
  * MFSA 2015-50/CVE-2015-2712 (bmo#1152280)
    Out-of-bounds read and write in asm.js validation
  * MFSA 2015-51/CVE-2015-2713 (bmo#1153478)
    Use-after-free during text processing with vertical text enabled
  * MFSA 2015-53/CVE-2015-2715 (bmo#988698)
    Use-after-free due to Media Decoder Thread creation during shutdown
  * MFSA 2015-54/CVE-2015-2716 (bmo#1140537)
    Buffer overflow when parsing compressed XML

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=441
2015-05-15 09:20:13 +00:00
Wolfgang Rosenauer
8a0ded8a29 - update to 31.7.0 (bnc#)
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=440
2015-05-10 20:12:38 +00:00
Wolfgang Rosenauer
98f546d89a - update to Firefox 37.0.2 (bnc#928116)
* MFSA 2015-45/CVE-2015-2706 (bmo#1141081)
    Memory corruption during failed plugin initialization

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=438
2015-04-22 14:54:45 +00:00
Wolfgang Rosenauer
aece7ba539 - update to Firefox 37.0.1
* MFSA 2015-43/CVE-2015-0798 (bmo#1147597) (Android only)
    Loading privileged content through Reader mode
  * MFSA 2015-44/CVE-2015-0799 (bmo#1148328)
    Certificate verification bypass through the HTTP/2 Alt-Svc header

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=435
2015-04-07 07:34:55 +00:00
Wolfgang Rosenauer
c579f3ef60 - update to Firefox 37.0
- removed obsolete patches
  * mozilla-bmo1088588.patch
  * mozilla-bmo1108834.patch
- requires NSPR 4.10.8
  mozilla-bmo1005535.patch

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=432
2015-04-01 05:22:19 +00:00
Wolfgang Rosenauer
04d84121d1 Accepting request 292717 from home:k0da:branches:mozilla:Factory
- Fix builds with skia on Power
  mozilla-skia-be-le.patch (patch from #bmo1136958)
  mozilla-bmo1108834.patch
  mozilla-bmo1005535.patch

OBS-URL: https://build.opensuse.org/request/show/292717
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=431
2015-03-28 09:50:17 +00:00
Wolfgang Rosenauer
e8c38e0801 - update to Firefox 36.0.4 (bnc#923495)
* MFSA 2015-28/CVE-2015-0818 (bmo#1144988)
    Privilege escalation through SVG navigation
  * MFSA 2015-29/CVE-2015-0817 (bmo#1145255)
    Code execution through incorrect JavaScript bounds checking
    elimination

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=428
2015-03-22 09:37:21 +00:00
Wolfgang Rosenauer
257d91825b Accepting request 292105 from home:dimstar:Factory
OBS-URL: https://build.opensuse.org/request/show/292105
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=427
2015-03-21 12:49:29 +00:00
Wolfgang Rosenauer
cabc64ee55 - update to Firefox 36.0.1
Bugfixes:
  * Disable the usage of the ANY DNS query type (bmo#1093983)
  * Hello may become inactive until restart (bmo#1137469)
  * Print preferences may not be preserved (bmo#1136855)
  * Hello contact tabs may not be visible (bmo#1137141)
  * Accept hostnames that include an underscore character ("_")
    (bmo#1136616)
  * WebGL may use significant memory with Canvas2d (bmo#1137251)
  * Option -remote has been restored (bmo#1080319)
- added mozilla-skia-bmo1136958.patch to fix build issues for
  ARM and PPC

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=425
2015-03-07 12:10:06 +00:00
Wolfgang Rosenauer
e38465171c - update to Firefox 36.0 (bnc#917597)
* mozilla-xremote-client was removed
  * added libclearkey.so media plugin
  * Pinned tiles on the new tab page can be synced
  * Support for the full HTTP/2 protocol. HTTP/2 enables a faster,
    more scalable, and more responsive web.
  * Locale added: Uzbek (uz)
- rebased patches
- requires NSS 3.17.4

- update to Firefox 35.0.1
  * With the Enhanced Steam extension, Firefox could crash (bmo#1123732)
  * Kerberos authentication did not work with alias (bmo#1108971)
  * SVG / CSS animation had a regression causing rendering issues on
    websites like openstreemap.org (bmo#1083079)
  * On Godaddy webmail, Firefox could crash (bmo#1113121)
  * document.baseURI did not get updated to document.location after
    base tag was removed from DOM for site with a CSP (bmo#1121857)
  * With a Right-to-left (RTL) version of Firefox, the text selection
    could be broken (bmo#1104036)
  * CSP had a change in behavior with regard to case sensitivity
    resources loading (bmo#1122445)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=422
2015-02-23 20:32:13 +00:00
Wolfgang Rosenauer
1bda786938 - update to Firefox 35.0 (bnc#910669)
notable features:
  * Firefox Hello with new rooms-based conversations model
  * Implemented HTTP Public Key Pinning Extension (for enhanced
    authentication of encrypted connections)
- rebased patches
- dropped explicit support for everything older than 12.3
  (including SLES11)
  * merge firefox-kde.patch and firefox-kde-114.patch
  * dropped mozilla-sle11.patch
- reworked specfile to build conditionally based on release channel
  either Firefox or Firefox Developer Edition
- added mozilla-openaes-decl.patch to fix implicit declarations
- obsolete tracker-miner-firefox < 0.15 because it leads to startup
  crashes (bnc#908892)
- rebased patches

