Firefox 87.0 firefox87 tip
authorWolfgang Rosenauer <wr@rosenauer.org>
Sat, 27 Mar 2021 21:45:50 +0100
branchfirefox87
changeset 1156 c3d884659acf
parent 1155 b8c834aafde2
Firefox 87.0
MozillaFirefox/MozillaFirefox.changes
MozillaFirefox/MozillaFirefox.spec
MozillaFirefox/tar_stamps
firefox-kde.patch
mozilla-kde.patch
--- a/MozillaFirefox/MozillaFirefox.changes	Wed Mar 17 12:24:14 2021 +0100
+++ b/MozillaFirefox/MozillaFirefox.changes	Sat Mar 27 21:45:50 2021 +0100
@@ -1,9 +1,41 @@
 -------------------------------------------------------------------
-Wed Mar 17 09:18:35 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+Sat Mar 27 10:40:46 UTC 2021 - Manfred Hollstein <manfred.h@gmx.net>
+
+- Switch to clang_build globally; just on TW/x86_64 it does not work
+  due to unreolved externals `__rust_probestack' - disable clang_build
+  then.
+- useccache: Add conditionals to enable/disable ccache.
+
+-------------------------------------------------------------------
+Tue Mar 23 16:42:19 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
 
 - Mozilla Firefox 87.0
-- requires NSS 3.62
-- removed obsolete BigEndian ICU build workaround
+  * requires NSS 3.62
+  * removed obsolete BigEndian ICU build workaround
+  * rebased patches
+  MFSA 2021-10 (bsc#1183942)
+  * CVE-2021-23981 (bmo#1692832)
+    Texture upload into an unbound backing buffer resulted in an
+    out-of-bound read
+  * CVE-2021-23982 (bmo#1677046)
+    Internal network hosts could have been probed by a malicious
+    webpage
+  * CVE-2021-23983 (bmo#1692684)
+    Transitions for invalid ::marker properties resulted in memory
+    corruption
+  * CVE-2021-23984 (bmo#1693664)
+    Malicious extensions could have spoofed popup information
+  * CVE-2021-23985 (bmo#1659129)
+    Devtools remote debugging feature could have been enabled
+    without indication to the user
+  * CVE-2021-23986 (bmo#1692623)
+    A malicious extension could have performed credential-less
+    same origin policy violations
+  * CVE-2021-23987 (bmo#1513519, bmo#1683439, bmo#1690169,
+    bmo#1690718)
+    Memory safety bugs fixed in Firefox 87 and Firefox ESR 78.9
+  * CVE-2021-23988 (bmo#1684994, bmo#1686653)
+    Memory safety bugs fixed in Firefox 87
 
 -------------------------------------------------------------------
 Tue Mar 16 14:26:35 UTC 2021 - Martin Liška <mliska@suse.cz>
--- a/MozillaFirefox/MozillaFirefox.spec	Wed Mar 17 12:24:14 2021 +0100
+++ b/MozillaFirefox/MozillaFirefox.spec	Sat Mar 27 21:45:50 2021 +0100
@@ -44,13 +44,23 @@
 %define do_profiling   0
 
 # upstream default is clang (to use gcc for large parts set to 0)
-%define clang_build 0
+%define clang_build    1
+%if 0%{?is_opensuse} && 0%{?suse_version} >= 1550
+%ifarch x86_64
+# on Tumbleweed/x86_64 this does not work due to undefined
+#  references to `__rust_probestack'
+%define clang_build    0
+%endif
+%endif
 
