| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: seamonkey-irc | Distribution: openSUSE Leap 16.0 |
| Version: 2.53.20 | Vendor: openSUSE |
| Release: lp160.1.1 | Build date: Tue Jan 7 14:14:58 2025 |
| Group: Productivity/Networking/IRC | Build host: reproducible |
| Size: 343144 | Source RPM: seamonkey-2.53.20-lp160.1.1.src.rpm |
| Packager: https://bugs.opensuse.org | |
| Url: https://www.seamonkey-project.org/ | |
| Summary: IRC for SeaMonkey | |
An IRC client (Chatzilla) for SeaMonkey.
MPL-2.0
* Tue Jan 07 2025 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.20
* Use Services.focus for bookmarking from mailnews in SeaMonkey bug
1925033.
* Replace the Bookmark Manager with the Firefox Library in
SeaMonkey: Another followup bug bug 1932731.
* Port bug 1458385 - Update SeaMonkey's confvars.sh bug 1913633.
* Tidy up channels code in cZ bug 1920565.
* Sometimes tag data from an IRC server doesn't contain a pair bug
1923211.
* Fix call to updateUsers in network onAway in cZbug 1923213.
* Remove unused XTLabelRecord from tree-utils.js in cZbug 1923215.
* Remove unused code from connection-xpcom.js in cZbug 1923219.
* Remove unusued code from utils.js in cZbug 1923221.
* Switch from using arrayContains helper to using JS Array includes
method in cZ bug 1923224.
* Switch from using arrayIndexOf helper to using JS Array includes
and indexOf methods in cZ bug 1923225.
* Switch from using arrayRemoveAt and arrayInsertAt helpers to using
JS Array splice and unshift methods in cZbug 1923227.
* Switch from using stringTrim helper to using JS string trim method
in cZ bug 1923229.
* Inline newObject function in cZ bug 1924338.
* Remove getWindowByType function from cZ bug 1924586.
* Inline viewCert function in cZ bug 1924587.
* Remove getSpecialDirectory function and use Services.dirsvc in cZ
bug 1924588.
* Remove getNSSErrorClass function and tidy up NSS related code in
cZ bug 1924589.
* Tidy message manager code in cZ bug 1924592.
* Remove getService helper and tidy up code around its callers in cZ
bug 1924595.
* Remove use of NSGetModule in cZ bug 1925871.
* Tidy up chatzilla-service.js bug 1926406.
* Use Intl.DateTimeFormat in cZ's strftime function bug 1927348.
* Remove unused code from pref-manager.js in cZ bug 1927370.
* Use Services.scriptloader in cZ bug 1927374.
* Use more Services in cZ bug 1927376.
* Tidy up some Components.* code in static.js in cZ bug 1927377.
* Switch to using listbox instead of tree for cZ chat window bug
1927582.
* Away status isn't reflected correctly in channel userlist in cZ
bug 1928749.
* Fix too much recursion and missing variable in cmdSave in cZ bug
1930391.
* Replace confirm helper with Services.prompt.confirm in cZ bug
1930396.
* Use Services.prompt in confirmEx, prompt and promptPassword
helpers in cZ bug 1930540.
* Use Services.prompt.alert and remove alert helper in cZ bug
1931705.
* Simplify getListFIle in cZ bug 1931707.
* Remove various const from file-utils.js in cZ bug 1931708.
* Remove unused 2nd argument from mkdir helper in file-utils.js in
cZ bug 1931709.
* Use LocalFile directly rather via helper fopen in cZ bug 1931710.
* Tidy up picker code in file-utils.js in cZ bug 1931712.
* Remove unnecessary type attributes in cZ bug 1933043.
* Clean up Components usage in cZ bug 1933081.
* Remove unused encodeForXMLAttribute function for cZ utils.js bug
1933083.
* Move renameProperty helper into lib/irc.js for cZ bug 1933084.
* Move formatDateOffset helper into handlers.js in cZ bug 1933085.
* Move objectContains helper into command-manager.js in cZ bug
1933086.
* Move splitLongWord helper into mungers.js in cZ bug 1933087.
* Move randomString helper into commands.js in cZ bug 1933089.
* Move Clone helper into commands.js in cZ bug 1933090.
* Move equalsObject helper into channels.js in cZ bug 1933092.
* Move matchEntry helper into static.js in cZ bug 1933093.
* Move getCommonPfx helper to handlers.js in cZ bug 1933342.
* Remove some code duplication in getSISize and getSISpeed helpers
and improve coding in scaleNumbersBy1024 in cZ bug 1933346.
* UI: Link for download of Themes leads to Themes for Thunderbird
bug 1656564.
* Add ESR 128 links to debugQA bug 1909855.
* Port changes needed from |Bug 1476333 - Consolidate the ways that
we reference "browser.xul" across the tree| to SeaMonkey bug
1911841.
* Switch from boxObject to getBoundingClientRect in utilityOverlay
bug 1911844.
* Align the SeaMonkey switchToTabHavingURI() call syntax with
Firefox and toolkit bug 1925037.
* Empty out SeaMonkey's removed-files.in (port bug 1392913) bug
1913579.
* Update SeaMonkey installer to register as handler for media types
bug 1925023.
* Remove obsolete chat services from SeaMonkey address book part2
bug 1909853.
* Add UI for browser.display.prefers_color_scheme to the SeaMonkey
colors prefpane bug 1909743.
* Update SeaMonkey wikipedia icon bug 1925021.
* Show specific placeholders for bookmarks and history in SeaMonkey
sidebar search bug 1925025.
* Adjust dragOver method of tabbrowser.xml to be closer to Firefox
version bug 1911845.
* Avoid boxObject where appropriate in tabbrowser bug 1911847.
* Simplify tab drop indicator code and styling bug 1911848.
* SeaMonkey 2.53.20 uses the same backend as Firefox and contains
the relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.20 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.8.0 release notes for
specific security fixes in this release.
* Additional important security fixes up to Current Firefox 115.19
and Thunderbird 115.19 ESR plus many enhancements have been
backported. We will continue to enhance SeaMonkey security in
subsequent 2.53.x beta and release versions as fast as we are able
to.
- Adapt seamonkey-man-page.patch for SeaMonkey 2.53.20
- Adapt seamonkey-GNUmakefile to set MOZBUILD_STATE_PATH and to fix
post-configure stamping per
https://bugzilla.mozilla.org/show_bug.cgi?id=1692516#c13
- Update minimum build requirements for SeaMonkey 2.53.20
- Remove .mozconfig options no longer recognized in SeaMonkey 2.53.20
- request inclusion in Leap 15.6:
https://bugzilla.opensuse.org/show_bug.cgi?id=1235392
* Mon Nov 25 2024 Tristan Miller <psychonaut@nothingisreal.com>
- disable --with-system-icu on Tumbleweed due to
https://bugzilla.mozilla.org/show_bug.cgi?id=1933117
- remove obsolete patch mozilla-bmo1862601.patch
* Thu Nov 07 2024 Tristan Miller <psychonaut@nothingisreal.com>
- enable patch mozilla-bmo1896958.patch for Leap 15.5
* Thu Sep 05 2024 Tristan Miller <psychonaut@nothingisreal.com>
- request inclusion in Leap 15.5 and 15.6:
https://bugzilla.opensuse.org/show_bug.cgi?id=1230257
* Wed Sep 04 2024 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.19
* Cancel button in SeaMonkey bookmarking star ui not working bug
1872623.
* Remove OfflineAppCacheHelper.jsm copy from SeaMonkey and use the
one in toolkit bug 1896292.
* Remove obsolete registerFactoryLocation calls from cZ bug 1870930.
* Remove needless implements='nsIDOMEventListener' and QI bug
1611010.
* Replace use of nsIStandardURL::Init bug 1864355.
* Switch SeaMonkey website from hg.mozilla.org to heptapod. bug
1870934.
* Allow view-image to open a data: URI by setting a flag on the
loadinfo bug 1877001.
* Save-link-as feature should use the loading principal and context
menu using nsIContentPolicy.TYPE_SAVE_AS_DOWNLOAD bug 1879726.
* Use punycode in SeaMonkey JS bug 1864287.
* Font lists in preferences are no longer grouped by font type, port
asynchronous handling like Bug 1399206 bug 1437393.
* SeaMonkey broken tab after undo closed tab with invalid protocol
bug 1885748.
* SeaMonkey session restore is missing the checkboxes in the Classic
theme bug 1896174.
* Implement about:credits on seamonkey-project.org website bug
1898467.
* Fix for the 0.0.0.0 day vulnerability oligo summary.
* Link in update notification does not open Browser bug 1888364.
* Update ReadExtensionPrefs in Preferences.cpp bug 1890196.
* Add about:seamonkey page to SeaMonkey bug 1897801.
* SeaMonkey 2.53.19 uses the same backend as Firefox and contains
the relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.19 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.8.0 release notes for
specific security fixes in this release.
* Additional important security fixes up to Current Firefox 115.14
and Thunderbird 115.14 ESR plus many enhancements have been
backported. We will continue to enhance SeaMonkey security in
subsequent 2.53.x beta and release versions as fast as we are able
to.
- Adapt seamonkey-man-page.patch for SeaMonkey 2.53.19
- Adapt seamonkey-GNUmakefile to create mach environment
- Build with GCC 13 on Tumbleweed due to build failures with GCC 14:
https://bugzilla.mozilla.org/show_bug.cgi?id=1916827
* Fri Jun 07 2024 Tristan Miller <psychonaut@nothingisreal.com>
- add patch mozilla-bmo1896958.patch adapted from
https://bugzilla.mozilla.org/show_bug.cgi?id=1896958 to fix
compilation with rust >= 1.78
- add patch mozilla-bmo1862601.patch adapted from
https://bugzilla.mozilla.org/show_bug.cgi?id=1862601 to fix
build failure using --system-icu on Tumbleweed
* Thu Mar 28 2024 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.18.2
* Block set-cookie from multipart/x-mixed-replace with pref bug
1864385.
* Check if WorkerRunnable::Run runs on top of
WorkerThreadPrimaryRunnable::Run in a worker thread bug 1867982.
* Process pairs in coord list in PolyArea bug 1878211.
* Cherry-pick update to dav1d bug 1881093.
* Land NSS NSS_3_90_2_RTM UPGRADE_NSS_RELEASE bug 1880562.
* Fix DSN for send later bug 815638.
* Catch webNavigation error during tab restore bug 1885748.
* SeaMonkey 2.53.18.2 uses the same backend as Firefox and contains
the relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.18.2 shares most parts of the mail and news code
with Thunderbird. Please read the Thunderbird 60.8.0 release notes
for specific security fixes in this release.
* Additional important security fixes up to Current Firefox 115.9
and Thunderbird 115.9 ESR plus many enhancements have been
backported. We will continue to enhance SeaMonkey security in
subsequent 2.53.x beta and release versions as fast as we are able
to.
- request inclusion in Leap 15.5 and 15.6:
https://bugzilla.opensuse.org/show_bug.cgi?id=1222137
* Mon Feb 26 2024 Dominique Leuenberger <dimstar@opensuse.org>
- Use %patch -P N instead of deprecated %patchN.
* Thu Feb 08 2024 Dominique Leuenberger <dimstar@opensuse.org>
- Replace python-devel and python2-xml BuildRequires with
python3-base: the build log already contains
Creating Python 3 environment
i.e, python2 was not used anymore (boo#1219739).
* Thu Jan 18 2024 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.18.1
* Update the NSS library to the latest esr 115 version for the final
2.53.18.1 release.
* SeaMonkey 2.53.18.1 uses the same backend as Firefox and contains
the relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.18.1 shares most parts of the mail and news code
with Thunderbird. Please read the Thunderbird 60.8.0 release notes
for specific security fixes in this release.
* Additional important security fixes up to Current Firefox 115.7
and Thunderbird 115.7 ESR plus many enhancements have been
backported. We will continue to enhance SeaMonkey security in
subsequent 2.53.x beta and release versions as fast as we are able
to.
- request inclusion in Leap 15.5 and 15.6:
https://bugzilla.opensuse.org/show_bug.cgi?id=1218961
* Sat Dec 09 2023 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.18
* Update Branding info bug 1841167.
* Use BugSplat for SeaMonkey crash reporting bug 1835524.
* Unify notifications and permissions in SeaMonkey bug 1849526.
* SeaMonkey 2.53.18 uses the same backend as Firefox and contains
the relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.18 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.8.0 release notes for
specific security fixes in this release.
* Additional important security fixes up to Current Firefox 115.5
and Thunderbird 115.5 ESR plus many enhancements have been
backported. We will continue to enhance SeaMonkey security in
subsequent 2.53.x beta and release versions as fast as we are able
to.
- remove obsolete patch seamonkey-binutils.patch
- remove obsolete patches 1817900-13-112a1.patch, 1849874-11503.patch,
and TOP-NOBUG-revendor-253172.patch
- request inclusion in Leap 15.4, 15.5, and 15.6:
https://bugzilla.opensuse.org/show_bug.cgi?id=1217916
- disable --with-system-nss on Leap 15.5 to work around build breakage
* Wed Nov 01 2023 Tristan Miller <psychonaut@nothingisreal.com>
- add 1817900-13-112a1.patch, 1849874-11503.patch, and
TOP-NOBUG-revendor-253172.patch to allow building with rust >= 1.48
- request inclusion in Leap 15.4 and 15.5:
https://bugzilla.opensuse.org/show_bug.cgi?id=1216797
* Wed Oct 04 2023 Tristan Miller <psychonaut@nothingisreal.com>
- add seamonkey-binutils.patch to allow building with binutils >= 2.41:
https://bugzilla.mozilla.org/show_bug.cgi?id=1856238
https://bugzilla.mozilla.org/show_bug.cgi?id=1846703
- add mozilla-bmo531915.patch to fix builds for x86:
https://bugzilla.mozilla.org/show_bug.cgi?id=531915
- request inclusion in Leap 15.4 and 15.5:
https://bugzilla.opensuse.org/show_bug.cgi?id=1215944
* Thu Sep 28 2023 Bernhard Wiedemann <bwiedemann@suse.com>
- Add reproducible.patch to override build date (boo#1047218)
* Thu Sep 21 2023 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.17.1
* Upstream libwebp security fix bug 1852749.
* CVE-2023-4863: Heap buffer overflow in libwebp bug 1852649.
* Fix bad string encoded in ansi. l10n fr problem only bug 1847887.
* SeaMonkey 2.53.17 uses the same backend as Firefox and contains
the relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.17 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.8.0 release notes for
specific security fixes in this release.
* Additional important security fixes up to Current Firefox 115.3
and Thunderbird 115.3 ESR plus many enhancements have been
backported. We will continue to enhance SeaMonkey security in
subsequent 2.53.x beta and release versions as fast as we are able
to.
- request inclusion in Leap 15.4 and 15.5:
https://bugzilla.opensuse.org/show_bug.cgi?id=1215585
* Fri Aug 04 2023 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.17
* Fix macOS Contacts permission request bug 1826719.
* Remove SeaMonkey 2.57 links from debugQA bug 1829683.
* Treat opening urls from the library as external bug 1619108.
* Disable spam warning for autogenerated links in plaintext messages
bug 619031.
* Switch SeaMonkey build files to Python 3 bug 1635849.
* Remove empty overlays from Composer bug 1828533.
* Move xpfe autocomplete to comm-central suite bug 1418512.
* Remove nsIPrefBranch2 and nsIPrefBranchInternal bug 1374847.
* SeaMonkey 2.53.17 uses the same backend as Firefox and contains
the relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.17 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.8.0 release notes for
specific security fixes in this release.
* Additional important security fixes up to Current Firefox 102.11
and Thunderbird 102.11 ESR plus many enhancements have been
backported. We will continue to enhance SeaMonkey security in
subsequent 2.53.x beta and release versions as fast as we are able
to.
* Adapt mozilla-nongnome-proxies.patch for SeaMonkey 2.53.17
* Adapt seamonkey-lto.patch for SeaMonkey 2.53.17
* Remove obsolete %clean section from seamonkey.spec
- request inclusion in Leap 15.4 and 15.5:
https://bugzilla.opensuse.org/show_bug.cgi?id=1213986
* Fri Mar 31 2023 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.16
* No throbber in plaintext editor bug 85498.
* Remove unused gridlines class from EdAdvancedEdit bug 1806632.
* Remove ESR 91 links from debugQA bug 1804534.
* Rename devtools/shim to devtools/startup bug 1812367.
* Remove unused seltype=text|cell css bug 1806653.
* Implement new shared tree styling bug 1807802.
* Use `win.focus()` in macWindowMenu.js bug 1807817.
* Remove WCAP provider bug 1579020.
* Remove ftp/file tree view support bug 1239239.
* Change calendar list tree to a list bug 1561530.
* Various other updates to the calendar code.
* Continue the switch from Python 2 to Python 3 in the build system.
* Verified compatibility with Rust 1.66.1.
* SeaMonkey 2.53.16 uses the same backend as Firefox and contains
the relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.16 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.8.0 release notes for
specific security fixes in this release.
* Additional important security fixes up to Current Firefox 102.9
and Thunderbird 102.9 ESR plus many enhancements have been
backported. We will continue to enhance SeaMonkey security in
subsequent 2.53.x beta and release versions as fast as we are able
to.
- update seamonkey-GNUmakefile patch per
https://bugzilla.mozilla.org/show_bug.cgi?id=1692516#c11 to reflect
changes in the new way of packing langpacks
- remove obsolete patch mozilla-language.patch
- remove obsolete patch seamonkey-spellcheck.patch
- remove --enable-system-hunspell from .mozconfig per
https://bugzilla.mozilla.org/show_bug.cgi?id=1820413
- add build dependency on clang
- request inclusion in Leap 15.4:
https://bugzilla.opensuse.org/show_bug.cgi?id=1209994
* Fri Jan 20 2023 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.15
* Microtasks and promises bug 1193394.
* Implement queueMicrotask()bug 1480236.
* Remove old synchronous contentPrefService from the tree bug 886907
and bug 1392929.
* Remove remaining uses of 'general.useragent.locale' bug 1410736
and bug 1410738.
* Migrate to intl.locale.requested.locale list from
'general.useragent.locale' bug 1441016.
* Introduce a pref to store BCP47 locale list bug 1414390, bug
1423532 and bug 1441026.
* Remove synchronous certificate verification APIs from
nsIX509CertDB bug 1453741 and bug 1453778.
* Taskbar preview's favicon appears blank bug 1475524.
* Call Imagelibs decodeImageAsyncWindows using a callback bug
1790695.
* Remove PermissionsService from process Windows sandboxing code bug
1788233, bug 1789782 and bug 1794394.
* Security info dialog doesn't show cert status anymore bug 1293378.
* Replace nsIPlatfromCharset in mailnews bug 1381762.
* Replace use of nsMsgI18NFileSystemCharset() with
NS_CopyUnicodeToNative/NS_CopyNativeToUnicode() bug 1506422.
* Cater for Outlook's/Hotmail's 'Deleted' folder bug 1320191.
* Make some filter methods scriptable bug 1497513.
* Fix crash in nsMsgFilterAfterTheFact::ApplyFilter() caused by
async reset of 'm_curFolder' bug 537017.
* Localize messages from nsIMsgFolder.logRuleHitFail() bug 1352731.
* Add logging of message filter runs and actions bug 697522.
* Check that we got a non-null header before running a filter on it
(and crashing) bug 1563959.
* With CONDSTORE, eliminate unneeded flag fetches at startup bug
1428097.
* Fix so custom tags (keywords) are visible to all users bug 583677.
* Improve handling of tags on shared folders bug 1596371.
* Allow setting/resetting junk marking by user for yahoo/aol to
stick bug 1260059.
* Don't check subject if spellchecker is not ready bug 1069787.
* Grammar issues in mailnews_account_settings.xhtml bug 1793291.
* Remove use of nsIMemory bug 1792578.
* Replace obsolete GetStringBundleService call in SeaMonkey bug
1794400.
* SeaMonkey crashes on MacOS Ventura 13.0 bug 1797696.
* Continue the switch from Python 2 to Python 3 in the build system.
* Added support for clang 15 and macOS SDK 11.3.
* Verified compatibility with Rust 1.65.
* SeaMonkey 2.53.15 uses the same backend as Firefox and contains
the relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.15 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.8.0 release notes for
specific security fixes in this release.
* Additional important security fixes up to Current Firefox 102.6
and Thunderbird 102.5 ESR plus many enhancements have been
backported. We will continue to enhance SeaMonkey security in
subsequent 2.53.x beta and release versions as fast as we are able
to.
- update seamonkey-GNUmakefile patch per
https://bugzilla.mozilla.org/show_bug.cgi?id=1692516#c9 to remove
obsolete stuff and fix handling of Latam Spanish
- remove build dependency on obsolete rust-std-static
- request inclusion in Leap 15.4:
https://bugzilla.opensuse.org/show_bug.cgi?id=1207332
* Thu Sep 29 2022 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.14
* Updates to the following DOM HTML element interfaces: Embed,
Object, Anchor, Area, Button, Frame, Canvas, IFrame, Link, Image,
MenuItem, TextArea, Source, Select, Option, Script and
Html. Please test add-ons.
* Continue the switch from Python 2 to Python 3 in the build system.
* Add ESR 102 links to debugQA bug 1779028.
* Remove about plugins from help menu bug 1779031.
* Dead links in cs_nav_prefs_advanced.xhtml [en-US] bug 1783558.
* Dead links in cs_nav_prefs_advanced.xhtml bug 1786030.
* Remove obsolete chat services from SeaMonkey address book bug
1779034.
* Address Book: "Get Map" button is not shown for home addresses bug
1779319.
* Added compatibility for rust 1.63
* SeaMonkey 2.53.14 uses the same backend as Firefox and contains
the relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.14 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.8.0 release notes for
specific security fixes in this release.
* Additional important security fixes up to Current Firefox 91.11
and Thunderbird 91.11 ESR plus many enhancements have been
backported. We will continue to enhance SeaMonkey security in
subsequent 2.53.x beta and release versions as fast as we are able
to.
- add seamonkey-spellcheck.patch to work around a circular dependency
issue when compiling with GCC 12
- requested inclusion in Leap 15.4 and 15.3:
https://bugzilla.opensuse.org/show_bug.cgi?id=1203916
* Mon Jul 11 2022 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.13
* Updates to devtools.
* Updates to build configuration.
* Starting the switch from Python 2 to Python 3 in the build system.
* Removal of array comprehensions, legacy iterators and generators
bug 1414340 and bug 1098412.
* Adding initial optional chaining and Promise.allSettled() support.
* SeaMonkey 2.53.13 uses the same backend as Firefox and contains
the relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.13 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.8.0 release notes for
specific security fixes in this release.