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=419
2015-01-14 18:32:16 +00:00
Wolfgang Rosenauer
4a13134b83 - update to Firefox 34.0.5 (bnc#908009)
* Default search engine changed to Yahoo! for North America
  * Default search engine changed to Yandex for Belarusian, Kazakh,
    and Russian locales
  * Improved search bar (en-US only)
  * Firefox Hello real-time communication client
  * Easily switch themes/personas directly in the Customizing mode
  * Implementation of HTTP/2 (draft14) and ALPN
  * Disabled SSLv3
  * MFSA 2014-83/CVE-2014-1587/CVE-2014-1588
    Miscellaneous memory safety hazards
  * MFSA 2014-84/CVE-2014-1589 (bmo#1043787)
    XBL bindings accessible via improper CSS declarations
  * MFSA 2014-85/CVE-2014-1590 (bmo#1087633)
    XMLHttpRequest crashes with some input streams
  * MFSA 2014-86/CVE-2014-1591 (bmo#1069762)
    CSP leaks redirect data via violation reports
  * MFSA 2014-87/CVE-2014-1592 (bmo#1088635)
    Use-after-free during HTML5 parsing
  * MFSA 2014-88/CVE-2014-1593 (bmo#1085175)
    Buffer overflow while parsing media content
  * MFSA 2014-89/CVE-2014-1594 (bmo#1074280)
    Bad casting from the BasicThebesLayer to BasicContainerLayer
- rebased patches
- limit linker memory usage for %ix86

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=415
2014-12-02 22:01:52 +00:00
Wolfgang Rosenauer
140e4a12ee - requires NSS 3.17.2
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=414
2014-11-10 16:05:57 +00:00
Wolfgang Rosenauer
b5acd11036 - update to Firefox 33.1
* Adding DuckDuckGo as a search option (upstream)
  * Forget Button added
  * Enhanced Tiles
  * Privacy tour introduced
- fix typo in GStreamer Recommends
- use proper macros for ARM

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=413
2014-11-10 15:49:04 +00:00
Wolfgang Rosenauer
849a660683 Accepting request 259749 from home:Guillaume_G:branches:mozilla:Factory
- Disable elf-hack for aarch64
- Enable EGL for aarch64
- Limit RAM usage during link for %arm
- Fix _constraints for ARM

OBS-URL: https://build.opensuse.org/request/show/259749
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=411
2014-11-06 20:54:53 +00:00
Wolfgang Rosenauer
ab979e2eb7 Accepting request 259483 from devel:ARM:Factory
- use proper macros for ARM 

- use '--disable-optimize' not only on 32-bit x86, but on 32-bit arm too
  to fix compiling.
- pass '-Wl,--no-keep-memory' to linker to reduce required memory during
  linking on arm.

OBS-URL: https://build.opensuse.org/request/show/259483
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=410
2014-11-04 23:02:38 +00:00
Wolfgang Rosenauer
113f1f2433 - update to Firefox 33.0.2
* Fix a startup crash with some combination of hardware and drivers
  33.0.1
  * Firefox displays a black screen at start-up with certain
    graphics drivers
- adjusted _constraints for ARM

- added mozilla-bmo1088588.patch to fix build with EGL (bmo#1088588)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=408
2014-10-30 12:43:09 +00:00
Wolfgang Rosenauer
b0bbfbf8c8 - define /usr/share/myspell as additional dictionary location
and remove add-plugins.sh finally (bnc#900639)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=407
2014-10-25 08:51:04 +00:00
Wolfgang Rosenauer
43013532ef OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=406 2014-10-20 11:39:30 +00:00
Wolfgang Rosenauer
fd45b34aba - use Firefox default optimization flags instead of -Os
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=405
2014-10-19 19:45:31 +00:00
Wolfgang Rosenauer
159486ad08 Accepting request 257650 from home:Vindex17:branches:mozilla:Factory
OBS-URL: https://build.opensuse.org/request/show/257650
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=404
2014-10-19 19:40:39 +00:00
Wolfgang Rosenauer
3d4d28e3ed - fix build for all ppc by not enabling elf-hack
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=402
2014-10-15 14:13:02 +00:00
Wolfgang Rosenauer
8cec21d43a - fix build for ppc64 and ppc64le by not enabling elf-hack
(bnc#901213)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=401
2014-10-15 08:16:22 +00:00
Wolfgang Rosenauer
2f02270073 - update to Firefox 33.0 (bnc#900941)
New features:
  * OpenH264 support (sandboxed)
  * Enhanced Tiles
  * Improved search experience through the location bar
  * Slimmer and faster JavaScript strings
  * New CSP (Content Security Policy) backend
  * Support for connecting to HTTP proxy over HTTPS
  * Improved reliability of the session restoration
  * Proprietary window.crypto properties/functions removed
- requires NSPR 4.10.7
- requires NSS 3.17.1
- removed obsolete patches:
  * mozilla-ppc.patch
  * mozilla-libproxy-compat.patch
- added basic appdata information

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=399
2014-10-13 18:00:43 +00:00
Wolfgang Rosenauer
ab5934fcc8 - use some more build flags to align with upstream
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=397
2014-09-22 17:07:48 +00:00
Wolfgang Rosenauer
6d0dbb410f - update to Firefox 32.0.2
* just a version bump for our builds
  * fixed the in application update process for certain environments
    (in application update is not enabled in openSUSE and Linux
    is unaffected in any case)
- build with --disable-optimize for 13.1 and above for i586 to
  workaround miscompilations (bnc#896624)

- update to Firefox 32.0.1
  * fixed stability issues for computers with multiple graphics cards
  * mixed content icon may be incorrectly displayed instead of lock
    icon for SSL sites in 32.0 (
  * WebRTC: setRemoteDescription() silently fails if no success
    callback is specified (bmo#1063971)

- update to Firefox 32.0 (bnc#894370)
  * MFSA 2014-67/CVE-2014-1553/CVE-2014-1554/CVE-2014-1562
- rebased patches
- requires NSS 3.16.4
- removed upstreamed patch
  * mozilla-aarch64-bmo-810631.patch

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=396
2014-09-22 16:35:40 +00:00
Wolfgang Rosenauer
894acf7ddc - update to Firefox 31.1.0esr (bnc#894370)
- changes to support compilation on 11.4
  * explicit xz BuildRequires
  * mozilla-nullptr-gcc45.patch
  * remove unresolved makeinfo BuildRequires

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=393
2014-09-01 09:59:18 +00:00
Wolfgang Rosenauer
51d960176f - update to Firefox 31.0 (bnc#887746)
- use EGL on ARM
- rebased patches
- requires NSS 3.16.2
- requires python-devel (not only python)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=389
2014-07-21 09:32:46 +00:00
Wolfgang Rosenauer
46f07576a3 Accepting request 241651 from home:mayerjosua:mozilla
use libEGL as glprovider on ARM. I believe it is safe to assume that on ARM, if we got any OpenGL, it will be at least EGL and GLES. I tested this on Cubox-i with vivante gc2000, and the webgl demo cube worked fine.

