Mercurial Mercurial > hg > mozilla / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Firefox 69 as submitted to TW firefox69
authorWolfgang Rosenauer <wr@rosenauer.org>
Mon, 09 Sep 2019 09:30:11 +0200
branchfirefox69
changeset 1107 a2aa55e10564
parent 1106 6c6375987b6c
child 1108 33b03cfb3747
Firefox 69 as submitted to TW
MozillaFirefox/MozillaFirefox.changes file | annotate | diff | comparison | revisions
MozillaFirefox/MozillaFirefox.spec file | annotate | diff | comparison | revisions
mozilla-bmo1463035.patch file | annotate | diff | comparison | revisions 
--- a/MozillaFirefox/MozillaFirefox.changes	Fri Sep 06 18:28:48 2019 +0200
+++ b/MozillaFirefox/MozillaFirefox.changes	Mon Sep 09 09:30:11 2019 +0200
@@ -12,6 +12,20 @@
   * Support for receiving multiple video codecs with this release makes
     it easier for WebRTC conferencing services to mix video from
     different clients.
+  MFSA 2019-25 (boo#1149324)
+  * CVE-2019-11741 (bmo#1539595)
+    Isolate addons.mozilla.org and accounts.firefox.com
+  * CVE-2019-5849 (bmo#1555838)
+    Out-of-bounds read in Skia
+  * CVE-2019-11737 (bmo#1388015)
+    Content security policy directives ignore port and path if host is a wildcard
+  * CVE-2019-11734 (bmo#1352875,bmo#1536227,bmo#1557208,bmo#1560641)
+    Memory safety bugs fixed in Firefox 69
+  * CVE-2019-11735 (bmo#1561404,bmo#1561484,bmo#1568047,bmo#1561912,
+    bmo#1565744,bmo#1568858,bmo#1570358)
+    Memory safety bugs fixed in Firefox 69 and Firefox ESR 68.1
+  * CVE-2019-11740 (bmo#1563133,bmo#1573160)
+    Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox ESR 60.9
 - requires
   * rust/cargo >= 1.35
   * rust-cbindgen >= 0.9.0
@@ -22,9 +36,9 @@
 Wed Sep  4 15:38:40 UTC 2019 - Wolfgang Rosenauer <wr@rosenauer.org>
 
 - added a bunch of patches mainly for big endian platforms
-  * mozilla-bmo1504834-part1.patch
-  * mozilla-bmo1504834-part2.patch
-  * mozilla-bmo1504834-part3.patch
+  * mozilla-bmo1504834-part1.patch (currently unused as it breaks LE)
+  * mozilla-bmo1504834-part2.patch (currently unused as it breaks LE)
+  * mozilla-bmo1504834-part3.patch (currently unused as it breaks LE)
   * mozilla-bmo1511604.patch
   * mozilla-bmo1554971.patch
   * mozilla-bmo1573381.patch
--- a/MozillaFirefox/MozillaFirefox.spec	Fri Sep 06 18:28:48 2019 +0200
+++ b/MozillaFirefox/MozillaFirefox.spec	Mon Sep 09 09:30:11 2019 +0200
@@ -313,9 +313,9 @@
 %patch14 -p1
 %patch15 -p1
 %patch16 -p1
-%patch17 -p1
-%patch18 -p1
-%patch19 -p1
+#%patch17 -p1
+#%patch18 -p1
+#%patch19 -p1
 %patch20 -p1
 %patch21 -p1
 %patch22 -p1
--- a/mozilla-bmo1463035.patch	Fri Sep 06 18:28:48 2019 +0200
+++ b/mozilla-bmo1463035.patch	Mon Sep 09 09:30:11 2019 +0200
@@ -3,7 +3,7 @@
 # User Mike Hommey <mh+mozilla@glandium.org>
 # Date 1526871862 -32400
 # Node ID 94f21505ff13cd089f7129cd24927cf8b31a0f43
-# Parent  fc741a5ea37dbe145e0ca5f85e5dfb100f3c9091
+# Parent  5dc1d2186f44dd6ccfc4b28b9e1ed859cffc63bb
 Bug 1463035 - Remove MOZ_SIGNAL_TRAMPOLINE. r?darchons
 
 For some reason, GNU as is not happy with the assembly generated after
@@ -36,6 +36,46 @@
      'double-conversion/double-conversion/bignum.cc',
      'double-conversion/double-conversion/cached-powers.cc',
      'double-conversion/double-conversion/diy-fp.cc',
+diff --git a/mozglue/baseprofiler/core/platform-linux-android.cpp b/mozglue/baseprofiler/core/platform-linux-android.cpp
+--- a/mozglue/baseprofiler/core/platform-linux-android.cpp
++++ b/mozglue/baseprofiler/core/platform-linux-android.cpp
+@@ -55,17 +55,16 @@
+ #ifdef __GLIBC__
+ #  include <execinfo.h>  // backtrace, backtrace_symbols
+ #endif                   // def __GLIBC__
+ #include <strings.h>     // index
+ #include <errno.h>
+ #include <stdarg.h>
+ 
+ #include "prenv.h"
+-#include "mozilla/LinuxSignal.h"
+ #include "mozilla/PodOperations.h"
+ #include "mozilla/DebugOnly.h"
+ 
+ #include <string.h>
+ #include <list>
+ 
+ using namespace mozilla;
+ 
+@@ -266,17 +265,17 @@ Sampler::Sampler(PSLockRef aLock)
+ 
+   // NOTE: We don't initialize LUL here, instead initializing it in
+   // SamplerThread's constructor. This is because with the
+   // profiler_suspend_and_sample_thread entry point, we want to be able to
+   // sample without waiting for LUL to be initialized.
+ 
+   // Request profiling signals.
+   struct sigaction sa;
+-  sa.sa_sigaction = MOZ_SIGNAL_TRAMPOLINE(SigprofHandler);
++  sa.sa_sigaction = SigprofHandler;
+   sigemptyset(&sa.sa_mask);
+   sa.sa_flags = SA_RESTART | SA_SIGINFO;
+   if (sigaction(SIGPROF, &sa, &mOldSigprofHandler) != 0) {
+     MOZ_CRASH("Error installing SIGPROF handler in the profiler");
+   }
+ }
+ 
+ void Sampler::Disable(PSLockRef aLock) {
 diff --git a/tools/profiler/core/platform-linux-android.cpp b/tools/profiler/core/platform-linux-android.cpp
 --- a/tools/profiler/core/platform-linux-android.cpp
 +++ b/tools/profiler/core/platform-linux-android.cpp
@@ -57,7 +97,7 @@
  
  using namespace mozilla;
  
-@@ -248,17 +247,17 @@ Sampler::Sampler(PSLockRef aLock)
+@@ -257,17 +256,17 @@ Sampler::Sampler(PSLockRef aLock)
  
    // NOTE: We don't initialize LUL here, instead initializing it in
    // SamplerThread's constructor. This is because with the
mozilla