* Additional important security fixes up to Current Firefox 91.11
and Thunderbird 91.11 ESR plus many enhancements have been
backported. We will continue to enhance SeaMonkey security in
subsequent 2.53.x beta and release versions as fast as we are able
to.
- adapt seamonkey-man-page.patch for SeaMonkey 2.53.13
- disable LTO for Tumbleweed builds due to linker errors
- requested inclusion in Leap 15.4 and 15.3:
https://bugzilla.opensuse.org/show_bug.cgi?id=1201406
* Tue Jun 14 2022 Guillaume GARDET <guillaume.gardet@opensuse.org>
- Add --disable-elf-hack for aarch64 to fix build
* Wed May 04 2022 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.12
* Format Toolbar forgets its hidden status when switching to other
view modes bug 1719020.
* Remove obsolete plugin code from SeaMonkey bug 1762733.
* Fix a few strict warnings in SeaMonkey bug 1755553.
* Remove Run Flash from Site permissions and page info bug 1758289.
* Use fixIterator and replace use of removeItemAt in
FilterListDialog bug 1756359.
* Remove RDF usage in tabmail.js bug 1758282.
* Implement 'Edit Template' and 'New Message From Template' commands
and UI bug 1759376.
* [SM] Implement 'Edit Draft' command and hide it when not in a
draft folder (port Thunderbird bug 1106412) bug 1256716.
* Messages in Template folder need "Edit Template" button in header
(like for Drafts) bug 80280.
* Refactor and simplify the feed Subscribe dialog options updates
bug 1420473.
* Add system memory and disk size and placeDB page limit to
about:support bug 1753729.
* Remove warning about missing plugins in SeaMonkey 2.53 and 2.57
bug 1755558.
* SeaMonkey 2.53.12 uses the same backend as Firefox and contains
the relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.12 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.8.0 release notes for
specific security fixes in this release.
* Additional important security fixes up to Current Firefox 91.9 and
Thunderbird 91.9 ESR plus many enhancements have been
backported. We will continue to enhance SeaMonkey security in
subsequent 2.53.x beta and release versions as fast as we are able
to.
- remove/update references to obsolete gtk2 directory
- requested inclusion in Leap 15.3:
https://bugzilla.opensuse.org/show_bug.cgi?id=1199197
* Fri Mar 25 2022 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.11.1
* Fix edge case when setting IntersectionObserver threshold bug
1758291.
* OAuth2 prefs should use realuserName instead of username bug
1518126.
* SeaMonkey 2.53.11.1 uses the same backend as Firefox and contains
the relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.11.1 shares most parts of the mail and news code
with Thunderbird. Please read the Thunderbird 60.8.0 release notes
for specific security fixes in this release.
* Additional important security fixes up to Current Firefox 91.7 and
Thunderbird 91.7 ESR plus many enhancements have been
backported. We will continue to enhance SeaMonkey security in
subsequent 2.53.x beta and release versions as fast as we are able
to.
- requested inclusion in Leap 15.3:
https://bugzilla.opensuse.org/show_bug.cgi?id=1197518
* Thu Mar 03 2022 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.11
* Remove obsolete MOZ_EXTENSIONS check in suite bug 1749146.
* Add connect button to cZ Networks Editor bug 1736443.
* Remove freenode remnants from ChatZilla in SeaMonkey bug 1741082.
* Prefer secure over insecure protocol in network list in ChatZilla
bug 1744440.
* Composer - Change tag textbox is not removed after use bug
1755369.
* Clean up repo links in debugQA bug 1746790.
* Fix misspelled references to macOS in suite bug 1749144.
* Remove obsolete references to Java and Flash bug 1749141.
* Help button not working in delete cert dialog bug 1750386.
* Rearrange Message Filter Dialog to make room for new features bug
1735053.
* Use Insert key as shortcut to create new message filters bug 1735055.
* Rename some variables used in SeaMonkey's FilterListDialog to
match Thunderbird's bug 1735056.
* Implement Copy to New message filter functionality bug 1735057.
* Add move to top / bottom buttons to message filters bug 1735059.
* Add preference to not prompt for message filter deletion bug
1735061.
* Clean up folder handling in FilterListDialog bug 1736425.
* Add refresh function to Filter list dialog so that it can be
updated when already open and new filters are added externally bug
1737450.
* Use listbox rather than tree in FilterListDialog bug 1746081.
* MsgFilterList(args) should take targetFilter and pass it to
FilterListDialog bug 1753891.
* Mail&News' start.xhtml: "We" link broken bug 1748178.
* Add search functionality to filter dialog bug 1749207.
* Move the taskbar refresh timer in SeaMonkey to idle dispatch bug
1746788.
* Prevent subresource loads from showing the progress indicator on
the tab in SeaMonkey bug 1746787.
* SeaMonkey 2.53.11 uses the same backend as Firefox and contains
the relevant Firefox 60.8 security fixes.
* Additional important security fixes up to Current Firefox 91.6 ESR
and a few enhancements have been backported. We will continue to
enhance SeaMonkey security in subsequent 2.53.x beta and release
versions as fast as we are able to.
* SeaMonkey 2.53.11 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.0 release notes for
specific changes and security fixes in this release.
- adapt seamonkey-man-page.patch for SeaMonkey 2.53.11
- requested inclusion in Leap 15.3:
https://bugzilla.opensuse.org/show_bug.cgi?id=1196703
* Tue Feb 15 2022 Bjørn Lie <bjorn.lie@gmail.com>
- Drop pkgconfig(gconf-2) BuildRequires and pass ac_add_options
- -disable-gconf to mozconfig. As we already are using cairo-gtk3,
gconf support serves no purpose (gio/gsettings takes care).
* Tue Dec 28 2021 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.10.2
* Obtain Windows code-signing certificate for SeaMonkey binary and
update signing bug 1438084.
* Support SHA-2 hashes in CertIDs in OCSP responses - port of bug
1746221.
* Fix rust 1.57 Windows linking for SeaMonkey 2.53 bug 1746785.
* SeaMonkey 2.53.10.2 uses the same backend as Firefox and contains
the relevant Firefox 60.8 security fixes.
* Additional important security fixes up to Current Firefox 91.4.1
ESR and a few enhancements have been backported. We will continue
to enhance SeaMonkey security in subsequent 2.53.x beta and
release versions as fast as we are able to.
* SeaMonkey 2.53.10.2 shares most parts of the mail and news code
with Thunderbird. Please read the Thunderbird 60.0 release notes
for specific changes and security fixes in this release.
- requested inclusion in Leap 15.3:
https://bugzilla.opensuse.org/show_bug.cgi?id=1194114
* Mon Dec 13 2021 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.10.1
* Security fix for NSS code bug 1737470.
* Only use networks and servers in lower case in ChatZilla bug
1742502.
* Change classic form icon in SeaMonkey composer bug 1710915.
* Addition fixes for SeaMonkey 32x32 default icons on Windows and
macOS bug 1729153.
* SeaMonkey 2.53.10.1 uses the same backend as Firefox and contains
the relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.10.1 shares most parts of the mail and news code
with Thunderbird. Please read the Thunderbird 60.0 release notes
for specific changes and security fixes in this release.
* Additional important security fixes up to Current Firefox 91.4 ESR
and a few enhancements have been backported. We will continue to
enhance SeaMonkey security in subsequent 2.53.x beta and release
versions as fast as we are able to.
- Remove unused build dependency on libidl-devel.
- requested inclusion in Leap 15.3:
https://bugzilla.opensuse.org/show_bug.cgi?id=1193668
* Tue Nov 16 2021 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.10
* Minor fixes for testdisplay command in ChatZilla bug 1727976.
* Show CTCP requests (excluding ACTION and DCC) bug 1722156.
* IRCv3: Add support for server-time bug 1724586.
* Add localization note for network editor dialog width in ChatZilla
bug 1727977.
* IRCv3: Add support for extended-join and account-notify bug
1722159.
* Add ability to collapse message groups in ChatZilla bug 1724588.
* Fix JS strict warnings in unescapeTagValue in ChatZilla bug
1727989.
* IRCv3: Add support for invite-notify bug 1722161.
* IRCv3: Add support for batch bug 1724589.
* Fix JS strict warning in addHistory in cZ static.js bug 1727992.
* IRCv3: Add support for cap-notify bug 1722162.
* Stop using canonical name as collection keys in ChatZilla bug
1728025.
* IRCv3: Add support for TLS and STS bug 1722166.
* Helper function for renaming irc server properties in ChatZilla
bug 1728027.
* IRCv3: Add support for MONITOR bug 1722174.
* Remove use of msg.commasp in ChatZilla bug 1726965.
* Allow shiftKey to modify behaviour of link clicking in cZ bug
1713458.
* IRCv3: Add support for echo-message bug 1722211.
* In ChatZilla make /commands return all matches starting with
pattern bug 1726966.
* Use SeaMonkey prefs to determine how links behave in cZ bug
1713467.
* Allow parameters to be localised in ChatZilla bug 1724105.
* Add identify command to cZ and hook into password management bug
1713470.
* IRCv3.1: Implement SASL with PLAIN mechanism bug 1717545.
* IRCv3: Add support for message tags bug 1724584.
* Add last read message divider to ChatZilla bug 1729159.
* IRCv3: Add support for account-tag bug 1724585.
* Missing option "text encoding Unicode/UTF-8" in preferences -
Mailnews bug 1679260.
* Detect Crashreporter using AppConstants in SeaMonkey bug 1735236.
* Link about LEGACY extensions in Add-ons Manager is broken bug
1656797.
* Update help for clear private data preferences and dialog bug
1728911.
* Fix typo in cs_nav_prefs_appearance bug 1737473.
* Drop leftover "Edit Menu" comment from messageWindow.xul and
addressbook.xul bug 1725121.
* Add dummy tab routines to SeaMonkey mailnews tab browser bug
1735243.
* Folder pane and tab/window title not updated correctly when
opening in new tab bug 1726940.
* Allow mail tab bar to be controlled separately to browser tab bar
bug 1724515.
* Copy any user set values for new mail.tabs prefs bug 1729165.
* Merge Master Passwords and Passwords pref panes into a single pref
pane bug 1728099.
* Move warning about redirection pref from Content to Privacy &
Security pane bug 1728185.
* Move website icons prefs from content pref pane to browser pref
pane bug 1727425.
* Move browser / mailnews system integration prefs into advanced
pane bug 1727659.
* Have separate opentabfor.middleclick for mailnews bug 1727948.
* Add removeBrowser helper for tabbrowser bug 1730391.
* Put <browser> in a <stack> so it's easy to overlay bug 1730392.
* Allow browser focus to be avoided bug 1720003.
* SeaMonkey 32x32 default icon has light stripe at the bottom bug
1729153.
* Support <input type=time> and <input type=date> in SeaMonkey bug
1730408.
* Middleclick on browser tab handled twice (closes tab and loads URL
from primary or clipboard) bug 1734407.
* Unable to create a new "Saved Search Folder" using "Save View as a
Folder..." bug 1738669.
* Enable compression for standard http connections bug 1728996.
* Support VS2022 for compiling under Windows bug 1728988.
* SeaMonkey 2.53.10 uses the same backend as Firefox and contains
the relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.10 shares most parts of the mail and news code
with Thunderbird. Please read the Thunderbird 60.0 release notes
for specific changes and security fixes in this release.
* Additional important security fixes up to Current Firefox 78.15
ESR and a few enhancements have been backported. We will continue
to enhance SeaMonkey security in subsequent 2.53.x beta and
release versions as fast as we are able to.
- requested inclusion in Leap 15.3 and Leap 15.2:
https://bugzilla.opensuse.org/show_bug.cgi?id=1192742
* Tue Sep 28 2021 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.9.1
* Fix the lazy loading of images from some websites bug 1727967.
* Move certain font family defaults from serif to sans serif bug
1727982.
* SeaMonkey 2.53.9.1 uses the same backend as Firefox and contains
the relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.9.1 shares most parts of the mail and news code
with Thunderbird. Please read the Thunderbird 60.0 release notes
for specific changes and security fixes in this release.
* Additional important security fixes up to Current Firefox 78.14
ESR and a few enhancements have been backported. We will continue
to enhance SeaMonkey security in subsequent 2.53.x beta and
release versions as fast as we are able to.
- requested inclusion in Leap 15.3 and Leap 15.2:
https://bugzilla.opensuse.org/show_bug.cgi?id=1191022
* Thu Aug 26 2021 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.9
* There is now an option to clear browser history during shutdown
bug 1621445.
* Uninstall plugin command for ChatZilla bug 541719.
* Update icons used in ChatZilla status bar bug 1710238 and bug
1710249.
* Make ChatZilla understand mIRC color code 99 bug 1710298.
* Implement IRCv3 basic CAP negotiation bug 1717539 and CAP LIST and
update CAP ACK and CAP LS bug 1710313.
* Use Unicode instead of images for emojis in ChatZilla bug 1711375
and add some extra emojis bug 1711376.
* Use SeaMonkey's configured web search rather than a separate one
in ChatZilla bug 1712498.
* Add a networks editor to ChatZilla bug 1716232.
* Implement IRCv3 away-notify bug 1717543, chghost and
userhost-in-names bug 1717544, self-messaging bug 1722212 and WHOX
bug 1722214.
* Link to SeaMonkey website in debugQA for verification sites and
development section bug 1685606.
* Send button should be disable until we have a recipient bug
104973.
* Remove need to use a modifier for marking messages as unread bug
1719216.
* SeaMonkey 2.53.9 uses the same backend as Firefox and contains the
relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.9 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.0 release notes for
specific changes and security fixes in this release.
* Additional important security fixes up to Current Firefox 78.13
ESR and a few enhancements have been backported. We will continue
to enhance SeaMonkey security in subsequent 2.53.x beta and
release versions as fast as we are able to.
- removed obsolete patch seamonkey-packed_simd.patch (integrated
upstream)
- update seamonkey-lto.patch to work with 2.53.9
- requested inclusion in Leap 15.3 and Leap 15.2:
https://bugzilla.opensuse.org/show_bug.cgi?id=1189845
* Thu Aug 19 2021 Tristan Miller <psychonaut@nothingisreal.com>
- add upstream patch seamonkey-packed_simd.patch which allows
packed_simd to compile with Rust 1.54
* Tue Jul 27 2021 Guillaume GARDET <guillaume.gardet@opensuse.org>
- Remove --disable-elf-hack when not available: aarch64 and ppc64*
* Thu Jul 22 2021 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.8.1
* Archive message action does not work bug 1718839.
* Do not preserve offlineMsgSize parameter when moving/copying
emails between folders bug 1720202 and bug 1430480.
* Move thread code to threadPane.js and remove messengerdnd.js bug
515675.
* SeaMonkey 2.53.8.1 uses the same backend as Firefox and contains
the relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.8.1 shares most parts of the mail and news code
with Thunderbird. Please read the Thunderbird 60.0 release notes
for specific changes and security fixes in this release.
* Additional important security fixes up to Current Firefox 78.12
ESR and a few enhancements have been backported. We will continue
to enhance SeaMonkey security in subsequent 2.53.x beta and
release versions as fast as we are able to.
- requested inclusion in Leap 15.3 and Leap 15.2:
https://bugzilla.opensuse.org/show_bug.cgi?id=1188614
* Thu Jul 08 2021 Tristan Miller <psychonaut@nothingisreal.com>
- requested inclusion in Leap 15.3 and Leap 15.2:
https://bugzilla.opensuse.org/show_bug.cgi?id=1188100
* Wed Jul 07 2021 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.8
* Serious performance improvements and bug fixes tracked in bug
1633339 and bug 1711050.
* Language attributes with country codes not recognized when
building the Website Navigation Bar link toolbar bug 134436 and
bug 1709443.
* Optimize SeaMonkey icons for speed and optional higher quality for
branding bug 1362210 and bug 1699322.
* Support from= option when opening email compose window from the
command line bug 1628671.
* Update subject handling and GenericSendMessage function in compose
window bug 1693994.
* All message windows should update when view preferences are
changed bug 1694765.
* Improve marking of multiple messages as read / unread bug 1700530.
* Show version numbers again in the add-on manager by the partial
backout of bug 1161183.
* Update available networks in chatZilla (including adding
libera.chat)bug 1704392 and bug 1712505.
* Change default port for IRC via TLS/SSL to 6697 bug 1704280.
* Remove chatZilla and Lightning extension language packs and
incorpate localisations within the main language pack bug 1604663.
* Fix address drag and drop handling in compose window bug 1712002
and bug 1712227.
* Further fixes for legacy generators and the deprecated for each
statement in add-ons and the Add-on SDK bug 1702903.
* For developers, fork DOMi repo into main SeaMonkey one which means
no need to separately checkout the extension bug 1700003.
* SeaMonkey 2.53.8 uses the same backend as Firefox and contains the
relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.8 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.0 release notes for
specific changes and security fixes in this release.
* Additional important security fixes up to Current Firefox 78.11
ESR and a few enhancements have been backported. We will continue
to enhance SeaMonkey security in subsequent 2.53.x beta and
release versions as fast as we are able to.
- removed obsolete seamonkey-websocketloop.patch and
seamonkey-rustc-bootstrap.patch (now integrated upstream)
* Tue May 18 2021 Tristan Miller <psychonaut@nothingisreal.com>
- add patch seamonkey-rustc-bootstrap.patch adapted from
https://bugzilla.mozilla.org/show_bug.cgi?id=1710154 to enable
compilation with rust >= 1.50.0
* Wed May 05 2021 Tristan Miller <psychonaut@nothingisreal.com>
- update GNU Makefile from upstream
https://bugzilla.mozilla.org/show_bug.cgi?id=1692516#c8 -- besides
some general improvements, this Makefile now allows the language
packs for the bundled extensions to be split off again if desired
(though our spec file does not yet take advantage of this)
* Tue May 04 2021 Tristan Miller <psychonaut@nothingisreal.com>
- use system libraries for bz2, webp, and icu to reduce package size
and because this is probably more secure (since our own libraries
are probably updated more often than the ones bundled with
SeaMonkey)
* Wed Apr 28 2021 Tristan Miller <psychonaut@nothingisreal.com>
- add upstream patch seamonkey-websocketloop.patch from
https://bugzilla.mozilla.org/attachment.cgi?id=9218795&action=diff
to solve critical performance issue
https://bugzilla.mozilla.org/show_bug.cgi?id=1633339
* Tue Apr 27 2021 Tristan Miller <psychonaut@nothingisreal.com>
- requested inclusion in Leap 15.2:
https://bugzilla.opensuse.org/show_bug.cgi?id=1185349
* Tue Apr 20 2021 Tristan Miller <psychonaut@nothingisreal.com>
- remove check for .mkdir.done, as these files are no longer generated
- remove check for text files with the executable bit incorrectly set,
as the only remaining files in the source tree with this problem are
ones that don't get installed anyway:
https://bugzilla.mozilla.org/show_bug.cgi?id=1706019
- revise/improve spec file comments
- update package description to clarify compatibility with Firefox
extensions
- update package description to reference bundled calendar
* Tue Apr 20 2021 Tristan Miller <psychonaut@nothingisreal.com>
- re-enable elf-hack for x86_64 builds as this is no longer preventing
compilation: https://bugzilla.mozilla.org/show_bug.cgi?id=1619776
* Mon Apr 19 2021 Tristan Miller <psychonaut@nothingisreal.com>
- remove --disable-optimize flag (added on Sat Sep 20 14:53:01 UTC
2014 as a result of bnc#896624) as compilation on ix86 with the
default optimizations seems to work fine now
* Mon Apr 19 2021 Tristan Miller <psychonaut@nothingisreal.com>
- add patch to install SeaMonkey's new man page:
seamonkey-man-page.patch
* Sun Apr 18 2021 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.7.1
* Fix for legacy generators and the deprecated for each statement in
add-ons and the Add-on SDK bug 1702903.
* Fix for handling of dead keys in text input fields in GTK 3.24.26+
bug 1701288.
* SeaMonkey 2.53.7.1 uses the same backend as Firefox and contains
the relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.7.1 shares most parts of the mail and news code
with Thunderbird. Please read the Thunderbird 60.0 release notes
for specific changes and security fixes in this release.
* Additional important security fixes up to Current Firefox 78.8 ESR
and a few enhancements have been backported. We will continue to
enhance SeaMonkey security in subsequent 2.53.x beta and release
versions as fast as we are able to.
* Sun Apr 18 2021 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.7
* Remove Flash and NPAPI support bug 1688415.
* Switch packaged extensions to be global bug 1659298.
* Add Insert Forms to Composer bug 1684611.
* Fix an issue with copying to IMAP sent folder and some reference
count leaks in mailnews bug 1689890.
* Tailing to delay tracker requests and enhance performance has been
enabled bug 1358060.
* Fix an issue with favorite and recent folders not showing in macOS
bug 1695869.
* Various security and general platform fixes.
* The ChatZilla source has been integrated into SeaMonkey and no
longer needs to be checked out separately if you build your own
release bug 1551033.
* SeaMonkey 2.53.7 uses the same backend as Firefox and contains the
relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.7 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.0 release notes for
specific changes and security fixes in this release.
* Additional important security fixes up to Current Firefox 78.8 ESR
and a few enhancements have been backported. We will continue to
enhance SeaMonkey security in subsequent 2.53.x beta and release
versions as fast as we are able to.
- update GNU Makefile per
https://bugzilla.mozilla.org/show_bug.cgi?id=1692516#c6
* provide a way to auto-select es-AR locale on any Spanish one but
es-ES
* Sun Apr 18 2021 Tristan Miller <psychonaut@nothingisreal.com>
- restore Chatzilla and DOM Inspector packages disabled in Revision
333; these extensions were long since re-enabled upstream but
apparently we had forgotten to re-enable them in the spec file
* Fri Apr 16 2021 Tristan Miller <psychonaut@nothingisreal.com>
- add --disable-install-strip to .mozconfig; fixes #1184851
* Fri Apr 16 2021 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.6
* Improve usability of multiple mailboxes/folders selectionbug
1600103.
* Add Greek localisation (el).
* Remove more RDF from mailnews code.
* Switch to mozilla as topsrcdir and component for building is
comm/suite now.
* Rust support is now up to 1.48 and official build is now using
1.47.0
* Various security and general platform fixes.
* SeaMonkey 2.53.6 uses the same backend as Firefox and contains the
relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.6 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.0 release notes for
specific changes and security fixes in this release.
* Additional important security fixes up to Current Firefox 78.6 ESR
and a few enhancements have been backported. We will continue to
enhance SeaMonkey security in subsequent 2.53.x beta and release
versions as fast as we are able to.
- rewrote spec file to account for SeaMonkey's new build system, including
a new Makefile from Dmitry Butskoy: #1181525#c3
- merged the translations-common and translations-other subpackages into
the main package; it is no longer convenient/consistent to keep these
separate because localizations for the integrated IRC and Calendar
clients are already merged in the source. This also solves #1181525.
