--- a/MozillaFirefox/MozillaFirefox.changes Fri Mar 22 10:02:25 2024 +0100
+++ b/MozillaFirefox/MozillaFirefox.changes Sun Apr 21 06:46:25 2024 +0200
@@ -1,4 +1,63 @@
-------------------------------------------------------------------
+Wed Apr 3 12:50:27 UTC 2024 - Martin Sirringhaus <martin.sirringhaus@suse.com>
+
+- Mozilla Firefox 124.0.2
+ https://www.mozilla.org/en-US/firefox/124.0.2/releasenotes/
+ * Fixed an issue where users with a large amount of bookmarks would
+ be unable to restore a bookmarks backup. (bmo#1884308)
+ * Fixed an issue that would cause open Firefox windows
+ to go blank or crash during video playback on sites such as
+ Netflix. (bmo#1883932)
+ * Fixed a crash that affected Linux AArch64 builds. (bmo#1866396)
+ * Fixed an issue where some users experienced difficulties loading
+ webpages due to changes made to the default AppArmor configuration
+ shipping in Ubuntu 24.04. (bmo#1884347)
+
+-------------------------------------------------------------------
+Fri Mar 22 09:53:26 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Firefox 124.0.1
+ https://www.mozilla.org/en-US/firefox/124.0.1/releasenotes/
+ MFSA 2024-15 (bsc#1221850)
+ * CVE-2024-29943 (bmo#1886849)
+ Out-of-bounds access via Range Analysis bypass
+ * CVE-2024-29944 (bmo#1886852)
+ Privileged JavaScript Execution via Event Handlers
+ Mozilla Firefox 124.0
+ https://www.mozilla.org/en-US/firefox/124.0/releasenotes/
+ MFSA 2024-12 (bsc#1221327)
+ * CVE-2024-2605 (bmo#1872920)
+ Windows Error Reporter could be used as a Sandbox escape vector
+ * CVE-2024-2606 (bmo#1879237)
+ Mishandling of WASM register values
+ * CVE-2024-2607 (bmo#1879939)
+ JIT code failed to save return registers on Armv7-A
+ * CVE-2024-2608 (bmo#1880692)
+ Integer overflow could have led to out of bounds write
+ * CVE-2023-5388 (bmo#1780432)
+ NSS susceptible to timing attack against RSA decryption
+ * CVE-2024-2609 (bmo#1866100)
+ Permission prompt input delay could expire when not in focus
+ * CVE-2024-2610 (bmo#1871112)
+ Improper handling of html and body tags enabled CSP nonce leakage
+ * CVE-2024-2611 (bmo#1876675)
+ Clickjacking vulnerability could have led to a user accidentally
+ granting permissions
+ * CVE-2024-2612 (bmo#1879444)
+ Self referencing object could have potentially led to a use-
+ after-free
+ * CVE-2024-2613 (bmo#1875701)
+ Improper handling of QUIC ACK frame data could have led to OOM
+ * CVE-2024-2614 (bmo#1685358, bmo#1861016, bmo#1880405, bmo#1881093)
+ Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9,
+ and Thunderbird 115.9
+ * CVE-2024-2615 (bmo#1881074, bmo#1881650, bmo#1882438)
+ Memory safety bugs fixed in Firefox 124
+- requires
+ NSS = 3.98
+ rust-cbindgen >= 0.26
+
+-------------------------------------------------------------------
Fri Mar 8 06:16:48 UTC 2024 - Andreas Stieger <andreas.stieger@gmx.de>
- Mozilla Firefox 123.0.1
--- a/MozillaFirefox/MozillaFirefox.spec Fri Mar 22 10:02:25 2024 +0100
+++ b/MozillaFirefox/MozillaFirefox.spec Sun Apr 21 06:46:25 2024 +0200
@@ -2,7 +2,7 @@
# spec file for package MozillaFirefox
#
# Copyright (c) 2024 SUSE LLC
-# Copyright (c) 2006-2023 Wolfgang Rosenauer <wr@rosenauer.org>
