* Mon Jul 20 2020 Tristan Miller <psychonaut@nothingisreal.com>
- requested inclusion in Leap 15.1 and 15.2:
https://bugzilla.opensuse.org/show_bug.cgi?id=1174300
* Sat Jul 18 2020 Tristan Miller <psychonaut@nothingisreal.com>
- update appdata files (Bug 1174192):
* correct metadata licensing information (most of the application
descriptions had been taken from
https://www.seamonkey-project.org/doc/features which according to
the page footer is licensed under CC-BY-SA-3.0)
* update the metadata summary and the introduction in the metadata
description to more accurately reflect what SeaMonkey is, giving
less prominence to the long-discontinued Mozilla Application Suite
that many users may no longer be familiar with
* update the metadata name to more accurately reflect the name
or purpose of the application
* update the metadata URL with the current SeaMonkey website
* Wed Jul 15 2020 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.3
* The LaTex tool TexZilla, used for inserting Math, has been
upgraded to 1.0.2.
* It is now possible to customize the toolbars in Composer and the
formatting toolbar in Mailnews composition.
* All folders of an account can now be marked as read.
* There is now an option for not advertizing SeaMonkey at all in the
user agent.
* The preference for hiding the toolbar and menubar grippies can now
be changed from "Preferences->Appearance".
* The preference "browser.tabs.autoHide" which autohides the tab bar
when there is only one tab in a browser window open has been
flipped in bug 1634879. SeaMonkey will now show the tab bar as the
default. You can change it back by checking "Hide the tab bar when
only one tab is open" in "Preferences->Browser->Tabbed Browsing"
* Update of help page content and links.
* SeaMonkey language packs are now version specific and will be
disabled as part of the profile upgrade following the installation
of a later version.
* Search Engines have been centralized and updated in bug 1300198.
* Address book now has updated IM fields, improved layout for card
view pane, improved multi-word search, ability to search across
multiple address books, more granular prompts when deleting items,
print on the context menus and print button on the toolbar.
* Multimedia support has been updated in preparation of supporting
more audio video formats in the next releases. For enhanced
security the Rust multimedia parser is now used for this and the
libstagefright package has been removed.
* SeaMonkey 2.53.3 uses the same backend as Firefox and contains the
relevant Firefox 60.4 security fixes.
* SeaMonkey 2.53.3 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.0 release notes for
specific changes and security fixes in this release.
* Additional important security fixes up to Current Firefox 77 and a
few enhancements have been backported.
- Fix exclusion list syntax in create-tars.sh script
- Disable LTO on i586 builds as these are once again failing due to
memory issues
* Tue Jun 02 2020 Tristan Miller <psychonaut@nothingisreal.com>
- Re-enable LTO on Tumbleweed builds after increasing available
memory in _constraints
* Sun May 10 2020 Tristan Miller <psychonaut@nothingisreal.com>
- Disable LTO on Tumbleweed builds to work around issues on
build.opensuse.org:
https://bugzilla.opensuse.org/show_bug.cgi?id=1171414
* Fri May 08 2020 Tristan Miller <psychonaut@nothingisreal.com>
- Update create-tars.sh script to more precisely exclude unwanted
VCS files; the previous exclusion list would have eventually
triggered the bug at
https://bugzilla.mozilla.org/show_bug.cgi?id=1621564
* Thu May 07 2020 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.2
https://www.seamonkey-project.org/releases/seamonkey2.53.2/
* Scrollbars have been switched over to the native gtk3 theme in bug
1625754. If your theme does not show scrollbar buttons and you
would like to see them try editing ~/.config/gtk-3.0/gtk.css and
adding the following:
{
- GtkScrollbar-has-backward-stepper: 1;
- GtkScrollbar-has-forward-stepper: 1;
}
* The download progress dialog has been fixed and is now showing the
correct status for downloads. Some downloads may not show the
transferred count. This problem is under investigation.
* SeaMonkey is now translated and available in Finnish and Georgian.
* Because of website compatibility issues and privacy concerns the
Lightning version is no longer appended to the user agent string
and has been removed from the preferences dialog.
* Advanced Layers has been activated on Windows. This should boost
performance on some websites. If you experience graphics problems
please disable it by setting the pref "layers.mlgpu.enabled" to
false.
* Whether the native app chooser is used in Linux is now controlled
via a preference setting in the Helper Applications preference
pane.
* In the Modern theme, popup notifications have improved styling and
column headers now display sort direction arrows.
* The column picker and folder view have been reinstated for the
bookmarks panel.
* Introduced the ability to close all tabs to the right of the
current tab.
* Whether mailnews tabs open in the background is controlled by a
separate preference to browser tabs via General Settings section
of main Mail & Newsgroups preference pane.
* Fixed an issue with the recipient being missing when using Reply
to Sender and Group button in Newsgroup discussions.
* SeaMonkey now prevents address books from having duplicate names.
* SeaMonkey 2.53.2 uses the same backend as Firefox and contains
the relevant Firefox 60.3 security fixes.
* SeaMonkey 2.53.2 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.0 release notes for
specific changes and security fixes in this release.