- enabled and bundled Calendar (Lightning) extension
- cleaned up spec file to remove conditions targeting long-obsolete
openSUSE versions
- disabled elf-hack on i586 builds, as it was preventing compilation
* Tue Apr 13 2021 Tristan Miller <psychonaut@nothingisreal.com>
- add patch to enable builds with Rust >= 1.48 on Tumbleweed
https://bugzilla.mozilla.org/show_bug.cgi?id=1617782#c22
* Fri Nov 20 2020 Tristan Miller <psychonaut@nothingisreal.com>
- requested inclusion in Leap 15.1 and 15.2:
https://bugzilla.opensuse.org/show_bug.cgi?id=1179010
* Thu Nov 19 2020 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.5.1
* Fix advertising of av1 support bug 1490877.
* Fix some issues found with supporting new macOS.
* Various security and general platform fixes.
* Sat Nov 14 2020 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.5
* Provide WebP support bug 1653869.
* Add startpage.com as a search engine available to all locales bug
1655283.
* Added av1 support.
* Included latest version of freetype2.
* Added support for the resizeObserver web API.
* Support for rust 1.47.0 on Linux and macOS platforms.
* Dropped support for use of system sqlite.
* Various security and general platform fixes.
* SeaMonkey 2.53.5 uses the same backend as Firefox and contains the
relevant Firefox 60.8 security fixes
* SeaMonkey 2.53.5 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.0 release notes for
specific changes and security fixes in this release.
* Additional important security fixes up to Current Firefox 78.4 ESR
and a few enhancements have been backported. We will continue to
enhance SeaMonkey security in subsequent 2.53.x beta and release
versions as fast as we are able to.
* Wed Sep 23 2020 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.4
* This version makes changes to your profile that can't be reverted
in case you want to go back to a previous version of
SeaMonkey. You MUST absolutely do a full backup of your profile
before trying SeaMonkey 2.53.4.
* Added translation for Bokmål (nb_NO)
* Upgraded NSS to 3.53.1 bug 1643859.
* Updated to Unicode 11 for SpiderMonkey bug 1466471.
* Updated bundled Twemoji Mozilla font to v0.5.1 to support newer
emojis bug 1644346.
* Updated how photos are handled in the addressbook bug 1641705.
* Removed outdated RSS feed handlers bug 1643716.
* Fix initialisation of TodayPane mini-day, to show the right day
bug 1479628.
* Fixed sizing issue of HTML mail question (askSendFormat) dialog
bug 1583415.
* Update of help page content and links.
* Various security and general platform fixes.
* SeaMonkey 2.53.4 uses the same backend as Firefox and contains the
relevant Firefox 60.6 security fixes.
* SeaMonkey 2.53.4 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.0 release notes for
specific changes and security fixes in this release.
* Additional important security fixes up to Current Firefox 78.1 ESR
and a few enhancements have been backported. We will continue to
enhance SeaMonkey security in subsequent 2.53.x beta and release
versions as fast as we are able to.
- Added patch seamonkey-lto.patch which corrects the LTO syntax
when compiling with GCC
* Mon Jul 20 2020 Tristan Miller <psychonaut@nothingisreal.com>
- requested inclusion in Leap 15.1 and 15.2:
https://bugzilla.opensuse.org/show_bug.cgi?id=1174300
* Sat Jul 18 2020 Tristan Miller <psychonaut@nothingisreal.com>
- update appdata files (Bug 1174192):
* correct metadata licensing information (most of the application
descriptions had been taken from
https://www.seamonkey-project.org/doc/features which according to
the page footer is licensed under CC-BY-SA-3.0)
* update the metadata summary and the introduction in the metadata
description to more accurately reflect what SeaMonkey is, giving
less prominence to the long-discontinued Mozilla Application Suite
that many users may no longer be familiar with
* update the metadata name to more accurately reflect the name
or purpose of the application
* update the metadata URL with the current SeaMonkey website
* Wed Jul 15 2020 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.3
* The LaTex tool TexZilla, used for inserting Math, has been
upgraded to 1.0.2.
* It is now possible to customize the toolbars in Composer and the
formatting toolbar in Mailnews composition.
* All folders of an account can now be marked as read.
* There is now an option for not advertizing SeaMonkey at all in the
user agent.
* The preference for hiding the toolbar and menubar grippies can now
be changed from "Preferences->Appearance".
* The preference "browser.tabs.autoHide" which autohides the tab bar
when there is only one tab in a browser window open has been
flipped in bug 1634879. SeaMonkey will now show the tab bar as the
default. You can change it back by checking "Hide the tab bar when
only one tab is open" in "Preferences->Browser->Tabbed Browsing"
* Update of help page content and links.
* SeaMonkey language packs are now version specific and will be
disabled as part of the profile upgrade following the installation
of a later version.
* Search Engines have been centralized and updated in bug 1300198.
* Address book now has updated IM fields, improved layout for card
view pane, improved multi-word search, ability to search across
multiple address books, more granular prompts when deleting items,
print on the context menus and print button on the toolbar.
* Multimedia support has been updated in preparation of supporting
more audio video formats in the next releases. For enhanced
security the Rust multimedia parser is now used for this and the
libstagefright package has been removed.
* SeaMonkey 2.53.3 uses the same backend as Firefox and contains the
relevant Firefox 60.4 security fixes.
* SeaMonkey 2.53.3 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.0 release notes for
specific changes and security fixes in this release.
* Additional important security fixes up to Current Firefox 77 and a
few enhancements have been backported.
- Fix exclusion list syntax in create-tars.sh script
- Disable LTO on i586 builds as these are once again failing due to
memory issues
* Tue Jun 02 2020 Tristan Miller <psychonaut@nothingisreal.com>
- Re-enable LTO on Tumbleweed builds after increasing available
memory in _constraints
* Sun May 10 2020 Tristan Miller <psychonaut@nothingisreal.com>
- Disable LTO on Tumbleweed builds to work around issues on
build.opensuse.org:
https://bugzilla.opensuse.org/show_bug.cgi?id=1171414
* Fri May 08 2020 Tristan Miller <psychonaut@nothingisreal.com>
- Update create-tars.sh script to more precisely exclude unwanted
VCS files; the previous exclusion list would have eventually
triggered the bug at
https://bugzilla.mozilla.org/show_bug.cgi?id=1621564
* Thu May 07 2020 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.2
https://www.seamonkey-project.org/releases/seamonkey2.53.2/
* Scrollbars have been switched over to the native gtk3 theme in bug
1625754. If your theme does not show scrollbar buttons and you
would like to see them try editing ~/.config/gtk-3.0/gtk.css and
adding the following:
{
- GtkScrollbar-has-backward-stepper: 1;
- GtkScrollbar-has-forward-stepper: 1;
}
* The download progress dialog has been fixed and is now showing the
correct status for downloads. Some downloads may not show the
transferred count. This problem is under investigation.
* SeaMonkey is now translated and available in Finnish and Georgian.
* Because of website compatibility issues and privacy concerns the
Lightning version is no longer appended to the user agent string
and has been removed from the preferences dialog.
* Advanced Layers has been activated on Windows. This should boost
performance on some websites. If you experience graphics problems
please disable it by setting the pref "layers.mlgpu.enabled" to
false.
* Whether the native app chooser is used in Linux is now controlled
via a preference setting in the Helper Applications preference
pane.
* In the Modern theme, popup notifications have improved styling and
column headers now display sort direction arrows.
* The column picker and folder view have been reinstated for the
bookmarks panel.
* Introduced the ability to close all tabs to the right of the
current tab.
* Whether mailnews tabs open in the background is controlled by a
separate preference to browser tabs via General Settings section
of main Mail & Newsgroups preference pane.
* Fixed an issue with the recipient being missing when using Reply
to Sender and Group button in Newsgroup discussions.
* SeaMonkey now prevents address books from having duplicate names.
* SeaMonkey 2.53.2 uses the same backend as Firefox and contains
the relevant Firefox 60.3 security fixes.
* SeaMonkey 2.53.2 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.0 release notes for
specific changes and security fixes in this release.
* SeaMonkey now uses gtk3 on Linux. If you experience a problem
because of this please file a bug and link it to bug
1367257. Please try another OS theme first. Some of them are buggy
and cause problems with SeaMonkey, Thunderbird and Firefox.
- Remove obsolete upstream and local patches
* Thu Mar 05 2020 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.1
https://www.seamonkey-project.org/releases/seamonkey2.53.1/
* The Bookmarks Manager has switched its name to Library, and now
also includes the History list. When invoking History, the Library
will be shown with the History list selected. The extensive
modifications were needed because of Mozilla Gecko platform API
changes.
* Download Manager has been migrated to a new API. Although it looks
pretty much the same as before, the search option is missing and
some other minor details work differently. The previous downloads
history is removed during the upgrade.
* Added Layout panel to CSS Grid tools.
* TLS 1.3 is the default version now.
* Among the general platform and mail fixes this release contains
backported fixes from Thunderbird for the EFAIL security
vulnerability.
* SeaMonkey now uses gtk3 on Linux. If you experience a problem
because of this please file a bug and link it to Switch Linux
builds to GTK3 with SeaMonkey 2.49. Please try another OS theme
first. Some of them are buggy and cause problems with SeaMonkey,
Thunderbird and Firefox.
* The Lightning extension is now included.
- apply upstream patches for building with rust >= 1.40
- remove mozilla-systems-nss.patch (since merged upstream)
- remove mozilla-no-stdcxx-check.patch (no longer applicable as
build checks have been moved to a Python script)
- adapt mozilla-nongnome-proxies.patch, mozilla-language.patch,
and mozilla-ntlm-full-path.patch for SeaMonkey 2.53.1
- add upstream patch for better LTO detection
- disable elf-hacking on x86_64 builds to prevent build errors:
https://bugzilla.mozilla.org/show_bug.cgi?id=1619776
- rewrite the create-tars.sh script according to the new source code
checkout instructions:
https://bugzilla.opensuse.org/show_bug.cgi?id=1165427
https://bugzilla.mozilla.org/show_bug.cgi?id=1618806
* Fri Jan 24 2020 Tristan Miller <psychonaut@nothingisreal.com>
- remove obsolete locale patches mozilla-ua-locale.patch and
seamonkey-ua-locale.patch, and update default preferences per
https://bugzilla.mozilla.org/show_bug.cgi?id=542999#c23
* Mon Jan 20 2020 Tristan Miller <psychonaut@nothingisreal.com>
- remove obsolete and unused custom search add-ons
* Tue Jan 14 2020 Tristan Miller <psychonaut@nothingisreal.com>
- disable Rust, as it caused build errors and was apparently unused
- add patch unifying gettid() declarations to avoid GCC build errors
- add patch correcting the syntax of the linker flags
* Mon Jan 13 2020 Wolfgang Rosenauer <wr@rosenauer.org>
- remove mozilla-reduce-files-per-UnifiedBindings.patch since it
creates build errors in certain situations
- introduce limit_build instead
* Mon Oct 21 2019 Wolfgang Rosenauer <wr@rosenauer.org>
- update to Seamonkey 2.49.5
* https://www.seamonkey-project.org/releases/seamonkey2.49.5/
- removed obsolete patch
mozilla-bmo1338655.patch
- fix build with system NSS (mozilla-system-nss.patch)
* Fri Jul 13 2018 wr@rosenauer.org
- update to Seamonkey 2.49.4
* Gecko 52.9.1esr (bsc#1098998)
MFSA 2018-16 (bsc#1098998)
* CVE-2018-12359 (bmo#1459162)
Buffer overflow using computed size of canvas element
* CVE-2018-12360 (bmo#1459693)
Use-after-free when using focus()
* CVE-2018-12362 (bmo#1452375)
Integer overflow in SSSE3 scaler
* CVE-2018-5156 (bmo#1453127)
Media recorder segmentation fault when track type is changed during capture
* CVE-2018-12363 (bmo#1464784)
Use-after-free when appending DOM nodes
* CVE-2018-12364 (bmo#1436241)
CSRF attacks through 307 redirects and NPAPI plugins
* CVE-2018-12365 (bmo#1459206)
Compromised IPC child process can list local filenames
* CVE-2018-12366 (bmo#1464039)
Invalid data handling during QCMS transformations
* CVE-2018-5188 (bmo#1456189,bmo#1456975,bmo#1465898,bmo#1392739,
bmo#1451297,bmo#1464063,bmo#1437842,bmo#1442722,bmo#1452576,
bmo#1450688,bmo#1458264,bmo#1458270,bmo#1465108,bmo#1464829,
bmo#1464079,bmo#1463494,bmo#1458048)
Memory safety bugs fixed in Firefox 60, Firefox ESR 60.1, and Firefox ESR 52.9
- localizations finally included again (boo#1062195)
* Thu Jun 07 2018 bjorn.lie@gmail.com
- Add conditional for pkgconfig(gconf-2.0) BuildRequires, and pass
conditional --disable-gconf to configure: no longer pull in
obsolete gconf2 for Tumbleweed.
* Tue Jun 05 2018 psychonaut@nothingisreal.com
- update spec file summary and description to more accurately
reflect what SeaMonkey is, giving less prominence to the long-
discontinued Mozilla Application Suite that many users may no
longer be familiar with
- update project URL in spec file
* Sat Mar 03 2018 wr@rosenauer.org
- update to Seamonkey 2.49.2
* Gecko 52.6esr (including security relevant fixes) (bsc#1077291)
* fix issue in Composer
* With some themes, the menulist- and history-dropmarker didn't show
* Scrollbars didn't show the buttons
* WebRTC has been disabled by default. It needs an add-on to enable it per site
* The active title bar was not visually emphasized
- correct requires and provides handling (boo#1076907)
* Tue Jan 09 2018 wr@rosenauer.org
- Explicitly buildrequires python2-xml: The build system relies on
it. We wrongly relied on other packages pulling it in for us.
- use parallel compression in create-tar if available
- use XZ instead of BZ2 for source archives
- import upstream patch mozilla-bmo1338655.patch to fix failing
build
* Thu Dec 07 2017 dimstar@opensuse.org
- Escape the usage of %{VERSION} when calling out to rpm.
RPM 4.14 has %{VERSION} defined as 'the main packages version'.
* Fri Nov 10 2017 zaitor@opensuse.org
- Drop obsolete libgnomeui-devel BuildRequires: No longer needed.
- Following the above, add explicit pkgconfig(gconf-2.0),
pkgconfig(gobject-2.0)pkgconfig(gdk-x11-2.0), pkgconfig(gtk+-2.0)
and pkgconfig(gtk+-unix-print-2.0) BuildRequires: previously
pulled in by libgnomeui-devel, and is what configure really
checks for.
* Fri Aug 04 2017 wr@rosenauer.org
- update to Seamonkey 2.48
* based on Gecko 51.0.3
* requires NSPR 4.13.1 and NSS 3.28.5 (aligned with 52ESR)
- removed obsolete (upstreamed) patches
* mozilla-http2-ecdh-keybits.patch
* mozilla-sed43.patch
* mozilla-flex_buffer_overrun.patch
* mozilla-shared-nss-db.patch (feature dropped from SM due to
maintenance costs vs. usefulness)
* mozilla-binutils-visibility.patch
* mozilla-check_return.patch
* mozilla-skia-overflow.patch
- rebased patches
* Sun Feb 12 2017 wr@rosenauer.org
- fix configure with for sed >= 4.3 (boo#1020631) (mozilla-sed43.patch)
* Tue Jan 24 2017 wr@rosenauer.org
- improve recognition of LANGUAGE env variable (boo#1017174)
- update minimum keybits in H2 so it allows a smaller value
(e.g. for curve25519 as supported with NSS 3.28) (bmo#1290037)
(boo#1021636) (mozilla-http2-ecdh-keybits.patch)
* Fri Dec 23 2016 wr@rosenauer.org
- update to Seamonkey 2.46
* based on Gecko 49.0.2
* Chatzilla and DOM Inspector were removed/disabled and therefore
those subpackages are not available at this moment
- requires NSPR 4.12 and NSS 3.25
- removed obsolete patches
* mozilla-libproxy.patch
* mozilla-gcc6.patch
* mozilla-openaes-decl.patch
- rebased patches
- added patches imported from Firefox 49:
* mozilla-check_return.patch
* mozilla-flex_buffer_overrun.patch
* mozilla-skia-overflow.patch
* Mon Oct 17 2016 wr@rosenauer.org
- mozilla-binutils-visibility.patch to fix build issues with
gcc/binutils combination used in Leap 42.2 (boo#984637)
* Sun Aug 21 2016 antoine.belvire@laposte.net
- Build also with fno-lifetime-dse and fno-schedule-insns2 for GCC6
(still boo#991027)
- Check compiler version instead of openSUSE version for this
* Mon Aug 08 2016 wr@rosenauer.org
- build with -fno-delete-null-pointer-checks for Tumbleweed/gcc6
as long as underlying issues have been addressed upstream
(boo#991027)
* Fri Aug 05 2016 pcerny@suse.com
- Fix for possible buffer overrun (bsc#990856)
CVE-2016-6354 (bmo#1292534)
[mozilla-flex_buffer_overrun.patch]
* Tue Jul 26 2016 badshah400@gmail.com
- Add appstream metainfo files as a tar.bz2 source
(seamonkey-appdata.tar.bz2) and install these appdata.xml files
to the appdata dir (/usr/share/appdata); with these appdata
files installed, seamonkey shows up in appstores like GNOME
software and KDE Discover.
* Sun Jul 17 2016 badshah400@gmail.com
- Add mozilla-gcc6.patch to fix building with gcc >= 6.0.
