Accepting request 47529 from mozilla:Factory

checked in (request 47529)

OBS-URL: https://build.opensuse.org/request/show/47529
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=94

MozillaThunderbird.changes

@@ -1,35 +1,3 @@
--------------------------------------------------------------------
-Mon Aug 30 17:40:28 CEST 2010 - wr@rosenauer.org
-
-- security update to version 3.1.3 (bnc#637303)
-  * MFSA 2010-49/CVE-2010-3169
-    Miscellaneous memory safety hazards
-  * MFSA 2010-50/CVE-2010-2765 (bmo#576447)
-    Frameset integer overflow vulnerability
-  * MFSA 2010-51/CVE-2010-2767 (bmo#584512)
-    Dangling pointer vulnerability using DOM plugin array
-  * MFSA 2010-53/CVE-2010-3166 (bmo#579655)
-    Heap buffer overflow in nsTextFrameUtils::TransformText
-  * MFSA 2010-54/CVE-2010-2760 (bmo#585815)
-    Dangling pointer vulnerability in nsTreeSelection
-  * MFSA 2010-55/CVE-2010-3168 (bmo#576075)
-    XUL tree removal crash and remote code execution
-  * MFSA 2010-56/CVE-2010-3167 (bmo#576070)
-    Dangling pointer vulnerability in nsTreeContentView
-  * MFSA 2010-57/CVE-2010-2766 (bmo#580445)
-    Crash and remote code execution in normalizeDocument
-  * MFSA 2010-59/CVE-2010-2762 (bmo#584180)
-    SJOW creates scope chains ending in outer object
-  * MFSA 2010-61/CVE-2010-2768 (bmo#579744)
-    UTF-7 XSS by overriding document charset using <object> type
-    attribute
-  * MFSA 2010-62/CVE-2010-2769 (bmo#520189)
-    Copy-and-paste or drag-and-drop into designMode document allows
-    XSS
-  * MFSA 2010-63/CVE-2010-2764 (bmo#552090)
-    Information leak via XMLHttpRequest statusText
-- ESD notification sound fix included upstream
-
 -------------------------------------------------------------------
 Mon Aug 30 17:37:58 CEST 2010 - wr@rosenauer.org
 

MozillaThunderbird.spec

@@ -1,5 +1,5 @@
 #
-# spec file for package MozillaThunderbird (Version 3.1.3)
+# spec file for package MozillaThunderbird (Version 3.1.1)
 #
 # Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #               2006-2010 Wolfgang Rosenauer <wr@rosenauer.org>
@@ -25,10 +25,10 @@ BuildRequires:  autoconf213 fdupes gcc-c++ hunspell-devel libcurl-devel libgnome
 BuildRequires:  nss-shared-helper-devel
 %endif
 License:        GPLv2+ ; LGPLv2.1+ ; MPLv1.1+
-%define mainversion 3.1.3
+%define mainversion 3.1.1
 Version:        %{mainversion}
-Release:        1
-%define releasedate 2010082400
+Release:        2
+%define releasedate 2010071400
 Summary:        The Stand-Alone Mozilla Mail Component
 Url:            http://www.mozilla.org/products/thunderbird/
 Group:          Productivity/Networking/Email/Clients
@@ -43,6 +43,7 @@ Source7:        find-external-requires.sh
 Source8:        MozillaThunderbird-rpmlintrc
 Source9:        enigmail-1.1.2.tar.bz2
 Source10:       create-tar.sh
+Patch1:         mozilla-esd.patch
 Patch2:         thunderbird-appname.patch
 Patch4:         tb-ssldap.patch
 Patch5:         tb-develdirs.patch
@@ -118,6 +119,7 @@ Software Development Kit to build plugins/extensions against Thunderbird.
 
 
 %if %crashreporter
+
 %package buildsymbols
 License:        GPLv2+ ; LGPLv2.1+ ; MPLv1.1+
 Summary:        Breakpad buildsymbols for %{name}
@@ -128,8 +130,8 @@ This subpackage contains the Breakpad created and compatible debugging
 symbols meant for upload to Mozilla's crash collector database.
 %endif
 
-
 %if %build_enigmail
+
 %package -n enigmail
 Version:        1.1.2
 Release:        2
@@ -156,6 +158,7 @@ This package contains the Enigmail OpenPGP Addon for Thunderbird and SeaMonkey.
 %endif
 # xulrunner patches
 pushd mozilla
+%patch1 -p1
 %patch8 -p1
 %patch9 -p1
 %patch10 -p1
@@ -449,6 +452,7 @@ exit 0
 %{_bindir}/%{progname}
 
 %if %localize
+
 %files translations-common -f %{_tmppath}/translations.common
 %defattr(-,root,root)
 
@@ -467,6 +471,7 @@ exit 0
 %{_includedir}/%{progname}/
 
 %if %build_enigmail
+
 %files -n enigmail
 %defattr(-,root,root)
 %dir %{_libdir}/mozilla
@@ -474,6 +479,7 @@ exit 0
 %endif
 