+# Copyright (c) 2006-2024 Wolfgang Rosenauer <wr@rosenauer.org>
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -28,9 +28,9 @@
# orig_suffix b3
# major 69
# mainver %%major.99
-%define major 123
-%define mainver %major.0.1
-%define orig_version 123.0.1
+%define major 124
+%define mainver %major.0.2
+%define orig_version 124.0.2
%define orig_suffix %{nil}
%define update_channel release
%define branding 1
@@ -114,7 +114,7 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.35
-BuildRequires: mozilla-nss-devel >= 3.97
+BuildRequires: mozilla-nss-devel >= 3.98
BuildRequires: nasm >= 2.14
BuildRequires: nodejs >= 12.22.12
%if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000
@@ -134,7 +134,7 @@
BuildRequires: python3-devel
%endif
%endif
-BuildRequires: rust-cbindgen >= 0.24.3
+BuildRequires: rust-cbindgen >= 0.26
BuildRequires: unzip
BuildRequires: update-desktop-files
BuildRequires: xorg-x11-libXt-devel
--- a/MozillaFirefox/tar_stamps Fri Mar 22 10:02:25 2024 +0100
+++ b/MozillaFirefox/tar_stamps Sun Apr 21 06:46:25 2024 +0200
@@ -1,10 +1,10 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="123.0.1"
+VERSION="124.0.2"
VERSION_SUFFIX=""
-PREV_VERSION="123.0"
+PREV_VERSION="124.0.1"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release"
-RELEASE_TAG="652f653a58f0acdc1413e45ab35eae68a95cd1af"
-RELEASE_TIMESTAMP="20240304104836"
+RELEASE_TAG="2718fafaf6b2e4137cff8a71794487d25057e688"
+RELEASE_TIMESTAMP="20240401114208"
--- a/mozilla-kde.patch Fri Mar 22 10:02:25 2024 +0100
+++ b/mozilla-kde.patch Sun Apr 21 06:46:25 2024 +0200
@@ -283,7 +283,7 @@
nsUnixSystemProxySettings::GetMainThreadOnly(bool* aMainThreadOnly) {
// dbus prevents us from being threadsafe, but this routine should not block
// anyhow
-@@ -391,21 +395,46 @@ nsresult nsUnixSystemProxySettings::GetP
+@@ -388,21 +392,46 @@ nsresult nsUnixSystemProxySettings::GetP
return NS_OK;
}
@@ -1255,15 +1255,15 @@
mFilters.AppendElement(filter);
mFilterNames.AppendElement(name);
-@@ -412,16 +416,39 @@ nsresult nsFilePicker::Show(nsIFilePicke
- return NS_OK;
- }
-
- NS_IMETHODIMP
+@@ -416,16 +420,39 @@ NS_IMETHODIMP
nsFilePicker::Open(nsIFilePickerShownCallback* aCallback) {
// Can't show two dialogs concurrently with the same filepicker
if (mFileChooser) return NS_ERROR_NOT_AVAILABLE;
+ if (MaybeBlockFilePicker(aCallback)) {
+ return NS_OK;
+ }
+
+ // KDE file picker is not handled via callback
+ if (nsKDEUtils::kdeSupport()) {
+ mCallback = aCallback;
@@ -1295,7 +1295,7 @@
GtkFileChooserAction action = GetGtkFileChooserAction(mMode);
const gchar* accept_button;
-@@ -703,16 +730,215 @@ void nsFilePicker::Done(void* file_choos
+@@ -707,16 +734,215 @@ void nsFilePicker::Done(void* file_choos
mCallback->Done(result);
mCallback = nullptr;
} else {
@@ -1670,13 +1670,13 @@
diff --git a/xpcom/components/moz.build b/xpcom/components/moz.build
--- a/xpcom/components/moz.build
+++ b/xpcom/components/moz.build
-@@ -66,16 +66,17 @@ LOCAL_INCLUDES += [
- "!..",
+@@ -67,16 +67,17 @@ LOCAL_INCLUDES += [
"../base",
"../build",
"../ds",
"/chrome",
"/js/xpconnect/loader",
