# HG changeset patch # User Wolfgang Rosenauer # Date 1622321533 -7200 # Node ID 57fc0524b50c589ebaeb56e57b1467f5f7368360 # Parent c3d884659acfa5db542edc41729a4cf9b0b660d6 Firefox 88.0.1 diff -r c3d884659acf -r 57fc0524b50c MozillaFirefox/MozillaFirefox.changes --- a/MozillaFirefox/MozillaFirefox.changes Sat Mar 27 21:45:50 2021 +0100 +++ b/MozillaFirefox/MozillaFirefox.changes Sat May 29 22:52:13 2021 +0200 @@ -1,4 +1,110 @@ ------------------------------------------------------------------- +Tue May 11 14:17:33 UTC 2021 - Wolfgang Rosenauer + +- do not rely on nodejs10 anymore + +------------------------------------------------------------------- +Thu May 6 13:40:10 UTC 2021 - Guillaume GARDET + +- Relax RAM and disk constraints for aarch64 + +------------------------------------------------------------------- +Wed May 5 15:13:20 UTC 2021 - Andreas Stieger + +- Mozilla Firefox 88.0.1 + * Fixed: Resolved an issue caused by a recent Widevine plugin + update which prevented some purchased video content from + playing correctly (bmo#1705138) + * Fixed: Fixed corruption of videos playing on Twitter or + WebRTC calls on some Gen6 Intel graphics chipsets + (bmo#1708937) + * Fixed: Fixed menulists in Preferences being unreadable for + users with High Contrast Mode enabled (bmo#1706496) + MFSA 2021-20 (bsc#1185633) + * CVE-2021-29952 (bmo#1704227) + Race condition in Web Render Components +- devel package: move macros to /usr/lib/rpm/macros.d (boo#1185658) + +------------------------------------------------------------------- +Sun May 2 12:03:26 UTC 2021 - Wolfgang Rosenauer + +- add compatibility for libavcodec58_134 + +------------------------------------------------------------------- +Sun Apr 18 09:01:32 UTC 2021 - Wolfgang Rosenauer + +- Mozilla Firefox 88.0 + * New: PDF forms now support JavaScript embedded in PDF files. + Some PDF forms use JavaScript for validation and other + interactive features + * New: Print updates: Margin units are now localized + * New: Smooth pinch-zooming using a touchpad is now supported + on Linux + * New: To protect against cross-site privacy leaks, Firefox now + isolates window.name data to the website that created it. + Learn more + * Changed: Firefox will not prompt for access to your + microphone or camera if you’ve already granted access to the + same device on the same site in the same tab within the past + 50 seconds. This new grace period reduces the number of times + you’re prompted to grant device access + * Changed: The ‘Take a Screenshot’ feature was removed from the + Page Actions menu in the url bar. To take a screenshot, + right-click to open the context menu. You can also add a + screenshots shortcut directly to your toolbar via the + Customize menu. Open the Firefox menu and select Customize… + * Changed: FTP support has been disabled, and its full removal + is planned for an upcoming release. Addressing this security + risk reduces the likelihood of an attack while also removing + support for a non-encrypted protocol + * Developer: Introduced a new toggle button in the Network + panel for switching between JSON formatted HTTP response and + raw data (as received over the wire). + !enter image description here + * Enterprise: Various bug fixes and new policies have been + implemented in the latest version of Firefox. You can see + more details in the Firefox for Enterprise 88 Release Notes. + * Fixed: Screen readers no longer incorrectly read content that + websites have visually hidden, as in the case of articles in + the Google Help panel + MFSA 2021-16 (bsc#1184960) + * CVE-2021-23994 (bmo#1699077) + Out of bound write due to lazy initialization + * CVE-2021-23995 (bmo#1699835) + Use-after-free in Responsive Design Mode + * CVE-2021-23996 (bmo#1701834) + Content rendered outside of webpage viewport + * CVE-2021-23997 (bmo#1701942) + Use-after-free when freeing fonts from cache + * CVE-2021-23998 (bmo#1667456) + Secure Lock icon could have been spoofed + * CVE-2021-23999 (bmo#1691153) + Blob URLs may have been granted additional privileges + * CVE-2021-24000 (bmo#1694698) + requestPointerLock() could be applied to a tab different from + the visible tab + * CVE-2021-24001 (bmo#1694727) + Testing code could have enabled session history manipulations + by a compromised content process + * CVE-2021-24002 (bmo#1702374) + Arbitrary FTP command execution on FTP servers using an + encoded URL + * CVE-2021-29945 (bmo#1700690) + Incorrect size computation in WebAssembly JIT could lead to + null-reads + * CVE-2021-29944 (bmo#1697604) + HTML injection vulnerability in Firefox for Android's Reader View + * CVE-2021-29946 (bmo#1698503) + Port blocking could be bypassed + * CVE-2021-29947 (bmo#1651449, bmo#1674142, bmo#1693476, + bmo#1696886, bmo#1700091) + Memory safety bugs fixed in Firefox 88 +- requires + * NSPR 4.30 + * NSS 3.63.1 +- align wayland support logic + +------------------------------------------------------------------- Sat Mar 27 10:40:46 UTC 2021 - Manfred Hollstein - Switch to clang_build globally; just on TW/x86_64 it does not work diff -r c3d884659acf -r 57fc0524b50c MozillaFirefox/MozillaFirefox.spec --- a/MozillaFirefox/MozillaFirefox.spec Sat Mar 27 21:45:50 2021 +0100 +++ b/MozillaFirefox/MozillaFirefox.spec Sat May 29 22:52:13 2021 +0200 @@ -32,9 +32,9 @@ # orig_suffix b3 # major 69 # mainver %major.99 -%define major 87 -%define mainver %major.0 -%define orig_version 87.0 +%define major 88 +%define mainver %major.0.1 +%define orig_version 88.0.1 %define orig_suffix %{nil} %define update_channel release %define branding 1 @@ -85,11 +85,13 @@ %else %define crashreporter 0 %endif -%if 0%{?suse_version} < 1550 && 0%{?sle_version} <= 150100 -# pipewire is too old on Leap <15.1 +%define with_pipewire0_3 1 +%define wayland_supported 1 +%if 0%{?sle_version} > 0 && 0%{?sle_version} < 150200 +# pipewire is too old on Leap <=15.1 %define with_pipewire0_3 0 -%else -%define with_pipewire0_3 1 +# Wayland is too old on Leap <=15.1 as well +%define wayland_supported 0 %endif Name: %{pkgname} @@ -115,10 +117,10 @@ BuildRequires: libiw-devel BuildRequires: libproxy-devel BuildRequires: makeinfo -BuildRequires: mozilla-nspr-devel >= 4.29 -BuildRequires: mozilla-nss-devel >= 3.62 +BuildRequires: mozilla-nspr-devel >= 4.30 +BuildRequires: mozilla-nss-devel >= 3.63.1 BuildRequires: nasm >= 2.14 -BuildRequires: nodejs10 >= 10.22.1 +BuildRequires: nodejs >= 10.22.1 %if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000 BuildRequires: python-libxml2 BuildRequires: python36 @@ -448,10 +450,10 @@ ac_add_options --libdir=%{_libdir} ac_add_options --includedir=%{_includedir} ac_add_options --enable-release -%if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000 +%if 0%{wayland_supported} +ac_add_options --enable-default-toolkit=cairo-gtk3-wayland +%else ac_add_options --enable-default-toolkit=cairo-gtk3 -%else -ac_add_options --enable-default-toolkit=cairo-gtk3-wayland %endif # bmo#1441155 - Disable the generation of Rust debug symbols on Linux32 %ifarch %ix86 %arm @@ -628,6 +630,7 @@ sed "s:%%PREFIX:%{_prefix}:g s:%%PROGDIR:%{progdir}:g s:%%APPNAME:%{progname}:g +s:%%WAYLAND_SUPPORTED:%{wayland_supported}:g s:%%PROFILE:.mozilla/firefox:g" \ %{SOURCE3} > %{buildroot}%{progdir}/%{progname}.sh chmod 755 %{buildroot}%{progdir}/%{progname}.sh @@ -684,8 +687,8 @@ mkdir -p %{buildroot}%{_bindir} install -m 755 %SOURCE12 %{buildroot}%{_bindir} # inspired by mandriva -mkdir -p %{buildroot}%{_sysconfdir}/rpm -cat <<'FIN' >%{buildroot}%{_sysconfdir}/rpm/macros.%{progname} +mkdir -p %{buildroot}%{_rpmmacrodir} +cat <<'FIN' >%{buildroot}%{_rpmmacrodir}/macros.%{progname} # Macros from %{name} package %%firefox_major %{major} %%firefox_version %{version} @@ -778,7 +781,7 @@ %files devel %defattr(-,root,root) %{_bindir}/mozilla-get-app-id -%config %{_sysconfdir}/rpm/macros.%{progname} +%{_rpmmacrodir}/macros.%{progname} %endif %if %localize diff -r c3d884659acf -r 57fc0524b50c MozillaFirefox/_constraints --- a/MozillaFirefox/_constraints Sat Mar 27 21:45:50 2021 +0100 +++ b/MozillaFirefox/_constraints Sat May 29 22:52:13 2021 +0200 @@ -34,11 +34,14 @@ 4 + + 30 + 1000 - 12 + 9 diff -r c3d884659acf -r 57fc0524b50c MozillaFirefox/mozilla.sh.in --- a/MozillaFirefox/mozilla.sh.in Sat Mar 27 21:45:50 2021 +0100 +++ b/MozillaFirefox/mozilla.sh.in Sat May 29 22:52:13 2021 +0200 @@ -84,8 +84,11 @@ export GNOME_DISABLE_CRASH_DIALOG=1 # Wayland +# Only supported on newer systems +WAYLAND_SUPPORTED=%WAYLAND_SUPPORTED + # $XDG_SESSION_TYPE should contain either x11 or wayland -if [ "$XDG_SESSION_TYPE" = "wayland" ]; then +if [ $WAYLAND_SUPPORTED -eq 1 ] && [ "$XDG_SESSION_TYPE" = "wayland" ]; then export MOZ_ENABLE_WAYLAND=1 fi diff -r c3d884659acf -r 57fc0524b50c MozillaFirefox/tar_stamps --- a/MozillaFirefox/tar_stamps Sat Mar 27 21:45:50 2021 +0100 +++ b/MozillaFirefox/tar_stamps Sat May 29 22:52:13 2021 +0200 @@ -1,11 +1,11 @@ PRODUCT="firefox" CHANNEL="release" -VERSION="87.0" +VERSION="88.0.1" VERSION_SUFFIX="" -PREV_VERSION="86.0.1" +PREV_VERSION="88.0" PREV_VERSION_SUFFIX="" #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release" -RELEASE_TAG="bb9bf7e886787222b18094a4723949a29b4d329a" -RELEASE_TIMESTAMP="20210318103112" +RELEASE_TAG="179e1482851c07d65bf29a21c9e42ea312fc87fa" +RELEASE_TIMESTAMP="20210504152106" diff -r c3d884659acf -r 57fc0524b50c mozilla-kde.patch --- a/mozilla-kde.patch Sat Mar 27 21:45:50 2021 +0100 +++ b/mozilla-kde.patch Sat May 29 22:52:13 2021 +0200 @@ -3,7 +3,7 @@ # Date 1559294891 -7200 # Fri May 31 11:28:11 2019 +0200 # Node ID c2aa7198fb925e7fde96abf65b6f68b9b755f112 -# Parent 929fbcb071c2e1ff551c73e8c364e9c1f4495171 +# Parent 53e325f006bd6a31f6f3d40ae248e4058897055a Description: Add KDE integration to Firefox (toolkit parts) Author: Wolfgang Rosenauer Author: Lubos Lunak @@ -31,7 +31,7 @@ #ifdef MOZ_MEMORY # include "mozmemory.h" #endif -@@ -4573,25 +4574,37 @@ nsresult Preferences::InitInitialObjects +@@ -4635,25 +4636,37 @@ nsresult Preferences::InitInitialObjects // application pref files for backwards compatibility. static const char* specialFiles[] = { #if defined(XP_MACOSX) @@ -69,7 +69,7 @@ // Load jar:$app/omni.jar!/defaults/preferences/*.js // or jar:$gre/omni.jar!/defaults/preferences/*.js. -@@ -4656,17 +4669,17 @@ nsresult Preferences::InitInitialObjects +@@ -4718,17 +4731,17 @@ nsresult Preferences::InitInitialObjects } nsCOMPtr path = do_QueryInterface(elem); @@ -841,7 +841,7 @@ diff --git a/uriloader/exthandler/moz.build b/uriloader/exthandler/moz.build --- a/uriloader/exthandler/moz.build +++ b/uriloader/exthandler/moz.build -@@ -86,17 +86,19 @@ else: +@@ -77,17 +77,19 @@ else: SOURCES += [ osdir + "/nsOSHelperAppService.cpp", ] @@ -857,11 +857,11 @@ ] elif CONFIG["MOZ_WIDGET_TOOLKIT"] == "android": UNIFIED_SOURCES += [ - "android/nsAndroidHandlerApp.cpp", - "android/nsExternalURLHandlerService.cpp", "android/nsMIMEInfoAndroid.cpp", ] -@@ -136,16 +138,17 @@ include("/ipc/chromium/chromium-config.m + elif CONFIG["MOZ_WIDGET_TOOLKIT"] == "windows": + UNIFIED_SOURCES += [ +@@ -125,16 +127,17 @@ include("/ipc/chromium/chromium-config.m FINAL_LIBRARY = "xul" LOCAL_INCLUDES += [ @@ -1837,7 +1837,7 @@ diff --git a/xpcom/io/nsLocalFileUnix.cpp b/xpcom/io/nsLocalFileUnix.cpp --- a/xpcom/io/nsLocalFileUnix.cpp +++ b/xpcom/io/nsLocalFileUnix.cpp -@@ -49,16 +49,17 @@ +@@ -53,16 +53,17 @@ #include "prproces.h" #include "nsIDirectoryEnumerator.h" #include "nsSimpleEnumerator.h" @@ -1855,7 +1855,7 @@ # include "prmem.h" # include "plbase64.h" -@@ -2001,62 +2002,77 @@ nsLocalFile::SetPersistentDescriptor(con +@@ -2021,62 +2022,77 @@ nsLocalFile::SetPersistentDescriptor(con NS_IMETHODIMP nsLocalFile::Reveal() { @@ -1938,4 +1938,4 @@ return giovfs->ShowURIForInput(mPath); #elif defined(MOZ_WIDGET_ANDROID) - // Try to get a mimetype, if this fails just use the file uri alone + // Not supported on GeckoView diff -r c3d884659acf -r 57fc0524b50c mozilla-libavcodec58_91.patch --- a/mozilla-libavcodec58_91.patch Sat Mar 27 21:45:50 2021 +0100 +++ b/mozilla-libavcodec58_91.patch Sat May 29 22:52:13 2021 +0200 @@ -1,20 +1,34 @@ -Index: firefox-78.0.2/dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp -=================================================================== ---- firefox-78.0.2.orig/dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp -+++ firefox-78.0.2/dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp -@@ -30,6 +30,7 @@ static FFmpegLibWrapper sLibAV; +# HG changeset patch +# Parent e4abeadbbb7a0c63c17177f1d14ea04c77c6128e + +diff --git a/dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp b/dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp +--- a/dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp ++++ b/dom/media/platforms/ffmpeg/FFmpegRuntimeLinker.cpp +@@ -22,23 +22,27 @@ class FFmpegDecoderModule { + static already_AddRefed Create(FFmpegLibWrapper*); + }; + + static FFmpegLibWrapper sLibAV; + static const char* sLibs[] = { // clang-format off #if defined(XP_DARWIN) ++ "libavcodec.58.134.dylib", + "libavcodec.58.91.dylib", "libavcodec.58.dylib", "libavcodec.57.dylib", "libavcodec.56.dylib", -@@ -37,6 +38,7 @@ static const char* sLibs[] = { + "libavcodec.55.dylib", "libavcodec.54.dylib", "libavcodec.53.dylib", #else ++ "libavcodec.so.58.134", + "libavcodec.so.58.91", "libavcodec.so.58", "libavcodec-ffmpeg.so.58", "libavcodec-ffmpeg.so.57", + "libavcodec-ffmpeg.so.56", + "libavcodec.so.57", + "libavcodec.so.56", + "libavcodec.so.55", + "libavcodec.so.54", diff -r c3d884659acf -r 57fc0524b50c mozilla-pgo.patch --- a/mozilla-pgo.patch Sat Mar 27 21:45:50 2021 +0100 +++ b/mozilla-pgo.patch Sat May 29 22:52:13 2021 +0200 @@ -1,6 +1,6 @@ # HG changeset patch # User Wolfgang Rosenauer -# Parent 07b5ae8ccc4806fcc5ad74e32a2d3fb2b9d605d0 +# Parent ed9681bd4359b83145247fb6b01a56a2c84879fd diff --git a/build/moz.configure/lto-pgo.configure b/build/moz.configure/lto-pgo.configure --- a/build/moz.configure/lto-pgo.configure @@ -155,7 +155,7 @@ diff --git a/toolkit/components/terminator/nsTerminator.cpp b/toolkit/components/terminator/nsTerminator.cpp --- a/toolkit/components/terminator/nsTerminator.cpp +++ b/toolkit/components/terminator/nsTerminator.cpp -@@ -425,16 +425,21 @@ void nsTerminator::StartWatchdog() { +@@ -451,16 +451,21 @@ void nsTerminator::StartWatchdog() { // Defend against overflow crashAfterMS = INT32_MAX; } else { @@ -170,10 +170,10 @@ + crashAfterMS = INT32_MAX; + UniquePtr options(new Options()); - const PRIntervalTime ticksDuration = PR_MillisecondsToInterval(1000); + const PRIntervalTime ticksDuration = + PR_MillisecondsToInterval(HEARTBEAT_INTERVAL_MS); options->crashAfterTicks = crashAfterMS / ticksDuration; // Handle systems where ticksDuration is greater than crashAfterMS. if (options->crashAfterTicks == 0) { - options->crashAfterTicks = crashAfterMS / 1000; + options->crashAfterTicks = crashAfterMS / HEARTBEAT_INTERVAL_MS; } -