Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

nsinstall-10.0.3-1.mga1 RPM for i586

From Mageia 1 for i586 / media / core / updates

Name: nsinstall Distribution: Mageia
Version: 10.0.3 Vendor: Mageia.Org
Release: 1.mga1 Build date: Sat Mar 17 18:08:07 2012
Group: Development/Other Build host: ecosse.mageia.org
Size: 13856 Source RPM: mozilla-thunderbird-10.0.3-1.mga1.src.rpm
Packager: fwang <fwang>
Url: http://www.mozilla.org/en-US/thunderbird/organizations/all-esr.html
Summary: Netscape portable install command
Netscape portable install command.

Provides

Requires

License

MPL

Changelog

* Sat Mar 17 2012 doktor5000 <doktor5000> 0:10.0.3-1.mga1
  + Revision: 223764
  - use system nss shlibsign instead of missing bundled one
  - remove unused Sources
  - change Requires on libcanberra to Suggests
  - new version 10.0.2 ESR (Extended Support Release)
    o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-11.html
      (libpng integer overflow [CVE-2011-3026])
  - drop all unused patches
  - remove useless commented-out stuff
  - new version 10.0.1, switch to ESR (Extended Support Release)
    o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-01.html
      (miscellaneous memory safety hazards [CVE-2012-0442] [CVE-2012-0443]
       fixed in 10.0 )
    o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-03.html
      (<iframe> element exposed across domains via name attribute [CVE-2012-0445]
       fixed in 10.0)
    o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-04.html
      (child nodes from nsDOMAttribute still accessible after removal of nodes
       [CVE-2011-3659] fixed in 10.0)
    o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-05.html
      (frame scripts calling into untrusted objects bypass security checks
       [CVE-2012-0446] fixed in 10.0)
    o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-06.html
      (uninitialized memory appended when encoding icon images may cause
       information disclosure [CVE-2012-0447] fixed in 10.0
    o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-07.html
      (potential Memory Corruption When Decoding Ogg Vorbis files
       [CVE-2012-0444] fixed in 10.0)
    o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-08.html
      (crash with malformed embedded XSLT stylesheets [CVE-2012-0449]
    o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-10.html
      (use after free in nsXBLDocumentInfo::ReadPrototypeBindings [CVE-2012-0452])
  - update enigmail to 1.3.5, needed for thunderbird 10.0
  - updated mageia-default-prefs.js, reenabled locale matching to system locale
  - change new default preference (extensions.autoDisableScopes) to not
    automatically disable systemwide installed addons, like language packs
  - added BuildRequires on yasm, mesagl-devel, startup-notification-devel, dbus,
    libevent-devel and libvpx-devel
  - added Requires on libcanberra for playing sounds
  - add Patch100 to use libcanberra for playing sounds (rediffed from upstream,
    mozilla-thunderbird-mga-use-libcanberra.patch)
  - rediffed Patch201, disabling default application dialog on Thunderbird start
  - use bundled libpng, system one is too old and updating it is a no-go for mga1
  - do not build against system libxul, add requires_exception for libxul
  - disable updater and bundled lightning, disable compilation of lightning
  - enable gio, vpx and libevent and optimization
  - use org.mageia as distribution id
  - removed thunderbird.cfg
  - add -fPIC to CFLAGS
  - new version 3.1.18
    o fixes http://www.mozilla.org/security/announce/2011/mfsa2011-59.html
      (.jar files not being treated as executables on MacOS [CVE-2011-3666]
       fixed in 3.1.17)
    o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-01.html
      (Miscellaneous memory safety hazards [(rv:10.0/ 1.9.2.26) [CVE-2012-0443,
        CVE-2012-0442])
    o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-02.html
      (Overly permissive IPv6 literal syntax [CVE-2011-3670])
    o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-04.html
      (Child nodes from nsDOMAttribute still accessible after removal of nodes,
       [CVE-2011-3659])
    o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-07.html
      (Potential Memory Corruption When Decoding Ogg Vorbis files [CVE-2012-0444])
    o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-08.html
      (Crash with malformed embedded XSLT stylesheets [CVE-2012-0449])
  - new version 3.1.16
    o fixes http://www.mozilla.org/security/announce/2011/mfsa2011-46.html
      (loadSubScript unwraps XPCNativeWrapper scope parameter, a malicious page
       could potentially exploit a Thunderbird user who had installed an add-on
       that used loadSubscript in vulnerable ways)
    o fixes http://www.mozilla.org/security/announce/2011/mfsa2011-47.html
      (Potential cross-site-scripting against sites using Shift-JIS encoding,
       CVE-2011-3648)
    o fixes http://www.mozilla.org/security/announce/2011/mfsa2011-49.html
      (memory corruption while profiling using Firebug, CVE-2011-3650)
  - fixed CVE-2011-3640, untrusted search path vulnerability which might allow
    local users to gain privileges via a Trojan horse pkcs11.txt file in a
    top-level directory (fix-CVE-2011-3640.patch, from upstream)
  - new version 3.1.15
    o fixes http://www.mozilla.org/security/announce/2011/mfsa2011-34.html
      (Protection against fraudulent DigiNotar certificates,
       fixed in thunderbird 3.1.13)
    o fixes http://www.mozilla.org/security/announce/2011/mfsa2011-35.html
      (Additional protection against fraudulent DigiNotar certificates,
      fixed in thunderbird 3.1.14)
  