 # PIE, full relro
 %define build_hardened 1
 
 %bcond_with only_print_mozconfig
 
+# define if ccache should be used or not
+%define useccache     1
+
 # Firefox only supports i686
 %ifarch %ix86
 ExclusiveArch:  i586 i686
@@ -96,7 +106,9 @@
 BuildRequires:  gcc-c++
 %endif
 BuildRequires:  cargo >= 1.47
+%if 0%{useccache} != 0
 BuildRequires:  ccache
+%endif
 BuildRequires:  libXcomposite-devel
 BuildRequires:  libcurl-devel
 BuildRequires:  libidl-devel
@@ -455,7 +467,9 @@
 #%endif
 ac_add_options --with-system-nspr
 ac_add_options --with-system-nss
+%if 0%{useccache} != 0
 ac_add_options --with-ccache
+%endif
 %if %{localize}
 ac_add_options --with-l10n-base=$RPM_BUILD_DIR/l10n
 %endif
@@ -505,7 +519,9 @@
 %endif
 EOF
 %if !%{with only_print_mozconfig}
+%if 0%{useccache} != 0
 ccache -s
+%endif
 %if 0%{?do_profiling}
 xvfb-run --server-args="-screen 0 1920x1080x24" \
 %endif
@@ -560,8 +576,10 @@
 ' -- {}
 %endif
 
+%if 0%{useccache} != 0
 ccache -s
 %endif
+%endif
 
 %install
 cd $RPM_BUILD_DIR/obj
--- a/MozillaFirefox/tar_stamps	Wed Mar 17 12:24:14 2021 +0100
+++ b/MozillaFirefox/tar_stamps	Sat Mar 27 21:45:50 2021 +0100
@@ -7,5 +7,5 @@
 #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
 
 RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release"
-RELEASE_TAG="7b73c14202a39e440f8eddd9b48ecf17b7b59eee"
-RELEASE_TIMESTAMP="20210315170302"
+RELEASE_TAG="bb9bf7e886787222b18094a4723949a29b4d329a"
+RELEASE_TIMESTAMP="20210318103112"
--- a/firefox-kde.patch	Wed Mar 17 12:24:14 2021 +0100
+++ b/firefox-kde.patch	Sat Mar 27 21:45:50 2021 +0100
@@ -3,7 +3,7 @@
 # Date 1559300151 -7200
 #      Fri May 31 12:55:51 2019 +0200
 # Node ID 54d41b0033b8d649d842a1f862c6fed8b9874dec
-# Parent  8310cc1a162e9dd066a20f6a3bbd271993b67fc6
+# Parent  856ef9c699423b1cd35e4df8745e78c409c8dbae
 How to apply this patch:
 1. Import and apply it
 2. cp browser/base/content/browser.xul browser/base/content/browser-kde.xul
@@ -14,7 +14,7 @@
 diff --git a/browser/components/preferences/main.js b/browser/components/preferences/main.js
 --- a/browser/components/preferences/main.js
 +++ b/browser/components/preferences/main.js
-@@ -347,16 +347,23 @@ var gMainPane = {
+@@ -338,16 +338,23 @@ var gMainPane = {
          }, backoffTimes[this._backoffIndex + 1 < backoffTimes.length ? this._backoffIndex++ : backoffTimes.length - 1]);
        };
  
@@ -38,7 +38,7 @@
      );
      let performanceSettingsUrl =
        Services.urlFormatter.formatURLPref("app.support.baseURL") +
-@@ -1326,16 +1333,27 @@ var gMainPane = {
+@@ -1313,16 +1320,27 @@ var gMainPane = {
        this._backoffIndex = 0;
  
        let shellSvc = getShellService();
@@ -63,9 +63,9 @@
          return;
        }
  
-       let selectedIndex = shellSvc.isDefaultBrowser(false, true) ? 1 : 0;
-       document.getElementById("setDefaultPane").selectedIndex = selectedIndex;
-     }
+       let isDefault = shellSvc.isDefaultBrowser(false, true);
+       let setDefaultPane = document.getElementById("setDefaultPane");
+       setDefaultPane.classList.toggle("is-default", isDefault);
 diff --git a/browser/components/shell/moz.build b/browser/components/shell/moz.build
 --- a/browser/components/shell/moz.build
 +++ b/browser/components/shell/moz.build
--- a/mozilla-kde.patch	Wed Mar 17 12:24:14 2021 +0100
+++ b/mozilla-kde.patch	Sat Mar 27 21:45:50 2021 +0100
@@ -3,7 +3,7 @@
 # Date 1559294891 -7200
 #      Fri May 31 11:28:11 2019 +0200
 # Node ID c2aa7198fb925e7fde96abf65b6f68b9b755f112
-# Parent  4b9aa59b15c3247d263cc32804786b3a6bff7912
+# Parent  929fbcb071c2e1ff551c73e8c364e9c1f4495171
 Description: Add KDE integration to Firefox (toolkit parts)
 Author: Wolfgang Rosenauer <wolfgang@rosenauer.org>
 Author: Lubos Lunak <lunak@suse.com>
@@ -13,15 +13,15 @@
 diff --git a/modules/libpref/Preferences.cpp b/modules/libpref/Preferences.cpp
 --- a/modules/libpref/Preferences.cpp
 +++ b/modules/libpref/Preferences.cpp
-@@ -82,16 +82,17 @@
- #include "nsXPCOM.h"
- #include "nsXULAppAPI.h"
- #include "nsZipArchive.h"
+@@ -84,16 +84,17 @@
  #include "plbase64.h"
  #include "PLDHashTable.h"
  #include "plstr.h"
  #include "prlink.h"
  #include "xpcpublic.h"
+ #ifdef MOZ_BACKGROUNDTASKS
+ #  include "mozilla/BackgroundTasks.h"
+ #endif
 +#include "nsKDEUtils.h"
  