* SeaMonkey now uses gtk3 on Linux. If you experience a problem
because of this please file a bug and link it to bug
1367257. Please try another OS theme first. Some of them are buggy
and cause problems with SeaMonkey, Thunderbird and Firefox.
- Remove obsolete upstream and local patches
* Thu Mar 05 2020 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.1
https://www.seamonkey-project.org/releases/seamonkey2.53.1/
* The Bookmarks Manager has switched its name to Library, and now
also includes the History list. When invoking History, the Library
will be shown with the History list selected. The extensive
modifications were needed because of Mozilla Gecko platform API
changes.
* Download Manager has been migrated to a new API. Although it looks
pretty much the same as before, the search option is missing and
some other minor details work differently. The previous downloads
history is removed during the upgrade.
* Added Layout panel to CSS Grid tools.
* TLS 1.3 is the default version now.
* Among the general platform and mail fixes this release contains
backported fixes from Thunderbird for the EFAIL security
vulnerability.
* SeaMonkey now uses gtk3 on Linux. If you experience a problem
because of this please file a bug and link it to Switch Linux
builds to GTK3 with SeaMonkey 2.49. Please try another OS theme
first. Some of them are buggy and cause problems with SeaMonkey,
Thunderbird and Firefox.
* The Lightning extension is now included.
- apply upstream patches for building with rust >= 1.40
- remove mozilla-systems-nss.patch (since merged upstream)
- remove mozilla-no-stdcxx-check.patch (no longer applicable as
build checks have been moved to a Python script)
- adapt mozilla-nongnome-proxies.patch, mozilla-language.patch,
and mozilla-ntlm-full-path.patch for SeaMonkey 2.53.1
- add upstream patch for better LTO detection
- disable elf-hacking on x86_64 builds to prevent build errors:
https://bugzilla.mozilla.org/show_bug.cgi?id=1619776
- rewrite the create-tars.sh script according to the new source code
checkout instructions:
https://bugzilla.opensuse.org/show_bug.cgi?id=1165427
https://bugzilla.mozilla.org/show_bug.cgi?id=1618806
* Fri Jan 24 2020 Tristan Miller <psychonaut@nothingisreal.com>
- remove obsolete locale patches mozilla-ua-locale.patch and
seamonkey-ua-locale.patch, and update default preferences per
https://bugzilla.mozilla.org/show_bug.cgi?id=542999#c23
* Mon Jan 20 2020 Tristan Miller <psychonaut@nothingisreal.com>
- remove obsolete and unused custom search add-ons
* Tue Jan 14 2020 Tristan Miller <psychonaut@nothingisreal.com>
- disable Rust, as it caused build errors and was apparently unused
- add patch unifying gettid() declarations to avoid GCC build errors
- add patch correcting the syntax of the linker flags
* Mon Jan 13 2020 Wolfgang Rosenauer <wr@rosenauer.org>
- remove mozilla-reduce-files-per-UnifiedBindings.patch since it
creates build errors in certain situations
- introduce limit_build instead
* Mon Oct 21 2019 Wolfgang Rosenauer <wr@rosenauer.org>
- update to Seamonkey 2.49.5
* https://www.seamonkey-project.org/releases/seamonkey2.49.5/
- removed obsolete patch
mozilla-bmo1338655.patch
- fix build with system NSS (mozilla-system-nss.patch)
Version: 2.53.14-bp155.1.14
* Thu Sep 29 2022 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.14
* Updates to the following DOM HTML element interfaces: Embed,
Object, Anchor, Area, Button, Frame, Canvas, IFrame, Link, Image,
MenuItem, TextArea, Source, Select, Option, Script and
Html. Please test add-ons.
* Continue the switch from Python 2 to Python 3 in the build system.
* Add ESR 102 links to debugQA bug 1779028.
* Remove about plugins from help menu bug 1779031.
* Dead links in cs_nav_prefs_advanced.xhtml [en-US] bug 1783558.
* Dead links in cs_nav_prefs_advanced.xhtml bug 1786030.
* Remove obsolete chat services from SeaMonkey address book bug
1779034.
* Address Book: "Get Map" button is not shown for home addresses bug
1779319.
* Added compatibility for rust 1.63
* SeaMonkey 2.53.14 uses the same backend as Firefox and contains
the relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.14 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.8.0 release notes for
specific security fixes in this release.
* Additional important security fixes up to Current Firefox 91.11
and Thunderbird 91.11 ESR plus many enhancements have been
backported. We will continue to enhance SeaMonkey security in
subsequent 2.53.x beta and release versions as fast as we are able
to.
- add seamonkey-spellcheck.patch to work around a circular dependency
issue when compiling with GCC 12
- requested inclusion in Leap 15.4 and 15.3:
https://bugzilla.opensuse.org/show_bug.cgi?id=1203916
Version: 2.53.13-bp154.2.3.1
* Mon Jul 11 2022 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.13
* Updates to devtools.
* Updates to build configuration.
* Starting the switch from Python 2 to Python 3 in the build system.
* Removal of array comprehensions, legacy iterators and generators
bug 1414340 and bug 1098412.
* Adding initial optional chaining and Promise.allSettled() support.
* SeaMonkey 2.53.13 uses the same backend as Firefox and contains
the relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.13 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.8.0 release notes for
specific security fixes in this release.
