--- a/MozillaFirefox/MozillaFirefox.changes Mon Mar 30 21:49:01 2020 +0200
+++ b/MozillaFirefox/MozillaFirefox.changes Mon Apr 20 14:12:08 2020 +0200
@@ -1,4 +1,49 @@
-------------------------------------------------------------------
+Tue Apr 7 12:18:27 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Firefox 75.0
+ * https://www.mozilla.org/en-US/firefox/75.0/releasenotes
+ MFSA 2020-12 (bsc#1168874)
+ * CVE-2020-6821 (bmo#1625404)
+ Uninitialized memory could be read when using the WebGL
+ copyTexSubImage method
+ * CVE-2020-6822 (bmo#1544181)
+ Out of bounds write in GMPDecodeData when processing large images
+ * CVE-2020-6823 (bmo#1614919)
+ Malicious Extension could obtain auth codes from OAuth login flows
+ * CVE-2020-6824 (bmo#1621853)
+ Generated passwords may be identical on the same site between
+ separate private browsing sessions
+ * CVE-2020-6825 (bmo#1572541,bmo#1620193,bmo#1620203)
+ Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7
+ * CVE-2020-6826 (bmo#1613009,bmo#1613195,bmo#1616734,bmo#1617488,
+ bmo#1619229,bmo#1620719,bmo#1624897)
+ Memory safety bugs fixed in Firefox 75
+- removed obsolete patch
+ mozilla-bmo1609538.patch
+- requires
+ * rust >= 1.41
+ * rust-cbindgen >= 0.13.1
+ * mozilla-nss >= 3.51
+ * nodejs10 >= 10.19
+- fix build issue in libvpx for i586 via mozilla-bmo1622013.patch
+
+-------------------------------------------------------------------
+Mon Apr 6 11:19:24 UTC 2020 - Michel Normand <normand@linux.vnet.ibm.com>
+
+- increase _constraints memory for ppc64le
+
+-------------------------------------------------------------------
+Fri Apr 3 15:23:28 UTC 2020 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Firefox 74.0.1
+ MFSA 2020-11 (boo#1168630)
+ * CVE-2020-6819 (bmo#1620818)
+ Use-after-free while running the nsDocShell destructor
+ * CVE-2020-6820 (bmo#1626728)
+ Use-after-free when handling a ReadableStream
+
+-------------------------------------------------------------------
Wed Mar 25 07:30:39 UTC 2020 - Marcus Meissner <meissner@suse.com>
- mozilla-sandbox-fips.patch: allow /proc/sys/crypto/fips_enabled
--- a/MozillaFirefox/MozillaFirefox.spec Mon Mar 30 21:49:01 2020 +0200
+++ b/MozillaFirefox/MozillaFirefox.spec Mon Apr 20 14:12:08 2020 +0200
@@ -18,9 +18,9 @@
# changed with every update
-%define major 74
+%define major 75
%define mainver %major.0
-%define orig_version 74.0
+%define orig_version 75.0
%define orig_suffix %{nil}
%define update_channel release
%define branding 1
@@ -75,7 +75,7 @@
%else
BuildRequires: gcc-c++
%endif
-BuildRequires: cargo >= 1.39
+BuildRequires: cargo >= 1.41
BuildRequires: libXcomposite-devel
BuildRequires: libcurl-devel
BuildRequires: libidl-devel
@@ -84,14 +84,14 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.25
-BuildRequires: mozilla-nss-devel >= 3.50
+BuildRequires: mozilla-nss-devel >= 3.51
BuildRequires: nasm >= 2.13
-BuildRequires: nodejs8 >= 8.11
+BuildRequires: nodejs10 >= 10.19.0
BuildRequires: python-devel
BuildRequires: python2-xml
BuildRequires: python3 >= 3.5
-BuildRequires: rust >= 1.39
-BuildRequires: rust-cbindgen >= 0.13.0
+BuildRequires: rust >= 1.41
+BuildRequires: rust-cbindgen >= 0.13.1
BuildRequires: startup-notification-devel
BuildRequires: unzip
BuildRequires: update-desktop-files
@@ -186,7 +186,7 @@
Patch20: mozilla-fix-top-level-asm.patch
Patch21: mozilla-bmo1504834-part4.patch
Patch22: mozilla-bmo849632.patch
-Patch23: mozilla-bmo1609538.patch
+Patch23: mozilla-bmo1622013.patch
# Firefox/browser
Patch101: firefox-kde.patch
Patch102: firefox-branded-icons.patch
--- a/MozillaFirefox/_constraints Mon Mar 30 21:49:01 2020 +0200
