# HG changeset patch # User Wolfgang Rosenauer # Date 1646231690 -3600 # Node ID 130d464159befc2b8c4e6293ee26c83d268eb790 # Parent f9b2d408b7ef6836437edf8c28a80065ed5730d7 Firefox 97.0.1 diff -r f9b2d408b7ef -r 130d464159be MozillaFirefox/MozillaFirefox.changes --- a/MozillaFirefox/MozillaFirefox.changes Sat Feb 05 15:04:53 2022 +0100 +++ b/MozillaFirefox/MozillaFirefox.changes Wed Mar 02 15:34:50 2022 +0100 @@ -1,10 +1,91 @@ ------------------------------------------------------------------- +Fri Feb 18 20:38:22 UTC 2022 - Andreas Stieger + +- Mozilla Firefox 97.0.1 + * Fixed: Fixed an issue where TikTok videos would fail to load + when selected from a user's profile page (bmo#1750973) + * Fixed: Fixed an issue which led to Picture-in-Picture mode + being unable to be toggled on Hulu (bmo#1753401) + * Fixed: Works around problems with WebRoot SecureAnywhere + antivirus rendering Firefox unusable in some situations + (bmo#1752466) + * Fixed: Fixed an issue causing users to see the Restore + Session screen unexpectedly when starting Firefox + (bmo#1749996) + +------------------------------------------------------------------- +Mon Feb 14 19:31:29 UTC 2022 - Luciano Santos + +- Remove bashisms ("source" and "function" keywords) from + mozilla.sh.in to ally with the #!/bin/sh shebang. If the end user + has either dash-sh package or busybox-sh to handle Bourn Shell + scripts rather than having bash-sh package, the script would + fail. Using "." instead of "source" and "create_langpack_link()" + function definition is enough to keep both sides sane, + behavior-wise. + +------------------------------------------------------------------- +Tue Feb 8 08:40:45 UTC 2022 - Wolfgang Rosenauer + +- Mozilla Firefox 97.0 + MFSA 2022-04 (bsc#1195682) + * CVE-2022-22753 (bmo#1732435) + Privilege Escalation to SYSTEM on Windows via Maintenance Service + * CVE-2022-22754 (bmo#1750565) + Extensions could have bypassed permission confirmation during update + * CVE-2022-22755 (bmo#1309630) + XSL could have allowed JavaScript execution after a tab was closed + * CVE-2022-22756 (bmo#1317873) + Drag and dropping an image could have resulted in the dropped + object being an executable + * CVE-2022-22757 (bmo#1720098) + Remote Agent did not prevent local websites from connecting + * CVE-2022-22758 (bmo#1728742) + tel: links could have sent USSD codes to the dialer on + Firefox for Android + * CVE-2022-22759 (bmo#1739957) + Sandboxed iframes could have executed script if the parent + appended elements + * CVE-2022-22760 (bmo#1740985, bmo#1748503) + Cross-Origin responses could be distinguished between script + and non-script content-types + * CVE-2022-22761 (bmo#1745566) + frame-ancestors Content Security Policy directive was not + enforced for framed extension pages + * CVE-2022-22762 (bmo#1743931) + JavaScript Dialogs could have been displayed over other + domains on Firefox for Android + * CVE-2022-22764 (bmo#1742682, bmo#1744165, bmo#1746545, + bmo#1748210, bmo#1748279) + Memory safety bugs fixed in Firefox 97 and Firefox ESR 91.6 + * CVE-2022-0511 (bmo#1713579, bmo#1735448, bmo#1743821, bmo#1746313, + bmo#1746314, bmo#1746316, bmo#1746321, bmo#1746322, bmo#1746323, + bmo#1746412, bmo#1746430, bmo#1746451, bmo#1746488, bmo#1746875, + bmo#1746898, bmo#1746905, bmo#1746907, bmo#1746917, bmo#1747128, + bmo#1747137, bmo#1747331, bmo#1747346, bmo#1747439, bmo#1747457, + bmo#1747870, bmo#1749051, bmo#1749274, bmo#1749831) + Memory