# HG changeset patch # User Wolfgang Rosenauer # Date 1587384728 -7200 # Node ID f890ebd6b62775fa15093563b53bea362031b503 # Parent 7fa561e5d7c7ef107a33b3fca4928e76e6933fd0 Firefox 75.0 diff -r 7fa561e5d7c7 -r f890ebd6b627 MozillaFirefox/MozillaFirefox.changes --- a/MozillaFirefox/MozillaFirefox.changes Mon Mar 30 21:49:01 2020 +0200 +++ b/MozillaFirefox/MozillaFirefox.changes Mon Apr 20 14:12:08 2020 +0200 @@ -1,4 +1,49 @@ ------------------------------------------------------------------- +Tue Apr 7 12:18:27 UTC 2020 - Wolfgang Rosenauer + +- Mozilla Firefox 75.0 + * https://www.mozilla.org/en-US/firefox/75.0/releasenotes + MFSA 2020-12 (bsc#1168874) + * CVE-2020-6821 (bmo#1625404) + Uninitialized memory could be read when using the WebGL + copyTexSubImage method + * CVE-2020-6822 (bmo#1544181) + Out of bounds write in GMPDecodeData when processing large images + * CVE-2020-6823 (bmo#1614919) + Malicious Extension could obtain auth codes from OAuth login flows + * CVE-2020-6824 (bmo#1621853) + Generated passwords may be identical on the same site between + separate private browsing sessions + * CVE-2020-6825 (bmo#1572541,bmo#1620193,bmo#1620203) + Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7 + * CVE-2020-6826 (bmo#1613009,bmo#1613195,bmo#1616734,bmo#1617488, + bmo#1619229,bmo#1620719,bmo#1624897) + Memory safety bugs fixed in Firefox 75 +- removed obsolete patch + mozilla-bmo1609538.patch +- requires + * rust >= 1.41 + * rust-cbindgen >= 0.13.1 + * mozilla-nss >= 3.51 + * nodejs10 >= 10.19 +- fix build issue in libvpx for i586 via mozilla-bmo1622013.patch + +------------------------------------------------------------------- +Mon Apr 6 11:19:24 UTC 2020 - Michel Normand + +- increase _constraints memory for ppc64le + +------------------------------------------------------------------- +Fri Apr 3 15:23:28 UTC 2020 - Wolfgang Rosenauer + +- Mozilla Firefox 74.0.1 + MFSA 2020-11 (boo#1168630) + * CVE-2020-6819 (bmo#1620818) + Use-after-free while running the nsDocShell destructor + * CVE-2020-6820 (bmo#1626728) + Use-after-free when handling a ReadableStream + +------------------------------------------------------------------- Wed Mar 25 07:30:39 UTC 2020 - Marcus Meissner - mozilla-sandbox-fips.patch: allow /proc/sys/crypto/fips_enabled diff -r 7fa561e5d7c7 -r f890ebd6b627 MozillaFirefox/MozillaFirefox.spec --- a/MozillaFirefox/MozillaFirefox.spec Mon Mar 30 21:49:01 2020 +0200 +++ b/MozillaFirefox/MozillaFirefox.spec Mon Apr 20 14:12:08 2020 +0200 @@ -18,9 +18,9 @@ # changed with every update -%define major 74 +%define major 75 %define mainver %major.0 -%define orig_version 74.0 +%define orig_version 75.0 %define orig_suffix %{nil} %define update_channel release %define branding 1 @@ -75,7 +75,7 @@ %else BuildRequires: gcc-c++ %endif -BuildRequires: cargo >= 1.39 +BuildRequires: cargo >= 1.41 BuildRequires: libXcomposite-devel BuildRequires: libcurl-devel BuildRequires: libidl-devel @@ -84,14 +84,14 @@ BuildRequires: libproxy-devel BuildRequires: makeinfo BuildRequires: mozilla-nspr-devel >= 4.25 -BuildRequires: mozilla-nss-devel >= 3.50 +BuildRequires: mozilla-nss-devel >= 3.51 BuildRequires: nasm >= 2.13 -BuildRequires: nodejs8 >= 8.11 +BuildRequires: nodejs10 >= 10.19.0 BuildRequires: python-devel BuildRequires: python2-xml BuildRequires: python3 >= 3.5 -BuildRequires: rust >= 1.39 -BuildRequires: rust-cbindgen >= 0.13.0 +BuildRequires: rust >= 1.41 +BuildRequires: rust-cbindgen >= 0.13.1 BuildRequires: startup-notification-devel BuildRequires: unzip