+++ b/MozillaFirefox/_constraints Mon Apr 20 14:12:08 2020 +0200
@@ -42,4 +42,17 @@
</memory>
</hardware>
</overwrite>
+ <overwrite>
+ <conditions>
+ <arch>ppc64le</arch>
+ </conditions>
+ <hardware>
+ <disk>
+ <size unit="G">25</size>
+ </disk>
+ <memory>
+ <size unit="G">10</size>
+ </memory>
+ </hardware>
+ </overwrite>
</constraints>
--- a/MozillaFirefox/mozilla-bmo1609538.patch Mon Mar 30 21:49:01 2020 +0200
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,1 +0,0 @@
-../mozilla-bmo1609538.patch
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/MozillaFirefox/mozilla-bmo1622013.patch Mon Apr 20 14:12:08 2020 +0200
@@ -0,0 +1,1 @@
+../mozilla-bmo1622013.patch
\ No newline at end of file
--- a/MozillaFirefox/tar_stamps Mon Mar 30 21:49:01 2020 +0200
+++ b/MozillaFirefox/tar_stamps Mon Apr 20 14:12:08 2020 +0200
@@ -1,11 +1,11 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="74.0"
+VERSION="75.0"
VERSION_SUFFIX=""
-PREV_VERSION="73.0.1"
+PREV_VERSION="75.0"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release"
-RELEASE_TAG="c6e493873ba543907dadabb42b64208a3679d43d"
-RELEASE_TIMESTAMP="20200309095159"
+RELEASE_TAG="6200ca9b300670ec069cdbf6e4f05e6a0bca46f1"
+RELEASE_TIMESTAMP="20200403170909"
--- a/mozilla-bmo1568145.patch Mon Mar 30 21:49:01 2020 +0200
+++ b/mozilla-bmo1568145.patch Mon Apr 20 14:12:08 2020 +0200
@@ -11,7 +11,7 @@
--- a/python/mozbuild/mozbuild/action/langpack_manifest.py
+++ b/python/mozbuild/mozbuild/action/langpack_manifest.py
@@ -11,16 +11,17 @@
- from __future__ import absolute_import, print_function
+ from __future__ import absolute_import, print_function, unicode_literals
import argparse
import sys
--- a/mozilla-bmo1609538.patch Mon Mar 30 21:49:01 2020 +0200
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,191 +0,0 @@
-# HG changeset patch
-# Parent 047fa9d20b78759029e87c48f0d64f819e889e4c
-
-diff --git a/widget/gtk/mozcontainer.cpp b/widget/gtk/mozcontainer.cpp
---- a/widget/gtk/mozcontainer.cpp
-+++ b/widget/gtk/mozcontainer.cpp
-@@ -159,23 +159,25 @@ void moz_container_move(MozContainer* co
-
- // Wayland subsurface is not created yet.
- if (!container->subsurface) {
- return;
- }
-
- // wl_subsurface_set_position is actually property of parent surface
- // which is effective when parent surface is commited.
-- wl_surface* parent_surface =
-- moz_gtk_widget_get_wl_surface(GTK_WIDGET(container));
-- if (parent_surface) {
-- wl_subsurface_set_position(container->subsurface, container->subsurface_dx,
-- container->subsurface_dy);
-- wl_surface_commit(parent_surface);
-- container->surface_position_needs_update = false;
-+ wl_subsurface_set_position(container->subsurface, container->subsurface_dx,
-+ container->subsurface_dy);
-+ container->surface_position_needs_update = false;
-+
-+ GdkWindow* window = gtk_widget_get_window(GTK_WIDGET(container));
-+ if (window) {
-+ GdkRectangle rect = (GdkRectangle){0, 0, gdk_window_get_width(window),
-+ gdk_window_get_height(window)};
-+ gdk_window_invalidate_rect(window, &rect, false);
- }
- }
-
- // This is called from layout/compositor code only with
- // size equal to GL rendering context. Otherwise there are
- // rendering artifacts as wl_egl_window size does not match
- // GL rendering pipeline setup.
- void moz_container_egl_window_set_size(MozContainer* container, int width,
-@@ -217,16 +219,17 @@ void moz_container_init(MozContainer* co
- container->subsurface = nullptr;
- container->eglwindow = nullptr;
- container->frame_callback_handler = nullptr;
- container->frame_callback_handler_surface_id = -1;
- // We can draw to x11 window any time.
