2009
xulrunner (1.8.0.15~pre080614i-0etch1) stable-security; urgency=low
[ Alexander Sack <asac@canonical.com> ] * New security/stability upstream release (backports for 2.0.0.19) - Patches: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/moz_1.8.0.15prepatches080614i.tar.gz - Tarball: http://people.ubuntu.com/~asac/mozilla-security/1.8.1.19/xulrunner_1.5.0.15pre080614i-source.tar.bz2 * Upstream advisories (v2.0.0.19): MFSA 2008-60 aka CVE-2008-5500 (layout) - Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) MFSA 2008-61 aka CVE-2008-5503 - Information stealing via loadBindingDocument MFSA 2008-64 aka CVE-2008-5506 - XMLHttpRequest 302 response disclosure MFSA 2008-65 aka CVE-2008-5507 - Cross-domain data theft via script redirect error message MFSA 2008-66 aka CVE-2008-5508 - Errors parsing URLs with leading whitespace and control characters (fixed by bz451613) * MFSA 2008-68 aka CVE-2008-5511(XSS via XBL bindings to unloaded document), CVE-2008-5512(JavaScript privilege escalation) - XSS and JavaScript privilege escalation
-- Alexander Sack <asac@debian.org> Sun, 11 Jan 2009 20:05:46 +0100
2008
xulrunner (1.8.0.15~pre080614h-0etch1) stable-security; urgency=low
[ Alexander Sack <asac@canonical.com> ] * New security/stability upstream release (backports for 2.0.0.17 + 2.0.0.18) * Upstream advisories (v2.0.0.17): MFSA 2008-37 aka CVE-2008-0016 - UTF-8 URL stack buffer overflow MFSA 2008-38 aka CVE-2008-3835 - nsXMLDocument::OnChannelRedirect() same-origin violation MFSA 2008-40 aka CVE-2008-3837 - Forced mouse drag MFSA 2008-41 aka CVE-2008-4058 - XPCnativeWrapper pollution MFSA 2008-41 aka CVE-2008-4059 - XPCnativeWrapper pollution (Firefox 2) MFSA 2008-41 aka CVE-2008-4060 - Documents without script handling objects MFSA 2008-42 aka CVE-2008-4061 - Crashes with evidence of corruption; layout (rv:1.8.1.17) MFSA 2008-42 aka CVE-2008-4062 - Crashes with evidence of corruption; javascript (rv:1.8.1.17) MFSA 2008-43 aka CVE-2008-4065 - Stripped BOM characters MFSA 2008-43 aka CVE-2008-4066 - HTML escaped low surrogates bug MFSA 2008-44 aka CVE-2008-4067 - resource: traversal vulnerabilities (a) MFSA 2008-44 aka CVE-2008-4068 - resource: traversal vulnerabilities (b) MFSA 2008-45 aka CVE-2008-4069 - XBM image uninitialized memory reading * Upstream advisories (v2.0.0.18): MFSA 2008-47 aka CVE-2008-4582 - Information stealing via local shortcut files MFSA 2008-48 aka CVE-2008-5012 - Image stealing via canvas and HTTP redirect MFSA 2008-49 aka CVE-2008-5013 - Arbitrary code execution via Flash Player dynamic module unloading MFSA 2008-50 aka CVE-2008-5014 - Crash and remote code execution via __proto__ tampering MFSA 2008-52 aka CVE-2008-5017 - browser engine crashes with memory corruption (rv:1.8.1.18) MFSA 2008-52 aka CVE-2008-5018 - javascript engine crashes with memory corruption (rv:1.8.1.18) MFSA 2008-54 aka CVE-2008-0017 - Buffer overflow in http-index-format parser MFSA 2008-55 aka CVE-2008-5021 - Crash and remote code execution in nsFrameManager MFSA 2008-56 aka CVE-2008-5022 - nsXMLHttpRequest::NotifyEventListeners() same-origin violation MFSA 2008-57 aka CVE-2008-5023 - -moz-binding property bypasses security checks on codebase principals MFSA 2008-58 aka CVE-2008-5024 - Parsing error in E4X default namespace
-- Alexander Sack <asac@canonical.com> Thu, 17 Jul 2008 09:16:13 +0000
xulrunner (1.8.0.15~pre080614d-0etch1) stable-security; urgency=low
[ Alexander Sack <asac@canonical.com> ] * New security/stability upstream release (backports for 2.0.0.15 + 2.0.0.16) * Upstream advisories (v2.0.0.15): MFSA 2008-21 aka CVE-2008-2798 Crashes with evidence of memory corruption (rv:1.8.1.15) MFSA 2008-21 aka CVE-2008-2799 Crashes with evidence of memory corruption (rv:1.8.1.15) MFSA 2008-22 aka CVE-2008-2800 - XSS through JavaScript same-origin violation MFSA 2008-23 aka CVE-2008-2801 - Signed JAR tampering MFSA 2008-24 aka CVE-2008-2802 - Chrome script loading from fastload file MFSA 2008-25 aka CVE-2008-2803 - Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript() MFSA 2008-27 aka CVE-2008-2805 - Arbitrary file upload via originalTarget and DOM Range MFSA 2008-28 aka CVE-2008-2806 - Arbitrary socket connections with Java LiveConnect on Mac OS X MFSA 2008-29 aka CVE-2008-2807 - Faulty .properties file results in uninitialized memory being used MFSA 2008-30 aka CVE-2008-2808 - File location URL in directory listings not escaped properly MFSA 2008-31 aka CVE-2008-2809 - Peer-trusted certs can use alt names to spoof MFSA 2008-32 aka CVE-2008-2810 - Remote site run as local file via Windows URL shortcut MFSA 2008-33 aka CVE-2008-2811 - Crash and remote code execution in block reflow * Upstream advisories (v2.0.0.16): MFSA 2008-35 aka CVE-2008-2785 - Command-line URLs launch multiple tabs when Firefox not running MFSA 2008-34 aka CVE-2008-2933 - Remote code execution by overflowing CSS reference counter MFSA 2008-36 aka CVE-2008-2934 - Crash with malformed GIF file on Mac OS X * debian/patches/90_bz421622.dpatch,90_bz425576.dpatch: drop prepatched prepatches which are now shipped in upstream source. * debian/patches/00list: Updated accordingly. * debian/patches/00list: disable 20_visibility patch now shipped upstream * debian/patches/99_configure.dpatch: updated accordingly.
-- Alexander Sack <asac@canonical.com> Thu, 17 Jul 2008 09:16:13 +0000
xulrunner (1.8.0.15~pre080323b-0etch2) stable-security; urgency=low
* debian/patches/90_bz421622.dpatch: Fix a regression introduced by fix for
CVE-2008-1234.
* debian/patches/90_bz425576.dpatch: Fix for MFSA 2008-20 aka CVE-2008-1380.
* debian/patches/00list: Updated accordingly.
-- Mike Hommey <glandium@debian.org> Fri, 18 Apr 2008 19:48:27 +0200
xulrunner (1.8.0.15~pre080323b-0etch1) stable-security; urgency=low
* New security/stability upstream release (backports for v2.0.0.13)
* Fixes mfsa-2008-{13-19}, also known as
CVE-2007-4879, CVE-2008-0416, CVE-2008-1195, CVE-2008-1233,
CVE-2008-1234, CVE-2008-1235, CVE-2008-1236, CVE-2008-1237,
CVE-2008-1238, CVE-2008-1240, CVE-2008-1241.