safety bugs fixed in Firefox 97 +- requires NSS 3.74 +- requires rust 1.57 + +------------------------------------------------------------------- +Mon Feb 7 22:21:29 UTC 2022 - Dirk Müller + +- remove memoryperjob and use %limit instead. this allows to + adapt to more worker types, and lowers the time the package + is stuck in "scheduling". raising memory above 8 to lower + risk for LTO jobs to run OOM +- add hack to disable -Wl,--gc-section which avoids a binutils + segfault on x86 +- change mozilla-reduce-rust-debuginfo.patch: use -g1 everywhere + +------------------------------------------------------------------- Sun Jan 30 23:58:34 UTC 2022 - Dirk Müller -- disable ccache, this adds about 1 minute of build time and +- disable ccache, this adds about 1 minute of build time and over 2 GB of disk space usage without benefit on OBS builds - build with rust-simd like upstream does -- use -g1 for debuginfo generation as this is what upstream +- use -g1 for debuginfo generation as this is what upstream does as well and it saves ~ 2GB of writes - use %limit on x86_64 to scale down to less capable workers - disable install stripping so that debuginfo is useful diff -r f9b2d408b7ef -r 130d464159be MozillaFirefox/MozillaFirefox.spec --- a/MozillaFirefox/MozillaFirefox.spec Sat Feb 05 15:04:53 2022 +0100 +++ b/MozillaFirefox/MozillaFirefox.spec Wed Mar 02 15:34:50 2022 +0100 @@ -2,7 +2,7 @@ # spec file # # Copyright (c) 2022 SUSE LLC -# 2006-2021 Wolfgang Rosenauer +# 2006-2022 Wolfgang Rosenauer # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -28,9 +28,9 @@ # orig_suffix b3 # major 69 # mainver %major.99 -%define major 96 -%define mainver %major.0.3 -%define orig_version 96.0.3 +%define major 97 +%define mainver %major.0.1 +%define orig_version 97.0.1 %define orig_suffix %{nil} %define update_channel release %define branding 1 @@ -97,13 +97,13 @@ BuildRequires: gcc-c++ %endif %if 0%{?suse_version} < 1550 && 0%{?sle_version} < 150300 -BuildRequires: cargo >= 1.53 -BuildRequires: rust >= 1.53 +BuildRequires: cargo >= 1.57 +BuildRequires: rust >= 1.57 %else # Newer sle/leap/tw use parallel versioned rust releases which have # a different method for provides that we can use to request a # specific version -BuildRequires: rust+cargo >= 1.53 +BuildRequires: rust+cargo >= 1.57 %endif %if 0%{useccache} != 0 BuildRequires: ccache @@ -114,7 +114,7 @@ BuildRequires: libproxy-devel BuildRequires: makeinfo BuildRequires: mozilla-nspr-devel >= 4.33 -BuildRequires: mozilla-nss-devel >= 3.73.1 +BuildRequires: mozilla-nss-devel >= 3.74 BuildRequires: nasm >= 2.14 BuildRequires: nodejs >= 10.22.1 %if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000 @@ -381,6 +381,8 @@ %ifarch %arm %ix86 # Limit RAM usage during link export LDFLAGS="${LDFLAGS} -Wl,--no-keep-memory -Wl,--reduce-memory-overheads" +# A lie to prevent -Wl,--gc-sections being set which requires more memory than 32bit can offer +export GC_SECTIONS_BREAKS_DEBUG_RANGES=yes %endif export LDFLAGS="${LDFLAGS} -fPIC -Wl,-z,relro,-z,now" %ifarch ppc64 ppc64le @@ -408,9 +410,7 @@ echo "" cat << EOF %else -%ifarch aarch64 ppc64 ppc64le x86_64 -%limit_build -m 2048 -%endif +%limit_build -m 2560 cat << EOF > $MOZCONFIG %endif mk_add_options MOZILLA_OFFICIAL=1 @@ -433,8 +433,8 @@ ac_add_options --disable-debug-symbols %else ac_add_options --enable-debug-symbols=-g1 +%endif ac_add_options --disable-install-strip -%endif # building with elf-hack started to fail everywhere with FF73 #%if 0%{?suse_version} > 1549 %ifnarch aarch64 ppc64 ppc64le s390x diff -r f9b2d408b7ef -r 130d464159be MozillaFirefox/_constraints --- a/MozillaFirefox/_constraints Sat Feb 05 15:04:53 2022 +0100 +++ b/MozillaFirefox/_constraints Wed Mar 02 15:34:50 2022 +0100 @@ -3,14 +3,11 @@ 4 - 24 + 26 - 8 + 15 - - 1536 - @@ -26,4 +23,17 @@ + + + + aarch64 + ppc64le + s390x + + + + 8 + + + diff -r f9b2d408b7ef -r 130d464159be MozillaFirefox/mozilla.sh.in --- a/MozillaFirefox/mozilla.sh.in Sat Feb 05 15:04:53 2022 +0100 +++ b/MozillaFirefox/mozilla.sh.in Wed Mar 02 15:34:50 2022 +0100 @@ -100,7 +100,7 @@ fi # xinput2 (boo#1173320) -source /etc/os-release +. /etc/os-release if [ "$ID" = "opensuse-tumbleweed" ]; then export MOZ_USE_XINPUT2=1 fi @@ -151,7 +151,7 @@ # Try with a local variant first, then without a local variant SHORTMOZLOCALE=`echo $CURRENT_LOCALE | sed "s|_\([^.]*\).*||g" | sed "s|\..*||g"` MOZLOCALE=`echo $CURRENT_LOCALE | sed "s|_\([^.]*\).*|-\1|g" | sed "s|\..*||g"` - function create_langpack_link() { + create_langpack_link() { local language=$* local langpack=langpack-${language}@firefox.mozilla.org.xpi if [ -f $MOZ_LANGPACKS_DIR/$langpack ]; then diff -r f9b2d408b7ef -r 130d464159be MozillaFirefox/tar_stamps --- a/MozillaFirefox/tar_stamps Sat Feb 05 15:04:53 2022 +0100 +++ b/MozillaFirefox/tar_stamps Wed Mar 02 15:34:50 2022 +0100 @@ -1,10 +1,10 @@ PRODUCT="firefox" CHANNEL="release" -VERSION="96.0.3" +VERSION="97.0.1" VERSION_SUFFIX="" -PREV_VERSION="96.0.2" +PREV_VERSION="97.0" PREV_VERSION_SUFFIX="" #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release" -RELEASE_TAG="08a730393ae6e9e8f7096f1a040dc66948f245b1" -RELEASE_TIMESTAMP="20220126154723" +RELEASE_TAG="0f0ba6e8029d8148743c4aa50c2be4c4c643f8a4" +RELEASE_TIMESTAMP="20220216172458" diff -r f9b2d408b7ef -r 130d464159be mozilla-kde.patch --- a/mozilla-kde.patch Sat Feb 05 15:04:53 2022 +0100 +++ b/mozilla-kde.patch Wed Mar 02 15:34:50 2022 +0100 @@ -3,7 +3,7 @@ # Date 1559294891 -7200 # Fri May 31 11:28:11 2019 +0200 # Node ID c2aa7198fb925e7fde96abf65b6f68b9b755f112 -# Parent 9db1669be16001a48b62d147070fb75f60bac251 +# Parent 8d1110b6918acc4e7d3f655d1e55f4b4ff630abe Description: Add KDE integration to Firefox (toolkit parts) Author: Wolfgang Rosenauer Author: Lubos Lunak @@ -31,7 +31,7 @@ #ifdef MOZ_MEMORY # include "mozmemory.h" #endif -@@ -4635,16 +4636,27 @@ nsresult Preferences::InitInitialObjects +@@ -4634,16 +4635,27 @@ nsresult Preferences::InitInitialObjects "unix.js" # if defined(_AIX) , @@ -59,7 +59,7 @@ // Load jar:$app/omni.jar!/defaults/preferences/*.js // or jar:$gre/omni.jar!/defaults/preferences/*.js. -@@ -4709,17 +4721,17 @@ nsresult Preferences::InitInitialObjects +@@ -4708,17 +4720,17 @@ nsresult Preferences::InitInitialObjects } nsCOMPtr path = do_QueryInterface(elem); @@ -81,7 +81,7 @@ diff --git a/modules/libpref/moz.build b/modules/libpref/moz.build --- a/modules/libpref/moz.build +++ b/modules/libpref/moz.build -@@ -119,16 +119,20 @@ EXPORTS.mozilla += [ +@@ -118,16 +118,20 @@ EXPORTS.mozilla += [ ] EXPORTS.mozilla += sorted(["!" + g for g in gen_h]) @@ -147,7 +147,7 @@ diff --git a/toolkit/components/downloads/moz.build b/toolkit/components/downloads/moz.build --- a/toolkit/components/downloads/moz.build +++ b/toolkit/components/downloads/moz.build -@@ -45,10 +45,14 @@ XPCOM_MANIFESTS += [ +@@ -46,10 +46,14 @@ XPCOM_MANIFESTS += [ if CONFIG["MOZ_PLACES"]: EXTRA_JS_MODULES += [ @@ -165,7 +165,7 @@ diff --git a/toolkit/mozapps/downloads/HelperAppDlg.jsm b/toolkit/mozapps/downloads/HelperAppDlg.jsm --- a/toolkit/mozapps/downloads/HelperAppDlg.jsm +++ b/toolkit/mozapps/downloads/HelperAppDlg.jsm -@@ -1231,36 +1231,66 @@ nsUnknownContentTypeDialog.prototype = { +@@ -1252,36 +1252,66 @@ nsUnknownContentTypeDialog.prototype = { params.handlerApp && params.handlerApp.executable && params.handlerApp.executable.isFile() @@ -841,11 +841,11 @@ ] if CONFIG["MOZ_ENABLE_DBUS"]: - CXXFLAGS += CONFIG["TK_CFLAGS"] CXXFLAGS += CONFIG["MOZ_DBUS_CFLAGS"] if CONFIG["MOZ_WIDGET_TOOLKIT"] == "gtk": - CXXFLAGS += CONFIG["TK_CFLAGS"] + CXXFLAGS += CONFIG["MOZ_GTK3_CFLAGS"] + CXXFLAGS += CONFIG["MOZ_DBUS_GLIB_CFLAGS"] diff --git a/uriloader/exthandler/unix/nsCommonRegistry.cpp b/uriloader/exthandler/unix/nsCommonRegistry.cpp new file mode 100644 --- /dev/null @@ -1260,7 +1260,7 @@ diff --git a/widget/gtk/moz.build b/widget/gtk/moz.build --- a/widget/gtk/moz.build +++ b/widget/gtk/moz.build -@@ -135,16 +135,17 @@ FINAL_LIBRARY = "xul" +@@ -136,16 +136,17 @@ FINAL_LIBRARY = "xul" LOCAL_INCLUDES += [ "/layout/base", @@ -1317,7 +1317,7 @@ # include "Units.h" extern mozilla::LazyLogModule gWidgetLog; # define LOG(args) MOZ_LOG(gWidgetLog, mozilla::LogLevel::Debug, args) -@@ -242,17 +245,19 @@ nsFilePicker::AppendFilters(int32_t aFil +@@ -236,17 +239,19 @@ nsFilePicker::AppendFilters(int32_t aFil mAllowURLs = !!(aFilterMask & filterAllowURLs); return nsBaseFilePicker::AppendFilters(aFilterMask); } @@ -1338,7 +1338,7 @@ mFilters.AppendElement(filter); mFilterNames.AppendElement(name); -@@ -352,16 +357,39 @@ nsresult nsFilePicker::Show(int16_t* aRe +@@ -346,16 +351,39 @@ nsresult nsFilePicker::Show(int16_t* aRe return NS_OK; } @@ -1378,7 +1378,7 @@ GtkFileChooserAction action = GetGtkFileChooserAction(mMode); const gchar* accept_button; -@@ -581,16 +609,244 @@ void nsFilePicker::Done(void* file_choos +@@ -575,16 +603,244 @@ void nsFilePicker::Done(void* file_choos mCallback->Done(result); mCallback = nullptr; } else { @@ -1796,7 +1796,7 @@ ] if CONFIG["MOZ_WIDGET_TOOLKIT"] == "gtk": - CXXFLAGS += CONFIG["TK_CFLAGS"] + CXXFLAGS += CONFIG["MOZ_GTK3_CFLAGS"] if CONFIG["MOZ_ENABLE_DBUS"]: CXXFLAGS += CONFIG["MOZ_DBUS_GLIB_CFLAGS"] @@ -1804,7 +1804,7 @@ diff --git a/xpcom/io/nsLocalFileUnix.cpp b/xpcom/io/nsLocalFileUnix.cpp --- a/xpcom/io/nsLocalFileUnix.cpp +++ b/xpcom/io/nsLocalFileUnix.cpp -@@ -53,16 +53,17 @@ +@@ -54,16 +54,17 @@ #include "prproces.h" #include "nsIDirectoryEnumerator.h" #include "nsSimpleEnumerator.h" @@ -1822,7 +1822,7 @@ # include "prmem.h" # include "plbase64.h" -@@ -2025,62 +2026,77 @@ nsLocalFile::SetPersistentDescriptor(con +@@ -2071,62 +2072,77 @@ nsLocalFile::SetPersistentDescriptor(con NS_IMETHODIMP nsLocalFile::Reveal() { diff -r f9b2d408b7ef -r 130d464159be mozilla-reduce-rust-debuginfo.patch --- a/mozilla-reduce-rust-debuginfo.patch Sat Feb 05 15:04:53 2022 +0100 +++ b/mozilla-reduce-rust-debuginfo.patch Wed Mar 02 15:34:50 2022 +0100 @@ -1,28 +1,11 @@ -diff --git a/build/moz.configure/rust.configure b/build/moz.configure/rust.configure ---- a/build/moz.configure/rust.configure -+++ b/build/moz.configure/rust.configure -@@ -610,6 +610,7 @@ set_config("CARGO_PROFILE_DEV_OPT_LEVEL" - "--enable-frame-pointers", - path_remapping, - path_remappings, -+ host - ) - def rust_compile_flags( - opt_level, -@@ -619,6 +620,7 @@ def rust_compile_flags( - frame_pointers, - path_remapping, - path_remappings, -+ host - ): - # Cargo currently supports only two interesting profiles for building: - # development and release. Those map (roughly) to --enable-debug and -@@ -642,6 +644,8 @@ def rust_compile_flags( +--- firefox-96.0.3.orig/build/moz.configure/rust.configure ++++ firefox-96.0.3/build/moz.configure/rust.configure +@@ -641,7 +643,7 @@ def rust_compile_flags( + debug_assertions = False if debug_symbols: - debug_info = "2" -+ if host.bitness == 32 or host.cpu == 'aarch64' or host.cpu == 'ppc64' or host.cpu == 's390x': -+ debug_info = '1' +- debug_info = "2" ++ debug_info = '1' opts = [] diff -r f9b2d408b7ef -r 130d464159be mozilla-silence-no-return-type.patch --- a/mozilla-silence-no-return-type.patch Sat Feb 05 15:04:53 2022 +0100 +++ b/mozilla-silence-no-return-type.patch Wed Mar 02 15:34:50 2022 +0100 @@ -1,10 +1,10 @@ # HG changeset patch -# Parent 9b29b6b7548b93a599167774e747f6e0661cfbe1 +# Parent 216843712d6d6cd9d5bd519f6ef564d00406b43f diff --git a/Cargo.lock b/Cargo.lock --- a/Cargo.lock +++ b/Cargo.lock -@@ -2078,18 +2078,16 @@ name = "glsl-to-cxx" +@@ -2165,18 +2165,16 @@ name = "glsl-to-cxx" version = "0.1.0" dependencies = [ "glsl", @@ -26,24 +26,21 @@ diff --git a/Cargo.toml b/Cargo.toml --- a/Cargo.toml +++ b/Cargo.toml -@@ -78,16 +78,17 @@ opt-level = 2 - opt-level = 2 - - [patch.crates-io] - chardetng = { git = "https://github.com/hsivonen/chardetng", rev="302c995f91f44cf26e77dc4758ad56c3ff0153ad" } +@@ -102,13 +102,13 @@ moz_asserts = { path = "mozglue/static/r + # Other overrides + chardetng = { git = "https://github.com/hsivonen/chardetng", rev="3484d3e3ebdc8931493aa5df4d7ee9360a90e76b" } chardetng_c = { git = "https://github.com/hsivonen/chardetng_c", rev="ed8a4c6f900a90d4dbc1d64b856e61490a1c3570" } + coremidi = { git = "https://github.com/chris-zen/coremidi.git", rev="fc68464b5445caf111e41f643a2e69ccce0b4f83" } libudev-sys = { path = "dom/webauthn/libudev-sys" } packed_simd = { git = "https://github.com/hsivonen/packed_simd", rev="8b4bd7d8229660a749dbe419a57ea01df9de5453" } + midir = { git = "https://github.com/mozilla/midir.git", rev = "4c11f0ffb5d6a10de4aff40a7b81218b33b94e6f" } minidump_writer_linux = { git = "https://github.com/msirringhaus/minidump_writer_linux.git", rev = "029ac0d54b237f27dc7d8d4e51bc0fb076e5e852" } +- +glslopt = { path = "third_party/rust/glslopt/" } - # The following overrides point to dummy projects, as a temporary measure until this is resolved: - # https://github.com/rust-lang/cargo/issues/6179 - js-sys = { git = "https://github.com/kvark/dummy-web" } - slotmap = { git = "https://github.com/kvark/dummy-web" } - wasm-bindgen = { git = "https://github.com/kvark/dummy-web" } - web-sys = { git = "https://github.com/kvark/dummy-web" } - - [patch.crates-io.cranelift-codegen] + # Patch mio 0.6 to use winapi 0.3 and miow 0.3, getting rid of winapi 0.2. + # There is not going to be new version of mio 0.6, mio now being >= 0.7.11. + [patch.crates-io.mio] + path = "third_party/rust/mio-0.6.23" diff --git a/gfx/skia/skia/include/codec/SkEncodedOrigin.h b/gfx/skia/skia/include/codec/SkEncodedOrigin.h --- a/gfx/skia/skia/include/codec/SkEncodedOrigin.h +++ b/gfx/skia/skia/include/codec/SkEncodedOrigin.h