# HG changeset patch # User Wolfgang Rosenauer # Date 1708630278 -3600 # Node ID 2a0735b1eb92a2dea4f171551e2a83ecd3f637d2 # Parent 4c520ebe1ad73a060845e6287feb62371cca5026 122.0.1 diff -r 4c520ebe1ad7 -r 2a0735b1eb92 MozillaFirefox/MozillaFirefox.changes --- a/MozillaFirefox/MozillaFirefox.changes Tue Jan 23 17:32:46 2024 +0100 +++ b/MozillaFirefox/MozillaFirefox.changes Thu Feb 22 20:31:18 2024 +0100 @@ -1,4 +1,77 @@ ------------------------------------------------------------------- +Tue Feb 13 21:21:15 UTC 2024 - Andreas Stieger + +- Mozilla Firefox 122.0.1 + https://www.mozilla.org/en-US/firefox/122.0.1/releasenotes/ + * Fixed the Library and Sidebar context menus only displaying + Multi-Account Containers icons in the "Open in New Container + Tab" menu. (bmo#1876518) + * Fixed an issue when clicking the Dismiss button in + notification pop-ups on Windows causing a webpage in a new tab. + (bmo#1848801) + * Fixed the yaru-remix system theme not applying correctly on + Linux. (bmo#1877002) + * Fixed adding an extra new line to a rule in the Developer + Tools' Inspector when copying it to the clipboard. + (bmo#1876220) + * Rolled back a keyboard behavior change made to the Developer + Tools' Rules view when validating a property name or input with + the Enter key. + This moves the focus to the next input, as was the behavior + in Firefox 121. (bmo#1877457) + +------------------------------------------------------------------- +Tue Jan 30 13:51:25 UTC 2024 - Martin Sirringhaus + +- Recommend libfido2-udev on codestreams that exist, in order to try + to get security keys (e.g. Yubikeys) work out of the box. (bsc#1184272) + +------------------------------------------------------------------- +Sat Jan 27 23:12:05 UTC 2024 - Andreas Schwab + +- Fix file list + +------------------------------------------------------------------- +Sun Jan 21 09:16:30 UTC 2024 - Wolfgang Rosenauer + +- Mozilla Firefox 122.0 + https://www.mozilla.org/en-US/firefox/122.0/releasenotes/ + MFSA 2024-01 (bsc#1218955) + * CVE-2024-0741 (bmo#1864587) + Out of bounds write in ANGLE + * CVE-2024-0742 (bmo#1867152) + Failure to update user input timestamp + * CVE-2024-0743 (bmo#1867408) + Crash in NSS TLS method + * CVE-2024-0744 (bmo#1871089) + Wild pointer dereference in JavaScript + * CVE-2024-0745 (bmo#1871838) + Stack buffer overflow in WebAudio + * CVE-2024-0746 (bmo#1660223) + Crash when listing printers on Linux + * CVE-2024-0747 (bmo#1764343) + Bypass of Content Security Policy when directive unsafe-inline was set + * CVE-2024-0748 (bmo#1783504) + Compromised content process could modify document URI + * CVE-2024-0749 (bmo#1813463) + Phishing site popup could show local origin in address bar + * CVE-2024-0750 (bmo#1863083) + Potential permissions request bypass via clickjacking + * CVE-2024-0751 (bmo#1865689) + Privilege escalation through devtools + * CVE-2024-0752 (bmo#1866840) + Use-after-free could occur when applying update on macOS + * CVE-2024-0753 (bmo#1870262) + HSTS policy on subdomain could bypass policy of upper domain + * CVE-2024-0754 (bmo#1871605) + Crash when using some WASM files in devtools + * CVE-2024-0755 (bmo#1868456, bmo#1871445, bmo#1873701) + Memory safety bugs fixed in Firefox 122, Firefox ESR 115.7, + and Thunderbird 115.7 +- requires NSS 3.96.1 +- rebased patches + +------------------------------------------------------------------- Tue Jan 9 20:36:26 UTC 2024 - Andreas Stieger - Mozilla Firefox 121.0.1 diff -r 4c520ebe1ad7 -r 2a0735b1eb92 MozillaFirefox/MozillaFirefox.spec --- a/MozillaFirefox/MozillaFirefox.spec Tue Jan 23 17:32:46 