-- Mike Hommey <glandium@debian.org> Wed, 26 Mar 2008 20:59:36 +0100
xulrunner (1.8.0.15~pre080131b-0etch1) stable-security; urgency=critical
[ Alexander Sack ] * New security/stability upstream release (backports for v2.0.0.12) * MFSA 2008-01 aka CVE-2008-0412: Crashes with evidence of memory corruption v1.8.1.12 (Browser crashes) * MFSA 2008-01 aka CVE-2008-0413: Crashes with evidence of memory corruption v1.8.1.12 (javascript crashes) * MFSA 2008-02 aka CVE-2008-0414: Multiple file input focus stealing vulnerabilities: 1. Focus shifting bugs and 2. Selective keystroke blocking bugs * MFSA 2008-03 aka CVE-2008-0415: Privilege escalation, XSS, Remote Code Execution (JavaScript privilege escalation bugs) * MFSA 2008-04 aka CVE-2008-0417: Stored password corruption * MFSA 2008-05 aka CVE-2008-0418: Directory traversal via chrome: URI * MFSA 2008-06 aka CVE-2008-0419: Web browsing history and forward navigation stealing * MFSA 2008-08 aka CVE-2008-0591: File action dialog tampering * MFSA 2008-09 aka CVE-2008-0592: Mishandling of locally-saved plain text files * MFSA 2008-10 aka CVE-2008-0593: URL token stealing via stylesheet redirect * MFSA 2008-11 aka CVE-2008-0594: Web forgery overwrite with div overlay
-- Alexander Sack <asac@debian.org> Fri, 08 Feb 2008 11:10:04 +0100
2007
xulrunner (1.8.0.14~pre071019c-0etch1) stable-security; urgency=critical
* New security/stability upstream release (v2.0.0.10) * MFSA 2007-37 aka CVE-2007-5947 * MFSA 2007-38 aka CVE-2007-5959 * MFSA 2007-39 aka CVE-2007-5960
-- Alexander Sack <asac@debian.org> Tue, 27 Nov 2007 00:21:41 +0100
xulrunner (1.8.0.14~pre071019b-0etch1) stable-security; urgency=critical
* New security/stability upstream release (v2.0.0.8) * MFSA 2007-29 aka CVE-2007-5339 (browser), CVE-2007-5340 (javascript) * MFSA 2007-30 aka CVE-2007-1095 * MFSA 2007-31 aka CVE-2007-2292 * MFSA 2007-32 aka CVE-2007-3511, CVE-2006-2894 * MFSA 2007-33 aka CVE-2007-5334 * MFSA 2007-34 aka CVE-2007-5337 * MFSA 2007-35 aka CVE-2007-5338 * MFSA 2007-36 aka CVE-2007-4841 (windows only) Packaging: * debian/patches/90_MFSA_2007_26.dpatch,00list: drop patch - applied upstream. * debian/patches/90_MFSA_2007_27.dpatch,00list: drop patch - applied upstream.
-- Alexander Sack <asac@debian.org> Fri, 19 Oct 2007 13:45:56 +0200
xulrunner (1.8.0.13~pre070720-0etch3) stable-security; urgency=critical
* debian/patches/90_MFSA_2007_26.dpatch,
debian/patches/90_MFSA_2007_27.dpatch: Patches, respectively, for
mfsa-2007-26 (aka CVE-2007-3844) and mfsa-2007-27 (aka CVE-2007-3845).
* debian/patches/00list: Updated accordingly.
-- Mike Hommey <glandium@debian.org> Wed, 01 Aug 2007 20:56:56 +0200
xulrunner (1.8.0.13~pre070720-0etch2) stable-security; urgency=critical
* debian/patches/80_system_libs.dpatch: Make sure we won't be bitten by
upstream changing libjpeg, libpng or zlib internal version, which
makes system library not used even though --with-system-* argument
is given to configure. This time, it happened with libpng.
* debian/patches/99_configure.dpatch: Updated.
* debian/patches/00list: Updated accordingly.
* debian/rules:
+ Bumped shlibs for libmozjs as this version introduced 2 new symbols
that, while not used yet, will be in final 1.8.0.13 libxul.
+ Use milestone version instead of upstream version number for
"temporary" xulrunner-xpcom dependency in xulrunner-plugin.pc.
Closes: #434844.
-- Mike Hommey <glandium@debian.org> Mon, 30 Jul 2007 21:00:50 +0200
xulrunner (1.8.0.13~pre070720-0etch1) stable-security; urgency=critical
* New security/stability upstream prerelease (v1.8.0.13pre070720)
* Fixes mfsa-2007-{18-22}, mfsa-2007-{24-25}, alsa known as
CVE-2007-3089, CVE-2007-3285, CVE-2007-3656, CVE-2007-3734,
CVE-2007-3735, CVE-2007-3736, CVE-2007-3737, CVE-2007-3738.
* debian/patches/10_non_jar_specialchars.dpatch: Allow special characters
(such as ~) in destination directory name. Patch from bz#336056.
* debian/patches/00list: Updated accordingly.
-- Mike Hommey <glandium@debian.org> Fri, 20 Jul 2007 22:36:36 +0200
xulrunner (1.8.0.12-0etch1) stable-security; urgency=low
* New upstream release (taken from upstream CVS)
* Fixes mfsa-2007-{12-14}, mfsa-2007-{16-17}, also known as
CVE-2007-1362, CVE-2007-2867, CVE-2007-2868, CVE-2007-2869,
CVE-2007-2870, CVE-2007-2871.
-- Mike Hommey <mh@glandium.org> Tue, 05 Jun 2007 20:42:32 +0200
xulrunner (1.8.0.11-2) unstable; urgency=low
* debian/rules: Use real upstream version instead for xulrunner-plugin.pc
dependency on xulrunner-xpcom.pc. Closes: #416425.
-- Mike Hommey <glandium@debian.org> Wed, 28 Mar 2007 08:05:04 +0200
xulrunner (1.8.0.11-1) unstable; urgency=low
* New upstream release (taken from upstream CVS)
* Fixes mfsa-2007-11.
* debian/python-xpcom.postinst, debian/python-xpcom.prerm: Added missing
component registration/unregistration.
* debian/patches/25_gnome_helpers_with_params.dpatch: Make MIME registry
use system mime.types when it doesn't get extensions from the Gnome
registry. Closes: #414008.
* debian/rules: Add the debugging symbols from python-xpcom to the
libxul0d-dbg package.
* debian/control:
+ Make python-xpcom conflict with epiphany-browser until epiphany
fixes its problems with python thread state. Closes: #416031.
+ Add the fact that python-xpcom debugging symbols are in the
libxul0d-dbg package.
-- Mike Hommey <glandium@debian.org> Sat, 24 Mar 2007 18:04:03 +0100
xulrunner (1.8.0.10-3) unstable; urgency=low
* debian/rules: Re-add xulrunner-xpcom requirement in xulrunner-plugin.pc,
until classpath, gcj-4.1 and pcmanx-gtk2 get fixed. Closes: #413964.
-- Mike Hommey <glandium@debian.org> Fri, 9 Mar 2007 08:14:35 +0100
xulrunner (1.8.0.10-2) unstable; urgency=low
* debian/copyright: Added licensing terms for the content in the debian
directory.
* debian/patches/15_passwdmgr.dpatch: Restore parts that were actually
NOT applied upstream, and adapt them. Thanks Sam Hocevar for spotting
this. Closes: #413991.
-- Mike Hommey <glandium@debian.org> Thu, 8 Mar 2007 19:08:10 +0100
xulrunner (1.8.0.10-1) unstable; urgency=low
* New upstream release (taken from upstream CVS)
* Fixes mfsa-2007-{01-07}, also known as
CVE-2006-6077, CVE-2007-0008, CVE-2007-0009, CVE-2007-0045,
CVE-2007-0775, CVE-2007-0776, CVE-2007-0777, CVE-2007-0778,
CVE-2007-0779, CVE-2007-0780, CVE-2007-0800, CVE-2007-0981,
CVE-2007-0995.