BuildRequires: update-desktop-files @@ -186,7 +186,7 @@ Patch20: mozilla-fix-top-level-asm.patch Patch21: mozilla-bmo1504834-part4.patch Patch22: mozilla-bmo849632.patch -Patch23: mozilla-bmo1609538.patch +Patch23: mozilla-bmo1622013.patch # Firefox/browser Patch101: firefox-kde.patch Patch102: firefox-branded-icons.patch diff -r 7fa561e5d7c7 -r f890ebd6b627 MozillaFirefox/_constraints --- a/MozillaFirefox/_constraints Mon Mar 30 21:49:01 2020 +0200 +++ b/MozillaFirefox/_constraints Mon Apr 20 14:12:08 2020 +0200 @@ -42,4 +42,17 @@ + + + ppc64le + + + + 25 + + + 10 + + + diff -r 7fa561e5d7c7 -r f890ebd6b627 MozillaFirefox/mozilla-bmo1609538.patch --- a/MozillaFirefox/mozilla-bmo1609538.patch Mon Mar 30 21:49:01 2020 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,1 +0,0 @@ -../mozilla-bmo1609538.patch \ No newline at end of file diff -r 7fa561e5d7c7 -r f890ebd6b627 MozillaFirefox/mozilla-bmo1622013.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/MozillaFirefox/mozilla-bmo1622013.patch Mon Apr 20 14:12:08 2020 +0200 @@ -0,0 +1,1 @@ +../mozilla-bmo1622013.patch \ No newline at end of file diff -r 7fa561e5d7c7 -r f890ebd6b627 MozillaFirefox/tar_stamps --- a/MozillaFirefox/tar_stamps Mon Mar 30 21:49:01 2020 +0200 +++ b/MozillaFirefox/tar_stamps Mon Apr 20 14:12:08 2020 +0200 @@ -1,11 +1,11 @@ PRODUCT="firefox" CHANNEL="release" -VERSION="74.0" +VERSION="75.0" VERSION_SUFFIX="" -PREV_VERSION="73.0.1" +PREV_VERSION="75.0" PREV_VERSION_SUFFIX="" #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release" -RELEASE_TAG="c6e493873ba543907dadabb42b64208a3679d43d" -RELEASE_TIMESTAMP="20200309095159" +RELEASE_TAG="6200ca9b300670ec069cdbf6e4f05e6a0bca46f1" +RELEASE_TIMESTAMP="20200403170909" diff -r 7fa561e5d7c7 -r f890ebd6b627 mozilla-bmo1568145.patch --- a/mozilla-bmo1568145.patch Mon Mar 30 21:49:01 2020 +0200 +++ b/mozilla-bmo1568145.patch Mon Apr 20 14:12:08 2020 +0200 @@ -11,7 +11,7 @@ --- a/python/mozbuild/mozbuild/action/langpack_manifest.py +++ b/python/mozbuild/mozbuild/action/langpack_manifest.py @@ -11,16 +11,17 @@ - from __future__ import absolute_import, print_function + from __future__ import absolute_import, print_function, unicode_literals import argparse import sys diff -r 7fa561e5d7c7 -r f890ebd6b627 mozilla-bmo1609538.patch --- a/mozilla-bmo1609538.patch Mon Mar 30 21:49:01 2020 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,191 +0,0 @@ -# HG changeset patch -# Parent 047fa9d20b78759029e87c48f0d64f819e889e4c - -diff --git a/widget/gtk/mozcontainer.cpp b/widget/gtk/mozcontainer.cpp ---- a/widget/gtk/mozcontainer.cpp -+++ b/widget/gtk/mozcontainer.cpp -@@ -159,23 +159,25 @@ void moz_container_move(MozContainer* co - - // Wayland subsurface is not created yet. - if (!container->subsurface) { - return; - } - - // wl_subsurface_set_position is actually property of parent surface - // which is effective when parent surface is commited. -- wl_surface* parent_surface = -- moz_gtk_widget_get_wl_surface(GTK_WIDGET(container)); -- if (parent_surface) { -- wl_subsurface_set_position(container->subsurface, container->subsurface_dx, -- container->subsurface_dy); -- wl_surface_commit(parent_surface); -- container->surface_position_needs_update = false; -+ wl_subsurface_set_position(container->subsurface, container->subsurface_dx, -+ container->subsurface_dy); -+ container->surface_position_needs_update = false; -+ -+ GdkWindow* window = gtk_widget_get_window(GTK_WIDGET(container)); -+ if (window) { -+ GdkRectangle rect = (GdkRectangle){0, 0, gdk_window_get_width(window), -+ gdk_window_get_height(window)}; -+ gdk_window_invalidate_rect(window, &rect, false); - } - } - - // This is called from layout/compositor code only with - // size equal to GL rendering context. Otherwise there are - // rendering artifacts as wl_egl_window size does not match - // GL rendering pipeline setup. - void moz_container_egl_window_set_size(MozContainer* container, int width, -@@ -217,16 +219,17 @@ void moz_container_init(MozContainer* co - container->subsurface = nullptr; - container->eglwindow = nullptr; - container->frame_callback_handler = nullptr; - container->frame_callback_handler_surface_id = -1; - // We can draw to x11 window any time. - container->ready_to_draw = gfxPlatformGtk::GetPlatform()->IsX11Display(); - container->opaque_region_needs_update = false; - container->opaque_region_subtract_corners = false; -+ container->opaque_region_fullscreen = false; - container->surface_needs_clear = true; - container->subsurface_dx = 0; - container->subsurface_dy = 0; - container->surface_position_needs_update = 0; - container->initial_draw_cbs.clear(); - #endif - - LOG(("%s [%p]\n", __FUNCTION__, (void*)container)); -@@ -569,22 +572,26 @@ static void moz_container_add(GtkContain - moz_container_put(MOZ_CONTAINER(container), widget, 0, 0); - } - - #ifdef MOZ_WAYLAND - static void moz_container_set_opaque_region(MozContainer* container) { - GtkAllocation allocation; - gtk_widget_get_allocation(GTK_WIDGET(container), &allocation); - -- // Set region to mozcontainer which does not have any offset -- wl_region* region = -- CreateOpaqueRegionWayland(0, 0, allocation.width, allocation.height, -- container->opaque_region_subtract_corners); -- wl_surface_set_opaque_region(container->surface, region); -- wl_region_destroy(region); -+ // Set region to mozcontainer for normal state only -+ if (!container->opaque_region_fullscreen) { -+ wl_region* region = -+ CreateOpaqueRegionWayland(0, 0, allocation.width, allocation.height, -+ container->opaque_region_subtract_corners); -+ wl_surface_set_opaque_region(container->surface, region); -+ wl_region_destroy(region); -+ } else { -+ wl_surface_set_opaque_region(container->surface, nullptr); -+ } - } - - struct wl_surface* moz_container_get_wl_surface(MozContainer* container) { - LOGWAYLAND(("%s [%p] surface %p ready_to_draw %d\n", __FUNCTION__, - (void*)container, (void*)container->surface, - container->ready_to_draw)); - - if (!container->surface) { -@@ -670,17 +677,19 @@ gboolean moz_container_has_wl_egl_window - - gboolean moz_container_surface_needs_clear(MozContainer* container) { - int ret = container->surface_needs_clear; - container->surface_needs_clear = false; - return ret; - } - - void moz_container_update_opaque_region(MozContainer* container, -- bool aSubtractCorners) { -+ bool aSubtractCorners, -+ bool aFullScreen) { - container->opaque_region_needs_update = true; - container->opaque_region_subtract_corners = aSubtractCorners; -+ container->opaque_region_fullscreen = aFullScreen; - } - #endif - - void moz_container_force_default_visual(MozContainer* container) { - container->force_default_visual = true; - } -diff --git a/widget/gtk/mozcontainer.h b/widget/gtk/mozcontainer.h ---- a/widget/gtk/mozcontainer.h -+++ b/widget/gtk/mozcontainer.h -@@ -77,16 +77,17 @@ struct _MozContainer { - struct wl_surface* surface; - struct wl_subsurface* subsurface; - int subsurface_dx, subsurface_dy; - struct wl_egl_window* eglwindow; - struct wl_callback* frame_callback_handler; - int