Mozilla Firefox and others: Update to Firefox 20.0 release (important)

The Mozilla suite received security and bugfix updates:

Mozilla Firefox was updated to version 20.0. Mozilla
Thunderbird was updated to version 17.0.5. Mozilla
Seamonkey was updated to version 17.0.5. Mozilla XULRunner
was updated to version 17.0.5. mozilla-nss was updated to
version 3.14.3. mozilla-nspr was updated to version 4.9.6.

mozilla-nspr was updated to version 4.9.6:

• aarch64 support
• added PL_SizeOfArenaPoolExcludingPool function
  (bmo#807883)
• Auto detect android api version for x86 (bmo#782214)
• Initialize Windows CRITICAL_SECTIONs without debug info
  and with nonzero spin count (bmo#812085) Previous update
  to version 4.9.5
• bmo#634793: define NSPR’s exact-width integer types
  PRInt{N} and PRUint{N} types to match the <stdint.h>
  exact-width integer types int{N}_t and uint{N}_t.
• bmo#782815: passing ‘int *’ to parameter of type
  ‘unsigned int *’ in setsockopt().
• bmo#822932: Port bmo#802527 (NDK r8b support for x86) to
  NSPR.
• bmo#824742: NSPR shouldn’t require librt on Android.
• bmo#831793: data race on lib->refCount in
  PR_UnloadLibrary.

mozilla-nss was updated to version 3.14.3:

• disable tests with expired certificates

• add SEC_PKCS7VerifyDetachedSignatureAtTime using patch
  from mozilla tree to fulfill Firefox 21 requirements

• No new major functionality is introduced in this release.
  This release is a patch release to address CVE-2013-1620
  (bmo#822365)

• "certutil -a" was not correctly producing ASCII output as
  requested. (bmo#840714)

• NSS 3.14.2 broke compilation with older versions of
  sqlite that lacked the SQLITE_FCNTL_TEMPFILENAME file
  control. NSS 3.14.3 now properly compiles when used with
  older versions of sqlite (bmo#837799) - remove
  system-sqlite.patch

• add arm aarch64 support

• added system-sqlite.patch (bmo#837799)

• do not depend on latest sqlite just for a #define

• enable system sqlite usage again

• update to 3.14.2

• required for Firefox >= 20

• removed obsolete nssckbi update patch

• MFSA 2013-40/CVE-2013-0791 (bmo#629816) Out-of-bounds
  array read in CERT_DecodeCertPackage

• disable system sqlite usage since we depend on 3.7.15
  which is not provided in any openSUSE distribution

• add nss-sqlitename.patch to avoid any name clash

Changes in MozillaFirefox:

• update to Firefox 20.0 (bnc#813026)

• requires NSPR 4.9.5 and NSS 3.14.3
• MFSA 2013-30/CVE-2013-0788/CVE-2013-0789 Miscellaneous
  memory safety hazards
• MFSA 2013-31/CVE-2013-0800 (bmo#825721) Out-of-bounds
  write in Cairo library
• MFSA 2013-35/CVE-2013-0796 (bmo#827106) WebGL crash
  with Mesa graphics driver on Linux
• MFSA 2013-36/CVE-2013-0795 (bmo#825697) Bypass of SOW
  protections allows cloning of protected nodes
• MFSA 2013-37/CVE-2013-0794 (bmo#626775) Bypass of
  tab-modal dialog origin disclosure
• MFSA 2013-38/CVE-2013-0793 (bmo#803870) Cross-site
  scripting (XSS) using timed history navigations
• MFSA 2013-39/CVE-2013-0792 (bmo#722831) Memory
  corruption while rendering grayscale PNG images

• use GStreamer 1.0 starting with 12.3
  (mozilla-gstreamer-1.patch)
• build fixes for armv7hl:

• disable debug build as armv7hl does not have enough
  memory
• disable webrtc on armv7hl as it is non-compiling

Changes in MozillaThunderbird:

• update to Thunderbird 17.0.5 (bnc#813026)

• requires NSPR 4.9.5 and NSS 3.14.3
• MFSA 2013-30/CVE-2013-0788/CVE-2013-0789 Miscellaneous
  memory safety hazards
• MFSA 2013-31/CVE-2013-0800 (bmo#825721) Out-of-bounds
  write in Cairo library
• MFSA 2013-35/CVE-2013-0796 (bmo#827106) WebGL crash
  with Mesa graphics driver on Linux
• MFSA 2013-36/CVE-2013-0795 (bmo#825697) Bypass of SOW
  protections allows cloning of protected nodes
• MFSA 2013-38/CVE-2013-0793 (bmo#803870) Cross-site
  scripting (XSS) using timed history navigations

Changes in seamonkey:

• update to SeaMonkey 2.17 (bnc#813026)

• requires NSPR 4.9.5 and NSS 3.14.3
• MFSA 2013-30/CVE-2013-0788/CVE-2013-0789 Miscellaneous
  memory safety hazards
• MFSA 2013-31/CVE-2013-0800 (bmo#825721) Out-of-bounds
  write in Cairo library
• MFSA 2013-35/CVE-2013-0796 (bmo#827106) WebGL crash
  with Mesa graphics driver on Linux
• MFSA 2013-36/CVE-2013-0795 (bmo#825697) Bypass of SOW
  protections allows cloning of protected nodes
• MFSA 2013-37/CVE-2013-0794 (bmo#626775) Bypass of
  tab-modal dialog origin disclosure
• MFSA 2013-38/CVE-2013-0793 (bmo#803870) Cross-site
  scripting (XSS) using timed history navigations
• MFSA 2013-39/CVE-2013-0792 (bmo#722831) Memory
  corruption while rendering grayscale PNG images

• use GStreamer 1.0 starting with 12.3
  (mozilla-gstreamer-1.patch)

Changes in xulrunner:

• update to 17.0.5esr (bnc#813026)

• requires NSPR 4.9.5 and NSS 3.14.3
• MFSA 2013-30/CVE-2013-0788 Miscellaneous memory safety
  hazards
• MFSA 2013-31/CVE-2013-0800 (bmo#825721) Out-of-bounds
  write in Cairo library
• MFSA 2013-35/CVE-2013-0796 (bmo#827106) WebGL crash
  with Mesa graphics driver on Linux
• MFSA 2013-36/CVE-2013-0795 (bmo#825697) Bypass of SOW
  protections allows cloning of protected nodes
• MFSA 2013-37/CVE-2013-0794 (bmo#626775) Bypass of
  tab-modal dialog origin disclosure
• MFSA 2013-38/CVE-2013-0793 (bmo#803870) Cross-site
  scripting (XSS) using timed history navigations