* debian/patches/35_pango_null_char.dpatch: Avoid freeze/crash when null
characters are present in justified text by discarding NULL characters
before displaying. bz#366902. Closes: #406713.
* debian/patches/20_pangoxft.dpatch: Renamed to 10_pangoxft.dpatch and
updated with patch from bz#338446 (Stolen from iceape, actually)
Also added MOZ_PANGO_LIBS to build command line for the toolkit library.
* debian/patches/15_atk_crash.dpatch: Fix random crashed in GetMaiAtkType.
bz#302250. (Stolen from iceape, too)
* debian/control: Tighten dependency of libxul0d on libxul-common.
* debian/patches/15_pango_textarea_position.dpatch: Fix for cursor position
when moving in a textarea. bz#366796. Closes: #408914.
* debian/patches/35_zip_cache.dpatch: Invalidate cache for a zip file that
got modified. It will prevent corruption of the XUL FastLoad cache when
upgrade is performed while an instance of the application is running.
bz#368428.
* debian/patches/80_config.dpatch: Use config.guess and config.sub from
autotools-dev.
* debian/rules: Don't install config.{guess,sub}, since that was done as a
dpatch.
* debian/patches/15_nspr_setuid.dpatch,
debian/patches/25_passwdmgr_crash.dpatch,
debian/patches/20_broken_perl.dpatch: Removed, as being applied upstream.
* debian/patches/15_passwdmgr.dpatch,
debian/patches/30_distclean.dpatch: Removed parts that were applied
upstream.
* debian/patches/18_kbsd_nspr.dpatch, debian/patches/25_entropy.dpatch:
debian/patches/38_kbsd.dpatch, debian/patches/80_security_tools.dpatch:
debian/patches/80_security_build.dpatch,
debian/patches/60_xpcomstub.dpatch, debian/patches/61_javaxpcom.dpatch,
debian/patches/81_sonames.dpatch, debian/patches/85_installer.dpatch
debian/patches/15_passwdmgr.dpatch : Adapted to upstream changes.
* debian/patches/80_zip.dpatch: Removed part that is not needed anymore due
to changes upstream.
* debian/patches/99_configure.dpatch: Updated with autoconf.
* debian/control: Make libxul-dev and libmozjs-dev conflict with old
versions of mozilla-browser, not the current transition packages for
iceape-browser that don't contain conflicting files anymore.
Closes: #407966.
* debian/libnss3-0d.install: Install libfreebl files.
* debian/rules:
- Run shlibsign on libfreebl files.
- Bump shlibs for libnss3-0d and libnspr4-0d, as they introduced new
symbols.
* debian/patches/15_gtk_dropdown.dpatch: Fix for focus problem with drop
down lists. bz#281551. Closes: #409889.
* debian/patches/00list: Updated accordingly.
* debian/patches/80_security_build.dpatch: Also added a dirty hack to load
libfreebl from /usr/lib/xulrunner.
* debian/patches/80_security_tools.dpatch: Also disable rpath.
-- Mike Hommey <glandium@debian.org> Thu, 1 Mar 2007 19:01:34 +0100
xulrunner (1.8.0.9-1) unstable; urgency=low
* New upstream release (taken from upstream CVS)
* Fixes mfsa-2006-{68-73} also known as
CVE-2006-6497, CVE-2006-6498, CVE-2006-6499, CVE-2006-6500,
CVE-2006-6501, CVE-2006-6502, CVE-2006-6503, CVE-2006-6504.
* Removed non-free and sourceless binaries from source package
with the script from the gnuzilla project, with 2 additional removals of
IETF files. Closes: #393422.
You can find this modified script for reference in debian/remove.nonfree.
Note this script also removes useless CVS files.
* debian/patches/80_uname.dpatch: Fix OS_TARGET so that it is correctly set
to Linux for things that expect this value instead of linux-gnu (such as
the extensions manager)
* debian/libxul0d.links: Added a link for libgtkembedmoz in
/usr/lib/xulrunner. Closes: #393440.
* debian/patches/15_passwdmgr.dpatch: Adapted to changes in upstream. Thanks
to Andreas Metzler.
* debian/patches/35_crash_focus.dpatch: Removed: applied upstream.
* debian/patches/15_nspr_setuid.dpatch: Patches from bz#351470 and bz#365703
to fix privilege escalation issues with setuid/setgid program linked
against libnspr and some other boundaries issue. Closes: #405062.
* debian/patches/18_m68k_xpcom.dpatch: Apply changes provided by Roman
Zippel to fix FTBFS of third party software on m68k. Closes: #402011.
Renamed as 68_m68k_xpcom.dpatch, since it needs to be sent upstream.
* debian/libnss3-dev.links: Add nss.pc symlink to xulrunner-nss.pc.
Closes: #402846.
* debian/patches/38_kbsd.dpatch, debian/patches/38_mips64_build.dpatch,
debian/patches/80_uname.dpatch, debian/patches/18_kbsd_nspr.dpatch:
Applied patch from Petr Salinger to build on GNU/kFreeBSD.
Closes: #388475.
* debian/patches/00list: Updated accordingly.
* debian/patches/99_configure.dpatch: Updated with autoconf.
* debian/patches/81_soname.dpatch: Updated to fit changes to Linux2.6.mk in
38_kbsd.dpatch.
* debian/patches/65_native_uconv.dpatch:
- Reworked so that UTF-16 is used internally instead of UCS-2, and
improved to better handle corner cases.
- Allow claimed iso-8859-1 actually encoded as windows-1252 to be
converted flawlessly. Closes: #368779, #401784, #405681
-- Mike Hommey <glandium@debian.org> Sat, 6 Jan 2007 17:51:16 +0100
2006
xulrunner (1.8.0.8-1) unstable; urgency=high
* New upstream release (taken from upstream CVS) * Fixes several security issues, CVE-2006-5464, CVE-2006-5748, CVE-2006-5462, CVE-2006-5463, CVE-2006-4310 being some of these. * debian/patches/15_print_fontconfig.dpatch, debian/patches/15_embed_initial_visibility.dpatch: Removed: Applied upstream. * debian/patches/00list: Updated accordingly. * debian/rules: Changed the way we use uptodate config.guess and config.sub. If will make the .diff.gz file lighter.
-- Mike Hommey <glandium@debian.org> Sat, 18 Nov 2006 23:04:54 +0100
xulrunner (1.8.0.7-2) unstable; urgency=low
* debian/patches/65_nativeuconv.dpatch: Reimplement most of the native
uconv service so that it works as proper nsUnicode(En|De)coder
implementations and don't break things when a multibyte character is
split between two buffers. Also add a workaround so that backslash is not
turned into Yen in shift-jis, which breaks javascript code using escaping.
The layout code turns it back to Yen anyways.
* debian/control: Changed dependency versions of arch-indep packages on
arch-dependent packages. Closes: #385793.
* debian/patches/15_print_fontconfig.dpatch: Patch from bz#294879 to avoid
crash with fontconfig when printing. Thanks Alexander Sack.
Closes: #390140, #390472, #391119.
* debian/patches/00list: Updated accordingly.
-- Mike Hommey <glandium@debian.org> Fri, 6 Oct 2006 19:13:56 +0200
xulrunner (1.8.0.7-1) unstable; urgency=low
* New upstream release (taken from the MOZILLA_1_8_0_7_RELEASE tag in
upstream CVS)
* Fixes the following security vulnerabilities:
CVE-2006-4340, CVE-2006-4253, CVE-2006-4565, CVE-2006-4566,
CVE-2006-4568, CVE-2006-4569, CVE-2006-4571.