frame_callback_handler_surface_id; - gboolean opaque_region_needs_update; - gboolean opaque_region_subtract_corners; -+ gboolean opaque_region_fullscreen; - gboolean surface_position_needs_update; - gboolean surface_needs_clear; - gboolean ready_to_draw; - std::vector> initial_draw_cbs; - #endif - gboolean force_default_visual; - }; - -@@ -112,12 +113,13 @@ void moz_container_move_resize(MozContai - void moz_container_egl_window_set_size(MozContainer* container, int width, - int height); - void moz_container_scale_changed(MozContainer* container, - GtkAllocation* aAllocation); - void moz_container_add_initial_draw_callback( - MozContainer* container, const std::function& initial_draw_cb); - wl_surface* moz_gtk_widget_get_wl_surface(GtkWidget* aWidget); - void moz_container_update_opaque_region(MozContainer* container, -- bool aSubtractCorners); -+ bool aSubtractCorners, -+ bool aFullScreen); - #endif - - #endif /* __MOZ_CONTAINER_H__ */ -diff --git a/widget/gtk/nsWindow.cpp b/widget/gtk/nsWindow.cpp ---- a/widget/gtk/nsWindow.cpp -+++ b/widget/gtk/nsWindow.cpp -@@ -4860,27 +4860,34 @@ void nsWindow::UpdateTopLevelOpaqueRegio - int width = DevicePixelsToGdkCoordRoundDown(mBounds.width); - int height = DevicePixelsToGdkCoordRoundDown(mBounds.height); - - GdkRectangle rect = {x, y, width, height}; - if (!mToplevelOpaqueRegionState.NeedsUpdate(rect, aSubtractCorners)) { - return; - } - -- wl_region* region = -- CreateOpaqueRegionWayland(x, y, width, height, aSubtractCorners); -- wl_surface_set_opaque_region(surface, region); -- wl_region_destroy(region); -- -+ // Set opaque region to toplevel window only in fullscreen mode. -+ bool fullScreen = mSizeState != nsSizeMode_Normal && !mIsTiled; -+ if (fullScreen) { -+ wl_region* region = -+ CreateOpaqueRegionWayland(x, y, width, height, aSubtractCorners); -+ wl_surface_set_opaque_region(surface, region); -+ wl_region_destroy(region); -+ } else { -+ wl_surface_set_opaque_region(surface, nullptr); -+ } -+ -+ // TODO -> create a function for it - GdkWindow* window = gtk_widget_get_window(mShell); - if (window) { - gdk_window_invalidate_rect(window, &rect, false); - } - -- moz_container_update_opaque_region(mContainer, aSubtractCorners); -+ moz_container_update_opaque_region(mContainer, aSubtractCorners, fullScreen); - } - #endif - - static void GdkWindowSetOpaqueRegion(GdkWindow* aGdkWindow, - cairo_region_t* aRegion) { - // Available as of GTK 3.10+ - static auto sGdkWindowSetOpaqueRegion = - (void (*)(GdkWindow*, cairo_region_t*))dlsym( diff -r 7fa561e5d7c7 -r f890ebd6b627 mozilla-bmo1622013.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/mozilla-bmo1622013.patch Mon Apr 20 14:12:08 2020 +0200 @@ -0,0 +1,28 @@ +From be45ba20c33a8a247115e79fd4c1f3295d652ba3 Mon Sep 17 00:00:00 2001 +From: Jan Beich +Date: Mon, 23 Mar 2020 08:20:22 +0000 +Subject: [PATCH] Bug 1622013 - Build *_mmx.c files with -mmmx in bundled libvpx. + +diff --git a/media/libvpx/moz.build b/media/libvpx/moz.build +index f3845941fe4de..47853d43408b7 100644 +--- a/media/libvpx/moz.build ++++ b/media/libvpx/moz.build +@@ -97,16 +97,18 @@ if CONFIG['OS_TARGET'] == 'Android': + DEFINES['__linux__'] = True + + SOURCES += [ + '%%%s/sources/android/cpufeatures/cpu-features.c' % CONFIG['ANDROID_NDK'], + ] + + for f in SOURCES: + if f.endswith('.c'): ++ if 'mmx.c' in f: ++ SOURCES[f].flags += ['-mmmx'] + if 'sse2.c' in f: + SOURCES[f].flags += CONFIG['SSE2_FLAGS'] + if 'ssse3.c' in f: + SOURCES[f].flags += ['-mssse3'] + if 'sse4.c' in f: + SOURCES[f].flags += ['-msse4.1'] + if 