- container->ready_to_draw = gfxPlatformGtk::GetPlatform()->IsX11Display();
- container->opaque_region_needs_update = false;
- container->opaque_region_subtract_corners = false;
-+ container->opaque_region_fullscreen = false;
- container->surface_needs_clear = true;
- container->subsurface_dx = 0;
- container->subsurface_dy = 0;
- container->surface_position_needs_update = 0;
- container->initial_draw_cbs.clear();
- #endif
-
- LOG(("%s [%p]\n", __FUNCTION__, (void*)container));
-@@ -569,22 +572,26 @@ static void moz_container_add(GtkContain
- moz_container_put(MOZ_CONTAINER(container), widget, 0, 0);
- }
-
- #ifdef MOZ_WAYLAND
- static void moz_container_set_opaque_region(MozContainer* container) {
- GtkAllocation allocation;
- gtk_widget_get_allocation(GTK_WIDGET(container), &allocation);
-
-- // Set region to mozcontainer which does not have any offset
-- wl_region* region =
-- CreateOpaqueRegionWayland(0, 0, allocation.width, allocation.height,
-- container->opaque_region_subtract_corners);
-- wl_surface_set_opaque_region(container->surface, region);
-- wl_region_destroy(region);
-+ // Set region to mozcontainer for normal state only
-+ if (!container->opaque_region_fullscreen) {
-+ wl_region* region =
-+ CreateOpaqueRegionWayland(0, 0, allocation.width, allocation.height,
-+ container->opaque_region_subtract_corners);
-+ wl_surface_set_opaque_region(container->surface, region);
-+ wl_region_destroy(region);
-+ } else {
-+ wl_surface_set_opaque_region(container->surface, nullptr);
-+ }
- }
-
- struct wl_surface* moz_container_get_wl_surface(MozContainer* container) {
- LOGWAYLAND(("%s [%p] surface %p ready_to_draw %d\n", __FUNCTION__,
- (void*)container, (void*)container->surface,
- container->ready_to_draw));
-
- if (!container->surface) {
-@@ -670,17 +677,19 @@ gboolean moz_container_has_wl_egl_window
-
- gboolean moz_container_surface_needs_clear(MozContainer* container) {
- int ret = container->surface_needs_clear;
- container->surface_needs_clear = false;
- return ret;
- }
-
- void moz_container_update_opaque_region(MozContainer* container,
-- bool aSubtractCorners) {
-+ bool aSubtractCorners,
-+ bool aFullScreen) {
- container->opaque_region_needs_update = true;
- container->opaque_region_subtract_corners = aSubtractCorners;
-+ container->opaque_region_fullscreen = aFullScreen;
- }
- #endif
-
- void moz_container_force_default_visual(MozContainer* container) {
- container->force_default_visual = true;
- }
-diff --git a/widget/gtk/mozcontainer.h b/widget/gtk/mozcontainer.h
---- a/widget/gtk/mozcontainer.h
-+++ b/widget/gtk/mozcontainer.h
-@@ -77,16 +77,17 @@ struct _MozContainer {
- struct wl_surface* surface;
- struct wl_subsurface* subsurface;
- int subsurface_dx, subsurface_dy;
- struct wl_egl_window* eglwindow;
- struct wl_callback* frame_callback_handler;
- int frame_callback_handler_surface_id;
- gboolean opaque_region_needs_update;
- gboolean opaque_region_subtract_corners;
-+ gboolean opaque_region_fullscreen;
- gboolean surface_position_needs_update;
- gboolean surface_needs_clear;
- gboolean ready_to_draw;
- std::vector<std::function<void(void)>> initial_draw_cbs;
- #endif
- gboolean force_default_visual;
- };
-
-@@ -112,12 +113,13 @@ void moz_container_move_resize(MozContai
- void moz_container_egl_window_set_size(MozContainer* container, int width,
- int height);
- void moz_container_scale_changed(MozContainer* container,
- GtkAllocation* aAllocation);
- void moz_container_add_initial_draw_callback(
- MozContainer* container, const std::function<void(void)>& initial_draw_cb);
- wl_surface* moz_gtk_widget_get_wl_surface(GtkWidget* aWidget);
- void moz_container_update_opaque_region(MozContainer* container,
-- bool aSubtractCorners);
-+ bool aSubtractCorners,
-+ bool aFullScreen);
- #endif
-
- #endif /* __MOZ_CONTAINER_H__ */
-diff --git a/widget/gtk/nsWindow.cpp b/widget/gtk/nsWindow.cpp
---- a/widget/gtk/nsWindow.cpp
-+++ b/widget/gtk/nsWindow.cpp
-@@ -4860,27 +4860,34 @@ void nsWindow::UpdateTopLevelOpaqueRegio
- int width = DevicePixelsToGdkCoordRoundDown(mBounds.width);
- int height = DevicePixelsToGdkCoordRoundDown(mBounds.height);
-
- GdkRectangle rect = {x, y, width, height};
- if (!mToplevelOpaqueRegionState.NeedsUpdate(rect, aSubtractCorners)) {
- return;
- }
-
-- wl_region* region =
-- CreateOpaqueRegionWayland(x, y, width, height, aSubtractCorners);
-- wl_surface_set_opaque_region(surface, region);
-- wl_region_destroy(region);
--
-+ // Set opaque region to toplevel window only in fullscreen mode.