* Removed patches from NMUs by Matthias Klose, because work done on java
build in this release makes them unnecessary.
* debian/patches/15_nodataprotocolcontentpolicy_fix.dpatch,
debian/patches/15_overthespot.dpatch: Removed, since they've been applied
upstream.
* debian/patches/35_embed_initial_visibility.dpatch: Renamed as
debian/patches/15_embed_initial_visibility.dpatch, since it got applied in
an upstream branch.
* debian/patches/80_security_tools.dpatch: Added missing backslash.
Closes: #385847.
* debian/patches/15_jni.dpatch: Patch from bz#333738 to update java stubs.
* debian/patches/80_javaxpcom.dpatch: Force creation of Makefiles in
extensions/java, even when javaxpcom is disabled. Don't build the jars if
DEB_NO_JAR is defined.
* debian/patches/00list: Updated accordingly.
* debian/mozconfig: Disable javaxpcom.
* debian/rules:
+ Added rules to build the java class files only for binary
independent build. This way, no more waiting on java on buildds
(especially on arm).
+ Build the javaxpcomglue from the bundled jni headers instead of the gcj
headers.
* debian/control: Adapted build dependencies so that the minimum is taken to
build the architecture dependant part, and added adequate
Build-Depends-Indep field.
* debian/patches/80_uname.dpatch: Don't use the ppc_linux stuff for ppc64.
-- Mike Hommey <glandium@debian.org> Thu, 28 Sep 2006 20:20:59 +0200
xulrunner (1.8.0.5-4.2) unstable; urgency=low
* Relax the dependencies even more, so that the -dev packages can be
installed with the arm binaries currently in the archive (1.8.0.4).
-- Matthias Klose <doko@debian.org> Sun, 3 Sep 2006 13:39:45 +0200
xulrunner (1.8.0.5-4.1) unstable; urgency=medium
* NMU * Relax dependencies of the -dev packages on the libraries. Closes: #385793.
-- Matthias Klose <doko@debian.org> Sun, 3 Sep 2006 10:41:10 +0200
xulrunner (1.8.0.5-4) unstable; urgency=low
* debian/patches/*: Moved around after some triage.
Some changed names, some changed only ordering number.
One got split.
One, that was disabled because it has been applied upstream, got removed.
Two, who were depending on each other, being reordered, have been updated.
* debian/patches/30_distclean.dpatch: Added a bit more clean-up, not
necessary for xulrunner, but still better to have around. One of the added
bits will actually be useful for the 1.8.1 branch, when we'll remove
debian/patches/20_visibility.dpatch.
* debian/patches/00list: Added a nomenclature for the patches naming.
* debian/patches/80_security_tools.dpatch: Enable building of some NSS
tools.
* debian/patches/00list: Updated accordingly.
* debian/control:
+ Added a libnss3-tools package to contain these NSS tools.
+ Added proper conflicts to libnss3-tools.
* debian/libnss3-tools.install: Install the binary files in the newly
created package.
* debian/rules: Strip files from the libnss3-tools package and put the
debugging symbols into libnss3-dbg.
Closes: #377269.
* debian/control: Use the suggestion from lintian for binNMU safety instead
of our previous own. And really add binNMU safety to libnss3-dev.
-- Mike Hommey <glandium@debian.org> Fri, 1 Sep 2006 07:38:05 +0200
xulrunner (1.8.0.5-3) unstable; urgency=low
* The ${host_cpu} is not uname -m release.
* debian/patches/90_xpcom_hppa.dpatch: Added support for 'hppa' instead of
'parisc' and 'parisc64' since we changed from using `uname -m` to using
${host_cpu}. I'm not putting hppa64 because I don't think the code works
on parisc64.
* debian/patches/01_uname.dpatch: Fixed
xpcom/reflect/xptcall/src/md/unix/Makefile.in so that it recognizes
powerpc instead of ppc, since we now use ${host_cpu}. Thanks a lot to
Michel Dänzer for the big hint. Closes: #383053, #383056, #383313.
-- Mike Hommey <glandium@debian.org> Fri, 25 Aug 2006 20:37:55 +0200
xulrunner (1.8.0.5-2) unstable; urgency=low
* The Fix-ups release.
* debian/patches/01_libxpcom_hack.dpatch: Force libxpcom to be linked to
xulrunner-bin, xpcshell and libgtkmozembed so that it is loaded in most
of the cases.
* debian/patches/01_passwdmgr_crash.dpatch: Avoid crash of the password
manager when embedding applications don't set a profile directory. Patch
from bz#294075. Closes: #376323.
* debian/patches/01_gnome_helpers_with_params.dpatch: Make helper
applications with parameters work. Adapted patch from bz#273524.
Closes: #381291.
* debian/patches/01_nspr_m4.dpatch: Avoid aclocal warnings about
underquoted definition of AM_PATH_NSPR". Closes: #382539.
* debian/patches/01_gtkmozembed_change_toplevel.dpatch: Fix drop-down menus
when gtkmozembed is moved from different toplevel. Patch from bz#296002.
Closes: #367106.
* debian/patches/01_overthespot.dpatch: Apply patch from bz#271815 for GTK2
IM Over-The-Spot support.
* debian/patches/00list: Updated accordingly.
* debian/control:
+ Make the controls more BinNMU compliant. Closes: #384200, #384203.
+ Bumped Standards-Version to 3.7.2.1. No changes.
-- Mike Hommey <glandium@debian.org> Tue, 22 Aug 2006 23:15:16 +0200
xulrunner (1.8.0.5-1) unstable; urgency=high
* The "upstream doesn't, so I do" release: Checked out the
XULRUNNER_1_8_0_5_RELEASE tagged code from upstream CVS.
* Fixes the following security vulnerabilities:
CVE-2006-3113, CVE-2006-3677, CVE-2006-3801, CVE-2006-3802,
CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807,
CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811,
CVE-2006-3812.
* debian/patches/01_pyxpcom_deadcode.dpatch: Remove pyxpcom dead code and
fix FTBFS on alpha this way. Closes: #381662.
* debian/patches/01_nodataprotocolcontentpolicy_fix.dpatch: Fix from
Firefox 1.5.0.6 to allow urls like mms:// in <object/>s
* debian/patches/01_uname.dpatch: Use ${host_*} variables instead of
uname in configure.in. Closes: #377418.
This is a minimalist patch to solve the particular bad assembler choice
issue. It would need a much greater work to actually do something totally
clean, but the current patch should be enough for Linux builds.
* debian/patches/00list: Updated accordingly.
* debian/patches/99_configure.dpatch: Updated with autoconf.
* debian/libxul-dev.install: Install files from SDK independently and don't
install the jar files from sdk/lib, since they are in the
libmozillainterfaces-java package.
* debian/control: Fixed typo in libxul-common description.
* debian/rules: Bumped shlibs for libmozjs as this version introduced 2
new symbols.
-- Mike Hommey <glandium@debian.org> Wed, 9 Aug 2006 21:01:47 +0200
xulrunner (1.8.0.4-2) unstable; urgency=low
* The "finally enabling these stuff" release.
* debian/watch: Stole the watch file from firefox.
* debian/rules, debian/control, debian/mozconfig,
debian/libmozillainterfaces-java.install,
debian/libmozillainterfaces-java.links, debian/*.conf: Enable pyxpcom
and javaxpcom again, with some changes on the python part, to fit the
new python policy. Closes: #173264, #277120, #373906.
* debian/python-xpcom.dirs, debian/python-xpcom.install: Replace the
previous .in files, and replace PYVERS by a wildcard.