* Sat Mar 05 2016 wr@rosenauer.org
- fix build problems on i586, caused by too large unified compile
units - adding mozilla-reduce-files-per-UnifiedBindings.patch
- increased _constraints as required
* Tue Jan 19 2016 wr@rosenauer.org
- update to Seamonkey 2.40 (bnc#959277)
* requires NSS 3.20.2 to fix
MFSA 2015-150/CVE-2015-7575 (bmo#1158489)
MD5 signatures accepted within TLS 1.2 ServerKeyExchange in
server signature
* MFSA 2015-134/CVE-2015-7201/CVE-2015-7202
Miscellaneous memory safety hazards
* MFSA 2015-135/CVE-2015-7204 (bmo#1216130)
Crash with JavaScript variable assignment with unboxed objects
* MFSA 2015-136/CVE-2015-7207 (bmo#1185256)
Same-origin policy violation using perfomance.getEntries and
history navigation
* MFSA 2015-137/CVE-2015-7208 (bmo#1191423)
Firefox allows for control characters to be set in cookies
* MFSA 2015-138/CVE-2015-7210 (bmo#1218326)
Use-after-free in WebRTC when datachannel is used after being
destroyed
* MFSA 2015-139/CVE-2015-7212 (bmo#1222809)
Integer overflow allocating extremely large textures
* MFSA 2015-140/CVE-2015-7215 (bmo#1160890)
Cross-origin information leak through web workers error events
* MFSA 2015-141/CVE-2015-7211 (bmo#1221444)
Hash in data URI is incorrectly parsed
* MFSA 2015-142/CVE-2015-7218/CVE-2015-7219 (bmo#1194818, bmo#1194820)
DOS due to malformed frames in HTTP/2
* MFSA 2015-143/CVE-2015-7216/CVE-2015-7217 (bmo#1197059, bmo#1203078)
Linux file chooser crashes on malformed images due to flaws in
Jasper library
* MFSA 2015-144/CVE-2015-7203/CVE-2015-7220/CVE-2015-7221
(bmo#1201183, bmo#1178033, bmo#1199400)
Buffer overflows found through code inspection
* MFSA 2015-145/CVE-2015-7205 (bmo#1220493)
Underflow through code inspection
* MFSA 2015-146/CVE-2015-7213 (bmo#1206211)
Integer overflow in MP4 playback in 64-bit versions
* MFSA 2015-147/CVE-2015-7222 (bmo#1216748)
Integer underflow and buffer overflow processing MP4 metadata in
libstagefright
* MFSA 2015-148/CVE-2015-7223 (bmo#1226423)
Privilege escalation vulnerabilities in WebExtension APIs
* MFSA 2015-149/CVE-2015-7214 (bmo#1228950)
Cross-site reading attack through data and view-source URIs
- rebased patches
- buildrequire xcomposite now explicitely
* Thu Nov 05 2015 wr@rosenauer.org
- update to Seamonkey 2.39 (bnc#952810)
* MFSA 2015-116/CVE-2015-4513/CVE-2015-4514
Miscellaneous memory safety hazards
* MFSA 2015-117/CVE-2015-4515 (bmo#1046421)
Information disclosure through NTLM authentication
* MFSA 2015-118/CVE-2015-4518 (bmo#1182778, bmo#1136692)
CSP bypass due to permissive Reader mode whitelist
* MFSA 2015-119/CVE-2015-7185 (bmo#1149000) (Android only)
Firefox for Android addressbar can be removed after fullscreen mode
* MFSA 2015-120/CVE-2015-7186 (bmo#1193027) (Android only)
Reading sensitive profile files through local HTML file on Android
* MFSA 2015-121/CVE-2015-7187 (bmo#1195735)
disabling scripts in Add-on SDK panels has no effect
* MFSA 2015-122/CVE-2015-7188 (bmo#1199430)
Trailing whitespace in IP address hostnames can bypass same-origin policy
* MFSA 2015-123/CVE-2015-7189 (bmo#1205900)
Buffer overflow during image interactions in canvas
* MFSA 2015-124/CVE-2015-7190 (bmo#1208520) (Android only)
Android intents can be used on Firefox for Android to open privileged files
* MFSA 2015-125/CVE-2015-7191 (bmo#1208956) (Android only)
XSS attack through intents on Firefox for Android
* MFSA 2015-126/CVE-2015-7192 (bmo#1210023) (OS X only)
Crash when accessing HTML tables with accessibility tools on OS X
* MFSA 2015-127/CVE-2015-7193 (bmo#1210302)
CORS preflight is bypassed when non-standard Content-Type headers
are received
* MFSA 2015-128/CVE-2015-7194 (bmo#1211262)
Memory corruption in libjar through zip files
* MFSA 2015-129/CVE-2015-7195 (bmo#1211871)
Certain escaped characters in host of Location-header are being
treated as non-escaped
* MFSA 2015-130/CVE-2015-7196 (bmo#1140616)
JavaScript garbage collection crash with Java applet
* MFSA 2015-131/CVE-2015-7198/CVE-2015-7199/CVE-2015-7200
(bmo#1188010, bmo#1204061, bmo#1204155)
Vulnerabilities found through code inspection
* MFSA 2015-132/CVE-2015-7197 (bmo#1204269)
Mixed content WebSocket policy bypass through workers
* MFSA 2015-133/CVE-2015-7181/CVE-2015-7182/CVE-2015-7183
(bmo#1202868, bmo#1205157)
NSS and NSPR memory corruption issues
(fixed in mozilla-nspr and mozilla-nss packages)
- requires NSPR >= 4.10.10 and NSS >= 3.19.4
- removed obsolete patches
* mozilla-icu-strncat.patch
- fixed build with enable-libproxy (bmo#1220399)
* mozilla-libproxy.patch
* Thu Oct 01 2015 wr@rosenauer.org
- update to SeaMonkey 2.38 (bnc#947003)
* based on 41.0.1
* MFSA 2015-96/CVE-2015-4500/CVE-2015-4501
Miscellaneous memory safety hazards
* MFSA 2015-97/CVE-2015-4503 (bmo#994337)
Memory leak in mozTCPSocket to servers
* MFSA 2015-98/CVE-2015-4504 (bmo#1132467)
Out of bounds read in QCMS library with ICC V4 profile attributes
* MFSA 2015-100/CVE-2015-4505 (bmo#1177861) (Windows only)
Arbitrary file manipulation by local user through Mozilla updater
* MFSA 2015-101/CVE-2015-4506 (bmo#1192226)
Buffer overflow in libvpx while parsing vp9 format video
* MFSA 2015-102/CVE-2015-4507 (bmo#1192401)
Crash when using debugger with SavedStacks in JavaScript
* MFSA 2015-104/CVE-2015-4510 (bmo#1200004)
Use-after-free with shared workers and IndexedDB
* MFSA 2015-105/CVE-2015-4511 (bmo#1200148)
Buffer overflow while decoding WebM video
* MFSA 2015-106/CVE-2015-4509 (bmo#1198435)
Use-after-free while manipulating HTML media content
* MFSA 2015-107/CVE-2015-4512 (bmo#1170390)
Out-of-bounds read during 2D canvas display on Linux 16-bit
color depth systems
* MFSA 2015-108/CVE-2015-4502 (bmo#1105045)
Scripted proxies can access inner window
* MFSA 2015-109/CVE-2015-4516 (bmo#904886)
JavaScript immutable property enforcement can be bypassed
* MFSA 2015-110/CVE-2015-4519 (bmo#1189814)
Dragging and dropping images exposes final URL after redirects
* MFSA 2015-111/CVE-2015-4520 (bmo#1200856, bmo#1200869)
Errors in the handling of CORS preflight request headers
* MFSA 2015-112/CVE-2015-4517/CVE-2015-4521/CVE-2015-4522/
CVE-2015-7174/CVE-2015-7175/CVE-2015-7176/CVE-2015-7177/
CVE-2015-7180
Vulnerabilities found through code inspection
* MFSA 2015-113/CVE-2015-7178/CVE-2015-7179 (bmo#1189860,
bmo#1190526) (Windows only)
Memory safety errors in libGLES in the ANGLE graphics library
* MFSA 2015-114 (bmo#1167498, bmo#1153672) (Windows only)
Information disclosure via the High Resolution Time API
- removed obsolete patch
* mozilla-add-glibcxx_use_cxx11_abi.patch
- added mozilla-no-stdcxx-check.patch
* Sat Aug 29 2015 wr@rosenauer.org
- update to SeaMonkey 2.35 (bnc#935979)
* based on 38.1.1esr
* requires NSPR 4.10.8 and NSS 3.19.2
- removed obsolete patches
* mozilla-visitSubstr.patch
* mozilla-undef-CONST.patch
* mozilla-reintroduce-pixman-code-path.patch
* mozilla-fix-prototype.patch
* mozilla-disable-JEMALLOC_STATIC_SIZES-on-ppc.patch
- renamed mozilla-add-D_GLIBCXX_USE_CXX11_ABI-0-to-CXXFLAG.patch
to mozilla-add-glibcxx_use_cxx11_abi.patch (sync with Firefox)
- dropped mozilla-prefer_plugin_pref.patch as this feature is
likely not worth maintaining further
* Sat Jun 27 2015 antoine.belvire@laposte.net
- Fix compilation issues:
* Add mozilla-add-D_GLIBCXX_USE_CXX11_ABI-0-to-CXXFLAG.patch (bmo#1153109)
* Add mozilla-reintroduce-pixman-code-path.patch (bmo#1136958)
* Add mozilla-visitSubstr.patch (bmo#1108834)
* Add mozilla-undef-CONST.patch (bmo#1111395)
* Add mozilla-disable-JEMALLOC_STATIC_SIZES-on-ppc.patch
* Sun Mar 22 2015 wr@rosenauer.org
- update to SeaMonkey 2.33.1 (bnc#923534)
* MFSA 2015-28/CVE-2015-0818 (bmo#1144988)
Privilege escalation through SVG navigation
* MFSA 2015-29/CVE-2015-0817 (bmo#1145255)
Code execution through incorrect JavaScript bounds checking
elimination
* Mon Mar 16 2015 wr@rosenauer.org
- update to SeaMonkey 2.33 (bnc#917597)
* MFSA 2015-11/CVE-2015-0835/CVE-2015-0836
Miscellaneous memory safety hazards
* MFSA 2015-12/CVE-2015-0833 (bmo#945192)
Invoking Mozilla updater will load locally stored DLL files
(Windows only)
* MFSA 2015-13/CVE-2015-0832 (bmo#1065909)
Appended period to hostnames can bypass HPKP and HSTS protections
* MFSA 2015-14/CVE-2015-0830 (bmo#1110488)
Malicious WebGL content crash when writing strings
* MFSA 2015-15/CVE-2015-0834 (bmo#1098314)
TLS TURN and STUN connections silently fail to simple TCP connections
* MFSA 2015-16/CVE-2015-0831 (bmo#1130514)
Use-after-free in IndexedDB
* MFSA 2015-17/CVE-2015-0829 (bmo#1128939)
Buffer overflow in libstagefright during MP4 video playback
* MFSA 2015-18/CVE-2015-0828 (bmo#1030667, bmo#988675)
Double-free when using non-default memory allocators with a
zero-length XHR
* MFSA 2015-19/CVE-2015-0827 (bmo#1117304)
Out-of-bounds read and write while rendering SVG content
* MFSA 2015-20/CVE-2015-0826 (bmo#1092363)
Buffer overflow during CSS restyling
* MFSA 2015-21/CVE-2015-0825 (bmo#1092370)
Buffer underflow during MP3 playback
* MFSA 2015-22/CVE-2015-0824 (bmo#1095925)
Crash using DrawTarget in Cairo graphics library
* MFSA 2015-23/CVE-2015-0823 (bmo#1098497)
Use-after-free in Developer Console date with OpenType Sanitiser
* MFSA 2015-24/CVE-2015-0822 (bmo#1110557)
Reading of local files through manipulation of form autocomplete
* MFSA 2015-25/CVE-2015-0821 (bmo#1111960)
Local files or privileged URLs in pages can be opened into new tabs
* MFSA 2015-26/CVE-2015-0819 (bmo#1079554)
UI Tour whitelisted sites in background tab can spoof foreground
tabs
* MFSA 2015-27CVE-2015-0820 (bmo#1125398)
Caja Compiler JavaScript sandbox bypass
- rebased patches
- requires NSS 3.17.4
- removed obsolete seamonkey-fix-signed-char.patch
- mozilla-xremote-client was removed upstream
* Sat Feb 07 2015 wr@rosenauer.org
- update to SeaMonkey 2.32.1
* fixed MailNews feeds not updating
* fixed selected profile in Profile Manager not remembered
* fixed opening a bookmark folder in tabs on Linux
* fixed Troubleshooting Information (about:support) with the
Modern theme
* Sat Jan 17 2015 wr@rosenauer.org
- update to SeaMonkey 2.32 (bnc#910669)
* MFSA 2015-01/CVE-2014-8634/CVE-2014-8635
Miscellaneous memory safety hazards
* MFSA 2015-02/CVE-2014-8637 (bmo#1094536)
Uninitialized memory use during bitmap rendering
* MFSA 2015-03/CVE-2014-8638 (bmo#1080987)
sendBeacon requests lack an Origin header
* MFSA 2015-04/CVE-2014-8639 (bmo#1095859)
Cookie injection through Proxy Authenticate responses
* MFSA 2015-05/CVE-2014-8640 (bmo#1100409)
Read of uninitialized memory in Web Audio
* MFSA 2015-06/CVE-2014-8641 (bmo#1108455)
Read-after-free in WebRTC
* MFSA 2015-07/CVE-2014-8643 (bmo#1114170) (Windows-only)
Gecko Media Plugin sandbox escape
* MFSA 2015-08/CVE-2014-8642 (bmo#1079658)
Delegated OCSP responder certificates failure with
id-pkix-ocsp-nocheck extension
* MFSA 2015-09/CVE-2014-8636 (bmo#987794)
XrayWrapper bypass through DOM objects
- rebased patches
- removed obsolete mozilla-seamonkey-sdk.patch
- added mozilla-openaes-decl.patch to fix implicit declarations
* Thu Jan 01 2015 wr@rosenauer.org
- use GStreamer 1.0 from 13.2 on
- removed package support for distributions older than 12.3
* removed mozilla-sle11.patch
* Mon Dec 08 2014 meissner@suse.com
- seamonkey-fix-signed-char.patch: fix build on platforms
where char is unsigned (power/arm). (bmo#1085151)
- mozilla-fix-prototype.patch: add string.h includes
for memcpy prototype (as used on bigendian architectures).
* Thu Dec 04 2014 pcerny@suse.com
- enable some extensions using the addons sdk (e.g. Ghostery)
(mozilla-seamonkey-sdk.patch) (bmo#1071048)
* Wed Dec 03 2014 wr@rosenauer.org
- update to SeaMonkey 2.31 (bnc#908009)
* requires NSS 3.17.2
* MFSA 2014-83/CVE-2014-1587/CVE-2014-1588
Miscellaneous memory safety hazards
* MFSA 2014-84/CVE-2014-1589 (bmo#1043787)
XBL bindings accessible via improper CSS declarations
* MFSA 2014-85/CVE-2014-1590 (bmo#1087633)
XMLHttpRequest crashes with some input streams
* MFSA 2014-86/CVE-2014-1591 (bmo#1069762)
CSP leaks redirect data via violation reports
* MFSA 2014-87/CVE-2014-1592 (bmo#1088635)
Use-after-free during HTML5 parsing
* MFSA 2014-88/CVE-2014-1593 (bmo#1085175)
Buffer overflow while parsing media content
* MFSA 2014-89/CVE-2014-1594 (bmo#1074280)
Bad casting from the BasicThebesLayer to BasicContainerLayer
- rebased patches
* Fri Nov 21 2014 wr@rosenauer.org
- use platform specific build flags as in Firefox
(including _constraints)
- define /usr/share/myspell as additional dictionary location
and remove add-plugins.sh finally (bnc#900639)
* Wed Nov 19 2014 Led <ledest@gmail.com>
- fix bashisms in mozilla.sh and add-plugins.sh scripts
* Tue Oct 14 2014 wr@rosenauer.org
- update to SeaMonkey 2.30 (bnc#900941)
* venkman debugger removed from application and therefore
obsolete package seamonkey-venkman
* MFSA 2014-74/CVE-2014-1574/CVE-2014-1575
Miscellaneous memory safety hazards
* MFSA 2014-75/CVE-2014-1576 (bmo#1041512)
Buffer overflow during CSS manipulation
* MFSA 2014-76/CVE-2014-1577 (bmo#1012609)
Web Audio memory corruption issues with custom waveforms
* MFSA 2014-77/CVE-2014-1578 (bmo#1063327)
Out-of-bounds write with WebM video
* MFSA 2014-78/CVE-2014-1580 (bmo#1063733)
Further uninitialized memory use during GIF rendering
* MFSA 2014-79/CVE-2014-1581 (bmo#1068218)
Use-after-free interacting with text directionality
* MFSA 2014-80/CVE-2014-1582/CVE-2014-1584 (bmo#1049095, bmo#1066190)
Key pinning bypasses
* MFSA 2014-81/CVE-2014-1585/CVE-2014-1586 (bmo#1062876, bmo#1062981)
Inconsistent video sharing within iframe
* MFSA 2014-82/CVE-2014-1583 (bmo#1015540)
Accessing cross-origin objects via the Alarms API
(only relevant for installed web apps)
- requires NSPR 4.10.7
- requires NSS 3.17.1
- removed obsolete patches:
* mozilla-ppc.patch
* mozilla-libproxy-compat.patch
* Sat Sep 20 2014 wr@rosenauer.org
- update to SeaMonkey 2.29 (bnc#894370)
* based on Gecko 32.0 including all security fixes outlined here
https://www.mozilla.org/security/known-vulnerabilities/
* removed obsolete patches
mozilla-aarch64-bmo-810631.patch, mozilla-aarch64-bmo-962488.patch,
mozilla-aarch64-bmo-963023.patch, mozilla-aarch64-bmo-963024.patch,
mozilla-aarch64-bmo-963027.patch
mozilla-ppc64le-build.patch, mozilla-ppc64le-javascript.patch,
mozilla-ppc64le-libffi.patch, mozilla-ppc64le-mfbt.patch,
mozilla-ppc64le-webrtc.patch, mozilla-ppc64le-xpcom.patch
* rebased patches
- requires NSS 3.16.4
- build with --disable-optimize for 13.1 and above for i586 to
workaround miscompilations (bnc#896624)
* Mon Jun 16 2014 wr@rosenauer.org
- update to SeaMonkey 2.26.1 (bnc#881874)
* MFSA 2014-48/CVE-2014-1533/CVE-2014-1534
(bmo#921622, bmo#967354, bmo#969517, bmo#969549, bmo#973874,
bmo#978652, bmo#978811, bmo#988719, bmo#990868, bmo#991981,
bmo#992274, bmo#994907, bmo#995679, bmo#995816, bmo#995817,
bmo#996536, bmo#996715, bmo#999651, bmo#1000598,
bmo#1000960, bmo#1002340, bmo#1005578, bmo#1007223,
bmo#1009952, bmo#1011007)
Miscellaneous memory safety hazards (rv:30.0)
* MFSA 2014-49/CVE-2014-1536/CVE-2014-1537/CVE-2014-1538
(bmo#989994, bmo#999274, bmo#1005584)
Use-after-free and out of bounds issues found using Address
Sanitizer
* MFSA 2014-50/CVE-2014-1539 (bmo#995603)
Clickjacking through cursor invisability after Flash interaction
* MFSA 2014-51/CVE-2014-1540 (bmo#978862)
Use-after-free in Event Listener Manager
* MFSA 2014-52/CVE-2014-1541 (bmo#1000185)
Use-after-free with SMIL Animation Controller
* MFSA 2014-53/CVE-2014-1542 (bmo#991533)
Buffer overflow in Web Audio Speex resampler
* MFSA 2014-54/CVE-2014-1543 (bmo#1011859)
Buffer overflow in Gamepad API
* MFSA 2014-55/CVE-2014-1545 (bmo#1018783)
Out of bounds write in NSPR
- requires NSPR 4.10.6
- build require makeinfo
* Tue May 13 2014 wr@rosenauer.org
- fix translations packaging (bnc#877263)
* Tue Apr 29 2014 wr@rosenauer.org
- update to SeaMonkey 2.26 (bnc#875378)
* MFSA 2014-34/CVE-2014-1518/CVE-2014-1519
Miscellaneous memory safety hazards
* MFSA 2014-36/CVE-2014-1522 (bmo#995289)
Web Audio memory corruption issues
* MFSA 2014-37/CVE-2014-1523 (bmo#969226)
Out of bounds read while decoding JPG images
* MFSA 2014-38/CVE-2014-1524 (bmo#989183)
Buffer overflow when using non-XBL object as XBL
* MFSA 2014-39/CVE-2014-1525 (bmo#989210)
Use-after-free in the Text Track Manager for HTML video
* MFSA 2014-41/CVE-2014-1528 (bmo#963962)
Out-of-bounds write in Cairo
* MFSA 2014-42/CVE-2014-1529 (bmo#987003)
Privilege escalation through Web Notification API
* MFSA 2014-43/CVE-2014-1530 (bmo#895557)
Cross-site scripting (XSS) using history navigations
* MFSA 2014-44/CVE-2014-1531 (bmo#987140)
Use-after-free in imgLoader while resizing images
* MFSA 2014-45/CVE-2014-1492 (bmo#903885)
Incorrect IDNA domain name matching for wildcard certificates
(fixed by NSS 3.16)
* MFSA 2014-46/CVE-2014-1532 (bmo#966006)
Use-after-free in nsHostResolver
* MFSA 2014-47/CVE-2014-1526 (bmo#988106)
Debugger can bypass XrayWrappers with JavaScript
- rebased patches
- added aarch64 porting patches
* mozilla-aarch64-bmo-810631.patch
* mozilla-aarch64-bmo-962488.patch
* mozilla-aarch64-bmo-963023.patch
* mozilla-aarch64-bmo-963024.patch
* mozilla-aarch64-bmo-963027.patch
- requires NSPR 4.10.3 and NSS 3.16
- added mozilla-icu-strncat.patch to fix post build checks
* Wed Mar 19 2014 wr@rosenauer.org
- update to SeaMonkey 2.25 (bnc#868603)
* MFSA 2014-15/CVE-2014-1493/CVE-2014-1494
Miscellaneous memory safety hazards
* MFSA 2014-17/CVE-2014-1497 (bmo#966311)
Out of bounds read during WAV file decoding
* MFSA 2014-18/CVE-2014-1498 (bmo#935618)
crypto.generateCRMFRequest does not validate type of key
* MFSA 2014-19/CVE-2014-1499 (bmo#961512)
Spoofing attack on WebRTC permission prompt
* MFSA 2014-20/CVE-2014-1500 (bmo#956524)
onbeforeunload and Javascript navigation DOS
* MFSA 2014-22/CVE-2014-1502 (bmo#972622)
WebGL content injection from one domain to rendering in another
* MFSA 2014-23/CVE-2014-1504 (bmo#911547)
Content Security Policy for data: documents not preserved by
session restore
* MFSA 2014-26/CVE-2014-1508 (bmo#963198)
Information disclosure through polygon rendering in MathML
* MFSA 2014-27/CVE-2014-1509 (bmo#966021)
Memory corruption in Cairo during PDF font rendering
* MFSA 2014-28/CVE-2014-1505 (bmo#941887)
SVG filters information disclosure through feDisplacementMap
* MFSA 2014-29/CVE-2014-1510/CVE-2014-1511 (bmo#982906, bmo#982909)
Privilege escalation using WebIDL-implemented APIs
* MFSA 2014-30/CVE-2014-1512 (bmo#982957)
Use-after-free in TypeObject
* MFSA 2014-31/CVE-2014-1513 (bmo#982974)
Out-of-bounds read/write through neutering ArrayBuffer objects
* MFSA 2014-32/CVE-2014-1514 (bmo#983344)
Out-of-bounds write through TypedArrayObject after neutering
- requires NSPR 4.10.3 and NSS 3.15.5
- new build dependency (and recommends):
* libpulse
- update of PowerPC 64 patches (bmo#976648) (pcerny@suse.com)
- rebased patches
* Sat Feb 08 2014 wr@rosenauer.org
- replaced locale source archive because the old one was broken
by wrong upstream tagging (bnc#862831)
* Tue Feb 04 2014 wr@rosenauer.org
- update to SeaMonkey 2.24 (bnc#861847)
* MFSA 2014-01/CVE-2014-1477/CVE-2014-1478
Miscellaneous memory safety hazards (rv:27.0 / rv:24.3)
* MFSA 2014-02/CVE-2014-1479 (bmo#911864)
Clone protected content with XBL scopes
* MFSA 2014-03/CVE-2014-1480 (bmo#916726)
UI selection timeout missing on download prompts
* MFSA 2014-04/CVE-2014-1482 (bmo#943803)
Incorrect use of discarded images by RasterImage
* MFSA 2014-05/CVE-2014-1483 (bmo#950427)
Information disclosure with *FromPoint on iframes
* MFSA 2014-07/CVE-2014-1485 (bmo#910139)
XSLT stylesheets treated as styles in Content Security Policy
* MFSA 2014-08/CVE-2014-1486 (bmo#942164)
Use-after-free with imgRequestProxy and image proccessing
* MFSA 2014-09/CVE-2014-1487 (bmo#947592)
Cross-origin information leak through web workers
* MFSA 2014-11/CVE-2014-1488 (bmo#950604)
Crash when using web workers with asm.js
* MFSA 2014-12/CVE-2014-1490/CVE-2014-1491
(bmo#934545, bmo#930874, bmo#930857)
NSS ticket handling issues
* MFSA 2014-13/CVE-2014-1481(bmo#936056)
Inconsistent JavaScript handling of access to Window objects
- requires NSS 3.15.4
- removed obsolete mozilla-bug929439.patch
* Fri Dec 13 2013 uweigand@de.ibm.com
- Add support for powerpc64le-linux.
* ppc64le-support.patch: general support
* libffi-ppc64le.patch: libffi backport
* xpcom-ppc64le.patch: port xpcom
- Add build fix from mainline.