-+ bool fullScreen = mSizeState != nsSizeMode_Normal && !mIsTiled;
-+ if (fullScreen) {
-+ wl_region* region =
-+ CreateOpaqueRegionWayland(x, y, width, height, aSubtractCorners);
-+ wl_surface_set_opaque_region(surface, region);
-+ wl_region_destroy(region);
-+ } else {
-+ wl_surface_set_opaque_region(surface, nullptr);
-+ }
-+
-+ // TODO -> create a function for it
- GdkWindow* window = gtk_widget_get_window(mShell);
- if (window) {
- gdk_window_invalidate_rect(window, &rect, false);
- }
-
-- moz_container_update_opaque_region(mContainer, aSubtractCorners);
-+ moz_container_update_opaque_region(mContainer, aSubtractCorners, fullScreen);
- }
- #endif
-
- static void GdkWindowSetOpaqueRegion(GdkWindow* aGdkWindow,
- cairo_region_t* aRegion) {
- // Available as of GTK 3.10+
- static auto sGdkWindowSetOpaqueRegion =
- (void (*)(GdkWindow*, cairo_region_t*))dlsym(
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/mozilla-bmo1622013.patch Mon Apr 20 14:12:08 2020 +0200
@@ -0,0 +1,28 @@
+From be45ba20c33a8a247115e79fd4c1f3295d652ba3 Mon Sep 17 00:00:00 2001
+From: Jan Beich <jbeich@FreeBSD.org>
+Date: Mon, 23 Mar 2020 08:20:22 +0000
+Subject: [PATCH] Bug 1622013 - Build *_mmx.c files with -mmmx in bundled libvpx.
+
+diff --git a/media/libvpx/moz.build b/media/libvpx/moz.build
+index f3845941fe4de..47853d43408b7 100644
+--- a/media/libvpx/moz.build
++++ b/media/libvpx/moz.build
+@@ -97,16 +97,18 @@ if CONFIG['OS_TARGET'] == 'Android':
+ DEFINES['__linux__'] = True
+
+ SOURCES += [
+ '%%%s/sources/android/cpufeatures/cpu-features.c' % CONFIG['ANDROID_NDK'],
+ ]
+
+ for f in SOURCES:
+ if f.endswith('.c'):
++ if 'mmx.c' in f:
++ SOURCES[f].flags += ['-mmmx']
+ if 'sse2.c' in f:
+ SOURCES[f].flags += CONFIG['SSE2_FLAGS']
+ if 'ssse3.c' in f:
+ SOURCES[f].flags += ['-mssse3']
+ if 'sse4.c' in f:
+ SOURCES[f].flags += ['-msse4.1']
+ if 'avx.c' in f:
+ SOURCES[f].flags += ['-mavx']
--- a/mozilla-kde.patch Mon Mar 30 21:49:01 2020 +0200
+++ b/mozilla-kde.patch Mon Apr 20 14:12:08 2020 +0200
@@ -3,7 +3,7 @@
# Date 1559294891 -7200
# Fri May 31 11:28:11 2019 +0200
# Node ID c2aa7198fb925e7fde96abf65b6f68b9b755f112
-# Parent d942febc5733911d795d1cec027fb4f3c0a6e53b
+# Parent fbac8545cf6f461803505c2d1f57531798dee96a
Description: Add KDE integration to Firefox (toolkit parts)
Author: Wolfgang Rosenauer <wolfgang@rosenauer.org>
Author: Lubos Lunak <lunak@suse.com>
@@ -13,7 +13,7 @@
diff --git a/modules/libpref/Preferences.cpp b/modules/libpref/Preferences.cpp
--- a/modules/libpref/Preferences.cpp
+++ b/modules/libpref/Preferences.cpp
-@@ -84,16 +84,17 @@
+@@ -83,16 +83,17 @@
#include "nsXPCOM.h"
#include "nsXULAppAPI.h"
#include "nsZipArchive.h"
@@ -31,7 +31,7 @@
#ifdef MOZ_MEMORY
# include "mozmemory.h"
#endif
-@@ -4539,25 +4540,37 @@ nsresult Preferences::InitInitialObjects
+@@ -4535,25 +4536,37 @@ nsresult Preferences::InitInitialObjects
// application pref files for backwards compatibility.