* debian/control:
+ Added build dependency on python-support and python-dev.
+ Only create a python-xpcom package instead of pythonX.Y-xpcom.
+ Added XB-Python-Version field to python-xpcom.
+ Bumped debhelper dependency.
* debian/pyversions, debian/pycompat: Files necessary for dh_pysupport and
dh_python.
* debian/libxul-common.*, debian/libxul0d.*, debian/control: Create a new
libxul-common package for most architecture independent files.
* debian/control: Add a build dependency on binutils >= 2.17-1 for mips and
mipsel, where #274738 is fixed.
* debian/patches/90_mips_performance.dpatch: Remove the xgot hack.
Closes: #374389. Thanks Thiemo Seufer.
Also remove the specific setting of MOZ_DEBUG_FLAGS="-g" for mips, it's
built with -g anyways.
* debian/rules:
+ Bump shlib for libmozjs0d because of a new symbol. Other libraries were
not subject to symbol additions, so we can keep them as they are.
Closes: #376374.
+ Removed an extra parenthesis to really build with minimal toc on ppc64.
Dammit. Closes: #361188.
* debian/patches/01_crash_focus: Fix a crasher and several similar potential
crashers.
* debian/patches/00list: Updated accordingly.
-- Mike Hommey <glandium@debian.org> Sat, 8 Jul 2006 14:22:43 +0200
xulrunner (1.8.0.4-1) unstable; urgency=high
* The "finally a new upstream" release.
* Fixes the following security vulnerabilities:
CVE-2006-2775, CVE-2006-2776, CVE-2006-2778, CVE-2006-2780,
CVE-2006-2782, CVE-2006-2783, CVE-2006-2784, CVE-2006-2785,
CVE-2006-2786, CVE-2006-2787.
* debian/patches/00_securityfix.dpatch: Removed, since this release includes
all the security changes we brought from CVS in this patch.
* debian/patches/90_js_mipsel_endianness.dpatch: Removed, since it was
applied upstream.
* debian/patches/01_installer.dpatch,
debian/patches/01_javaxpcom.dpatch: Removed parts that were applied
* debian/patches/00list: Updated accordingly.
* debian/patches/01_distclean.dpatch,
debian/patches/01_xpcomglue.dpatch: Adapted to upstream changes.
upstream.
* debian/patches/99_configure.dpatch: Updated.
* debian/patches/01_pyxpcom.dpatch: Use a make variable for PYTHON_SO.
* debian/patches/90_unichar_alignment.dpatch.
* debian/patches/00list: Added 90_unichar_alignment.
* debian/rules:
+ Set this PYTHON_SO variable when building python modules.
+ Disabled strict aliasing from optimized builds.
+ Build with minimal toc on ppc64. Closes: #361188.
+ Fix for Gecko date extraction from client.mk.
* debian/mozconfig: Set default mozilla home.
* debian/control: Replaced some Conflicts with Replaces, which should be fine.
* debian/rules, debian/control, debian/mozconfig, debian/python-xpcom.dirs.in,
debian/python-xpcom.install.in, debian/libmozillainterfaces-java.install,
debian/libmozillainterfaces-java.links, debian/*.conf: Remove pyxpcom and
javaxpcom (again) packages and build. We want this release not to go through
NEW (again).
-- Mike Hommey <glandium@debian.org> Thu, 15 Jun 2006 01:05:34 +0200
xulrunner (1.8.0.1-12) unstable; urgency=low
* The release of the Beast.
* debian/control:
+ Added dependency upon libnss3-dev to libxul-dev.
+ Fixed dependencies and conflicts so that the package should be binNMU
safe.
+ Depends upon dpkg-dev >= 1.13.19 accordingly.
* debian/control, debian/rules: xulrunner must depend on libxul0d
versions >= 1.8.0.1-9. Closes: #370152.
* Add support for PyXPCOM:
+ debian/mozconfig: Added the python/xpcom extension.
+ debian/control: Added build dependency on python-dev. Added
python2.3-xpcom and python2.4-xpcom packages.
+ debian/python-xpcom.install.in: Install template for python XPCOM files.
+ debian/python-xpcom.dirs.in: Directories to create in python XPCOM
packages.
+ debian/rules:
- Add rules to build the python xpcom packages.
- Add a shlibs.local hack to have python xpcom packages correctly depend
on libxul0d >= 1.8.0.1-12.
+ debian/patches/01_no_examples.dpatch: Don't install the pyxpcom sample
component.
Closes: #173264, #277120.
* Add support for JavaXPCOM again:
+ debian/mozconfig: --enable-javaxpcom.
+ debian/*.conf: Set javaxpcom=1.
+ debian/control: Added a build dependency on java-gcj-compat-dev
>= 1.0.56 to avoid #365934, and force build dependency on ecj-bootstrap
>= 3.1.2-6 to avoid #361608.
+ debian/rules: Uncommented the javaxpcom related rules. Removed the
workarounds for #365934 and #361608. Install all MozillaInterfaces jar
files in the sdk directory.
+ debian/libxul0d.install: Uncommented the javaxpcom files. Removed
installation of MozillaInterfaces.jar.
+ debian/control: Added a libmozillainterfaces-java package for the public
java interfaces.
+ debian/libmozillainterfaces-java.(install|links): Install
MozillaInterfaces.jar in /usr/share/java, and install the -src.jar file
in the sdk directory.
+ debian/patches/01_pyxpcom.dpatch: Fix installation directory.
+ debian/patches/00list: Updated to include this new patch.
-- Mike Hommey <glandium@debian.org> Tue, 6 Jun 2006 23:26:09 +0200
xulrunner (1.8.0.1-11) unstable; urgency=low
* The "Let's get migrated" release.
* debian/control: Don't build-depend on java-gcj-compat-dev.
* debian/libxul0d.install: Comment out the javaxpcom files installation.
* debian/rules: Comment out javaxpcom related rules, but put the fix for
jni.h detection nevertheless. Closes: #367863.
* debian/*.conf: Set javaxpcom=0.
* debian/mozconfig: --disable-javaxpcom.
* debian/rules:
+ Remove extra parenthesis in the productComment.
+ Generate the .chk file from the stripped libsoftokn3.so.0d.
* debian/patches/01_security.dpatch: Build the shlibsign utility again, so
that we can generate the .chk that can be useful for FIPS mode, but don't
build the .chk file automatically since we are going to strip the library,
making the .chk file obsolete.
* debian/patches/01_ssl.dpatch: Disable SSLv2 and SSLv3 40-bit ciphers.
Closes: #308334.
* debian/patches/01_soname.dpatch: Change the way libnss tries to find the
.chk file for FIPS mode so that the .chk file name needn't contain ".so"
when using a full SONAME.
* debian/patches/00list: Apply 01_security after 01_soname ; Added 01_ssl.
* debian/libxul0d.README.Debian: Add a note about SSLv2 and SSLv3 40-bit
ciphers.
-- Mike Hommey <glandium@debian.org> Sat, 20 May 2006 21:23:00 +0200
xulrunner (1.8.0.1-10) unstable; urgency=critical
* The "how dumb can I be ?" release. * debian/rules: Don't use x86 specific directory to find jni.h.
-- Mike Hommey <glandium@debian.org> Sun, 14 May 2006 01:25:10 +0200
xulrunner (1.8.0.1-9) unstable; urgency=critical
* The "I wish they had a distribution-friendly security policy" release.
* Fixes the following security vulnerabilities:
CVE-2006-0297, CVE-2006-0748, CVE-2006-1530, CVE-2006-1531,
CVE-2006-1723, CVE-2006-1724, CVE-2006-1725, CVE-2006-1726,
CVE-2006-1727, CVE-2006-1728, CVE-2006-1729, CVE-2006-1730,
CVE-2006-1732, CVE-2006-1742.
