# HG changeset patch # User Wolfgang Rosenauer # Date 1615980254 -3600 # Node ID b8c834aafde27bdb303409cf36ffdc07a1792e89 # Parent 71a92b4d0527d0d553278ea42343f0fe6a75fb5e Prepare 87.0 branch based on 86.0.1 diff -r 71a92b4d0527 -r b8c834aafde2 MozillaFirefox/MozillaFirefox.changes --- a/MozillaFirefox/MozillaFirefox.changes Thu Jan 28 23:39:24 2021 +0100 +++ b/MozillaFirefox/MozillaFirefox.changes Wed Mar 17 12:24:14 2021 +0100 @@ -1,4 +1,108 @@ ------------------------------------------------------------------- +Wed Mar 17 09:18:35 UTC 2021 - Wolfgang Rosenauer + +- Mozilla Firefox 87.0 +- requires NSS 3.62 +- removed obsolete BigEndian ICU build workaround + +------------------------------------------------------------------- +Tue Mar 16 14:26:35 UTC 2021 - Martin Liška + +- Set memory limits for DWZ to 4x. + +------------------------------------------------------------------- +Sat Mar 13 08:23:06 UTC 2021 - Andreas Stieger + +- Mozilla Firefox 86.0.1 + * Fixed: Fixed an issue on Apple Silicon machines that caused + Firefox to be unresponsive after system sleep (bmo#1682713) + * Fixed: Fixed an issue causing windows to gain or lose focus + unexpectedly (bmo#1694927) + * Fixed: Fixed truncation of date and time widgets due to + incorrect width calculation (bmo#1695578) + * Fixed: Fixed an issue causing unexpected behavior with + extensions managing tab groups (bmo#1694699) + * Fixed: Fixed a frequent Linux crash on browser launch + (bmo#1694670) + +------------------------------------------------------------------- +Sun Feb 21 18:14:12 UTC 2021 - Wolfgang Rosenauer + +- Mozilla Firefox 86.0 + * requires NSS >= 3.61 + * requires rust-cbindgen >= 0.16.0 + * Firefox now supports simultaneously watching multiple videos in + Picture-in-Picture. + * Total Cookie Protection to Strict Mode + * https://www.mozilla.org/en-US/firefox/86.0/releasenotes + MSFA 2021-07 (bsc#1182614) + * CVE-2021-23969 (bmo#1542194) + Content Security Policy violation report could have contained + the destination of a redirect + * CVE-2021-23970 (bmo#1681724) + Multithreaded WASM triggered assertions validating separation + of script domains + * CVE-2021-23968 (bmo#1687342) + Content Security Policy violation report could have contained + the destination of a redirect + * CVE-2021-23974 (bmo#1528997, bmo#1683627) + noscript elements could have led to an HTML Sanitizer bypass + * CVE-2021-23971 (bmo#1678545) + A website's Referrer-Policy could have been be overridden, + potentially resulting in the full URL being sent as a Referrer + * CVE-2021-23976 (bmo#1684627) + Local spoofing of web manifests for arbitrary pages in + Firefox for Android + * CVE-2021-23977 (bmo#1684761) + Malicious application could read sensitive data from Firefox + for Android's application directories + * CVE-2021-23972 (bmo#1683536) + HTTP Auth phishing warning was omitted when a redirect is + cached + * CVE-2021-23975 (bmo#1685145) + about:memory Measure function caused an incorrect pointer + operation + * CVE-2021-23973 (bmo#1690976) + MediaError message property could have leaked information + about cross-origin resources + * CVE-2021-23978 (bmo#1682928, bmo#1687391, bmo#1687597, bmo#786797) + Memory safety bugs fixed in Firefox 86 and Firefox ESR 78.8 + * CVE-2021-23979 (bmo#1663222, bmo#1666607, bmo#1672120, bmo#1678463, + bmo#1678927, bmo#1679560, bmo#1681297, bmo#1681684, bmo#1683490, + bmo#1684377, bmo#1684902) + Memory safety bugs fixed in Firefox 86 +- updated create-tar.sh (bsc#1182357) +- removed obsolete mozilla-bmo1554971.patch +- remove buildsymbols subpackage + * we haven't done anything with it for years + * mozilla is collecting those from our debuginfo packages + * would require a local dump_syms tool + +------------------------------------------------------------------- +Wed Feb 17 18:40:41 UTC 2021 - Andreas Stieger + +- Mozilla Firefox 85.0.2 + * Fixed: Fixed a deadlock during startup (bmo#1679933) + +------------------------------------------------------------------- +Wed Feb 17 11:19:01 UTC 2021 - Michel Normand + +- Use %limit_build macros for PowerPC to avoid oom build failure + +------------------------------------------------------------------- +Tue Feb 9 09:05:26 UTC 2021 - Andreas Stieger + +- Mozilla Firefox 85.0.1 + MFSA 2021-06 (bsc#1181848) + * MOZ-2021-0001 (bmo#1676636) + Buffer overflow in depth pitch calculations for compressed + textures + * Fixed: Avoid printing an extra blank page at the end of some + documents (bmo#1689789). + * Fixed: Fixed a browser crash in case of unexpected Cache API + state (bmo#1684838). + +------------------------------------------------------------------- Sun Jan 24 11:53:58 UTC 2021 - Wolfgang Rosenauer - Mozilla Firefox 85.0 diff -r 71a92b4d0527 -r b8c834aafde2 MozillaFirefox/MozillaFirefox.spec --- a/MozillaFirefox/MozillaFirefox.spec Thu Jan 28 23:39:24 2021 +0100 +++ b/MozillaFirefox/MozillaFirefox.spec Wed Mar 17 12:24:14 2021 +0100 @@ -17,6 +17,9 @@ # +%define _dwz_low_mem_die_limit 40000000 +%define _dwz_max_die_limit 200000000 + %if 0%{?suse_version} < 1550 && 0%{?sle_version} <= 150100 #!BuildIgnore: post-build-checks %endif @@ -29,9 +32,9 @@ # orig_suffix b3 # major 69 # mainver %major.99 -%define major 85 +%define major 87 %define mainver %major.0 -%define orig_version 85.0 +%define orig_version 87.0 %define orig_suffix %{nil} %define update_channel release %define branding 1 @@ -101,7 +104,7 @@ BuildRequires: libproxy-devel BuildRequires: makeinfo BuildRequires: mozilla-nspr-devel >= 4.29 -BuildRequires: mozilla-nss-devel >= 3.60.1 +BuildRequires: mozilla-nss-devel >= 3.62 BuildRequires: nasm >= 2.14 BuildRequires: nodejs10 >= 10.22.1 %if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000 @@ -112,7 +115,7 @@ BuildRequires: python3-devel %endif BuildRequires: rust >= 1.47 -BuildRequires: rust-cbindgen >= 0.15.0 +BuildRequires: rust-cbindgen >= 0.16.0 BuildRequires: unzip BuildRequires: update-desktop-files BuildRequires: xorg-x11-libXt-devel @@ -175,7 +178,7 @@ Source11: firefox.1 