 %if %crashreporter
+
 %files buildsymbols
 %defattr(-,root,root)
 %{_datadir}/mozilla/

create-tar.sh

@@ -2,8 +2,8 @@
 
 
 BRANCH="releases/comm-1.9.2" # comm-central
-RELEASE_TAG="THUNDERBIRD_3_1_3_RELEASE"
-VERSION="3.1.3"
+RELEASE_TAG="THUNDERBIRD_3_1_1_RELEASE"
+VERSION="3.1.1"
 
 echo "cloning $BRANCH..."
 hg clone http://hg.mozilla.org/$BRANCH thunderbird

l10n-3.1.1.tar.bz2

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:fd10591b04f33727374412eb27580b4732e730b3e5d0f38ef6a36d3d2fcbf56d
+size 17904338

l10n-3.1.3.tar.bz2

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:1e31cc491f4da2f75db67dc0e913bc137a63edf6b6e692c28788149dbdf841a6
-size 17904014

mozilla-esd.patch

@@ -0,0 +1,91 @@
+diff --git a/widget/src/gtk2/nsSound.cpp b/widget/src/gtk2/nsSound.cpp
+--- a/widget/src/gtk2/nsSound.cpp
++++ b/widget/src/gtk2/nsSound.cpp
+@@ -52,36 +52,31 @@
+ #include "nsCOMPtr.h"
+ #include "nsAutoPtr.h"
+ #include "nsString.h"
+ 
+ #include <stdio.h>
+ #include <unistd.h>
+ 
+ #include <gtk/gtk.h>
+-/* used with esd_open_sound */
+-static int esdref = -1;
+ static PRLibrary *elib = nsnull;
+ static PRLibrary *libcanberra = nsnull;
+ static PRLibrary* libasound = nsnull;
+ 
+ // the following from esd.h
+ 
+ #define ESD_BITS8  (0x0000)
+ #define ESD_BITS16 (0x0001) 
+ #define ESD_MONO (0x0010)
+ #define ESD_STEREO (0x0020) 
+ #define ESD_STREAM (0x0000)
+ #define ESD_PLAY (0x1000)
+ 
+ #define WAV_MIN_LENGTH 44
+ 
+-typedef int (*EsdOpenSoundType)(const char *host);
+-typedef int (*EsdCloseType)(int);
+-
+ /* used to play the sounds from the find symbol call */
+ typedef int  (*EsdPlayStreamType) (int, int, const char *, const char *);
+ typedef int  (*EsdAudioOpenType)  (void);
+ typedef int  (*EsdAudioWriteType) (const void *, int);
+ typedef void (*EsdAudioCloseType) (void);
+ 
+ /* used to find and play common system event sounds.
+    this interfaces with libcanberra.
+@@ -126,50 +121,30 @@ NS_IMPL_ISUPPORTS2(nsSound, nsISound, ns
+ ////////////////////////////////////////////////////////////////////////
+ nsSound::nsSound()
+ {
+     mInited = PR_FALSE;
+ }
+ 
+ nsSound::~nsSound()
+ {
+-    if (esdref >= 0) {
+-        EsdCloseType EsdClose = (EsdCloseType) PR_FindFunctionSymbol(elib, "esd_close");
+-        if (EsdClose)
+-            (*EsdClose)(esdref);
+-        esdref = -1;
+-    }
+ }
+ 
+ NS_IMETHODIMP
+ nsSound::Init()
+ {
+     // This function is designed so that no library is compulsory, and
+     // one library missing doesn't cause the other(s) to not be used.
+     if (mInited) 
+         return NS_OK;
+ 
+     mInited = PR_TRUE;
+ 
+     if (!elib) {
+         elib = PR_LoadLibrary("libesd.so.0");
+-        if (elib) {
+-            EsdOpenSoundType EsdOpenSound =
+-                (EsdOpenSoundType) PR_FindFunctionSymbol(elib, "esd_open_sound");
+-            if (!EsdOpenSound) {
+-                PR_UnloadLibrary(elib);
+-                elib = nsnull;
+-            } else {
+-                esdref = (*EsdOpenSound)("localhost");
+-                if (esdref < 0) {
+-                    PR_UnloadLibrary(elib);
+-                    elib = nsnull;
+-                }
+-            }
+-        }
+     }
+ 
+     if (!libasound) {
+         PRFuncPtr func = PR_FindFunctionSymbolAndLibrary("snd_lib_error_set_handler",
+                                                          &libasound);
+         if (libasound) {
+             snd_lib_error_set_handler_fn snd_lib_error_set_handler =
+                  (snd_lib_error_set_handler_fn) func;

thunderbird-3.1.1-source.tar.bz2

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:c8a7ab80c8bf3aebbbb45c0c2092f15bd24fc2d8705ffef6b7e47ff81bad352f
+size 66169902

thunderbird-3.1.3-source.tar.bz2

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:212e0cf1402aed40e9e70b6e40ce0a8ed4123eb2d3dfb89ffa18806f5d8a9068
-size 66075965