* Should fix the following security vulnerabilities:
CVE-2006-0884, CVE-2006-1045, CVE-2006-1529, CVE-2005-2353.
* debian/patches/00_securityfix.dpatch: All security patches for the issues
above. I hope none has been forgotten, it has been a real PITA to go
through all the patches in upstream CVS to find those commits that might
be related to fixing the flaws.
* debian/patches/01_native_uconv.dpatch:
+ Add the scriptableunicodeconverter component. Will make chatzilla work.
+ Fix GBK and EUC-TW charset names so that iconv recognizes them.
Closes: #365886.
* debian/patches/01_killAll.dpatch, debian/xulrunner.install: Correctly
install the killAll component.
* debian/patches/01_js_binary.dpatch: Add readline support to xpcshell.
* debian/patches/01_no_register.dpatch: Remove (un|)registering system. We
don't need it since we register ourselves.
* debian/patches/01_broken_perl.dpatch: Apply patch from bz#325148 instead
of removing the broken perl code.
* debian/patches/01_no_chromelist.dpatch: Also correctly call make-jars.pl
to avoid creation of unexpected chrome in dist/bin instead of
dist/bin/chrome.
* debian/mozconfig:
+ Disable elf-dynstr-gc, which is pretty useless nowadays.
+ Enable javaxpcom support.
* debian/rules:
+ Added a check between dist/bin and $DESTDIR/usr/lib/xulrunner to see if
upstream correctly installs everything...
+ Set JAVA_HOME for configure to find the java compiler.
+ Work around bug #361806 by setting JAVAC at build time.
+ Work around bug #365934 by using --with-java-include-path configure
option, and work around a feature of cpp by creating a symlink to the
real location of jni.h in the debian directory.
+ Don't install dependentlibs.list (see debian/patches/01_xpcomstub.dpatch
below).
+ Changed the way we move libraries to /usr/lib.
+ Changed the User-Agent string again, it seems too many dumb scripts use
the useless date from the product string.
* debian/control: Added java-gcj-compat-dev to build dependencies.
* debian/patches/01_javaxpcom.dpatch:
+ Apply patch from bz#327654 to be able to actually build the javaxpcom
stuff.
+ Allow to build with gcj headers.
+ Don't install GenerateJavaInterfaces.
+ Correctly install javaxpcom.jar.
+ Don't use visibility flags so that symbols are exported.
* debian/*.conf: Set jaxaxpcom to 1.
* debian/patches/01_icons.dpatch: Apply patch from bz#314927 to install
default.xpm in the right place
* debian/xulrunner.install: Install chrome/icons, where default.xpm is
sitting.
* debian/patches/01_installer.dpatch: Apply patch from bz#328505 to allow
to install without a vendor name.
* debian/patches/01_mouse_buttons.dpatch: Extended mouse buttons support
taken from #244305. Thanks Peter Colberg.
* debian/patches/01_xpcomstub.dpatch: Correctly install dependentlibs.list
and apply patch from bz#332262 for it to contain NSS libraries.
* debian/patches/01_distclean.dpatch: Make distclean cleaner.
* debian/patches/01_target_xpcom_abi.dpatch: Apply patch from bz#322450 plus
the OS_TEST fix that got landed at the same time so that TARGET_XPCOM_ABI
is correctly set on sparc.
* debian/patches/01_embed_initial_visibility.dpatch: Apply patch from
bz#312998 to fix gtkmozembed's EmbedWindow::GetVisibility. Closes: #365868.
* debian/patches/01_config_install.dpatch: Correct installation of all the
headers files from the config/ directory.
* debian/patches/00list: Updated to include all the new patches.
* debian/patches/99_configure.dpatch: Updated.
* debian/control:
+ Bumped Standards-Version to 3.7.2.0. No changes.
+ Add small text about the SDK to libxul-dev's description.
+ Make libxul-dev depend on xulrunner for the development tools (xpt_link,
xpt_dump, xpidl, regxpchrome)
* debian/rules, debian/libxul-dev.install: Install the SDK files.
* debian/libxul0d.install: Install MozillaInterfaces.jar in
/usr/lib/xulrunner instead of inside the SDK (but put a symlink there),
since it is useful to embed javaxpcom.
* debian/libxul0d.install, debian/xulrunner.install: Move the PSM files
from xulrunner to libxul0d. Closes: #359220, #359226.
* debian/control: Make libxul0d conflict with those older versions of
xulrunner that included the PSM files.
-- Mike Hommey <glandium@debian.org> Sat, 13 May 2006 23:22:35 +0200
xulrunner (1.8.0.1-8) unstable; urgency=low
* debian/libxul0d.install:
+ Install xpt files one by one instead of glob, so that we:
- put mozgnome.xpt in xulrunner-gnome-support
(debian/xulrunner-gnome-support.install)
- don't install the sample simple.xpt
+ Don't install the sample component libsimpletest.so.
* debian/rules:
+ Don't remove the .chk file, since we don't install it anymore.
+ Use -Wl,--as-needed as LDFLAGS. That will work around upstream linking
strategy to limit useless linkage.
+ Use a specific LD_LIBRARY_PATH at link time so that we don't need to
link against indirect dependencies. This is a temporary workaround until
this is workaround some better other way.
+ Added some install checks after binary packages build, so that we can
know if we forgot anything.
+ Fixed the way we get the DEBIAN_VERSION.
* debian/patches/01_native_uconv.dpatch:
+ Don't build intl/uconv/ucvja and friends, since this is supported by
the native uconv implementation and not even linked into something we
ship.
+ Properly load invalid UTF-8 files and more generally malformed files
as to their (supposed) encoding. Closes: #358815, #359049, #358599.
* debian/patches/01_prefs.dpatch: set javascript.options.showInConsole.
* debian/patches/01_security_build.dpatch:
+ Don't build the stuff we don't need, and dynamically link libnssckbi to
both libplc4 and libplds4 instead of linking statically.
+ Build with debugging symbols.
* debian/patches/01_no_chromelist.dpatch: Don't build chromelist.txt files.
* debian/patches/01_no_sys_profile.dpatch: Don't install system profile.
* debian/patches/01_no_examples.dpatch: Don't build the examples.
* debian/patches/01_xpcomglue.dpatch:
+ Build the xpcom glue as a shared library.
+ Load DSOs from . when directory is not given. That makes regxpcom work
as "expected".
* debian/patches/80_xpidl.dpatch: Added an error message when no file is
given, to sync with the patch against trunk I sent upstream.
* debian/patches/01_about:plugins.dpatch: Install the files for
about:plugins. Closes: #354037, #356082.
* debian/patches/01_installer.dpatch: Install applications in /usr/local/lib
instead of /usr/lib.
* debian/patches/00list: Updated accordingly.
* debian/patches/99_configure.dpatch: Updated.
* debian/rules, debian/spidermonkey-bin.install: Move out some files from
the install target instead of the binary target. Install them with
dh_install.
* debian/control: Bumped to Standards-Version: 3.6.2.2. No changes required.
* debian/libxul0d.postinst, debian/libxul0d.preinst: Instead of removing
compreg.dat and xpti.dat to solve #357589, create a .autoreg file. That
will trigger components registration in all cases, even in cases where the
component registry was stored in a profile directory.
Do it on postinst at configure time instead of preinst.
* debian/xulrunner-gnome-support.{postinst|prerm}: Also do it when
configuring or removing xulrunner-gnome-support.
* debian/libxul0d.prerm: Remove all files that could be generated by running
xulrunner or programs using libxul as root, plus the .autoreg file we
create in case it's still there.
* debian/libxul0d.install, debian/libxul-dev.install: Install the
libxpcomglue files.
* debian/control, debian/rules: Added debugging symbols in separated
packages.
* debian/control, debian/compat: Bumped debhelper compatibility to 5.
* debian/libxul0d.links: Add links to the libraries in /usr/lib/xulrunner.
That will allow some (but not all, because of C++ ABI differences)
components from mozilla and/or upstream to work with xulrunner. It also
allows the XPCOM Glue to kinda work without deep modifications.
* debian/libxul0d.conf, debian/xulrunner.conf, debian/libxul0d.install,
debian/xulrunner.install, debian/rules: Install GRE "configurations" into
/etc/gre.d. That is used by the XPCOM Glue (thus, by the xulrunner stub).
* debian/rules, debian/libxul0d.install: Install the dependentlibs.list file.
-- Mike Hommey <glandium@debian.org> Sat, 1 Apr 2006 16:09:27 +0200
xulrunner (1.8.0.1-7) unstable; urgency=low
* debian/rules: Add -g to the build flags when building with
DEB_BUILD_OPTIONS=nostrip. If we ask for nostrip, we want the debugging
symbols, right? ;)
* debian/libxul0d.preinst, debian/libxul0d.prerm: Remove
/usr/lib/xulrunner/components/{compreg|xpti}.dat files on upgrade and
removal. Closes: #357589. That will also avoid gnome-support components to
be ignored if they were created when the components were not yet
installed.
-- Mike Hommey <glandium@debian.org> Thu, 23 Mar 2006 23:02:29 +0100
xulrunner (1.8.0.1-6) unstable; urgency=low
* debian/copyright: Fixed typo.
* debian/patches/90_mips64_build.dpatch: Patch from Martin Michlmayr for
mips64 builds.
* debian/patches/90_unsupported_arch_build.dpatch: Don't use x86 as CPU_ARCH
when building on an unsupported architectures. Closes: #357035.
* Put back some stuff that used to be in spidermonkey-bin:
+ debian/rules, debian/smjs.1: Add the manual page.
+ debian/rules, debian/spidermonkey-bin.menu: Add the menu item.
+ debian/spidermonkey-bin.postinst, debian/spidermonkey-bin.prerm:
Add the /usr/bin/js alternative. Closes: #355729.
* debian/mozconfig: Enable iconv support.
* debian/patches/01_native_uconv.dpatch: Fix for the build to succeed when
iconv support is enabled.
* debian/patches/00list: Updated accordingly.
-- Mike Hommey <glandium@debian.org> Fri, 17 Mar 2006 07:16:10 +0100
xulrunner (1.8.0.1-5) unstable; urgency=low
* debian/mozconfig: DON'T build the typeaheadfind module. It will cause
problems with firefox as stated before AND with the newer Galeons. I guess
it will also be problematic with newer Epiphanies.
* debian/rules: Changed the Gecko/Debian/x.y.z.t-r string to
Gecko/Debian-x.y.z.t-r for RFC2616 compliance. Thanks Josh Triplett and
Matthew Wilcox.
* debian/rules, debian/xulrunner-config: Provide a version of
xulrunner-config that gives more appropriate cflags and libs.
-- Mike Hommey <glandium@debian.org> Mon, 27 Feb 2006 19:44:59 +0100
xulrunner (1.8.0.1-4) unstable; urgency=low
* debian/mozconfig:
+ Build the typeaheadfind module. It will enable it in Galeon and
Epiphany, but might cause problems with future firefoxes built on top on
xulrunner. That will need to be investigated further.
+ Build with a flat chrome instead of jar files.
* debian/libxul0d.install, debian/xulrunner.install: Changed chrome
wildcards accordingly.
* debian/patches/01_zip.dpatch: Don't need zip if not needed (not building
jar files)
* debian/patches/01_broken_perl.dpatch: Remove useless broken perl code.
* debian/patches/01_useragent.dpatch: Remove useless useragent setter at
startup so that general.useragent.product and general.useragent.productSub
set in our vendor.js preference file work at startup time.
* debian/patches/99_configure.dpatch: Updated.
* debian/patches/00list: Updated accordingly.
* debian/control: Removed build dependency upon zip.
-- Mike Hommey <glandium@debian.org> Tue, 21 Feb 2006 18:36:26 +0100
xulrunner (1.8.0.1-3) unstable; urgency=low
* debian/control:
+ Added a conflict against mozilla-browser on libxul-dev. Closes: #353600.
+ Renamed libsmjs1-dev to libsmjs-dev, since that what is the name of the
dev package provided by the old spidermonkey package.
+ Sync sections with override for spidermonkey-bin, libsmjs1 and
libsmjs-dev.
* debian/libsmjs1-dev.links: Renamed to libsmjs-dev.links.
* debian/patches/90_xpcom_hppa.dpatch: Somehow, the assembler files got
their content twice. Fixing that should make it build properly on HPPA.
* debian/xulrunner.*, debian/libxul0d.*:
+ Moved /usr/share/xulrunner/defaults from xulrunner to libxul0d ; leave
out profile and preferences. They will be reintroduced if they appear to
be really useful. As for now, they just seem to be vestiges of Mozilla,
Firefox or Thunderbird.
+ Moved /usr/share/xulrunner/res from xulrunner to libxul0d.
+ Moved /usr/share/xulrunner/chrome/classic.*, en-US.* and toolkit.* from
xulrunner to libxul0d. If the other chrome files appear to be required
for something else, we might consider moving them as well.
* debian/control: Add a conflict on older xulrunner to libxul0d according to
the moving around of files.
* debian/rules: Changed the way we identificate ourselves in
/usr/share/xulrunner/defaults/pref/vendor.js, and move it in libxul0d.
We will using be Gecko/Debian/<debian_release> instead of Gecko/yyyymmdd,
which was pointless anyway, because it was giving the date of the build,
not the date of the API...
* debian/patches/01_prefs.dpatch: Fix some printer and font configuration.
* debian/patches/00list: Updated accordingly.
-- Mike Hommey <glandium@debian.org> Mon, 20 Feb 2006 23:11:39 +0100
xulrunner (1.8.0.1-2) unstable; urgency=low
* debian/rules:
+ copy LICENSE instead of creating a link.
+ add -A to dh_installdocs.
+ don't install README.txt.
+ don't change xulrunner-gtkmozembed.pc, xulrunner-plugin.pc
and xulrunner-xpcom.pc. Some applications that build against gecko
seem to make bad assumptions, at least with gtkmozembed. It is safest
this way, until things change upstream.
* debian/patches/01_sonames.dpatch: Fix the dirname complain.
* debian/xulrunner.install, debian/xulrunner.links, debian/libxul0d.install,
debian/libxul0d.links: Moved greprefs from xulrunner to libxul0d.
The usually necessary changes to dependencies and conflicts have not been
made because 1.8.0.1-1 never reached the archive.
* debian/patches/90_js_mipsel_endianness.dpatch: Patch to fix little
endianness of mipsel. Thanks Ian Jackson and Thiemo Seufer.
* debian/patches/80_passwdmgr.dpatch: Take patch from bz#235336 as suggested
by Ian Jackson to allow password manager to work with sites that only have
a password field, no username.
* debian/patches/01_gfx_cairo.dpatch, debian/patches/01_gfx_thebes.dpatch,
debian/patches/01_canvas_cairo.dpatch: Removed. They were for the 1.9
branch.
* debian/patches/00list: Updated accordingly.
-- Mike Hommey <glandium@debian.org> Wed, 8 Feb 2006 18:53:28 +0100
xulrunner (1.8.0.1-1) unstable; urgency=low
* Initial release. Closes: #284189. * First upstream release: 1.8.0.1, synched with Firefox 1.5.0.1. * debian/patches/99_configure.dpatch: Updated. * debian/rules: + Removed package names from the dh_makeshlibs call. It just works fine with the -a option. + Removed useless dh_shlibdeps call when building arch-independent packages. + Removed the -l option to the dh_shlibdeps call, it works fine without. + Move libnssckbi.so back in /usr/lib/xulrunner. + Add a MPL file to the docs installed, taken from the upstream LICENSE file. * debian/control: + Added a xulrunner-gnome-support package for a separate gnome support. + Made the xulrunner package suggest this new package. + Typos corrections. + Add sections to packages. * debian/xulrunner-gnome-support.install: Install the gnome related components. * debian/libxul0d.install, debian/xulrunner.install: Moved some components from libxul0d to xulrunner. * debian/patches/01_ckbi_location: Removed. * debian/patches/00list: Updated accordingly. * debian/copyright: Updated.
-- Mike Hommey <glandium@debian.org> Tue, 7 Feb 2006 19:52:24 +0100
xulrunner (1.7.99+cvs20060113-1) experimental; urgency=low
* New CVS checkout.
* debian/mozconfig: Disable Java-XPCOM bridge.
* debian/control: Added | libreadline-dev to build dependencies.
* debian/patches/01_pangoxft.dpatch: force linking against pangoxft with
newer versions of pango.
* debian/patches/80_dash_workaround.dpatch,
debian/patches/80_entropy.dpatch,
debian/patches/80_xpidl.dpatch,
debian/patches/80_xrender_bug.dpatch,
debian/patches/90_ia64_align.dpatch,
debian/patches/90_mips_performance.dpatch,
debian/patches/90_ppc64_build.dpatch,
debian/patches/90_xpcom_arm_optim.dpatch,
debian/patches/90_xpcom_arm_unused_attribute.dpatch,
debian/patches/90_xpcom_hppa.dpatch,
debian/patches/90_xpcom_m68k.dpatch,
debian/patches/90_xpcom_mips.dpatch: Patches stolen from Firefox.
* debian/patches/00list: Updated accordingly.
* debian/patches/99_configure.dpatch: Updated.
-- Mike Hommey <glandium@debian.org> Thu, 19 Jan 2006 17:08:58 +0100
2005
xulrunner (1.7.99+cvs20051212-1) experimental; urgency=low
* New CVS checkout.
* debian/control: Moved -dev packages from arch: any to arch: all.
* debian/rules:
+ Properly copy nss includes.
+ Properly call dh_shlibdeps with the changed package names.
+ Add a vendor.js file adding debian version in user-agent string.
+ Modify *.pc files to fit modified include and library directories
and install them.
* debian/lib*-dev.install: Removed pkgconfig files.
* debian/*-dev.dirs: Create usr/lib/pkgconfig in the dev packages.
* debian/xulrunner.dirs: Create the prefs dir for the vendor.js file.
* debian/patches/01_locale.dpatch: Correctly set locale.
* debian/patches/00list: Updated accordingly.
-- Mike Hommey <glandium@debian.org> Sun, 18 Dec 2005 13:44:17 +0100
xulrunner (1.7.99+cvs20051130-1) experimental; urgency=low
* New CVS checkout.
* debian/mozconfig:
+ Added cookie and permissions extensions.
+ Disabled building of the installer.
* debian/patches/01_sidebar.dpatch: Added the sidebar extension.
* debian/rules:
+ Copy config.guess and config.sub files to the right places.
+ Remove the .chk files.
+ Add a debug DEB_BUILD_OPTIONS to add --enable-debug to configure.
* debian/patches/01_sonames.dpatch: Added soname support.
* debian/patches/01_js_binary.dpatch: Add dependency for js on libmozjs.so.
* debian/patches/99_configure.dpatch: Updated and added nsprpub/configure.in
in the scope.
* debian/patches/00list: Updated accordingly.
* debian/libmozjs-dev.install, debian/libmozjs.install,
debian/libnspr4.6-dev.install, debian/libnspr4.6.install,
debian/libnss3.10-dev.install, debian/libnss3.10.install,
debian/libxul-dev.install, debian/libxul.install:
+ Moved .so files in -dev packages and put .so.* files in non -dev
packages.
+ put usr/lib/xulrunner/components in libxul instead of xulrunner.
* debian/*.preinst, debian/*.postrm: Removed, since we remove the
diversions.
* debian/control:
+ Add proper conflicts with mozilla's packages.
+ Renamed packages to reflect the sonames.
+ Removed xulrunner-dev package.
* debian/lib*.install: Renamed accordingly.
* debian/patches/01_system_bz2.dpatch: Changes to better fit upstream build
system.
* debian/xulrunner-dev.install: Removed, as we removed the package.
* debian/libxul-dev.install: Added the xulrunner-config file that used to be
in xulrunner-dev.
* debian/xulrunner.install: Added xulrunner-stub.
* debian/libxul0d.dirs: Create /usr/lib/xulrunner/extensions, that the
extensions manager insists on having existing, even if empty.
* debian/libsmjs1.links: Changed link for the versioned library.
-- Mike Hommey <glandium@debian.org> Mon, 12 Dec 2005 11:12:47 +0100
xulrunner (1.7.99+cvs20051002-1) experimental; urgency=low
* New CVS checkout.
* debian/patches/01_visibility.dpatch: Use -fvisibility=hidden instead of
the system wrappers, since because of bug #331460, with the system
wrappers, the resulting binary is not PIC.
* debian/patches/99_configure.dpatch: Updated.
* debian/patches/00list: Updated accordingly.
-- Mike Hommey <glandium@debian.org> Sun, 2 Oct 2005 12:48:41 +0200
xulrunner (1.7.99+cvs20050915-1) experimental; urgency=low
* New CVS checkout of the less experimental 1.8 branch.
* debian/mozconfig: Use gtk2 gfx instead of cairo-gtk2 since it is not
developped in 1.8 branch.
* debian/patches/01_canvas_cairo.dpatch: Removed: been applied upstream.
* debian/patches/01_ckbi_location.dpatch: Allow libnssckbi to be loaded from
/usr/lib. (quite dirty, but, well...)
* debian/patches/01_gfx_cairo.dpatch, 01_gfx_thebes.dpatch: Removed.
* debian/patches/01_system_bz2.dpatch: Updated following upstream advices.
* debian/patches/99_configure.dpatch: Updated.
* debian/patches/00list: Updated accordingly.
-- Mike Hommey <glandium@debian.org> Thu, 15 Sep 2005 15:42:40 +0200
xulrunner (1.8.99+cvs20050816-0) experimental; urgency=low
* Initial package.
* debian/mozconfig: Enabled build with system cairo and cairo-gtk2 gfx.
* debian/patches/01_canvas_cairo.dpatch: Correctly build with system cairo.
* debian/patches/01_embedding_tests.dpatch: Don't build embedding tests when
using --disable-tests.
* debian/patches/01_install_path.dpatch: Install in the xulrunner directory
instead of xulrunner-1.8.
* debian/patches/01_gfx_cairo.dpatch, 01_gfx_thebes.dpatch: Patches for
correct building of gfx with system cairo.
* debian/patches/01_js_binary.dpatch: Allow to build the js binary to
provide a more up-to-date spidermonkey.
* debian/patches/01_system_bz2.dpatch: Allow to build with the system bzip2
library.
* debian/patches/99_configure.dpatch: Changes to configure resulted from
changes to configure.in.
* debian/patches/00list: Built list accordingly.
-- Mike Hommey <glandium@debian.org> Tue, 16 Aug 2005 13:45:47 +0200