'avx.c' in f: + SOURCES[f].flags += ['-mavx'] diff -r 7fa561e5d7c7 -r f890ebd6b627 mozilla-kde.patch --- a/mozilla-kde.patch Mon Mar 30 21:49:01 2020 +0200 +++ b/mozilla-kde.patch Mon Apr 20 14:12:08 2020 +0200 @@ -3,7 +3,7 @@ # Date 1559294891 -7200 # Fri May 31 11:28:11 2019 +0200 # Node ID c2aa7198fb925e7fde96abf65b6f68b9b755f112 -# Parent d942febc5733911d795d1cec027fb4f3c0a6e53b +# Parent fbac8545cf6f461803505c2d1f57531798dee96a Description: Add KDE integration to Firefox (toolkit parts) Author: Wolfgang Rosenauer Author: Lubos Lunak @@ -13,7 +13,7 @@ diff --git a/modules/libpref/Preferences.cpp b/modules/libpref/Preferences.cpp --- a/modules/libpref/Preferences.cpp +++ b/modules/libpref/Preferences.cpp -@@ -84,16 +84,17 @@ +@@ -83,16 +83,17 @@ #include "nsXPCOM.h" #include "nsXULAppAPI.h" #include "nsZipArchive.h" @@ -31,7 +31,7 @@ #ifdef MOZ_MEMORY # include "mozmemory.h" #endif -@@ -4539,25 +4540,37 @@ nsresult Preferences::InitInitialObjects +@@ -4535,25 +4536,37 @@ nsresult Preferences::InitInitialObjects // application pref files for backwards compatibility. static const char* specialFiles[] = { #if defined(XP_MACOSX) @@ -69,7 +69,7 @@ // Load jar:$app/omni.jar!/defaults/preferences/*.js // or jar:$gre/omni.jar!/defaults/preferences/*.js. -@@ -4603,17 +4616,17 @@ nsresult Preferences::InitInitialObjects +@@ -4599,17 +4612,17 @@ nsresult Preferences::InitInitialObjects } nsCOMPtr path = do_QueryInterface(elem); @@ -800,7 +800,7 @@ using mozilla::dom::RemoteHandlerApp; namespace { -@@ -288,17 +288,17 @@ mozilla::ipc::IPCResult HandlerServicePa +@@ -294,17 +294,17 @@ mozilla::ipc::IPCResult HandlerServicePa mozilla::ipc::IPCResult HandlerServiceParent::RecvExistsForProtocolOS( const nsCString& aProtocolScheme, bool* aHandlerExists) { if (aProtocolScheme.Length() > MAX_SCHEME_LENGTH) { @@ -819,7 +819,7 @@ /* * Check if a handler exists for the provided protocol. Check the datastore -@@ -317,17 +317,17 @@ mozilla::ipc::IPCResult HandlerServicePa +@@ -323,17 +323,17 @@ mozilla::ipc::IPCResult HandlerServicePa nsCOMPtr protoSvc = do_GetService(NS_EXTERNALPROTOCOLSERVICE_CONTRACTID, &rv); if (NS_WARN_IF(NS_FAILED(rv))) { @@ -1295,7 +1295,7 @@ diff --git a/widget/gtk/moz.build b/widget/gtk/moz.build --- a/widget/gtk/moz.build +++ b/widget/gtk/moz.build -@@ -128,16 +128,17 @@ include('/ipc/chromium/chromium-config.m +@@ -129,16 +129,17 @@ include('/ipc/chromium/chromium-config.m FINAL_LIBRARY = 'xul' @@ -1404,15 +1404,15 @@ + return NS_OK; + } + - nsCString title; - title.Adopt(ToNewUTF8String(mTitle)); + NS_ConvertUTF16toUTF8 title(mTitle); GtkWindow* parent_widget = GTK_WINDOW(mParentWidget->GetNativeData(NS_NATIVE_SHELLWIDGET)); GtkFileChooserAction action = GetGtkFileChooserAction(mMode); -@@ -572,16 +599,240 @@ void nsFilePicker::Done(void* file_choos + const gchar* accept_button; +@@ -571,16 +598,240 @@ void nsFilePicker::Done(void* file_choos mCallback->Done(result); mCallback = nullptr; } else { @@ -1852,7 +1852,7 @@ # include "prmem.h" # include "plbase64.h" -@@ -1904,62 +1905,77 @@ nsLocalFile::SetPersistentDescriptor(con +@@ -1907,62 +1908,77 @@ nsLocalFile::SetPersistentDescriptor(con NS_IMETHODIMP nsLocalFile::Reveal() { diff -r 7fa561e5d7c7 -r f890ebd6b627 series --- a/series Mon Mar 30 21:49:01 2020 +0200 +++ b/series Mon Apr 20 14:12:08 2020 +0200 @@ -21,7 +21,7 @@ mozilla-fix-top-level-asm.patch mozilla-bmo1504834-part4.patch mozilla-bmo849632.patch -mozilla-bmo1609538.patch +mozilla-bmo1622013.patch # Firefox patches firefox-kde.patch