* mozilla-bug929439.patch
* Wed Dec 11 2013 wr@rosenauer.org
- update to SeaMonkey 2.23 (bnc#854367, bnc#854370))
* requires NSPR 4.10.2 and NSS 3.15.3.1
* MFSA 2013-104/CVE-2013-5609/CVE-2013-5610
Miscellaneous memory safety hazards
* MFSA 2013-105/CVE-2013-5611 (bmo#771294)
Application Installation doorhanger persists on navigation
* MFSA 2013-106/CVE-2013-5612 (bmo#871161)
Character encoding cross-origin XSS attack
* MFSA 2013-107/CVE-2013-5614 (bmo#886262)
Sandbox restrictions not applied to nested object elements
* MFSA 2013-108/CVE-2013-5616 (bmo#938341)
Use-after-free in event listeners
* MFSA 2013-109/CVE-2013-5618 (bmo#926361)
Use-after-free during Table Editing
* MFSA 2013-110/CVE-2013-5619 (bmo#917841)
Potential overflow in JavaScript binary search algorithms
* MFSA 2013-111/CVE-2013-6671 (bmo#930281)
Segmentation violation when replacing ordered list elements
* MFSA 2013-112/CVE-2013-6672 (bmo#894736)
Linux clipboard information disclosure though selection paste
* MFSA 2013-113/CVE-2013-6673 (bmo#970380)
Trust settings for built-in roots ignored during EV certificate
validation
* MFSA 2013-114/CVE-2013-5613 (bmo#930381, bmo#932449)
Use-after-free in synthetic mouse movement
* MFSA 2013-115/CVE-2013-5615 (bmo#929261)
GetElementIC typed array stubs can be generated outside observed
typesets
* MFSA 2013-116/CVE-2013-6629/CVE-2013-6630 (bmo#891693)
JPEG information leak
* MFSA 2013-117 (bmo#946351)
Mis-issued ANSSI/DCSSI certificate
(fixed via NSS 3.15.3.1)
- rebased patches:
* mozilla-nongnome-proxies.patch
* mozilla-shared-nss-db.patch
* Wed Oct 30 2013 wr@rosenauer.org
- update to SeaMonkey 2.22 (bnc#847708)
* rebased patches
* requires NSS 3.15.2 or higher
* MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592
Miscellaneous memory safety hazards
* MFSA 2013-94/CVE-2013-5593 (bmo#868327)
Spoofing addressbar through SELECT element
* MFSA 2013-95/CVE-2013-5604 (bmo#914017)
Access violation with XSLT and uninitialized data
* MFSA 2013-96/CVE-2013-5595 (bmo#916580)
Improperly initialized memory and overflows in some JavaScript
functions
* MFSA 2013-97/CVE-2013-5596 (bmo#910881)
Writing to cycle collected object during image decoding
* MFSA 2013-98/CVE-2013-5597 (bmo#918864)
Use-after-free when updating offline cache
* MFSA 2013-99/CVE-2013-5598 (bmo#920515)
Security bypass of PDF.js checks using iframes
* MFSA 2013-100/CVE-2013-5599/CVE-2013-5600/CVE-2013-5601
(bmo#915210, bmo#915576, bmo#916685)
Miscellaneous use-after-free issues found through ASAN fuzzing
* MFSA 2013-101/CVE-2013-5602 (bmo#897678)
Memory corruption in workers
* MFSA 2013-102/CVE-2013-5603 (bmo#916404)
Use-after-free in HTML document templates
* Tue Sep 17 2013 wr@rosenauer.org
- update to SeaMonkey 2.21 (bnc#840485)
* MFSA 2013-76/CVE-2013-1718/CVE-2013-1719
Miscellaneous memory safety hazards
* MFSA 2013-77/CVE-2013-1720 (bmo#888820)
Improper state in HTML5 Tree Builder with templates
* MFSA 2013-78/CVE-2013-1721 (bmo#890277)
Integer overflow in ANGLE library
* MFSA 2013-79/CVE-2013-1722 (bmo#893308)
Use-after-free in Animation Manager during stylesheet cloning
* MFSA 2013-80/CVE-2013-1723 (bmo#891292)
NativeKey continues handling key messages after widget is destroyed
* MFSA 2013-81/CVE-2013-1724 (bmo#894137)
Use-after-free with select element
* MFSA 2013-82/CVE-2013-1725 (bmo#876762)
Calling scope for new Javascript objects can lead to memory corruption
* MFSA 2013-85/CVE-2013-1728 (bmo#883686)
Uninitialized data in IonMonkey
* MFSA 2013-88/CVE-2013-1730 (bmo#851353)
Compartment mismatch re-attaching XBL-backed nodes
* MFSA 2013-89/CVE-2013-1732 (bmo#883514)
Buffer overflow with multi-column, lists, and floats
* MFSA 2013-90/CVE-2013-1735/CVE-2013-1736 (bmo#898871, bmo#906301)
Memory corruption involving scrolling
* MFSA 2013-91/CVE-2013-1737 (bmo#907727)
User-defined properties on DOM proxies get the wrong "this" object
* MFSA 2013-92/CVE-2013-1738 (bmo#887334, bmo#882897)
GC hazard with default compartments and frame chain restoration
- requires NSS 3.15.1
* Mon Aug 05 2013 wr@rosenauer.org
- update to SeaMonkey 2.20 (bnc#833389)
* MFSA 2013-63/CVE-2013-1701/CVE-2013-1702
Miscellaneous memory safety hazards
* MFSA 2013-64/CVE-2013-1704 (bmo#883313)
Use after free mutating DOM during SetBody
* MFSA 2013-65/CVE-2013-1705 (bmo#882865)
Buffer underflow when generating CRMF requests
* MFSA 2013-67/CVE-2013-1708 (bmo#879924)
Crash during WAV audio file decoding
* MFSA 2013-68/CVE-2013-1709 (bmo#838253)
Document URI misrepresentation and masquerading
* MFSA 2013-69/CVE-2013-1710 (bmo#871368)
CRMF requests allow for code execution and XSS attacks
* MFSA 2013-70/CVE-2013-1711 (bmo#843829)
Bypass of XrayWrappers using XBL Scopes
* MFSA 2013-72/CVE-2013-1713 (bmo#887098)
Wrong principal used for validating URI for some Javascript
components
* MFSA 2013-73/CVE-2013-1714 (bmo#879787)
Same-origin bypass with web workers and XMLHttpRequest
* MFSA 2013-75/CVE-2013-1717 (bmo#406541, bmo#738397)
Local Java applets may read contents of local file system
- requires NSPR 4.10 and NSS 3.15
- removed obsolete seamonkey-shared-nss-db.patch
* Sat Jun 29 2013 wr@rosenauer.org
- update to SeaMonkey 2.19 (bnc#825935)
* removed obsolete patches
+ mozilla-gstreamer-760140.patch
* GStreamer support does not build on 12.1 anymore (build only
on 12.2 and later)
* MFSA 2013-49/CVE-2013-1682/CVE-2013-1683
Miscellaneous memory safety hazards
* MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686
Memory corruption found using Address Sanitizer
* MFSA 2013-51/CVE-2013-1687 (bmo#863933, bmo#866823)
Privileged content access and execution via XBL
* MFSA 2013-52/CVE-2013-1688 (bmo#873966)
Arbitrary code execution within Profiler
* MFSA 2013-53/CVE-2013-1690 (bmo#857883)
Execution of unmapped memory through onreadystatechange event
* MFSA 2013-54/CVE-2013-1692 (bmo#866915)
Data in the body of XHR HEAD requests leads to CSRF attacks
* MFSA 2013-55/CVE-2013-1693 (bmo#711043)
SVG filters can lead to information disclosure
* MFSA 2013-56/CVE-2013-1694 (bmo#848535)
PreserveWrapper has inconsistent behavior
* MFSA 2013-57/CVE-2013-1695 (bmo#849791)
Sandbox restrictions not applied to nested frame elements
* MFSA 2013-58/CVE-2013-1696 (bmo#761667)
X-Frame-Options ignored when using server push with multi-part
responses
* MFSA 2013-59/CVE-2013-1697 (bmo#858101)
XrayWrappers can be bypassed to run user defined methods in a
privileged context
* MFSA 2013-60/CVE-2013-1698 (bmo#876044)
getUserMedia permission dialog incorrectly displays location
* MFSA 2013-61/CVE-2013-1699 (bmo#840882)
Homograph domain spoofing in .com, .net and .name
* Tue May 28 2013 wr@rosenauer.org
- update to SeaMonkey 2.17.1
* Tue Apr 09 2013 wr@rosenauer.org
- revert to use GStreamer 0.10 on 12.3 (bnc#814101)
* Tue Apr 02 2013 wr@rosenauer.org
- update to SeaMonkey 2.17 (bnc#813026)
* requires NSPR 4.9.5 and NSS 3.14.3
* mozilla-webrtc-ppc.patch included upstream
* MFSA 2013-30/CVE-2013-0788/CVE-2013-0789
Miscellaneous memory safety hazards
* MFSA 2013-31/CVE-2013-0800 (bmo#825721)
Out-of-bounds write in Cairo library
* MFSA 2013-35/CVE-2013-0796 (bmo#827106)
WebGL crash with Mesa graphics driver on Linux
* MFSA 2013-36/CVE-2013-0795 (bmo#825697)
Bypass of SOW protections allows cloning of protected nodes
* MFSA 2013-37/CVE-2013-0794 (bmo#626775)
Bypass of tab-modal dialog origin disclosure
* MFSA 2013-38/CVE-2013-0793 (bmo#803870)
Cross-site scripting (XSS) using timed history navigations
* MFSA 2013-39/CVE-2013-0792 (bmo#722831)
Memory corruption while rendering grayscale PNG images
- use GStreamer 1.0 starting with 12.3 (mozilla-gstreamer-1.patch)
* Fri Mar 15 2013 pcerny@suse.com
- update to SeaMonkey 2.16.2
* Sat Mar 09 2013 wr@rosenauer.org
- update to SeaMonkey 2.16.1 (bnc#808243)
* MFSA 2013-29/CVE-2013-0787 (bmo#848644)
Use-after-free in HTML Editor
* Mon Feb 18 2013 wr@rosenauer.org
- update to SeaMonkey 2.16 (bnc#804248)
* MFSA 2013-21/CVE-2013-0783/2013-0784
Miscellaneous memory safety hazards
* MFSA 2013-22/CVE-2013-0772 (bmo#801366)
Out-of-bounds read in image rendering
* MFSA 2013-23/CVE-2013-0765 (bmo#830614)
Wrapped WebIDL objects can be wrapped again
* MFSA 2013-24/CVE-2013-0773 (bmo#809652)
Web content bypass of COW and SOW security wrappers
* MFSA 2013-25/CVE-2013-0774 (bmo#827193)
Privacy leak in JavaScript Workers
* MFSA 2013-26/CVE-2013-0775 (bmo#831095)
Use-after-free in nsImageLoadingContent
* MFSA 2013-27/CVE-2013-0776 (bmo#796475)
Phishing on HTTPS connection through malicious proxy
* MFSA 2013-28/CVE-2013-0780/CVE-2013-0782/CVE-2013-0777/
CVE-2013-0778/CVE-2013-0779/CVE-2013-0781
Use-after-free, out of bounds read, and buffer overflow issues
found using Address Sanitizer
- removed obsolete patches
* mozilla-webrtc.patch
* mozilla-gstreamer-803287.patch
* Mon Feb 04 2013 wr@rosenauer.org
- update to SeaMonkey 2.15.2
* Applications could not be removed from the "Application details"
dialog under Preferences, Helper Applications (bmo#826771).
* View / Message Body As could show menu items out of context
(bmo#831348)
* Sun Jan 20 2013 wr@rosenauer.org
- update to SeaMonkey 2.15.1
* backed out bmo#677092 (removed patch)
* fixed problems involving HTTP proxy transactions
* Sun Jan 13 2013 wr@rosenauer.org
- backed out restartless language packs as it broke multi-locale
setup (bmo#677092, bmo#818468)
* Tue Jan 08 2013 wr@rosenauer.org
- update to SeaMonkey 2.15 (bnc#796895)
* MFSA 2013-01/CVE-2013-0749/CVE-2013-0769/CVE-2013-0770
Miscellaneous memory safety hazards
* MFSA 2013-02/CVE-2013-0760/CVE-2013-0762/CVE-2013-0766/CVE-2013-0767
CVE-2013-0761/CVE-2013-0763/CVE-2013-0771/CVE-2012-5829
Use-after-free and buffer overflow issues found using Address Sanitizer
* MFSA 2013-03/CVE-2013-0768 (bmo#815795)
Buffer Overflow in Canvas
* MFSA 2013-04/CVE-2012-0759 (bmo#802026)
URL spoofing in addressbar during page loads
* MFSA 2013-05/CVE-2013-0744 (bmo#814713)
Use-after-free when displaying table with many columns and column groups
* MFSA 2013-06/CVE-2013-0751 (bmo#790454)
Touch events are shared across iframes
* MFSA 2013-07/CVE-2013-0764 (bmo#804237)
Crash due to handling of SSL on threads
* MFSA 2013-08/CVE-2013-0745 (bmo#794158)
AutoWrapperChanger fails to keep objects alive during garbage collection
* MFSA 2013-09/CVE-2013-0746 (bmo#816842)
Compartment mismatch with quickstubs returned values
* MFSA 2013-10/CVE-2013-0747 (bmo#733305)
Event manipulation in plugin handler to bypass same-origin policy
* MFSA 2013-11/CVE-2013-0748 (bmo#806031)
Address space layout leaked in XBL objects
* MFSA 2013-12/CVE-2013-0750 (bmo#805121)
Buffer overflow in Javascript string concatenation
* MFSA 2013-13/CVE-2013-0752 (bmo#805024)
Memory corruption in XBL with XML bindings containing SVG
* MFSA 2013-14/CVE-2013-0757 (bmo#813901)
Chrome Object Wrapper (COW) bypass through changing prototype
* MFSA 2013-15/CVE-2013-0758 (bmo#813906)
Privilege escalation through plugin objects
* MFSA 2013-16/CVE-2013-0753 (bmo#814001)
Use-after-free in serializeToStream
* MFSA 2013-17/CVE-2013-0754 (bmo#814026)
Use-after-free in ListenerManager
* MFSA 2013-18/CVE-2013-0755 (bmo#814027)
Use-after-free in Vibrate
* MFSA 2013-19/CVE-2013-0756 (bmo#814029)
Use-after-free in Javascript Proxy objects
- requires NSS 3.14.1 (MFSA 2013-20, CVE-2013-0743)
- reenable WebRTC
- added mozilla-libproxy-compat.patch for libproxy API compat
on openSUSE 11.2 and earlier
* Tue Dec 18 2012 wr@rosenauer.org
- update to SeaMonkey 2.14.1
* fix regressions from 2.14 release
* Tue Nov 20 2012 wr@rosenauer.org
- update to SeaMonkey 2.14 (bnc#790140)
* MFSA 2012-91/CVE-2012-5842/CVE-2012-5843
Miscellaneous memory safety hazards
* MFSA 2012-92/CVE-2012-4202 (bmo#758200)
Buffer overflow while rendering GIF images
* MFSA 2012-93/CVE-2012-4201 (bmo#747607)
evalInSanbox location context incorrectly applied
* MFSA 2012-94/CVE-2012-5836 (bmo#792857)
Crash when combining SVG text on path with CSS
* MFSA 2012-96/CVE-2012-4204 (bmo#778603)
Memory corruption in str_unescape
* MFSA 2012-97/CVE-2012-4205 (bmo#779821)
XMLHttpRequest inherits incorrect principal within sandbox
* MFSA 2012-99/CVE-2012-4208 (bmo#798264)
XrayWrappers exposes chrome-only properties when not in chrome
compartment
* MFSA 2012-100/CVE-2012-5841 (bmo#805807)
Improper security filtering for cross-origin wrappers
* MFSA 2012-101/CVE-2012-4207 (bmo#801681)
Improper character decoding in HZ-GB-2312 charset
* MFSA 2012-103/CVE-2012-4209 (bmo#792405)
Frames can shadow top.location
* MFSA 2012-105/CVE-2012-4214/CVE-2012-4215/CVE-2012-4216/
CVE-2012-5829/CVE-2012-5839/CVE-2012-5840/CVE-2012-4212/
CVE-2012-4213/CVE-2012-4217/CVE-2012-4218
Use-after-free and buffer overflow issues found using Address
Sanitizer
* MFSA 2012-106/CVE-2012-5830/CVE-2012-5833/CVE-2012-5835/CVE-2012-5838
Use-after-free, buffer overflow, and memory corruption issues
found using Address Sanitizer
- rebased patches
- disabled WebRTC since build is broken (bmo#776877)
* Sat Oct 27 2012 wr@rosenauer.org
- update to SeaMonkey 2.13.2 (bnc#786522)
* MFSA 2012-90/CVE-2012-4194/CVE-2012-4195/CVE-2012-4196
(bmo#800666, bmo#793121, bmo#802557)
Fixes for Location object issues
* Fri Oct 12 2012 wr@rosenauer.org
- update to SeaMonkey 2.13.1 (bnc#783533)
* MFSA 2012-88/CVE-2012-4191 (bmo#798045)
Miscellaneous memory safety hazards
* MFSA 2012-89/CVE-2012-4192/CVE-2012-4193 (bmo#799952, bmo#720619)
defaultValue security checks not applied
* Mon Oct 08 2012 wr@rosenauer.org
- update to SeaMonkey 2.13 (bnc#783533)
* MFSA 2012-74/CVE-2012-3982/CVE-2012-3983
Miscellaneous memory safety hazards
* MFSA 2012-75/CVE-2012-3984 (bmo#575294)
select element persistance allows for attacks
* MFSA 2012-76/CVE-2012-3985 (bmo#655649)
Continued access to initial origin after setting document.domain
* MFSA 2012-77/CVE-2012-3986 (bmo#775868)
Some DOMWindowUtils methods bypass security checks
* MFSA 2012-79/CVE-2012-3988 (bmo#725770)
DOS and crash with full screen and history navigation
* MFSA 2012-80/CVE-2012-3989 (bmo#783867)
Crash with invalid cast when using instanceof operator
* MFSA 2012-81/CVE-2012-3991 (bmo#783260)
GetProperty function can bypass security checks
* MFSA 2012-82/CVE-2012-3994 (bmo#765527)
top object and location property accessible by plugins
* MFSA 2012-83/CVE-2012-3993/CVE-2012-4184 (bmo#768101, bmo#780370)
Chrome Object Wrapper (COW) does not disallow acces to privileged
functions or properties
* MFSA 2012-84/CVE-2012-3992 (bmo#775009)
Spoofing and script injection through location.hash
* MFSA 2012-85/CVE-2012-3995/CVE-2012-4179/CVE-2012-4180/
CVE-2012-4181/CVE-2012-4182/CVE-2012-4183
Use-after-free, buffer overflow, and out of bounds read issues
found using Address Sanitizer
* MFSA 2012-86/CVE-2012-4185/CVE-2012-4186/CVE-2012-4187/
CVE-2012-4188
Heap memory corruption issues found using Address Sanitizer
* MFSA 2012-87/CVE-2012-3990 (bmo#787704)
Use-after-free in the IME State Manager
- requires NSPR 4.9.2
- improve GStreamer integration (bmo#760140)
* Mon Sep 10 2012 wr@rosenauer.org
- update to SeaMonkey 2.12.1 (bnc#779936)
* Sites visited while in Private Browsing mode could be found
through manual browser cache inspection (bmo#787743)
* Mon Aug 27 2012 wr@rosenauer.org
- update to SeaMonkey 2.12 (bnc#777588)
* MFSA 2012-57/CVE-2012-1970
Miscellaneous memory safety hazards
* MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-2012-1975
CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/CVE-2012-3959
CVE-2012-3960/CVE-2012-3961/CVE-2012-3962/CVE-2012-3963/CVE-2012-3964
Use-after-free issues found using Address Sanitizer
* MFSA 2012-59/CVE-2012-1956 (bmo#756719)
Location object can be shadowed using Object.defineProperty
* MFSA 2012-61/CVE-2012-3966 (bmo#775794, bmo#775793)
Memory corruption with bitmap format images with negative height
* MFSA 2012-62/CVE-2012-3967/CVE-2012-3968
WebGL use-after-free and memory corruption
* MFSA 2012-63/CVE-2012-3969/CVE-2012-3970
SVG buffer overflow and use-after-free issues
* MFSA 2012-64/CVE-2012-3971
Graphite 2 memory corruption
* MFSA 2012-65/CVE-2012-3972 (bmo#746855)
Out-of-bounds read in format-number in XSLT
* MFSA 2012-68/CVE-2012-3975 (bmo#770684)
DOMParser loads linked resources in extensions when parsing
text/html
* MFSA 2012-69/CVE-2012-3976 (bmo#768568)
Incorrect site SSL certificate data display
* MFSA 2012-70/CVE-2012-3978 (bmo#770429)
Location object security checks bypassed by chrome code
- enable GStreamer for 12.1 and higher
- use internal libjpeg
* Sun Jul 29 2012 wr@rosenauer.org
- import PPC patch from Firefox:
* add patches for bmo#750620 and bmo#746112
* fix xpcshell segfault on ppc
* Mon Jul 16 2012 wr@rosenauer.org
- update to Seamonkey 2.11 (bnc#771583)
* MFSA 2012-42/CVE-2012-1949/CVE-2012-1948
Miscellaneous memory safety hazards
* MFSA 2012-44/CVE-2012-1951/CVE-2012-1954/CVE-2012-1953/CVE-2012-1952
Gecko memory corruption
* MFSA 2012-45/CVE-2012-1955 (bmo#757376)
Spoofing issue with location
* MFSA 2012-47/CVE-2012-1957 (bmo#750096)
Improper filtering of javascript in HTML feed-view
* MFSA 2012-48/CVE-2012-1958 (bmo#750820)
use-after-free in nsGlobalWindow::PageHidden
* MFSA 2012-49/CVE-2012-1959 (bmo#754044, bmo#737559)
Same-compartment Security Wrappers can be bypassed
* MFSA 2012-50/CVE-2012-1960 (bmo#761014)
Out of bounds read in QCMS
* MFSA 2012-51/CVE-2012-1961 (bmo#761655)
X-Frame-Options header ignored when duplicated
* MFSA 2012-52/CVE-2012-1962 (bmo#764296)
JSDependentString::undepend string conversion results in memory
corruption
* MFSA 2012-53/CVE-2012-1963 (bmo#767778)
Content Security Policy 1.0 implementation errors cause data
leakage
* MFSA 2012-56/CVE-2012-1967 (bmo#758344)
Code execution through javascript: URLs
* relicensed to MPL-2.0
- updated/removed patches
- requires NSS 3.13.5
* Fri Jun 15 2012 wr@rosenauer.org