+ "/js/xpconnect/src",
"/layout/build",
"/modules/libjar",
+ "/toolkit/xre",
--- a/mozilla-silence-no-return-type.patch Fri Mar 22 10:02:25 2024 +0100
+++ b/mozilla-silence-no-return-type.patch Sun Apr 21 06:46:25 2024 +0200
@@ -1,5 +1,5 @@
# HG changeset patch
-# Parent d1908d68e16e148fcc012caac881a03417eccc7e
+# Parent 831d03cde86aa6b8803d5ac431e2d28bf85c9289
diff --git a/gfx/skia/skia/include/codec/SkEncodedOrigin.h b/gfx/skia/skia/include/codec/SkEncodedOrigin.h
--- a/gfx/skia/skia/include/codec/SkEncodedOrigin.h
@@ -875,6 +875,28 @@
int sample_rate_hz,
int detector_rate_hz,
int num_channels)
+diff --git a/third_party/libwebrtc/modules/congestion_controller/goog_cc/goog_cc_network_control.cc b/third_party/libwebrtc/modules/congestion_controller/goog_cc/goog_cc_network_control.cc
+--- a/third_party/libwebrtc/modules/congestion_controller/goog_cc/goog_cc_network_control.cc
++++ b/third_party/libwebrtc/modules/congestion_controller/goog_cc/goog_cc_network_control.cc
+@@ -90,16 +90,18 @@ BandwidthLimitedCause GetBandwidthLimite
+ // Probes may not be sent in this state.
+ return BandwidthLimitedCause::kLossLimitedBwe;
+ case LossBasedState::kIncreasing:
+ // Probes may be sent in this state.
+ return BandwidthLimitedCause::kLossLimitedBweIncreasing;
+ case LossBasedState::kDelayBasedEstimate:
+ return BandwidthLimitedCause::kDelayBasedLimited;
+ }
++ // just return something by default
++ return BandwidthLimitedCause::kLossLimitedBwe;
+ }
+
+ } // namespace
+
+ GoogCcNetworkController::GoogCcNetworkController(NetworkControllerConfig config,
+ GoogCcConfig goog_cc_config)
+ : key_value_config_(config.key_value_config ? config.key_value_config
+ : &trial_based_config_),
diff --git a/third_party/libwebrtc/modules/desktop_capture/linux/wayland/screencast_portal.cc b/third_party/libwebrtc/modules/desktop_capture/linux/wayland/screencast_portal.cc
--- a/third_party/libwebrtc/modules/desktop_capture/linux/wayland/screencast_portal.cc
+++ b/third_party/libwebrtc/modules/desktop_capture/linux/wayland/screencast_portal.cc
@@ -957,7 +979,7 @@
diff --git a/third_party/libwebrtc/modules/rtp_rtcp/source/rtp_sender_audio.cc b/third_party/libwebrtc/modules/rtp_rtcp/source/rtp_sender_audio.cc
--- a/third_party/libwebrtc/modules/rtp_rtcp/source/rtp_sender_audio.cc
+++ b/third_party/libwebrtc/modules/rtp_rtcp/source/rtp_sender_audio.cc
-@@ -41,16 +41,17 @@ namespace {
+@@ -42,16 +42,17 @@ namespace {
case AudioFrameType::kEmptyFrame:
return "empty";
case AudioFrameType::kAudioFrameSpeech:
@@ -1020,7 +1042,7 @@
diff --git a/third_party/libwebrtc/video/adaptation/video_stream_encoder_resource_manager.cc b/third_party/libwebrtc/video/adaptation/video_stream_encoder_resource_manager.cc
--- a/third_party/libwebrtc/video/adaptation/video_stream_encoder_resource_manager.cc
+++ b/third_party/libwebrtc/video/adaptation/video_stream_encoder_resource_manager.cc
-@@ -58,16 +58,17 @@ bool IsFramerateScalingEnabled(Degradati
+@@ -59,16 +59,17 @@ bool IsFramerateScalingEnabled(Degradati
std::string ToString(VideoAdaptationReason reason) {
switch (reason) {
case VideoAdaptationReason::kQuality: