Bug 180436

Comment 1 Raúl Porcel (RETIRED) 2007-05-31 11:11:38 UTC

*** Bug 175021 has been marked as a duplicate of this bug. ***

Comment 2 Raúl Porcel (RETIRED) 2007-05-31 11:27:15 UTC

xulrunner is affected too and is fixed in 1.8.1.4

Comment 3 Jakub Moc (RETIRED) 2007-05-31 11:27:29 UTC

*** Bug 180406 has been marked as a duplicate of this bug. ***

Comment 4 Raúl Porcel (RETIRED) 2007-05-31 15:14:03 UTC

www-client/mozilla-firefox[-bin]-2.0.0.4
www-client/seamonkey[-bin]-1.1.2
mail-client/mozilla-thunderbird-[bin]-1.5.0.12

Are in the tree.
firefox-1.5.0.12 is discontinued, so it's not going to be in the tree.
I didn't put seamonkey-1.0.9 either, i'd prefer to use 1.1.2
thunderbird-2.0.0.4 is not yet released.
xulrunner will have to wait as we can work out the patches.

Created attachment 120833 [details]
xulrunner-1.8.1.4-patches-0.1.tar.bz2

reference xulrunner-1.8.1.4 patchset:
svn stat 
D      065_firefox-libgtkmozembeded.patch - applied upstream
M      125_gnome_helpers_with_params.patch - some parts redone 
D      070_dont_use_bashism.patch - applied upstream
D      009_firefox-1.5-no-textrels.patch - applied upstream
M      161_javaxpcom.patch - one of the patches was included upstream
A      620_python_extension_rpath.patch added for bug #180309
125_gnome_helpers_with_params.patch is the most critical as the logic upstream was changed in one of the patched files - I backed parts of the patch as the new logic was more or less equal to the one in the previous patch
Hope this could help

Comment 6 Raúl Porcel (RETIRED) 2007-06-01 12:32:44 UTC

xulrunner-1.8.1.4 on cvs, thanks as always Gergan :)

Comment 7 Raphael Marichez (Falco) (RETIRED) 2007-06-01 12:39:27 UTC

Hi arches,

please could you test and mark stable the following ebuilds, due to security upgrades for the Mozilla products. All ebuilds are not in the tree yet, i'll CC you again when they are. Thanks in advance.


alpha amd64 arm hppa ia64 mips ppc ppc64 sparc x86:
mozilla-firefox-2.0.0.4

amd64 x86
mozilla-firefox-bin-2.0.0.4

alpha amd64 arm hppa ia64 ppc ppc64 x86:
www-client/seamonkey-1.1.2

amd64 x86
www-client/seamonkey-bin-1.1.2

alpha amd64 ia64 mips ppc sparc x86:
mail-client/mozilla-thunderbird-1.5.0.12

amd64 x86:
mail-client/mozilla-thunderbird-bin-1.5.0.12

amd64 ia64 ppc sparc x86:
net-libs/xulrunner-1.8.1.4

Comment 8 Raphael Marichez (Falco) (RETIRED) 2007-06-01 12:40:28 UTC

aaah i hate that interface and its middle-air collisions

(hi arches, please see previous comment)

Comment 9 Raphael Marichez (Falco) (RETIRED) 2007-06-01 12:40:44 UTC

aaah i hate that interface and its middle-air collisions

(hi arches, please see previous comment)

Comment 10 Christoph Mende (RETIRED) 2007-06-01 15:37:23 UTC

amd64 done

Comment 11 Raúl Porcel (RETIRED) 2007-06-01 20:48:17 UTC

alpha/ia64/x86 stable

Comment 12 René Nussbaumer (RETIRED) 2007-06-02 21:21:45 UTC

stable on ppc.

Comment 13 Markus Rothe (RETIRED) 2007-06-03 10:31:03 UTC

ppc64 stable

Comment 14 Gustavo Zacarias (RETIRED) 2007-06-04 12:08:43 UTC

sparc done.

Comment 15 Jeroen Roovers (RETIRED) 2007-06-07 22:39:24 UTC

Despite the issues of bug #180870, all can be built against by working GUIs so stable all around for HPPA for:

www-client/mozilla-firefox-2.0.0.4
www-client/seamonkey-1.1.2
net-libs/xulrunner-1.8.1.4

Comment 16 Raphael Marichez (Falco) (RETIRED) 2007-06-09 20:52:56 UTC

thanks arches

Comment 17 Raphael Marichez (Falco) (RETIRED) 2007-06-11 21:51:30 UTC

Moz team, i don't see mozilla-thunderbird[-bin]-2.0.0.4 in the tree. The latest stable version on most arches in still vulnerable (2.0.0.0). Please could you do your magic, thanks.

Furthermore, do you have a reason we can add in our GLSA for the stopped support of mozilla-firefox-1.5.*? thanks

Comment 18 Raúl Porcel (RETIRED) 2007-06-11 22:26:33 UTC

(In reply to comment #17)
> Moz team, i don't see mozilla-thunderbird[-bin]-2.0.0.4 in the tree. The latest
> stable version on most arches in still vulnerable (2.0.0.0). Please could you
> do your magic, thanks.
> 
> Furthermore, do you have a reason we can add in our GLSA for the stopped
> support of mozilla-firefox-1.5.*? thanks
> 

mozilla-thunderbird-2.0.0.4 is not out yet. Probably it will be released during this week.

mozilla-firefox-1.5.* is unsupported both upstream and both Gentoo, since 2.0 have been working fine on all arches since October 2006 and it has been already stable on those arches.

Comment 19 Raúl Porcel (RETIRED) 2007-06-13 11:59:38 UTC

ppc you need to do xulrunner

Comment 20 Tobias Scherbaum (RETIRED) 2007-06-13 20:54:59 UTC

(In reply to comment #19)
> ppc you need to do xulrunner
> 

once again: ppc stable

Comment 21 Vlastimil Babka (Caster) (RETIRED) 2007-06-15 05:15:14 UTC

(In reply to comment #18)
> mozilla-thunderbird-2.0.0.4 is not out yet. Probably it will be released during
> this week.

it's out

Comment 22 Raúl Porcel (RETIRED) 2007-06-15 11:41:43 UTC

=mail-client/mozilla-thunderbird[-bin]-2.0.0.4 in the tree

Comment 23 Raphael Marichez (Falco) (RETIRED) 2007-06-15 16:41:47 UTC

Hi again arches,

please could you test and mark mozilla-thunderbird[-bin]-2.0.0.4 stable, thanks

Comment 24 Raúl Porcel (RETIRED) 2007-06-15 17:30:00 UTC

alpha/ia64/x86 stable

Comment 25 Christoph Mende (RETIRED) 2007-06-15 18:53:37 UTC

amd64 done

Comment 26 Tobias Scherbaum (RETIRED) 2007-06-15 19:42:14 UTC

ppc stable

Comment 27 Markus Rothe (RETIRED) 2007-06-17 08:13:49 UTC

ppc64 stable

Comment 28 Gustavo Zacarias (RETIRED) 2007-06-19 13:23:34 UTC

sparc stable.

Comment 29 Raphael Marichez (Falco) (RETIRED) 2007-06-19 21:02:34 UTC

ready for glsa

Comment 30 Raphael Marichez (Falco) (RETIRED) 2007-06-19 21:07:10 UTC

GLSA 200706-06, thanks everybody!