- update to Seamonkey 2.10.1
* Mon Jun 04 2012 wr@rosenauer.org
- update to Seamonkey 2.10 (bnc#765204)
* MFSA 2012-34/CVE-2012-1938/CVE-2012-1937/CVE-2011-3101
Miscellaneous memory safety hazards
* MFSA 2012-36/CVE-2012-1944 (bmo#751422)
Content Security Policy inline-script bypass
* MFSA 2012-37/CVE-2012-1945 (bmo#670514)
Information disclosure though Windows file shares and shortcut
files
* MFSA 2012-38/CVE-2012-1946 (bmo#750109)
Use-after-free while replacing/inserting a node in a document
* MFSA 2012-40/CVE-2012-1947/CVE-2012-1940/CVE-2012-1941
Buffer overflow and use-after-free issues found using Address
Sanitizer
- requires NSS 3.13.4
* MFSA 2012-39/CVE-2012-0441 (bmo#715073)
* Mon Apr 30 2012 wr@rosenauer.org
- update to Seamonkey 2.9.1
* fix regressions
- POP3 filters (bmo#748090)
- Message Body not loaded when using "Fetch Headers Only"
(bmo#748865)
- Received messages contain parts of other messages with
movemail account (bmo#748726)
- New mail notification issue (bmo#748997)
- crash in nsMsgDatabase::MatchDbName (bmo#748432)
* Fri Apr 27 2012 wr@rosenauer.org
- fixed build with gcc 4.7
* Mon Apr 23 2012 wr@rosenauer.org
- update to Seamonkey 2.9 (bnc#758408)
* MFSA 2012-20/CVE-2012-0467/CVE-2012-0468
Miscellaneous memory safety hazards
* MFSA 2012-22/CVE-2012-0469 (bmo#738985)
use-after-free in IDBKeyRange
* MFSA 2012-23/CVE-2012-0470 (bmo#734288)
Invalid frees causes heap corruption in gfxImageSurface
* MFSA 2012-24/CVE-2012-0471 (bmo#715319)
Potential XSS via multibyte content processing errors
* MFSA 2012-25/CVE-2012-0472 (bmo#744480)
Potential memory corruption during font rendering using cairo-dwrite
* MFSA 2012-26/CVE-2012-0473 (bmo#743475)
WebGL.drawElements may read illegal video memory due to
FindMaxUshortElement error
* MFSA 2012-27/CVE-2012-0474 (bmo#687745, bmo#737307)
Page load short-circuit can lead to XSS
* MFSA 2012-28/CVE-2012-0475 (bmo#694576)
Ambiguous IPv6 in Origin headers may bypass webserver access
restrictions
* MFSA 2012-29/CVE-2012-0477 (bmo#718573)
Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues
* MFSA 2012-30/CVE-2012-0478 (bmo#727547)
Crash with WebGL content using textImage2D
* MFSA 2012-31/CVE-2011-3062 (bmo#739925)
Off-by-one error in OpenType Sanitizer
* MFSA 2012-32/CVE-2011-1187 (bmo#624621)
HTTP Redirections and remote content can be read by javascript errors
* MFSA 2012-33/CVE-2012-0479 (bmo#714631)
Potential site identity spoofing when loading RSS and Atom feeds
* Sat Apr 21 2012 wr@rosenauer.org
- update to 2.9b4
- added mozilla-sle11.patch and add exceptions to be able to build
for SLE11/11.1
- exclude broken gl locale from build
- fixed build on 11.2-x86_64 by adding mozilla-revert_621446.patch
- added mozilla-gcc47.patch and mailnews-literals.patch to fix
compilation issues with recent gcc 4.7
* Tue Mar 13 2012 wr@rosenauer.org
- update to Seamonkey 2.8 (bnc#750044)
* MFSA 2012-13/CVE-2012-0455 (bmo#704354)
XSS with Drag and Drop and Javascript: URL
* MFSA 2012-14/CVE-2012-0456/CVE-2012-0457 (bmo#711653, #720103)
SVG issues found with Address Sanitizer
* MFSA 2012-15/CVE-2012-0451 (bmo#717511)
XSS with multiple Content Security Policy headers
* MFSA 2012-16/CVE-2012-0458
Escalation of privilege with Javascript: URL as home page
* MFSA 2012-17/CVE-2012-0459 (bmo#723446)
Crash when accessing keyframe cssText after dynamic modification
* MFSA 2012-18/CVE-2012-0460 (bmo#727303)
window.fullScreen writeable by untrusted content
* MFSA 2012-19/CVE-2012-0461/CVE-2012-0462/CVE-2012-0464/
CVE-2012-0463
Miscellaneous memory safety hazards
- explicitely build-require X libs
* Thu Feb 16 2012 wr@rosenauer.org
- update to Seamonkey 2.7.2 (bnc#747328)
* CVE-2011-3026 (bmo#727401)
libpng: integer overflow leading to heap-buffer overflow
* Thu Feb 09 2012 wr@rosenauer.org
- update to Seamonkey 2.7.1 (bnc#746616)
* MFSA 2012-10/CVE-2012-0452 (bmo#724284)
use after free in nsXBLDocumentInfo::ReadPrototypeBindings
- Use YARR interpreter instead of PCRE on platforms where YARR JIT
is not supported, since PCRE doesnt build (bmo#691898)
- fix ppc64 build (bmo#703534)
* Tue Jan 31 2012 wr@rosenauer.org
- update to Seamonkey 2.7 (bnc#744275)
* MFSA 2012-01/CVE-2012-0442/CVE-2012-0443
Miscellaneous memory safety hazards
* MFSA 2012-03/CVE-2012-0445 (bmo#701071)
<iframe> element exposed across domains via name attribute
* MFSA 2012-04/CVE-2011-3659 (bmo#708198)
Child nodes from nsDOMAttribute still accessible after removal
of nodes
* MFSA 2012-05/CVE-2012-0446 (bmo#705651)
Frame scripts calling into untrusted objects bypass security
checks
* MFSA 2012-06/CVE-2012-0447 (bmo#710079)
Uninitialized memory appended when encoding icon images may
cause information disclosure
* MFSA 2012-07/CVE-2012-0444 (bmo#719612)
Potential Memory Corruption When Decoding Ogg Vorbis files
* MFSA 2012-08/CVE-2012-0449 (bmo#701806, bmo#702466)
Crash with malformed embedded XSLT stylesheets
* Sat Dec 24 2011 wr@rosenauer.org
- update to Seamonkey 2.6.1
* (strongparent) parentNode of element gets lost (bmo#335998)
* Sun Dec 18 2011 wr@rosenauer.org
- update to 2.6 (bnc#737533)
* MFSA 2011-53/CVE-2011-3660
Miscellaneous memory safety hazards (rv:9.0)
* MFSA 2011-54/CVE-2011-3661 (bmo#691299)
Potentially exploitable crash in the YARR regular expression
library
* MFSA 2011-55/CVE-2011-3658 (bmo#708186)
nsSVGValue out-of-bounds access
* MFSA 2011-56/CVE-2011-3663 (bmo#704482)
Key detection without JavaScript via SVG animation
* MFSA 2011-58/VE-2011-3665 (bmo#701259)
Crash scaling <video> to extreme sizes
* Thu Nov 24 2011 pcerny@suse.com
- update to 2.5 (bnc#728520)
* MFSA 2011-47/CVE-2011-3648 (bmo#690225)
Potential XSS against sites using Shift-JIS
* MFSA 2011-48/CVE-2011-3651/CVE-2011-3652/CVE-2011-3654
Miscellaneous memory safety hazards
* MFSA 2011-49/CVE-2011-3650 (bmo#674776)
Memory corruption while profiling using Firebug
* MFSA 2011-52/CVE-2011-3655 (bmo#672182)
Code execution via NoWaiverWrapper
* Mon Oct 03 2011 wr@rosenauer.org
- update to minor release 2.4.1
* fixed staged addon updates
* Mon Sep 26 2011 wr@rosenauer.org
- update to 2.4 (bnc#720264)
* MFSA 2011-36/CVE-2011-2995/CVE-2011-2996/CVE-2011-2997
Miscellaneous memory safety hazards
* MFSA 2011-39/CVE-2011-3000 (bmo#655389)
Defense against multiple Location headers due to CRLF Injection
* MFSA 2011-40/CVE-2011-2372/CVE-2011-3001
Code installation through holding down Enter
* MFSA 2011-41/CVE-2011-3002/CVE-2011-3003 (bmo#680840, bmo#682335)
Potentially exploitable WebGL crashes
* MFSA 2011-42/CVE-2011-3232 (bmo#653672)
Potentially exploitable crash in the YARR regular expression
library
* MFSA 2011-43/CVE-2011-3004 (bmo#653926)
loadSubScript unwraps XPCNativeWrapper scope parameter
* MFSA 2011-44/CVE-2011-3005 (bmo#675747)
Use after free reading OGG headers
* MFSA 2011-45
Inferring keystrokes from motion data
- removed obsolete mozilla-cairo-lcd.patch
- rebased patches
- removed XLIB_SKIP_ARGB_VISUALS=1 from environment in
mozilla.sh.in (bnc#680758)
* Wed Sep 14 2011 wr@rosenauer.org
- add dbus-1-glib-devel to BuildRequires (not pulled in
automatically with 12.1)
* Wed Sep 07 2011 pcerny@suse.com
- security update to 2.3.3 (bnc#714931)
* Complete blocking of certificates issued by DigiNotar
(bmo#683449)
* Fri Sep 02 2011 pcerny@suse.com
- security update to 2.3.2 (bnc#714931)
* MFSA 2011-34
Protection against fraudulent DigiNotar certificates
(bmo#682927)
* Mon Aug 15 2011 wr@rosenauer.org
- update to version 2.3 (bnc#712224)
included security fixes
* CVE-2011-2989/CVE-2011-2991/CVE-2011-2992/CVE-2011-2985
Miscellaneous memory safety hazards
* CVE-2011-2993 (bmo#657267)
Unsigned scripts can call script inside signed JAR
* CVE-2011-2988 (bmo#665934)
Heap overflow in ANGLE library
* CVE-2011-0084 (bmo#648094)
Crash in SVGTextElement.getCharNumAtPosition()
* CVE-2011-2990
Credential leakage using Content Security Policy reports
* CVE-2011-2986 (bmo#655836)
Cross-origin data theft using canvas and Windows D2D
* Gecko 6
* removed obsolete mozilla-gio.patch
* Fri Jul 08 2011 wr@rosenauer.org
- update to version 2.2
* Gecko 5
included fixes for security issues: (bnc#701296, bnc#700578)
* MFSA 2011-19/CVE-2011-2374 CVE-2011-2375
Miscellaneous memory safety hazards
* MFSA 2011-20/CVE-2011-2373 (bmo#617247)
Use-after-free vulnerability when viewing XUL document with
script disabled
* MFSA 2011-21/CVE-2011-2377 (bmo#638018, bmo#639303)
Memory corruption due to multipart/x-mixed-replace images
* MFSA 2011-22/CVE-2011-2371 (bmo#664009)
Integer overflow and arbitrary code execution in
Array.reduceRight()
* MFSA 2011-25/CVE-2011-2366
Stealing of cross-domain images using WebGL textures
* MFSA 2011-26/CVE-2011-2367 CVE-2011-2368
Multiple WebGL crashes
* MFSA 2011-27/CVE-2011-2369 (bmo#650001)
XSS encoding hazard with inline SVG
* MFSA 2011-28/CVE-2011-2370 (bmo#645699)
Non-whitelisted site can trigger xpinstall
* Mon Jun 13 2011 wr@rosenauer.org
- use faster version for find-external-requires.sh
(from Petr Cerny)
- removed obsolete default preferences
- ported UA locale fix (bnc#582654)
- updated supported locale RPM tags
* Fri Jun 10 2011 wr@rosenauer.org
- major update to version 2.1
* Gecko 2.0 (with all its features)
- avoid __DATE__ and __TIME__ usage
* Wed Mar 23 2011 wr@rosenauer.org
- security update to version 2.0.13 (bnc#680771)
* MFSA 2011-11 (bmo#642395)
Update HTTPS certificate blacklist
* Mon Jan 24 2011 wr@rosenauer.org
- security update to version 2.0.12 (bnc#667155)
* MFSA 2011-01/CVE-2011-0053/CVE-2011-0062
Miscellaneous memory safety hazards (rv:1.9.2.14/ 1.9.1.17)
* MFSA 2011-02/CVE-2011-0051 (bmo#616659)
Recursive eval call causes confirm dialogs to evaluate to true
* MFSA 2011-03/CVE-2011-0055 (bmo#616009, bmo#619255)
Use-after-free error in JSON.stringify
* MFSA 2011-04/CVE-2011-0054 (bmo#615657)
Buffer overflow in JavaScript upvarMap
* MFSA 2011-05/CVE-2011-0056 (bmo#622015)
Buffer overflow in JavaScript atom map
* MFSA 2011-06/CVE-2011-0057 (bmo#626631)
Use-after-free error using Web Workers
* MFSA 2011-08/CVE-2010-1585 (bmo#562547)
ParanoidFragmentSink allows javascript: URLs in chrome documents
* MFSA 2011-09/CVE-2011-0061 (bmo#610601)
Crash caused by corrupted JPEG image
* MFSA 2011-10/CVE-2011-0059 (bmo#573873)
CSRF risk with plugins and 307 redirects
* Mon Jan 10 2011 wr@rosenauer.org
- add x-scheme-handlers to desktop files as needed by newer Gnome
environment
* Thu Nov 25 2010 wr@rosenauer.org
- security update to version 2.0.11 (bnc#657016)
* MFSA 2010-74/CVE-2010-3776/CVE-2010-3777/CVE-2010-3778
Miscellaneous memory safety hazards (rv:1.9.2.13/ 1.9.1.16)
* MFSA 2010-75/CVE-2010-3769 (bmo#608336)
Buffer overflow while line breaking after document.write with
long string
* MFSA 2010-76/CVE-2010-3771 (bmo#609437)
Chrome privilege escalation with window.open and <isindex> element
* MFSA 2010-77/CVE-2010-3772 (bmo#594547)
Crash and remote code execution using HTML tags inside a XUL tree
* MFSA 2010-78/CVE-2010-3768 (bmo#527276)
Add support for OTS font sanitizer
* MFSA 2010-79/CVE-2010-3775
Java security bypass from LiveConnect loaded via data: URL
meta refresh
* MFSA 2010-80/CVE-2010-3766 (bmo#590771)
Use-after-free error with nsDOMAttribute MutationObserver
* MFSA 2010-81/CVE-2010-3767 (bmo#599468)
Integer overflow vulnerability in NewIdArray
* MFSA 2010-82/CVE-2010-3773 (bmo#554449)
Incomplete fix for CVE-2010-0179
* MFSA 2010-83/VE-2010-3774 (bmo#602780)
Location bar SSL spoofing using network error page
* MFSA 2010-84/CVE-2010-3770 (bmo#601429)
XSS hazard in multiple character encodings
* Wed Oct 27 2010 wr@rosenauer.org
- security update to version 2.0.10 (bnc#649492)
* MFSA 2010-73/CVE-2010-3765 (bmo#607222)
Heap buffer overflow mixing document.write and DOM insertion
* Thu Oct 07 2010 wr@rosenauer.org
- security update to version 2.0.9 (bnc#645315)
* MFSA 2010-64/CVE-2010-3174/CVE-2010-3175/CVE-2010-3176
Miscellaneous memory safety hazards
* MFSA 2010-65/CVE-2010-3179 (bmo#583077)
Buffer overflow and memory corruption using document.write
* MFSA 2010-66/CVE-2010-3180 (bmo#588929)
Use-after-free error in nsBarProp
* MFSA 2010-67/CVE-2010-3183 (bmo#598669)
Dangling pointer vulnerability in LookupGetterOrSetter
* MFSA 2010-68/CVE-2010-3177 (bmo#556734)
XSS in gopher parser when parsing hrefs
* MFSA 2010-69/CVE-2010-3178 (bmo#576616)
Cross-site information disclosure via modal calls
* MFSA 2010-70/CVE-2010-3170 (bmo#578697)
SSL wildcard certificate matching IP addresses
* MFSA 2010-71/CVE-2010-3182 (bmo#590753, bnc#642502)
Unsafe library loading vulnerabilities
* MFSA 2010-72/CVE-2010-3173
Insecure Diffie-Hellman key exchange
* removed upstreamed mozilla-helper-app.patch
- require mozilla-nss >= 3.12.8
* Wed Sep 15 2010 wr@rosenauer.org
- update to 2.0.8
* fixing startup topcrash (bmo#594699)
* add "face" to the list of white-listed attributes (bmo#592601)
- added Cairo LCD filter patch to enable subpixel hinting where
supported (bnc#638186) (mozilla-cairo-lcd.patch)
* Thu Aug 26 2010 wr@rosenauer.org
- security upate to 2.0.7 (bnc#637303)
* MFSA 2010-49/CVE-2010-3169
Miscellaneous memory safety hazards
* MFSA 2010-50/CVE-2010-2765 (bmo#576447)
Frameset integer overflow vulnerability
* MFSA 2010-51/CVE-2010-2767 (bmo#584512)
Dangling pointer vulnerability using DOM plugin array
* MFSA 2010-53/CVE-2010-3166 (bmo#579655)
Heap buffer overflow in nsTextFrameUtils::TransformText
* MFSA 2010-54/CVE-2010-2760 (bmo#585815)
Dangling pointer vulnerability in nsTreeSelection
* MFSA 2010-55/CVE-2010-3168 (bmo#576075)
XUL tree removal crash and remote code execution
* MFSA 2010-56/CVE-2010-3167 (bmo#576070)
Dangling pointer vulnerability in nsTreeContentView
* MFSA 2010-57/CVE-2010-2766 (bmo#580445)
Crash and remote code execution in normalizeDocument
* MFSA 2010-60/CVE-2010-2763 (bmo#585284)
XSS using SJOW scripted function
* MFSA 2010-61/CVE-2010-2768 (bmo#579744)
UTF-7 XSS by overriding document charset using <object> type
attribute
* MFSA 2010-62/CVE-2010-2769 (bmo#520189)
Copy-and-paste or drag-and-drop into designMode document allows
XSS
* MFSA 2010-63/CVE-2010-2764 (bmo#552090)
Information leak via XMLHttpRequest statusText
- always use internal cairo (bnc#622375, bnc#626042)
* Fri Jul 16 2010 wr@rosenauer.org
- security update to 2.0.6 (bnc#622506)
* MFSA 2010-34/CVE-2010-1211/CVE-2010-1212
Miscellaneous memory safety hazards
* MFSA 2010-35/CVE-2010-1208 (bmo#572986)
DOM attribute cloning remote code execution vulnerability
* MFSA 2010-36/CVE-2010-1209 (bmo#552110)
Use-after-free error in NodeIterator
* MFSA 2010-37/CVE-2010-1214 (bmo#572985)
Plugin parameter EnsureCachedAttrParamArrays remote code
execution vulnerability
* MFSA 2010-39/CVE-2010-2752 (bmo#574059)
nsCSSValue::Array index integer overflow
* MFSA 2010-40/CVE-2010-2753 (bmo#571106)
nsTreeSelection dangling pointer remote code execution
vulnerability
* MFSA 2010-41/CVE-2010-1205 (bmo#570451)
Remote code execution using malformed PNG image
* MFSA 2010-42/CVE-2010-1213 (bmo#568148)
Cross-origin data disclosure via Web Workers and importScripts
* MFSA 2010-45/CVE-2010-1206/CVE-2010-2751 (bmo#536466,556957)
Multiple location bar spoofing vulnerabilities
* MFSA 2010-46/CVE-2010-0654 (bmo#524223)
Cross-domain data theft using CSS
* MFSA 2010-47/CVE-2010-2754 (bmo#568564)
Cross-origin data leakage from script filename in error messages
* Fri May 07 2010 wr@rosenauer.org
- security update to 2.0.5 (bnc#603356)
* MFSA 2010-25/CVE-2010-1121 (bmo#555109)
Re-use of freed object due to scope confusion
* MFSA 2010-26/CVE-2010-1200/CVE-2010-1201/CVE-2010-1202/
CVE-2010-1203
Crashes with evidence of memory corruption (rv:1.9.1.10)
* MFSA 2010-27/CVE-2010-0183 (bmo#557174)
Use-after-free error in nsCycleCollector::MarkRoots()
* MFSA 2010-28/CVE-2010-1198 (bmo#532246)
Freed object reuse across plugin instances
* MFSA 2010-29/CVE-2010-1196 (bmo#534666)
Heap buffer overflow in nsGenericDOMDataNode::SetTextInternal
* MFSA 2010-30/CVE-2010-1199 (bmo#554255)
Integer Overflow in XSLT Node Sorting
* MFSA 2010-31/CVE-2010-1125 (bmo#552255)
focus() behavior can be used to inject or steal keystrokes
* MFSA 2010-32/CVE-2010-1197 (bmo#537120)
Content-Disposition: attachment ignored if
Content-Type: multipart also present
* MFSA 2010-33/CVE-2008-5913 (bmo#475585)
User tracking across sites using Math.random()
* Wed Mar 17 2010 wr@rosenauer.org
- security update to 2.0.4 (bnc#586567)
* MFSA 2010-16/CVE-2010-0173/CVE-2010-0174
Crashes with evidence of memory corruption
* MFSA 2010-17/CVE-2010-0175 (bmo#540100,375928)
Remote code execution with use-after-free in nsTreeSelection
* MFSA 2010-18/CVE-2010-0176 (bmo#538308)
Dangling pointer vulnerability in nsTreeContentView
* MFSA 2010-19/CVE-2010-0177 (bmo#538310)
Dangling pointer vulnerability in nsPluginArray
* MFSA 2010-20/CVE-2010-0178 (bmo#546909)
Chrome privilege escalation via forced URL drag and drop
* MFSA 2010-22/CVE-2009-3555 (bmo#545755)
Update NSS to support TLS renegotiation indication
* MFSA 2010-23/CVE-2010-0181 (bmo#452093)
Image src redirect to mailto: URL opens email editor
* MFSA 2010-24/CVE-2010-0182 (bmo#490790)
XMLDocument::load() doesn't check nsIContentPolicy
* Wed Feb 24 2010 wr@rosenauer.org
- added translation subpackages
* Wed Feb 17 2010 wr@rosenauer.org
- security update to 2.0.3 (bnc#576969)
* MFSA-2010-01/CVE-2010-0159
Crashes with evidence of memory corruption
* MFSA-2010-02/CVE-2010-0160
Web Worker Array Handling Heap Corruption Vulnerability
* MFSA-2010-03/CVE-2009-1571 (bmo#526500)
Use-after-free crash in HTML parser
* MFSA-2010-04/CVE-2009-3988 (bmo#504862)
XSS due to window.dialogArguments being readable cross-domain
* MFSA-2010-05/CVE-2010-0162 (bmo#455472)
XSS hazard using SVG document and binary Content-Type
* Mon Jan 18 2010 vuntz@opensuse.org
- Remove unneeded orbit-devel BuildRequires.