* Additional important security fixes up to Current Firefox 91.11
and Thunderbird 91.11 ESR plus many enhancements have been
backported. We will continue to enhance SeaMonkey security in
subsequent 2.53.x beta and release versions as fast as we are able
to.
- adapt seamonkey-man-page.patch for SeaMonkey 2.53.13
- disable LTO for Tumbleweed builds due to linker errors
- requested inclusion in Leap 15.4 and 15.3:
https://bugzilla.opensuse.org/show_bug.cgi?id=1201406
* Tue Jun 14 2022 Guillaume GARDET <guillaume.gardet@opensuse.org>
- Add --disable-elf-hack for aarch64 to fix build
* Wed May 04 2022 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.12
* Format Toolbar forgets its hidden status when switching to other
view modes bug 1719020.
* Remove obsolete plugin code from SeaMonkey bug 1762733.
* Fix a few strict warnings in SeaMonkey bug 1755553.
* Remove Run Flash from Site permissions and page info bug 1758289.
* Use fixIterator and replace use of removeItemAt in
FilterListDialog bug 1756359.
* Remove RDF usage in tabmail.js bug 1758282.
* Implement 'Edit Template' and 'New Message From Template' commands
and UI bug 1759376.
* [SM] Implement 'Edit Draft' command and hide it when not in a
draft folder (port Thunderbird bug 1106412) bug 1256716.
* Messages in Template folder need "Edit Template" button in header
(like for Drafts) bug 80280.
* Refactor and simplify the feed Subscribe dialog options updates
bug 1420473.
* Add system memory and disk size and placeDB page limit to
about:support bug 1753729.
* Remove warning about missing plugins in SeaMonkey 2.53 and 2.57
bug 1755558.
* SeaMonkey 2.53.12 uses the same backend as Firefox and contains
the relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.12 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.8.0 release notes for
specific security fixes in this release.
* Additional important security fixes up to Current Firefox 91.9 and
Thunderbird 91.9 ESR plus many enhancements have been
backported. We will continue to enhance SeaMonkey security in
subsequent 2.53.x beta and release versions as fast as we are able
to.
- remove/update references to obsolete gtk2 directory
- requested inclusion in Leap 15.3:
https://bugzilla.opensuse.org/show_bug.cgi?id=1199197
* Fri Mar 25 2022 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.11.1
* Fix edge case when setting IntersectionObserver threshold bug
1758291.
* OAuth2 prefs should use realuserName instead of username bug
1518126.
* SeaMonkey 2.53.11.1 uses the same backend as Firefox and contains
the relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.11.1 shares most parts of the mail and news code
with Thunderbird. Please read the Thunderbird 60.8.0 release notes
for specific security fixes in this release.
* Additional important security fixes up to Current Firefox 91.7 and
Thunderbird 91.7 ESR plus many enhancements have been
backported. We will continue to enhance SeaMonkey security in
subsequent 2.53.x beta and release versions as fast as we are able
to.
- requested inclusion in Leap 15.3:
https://bugzilla.opensuse.org/show_bug.cgi?id=1197518
* Thu Mar 03 2022 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.11
* Remove obsolete MOZ_EXTENSIONS check in suite bug 1749146.
* Add connect button to cZ Networks Editor bug 1736443.
* Remove freenode remnants from ChatZilla in SeaMonkey bug 1741082.
* Prefer secure over insecure protocol in network list in ChatZilla
bug 1744440.
* Composer - Change tag textbox is not removed after use bug
1755369.
* Clean up repo links in debugQA bug 1746790.
* Fix misspelled references to macOS in suite bug 1749144.
* Remove obsolete references to Java and Flash bug 1749141.
* Help button not working in delete cert dialog bug 1750386.
* Rearrange Message Filter Dialog to make room for new features bug
1735053.
* Use Insert key as shortcut to create new message filters bug 1735055.
* Rename some variables used in SeaMonkey's FilterListDialog to
match Thunderbird's bug 1735056.
* Implement Copy to New message filter functionality bug 1735057.
* Add move to top / bottom buttons to message filters bug 1735059.
* Add preference to not prompt for message filter deletion bug
1735061.
* Clean up folder handling in FilterListDialog bug 1736425.
* Add refresh function to Filter list dialog so that it can be
updated when already open and new filters are added externally bug
1737450.
* Use listbox rather than tree in FilterListDialog bug 1746081.
* MsgFilterList(args) should take targetFilter and pass it to
FilterListDialog bug 1753891.
* Mail&News' start.xhtml: "We" link broken bug 1748178.
* Add search functionality to filter dialog bug 1749207.
* Move the taskbar refresh timer in SeaMonkey to idle dispatch bug
1746788.
* Prevent subresource loads from showing the progress indicator on
the tab in SeaMonkey bug 1746787.
* SeaMonkey 2.53.11 uses the same backend as Firefox and contains
the relevant Firefox 60.8 security fixes.
* Additional important security fixes up to Current Firefox 91.6 ESR
and a few enhancements have been backported. We will continue to
enhance SeaMonkey security in subsequent 2.53.x beta and release
versions as fast as we are able to.