Source12: mozilla-get-app-id Source13: spellcheck.js -Source14: https://github.com/openSUSE/firefox-scripts/raw/5e54f4a/create-tar.sh +Source14: https://github.com/openSUSE/firefox-scripts/raw/4503820/create-tar.sh Source15: firefox-appdata.xml Source16: %{name}.changes Source17: firefox-search-provider.ini @@ -202,7 +205,6 @@ Patch15: mozilla-bmo1504834-part1.patch Patch16: mozilla-bmo1504834-part2.patch Patch17: mozilla-bmo1504834-part3.patch -Patch18: mozilla-bmo1554971.patch Patch19: mozilla-bmo1512162.patch Patch20: mozilla-fix-top-level-asm.patch Patch21: mozilla-bmo1504834-part4.patch @@ -217,8 +219,8 @@ Patch102: firefox-branded-icons.patch %endif BuildRoot: %{_tmppath}/%{name}-%{version}-build -Requires(post): coreutils shared-mime-info desktop-file-utils -Requires(postun): shared-mime-info desktop-file-utils +Requires(post): coreutils shared-mime-info desktop-file-utils +Requires(postun):shared-mime-info desktop-file-utils Requires: %{name}-branding >= 68 %requires_ge mozilla-nspr %requires_ge mozilla-nss @@ -299,16 +301,6 @@ %description branding-upstream This package provides upstream look and feel for %{appname}. -%if %crashreporter -%package buildsymbols -Summary: Breakpad buildsymbols for %{appname} -Group: Development/Debug - -%description buildsymbols -This subpackage contains the Breakpad created and compatible debugging -symbols meant for upload to Mozilla's crash collector database. -%endif - %if !%{with only_print_mozconfig} %prep %if %localize @@ -341,7 +333,6 @@ %patch15 -p1 %patch16 -p1 %patch17 -p1 -%patch18 -p1 %patch19 -p1 %patch20 -p1 %patch21 -p1 @@ -431,7 +422,7 @@ echo "" cat << EOF %else -%ifarch aarch64 %arm +%ifarch aarch64 %arm ppc64 ppc64le %limit_build -m 2000 %endif cat << EOF > $MOZCONFIG @@ -514,16 +505,6 @@ %endif EOF %if !%{with only_print_mozconfig} -%ifarch ppc64 s390x s390 -# NOTE: Currently, system-icu is too old, so we can't build with that, -# but have to generate the .dat-file freshly. This seems to be a -# less fragile approach anyways. -# ac_add_options --with-system-icu -echo "Generate big endian version of config/external/icu/data/icud58l.dat" -./mach python intl/icu_sources_data.py . -ls -l config/external/icu/data -rm -f config/external/icu/data/icudt*l.dat -%endif ccache -s %if 0%{?do_profiling} xvfb-run --server-args="-screen 0 1920x1080x24" \ @@ -706,18 +687,6 @@ # fdupes %fdupes %{buildroot}%{progdir} %fdupes %{buildroot}%{_datadir} -# create breakpad debugsymbols -%if %crashreporter -SYMBOLS_NAME="firefox-%{version}-` echo '%{release}' | sed 's@\.[^\.]\+$@@' `.%{_arch}-%{suse_version}-symbols" -make buildsymbols \ - SYMBOL_INDEX_NAME="$SYMBOLS_NAME.txt" \ - SYMBOL_FULL_ARCHIVE_BASENAME="$SYMBOLS_NAME-full" \ - SYMBOL_ARCHIVE_BASENAME="$SYMBOLS_NAME" -if [ -e dist/*symbols.zip ]; then - mkdir -p %{buildroot}%{_datadir}/mozilla/ - cp dist/*symbols.zip %{buildroot}%{_datadir}/mozilla/ -fi -%endif %clean rm -rf %{buildroot} @@ -812,10 +781,4 @@ %defattr(-,root,root) %dir %{progdir} -%if %crashreporter -%files buildsymbols -%defattr(-,root,root) -%{_datadir}/mozilla/*.zip -%endif - %changelog diff -r 71a92b4d0527 -r b8c834aafde2 MozillaFirefox/create-tar.sh --- a/MozillaFirefox/create-tar.sh Thu Jan 28 23:39:24 2021 +0100 +++ b/MozillaFirefox/create-tar.sh Wed Mar 17 12:24:14 2021 +0100 @@ -239,9 +239,9 @@ fi if [ ! -d $PRODUCT-$VERSION ]; then echo "cloning new $BRANCH..." - hg clone http://hg.mozilla.org/$BRANCH $PRODUCT-$VERSION + hg clone https://hg.mozilla.org/$BRANCH $PRODUCT-$VERSION if [ "$PRODUCT" = "thunderbird" ]; then - hg clone http://hg.mozilla.org/releases/comm-$CHANNEL $PRODUCT-$VERSION/comm + hg clone https://hg.mozilla.org/releases/comm-$CHANNEL $PRODUCT-$VERSION/comm fi fi pushd $PRODUCT-$VERSION || exit 1 @@ -258,7 +258,7 @@ [ "$FF_RELEASE_TAG" == "default" ] || hg update -r $FF_RELEASE_TAG # get repo and source stamp REV=$(hg -R . parent --template="{node|short}\n") - SOURCE_REPO=$(hg showconfig paths.default 2>/dev/null | head -n1 | sed -e "s/^ssh:/http:/") + SOURCE_REPO=$(hg showconfig paths.default 2>/dev/null | head -n1 | sed -e "s/^ssh:/https:/") TIMESTAMP=$(date +%Y%m%d%H%M%S) if [ "$PRODUCT" = "thunderbird" ]; then @@ -308,7 +308,7 @@ hg pull popd || exit 1 else - hg clone "http://hg.mozilla.org/l10n-central/$locale" "l10n/$locale" + hg clone "https://hg.mozilla.org/l10n-central/$locale" "l10n/$locale" fi [ "$RELEASE_TAG" == "default" ] || hg -R "l10n/$locale" up -C -r "$changeset" ;; diff -r 71a92b4d0527 -r b8c834aafde2 MozillaFirefox/mozilla-bmo1554971.patch --- a/MozillaFirefox/mozilla-bmo1554971.patch Thu Jan 28 23:39:24 2021 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,1 +0,0 @@ -../mozilla-bmo1554971.patch \ No newline at end of file diff -r 71a92b4d0527 -r b8c834aafde2 MozillaFirefox/tar_stamps --- a/MozillaFirefox/tar_stamps Thu Jan 28 23:39:24 2021 +0100 +++ b/MozillaFirefox/tar_stamps Wed Mar 17 12:24:14 2021 +0100 @@ -1,11 +1,11 @@ PRODUCT="firefox" CHANNEL="release" -VERSION="85.0" +VERSION="87.0" VERSION_SUFFIX="" -PREV_VERSION="84.0.2" +PREV_VERSION="86.0.1" PREV_VERSION_SUFFIX="" #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release" -RELEASE_TAG="cd908cffd02e1563b2218d985873f958a2e2c55d" -RELEASE_TIMESTAMP="20210118153634" +RELEASE_TAG="7b73c14202a39e440f8eddd9b48ecf17b7b59eee" +RELEASE_TIMESTAMP="20210315170302" diff -r 71a92b4d0527 -r b8c834aafde2 mozilla-bmo1554971.patch --- a/mozilla-bmo1554971.patch Thu Jan 28 23:39:24 2021 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,32 +0,0 @@ -# HG changeset patch -# Parent 38d48db62539afe61d542c9d21e32d57d4b00a73 -Eliminate startup error message: -JavaScript error: , line 0: Error: Type error for platformInfo value (Error processing arch: Invalid enumeration value "s390x") for runtime.getPlatformInfo. - -Reported here: https://bugzilla.mozilla.org/show_bug.cgi?id=1554971 - -Uncertain if this is causing real problems or not. Also uncertain if the fix actually fixes anything. -No response from upstream yet. - -diff --git a/toolkit/components/extensions/schemas/runtime.json b/toolkit/components/extensions/schemas/runtime.json ---- a/toolkit/components/extensions/schemas/runtime.json -+++ b/toolkit/components/extensions/schemas/runtime.json -@@ -59,17 +59,17 @@ - "type": "string", - "allowedContexts": ["content", "devtools"], - "description": "The operating system the browser is running on.", - "enum": ["mac", "win", "android", "cros", "linux", "openbsd"] - }, - { - "id": "PlatformArch", - "type": "string", -- "enum": ["arm", "x86-32", "x86-64"], -+ "enum": ["arm", "x86-32", "x86-64", "s390x", "aarch64", "ppc64le"], - "allowedContexts": ["content", "devtools"], - "description": "The machine's processor architecture." - }, - { - "id": "PlatformInfo", - "type": "object", - "allowedContexts": ["content", "devtools"], - "description": "An object containing information about the current platform.", diff -r 71a92b4d0527 -r b8c834aafde2 mozilla-pgo.patch --- a/mozilla-pgo.patch Thu Jan 28 23:39:24 2021 +0100 +++ b/mozilla-pgo.patch Wed Mar 17 12:24:14 2021 +0100 @@ -1,6 +1,6 @@ # HG changeset patch # User Wolfgang Rosenauer -# Parent 41df71ef2798d6bd6a67cfc4c4f26b8d41b8ccca +# Parent 07b5ae8ccc4806fcc5ad74e32a2d3fb2b9d605d0 diff --git a/build/moz.configure/lto-pgo.configure b/build/moz.configure/lto-pgo.configure --- a/build/moz.configure/lto-pgo.configure @@ -114,11 +114,9 @@ diff --git a/build/unix/mozconfig.unix b/build/unix/mozconfig.unix --- a/build/unix/mozconfig.unix +++ b/build/unix/mozconfig.unix -@@ -1,16 +1,25 @@ +@@ -1,14 +1,23 @@ . "$topsrcdir/build/mozconfig.common" - TOOLTOOL_DIR=${TOOLTOOL_DIR:-$topsrcdir} - if [ -n "$FORCE_GCC" ]; then CC="$MOZ_FETCHES_DIR/gcc/bin/gcc" CXX="$MOZ_FETCHES_DIR/gcc/bin/g++" @@ -126,8 +124,8 @@ + if [ -n "$MOZ_PGO" ]; then + if [ -z "$USE_ARTIFACT" ]; then + ac_add_options --enable-lto -+ fi -+ export AR="$topsrcdir/gcc/bin/gcc-ar" ++ fi ++ export AR="$topsrcdir/gcc/bin/gcc-ar" + export NM="$topsrcdir/gcc/bin/gcc-nm" + export RANLIB="$topsrcdir/gcc/bin/gcc-ranlib" + fi @@ -135,11 +133,11 @@ # We want to make sure we use binutils and other binaries in the tooltool # package. mk_add_options "export PATH=$MOZ_FETCHES_DIR/gcc/bin:$PATH" - ac_add_options --with-clang-path=$MOZ_FETCHES_DIR/clang/bin/clang else - CC="$MOZ_FETCHES_DIR/clang/bin/clang" - CXX="$MOZ_FETCHES_DIR/clang/bin/clang++" - + # For some builds we don't want to have Clang based static-analysis activated + if [ -z "$DISABLE_CLANG_PLUGIN" ]; then + export ENABLE_CLANG_PLUGIN=1 + fi diff --git a/extensions/spellcheck/src/moz.build b/extensions/spellcheck/src/moz.build --- a/extensions/spellcheck/src/moz.build +++ b/extensions/spellcheck/src/moz.build diff -r 71a92b4d0527 -r b8c834aafde2 series --- a/series Thu Jan 28 23:39:24 2021 +0100 +++ b/series Wed Mar 17 12:24:14 2021 +0100 @@ -14,7 +14,6 @@ mozilla-bmo1504834-part1.patch mozilla-bmo1504834-part2.patch mozilla-bmo1504834-part3.patch -mozilla-bmo1554971.patch mozilla-bmo1512162.patch mozilla-fix-top-level-asm.patch mozilla-bmo1504834-part4.patch