* Tue Jan 05 2010 wr@rosenauer.org
- stability update to 2.0.2 (bnc#568011)
* DNS resolution in MakeSN of nsAuthSSPI causing issues for
proxy servers that support NTLM auth (bmo#535193)
* Thu Dec 10 2009 wr@rosenauer.org
- security update to 2.0.1 (bnc#559807)
* MFSA 2009-65/CVE-2009-3979/CVE-2009-3980/CVE-2009-3982
Crashes with evidence of memory corruption (rv:1.9.1.6)
* MFSA 2009-66/CVE-2009-3388 (bmo#504843,bmo#523816)
Memory safety fixes in liboggplay media library
* MFSA 2009-67/CVE-2009-3389 (bmo#515882,bmo#504613)
Integer overflow, crash in libtheora video library
* MFSA 2009-68/CVE-2009-3983 (bmo#487872)
NTLM reflection vulnerability
* MFSA 2009-69/CVE-2009-3984/CVE-2009-3985 (bmo#521461,bmo#514232)
Location bar spoofing vulnerabilities
* MFSA 2009-70/VE-2009-3986 (bmo#522430)
Privilege escalation via chrome window.opener
* Mon Oct 19 2009 wr@rosenauer.org
- update to 2.0rc2 which might become the final 2.0 version
* based on final Gecko 1.9.1.4 (build3)
* Thu Oct 08 2009 wr@rosenauer.org
- update to 2.0rc1
* based on Gecko 1.9.1.4
* removed upstreamed patches
* compatible with enigmail (bnc#544326, bnc#530811)
- fixed startup notification (bnc#518603)
(mozilla-startup-notification.patch)
* Mon Sep 14 2009 wr@rosenauer.org
- update to 2.0b2
* removed obsolete mozilla-jemalloc_deepbind.patch and
mozilla-app-launcher.patch
- remove obsolete code for protocol handlers (bmo#389732)
- allow alternative button order for Gtk filechooser (bnc#527418)
- added mozilla-prefer_plugin_pref.patch to introduce a new set of
prefs to support preferring certain plugins for mime-types
- added mozilla-sysplugin-biarch.patch to use
/usr/$LIB/mozilla/plugins as system plugin dir (bmo#496708)
* Thu Aug 20 2009 wr@rosenauer.org
- added Provides and Obsoletes for package merge (bnc#532678)
- allow alternative button order for Gtk filechooser (bnc#527418)
* Tue Jul 28 2009 wr@rosenauer.org
- fixed %exclude usage
* Tue Jul 21 2009 wr@rosenauer.org
- update to 2.0b1
- added create-tar.sh to source package
- removed enigmail as it's provided as an own package built in
Thunderbird now
* Thu Jul 09 2009 @rosenauer.org
- update to 2.0a3-20090707 snapshot
- define MOZ_APP_LAUNCHER for session management (bmo#453689)
(mozilla-app-launcher.patch and mozilla.sh.in)
- move intl.locale.matchOS to distribution specific prefs
(removed locale.patch)
- moved openSUSE specific prefs from greprefs to app prefs
- added mozilla-jemalloc_deepbind.patch to fix various possible
crashes (bnc#503151, bmo#493541)
- added seamonkey-no-update.patch to hide the update menu item
* Wed Jun 17 2009 wr@rosenauer.org
- major update to 2.0a3-20090617
* based on Gecko 1.9.1
* ported to Mozilla's toolkit
* Sat Apr 11 2009 wr@rosenauer.org
- security update to 1.1.16 (bnc#488955,489411,492354)
* MFSA 2009-12/CVE-2009-1169 (bmo#460090,485217)
Crash and remote code execution in XSL transformation
* MFSA 2009-13/CVE-2009-1044 (bmo#484320)
Arbitrary code execution via XUL tree moveToEdgeShift
* Thu Mar 19 2009 wr@rosenauer.org
- update to security release 1.1.15 (bnc#478625)
* MFSA 2009-07/CVE-2009-0771, CVE-2009-0772, CVE-2009-0773
CVE-2009-0774:
Crashes with evidence of memory corruption (rv:1.9.0.7)
* MFSA 2009-09/CVE-2009-0776:
XML data theft via RDFXMLDataSource and cross-domain redirect
* MFSA 2009-10/CVE-2009-0040:
Upgrade PNG library to fix memory safety hazards
- use nss-shared-helper from 11.1 on which allows migrating to and
sharing with other applications using NSS
(can be disabled completely exporting MOZ_SM_NO_NSSHELPER=1)
* Wed Dec 17 2008 hfiguiere@suse.de
- Review and approve changes.
* Mon Dec 15 2008 wr@rosenauer.org
- update to security release 1.1.14 (bnc#455804)
for details:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
* Mon Nov 17 2008 maw@suse.de
- Review and approve changes.
* Tue Nov 11 2008 wr@rosenauer.org
- update to security release 1.1.13 (bnc#439841)
for details:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
- fixed desktop file syntax and another rpmlint complaint
* Wed Oct 15 2008 maw@suse.de
- Review and approve changes.
* Tue Sep 23 2008 wr@rosenauer.org
- update to security release 1.1.12 (bnc#429179)
for details:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
- merged Factoy and mozilla versions (again)
* Fri Sep 05 2008 mauro@suse.de
- Update to Seamonkey 1.1.11 [bnc#407573, bnc#416147]
for details:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html
- update enigmail to 0.95.7
* Fri May 16 2008 schwab@suse.de
- Remove unused includes.
* Wed Apr 09 2008 maw@suse.de
- Merge changes and fixes from the build service.
* Wed Apr 02 2008 maw@suse.de
- Security update to version 1.1.9 (bnc#370353):
+ MFSA 2008-19/CVE-2008-1241: XUL popup spoofing variant
(cross-tab popups)
+ MFSA 2008-18/CVE-2008-1195 and CVE-2008-1240: Java socket
connection to any local port via LiveConnect
+ MFSA 2008-17/CVE-2007-4879: Privacy issue with SSL Client
Authentication
+ MFSA 2008-16/CVE-2008-1238: HTTP Referrer spoofing with
malformed URLs
+ MFSA 2008-15/CVE-2008-1236 and CVE-2008-1237: Crashes with
evidence of memory corruption (rv:1.8.1.13)
+ MFSA 2008-14/CVE-2008-1233, CVE-2008-1234, and CVE-2008-1235:
JavaScript privilege escalation and arbitrary code execution
- Respin abuild.patch.
* Mon Mar 24 2008 maw@suse.de
- Add mozilla-missing-decl.patch, which is necessary when building
against new versions of mozilla-nss (bmo#399589).
* Mon Feb 11 2008 maw@suse.de
- Security update to version 1.1.8 (bnc#354469) (thanks, Wolfgang)
+ MFSA 2008-10/CVE-2008-0593 URL token stealing via stylesheet
redirect
+ MFSA 2008-09/CVE-2008-0592 Mishandling of locally-saved plain
text files
+ MFSA 2008-06/CVE-2008-0419 Web browsing history and forward
navigation stealing
+ MFSA 2008-05/CVE-2008-0418 Directory traversal via chrome:
URI
+ MFSA 2008-03/CVE-2008-0415 Privilege escalation, XSS, Remote
Code Execution
+ MFSA 2008-02/CVE-2008-0414 Multiple file input focus stealing
vulnerabilities
+ MFSA 2008-01/CVE-2008-0412 Crashes with evidence of memory
corruption (rv:1.8.1.12)
- Update enigmail to version 0.95.6.
* Thu Jan 17 2008 maw@suse.de
- Add mozilla-maxpathlen.patch (#354150 and bmo #412610).
* Tue Nov 13 2007 maw@suse.de
- Add seamonkey-gcc4.3-fixes.patch.
* Fri Oct 19 2007 maw@suse.de
- security update to version 1.1.5 (#332512) (thanks, Wolfgang)
* MFSA 2007-29 Crashes with evidence of memory corruption
* MFSA 2007-30 onUnload Tailgating
* MFSA 2007-31 Digest authentication request splitting
* MFSA 2007-32 File input focus stealing vulnerability
* MFSA 2007-33 XUL pages can hide the window titlebar
* MFSA 2007-34 Possible file stealing through sftp protocol
* MFSA 2007-35 XPCNativeWraper pollution using Script object
complete advisories on
http://www.mozilla.org/projects/security/known-vulnerabilities.html
* Thu Sep 13 2007 cthiel@suse.de
- recommend gpg instead of requireing fixed paths
* Wed Sep 12 2007 maw@suse.de
- Added GPG/pinentry requirements (#309160)
- Don't run %fdupes on directories where multiple partitions
are liable to be mounted.
* Mon Sep 03 2007 maw@suse.de
- Correct releasedate.
* Tue Aug 21 2007 maw@suse.de
- Merge recent changes from the build service (thanks, Wolfgang):
+ Update to security release 1.1.4:
* MFSA 2007-26 Privilege escalation through chrome-loaded
about:blank windows
* MFSA 2007-27 Unescaped URIs passed to external programs
(only relevant on Windows)
+ Add gnome-vfs.patch to be able to use helper apps with parameters
+ Update enigmail to version 0.95.3
+ Fixed unreadable GIF in the LEO searchplugin
- Use %fdupes.
* Tue Aug 21 2007 aj@suse.de
- Use openSUSE instead of SUSE Linux as bookmark.
* Wed Aug 15 2007 maw@suse.de
- On x86_64, s390, and s390x, deactivate the hidden visibility
support, thereby fixing the build.
* Thu Jun 21 2007 adrian@suse.de
- fix changelog entry order
* Wed Jun 20 2007 maw@suse.de
- Don't hardcode /tmp anywhere; use %{_tmppath} instead.
* Tue Jun 19 2007 maw@suse.de
- Merge updates to version 1.1.2 and enigmail version 0.95.0 from
the build service (thanks, Wolfgang)
- Don't build as root
- Add unzip as a build requirement.
* Thu Jun 07 2007 sbrabec@suse.cz
- Removed invalid desktop Category "Application" (#254654).
* Wed May 02 2007 stbinner@suse.de
- install .desktop files into /usr/share/applications
* Wed Dec 20 2006 mkoenig@suse.de
- fix build
* Thu Nov 16 2006 mkoenig@suse.de
- update to CVS version 20061107 from buildservice [#221676]
* Wed Nov 15 2006 sbrabec@suse.cz
- Fixed Requires/Provides correctly (#216100#c14).
* Fri Nov 03 2006 sbrabec@suse.cz
- Do not provide and require internal libraries (#216100).
- Use safer place for build-temporary files.
* Sat Oct 21 2006 aj@suse.de
- from openSUSE Buildservice (thanks Wolfgang Rosenauer):
* update to SeaMonkey 1.1a-20060907
* update enigmail to 0.94.1: Added support for signing
attachments with inline-PGP
* Tue Sep 12 2006 stark@suse.de
- update to security/stability release 1.0.5
- removed libaoss usage because it's too fragile
* Sun Aug 06 2006 stark@suse.de
- update enigmail to 0.94.1
* Added support for signing attachments with inline-PGP
* Sun Aug 06 2006 aj@suse.de
- Fix build (remove wrong extern "C").
* Sat Jul 29 2006 stark@suse.de
- update to 1.0.4 fixing a major regression in 1.0.3 (#195402)
* Thu Jul 27 2006 stark@suse.de
- update to security release 1.0.3 (#195043)
- fix overwrite confirmation for GTK filesaver (#179531)
- fixed printing crash if the last used printer is not available
anymore (#187013)
* Fri Jun 02 2006 stark@suse.de
- update to security/stability release 1.0.2 (#179011)
(http://www.mozilla.org/projects/security/known-vulnerabilities.html#SeaMonkey)
* Sun May 14 2006 stark@suse.de
- update to version 1.0.1+
- save printer settings properly (#174082, bmo #324072)
* Tue Apr 25 2006 stark@suse.de
- added patch for iframe crash (#169039, bmo #334515)
- improved postscript output (bmo #334485)
- changed defaults for printer properties (#6534)
- get available paper sizes from CUPS (#65482)
- fixed memory leak in clipboard caching (bmo #289897)
* Thu Mar 16 2006 stark@suse.de
- added seamonkey icon to filelist and use it for mail and composer
component as well for now (#158556)
- also provide the old mozilla packagenames for correct upgrade
* Tue Mar 14 2006 stark@suse.de
- added Khmer (km-*) to pango locales (#157397)
- yet another set of upstream fixes (#148876)
* Sat Mar 04 2006 stark@suse.de
- fixed plugin inclusion if started from Thunderbird (#151614)
- fixed crash with multipart JPEGs (bmo #328684) (#140416)
- implemented mail alert notification (bmo #327613)
- get latest security related fixes from upstream (#148876)
- show multiple Reply-To addresses (bmo #106189)
* Fri Feb 24 2006 stark@suse.de
- dumpstack.patch is now in upstream patches
- added GTK category to desktop-files
- get more security/stability patches (#148876)
* Thu Feb 16 2006 stark@suse.de
- applied set of security patches (#148876)
fixed bmo bugs:
282105, 307989, 310638, 315411, 315625, 320459, 320851,
323634, 325005, 325403, 325947, 327126
- added GenericNames in desktop-files
- use new SeaMonkey logo for browser component in menus
* Tue Feb 07 2006 stark@suse.de
- fixed disabling of Pango (#148788)
* Thu Feb 02 2006 stark@suse.de
- removed heimdal patch for older distributions
- define gssapi lib explicitely (#147670)
* Mon Jan 30 2006 stark@suse.de
- merged (hopefully) last patch before final seamonkey 1.0 release
* Fri Jan 27 2006 stark@suse.de
- final 1.0 bits
- tweaked BuildRequires
- default to GTK2 filechooser if MOZ_XUL_PICKER is not set
(same behaviour as Firefox)
- fixed system NSS usage
* Wed Jan 25 2006 mls@suse.de
- converted neededforbuild to BuildRequires
* Mon Jan 23 2006 stark@suse.de
- disable Pango if MOZ_ENABLE_PANGO is not set
and no typical language which needs Pango is used (#143428)
- preload libaoss for plugin sound (#117079)
- fix to ignore X composite extension (#135373)
- fix subfolder check for default account at startup (bmo #323980)
* Wed Jan 18 2006 stark@suse.de
- fixed DumpStackToFile for glibc 2.4
* Mon Jan 16 2006 stark@suse.de
- update to current 1.0 snapshot (20060115)
- update enigmail to 0.94.0
- use -fstack-protector where available
- use system NSS since CODE10
* Wed Dec 28 2005 stark@suse.de
- update to snapshot 1.8-20051227 (1.0b)
* Mon Dec 12 2005 stark@suse.de
- update to snapshot 1.8-20051211
- use plugins in /usr/lib/browser-plugins
- update enigmail to 0.93.2
- added gtk2 patch to avoid theme switch events (#134831)
- replace mozilla packages with seamonkey for 10.1 and above
* Mon Oct 24 2005 stark@suse.de
- update to snapshot 1.8-20051024
- update enigmail to 0.93.0
- package renamed to seamonkey with new versioning
- moved to /usr/lib
* Tue Dec 28 2004 stark@suse.de
- removed obsolete translations from desktop-file
(will be automatically added from macro)
- update to 1.7.5 (20041220)
- update enigmail to 0.89.6
- update ipc to 1.1.2
- removed s390/s390x patch (included upstream)
- add compiler option to enable backchain for s390/s390x
inline assembling
- fixed extra lines in mail replies (bmo #144998)
- removed bounce patch (available as extension
mailredirect.mozdev.org)
- added gconf setting patch to get more gconf settings if
"use system settings" is used
- removed cross dependencies on release level
* Tue Nov 23 2004 ro@suse.de
- fix build on 8.2
* Thu Nov 18 2004 ro@suse.de
- use kerberos-devel-packages
* Wed Oct 13 2004 uli@suse.de
- fixed ABI (s390*) and defines (s390x) thinkos, now actually works
on these platforms
* Wed Sep 29 2004 stark@suse.de
- fixed path to RealPlayer plugin
* Tue Sep 28 2004 stark@suse.de
- another change to fix initial localization
(thanks to mfabian)
* Sat Sep 25 2004 stark@suse.de
- add ContentLocale parameter for initial localization (#44956)
- added patch for crasher in IMAP code (mozilla.org #257079)
- "no-cache" header was ignored for non-SSL sites
(mozilla.org #252023)
- added fixed version for mozilla.org bug #257308
- fix in download handling (mozilla.org #259890)
- fix for Ximian #65176 (mozilla.org #240068)
* Fri Sep 24 2004 stark@suse.de
- enabled logging for non-debug builds to be able to get some
logfiles for debugging
* Fri Sep 17 2004 stark@suse.de
- fixed broken patch-file
* Fri Sep 17 2004 stark@suse.de
- added security fix for mozilla bug #258005
- trigger for java-1_4_2-sun-plugin (#45257)
* Wed Sep 15 2004 ro@suse.de
- use version number directly
* Wed Sep 15 2004 sbrabec@suse.cz
- Adopted mozilla.spec, so the same spec file can build also nvu.
* Fri Sep 10 2004 stark@suse.de
- added some security related and crasher fixes:
* Visual indicators of site security appear for the wrong site
(mozilla.org #257308)
* mailnews crasher (mozilla.org #258386)
* fix arrow keys behaviour for GTK2 list boxes
(mozilla.org #219706)
* URL bar should not display passwords in URL
(mozilla.org #157354)
- fix enigmail configuration (#44971)
* Thu Sep 09 2004 stark@suse.de
- added patch for AMD64 endianess in JS component
(#34743)
* Mon Sep 06 2004 stark@suse.de
- added parts of the 1.7 branch
(including CUPS integration)
* Fri Sep 03 2004 stark@suse.de
- update enigmail to 0.86.0
- reworked start-script to invoke mozilla start/stop scripts
* Mon Aug 23 2004 ro@suse.de
- make sure we can call mozilla-make-package.pl
(do not rely on any permissions in RPM_SOURCE_DIR)
* Thu Aug 19 2004 sbrabec@suse.cz
- README.installed-chrome: Added a sentence about scriptlet PreReq
(#43990).
* Thu Aug 12 2004 stark@suse.de
- added patch for ppc64 build
* Thu Aug 05 2004 stark@suse.de
- update to 1.7.2 with security fixes
- update enigmail to 0.85.0
- handle RealPlayer 9 plugin
- added calendar-fix init script to package
- fixed file-list (packages-unix) and kprinter config for Desktop
- disabled SVG for distributions older than 8.2
- modified bounce patch to not disturb language-packs
* Thu Aug 05 2004 ro@suse.de
- recode desktop file to utf-8
* Fri Jun 18 2004 stark@suse.de
- update to 1.7
- update enigmail to 0.84.1
- remove compreg.dat prior to rebuild-databases (#41481)
- no longer disable-xprint
- build with heimdal
(Support for Kerberos HTTP authentication using GSSAPI)
* Thu Jun 17 2004 ro@suse.de
- added patch from garnome list to build with current freetype
* Thu May 06 2004 stark@suse.de
- added patch to avoid compile-warnings
* Wed May 05 2004 stark@suse.de
- update to 1.7rc1 (20040505)
- added patch to be able to bounce mail-messages
- update enigmail to 0.83.6
- added focus fix for gtkembedmoz
- changed behaviour of nullplugin
- removed x86-64 patch as it is now included upstream
- added new function in start script to start localized
according to the environment if correct language pack is
installed (for new profiles)
* Fri Apr 02 2004 stark@suse.de
- removing relocation of TEMP directory (#34391)
* Thu Mar 25 2004 stark@suse.de
- install more needed files (#36085)
* Tue Mar 23 2004 uli@suse.de
- fixed hang during build on s390* (bug #35440)
* Mon Mar 15 2004 stark@suse.de
- use xft.js only for gtk1 builds (not default)
- removed obsolete stuff from package
- install menu-icons and use them (#35992)
- install some more files (#36085)
- renewed bookmark-changes
* Tue Mar 09 2004 stark@suse.de
- patch for keeping ui fonts (#35236)
* Sun Mar 07 2004 ro@suse.de
- match function declaration in enigmail mimedummy.cpp
* Wed Mar 03 2004 stark@suse.de
- fixed enigmail file-list (#35302)
- update enigmail to 0.83.4
* Mon Mar 01 2004 stark@suse.de
- improved xremote behaviour in relation to other mozilla products
(firefox, thunderbird) (#35179)
* Tue Feb 24 2004 stark@suse.de
- fixed inclusion of mozex extension
- added compiler flags for security/ (nss-opt.patch)
- update enigmail to 0.83.3
* Fri Feb 20 2004 stark@suse.de
- added build-fix for s390x (#32963)
- added mozex 1.07 to the package
* Wed Feb 04 2004 stark@suse.de
- fixed calendar filelist
- enabled freetype for xft builds to improve printing
* Wed Jan 28 2004 stark@suse.de
- update to enigmail 0.83.1
- fixed enigmail inclusion and activated it again
* Mon Jan 19 2004 stark@suse.de
- update to 1.6 (20040114)
- set PS printer list in mozilla.sh
- update to enigmail 0.83.0
(deactivated for now until a chrome issue is fixed)
- added mozilla-bonobo to plugin-handling
- use lib64 again for biarch platforms
- use kprinter and xft on SLEC (only for specfile-sharing)
- added fixed desktop files
* Mon Nov 03 2003 stark@suse.de
- apply mips build-fix
* Wed Oct 22 2003 stark@suse.de
- require myspell-dictionary only since 9.0
* Wed Oct 15 2003 stark@suse.de
- update to 1.5 (final)
* Mon Sep 29 2003 stark@suse.de
- update to Mozilla 1.5rc2
- added patch to enable freetype2 printing in xft builds
- removed overlay-files from filelist (delete them in preun)
* Wed Sep 24 2003 stark@suse.de
- added mozplugger to add-plugins.sh
- added patch to expunge IMAP folders if "remove immediately"
delete model is used
- update to 1.4.1
- update enigmail to 0.76.7
* Tue Sep 23 2003 sbrabec@suse.cz
- Changed plugger->mozplugger (part of bug #31616).
* Thu Sep 18 2003 coolo@suse.de
- make mozilla open URLs not files
* Tue Sep 16 2003 stark@suse.de
- adopted RealPlayer inclusion for new path (#30990)
* Sun Sep 07 2003 adrian@suse.de
- mozilla supports text/html MimeType
* Thu Sep 04 2003 adrian@suse.de
- remove wrong start path in desktop file
* Mon Sep 01 2003 adrian@suse.de
- install also desktop files for mail and composer
- make Mozilla start path FHS compliant
* Mon Aug 25 2003 hhetter@suse.de
- revert from patch mentioned at Mozilla.org Bug #58613
to get epiphany and galeon to build
* Fri Aug 22 2003 stark@suse.de
- another upstream sync
* Fri Aug 15 2003 stark@suse.de
- again more CVS patches from mozilla.org
* Sun Aug 10 2003 stark@suse.de
- updated enigmail to 0.76.5
* Fri Aug 08 2003 stark@suse.de
- again more CVS patches from mozilla.org
- adapted x86-64 patch for 1.4
- clean up configure options
- use -fno-strict-aliasing (#28534)
* Thu Jul 31 2003 stark@suse.de
- integrated more patches from mozilla.org
- fixed deinstallation of dict-links
- removed unneeded files from filelist (for milestone builds)
- removed update-desktop-files again because it's in
gtk2-devel-packages
* Wed Jul 30 2003 stark@suse.de
- add-plugins.sh now links myspell-dictionaries for spellchecker
(#26290)
- added some bugfixes from mozilla.org
- added update-desktop-files to neededforbuild
* Tue Jul 29 2003 stark@suse.de
- added make-definition for build with Linux 2.6.x
* Mon Jul 28 2003 adrian@suse.de
- add Categories to desktop file
- TODO: create .desktop files for other Mozilla modules
* Wed Jul 23 2003 stark@suse.de
- check if DISPLAY set correctly (#28098)
- set $TEMP to $HOME for acroread (#27929)
- workaround the BUILD_ROOT issue in xpti.dat
- update enigmail to 0.76.3
* Tue Jul 15 2003 stark@suse.de
- fix update from Mozilla 1.0.1 to 1.4
- update enigmail to 0.76.2
- added ICP-Brasil CA (#25840)
- added some minor patches from mozilla.org
* Mon Jul 14 2003 sbrabec@suse.cz
- GNOME prefix change to /opt/gnome.