* SeaMonkey 2.53.11 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.0 release notes for
specific changes and security fixes in this release.
- adapt seamonkey-man-page.patch for SeaMonkey 2.53.11
- requested inclusion in Leap 15.3:
https://bugzilla.opensuse.org/show_bug.cgi?id=1196703
* Tue Feb 15 2022 Bjørn Lie <bjorn.lie@gmail.com>
- Drop pkgconfig(gconf-2) BuildRequires and pass ac_add_options
- -disable-gconf to mozconfig. As we already are using cairo-gtk3,
gconf support serves no purpose (gio/gsettings takes care).
Version: 2.53.10.1-bp153.10.1
* Mon Dec 13 2021 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.10.1
* Security fix for NSS code bug 1737470.
* Only use networks and servers in lower case in ChatZilla bug
1742502.
* Change classic form icon in SeaMonkey composer bug 1710915.
* Addition fixes for SeaMonkey 32x32 default icons on Windows and
macOS bug 1729153.
* SeaMonkey 2.53.10.1 uses the same backend as Firefox and contains
the relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.10.1 shares most parts of the mail and news code
with Thunderbird. Please read the Thunderbird 60.0 release notes
for specific changes and security fixes in this release.
* Additional important security fixes up to Current Firefox 91.4 ESR
and a few enhancements have been backported. We will continue to
enhance SeaMonkey security in subsequent 2.53.x beta and release
versions as fast as we are able to.
- Remove unused build dependency on libidl-devel.
- requested inclusion in Leap 15.3:
https://bugzilla.opensuse.org/show_bug.cgi?id=1193668
* Tue Nov 16 2021 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.10
* Minor fixes for testdisplay command in ChatZilla bug 1727976.
* Show CTCP requests (excluding ACTION and DCC) bug 1722156.
* IRCv3: Add support for server-time bug 1724586.
* Add localization note for network editor dialog width in ChatZilla
bug 1727977.
* IRCv3: Add support for extended-join and account-notify bug
1722159.
* Add ability to collapse message groups in ChatZilla bug 1724588.
* Fix JS strict warnings in unescapeTagValue in ChatZilla bug
1727989.
* IRCv3: Add support for invite-notify bug 1722161.
* IRCv3: Add support for batch bug 1724589.
* Fix JS strict warning in addHistory in cZ static.js bug 1727992.
* IRCv3: Add support for cap-notify bug 1722162.
* Stop using canonical name as collection keys in ChatZilla bug
1728025.
* IRCv3: Add support for TLS and STS bug 1722166.
* Helper function for renaming irc server properties in ChatZilla
bug 1728027.
* IRCv3: Add support for MONITOR bug 1722174.
* Remove use of msg.commasp in ChatZilla bug 1726965.
* Allow shiftKey to modify behaviour of link clicking in cZ bug
1713458.
* IRCv3: Add support for echo-message bug 1722211.
* In ChatZilla make /commands return all matches starting with
pattern bug 1726966.
* Use SeaMonkey prefs to determine how links behave in cZ bug
1713467.
* Allow parameters to be localised in ChatZilla bug 1724105.
* Add identify command to cZ and hook into password management bug
1713470.
* IRCv3.1: Implement SASL with PLAIN mechanism bug 1717545.
* IRCv3: Add support for message tags bug 1724584.
* Add last read message divider to ChatZilla bug 1729159.
* IRCv3: Add support for account-tag bug 1724585.
* Missing option "text encoding Unicode/UTF-8" in preferences -
Mailnews bug 1679260.
* Detect Crashreporter using AppConstants in SeaMonkey bug 1735236.
* Link about LEGACY extensions in Add-ons Manager is broken bug
1656797.
* Update help for clear private data preferences and dialog bug
1728911.
* Fix typo in cs_nav_prefs_appearance bug 1737473.
* Drop leftover "Edit Menu" comment from messageWindow.xul and
addressbook.xul bug 1725121.
* Add dummy tab routines to SeaMonkey mailnews tab browser bug
1735243.
* Folder pane and tab/window title not updated correctly when
opening in new tab bug 1726940.
* Allow mail tab bar to be controlled separately to browser tab bar
bug 1724515.
* Copy any user set values for new mail.tabs prefs bug 1729165.
* Merge Master Passwords and Passwords pref panes into a single pref
pane bug 1728099.
* Move warning about redirection pref from Content to Privacy &
Security pane bug 1728185.
* Move website icons prefs from content pref pane to browser pref
pane bug 1727425.
* Move browser / mailnews system integration prefs into advanced
pane bug 1727659.
* Have separate opentabfor.middleclick for mailnews bug 1727948.
* Add removeBrowser helper for tabbrowser bug 1730391.
* Put <browser> in a <stack> so it's easy to overlay bug 1730392.
* Allow browser focus to be avoided bug 1720003.
* SeaMonkey 32x32 default icon has light stripe at the bottom bug
1729153.
* Support <input type=time> and <input type=date> in SeaMonkey bug
1730408.
* Middleclick on browser tab handled twice (closes tab and loads URL
from primary or clipboard) bug 1734407.
* Unable to create a new "Saved Search Folder" using "Save View as a
Folder..." bug 1738669.