static const char* specialFiles[] = {
#if defined(XP_MACOSX)
@@ -69,7 +69,7 @@
// Load jar:$app/omni.jar!/defaults/preferences/*.js
// or jar:$gre/omni.jar!/defaults/preferences/*.js.
-@@ -4603,17 +4616,17 @@ nsresult Preferences::InitInitialObjects
+@@ -4599,17 +4612,17 @@ nsresult Preferences::InitInitialObjects
}
nsCOMPtr<nsIFile> path = do_QueryInterface(elem);
@@ -800,7 +800,7 @@
using mozilla::dom::RemoteHandlerApp;
namespace {
-@@ -288,17 +288,17 @@ mozilla::ipc::IPCResult HandlerServicePa
+@@ -294,17 +294,17 @@ mozilla::ipc::IPCResult HandlerServicePa
mozilla::ipc::IPCResult HandlerServiceParent::RecvExistsForProtocolOS(
const nsCString& aProtocolScheme, bool* aHandlerExists) {
if (aProtocolScheme.Length() > MAX_SCHEME_LENGTH) {
@@ -819,7 +819,7 @@
/*
* Check if a handler exists for the provided protocol. Check the datastore
-@@ -317,17 +317,17 @@ mozilla::ipc::IPCResult HandlerServicePa
+@@ -323,17 +323,17 @@ mozilla::ipc::IPCResult HandlerServicePa
nsCOMPtr<nsIExternalProtocolService> protoSvc =
do_GetService(NS_EXTERNALPROTOCOLSERVICE_CONTRACTID, &rv);
if (NS_WARN_IF(NS_FAILED(rv))) {
@@ -1295,7 +1295,7 @@
diff --git a/widget/gtk/moz.build b/widget/gtk/moz.build
--- a/widget/gtk/moz.build
+++ b/widget/gtk/moz.build
-@@ -128,16 +128,17 @@ include('/ipc/chromium/chromium-config.m
+@@ -129,16 +129,17 @@ include('/ipc/chromium/chromium-config.m
FINAL_LIBRARY = 'xul'
@@ -1404,15 +1404,15 @@
+ return NS_OK;
+ }
+
- nsCString title;
- title.Adopt(ToNewUTF8String(mTitle));
+ NS_ConvertUTF16toUTF8 title(mTitle);
GtkWindow* parent_widget =
GTK_WINDOW(mParentWidget->GetNativeData(NS_NATIVE_SHELLWIDGET));
GtkFileChooserAction action = GetGtkFileChooserAction(mMode);
-@@ -572,16 +599,240 @@ void nsFilePicker::Done(void* file_choos
+ const gchar* accept_button;
+@@ -571,16 +598,240 @@ void nsFilePicker::Done(void* file_choos
mCallback->Done(result);
mCallback = nullptr;
} else {
@@ -1852,7 +1852,7 @@
# include "prmem.h"
# include "plbase64.h"
-@@ -1904,62 +1905,77 @@ nsLocalFile::SetPersistentDescriptor(con
+@@ -1907,62 +1908,77 @@ nsLocalFile::SetPersistentDescriptor(con
NS_IMETHODIMP
nsLocalFile::Reveal() {
--- a/series Mon Mar 30 21:49:01 2020 +0200
+++ b/series Mon Apr 20 14:12:08 2020 +0200
@@ -21,7 +21,7 @@
mozilla-fix-top-level-asm.patch
mozilla-bmo1504834-part4.patch
mozilla-bmo849632.patch
-mozilla-bmo1609538.patch
+mozilla-bmo1622013.patch
# Firefox patches
firefox-kde.patch