    + fwang <fwang>
      - new version 10.0.3 ESR (Extended Support Release)
        o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-13.html
          (XSS with Drag and Drop and Javascript: URL [CVE-2012-0455])
        o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-14.html
          (SVG issues found with Address Sanitizer [CVE-2012-0456, CVE-2012-0457])
        o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-15.html
          (XSS with multiple Content Security Policy headers [CVE-2012-0451])
        o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-16.html
          (Escalation of privilege with Javascript: URL as home page [CVE-2012-0458])
        o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-17.html
          (Crash when accessing keyframe cssText after dynamic modification
          [CVE-2012-0459])
        o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-18.html
          (window.fullScreen writeable by untrusted content [CVE-2012-0460])
        o fixes http://www.mozilla.org/security/announce/2012/mfsa2012-19.html
          (Miscellaneous memory safety hazards (rv:11.0/ rv:10.0.3 / rv:1.9.2.28)
          [CVE-2012-0461, CVE-2012-0462, CVE-2012-0464, CVE-2012-0463 ])
      - new version 3.1.12
* Fri Apr 29 2011 ahmad <ahmad> 0:3.1.10-1.mga1
  + Revision: 93463
  - Update to 3.1.10
  - Rediff run-mozilla patch
  - Drop an old patch from SOURCES dir
* Fri Mar 25 2011 ahmad <ahmad> 0:3.1.9-11.mga1
  + Revision: 77483
  - revert previous commit, gio support doesn't work as it should resulting in http/
    https links handler having to be configured manually for all new and old tb profiles.
    gnomevfs support at least reads the value from gconf settings (which uses www-
    browser by default)
* Mon Mar 21 2011 ahmad <ahmad> 0:3.1.9-10.mga1
  + Revision: 75310
  - disable gnomvfs support
  - enable gio support
  - disable updater as we don't support updating the application this way
* Wed Mar 16 2011 ahmad <ahmad> 0:3.1.9-8.mga1
  + Revision: 72283
  - conflict with mozilla-thunderbird-lightning <= 1.3.9
* Fri Mar 11 2011 ahmad <ahmad> 0:3.1.9-7.mga1
  + Revision: 68321
  - drop old/uneeded scriptlets that update the destkop-database and hicolor
    icon-cache; they were replaced by rpm filetriggers ages ago
* Fri Mar 11 2011 ahmad <ahmad> 0:3.1.9-6.mga1
  + Revision: 68246
  - don't obsolete -lightning here and in the mozilla-thunderbird-lightning src.rpm
    urpmi can't smoothly handle a package obsoleted by two packages
* Fri Mar 11 2011 ahmad <ahmad> 0:3.1.9-5.mga1
  + Revision: 68165
  - obsolete the -lightning sub-package that was built from thunderbird src.rpm
* Fri Mar 11 2011 ahmad <ahmad> 0:3.1.9-4.mga1
  + Revision: 68147
  - define build_bundled_lightning, and disable it:
   o the thunderbird tarball doesn't have the langpacks for lightning
   o lightning has a separate release schedule (Fedora)
* Wed Mar 09 2011 colin <colin> 0:3.1.9-2.mga1
  + Revision: 66827
  - Extract the correct plugin id from lightning extension
* Sat Mar 05 2011 ahmad <ahmad> 0:3.1.9-1.mga1
  + Revision: 64596
  - update to 3.1.9
  
    + dmorgan <dmorgan>
      - obsoletes old package
* Tue Mar 01 2011 ahmad <ahmad> 0:3.1.8-1.mga1
  + Revision: 62332
  - update to 3.1.8
* Mon Feb 28 2011 dmorgan <dmorgan> 0:3.1.7-3.mga1
  + Revision: 61407
  - Remove remaining mdv macro
  - Remove remaining mdv macro
  - Fix %els
  - Fix %else
  - Adapt for mageia
  - Remove mdv macros
    Adapt for mageia
  
    + ennael <ennael>
      - imported package mozilla-thunderbird

Files

/usr/bin/nsinstall


Generated by rpm2html 1.8.1

Fabrice Bellet, Thu Dec 11 14:39:41 2014