* Enable compression for standard http connections bug 1728996.
* Support VS2022 for compiling under Windows bug 1728988.
* SeaMonkey 2.53.10 uses the same backend as Firefox and contains
the relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.10 shares most parts of the mail and news code
with Thunderbird. Please read the Thunderbird 60.0 release notes
for specific changes and security fixes in this release.
* Additional important security fixes up to Current Firefox 78.15
ESR and a few enhancements have been backported. We will continue
to enhance SeaMonkey security in subsequent 2.53.x beta and
release versions as fast as we are able to.
- requested inclusion in Leap 15.3 and Leap 15.2:
https://bugzilla.opensuse.org/show_bug.cgi?id=1192742
* Tue Sep 28 2021 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.9.1
* Fix the lazy loading of images from some websites bug 1727967.
* Move certain font family defaults from serif to sans serif bug
1727982.
* SeaMonkey 2.53.9.1 uses the same backend as Firefox and contains
the relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.9.1 shares most parts of the mail and news code
with Thunderbird. Please read the Thunderbird 60.0 release notes
for specific changes and security fixes in this release.
* Additional important security fixes up to Current Firefox 78.14
ESR and a few enhancements have been backported. We will continue
to enhance SeaMonkey security in subsequent 2.53.x beta and
release versions as fast as we are able to.
- requested inclusion in Leap 15.3 and Leap 15.2:
https://bugzilla.opensuse.org/show_bug.cgi?id=1191022
* Thu Aug 26 2021 Tristan Miller <psychonaut@nothingisreal.com>
- update to SeaMonkey 2.53.9
* There is now an option to clear browser history during shutdown
bug 1621445.
* Uninstall plugin command for ChatZilla bug 541719.
* Update icons used in ChatZilla status bar bug 1710238 and bug
1710249.
* Make ChatZilla understand mIRC color code 99 bug 1710298.
* Implement IRCv3 basic CAP negotiation bug 1717539 and CAP LIST and
update CAP ACK and CAP LS bug 1710313.
* Use Unicode instead of images for emojis in ChatZilla bug 1711375
and add some extra emojis bug 1711376.
* Use SeaMonkey's configured web search rather than a separate one
in ChatZilla bug 1712498.
* Add a networks editor to ChatZilla bug 1716232.
* Implement IRCv3 away-notify bug 1717543, chghost and
userhost-in-names bug 1717544, self-messaging bug 1722212 and WHOX
bug 1722214.
* Link to SeaMonkey website in debugQA for verification sites and
development section bug 1685606.
* Send button should be disable until we have a recipient bug
104973.
* Remove need to use a modifier for marking messages as unread bug
1719216.
* SeaMonkey 2.53.9 uses the same backend as Firefox and contains the
relevant Firefox 60.8 security fixes.
* SeaMonkey 2.53.9 shares most parts of the mail and news code with
Thunderbird. Please read the Thunderbird 60.0 release notes for
specific changes and security fixes in this release.
* Additional important security fixes up to Current Firefox 78.13
ESR and a few enhancements have been backported. We will continue
to enhance SeaMonkey security in subsequent 2.53.x beta and
release versions as fast as we are able to.
- removed obsolete patch seamonkey-packed_simd.patch (integrated
upstream)
- update seamonkey-lto.patch to work with 2.53.9
- requested inclusion in Leap 15.3 and Leap 15.2:
https://bugzilla.opensuse.org/show_bug.cgi?id=1189845
* Thu Aug 19 2021 Tristan Miller <psychonaut@nothingisreal.com>
- add upstream patch seamonkey-packed_simd.patch which allows
packed_simd to compile with Rust 1.54
* Tue Jul 27 2021 Guillaume GARDET <guillaume.gardet@opensuse.org>
- Remove --disable-elf-hack when not available: aarch64 and ppc64*
Version: 2.49.4-bp150.3.3.1
* Fri Jul 13 2018 wr@rosenauer.org
- update to Seamonkey 2.49.4
* Gecko 52.9.1esr (bsc#1098998)
MFSA 2018-16 (bsc#1098998)
* CVE-2018-12359 (bmo#1459162)
Buffer overflow using computed size of canvas element
* CVE-2018-12360 (bmo#1459693)
Use-after-free when using focus()
* CVE-2018-12362 (bmo#1452375)
Integer overflow in SSSE3 scaler
* CVE-2018-5156 (bmo#1453127)
Media recorder segmentation fault when track type is changed during capture
* CVE-2018-12363 (bmo#1464784)
Use-after-free when appending DOM nodes
* CVE-2018-12364 (bmo#1436241)
CSRF attacks through 307 redirects and NPAPI plugins
* CVE-2018-12365 (bmo#1459206)
Compromised IPC child process can list local filenames
* CVE-2018-12366 (bmo#1464039)
Invalid data handling during QCMS transformations
* CVE-2018-5188 (bmo#1456189,bmo#1456975,bmo#1465898,bmo#1392739,
bmo#1451297,bmo#1464063,bmo#1437842,bmo#1442722,bmo#1452576,
bmo#1450688,bmo#1458264,bmo#1458270,bmo#1465108,bmo#1464829,
bmo#1464079,bmo#1463494,bmo#1458048)
Memory safety bugs fixed in Firefox 60, Firefox ESR 60.1, and Firefox ESR 52.9
- localizations finally included again (boo#1062195)
* Thu Jun 07 2018 bjorn.lie@gmail.com
- Add conditional for pkgconfig(gconf-2.0) BuildRequires, and pass
conditional --disable-gconf to configure: no longer pull in
obsolete gconf2 for Tumbleweed.