  #ifdef DEBUG
@@ -31,7 +31,7 @@
  #ifdef MOZ_MEMORY
  #  include "mozmemory.h"
  #endif
-@@ -4459,25 +4460,37 @@ nsresult Preferences::InitInitialObjects
+@@ -4573,25 +4574,37 @@ nsresult Preferences::InitInitialObjects
    // application pref files for backwards compatibility.
    static const char* specialFiles[] = {
  #if defined(XP_MACOSX)
@@ -69,7 +69,7 @@
  
    // Load jar:$app/omni.jar!/defaults/preferences/*.js
    // or jar:$gre/omni.jar!/defaults/preferences/*.js.
-@@ -4523,17 +4536,17 @@ nsresult Preferences::InitInitialObjects
+@@ -4656,17 +4669,17 @@ nsresult Preferences::InitInitialObjects
        }
  
        nsCOMPtr<nsIFile> path = do_QueryInterface(elem);
@@ -91,7 +91,7 @@
 diff --git a/modules/libpref/moz.build b/modules/libpref/moz.build
 --- a/modules/libpref/moz.build
 +++ b/modules/libpref/moz.build
-@@ -116,16 +116,20 @@ EXPORTS.mozilla += [
+@@ -117,16 +117,20 @@ EXPORTS.mozilla += [
  ]
  EXPORTS.mozilla += sorted(["!" + g for g in gen_h])
  
@@ -115,8 +115,7 @@
 diff --git a/python/mozbuild/mozpack/chrome/flags.py b/python/mozbuild/mozpack/chrome/flags.py
 --- a/python/mozbuild/mozpack/chrome/flags.py
 +++ b/python/mozbuild/mozpack/chrome/flags.py
-@@ -228,16 +228,17 @@ class Flags(OrderedDict):
-         "contentaccessible": Flag,
+@@ -229,16 +229,17 @@ class Flags(OrderedDict):
          "os": StringFlag,
          "osversion": VersionFlag,
          "abi": StringFlag,
@@ -124,7 +123,8 @@
          "xpcnativewrappers": Flag,
          "tablet": Flag,
          "process": StringFlag,
-+	"desktop": StringFlag,
+         "backgroundtask": StringFlag,
++        "desktop": StringFlag,
      }
      RE = re.compile(r"([!<>=]+)")
  
@@ -136,8 +136,7 @@
 diff --git a/python/mozbuild/mozpack/chrome/manifest.py b/python/mozbuild/mozpack/chrome/manifest.py
 --- a/python/mozbuild/mozpack/chrome/manifest.py
 +++ b/python/mozbuild/mozpack/chrome/manifest.py
-@@ -38,16 +38,17 @@ class ManifestEntry(object):
-         "platformversion",
+@@ -39,16 +39,17 @@ class ManifestEntry(object):
          "os",
          "osversion",
          "abi",
@@ -145,6 +144,7 @@
          "tablet",
          "process",
          "contentaccessible",
+         "backgroundtask",
 +        "desktop",
      ]
  