OBS-URL: https://build.opensuse.org/request/show/241651
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=388
2014-07-20 18:10:31 +00:00
Wolfgang Rosenauer
83b187e5a4 - update to Firefox 30.0 (bnc#881874)
* MFSA 2014-48/CVE-2014-1533/CVE-2014-1534
    (bmo#921622, bmo#967354, bmo#969517, bmo#969549, bmo#973874,
     bmo#978652, bmo#978811, bmo#988719, bmo#990868, bmo#991981,
     bmo#992274, bmo#994907, bmo#995679, bmo#995816, bmo#995817,
     bmo#996536, bmo#996715, bmo#999651, bmo#1000598,
     bmo#1000960, bmo#1002340, bmo#1005578, bmo#1007223,
     bmo#1009952, bmo#1011007)
    Miscellaneous memory safety hazards (rv:30.0)
  * MFSA 2014-49/CVE-2014-1536/CVE-2014-1537/CVE-2014-1538
    (bmo#989994, bmo#999274, bmo#1005584)
    Use-after-free and out of bounds issues found using Address
    Sanitizer
  * MFSA 2014-50/CVE-2014-1539 (bmo#995603)
    Clickjacking through cursor invisability after Flash interaction
  * MFSA 2014-51/CVE-2014-1540 (bmo#978862)
    Use-after-free in Event Listener Manager
  * MFSA 2014-52/CVE-2014-1541 (bmo#1000185)
    Use-after-free with SMIL Animation Controller
  * MFSA 2014-53/CVE-2014-1542 (bmo#991533)
    Buffer overflow in Web Audio Speex resampler
  * MFSA 2014-54/CVE-2014-1543 (bmo#1011859)
    Buffer overflow in Gamepad API
- rebased patches
- removed obsolete patches
  * firefox-browser-css.patch
  * mozilla-aarch64-bmo-962488.patch
  * mozilla-aarch64-bmo-963023.patch
  * mozilla-aarch64-bmo-963024.patch
  * mozilla-aarch64-bmo-963027.patch

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=384
2014-06-11 08:41:30 +00:00
Wolfgang Rosenauer
25ebccd71b - update to Firefox 29.0.1
* Seer disabled by default (bmo#1005958)
  * Session Restore failed with a corrupted sessionstore.js file
    (bmo#1001167)
  * pdf.js printing white page (bmo#1003707, bnc#876833)
- general.useragent.locale gets overwritten with en-US while it
  should be using the active langpack's setting

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=382
2014-05-11 18:09:20 +00:00
Wolfgang Rosenauer
e3fa498b57 - update to Thunderbird 24.5.0 (bnc#875378)
* MFSA 2014-34/CVE-2014-1518
    Miscellaneous memory safety hazards
  * MFSA 2014-37/CVE-2014-1523 (bmo#969226)
    Out of bounds read while decoding JPG images
  * MFSA 2014-38/CVE-2014-1524 (bmo#989183)
    Buffer overflow when using non-XBL object as XBL
  * MFSA 2014-42/CVE-2014-1529 (bmo#987003)
    Privilege escalation through Web Notification API
  * MFSA 2014-43/CVE-2014-1530 (bmo#895557)
    Cross-site scripting (XSS) using history navigations
  * MFSA 2014-44/CVE-2014-1531 (bmo#987140)
    Use-after-free in imgLoader while resizing images
  * MFSA 2014-46/CVE-2014-1532 (bmo#966006)
    Use-after-free in nsHostResolver
- use shipped-locales as the authoritative source for supported
  locales (some unsupported locales disappear from -other package)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=380
2014-04-29 21:30:39 +00:00
Wolfgang Rosenauer
9d19809515 - update to Firefox 29.0 (bnc#875378)
- rebased patches
- removed obsolete patches
  * firefox-browser-css.patch
  * mozilla-aarch64-599882cfb998.diff
  * mozilla-aarch64-bmo-963028.patch
  * mozilla-aarch64-bmo-963029.patch
  * mozilla-aarch64-bmo-963030.patch
  * mozilla-aarch64-bmo-963031.patch
- requires NSS 3.16
- added mozilla-icu-strncat.patch to fix post build checks
- add mozilla-aarch64-599882cfb998.patch,
- Add patch for bmo#973977
- Refresh mozilla-ppc64le-xpcom.patch patch
- Adapt mozilla-ppc64le-xpcom.patch to Mozilla > 24.0 build system

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=378
2014-04-27 16:09:32 +00:00
Wolfgang Rosenauer
eda8b9c884 Accepting request 229482 from devel:ARM:Factory
- add mozilla-aarch64-599882cfb998.patch, 
      mozilla-aarch64-bmo-810631.patch,
      mozilla-aarch64-bmo-962488.patch,
      mozilla-aarch64-bmo-963030.patch,
      mozilla-aarch64-bmo-963027.patch,
      mozilla-aarch64-bmo-963028.patch,
      mozilla-aarch64-bmo-963029.patch,
      mozilla-aarch64-bmo-963023.patch,
      mozilla-aarch64-bmo-963024.patch,
      mozilla-aarch64-bmo-963031.patch: AArch64 porting

OBS-URL: https://build.opensuse.org/request/show/229482
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=376
2014-04-13 14:47:41 +00:00
Wolfgang Rosenauer
27336c8295 Accepting request 227348 from openSUSE:Factory:PowerPC
Build fixes for ppc64 and ppc64le