* Tue Jun 05 2018 psychonaut@nothingisreal.com
- update spec file summary and description to more accurately
reflect what SeaMonkey is, giving less prominence to the long-
discontinued Mozilla Application Suite that many users may no
longer be familiar with
- update project URL in spec file
* Sat Mar 03 2018 wr@rosenauer.org
- update to Seamonkey 2.49.2
* Gecko 52.6esr (including security relevant fixes) (bsc#1077291)
* fix issue in Composer
* With some themes, the menulist- and history-dropmarker didn't show
* Scrollbars didn't show the buttons
* WebRTC has been disabled by default. It needs an add-on to enable it per site
* The active title bar was not visually emphasized
- correct requires and provides handling (boo#1076907)
Version: 2.49.1-bp150.2.5
* Tue Jan 09 2018 wr@rosenauer.org
- Explicitly buildrequires python2-xml: The build system relies on
it. We wrongly relied on other packages pulling it in for us.
- use parallel compression in create-tar if available
- use XZ instead of BZ2 for source archives
- import upstream patch mozilla-bmo1338655.patch to fix failing
build
* Thu Dec 07 2017 dimstar@opensuse.org
- Escape the usage of %{VERSION} when calling out to rpm.
RPM 4.14 has %{VERSION} defined as 'the main packages version'.
* Fri Nov 10 2017 zaitor@opensuse.org
- Drop obsolete libgnomeui-devel BuildRequires: No longer needed.
- Following the above, add explicit pkgconfig(gconf-2.0),
pkgconfig(gobject-2.0)pkgconfig(gdk-x11-2.0), pkgconfig(gtk+-2.0)
and pkgconfig(gtk+-unix-print-2.0) BuildRequires: previously
pulled in by libgnomeui-devel, and is what configure really
checks for.
* Fri Aug 04 2017 wr@rosenauer.org
- update to Seamonkey 2.48
* based on Gecko 51.0.3
* requires NSPR 4.13.1 and NSS 3.28.5 (aligned with 52ESR)
- removed obsolete (upstreamed) patches
* mozilla-http2-ecdh-keybits.patch
* mozilla-sed43.patch
* mozilla-flex_buffer_overrun.patch
* mozilla-shared-nss-db.patch (feature dropped from SM due to
maintenance costs vs. usefulness)
* mozilla-binutils-visibility.patch
* mozilla-check_return.patch
* mozilla-skia-overflow.patch
- rebased patches
* Sun Feb 12 2017 wr@rosenauer.org
- fix configure with for sed >= 4.3 (boo#1020631) (mozilla-sed43.patch)
* Tue Jan 24 2017 wr@rosenauer.org
- improve recognition of LANGUAGE env variable (boo#1017174)
- update minimum keybits in H2 so it allows a smaller value
(e.g. for curve25519 as supported with NSS 3.28) (bmo#1290037)
(boo#1021636) (mozilla-http2-ecdh-keybits.patch)
* Fri Dec 23 2016 wr@rosenauer.org
- update to Seamonkey 2.46
* based on Gecko 49.0.2
* Chatzilla and DOM Inspector were removed/disabled and therefore
those subpackages are not available at this moment
- requires NSPR 4.12 and NSS 3.25
- removed obsolete patches
* mozilla-libproxy.patch
* mozilla-gcc6.patch
* mozilla-openaes-decl.patch
- rebased patches
- added patches imported from Firefox 49:
* mozilla-check_return.patch
* mozilla-flex_buffer_overrun.patch
* mozilla-skia-overflow.patch
* Mon Oct 17 2016 wr@rosenauer.org
- mozilla-binutils-visibility.patch to fix build issues with
gcc/binutils combination used in Leap 42.2 (boo#984637)
* Sun Aug 21 2016 antoine.belvire@laposte.net
- Build also with fno-lifetime-dse and fno-schedule-insns2 for GCC6
(still boo#991027)
- Check compiler version instead of openSUSE version for this
* Mon Aug 08 2016 wr@rosenauer.org
- build with -fno-delete-null-pointer-checks for Tumbleweed/gcc6
as long as underlying issues have been addressed upstream
(boo#991027)
* Fri Aug 05 2016 pcerny@suse.com
- Fix for possible buffer overrun (bsc#990856)
CVE-2016-6354 (bmo#1292534)
[mozilla-flex_buffer_overrun.patch]
* Tue Jul 26 2016 badshah400@gmail.com
- Add appstream metainfo files as a tar.bz2 source
(seamonkey-appdata.tar.bz2) and install these appdata.xml files
to the appdata dir (/usr/share/appdata); with these appdata
files installed, seamonkey shows up in appstores like GNOME
software and KDE Discover.