@@ -175,7 +175,7 @@
 diff --git a/toolkit/mozapps/downloads/HelperAppDlg.jsm b/toolkit/mozapps/downloads/HelperAppDlg.jsm
 --- a/toolkit/mozapps/downloads/HelperAppDlg.jsm
 +++ b/toolkit/mozapps/downloads/HelperAppDlg.jsm
-@@ -1243,36 +1243,66 @@ nsUnknownContentTypeDialog.prototype = {
+@@ -1231,36 +1231,66 @@ nsUnknownContentTypeDialog.prototype = {
          params.handlerApp &&
          params.handlerApp.executable &&
          params.handlerApp.executable.isFile()
@@ -356,7 +356,7 @@
 diff --git a/toolkit/xre/moz.build b/toolkit/xre/moz.build
 --- a/toolkit/xre/moz.build
 +++ b/toolkit/xre/moz.build
-@@ -91,17 +91,19 @@ elif CONFIG["MOZ_WIDGET_TOOLKIT"] == "co
+@@ -92,17 +92,19 @@ elif CONFIG["MOZ_WIDGET_TOOLKIT"] == "co
          "../components/printingui",
      ]
  elif CONFIG["MOZ_WIDGET_TOOLKIT"] == "uikit":
@@ -1214,7 +1214,7 @@
  #include "nsIFileStreams.h"
  #include "nsILineInputStream.h"
  #include "nsIFile.h"
-@@ -1019,17 +1019,17 @@ nsresult nsOSHelperAppService::GetHandle
+@@ -1020,17 +1020,17 @@ nsresult nsOSHelperAppService::GetHandle
  
  nsresult nsOSHelperAppService::OSProtocolHandlerExists(
      const char* aProtocolScheme, bool* aHandlerExists) {
@@ -1233,7 +1233,7 @@
      nsCOMPtr<nsIHandlerService> handlerSvc =
          do_GetService(NS_HANDLERSERVICE_CONTRACTID, &rv);
      if (NS_SUCCEEDED(rv) && handlerSvc) {
-@@ -1039,17 +1039,17 @@ nsresult nsOSHelperAppService::OSProtoco
+@@ -1040,17 +1040,17 @@ nsresult nsOSHelperAppService::OSProtoco
    }
  
    return rv;
@@ -1252,7 +1252,7 @@
  
  NS_IMETHODIMP nsOSHelperAppService::IsCurrentAppOSDefaultForProtocol(
      const nsACString& aScheme, bool* _retval) {
-@@ -1136,17 +1136,17 @@ already_AddRefed<nsMIMEInfoBase> nsOSHel
+@@ -1137,17 +1137,17 @@ already_AddRefed<nsMIMEInfoBase> nsOSHel
    nsresult rv =
        LookUpTypeAndDescription(NS_ConvertUTF8toUTF16(aFileExt), majorType,
                                 minorType, mime_types_description, true);
@@ -1271,7 +1271,7 @@
  
      rv = LookUpTypeAndDescription(NS_ConvertUTF8toUTF16(aFileExt), majorType,
                                    minorType, mime_types_description, false);
-@@ -1247,17 +1247,17 @@ already_AddRefed<nsMIMEInfoBase> nsOSHel
+@@ -1248,17 +1248,17 @@ already_AddRefed<nsMIMEInfoBase> nsOSHel
  
    // Now look up our extensions
    nsAutoString extensions, mime_types_description;
@@ -1293,7 +1293,7 @@
 diff --git a/widget/gtk/moz.build b/widget/gtk/moz.build
 --- a/widget/gtk/moz.build
 +++ b/widget/gtk/moz.build
-@@ -138,16 +138,17 @@ FINAL_LIBRARY = "xul"
+@@ -137,16 +137,17 @@ FINAL_LIBRARY = "xul"
  