* Wed Jul 02 2003 schwab@suse.de
- mozilla.sh: fix quoting, teach about emacsclient.
* Tue Jul 01 2003 stark@suse.de
- update to 1.4 final
* Wed Jun 25 2003 stark@suse.de
- fix AMD64 patch to fit mozilla version
* Thu Jun 19 2003 stark@suse.de
- update to 1.4rc3 (20030619)
- added DFN CA certificate
- update enigmail to 0.76.1
- added assembler patch, IA64 should be usable now
* Sat Jun 14 2003 stark@suse.de
- update to 1.4rc2 (20030613)
- fixed minor bug in update handling in %preun
- added missing directories to the filelist
- deactivated check for unpackaged files
* Wed Jun 11 2003 stark@suse.de
- update to 1.4rc1 (20030610)
- switch to GTK2 build for STABLE
- update enigmail to 0.76.0
* Wed May 28 2003 stark@suse.de
- update to 1.4b (20030526)
- added spellchecker subpackage (based on myspell)
* Sat May 10 2003 stark@suse.de
- modified x86-64 patch to fit 1.4b
* Thu May 08 2003 stark@suse.de
- updated to 1.4b (20030507)
- updated enigmail and ipc sources for 1.4
- adopt James Ogley's changes for gtk2 build
- install pkgconfig stuff
- include icons
- desktop file in GNOME2 place
- Provides: mozilla-gtk2 for building Galeon/Epiphany
- added /etc/gre.conf
- modified startscript to manipulate default open behaviour
of URLs provided on commandline ($MOZ_NEWURL)
- some spec-file modifications for slow migration to
Firebird
* Thu Apr 03 2003 stark@suse.de
- updated enigmail to 0.74.0
- fixed minor bug in spec-file (only hit old SL versions)
* Mon Mar 31 2003 stark@suse.de
- moved mozilla-config to /opt/mozilla/bin
- some rudimentary language autodetection
- reactivated XFT for 8.2
- make GTK2 optional for 8.2 and higher (disabled xmlterm)
- fixed bug in rebuild-databases.sh
* Mon Mar 24 2003 stark@suse.de
- handle old plugins on update from versions before 1.3
- splitted calendar off from mozilla
- added XFT patches but disabled XFT for SuSE Linux 8.2 at this
time
- added mozilla-config to devel package
* Fri Mar 14 2003 stark@suse.de
- update to 1.3
- redirect error about missing file in rebuild-databases.sh
- update enigmail to 0.73.1
- added LEO searchplugin for dict.leo.org
- changed directory-structure to be more mozilla.org compatible
- removed s390 fix because changes are already in sources
- use XFT2 instead of freetype2 on SL8.2 and higher
- made add-plugins.sh compatible with older SL versions again
- enabled SVG support (including libart_lgpl)
- enabled calendar
- removed special splash because of copyright issues
* Thu Mar 13 2003 stark@suse.de
- avoid creation of java link if Blackdown isn't installed
but another Java is found (but not usable because of gcc)
[Bug #25278]
* Wed Mar 12 2003 stark@suse.de
- added new BlackdownJava2-JRE to RPM triggers
* Mon Mar 03 2003 kukuk@suse.de
- Fix calling mozilla with options [Bug #24539]
* Fri Feb 28 2003 ro@suse.de
- fixed add-plugins.sh for flash-player
* Mon Feb 24 2003 ro@suse.de
- added tclplug and djvulibre
* Mon Feb 24 2003 ro@suse.de
- add-plugins: use /usr/%_lib/browser-plugins
- flash plugin moved from netscape-plugins to flash-player
* Tue Feb 18 2003 stark@suse.de
- reworked add-plugins.sh for newer Java versions
- moved libnssckbi.so to MOZILLA_FIVE_HOME (#22548)
- %preun bugfix
* Fri Jan 17 2003 sbrabec@suse.cz
- Added README.installed-chrome to source package.
* Wed Jan 15 2003 pmladek@suse.cz
- updated the x86_64.patch from Gwenole Beauchesne
* Thu Dec 05 2002 stark@suse.de
- update to 1.2.1
- update Enigmail to 0.71.0
- removed SuSEconfig.mozilla
now use add-plugins.sh together with %trigger statements
- use new chrome-management scheme
- don't add java plugin if built with gcc 3.x
- bugfix for using mozilla-xremote-client
* Wed Nov 27 2002 stark@suse.de
- update to 1.2
- moved rebuild-databases to RPM scripts (only plugins are
left in SuSEconfig.mozilla)
- added addon-chrome functionality to rebuild-databases.sh
- readded Enigmail source for 1.2
- reworked start-script for opening html-files (#16186)
* Thu Nov 21 2002 sbrabec@suse.cz
- Added support for separate chrome (language) packs (bug #20700):
updated rebuild-databases.sh and created and filled
/opt/mozilla/installed-chrome.d.
* Wed Nov 06 2002 stepan@suse.de
- fix mozilla on s390 and s390x
* Thu Oct 24 2002 stepan@suse.de
- fix compilation on axp
* Fri Oct 18 2002 stark@suse.de
- fixed error-messages during startup (#19556)
* Thu Oct 17 2002 mfabian@suse.de
- Bug #20972: fix printing for Korean and Chinese by setting
suitable default PostScript fonts
* Tue Oct 08 2002 sbrabec@suse.cz
- Added support for Plugger in SuSEconfig.mozilla. Closes #20677.
* Fri Sep 20 2002 stark@suse.de
- fixed documentation bugs #19811 and #19812
* Thu Sep 12 2002 stark@suse.de
- include compat_wrapper.dif only on gcc 3.x based distributions
* Wed Sep 11 2002 sbrabec@suse.cz
- Corrected %ifarch ix86 to %ifarch %ix86, otherwise compat_wrapper.dif
is ignored.
* Sat Sep 07 2002 olh@suse.de
- add gcc3 helper code for ppc32.
Linux/PPC g++-3 ABI support for XPCOM
* Wed Sep 04 2002 stark@suse.de
- update to 1.0.1 (20020903)
- added compat-wrapper for Flash on ix86
- removed Flash-player (use Flash from netscape-plugins)
- added Enigmail to mozilla-mail
- added patch for using an external editor for textareas and
composer windows
* Sat Aug 24 2002 ro@suse.de
- fixed ix86 to correct %ix86
* Thu Aug 22 2002 stark@suse.de
- changed %ifarch i386 to ix86 for Flash
* Wed Aug 21 2002 stark@suse.de
- fixed mozilla-copy-package.sh to fit the new parameter
behaviour of cp
* Thu Aug 15 2002 uli@suse.de
- added x86-64 port by Gwenole Beauchesne
* Tue Aug 06 2002 stark@suse.de
- apply s390 patch only on s390
* Mon Aug 05 2002 stark@suse.de
- added patch to compile on s390(x)
* Sun Jun 09 2002 stark@suse.de
- added japanese and german language pack
* Wed Jun 05 2002 stark@suse.de
- update to 1.0
- moved libs to /opt/mozilla/{lib,lib64}
* Wed Jun 05 2002 sf@suse.de
- apply x86_64-patch only on x86_64, as it breaks ix86
* Wed Jun 05 2002 sf@suse.de
- added patch to build on x86_64 (does not really work yet,
but needed for other packages)
* Tue May 28 2002 stark@suse.de
- readded de-AT languagepack
- moved nss headers to include/nss
* Mon May 27 2002 stark@suse.de
- added nss3 devel files
* Fri May 24 2002 stark@suse.de
- update to 1.0rc3
* Tue May 21 2002 stark@suse.de
- added new wrapper script
- build with -Os for gcc3
- added dom-inspector subpackage
- removed redundant ia64 patch
* Tue May 14 2002 schwab@suse.de
- Configure only plugins that match mozilla arch.
- Fix some C++ issues.
* Sun May 12 2002 schwab@suse.de
- Add binary only plugins only on supported architectures.
* Sat May 11 2002 stark@suse.de
- update to 1.0rc2
* Sat May 04 2002 stark@suse.de
- update to codebase 20020503 because of security-reasons
(XMLHTTPRequest redirect bug)
* Fri Apr 26 2002 stark@suse.de
- readded ja-JP and de-AT language packs and mozgest 0.3.3
- removed Requires: jre1.3.x
- update to codebase 20020425
- deactivated buggy mozgest for now
* Thu Apr 18 2002 stark@suse.de
- update to 1.0RC1
- update flash to 5.0r48
* Wed Apr 10 2002 stark@suse.de
- readded ja-JP language pack
* Mon Mar 18 2002 stark@suse.de
- readded de-AT language pack
* Thu Mar 14 2002 stark@suse.de
- update to milestone 0.9.9
- enabled freetype2 support
* Mon Feb 11 2002 stark@suse.de
- readded ja-JP language/region pack
* Fri Feb 08 2002 stepan@suse.de
- fixed building with gcc 3.x on ppc and alpha
- adopting assembler macros to ABI changes
* Fri Feb 08 2002 stark@suse.de
- added de-AT language/region pack
- added patch to remove debug menu from preferences
- bzip2 flash-sources
* Tue Feb 05 2002 stark@suse.de
- update to milestone 0.9.8
(as always without language-packs)
- update mozgest to compatible 0.3.2
* Tue Feb 05 2002 stark@suse.de
- minor changes of the configure parameters
* Thu Jan 31 2002 ro@suse.de
- changed neededforbuild <libpng> to <libpng-devel-packages>
* Thu Jan 31 2002 hhetter@suse.de
- added gdkxft-mozilla patch for TT Font Rendering
* Thu Jan 17 2002 uli@suse.de
- removed /opt/mozilla/chrome/overlayinfo from filelist for ARM
* Wed Jan 02 2002 stark@suse.de
- added de-AT language pack for 0.9.7
* Sun Dec 30 2001 stark@suse.de
- added patch to handle empty file upload forms
(#116210 bugzilla.mozilla.org)
* Mon Dec 24 2001 stark@suse.de
- update to 0.9.7
(deactivated JP and DE language packs as they are not
available yet)
* Wed Dec 05 2001 stark@suse.de
- changed cp options again to fix devel-package for version > 7.0
* Sat Dec 01 2001 stark@suse.de
- added de-AT language pack for 0.9.6
- removed option -L of cp commands (for compatibility with 7.0)
* Mon Nov 26 2001 stark@suse.de
- made SuSEconfig.mozilla compatible with 7.3 again
- deactivated de-AT language pack (doesn't work for 0.9.6 :-()
* Sat Nov 24 2001 stark@suse.de
- changed SuSEconfig.mozilla to fit next SuSE-release (Java)
* Sat Nov 24 2001 stark@suse.de
- reactivated de-AT language pack for 0.9.5 (hopefully works)
* Fri Nov 23 2001 stark@suse.de
- update to 0.9.6
- update mozgest to 0.3.1
* Wed Nov 14 2001 stark@suse.de
- minor (cosmetic) change in SuSEconfig.mozilla
- readded Flash-Plugins to %files
* Mon Nov 12 2001 stark@suse.de
- added Provides for new subpackages (split-aliases)
- reworked SuSEconfig.mozilla (for subpackages)
* Thu Nov 08 2001 stark@suse.de
- readded build-id with SuSE extension
- added file to devel-package
* Wed Nov 07 2001 stark@suse.de
- added bookmark.diff
- removed build-id from title
* Wed Nov 07 2001 stark@suse.de
- added some devel files
* Tue Nov 06 2001 stark@suse.de
- rewritten %install section to use mozilla packaging functions
- split package into sub-packages
* Mon Nov 05 2001 stark@suse.de
- updated optimoz to RC0.3
* Wed Oct 24 2001 stark@suse.de
- finally integrated optimoz (disabled and hidden by default)
- install only jar-archives in chrome
- added /opt/mozilla/rebuild-databases.sh
* Wed Oct 24 2001 hhetter@suse.de
- include idl files in devel-package
* Tue Oct 23 2001 stark@suse.de
- made SuSEconfig integrate RealPlayer- and Acrobat-Plugin
- requires now jre1.3.x
- added release_date (Gecko)
- moved some files to mode 644
- added patch to disable debug-menu in Composer
- set mailnews-startpage to about:blank
- set very-first startup-page to about:blank
* Mon Oct 22 2001 mfabian@suse.de
- install Japanese Google-searchplugin under the name
'google-japan.gif' and 'google-japan.src' in order not to
overwrite the English original 'google.gif' and 'google.src'.
* Sat Oct 20 2001 mfabian@suse.de
- update Japanese language pack to mozilla0.9.5-jajppack-v1.0.xpi
* Tue Oct 16 2001 stark@suse.de
- update to 0.9.5
- added de_AT language pack
- make SuSEconfig integrate java from package java2
- added Macromedia Flashplayer/Shockwave
- added Optimoz 0.2.6 (partially, not active yet)
* Fri Sep 21 2001 egger@suse.de
- Add libcms and libmng-devel to neededforbuild as suggested
by Werner Fink.
* Fri Sep 21 2001 egger@suse.de
- Redid my former patch to disable Debug menus and default
to SuSE homepage.
* Fri Sep 21 2001 mfabian@suse.de
- update Japanese language pack to mozilla0.9.4-langjajp-RC1.xpi
and mozilla0.9.4-regjp-RC1.xpi
* Thu Sep 20 2001 draht@suse.de
- merging with BETA-tree from egger@suse.de: upgrade to 0.9.4
* Sat Sep 15 2001 egger@suse.de
- diff: Removed Debug menus.
- diff: Added sensible default values and default to SuSE homepage.
* Tue Sep 11 2001 egger@suse.de
- Somehow some non-0.9.3 sources were in the previous tarball.
Replaced them by the real ones.
* Mon Aug 13 2001 mfabian@suse.de
- added mozilla-cjk-config.patch again.
(setup of PostScript fonts for printing Chinese, Japanese and
Korean, default fonts for Chinese, Japanese and Korean).
* Thu Aug 09 2001 mfabian@suse.de
- add Japanese language pack mozilla0.9.3-langjajp-RC1.xpi
and mozilla0.9.3-regjp-RC1.xpi (Korean language packs
are only available for 0.9.2 and they don't work for 0.9.2,
therefore they are commented out).
* Sun Aug 05 2001 egger@suse.de
- Updated to version 0.9.3.
* Thu Jul 05 2001 egger@suse.de
- Update to 0.9.2.
- Language packs are incompatible and not yet available so they'll
follow later.
* Wed Jun 20 2001 mfabian@suse.de
- update Japanese language pack to mozilla0.9.1-langjajp.xpi
and mozilla0.9.1-regjp.xpi
* Thu Jun 14 2001 egger@suse.de
- Update to version 0.9.1.
* Fri May 11 2001 egger@suse.de
- Fixed severe bugs in SuSEconfig.mozilla script that
may prevent users from getting a working mozilla.
* Fri May 04 2001 mfabian@suse.de
- update Japanese language pack to mozilla0.8.1-langjajp.xpi
and mozilla0.8.1-regjp.xpi
* Tue May 01 2001 egger@suse.de
- Update SuSEconfig.mozilla to use md5 sums
* Wed Apr 04 2001 mfabian@suse.de
- update Japanese language pack to langjajp-081-RC1.xpi
and regjp-081-RC1.xpi
* Wed Mar 28 2001 egger@suse.de
- Updated to version 0.8.1.
* Mon Mar 19 2001 bk@suse.de
- strip mozilla shared libraries
* Sun Mar 11 2001 violiet@suse.de
- added Korean and Japanese Language pack.
* Sat Mar 03 2001 schwab@suse.de
- Try to add support for ia64.
- Fix run-mozilla link.
* Tue Feb 20 2001 egger@suse.de
- Integrated a reworked version of Bernd Kaindls
patch to get the beast running from anywhere again.
* Mon Feb 19 2001 egger@suse.de
- Use BuildRoot.
- Reworked specfile.
- Corrected -devel package.
* Fri Feb 16 2001 egger@suse.de
- Update to version 0.8.
* Tue Jan 23 2001 kukuk@suse.de
- Fix use of SOURCE macro
* Tue Jan 23 2001 kukuk@suse.de
- Move post install section to extra SuSEconfig.mozilla [Bug #5642]
* Mon Jan 22 2001 mfabian@suse.de
- revert to 16 pt font for Japanese and Chinese. Japanese and
Chinese characters are almost unreadable at 12pt.
* Sun Jan 21 2001 violiet@suse.de
- set korean and taiwan ps font printing patch.
- set mozilla used small 12pixels font.
- change improved font for Japanese and Korean.
- added Korean & Japanese Name and Comment in Mozilla.desktop.
* Wed Jan 03 2001 egger@suse.de
- Quietness patch.
- Enabled JAR file creation.
- Added GNOME icon.
- New wrapper script.
* Mon Dec 25 2000 bk@suse.de
- set CFLAGS and CXXFLAGS for confgure to $RPM_OPT_FLAGS. With our
configure flags(--enable-optimize -> adds -O after CFLAGS) enabled
this enables only the i486 arch code which brought me 5% speed
increase in my test(Load page on hay), package size stays the same.
* Wed Dec 20 2000 egger@suse.de
- Integrated the latest bugfixes.
- Added: Provides: web_browser to the specfile.
* Tue Dec 12 2000 egger@suse.de
- Update to the real version 0.6.
* Sat Dec 09 2000 bk@suse.de
- updated to Mozilla 0.6 (milestone release based on the same branch
as Netscape 6), looks good!
- fixed cp -r install to cp -rL(for forcing to follow the links...)
- fixed postinstall to do an chroot before calling programs...
* Fri Dec 01 2000 kukuk@suse.de
- Fix spec file syntax
* Fri Dec 01 2000 egger@suse.de
- Made a new snapshot.
* Wed Nov 22 2000 egger@suse.de
- Reworked the specfile and of course
- Made a new snapshot.
* Tue Nov 21 2000 egger@suse.de
- Made a new snapshot.
* Fri Nov 10 2000 egger@suse.de
- Made a new snapshot.
* Mon Nov 06 2000 egger@suse.de
- Made a new snapshot.
* Mon Nov 06 2000 ro@suse.de
- fixed neededforbuild
* Sat Oct 28 2000 egger@suse.de
- Made a new snapshot.
* Tue Oct 24 2000 egger@suse.de
- Made a new snapshot.
* Fri Oct 13 2000 egger@suse.de
- Made a new snapshot.
- Changed specfile slightly.
* Fri Oct 13 2000 egger@suse.de
- Made a new snapshot.
* Sun Oct 08 2000 egger@suse.de
- Made a new snapshot.
* Thu Oct 05 2000 egger@suse.de
- Made a new snapshot.
* Tue Oct 03 2000 egger@suse.de
- Made a new snapshot.
* Wed Sep 27 2000 egger@suse.de
- Made a new snapshot.
* Thu Sep 21 2000 egger@suse.de
- Add mozilla development package to provide the necessary
headers for embedding the gecko engine.
- Try the new registering.
* Mon Sep 18 2000 egger@suse.de
- Ok, forgot to save the right specfile... Sorry.
* Mon Sep 18 2000 egger@suse.de
- New snapshot.
- Removed SPARC patch, the mozilla people applied the patch.
- Tested package on i386.
* Mon Aug 21 2000 egger@suse.de
- Try a hint from the mozilla people to prevent that ugly mail
hack.
- Made a new snapshot.
* Tue Jul 11 2000 egger@suse.de
- Updated to postM17: Lots of bugfixes and perfomanceimprovements.
* Tue Jul 11 2000 egger@suse.de
- Link run-mozilla.sh to /usr/X11/bin/mozilla.
- Correct the wrapper script to work from anywhere.
- Send a mail to the admin after installing mozilla
to tell him that he has to run mozilla once as root.
* Mon Jul 10 2000 ro@suse.de
- specfile fix
* Mon Jul 10 2000 ro@suse.de
- try to call mozilla to create registry
* Fri Jul 07 2000 kukuk@suse.de
- Add SPARC fix back
* Thu Jul 06 2000 egger@suse.de
- Unified tarballs.
- Change incorrect strip command.
* Wed Jul 05 2000 ro@suse.de
- added more dirs
* Wed Jul 05 2000 egger@suse.de
- Add missing dirs...
* Tue Jul 04 2000 egger@suse.de
- Use latest bugfix snapshot.
- Try to prevent a bug in libpthreads/nspr by building
with debugging and strip everything afterwards.
- Enable optimize because it works now.
- Install wrapper script instead of binary into exectuable
path to work around problems...
* Fri Jun 16 2000 egger@suse.de
- Use latest snapshot.
- Recheckin since the last update got lost...
- Bumped version to M16.
* Sun Jun 11 2000 egger@suse.de
- Use latest snapshot.
- Checked out missing dir, too.
* Fri Jun 09 2000 egger@suse.de
- Use latest snapshot.
* Sat May 27 2000 egger@suse.de
- Well, maybe I should have replaced all occurences of X11... :)
* Mon May 22 2000 egger@suse.de
- /usr/X11/bin/mozilla is not allowed anymore, so use
/usr/X11R6/bin/mozilla.
* Thu May 18 2000 egger@suse.de
- Checked in new snapshot.
* Mon May 15 2000 egger@suse.de
- Readded orbit to the requirements.
* Sat May 13 2000 egger@suse.de
- Checked in completely new .spec-file and the
latest CVS snapshot.
* Sun Apr 09 2000 bk@suse.de
- added suse update config macro
- added automake to list of packages needed for building mozilla
* Tue Mar 28 2000 ro@suse.de
- removed optimize
* Thu Mar 23 2000 ro@suse.de
- update to M14-no-crypto
* Fri Jan 28 2000 kukuk@suse.de
- Update to M13
- Fix for SPARC
* Tue Jan 25 2000 ro@suse.de
- update to M12
* Wed Dec 15 1999 ro@suse.de
- reworked install-section of specfile
* Wed Nov 24 1999 ro@suse.de
- update to M11
* Wed Oct 20 1999 ro@suse.de
- added comment for ld-script
* Mon Oct 18 1999 ro@suse.de
- fixed config.sub for ev6
* Tue Oct 12 1999 ro@suse.de
- update to M10
* Mon Sep 13 1999 bs@suse.de
- ran old prepare_spec on spec file to switch to new prepare_spec.
* Thu Jul 15 1999 bs@suse.de
- user glib, gtk instead of glibn, gtkn
- call Check after install
* Thu Jun 03 1999 ro@suse.de
- update to M6
* Tue Jun 01 1999 ro@suse.de
- fixed shellscripts for startup
* Tue Jun 01 1999 ro@suse.de
- moved libraries to /usr/lib/mozilla/lib
and start using "LD_LIBRARY_PATH"
* Mon May 31 1999 ro@suse.de
- created packages (mozilla and mozillad)
/usr/lib64/seamonkey/extensions/{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}.xpi
Generated by rpm2html 1.8.1
Fabrice Bellet, Thu Jan 30 23:52:29 2025