* Sun Jul 17 2016 badshah400@gmail.com
- Add mozilla-gcc6.patch to fix building with gcc >= 6.0.
* Sat Mar 05 2016 wr@rosenauer.org
- fix build problems on i586, caused by too large unified compile
units - adding mozilla-reduce-files-per-UnifiedBindings.patch
- increased _constraints as required
* Tue Jan 19 2016 wr@rosenauer.org
- update to Seamonkey 2.40 (bnc#959277)
* requires NSS 3.20.2 to fix
MFSA 2015-150/CVE-2015-7575 (bmo#1158489)
MD5 signatures accepted within TLS 1.2 ServerKeyExchange in
server signature
* MFSA 2015-134/CVE-2015-7201/CVE-2015-7202
Miscellaneous memory safety hazards
* MFSA 2015-135/CVE-2015-7204 (bmo#1216130)
Crash with JavaScript variable assignment with unboxed objects
* MFSA 2015-136/CVE-2015-7207 (bmo#1185256)
Same-origin policy violation using perfomance.getEntries and
history navigation
* MFSA 2015-137/CVE-2015-7208 (bmo#1191423)
Firefox allows for control characters to be set in cookies
* MFSA 2015-138/CVE-2015-7210 (bmo#1218326)
Use-after-free in WebRTC when datachannel is used after being
destroyed
* MFSA 2015-139/CVE-2015-7212 (bmo#1222809)
Integer overflow allocating extremely large textures
* MFSA 2015-140/CVE-2015-7215 (bmo#1160890)
Cross-origin information leak through web workers error events
* MFSA 2015-141/CVE-2015-7211 (bmo#1221444)
Hash in data URI is incorrectly parsed
* MFSA 2015-142/CVE-2015-7218/CVE-2015-7219 (bmo#1194818, bmo#1194820)
DOS due to malformed frames in HTTP/2
* MFSA 2015-143/CVE-2015-7216/CVE-2015-7217 (bmo#1197059, bmo#1203078)
Linux file chooser crashes on malformed images due to flaws in
Jasper library
* MFSA 2015-144/CVE-2015-7203/CVE-2015-7220/CVE-2015-7221
(bmo#1201183, bmo#1178033, bmo#1199400)
Buffer overflows found through code inspection
* MFSA 2015-145/CVE-2015-7205 (bmo#1220493)
Underflow through code inspection
* MFSA 2015-146/CVE-2015-7213 (bmo#1206211)
Integer overflow in MP4 playback in 64-bit versions
* MFSA 2015-147/CVE-2015-7222 (bmo#1216748)
Integer underflow and buffer overflow processing MP4 metadata in
libstagefright
* MFSA 2015-148/CVE-2015-7223 (bmo#1226423)
Privilege escalation vulnerabilities in WebExtension APIs
* MFSA 2015-149/CVE-2015-7214 (bmo#1228950)
Cross-site reading attack through data and view-source URIs
- rebased patches
- buildrequire xcomposite now explicitely
* Thu Nov 05 2015 wr@rosenauer.org
- update to Seamonkey 2.39 (bnc#952810)
* MFSA 2015-116/CVE-2015-4513/CVE-2015-4514
Miscellaneous memory safety hazards
* MFSA 2015-117/CVE-2015-4515 (bmo#1046421)
Information disclosure through NTLM authentication
* MFSA 2015-118/CVE-2015-4518 (bmo#1182778, bmo#1136692)
CSP bypass due to permissive Reader mode whitelist
* MFSA 2015-119/CVE-2015-7185 (bmo#1149000) (Android only)
Firefox for Android addressbar can be removed after fullscreen mode
* MFSA 2015-120/CVE-2015-7186 (bmo#1193027) (Android only)
Reading sensitive profile files through local HTML file on Android
* MFSA 2015-121/CVE-2015-7187 (bmo#1195735)
disabling scripts in Add-on SDK panels has no effect
* MFSA 2015-122/CVE-2015-7188 (bmo#1199430)
Trailing whitespace in IP address hostnames can bypass same-origin policy
* MFSA 2015-123/CVE-2015-7189 (bmo#1205900)
Buffer overflow during image interactions in canvas
* MFSA 2015-124/CVE-2015-7190 (bmo#1208520) (Android only)
Android intents can be used on Firefox for Android to open privileged files
* MFSA 2015-125/CVE-2015-7191 (bmo#1208956) (Android only)
XSS attack through intents on Firefox for Android
* MFSA 2015-126/CVE-2015-7192 (bmo#1210023) (OS X only)
Crash when accessing HTML tables with accessibility tools on OS X
* MFSA 2015-127/CVE-2015-7193 (bmo#1210302)
CORS preflight is bypassed when non-standard Content-Type headers
are received
* MFSA 2015-128/CVE-2015-7194 (bmo#1211262)
Memory corruption in libjar through zip files
* MFSA 2015-129/CVE-2015-7195 (bmo#1211871)
Certain escaped characters in host of Location-header are being
treated as non-escaped
* MFSA 2015-130/CVE-2015-7196 (bmo#1140616)
JavaScript garbage collection crash with Java applet
* MFSA 2015-131/CVE-2015-7198/CVE-2015-7199/CVE-2015-7200
(bmo#1188010, bmo#1204061, bmo#1204155)
Vulnerabilities found through code inspection
* MFSA 2015-132/CVE-2015-7197 (bmo#1204269)
Mixed content WebSocket policy bypass through workers
* MFSA 2015-133/CVE-2015-7181/CVE-2015-7182/CVE-2015-7183
(bmo#1202868, bmo#1205157)
NSS and NSPR memory corruption issues
(fixed in mozilla-nspr and mozilla-nss packages)
- requires NSPR >= 4.10.10 and NSS >= 3.19.4
- removed obsolete patches
* mozilla-icu-strncat.patch
- fixed build with enable-libproxy (bmo#1220399)
* mozilla-libproxy.patch
* Thu Oct 01 2015 wr@rosenauer.org
- update to SeaMonkey 2.38 (bnc#947003)
* based on 41.0.1
* MFSA 2015-96/CVE-2015-4500/CVE-2015-4501
Miscellaneous memory safety hazards
* MFSA 2015-97/CVE-2015-4503 (bmo#994337)
Memory leak in mozTCPSocket to servers
* MFSA 2015-98/CVE-2015-4504 (bmo#1132467)
Out of bounds read in QCMS library with ICC V4 profile attributes
* MFSA 2015-100/CVE-2015-4505 (bmo#1177861) (Windows only)
Arbitrary file manipulation by local user through Mozilla updater
* MFSA 2015-101/CVE-2015-4506 (bmo#1192226)
Buffer overflow in libvpx while parsing vp9 format video
* MFSA 2015-102/CVE-2015-4507 (bmo#1192401)
Crash when using debugger with SavedStacks in JavaScript
* MFSA 2015-104/CVE-2015-4510 (bmo#1200004)
Use-after-free with shared workers and IndexedDB
* MFSA 2015-105/CVE-2015-4511 (bmo#1200148)
Buffer overflow while decoding WebM video
* MFSA 2015-106/CVE-2015-4509 (bmo#1198435)
Use-after-free while manipulating HTML media content
* MFSA 2015-107/CVE-2015-4512 (bmo#1170390)
Out-of-bounds read during 2D canvas display on Linux 16-bit
color depth systems
* MFSA 2015-108/CVE-2015-4502 (bmo#1105045)
Scripted proxies can access inner window
* MFSA 2015-109/CVE-2015-4516 (bmo#904886)
JavaScript immutable property enforcement can be bypassed
* MFSA 2015-110/CVE-2015-4519 (bmo#1189814)
Dragging and dropping images exposes final URL after redirects
* MFSA 2015-111/CVE-2015-4520 (bmo#1200856, bmo#1200869)
Errors in the handling of CORS preflight request headers
* MFSA 2015-112/CVE-2015-4517/CVE-2015-4521/CVE-2015-4522/
CVE-2015-7174/CVE-2015-7175/CVE-2015-7176/CVE-2015-7177/
CVE-2015-7180
Vulnerabilities found through code inspection
* MFSA 2015-113/CVE-2015-7178/CVE-2015-7179 (bmo#1189860,
bmo#1190526) (Windows only)
Memory safety errors in libGLES in the ANGLE graphics library
* MFSA 2015-114 (bmo#1167498, bmo#1153672) (Windows only)
Information disclosure via the High Resolution Time API
- removed obsolete patch
* mozilla-add-glibcxx_use_cxx11_abi.patch
- added mozilla-no-stdcxx-check.patch
* Sat Aug 29 2015 wr@rosenauer.org
- update to SeaMonkey 2.35 (bnc#935979)
* based on 38.1.1esr
* requires NSPR 4.10.8 and NSS 3.19.2
- removed obsolete patches
* mozilla-visitSubstr.patch
* mozilla-undef-CONST.patch
* mozilla-reintroduce-pixman-code-path.patch
* mozilla-fix-prototype.patch
* mozilla-disable-JEMALLOC_STATIC_SIZES-on-ppc.patch
- renamed mozilla-add-D_GLIBCXX_USE_CXX11_ABI-0-to-CXXFLAG.patch
to mozilla-add-glibcxx_use_cxx11_abi.patch (sync with Firefox)
- dropped mozilla-prefer_plugin_pref.patch as this feature is
likely not worth maintaining further
* Sat Jun 27 2015 antoine.belvire@laposte.net
- Fix compilation issues:
* Add mozilla-add-D_GLIBCXX_USE_CXX11_ABI-0-to-CXXFLAG.patch (bmo#1153109)
* Add mozilla-reintroduce-pixman-code-path.patch (bmo#1136958)
* Add mozilla-visitSubstr.patch (bmo#1108834)
* Add mozilla-undef-CONST.patch (bmo#1111395)
* Add mozilla-disable-JEMALLOC_STATIC_SIZES-on-ppc.patch
* Sun Mar 22 2015 wr@rosenauer.org
- update to SeaMonkey 2.33.1 (bnc#923534)
* MFSA 2015-28/CVE-2015-0818 (bmo#1144988)
Privilege escalation through SVG navigation
* MFSA 2015-29/CVE-2015-0817 (bmo#1145255)
Code execution through incorrect JavaScript bounds checking
elimination