OBS-URL: https://build.opensuse.org/request/show/227348
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=374
2014-03-25 08:26:07 +00:00
Wolfgang Rosenauer
ee63deb207 - update to Firefox 28.0 (bnc#868603)
* MFSA 2014-15/CVE-2014-1493/CVE-2014-1494
    Miscellaneous memory safety hazards
  * MFSA 2014-17/CVE-2014-1497 (bmo#966311)
    Out of bounds read during WAV file decoding
  * MFSA 2014-18/CVE-2014-1498 (bmo#935618)
    crypto.generateCRMFRequest does not validate type of key
  * MFSA 2014-19/CVE-2014-1499 (bmo#961512)
    Spoofing attack on WebRTC permission prompt
  * MFSA 2014-20/CVE-2014-1500 (bmo#956524)
    onbeforeunload and Javascript navigation DOS
  * MFSA 2014-22/CVE-2014-1502 (bmo#972622)
    WebGL content injection from one domain to rendering in another
  * MFSA 2014-23/CVE-2014-1504 (bmo#911547)
    Content Security Policy for data: documents not preserved by
    session restore
  * MFSA 2014-26/CVE-2014-1508 (bmo#963198)
    Information disclosure through polygon rendering in MathML
  * MFSA 2014-27/CVE-2014-1509 (bmo#966021)
    Memory corruption in Cairo during PDF font rendering
  * MFSA 2014-28/CVE-2014-1505 (bmo#941887)
    SVG filters information disclosure through feDisplacementMap
  * MFSA 2014-29/CVE-2014-1510/CVE-2014-1511 (bmo#982906, bmo#982909)
    Privilege escalation using WebIDL-implemented APIs
  * MFSA 2014-30/CVE-2014-1512 (bmo#982957)
    Use-after-free in TypeObject
  * MFSA 2014-31/CVE-2014-1513 (bmo#982974)
    Out-of-bounds read/write through neutering ArrayBuffer objects
  * MFSA 2014-32/CVE-2014-1514 (bmo#983344)
    Out-of-bounds write through TypedArrayObject after neutering

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=370
2014-03-18 19:44:32 +00:00
Wolfgang Rosenauer
2e55657fde - update to Firefox 27.0.1
* Fixed stability issues with Greasemonkey and other JS that used
    ClearTimeoutOrInterval
  * JS math correctness issue (bnc#941381)
- incorporate Google API key for geolocation (bnc#864170)
- updated list of "other" locales in RPM requirements

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=366
2014-02-23 10:04:06 +00:00
Wolfgang Rosenauer
8f3bc80ce6 - update to Firefox 27.0 (bnc#)
- requires NSS 3.15.4 or higher
- rebased/reworked patches
- removed obsolete mozilla-bug929439.patch

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=363
2014-02-03 15:34:42 +00:00
Wolfgang Rosenauer
89fd780e78 * mozilla-ppc64le.patch: general support
* mozilla-libffi-ppc64le.patch: libffi backport
  * mozilla-xpcom-ppc64le.patch: port xpcom

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=361
2014-01-02 21:31:24 +00:00
Wolfgang Rosenauer
65e2d4d5d7 Accepting request 211248 from openSUSE:Factory:PowerLE
- Add support for powerpc64le-linux.
  * ppc64le-support.patch: general support
  * libffi-ppc64le.patch: libffi backport
  * xpcom-ppc64le.patch: port xpcom
- Add build fix from mainline.
  * mozilla-bug929439.patch

OBS-URL: https://build.opensuse.org/request/show/211248
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=360
2014-01-02 20:02:50 +00:00
Wolfgang Rosenauer
2dbba8a23d - update to Firefox 26.0 (bnc#854367, bnc#854370)
* rebased patches
  * requires NSPR 4.10.2 and NSS 3.15.3.1
  * MFSA 2013-104/CVE-2013-5609/CVE-2013-5610
    Miscellaneous memory safety hazards
  * MFSA 2013-105/CVE-2013-5611 (bmo#771294)
    Application Installation doorhanger persists on navigation
  * MFSA 2013-106/CVE-2013-5612 (bmo#871161)
    Character encoding cross-origin XSS attack
  * MFSA 2013-107/CVE-2013-5614 (bmo#886262)
    Sandbox restrictions not applied to nested object elements
  * MFSA 2013-108/CVE-2013-5616 (bmo#938341)
    Use-after-free in event listeners
  * MFSA 2013-109/CVE-2013-5618 (bmo#926361)
    Use-after-free during Table Editing
  * MFSA 2013-110/CVE-2013-5619 (bmo#917841)
    Potential overflow in JavaScript binary search algorithms
  * MFSA 2013-111/CVE-2013-6671 (bmo#930281)
    Segmentation violation when replacing ordered list elements
  * MFSA 2013-112/CVE-2013-6672 (bmo#894736)
    Linux clipboard information disclosure though selection paste
  * MFSA 2013-113/CVE-2013-6673 (bmo#970380)
    Trust settings for built-in roots ignored during EV certificate
    validation
  * MFSA 2013-114/CVE-2013-5613 (bmo#930381, bmo#932449)
    Use-after-free in synthetic mouse movement
  * MFSA 2013-115/CVE-2013-5615 (bmo#929261)
    GetElementIC typed array stubs can be generated outside observed
    typesets
  * MFSA 2013-116/CVE-2013-6629/CVE-2013-6630 (bmo#891693)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=358
2013-12-11 08:31:54 +00:00
Wolfgang Rosenauer
bf5fb37f98 - update to Firefox 25.0 (bnc#847708)
* rebased patches
  * requires NSS 3.15.2 or above
  * MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592
    Miscellaneous memory safety hazards
  * MFSA 2013-94/CVE-2013-5593 (bmo#868327)
    Spoofing addressbar through SELECT element
  * MFSA 2013-95/CVE-2013-5604 (bmo#914017)
    Access violation with XSLT and uninitialized data
  * MFSA 2013-96/CVE-2013-5595 (bmo#916580)
    Improperly initialized memory and overflows in some JavaScript
    functions
  * MFSA 2013-97/CVE-2013-5596 (bmo#910881)
    Writing to cycle collected object during image decoding
  * MFSA 2013-98/CVE-2013-5597 (bmo#918864)
    Use-after-free when updating offline cache
  * MFSA 2013-99/CVE-2013-5598 (bmo#920515)
    Security bypass of PDF.js checks using iframes
  * MFSA 2013-100/CVE-2013-5599/CVE-2013-5600/CVE-2013-5601
    (bmo#915210, bmo#915576, bmo#916685)
    Miscellaneous use-after-free issues found through ASAN fuzzing
  * MFSA 2013-101/CVE-2013-5602 (bmo#897678)
    Memory corruption in workers
  * MFSA 2013-102/CVE-2013-5603 (bmo#916404)
    Use-after-free in HTML document templates