  LOCAL_INCLUDES += [
      "/layout/base",
@@ -1685,7 +1685,7 @@
 diff --git a/xpcom/components/ManifestParser.cpp b/xpcom/components/ManifestParser.cpp
 --- a/xpcom/components/ManifestParser.cpp
 +++ b/xpcom/components/ManifestParser.cpp
-@@ -34,16 +34,17 @@
+@@ -38,16 +38,17 @@
  #include "nsTextFormatter.h"
  #include "nsVersionComparator.h"
  #include "nsXPCOMCIDInternal.h"
@@ -1703,7 +1703,7 @@
    int argc;
  
    bool ischrome;
-@@ -393,16 +394,17 @@ void ParseManifest(NSLocationType aType,
+@@ -397,16 +398,17 @@ void ParseManifest(NSLocationType aType,
    constexpr auto kRemoteEnabled = u"remoteenabled"_ns;
    constexpr auto kRemoteRequired = u"remoterequired"_ns;
    constexpr auto kApplication = u"application"_ns;
@@ -1717,11 +1717,11 @@
  #if defined(MOZ_WIDGET_ANDROID)
    constexpr auto kTablet = u"tablet"_ns;
  #endif
- 
-   constexpr auto kMain = u"main"_ns;
-   constexpr auto kContent = u"content"_ns;
- 
-@@ -448,39 +450,44 @@ void ParseManifest(NSLocationType aType,
+   // You might expect this to be guarded by MOZ_BACKGROUNDTASKS, but it's not
+   // possible to have conditional manifest contents, so we need to recognize and
+   // discard these tokens even when MOZ_BACKGROUNDTASKS is not set.
+   constexpr auto kBackgroundTask = u"backgroundtask"_ns;
+@@ -456,39 +458,44 @@ void ParseManifest(NSLocationType aType,
          CopyUTF8toUTF16(s, abi);
          abi.Insert(char16_t('_'), 0);
          abi.Insert(osTarget, 0);
@@ -1766,13 +1766,13 @@
      process = kMain;
    }
  
-@@ -567,25 +574,27 @@ void ParseManifest(NSLocationType aType,
-     TriState stOsVersion = eUnspecified;
-     TriState stOs = eUnspecified;
-     TriState stABI = eUnspecified;
-     TriState stProcess = eUnspecified;
- #if defined(MOZ_WIDGET_ANDROID)
-     TriState stTablet = eUnspecified;
+@@ -583,25 +590,27 @@ void ParseManifest(NSLocationType aType,
+     // When in background task mode, default to not registering
+     // category directivies unless backgroundtask=1 is specified.
+     TriState stBackgroundTask = (BackgroundTasks::IsBackgroundTaskMode() &&
+                                  strcmp("category", directive->directive) == 0)
+                                     ? eBad
+                                     : eUnspecified;
  #endif
      int flags = 0;
 +    TriState stDesktop = eUnspecified;
@@ -1794,7 +1794,7 @@
          continue;
        }
  
-@@ -622,17 +631,17 @@ void ParseManifest(NSLocationType aType,
+@@ -650,17 +659,17 @@ void ParseManifest(NSLocationType aType,
        }
  
        LogMessageWithContext(
@@ -1808,11 +1808,11 @@
  #ifdef MOZ_WIDGET_ANDROID
          stTablet == eBad ||
  #endif
+ #ifdef MOZ_BACKGROUNDTASKS
+         stBackgroundTask == eBad ||
+ #endif
          stABI == eBad || stProcess == eBad) {
        continue;
-     }
- 
-     if (directive->regfunc) {
 diff --git a/xpcom/components/moz.build b/xpcom/components/moz.build
 --- a/xpcom/components/moz.build
 +++ b/xpcom/components/moz.build
@@ -1833,7 +1833,7 @@
      if CONFIG["MOZ_ENABLE_DBUS"]:
          CXXFLAGS += CONFIG["MOZ_DBUS_GLIB_CFLAGS"]
  
- include("/ipc/chromium/chromium-config.mozbuild")
+ if CONFIG["MOZ_BACKGROUNDTASKS"]:
 diff --git a/xpcom/io/nsLocalFileUnix.cpp b/xpcom/io/nsLocalFileUnix.cpp
 --- a/xpcom/io/nsLocalFileUnix.cpp
 +++ b/xpcom/io/nsLocalFileUnix.cpp
@@ -1855,7 +1855,7 @@
  #  include "prmem.h"
  #  include "plbase64.h"
  
-@@ -1968,62 +1969,77 @@ nsLocalFile::SetPersistentDescriptor(con
+@@ -2001,62 +2002,77 @@ nsLocalFile::SetPersistentDescriptor(con
  
  NS_IMETHODIMP
  nsLocalFile::Reveal() {