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=356
2013-10-30 14:45:02 +00:00
Wolfgang Rosenauer
a7dffc4885 - as GStreamer is not automatically required anymore but loaded
dynamically if available, require it explicitely
- recommend optional GStreamer plugins for comprehensive media
  support

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=354
2013-09-29 11:39:09 +00:00
Wolfgang Rosenauer
f2371498fd Accepting request 199275 from home:lnussel:branches:mozilla:Factory
- move greek from to the translations-common package (bnc#840551)

OBS-URL: https://build.opensuse.org/request/show/199275
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=350
2013-09-16 15:35:15 +00:00
Wolfgang Rosenauer
d2200a49cd - update to Firefox 24.0 (bnc#840485)
- enable gstreamer via pref (gecko.js)
- require NSS 3.15.1

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=349
2013-09-16 07:57:05 +00:00
Wolfgang Rosenauer
88e647fe19 - update to Firefox 23.0.1
* Audio static/"burble"/breakup in Firefox to Firefox WebRTC calls
    (bmo#901527)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=347
2013-08-27 07:42:59 +00:00
Wolfgang Rosenauer
2e3fd693c1 - update to Firefox 23.0 (bnc#833389)
* MFSA 2013-63/CVE-2013-1701/CVE-2013-1702
    Miscellaneous memory safety hazards
  * MFSA 2013-64/CVE-2013-1704 (bmo#883313)
    Use after free mutating DOM during SetBody
  * MFSA 2013-65/CVE-2013-1705 (bmo#882865)
    Buffer underflow when generating CRMF requests
  * MFSA 2013-67/CVE-2013-1708 (bmo#879924)
    Crash during WAV audio file decoding
  * MFSA 2013-68/CVE-2013-1709 (bmo#838253)
    Document URI misrepresentation and masquerading
  * MFSA 2013-69/CVE-2013-1710 (bmo#871368)
    CRMF requests allow for code execution and XSS attacks
  * MFSA 2013-70/CVE-2013-1711 (bmo#843829)
    Bypass of XrayWrappers using XBL Scopes
  * MFSA 2013-72/CVE-2013-1713 (bmo#887098)
    Wrong principal used for validating URI for some Javascript
    components
  * MFSA 2013-73/CVE-2013-1714 (bmo#879787)
    Same-origin bypass with web workers and XMLHttpRequest
  * MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397)
    Local Java applets may read contents of local file system
- requires NSPR 4.10 and NSS 3.15

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=345
2013-08-07 12:18:59 +00:00
Wolfgang Rosenauer
a7d7992747 Accepting request 181923 from devel:ARM:Factory
- fix build on ARM (/-g/ matches /-grecord-switches/)

OBS-URL: https://build.opensuse.org/request/show/181923
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=343
2013-07-05 12:52:24 +00:00
Wolfgang Rosenauer
09a0ed1d17 - update to Firefox 22.0 (bnc#825935)
* removed obsolete patches
    + mozilla-qcms-ppc.patch
    + mozilla-gstreamer-760140.patch
  * GStreamer support does not build on 12.1 anymore (build only
    on 12.2 and later)
- Fix qcms altivec include (mozilla-qcms-ppc.patch)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=340
2013-06-24 07:57:33 +00:00
Wolfgang Rosenauer
0fe7f2e888 Accepting request 178590 from home:k0da:ppc
- Fix qcms altivec include (mozilla-qcms-ppc.patch)

OBS-URL: https://build.opensuse.org/request/show/178590
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=338
2013-06-12 07:22:47 +00:00
Wolfgang Rosenauer
b0b9e15388 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=335 2013-05-15 20:58:21 +00:00
Wolfgang Rosenauer
e44b8338d6 - update to Firefox 21.0 (bnc#819204)
* removed upstreamed patch firefox-712763.patch
  * removed disabled mozilla-disable-neon-option.patch

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=333
2013-05-14 14:33:59 +00:00
Wolfgang Rosenauer
dbffa7026c - revert to use GStreamer 0.10 on 12.3 (bnc#814101)
(remove mozilla-gstreamer-1.patch)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=331
2013-04-09 10:48:15 +00:00
Wolfgang Rosenauer
55c5e9e709 Accepting request 162909 from home:AndreasSchwab:ff
- Explicitly disable WebRTC support on non-x86, the configure script
  disables it only half-heartedly

OBS-URL: https://build.opensuse.org/request/show/162909
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=329
2013-04-06 19:20:40 +00:00
Wolfgang Rosenauer
10b98266f1 - update to Firefox 20.0 (bnc#813026)
* requires NSPR 4.9.5 and NSS 3.14.3
  * MFSA 2013-30/CVE-2013-0788/CVE-2013-0789
    Miscellaneous memory safety hazards
  * MFSA 2013-31/CVE-2013-0800 (bmo#825721)
    Out-of-bounds write in Cairo library
  * MFSA 2013-35/CVE-2013-0796 (bmo#827106)
    WebGL crash with Mesa graphics driver on Linux
  * MFSA 2013-36/CVE-2013-0795 (bmo#825697)
    Bypass of SOW protections allows cloning of protected nodes
  * MFSA 2013-37/CVE-2013-0794 (bmo#626775)
    Bypass of tab-modal dialog origin disclosure
  * MFSA 2013-38/CVE-2013-0793 (bmo#803870)
    Cross-site scripting (XSS) using timed history navigations
  * MFSA 2013-39/CVE-2013-0792 (bmo#722831)
    Memory corruption while rendering grayscale PNG images
- use GStreamer 1.0 starting with 12.3 (mozilla-gstreamer-1.patch)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=326
2013-04-02 19:00:31 +00:00
Wolfgang Rosenauer
90bc4d30c6 Accepting request 158795 from devel:ARM:Factory
- build fixes for armv7hl:
  * disable debug build as armv7hl does not have enough memory
  * disable webrtc on armv7hl as it is non-compiling

OBS-URL: https://build.opensuse.org/request/show/158795
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=324
2013-03-14 09:58:43 +00:00
Wolfgang Rosenauer
f34b49371b - update to Firefox 19.0.2 (bnc#808243)
* MFSA 2013-29/CVE-2013-0787 (bmo#555018)
    Use-after-free in HTML Editor

- update to Firefox 19.0.1
  * blocklist updates

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=321
2013-03-08 13:41:22 +00:00
Wolfgang Rosenauer
6a20f50d7f - update to Firefox 19.0 (bnc#804248)
* MFSA 2013-21/CVE-2013-0783/2013-0784
    Miscellaneous memory safety hazards
  * MFSA 2013-22/CVE-2013-0772 (bmo#801366)
    Out-of-bounds read in image rendering
  * MFSA 2013-23/CVE-2013-0765 (bmo#830614)
    Wrapped WebIDL objects can be wrapped again
  * MFSA 2013-24/CVE-2013-0773 (bmo#809652)
    Web content bypass of COW and SOW security wrappers
  * MFSA 2013-25/CVE-2013-0774 (bmo#827193)
    Privacy leak in JavaScript Workers
  * MFSA 2013-26/CVE-2013-0775 (bmo#831095)
    Use-after-free in nsImageLoadingContent
  * MFSA 2013-27/CVE-2013-0776 (bmo#796475)
    Phishing on HTTPS connection through malicious proxy
  * MFSA 2013-28/CVE-2013-0780/CVE-2013-0782/CVE-2013-0777/
    CVE-2013-0778/CVE-2013-0779/CVE-2013-0781
    Use-after-free, out of bounds read, and buffer overflow issues
    found using Address Sanitizer
- removed obsolete patches
  * mozilla-webrtc.patch
  * mozilla-gstreamer-803287.patch
- added patch to fix session restore window order (bmo#712763)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=319
2013-02-19 19:24:59 +00:00
Wolfgang Rosenauer
71d293a758 - update to Firefox 18.0.2
* blocklist and CTP updates
  * fixes in JS engine

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=317
2013-02-08 07:03:05 +00:00
Wolfgang Rosenauer
1ad53d1168 - update to Firefox 18.0.1
* blocklist updates
  * backed out bmo#677092 (removed patch)
  * fixed problems involving HTTP proxy transactions

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=315
2013-01-20 09:36:34 +00:00
Wolfgang Rosenauer
29bd40e39a Accepting request 148241 from home:AndreasSchwab:ff
- Fix WebRTC to build on powerpc

OBS-URL: https://build.opensuse.org/request/show/148241
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=314
2013-01-13 13:11:48 +00:00
Wolfgang Rosenauer
7a99168951 - added mozilla-libproxy-compat.patch for libproxy API compat
on openSUSE 11.2 and earlier
- backed out restartless language packs as it broke multi-locale
  setup (bmo#677092, bmo#818468)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=309
2013-01-08 15:14:02 +00:00
Wolfgang Rosenauer
16dbe14e33 - update to Firefox 18.0 (bnc#796895)
* requires NSS 3.14.1
  * removed obsolete SLE11 patches (mozilla-gcc43*)
- ported patches
- reenable WebRTC

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=308
2013-01-07 20:49:28 +00:00
Wolfgang Rosenauer
401b2f7bae - update to Firefox 17.0.1
* revert some useragent changes introduced in 17.0
  * leaving private browsing with social enabled doesn't reset all
    social components (bmo#815042)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=306
2012-11-30 09:28:25 +00:00
Wolfgang Rosenauer
662e67c339 - update to Firefox 17.0 (bnc#790140)
* MFSA 2012-91/CVE-2012-5842/CVE-2012-5843
    Miscellaneous memory safety hazards
  * MFSA 2012-92/CVE-2012-4202 (bmo#758200)
    Buffer overflow while rendering GIF images
  * MFSA 2012-93/CVE-2012-4201 (bmo#747607)
    evalInSanbox location context incorrectly applied
  * MFSA 2012-94/CVE-2012-5836 (bmo#792857)
    Crash when combining SVG text on path with CSS
  * MFSA 2012-95/CVE-2012-4203 (bmo#765628)
    Javascript: URLs run in privileged context on New Tab page
  * MFSA 2012-96/CVE-2012-4204 (bmo#778603)
    Memory corruption in str_unescape
  * MFSA 2012-97/CVE-2012-4205 (bmo#779821)
    XMLHttpRequest inherits incorrect principal within sandbox
  * MFSA 2012-99/CVE-2012-4208 (bmo#798264)
    XrayWrappers exposes chrome-only properties when not in chrome
    compartment
  * MFSA 2012-100/CVE-2012-5841 (bmo#805807)
    Improper security filtering for cross-origin wrappers
  * MFSA 2012-101/CVE-2012-4207 (bmo#801681)
    Improper character decoding in HZ-GB-2312 charset
  * MFSA 2012-102/CVE-2012-5837 (bmo#800363)
    Script entered into Developer Toolbar runs with chrome privileges
  * MFSA 2012-103/CVE-2012-4209 (bmo#792405)
    Frames can shadow top.location
  * MFSA 2012-104/CVE-2012-4210 (bmo#796866)
    CSS and HTML injection through Style Inspector
  * MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/
    CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=303
2012-11-20 20:34:15 +00:00
Wolfgang Rosenauer
42ce70cbed - update to Firefox 16.0.2 (bnc#786522)
* MFSA 2012-90/CVE-2012-4194/CVE-2012-4195/CVE-2012-4196
    (bmo#800666, bmo#793121, bmo#802557)
    Fixes for Location object issues
- bring back Obsoletes for libproxy's mozjs plugin for distributions
  before 12.2 to avoid crashes

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=301
2012-10-26 21:49:26 +00:00
Wolfgang Rosenauer
7513245175 - update to Firefox 16.0.1 (bnc#783533)
* MFSA 2012-88/CVE-2012-4191 (bmo#798045)
    Miscellaneous memory safety hazards
  * MFSA 2012-89/CVE-2012-4192/CVE-2012-4193 (bmo#799952, bmo#720619)
    defaultValue security checks not applied

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=299
2012-10-12 06:40:31 +00:00
Wolfgang Rosenauer
6f2059ff99 - update to Firefox 16.0 (bnc#783533)
- requires NSPR 4.9.2
- improve GStreamer integration (bmo#760140)
- removed upstreamed mozilla-crashreporter-restart-args.patch
- webapprt now included
- use kmozillahelper's new REVEAL command (bnc#777415)
  (requires mozilla-kde4-integration >= 0.6.4)
- updated translations-other with new languages

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=295
2012-10-09 11:14:08 +00:00
Wolfgang Rosenauer
a1842748f3 - update to Firefox 15.0.1 (bnc#779936)
* Sites visited while in Private Browsing mode could be found
    through manual browser cache inspection (bmo#787743)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=293
2012-09-12 10:14:03 +00:00
Wolfgang Rosenauer
84ebf9d464 - update to Firefox 15.0 (bnc#777588)
* MFSA 2012-57/CVE-2012-1970
    Miscellaneous memory safety hazards
  * MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1975
    CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE-2012-3959
    CVE-2012-3960/CVE-2012-3961/CVE-2012-3962/CVE-2012-3963/CVE-2012-3964
    Use-after-free issues found using Address Sanitizer
  * MFSA 2012-59/CVE-2012-1956 (bmo#756719)
    Location object can be shadowed using Object.defineProperty
  * MFSA 2012-60/CVE-2012-3965 (bmo#769108)
    Escalation of privilege through about:newtab
  * MFSA 2012-61/CVE-2012-3966 (bmo#775794, bmo#775793)
    Memory corruption with bitmap format images with negative height
  * MFSA 2012-62/CVE-2012-3967/CVE-2012-3968
    WebGL use-after-free and memory corruption
  * MFSA 2012-63/CVE-2012-3969/CVE-2012-3970
    SVG buffer overflow and use-after-free issues
  * MFSA 2012-64/CVE-2012-3971
    Graphite 2 memory corruption
  * MFSA 2012-65/CVE-2012-3972 (bmo#746855)
    Out-of-bounds read in format-number in XSLT
  * MFSA 2012-66/CVE-2012-3973 (bmo#757128)
    HTTPMonitor extension allows for remote debugging without explicit
    activation
  * MFSA 2012-68/CVE-2012-3975 (bmo#770684)
    DOMParser loads linked resources in extensions when parsing
    text/html
  * MFSA 2012-69/CVE-2012-3976 (bmo#768568)
    Incorrect site SSL certificate data display
  * MFSA 2012-70/CVE-2012-3978 (bmo#770429)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=291
2012-08-28 18:40:50 +00:00
Wolfgang Rosenauer
e5beda73e6 - PPC fixes:
* reenabled mozilla-yarr-pcre.patch to fix build for PPC
  * add patches for bmo#750620 and bmo#746112
  * fix xpcshell segfault on ppc

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=285
2012-07-16 18:54:48 +00:00
Wolfgang Rosenauer
ec5d636a3c - update to 14.0.1 (bnc#)
- license change from tri license to MPL-2.0
- fix crashreporter restart option (bmo#762780)
- reenabled mozilla-yarr-pcre.patch to fix build for PPC
- require NSS 3.13.5
- remove mozjs pacrunner obsoletes again for now
- adopted mozilla-prefer_plugin_pref.patch

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=284
2012-07-16 08:13:51 +00:00
Wolfgang Rosenauer
ad9947e5f3 - update to Firefox 13.0.1
* bugfix release
- obsolete libproxy's mozjs pacrunner (bnc#759123)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=282
2012-06-15 20:14:41 +00:00
Wolfgang Rosenauer
a7f369b4c2 - update to Firefox 13.0 (bnc#765204)
* MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101
    Miscellaneous memory safety hazards
  * MFSA 2012-36/CVE-2012-1944 (bmo#751422)
    Content Security Policy inline-script bypass
  * MFSA 2012-37/CVE-2012-1945 (bmo#670514)
    Information disclosure though Windows file shares and shortcut
    files
  * MFSA 2012-38/CVE-2012-1946 (bmo#750109)
    Use-after-free while replacing/inserting a node in a document
  * MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941
    Buffer overflow and use-after-free issues found using Address
    Sanitizer
- require NSS 3.13.4
  * MFSA 2012-39/CVE-2012-0441 (bmo#715073)
- fix sound notifications when filename/path contains a whitespace
  (bmo#749739)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=280
2012-06-05 18:01:53 +00:00
Wolfgang Rosenauer
233fa87cb3 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=278 2012-05-25 07:14:05 +00:00
Wolfgang Rosenauer
5cbfe5dc1a Accepting request 122016 from openSUSE:Factory:ARM
explicit disable EDSP on arm, support is broken

OBS-URL: https://build.opensuse.org/request/show/122016
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=277
2012-05-25 07:01:36 +00:00
Wolfgang Rosenauer
03a2b96996 - reenabled crashreporter for Factory/12.2
(fix in mozilla-gcc47.patch)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=275
2012-05-16 05:35:58 +00:00
Wolfgang Rosenauer
3c4317c1ff - update to Firefox 12.0 (bnc#758408)
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=271
2012-04-21 10:42:40 +00:00
Wolfgang Rosenauer
1d2bc7dc71 - update to Firefox 12.0b6
* rebased patches
- added mozilla-libnotify.patch to allow fallback from libnotify
  to xul based events if no notification-daemon is running
- gcc 4.7 fixes
  * mozilla-gcc47.patch
  * disabled crashreporter temporarily for Factory
- recommend libcanberra0 for proper sound notifications

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=270
2012-04-20 19:18:58 +00:00
Wolfgang Rosenauer
9b8c7a10ed - update to Firefox 11.0 (bnc#750044)
* MFSA 2012-13/CVE-2012-0455 (bmo#704354)
    XSS with Drag and Drop and Javascript: URL
  * MFSA 2012-14/CVE-2012-0456/CVE-2012-0457 (bmo#711653, #720103)
    SVG issues found with Address Sanitizer
  * MFSA 2012-15/CVE-2012-0451 (bmo#717511)
    XSS with multiple Content Security Policy headers
  * MFSA 2012-16/CVE-2012-0458
    Escalation of privilege with Javascript: URL as home page
  * MFSA 2012-17/CVE-2012-0459 (bmo#723446)
    Crash when accessing keyframe cssText after dynamic modification
  * MFSA 2012-18/CVE-2012-0460 (bmo#727303)
    window.fullScreen writeable by untrusted content
  * MFSA 2012-19/CVE-2012-0461/CVE-2012-0462/CVE-2012-0464/
    CVE-2012-0463
    Miscellaneous memory safety hazards

- add Provides: browser(npapi) FATE#313084

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=268
2012-03-14 07:27:10 +00:00
Wolfgang Rosenauer
86129f9536 Accepting request 107981 from home:vdziewiecki:branches:mozilla:Factory
- add Provides: browser(npapi) FATE#313084

OBS-URL: https://build.opensuse.org/request/show/107981
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=266
2012-03-05 13:38:22 +00:00
Wolfgang Rosenauer
934bfffd3c OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=265 2012-03-01 09:11:44 +00:00
Wolfgang Rosenauer
3dcefa43db - update to version 11.0b5
- ported and reenabled KDE integration (bnc#746591)
- explicitely build-require X libs

- better plugin directory resolution (bnc#747320)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=264
2012-03-01 09:09:12 +00:00
Wolfgang Rosenauer
debdb7d238 Accepting request 107062 from openSUSE:Factory:ARM
- fix buildrequires for Factory

OBS-URL: https://build.opensuse.org/request/show/107062
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=263
2012-02-28 07:27:36 +00:00
Wolfgang Rosenauer
48942bb06f - update to Firefox 10.0.2 (bnc#747328)
* CVE-2011-3026 (bmo#727401)
    libpng: integer overflow leading to heap-buffer overflow

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=261
2012-02-16 13:41:23 +00:00
Wolfgang Rosenauer
9dd1e5949c - update to Firefox 10.0.1 (bnc#746616)
* MFSA 2012-10/CVE-2012-0452 (bmo#724284)
    use after free in nsXBLDocumentInfo::ReadPrototypeBindings

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=258
2012-02-12 22:09:22 +00:00
Wolfgang Rosenauer
eee92765e6 - Use YARR interpreter instead of PCRE on platforms where YARR JIT
is not supported, since PCRE doesnt build (bmo#691898)
- fix ppc64 build (bmo#703534)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=255
2012-02-07 18:15:47 +00:00
Wolfgang Rosenauer
54fa2b53dd - update to Firefox 10.0 (bnc#744275)
* MFSA 2012-01/CVE-2012-0442/CVE-2012-0443
    Miscellaneous memory safety hazards
  * MFSA 2012-03/CVE-2012-0445 (bmo#701071)
    <iframe> element exposed across domains via name attribute
  * MFSA 2012-04/CVE-2011-3659 (bmo#708198)
    Child nodes from nsDOMAttribute still accessible after removal
    of nodes
  * MFSA 2012-05/CVE-2012-0446 (bmo#705651)
    Frame scripts calling into untrusted objects bypass security
    checks
  * MFSA 2012-06/CVE-2012-0447 (bmo#710079)
    Uninitialized memory appended when encoding icon images may
    cause information disclosure
  * MFSA 2012-07/CVE-2012-0444 (bmo#719612)
    Potential Memory Corruption When Decoding Ogg Vorbis files
  * MFSA 2012-08/CVE-2012-0449 (bmo#701806, bmo#702466)
    Crash with malformed embedded XSLT stylesheets
- KDE integration has been disabled since it needs refactoring
- removed obsolete ppc64 patch

- Disable neon for arm as it doesn't build correctly

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=252
2012-02-01 13:37:15 +00:00
Wolfgang Rosenauer
f33289d5ff - update to Firefox 9.0.1
* (strongparent) parentNode of element gets lost (bmo#335998)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=249
2011-12-23 20:44:10 +00:00
Wolfgang Rosenauer
3017ae6323 - update to Firefox 9 (bnc#737533)
* MFSA 2011-53/CVE-2011-3660
    Miscellaneous memory safety hazards (rv:9.0)
  * MFSA 2011-54/CVE-2011-3661 (bmo#691299)
    Potentially exploitable crash in the YARR regular expression
    library
  * MFSA 2011-55/CVE-2011-3658 (bmo#708186)
    nsSVGValue out-of-bounds access
  * MFSA 2011-56/CVE-2011-3663 (bmo#704482)
    Key detection without JavaScript via SVG animation
  * MFSA 2011-58/VE-2011-3665 (bmo#701259)
    Crash scaling <video> to extreme sizes

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=246
2011-12-20 20:07:17 +00:00
Wolfgang Rosenauer
a4c123508f Accepting request 96954 from openSUSE:Factory:ARM
fixed build for arm, not finally tested with v9 yet...

OBS-URL: https://build.opensuse.org/request/show/96954
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=245
2011-12-19 13:17:53 +00:00
Wolfgang Rosenauer
3df3bcb178 - update to Firefox 9
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=244
2011-12-18 13:13:18 +00:00
Wolfgang Rosenauer
02a5839fe7 - update to Firefox 9
- Fix accessibility under GNOME 3 (bnc#732898)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=243
2011-12-18 13:10:54 +00:00
OBS User buildservice-autocommit
8c4a34d482 Updating link to change in openSUSE:Factory/MozillaFirefox revision 138.0
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=126f158cd7a46f5c45e3cf1cef90a38f
2011-12-06 17:29:44 +00:00
Wolfgang Rosenauer
f645666476 - fix ppc64 build
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=240
2011-11-12 15:24:00 +00:00