2024 +0100 +++ b/MozillaFirefox/MozillaFirefox.spec Thu Feb 22 20:31:18 2024 +0100 @@ -1,5 +1,5 @@ # -# spec file +# spec file for package MozillaFirefox # # Copyright (c) 2024 SUSE LLC # Copyright (c) 2006-2023 Wolfgang Rosenauer @@ -28,9 +28,9 @@ # orig_suffix b3 # major 69 # mainver %%major.99 -%define major 121 +%define major 122 %define mainver %major.0.1 -%define orig_version 121.0.1 +%define orig_version 122.0.1 %define orig_suffix %{nil} %define update_channel release %define branding 1 @@ -114,7 +114,7 @@ BuildRequires: libproxy-devel BuildRequires: makeinfo BuildRequires: mozilla-nspr-devel >= 4.35 -BuildRequires: mozilla-nss-devel >= 3.95 +BuildRequires: mozilla-nss-devel >= 3.96.1 BuildRequires: nasm >= 2.14 BuildRequires: nodejs >= 12.22.12 %if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000 @@ -235,13 +235,19 @@ %endif BuildRoot: %{_tmppath}/%{name}-%{version}-build Requires(post): coreutils shared-mime-info desktop-file-utils -Requires(postun):shared-mime-info desktop-file-utils +Requires(postun): shared-mime-info desktop-file-utils Requires: %{name}-branding >= 68 %requires_ge mozilla-nspr %requires_ge mozilla-nss %requires_ge libfreetype6 Recommends: libcanberra0 Recommends: libpulse0 +# To make security-keys (e.g. Yubikey) work with FF, it needs the udev-rules installed. +# A clean package with the most common rules exists only in SP3 onwards. `u2f-hosts` could be used on older +# code streams, but it contains more than just the rules, so we're not recommending it here. +%if 0%{?suse_version} >= 1600 || 0%{?sle_version} >= 150300 +Recommends: libfido2-udev +%endif # addon leads to startup crash (bnc#908892) Obsoletes: tracker-miner-firefox < 0.15 %if 0%{?devpkg} == 0 @@ -717,10 +723,8 @@ %{progdir}/*.so %{progdir}/glxtest %if 0%{wayland_supported} -%ifarch %{arm} aarch64 %{ix86} x86_64 %{progdir}/vaapitest %endif -%endif %ifarch aarch64 riscv64 %arm %{progdir}/v4l2test %endif diff -r 4c520ebe1ad7 -r 2a0735b1eb92 MozillaFirefox/mozilla.keyring --- a/MozillaFirefox/mozilla.keyring Tue Jan 23 17:32:46 2024 +0100 +++ b/MozillaFirefox/mozilla.keyring Thu Feb 22 20:31:18 2024 +0100 @@ -12,8 +12,8 @@ uid [ full ] Mozilla Software Releases sub rsa4096 2015-07-17 [S] [expired: 2017-07-16] sub rsa4096 2017-06-22 [S] [expired: 2019-06-22] -sub rsa4096 2019-05-30 [S] [expires: 2021-05-29] -sub rsa4096 2021-05-17 [S] [expires: 2023-05-17] +sub rsa4096 2019-05-30 [S] [expired: 2021-05-29] +sub rsa4096 2021-05-17 [S] [expired: 2023-05-17] sub rsa4096 2023-05-05 [S] [expires: 2025-05-04] -----BEGIN PGP PUBLIC KEY BLOCK----- diff -r 4c520ebe1ad7 -r 2a0735b1eb92 MozillaFirefox/tar_stamps --- a/MozillaFirefox/tar_stamps Tue Jan 23 17:32:46 2024 +0100 +++ b/MozillaFirefox/tar_stamps Thu Feb 22 20:31:18 2024 +0100 @@ -1,10 +1,10 @@ PRODUCT="firefox" CHANNEL="release" -VERSION="121.0.1" +VERSION="122.0.1" VERSION_SUFFIX="" -PREV_VERSION="121.0" +PREV_VERSION="122.0" PREV_VERSION_SUFFIX="" #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release" -RELEASE_TAG="484be1feb7138af0917df98dda85050e0a3317a8" -RELEASE_TIMESTAMP="20240108143603" +RELEASE_TAG="5eb7272884b4ce02cffab7900e41551608885492" +RELEASE_TIMESTAMP="20240205133611" diff -r 4c520ebe1ad7 -r 2a0735b1eb92 firefox-branded-icons.patch --- a/firefox-branded-icons.patch Tue Jan 23 17:32:46 2024 +0100 +++ b/firefox-branded-icons.patch Thu Feb 22 20:31:18 2024 +0100 @@ -1,26 +1,35 @@ # HG changeset patch # Parent e0751ad74e835e80041a61ea00c2a63bf6fbe2de -# Parent fe7e6fdd75484993420740244f21b5b41d6e0fa1 +# Parent ebf6598a9309200fcea0cedb08e39161b82a73f9 -Index: firefox-115.0/browser/branding/branding-common.mozbuild -=================================================================== ---- firefox-115.0.orig/browser/branding/branding-common.mozbuild -+++ firefox-115.0/browser/branding/branding-common.mozbuild -@@ -30,6 +30,9 @@ def FirefoxBranding(): +diff --git a/browser/branding/branding-common.mozbuild b/browser/branding/branding-common.mozbuild +--- a/browser/branding/branding-common.mozbuild ++++ b/browser/branding/branding-common.mozbuild +@@ -26,12 +26,15 @@ def FirefoxBranding(): + "PrivateBrowsing_70.png", + "VisualElements_150.png", + "VisualElements_70.png", + ] + elif CONFIG["MOZ_WIDGET_TOOLKIT"] == "gtk": FINAL_TARGET_FILES.chrome.icons.default += [ - 'default128.png', - 'default16.png', -+ 'default22.png', -+ 'default24.png', -+ 'default256.png', - 'default32.png', - 'default48.png', - 'default64.png', -Index: firefox-115.0/browser/installer/package-manifest.in -=================================================================== ---- firefox-115.0.orig/browser/installer/package-manifest.in -+++ firefox-115.0/browser/installer/package-manifest.in -@@ -227,10 +227,13 @@ + "default128.png", + "default16.png", ++ "default22.png", ++ "default24.png", ++ "default256.png", + "default32.png", + "default48.png", + "default64.png", + ] +diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in +--- a/browser/installer/package-manifest.in ++++ b/browser/installer/package-manifest.in +@@ -216,20 +216,23 @@ + @RESPATH@/browser/chrome/browser@JAREXT@ + @RESPATH@/browser/chrome/browser.manifest + @RESPATH@/chrome/pdfjs.manifest + @RESPATH@/chrome/pdfjs/* + @RESPATH@/chrome/toolkit@JAREXT@ @RESPATH@/chrome/toolkit.manifest #ifdef MOZ_GTK @RESPATH@/browser/chrome/icons/default/default16.png @@ -34,3 +43,8 @@ #endif @RESPATH@/browser/features/* + ; [DevTools Startup Files] + @RESPATH@/browser/chrome/devtools-startup@JAREXT@ + @RESPATH@/browser/chrome/devtools-startup.manifest + + ; DevTools diff -r 4c520ebe1ad7 -r 2a0735b1eb92 firefox-kde.patch --- a/firefox-kde.patch Tue Jan 23 17:32:46 2024 +0100 +++ b/firefox-kde.patch Thu Feb 22 20:31:18 2024 +0100 @@ -29,7 +29,7 @@ diff --git a/browser/components/preferences/main.js b/browser/components/preferences/main.js --- a/browser/components/preferences/main.js +++ b/browser/components/preferences/main.js -@@ -291,16 +291,23 @@ var gMainPane = { +@@ -292,16 +292,23 @@ var gMainPane = { }, backoffTimes[this._backoffIndex + 1 < backoffTimes.length ? this._backoffIndex++ : backoffTimes.length - 1]); }; @@ -53,15 +53,15 @@ let defaultPerformancePref = Preferences.get( "browser.preferences.defaultPerformanceSettings.enabled" ); -@@ -1744,16 +1751,27 @@ var gMainPane = { - this._backoffIndex = 0; +@@ -1753,16 +1760,27 @@ var gMainPane = { - let shellSvc = getShellService(); - if (!shellSvc) { - return; - } + // Disable the set default button, so that the user doesn't try to hit it again + // while awaiting on setDefaultBrowser + let setDefaultButton = document.getElementById("setDefaultButton"); + setDefaultButton.disabled = true; + try { - shellSvc.setDefaultBrowser(false); + await shellSvc.setDefaultBrowser(false); + if (kde_session == 1) { + var shellObj = Components.classes["@mozilla.org/file/local;1"] + .createInstance(Components.interfaces.nsILocalFile); @@ -76,11 +76,11 @@ } catch (ex) { console.error(ex); return; + } finally { + // Make sure to re-enable the default button when we're finished, regardless of the outcome + setDefaultButton.disabled = false; } - let isDefault = shellSvc.isDefaultBrowser(false, true); - let setDefaultPane = document.getElementById("setDefaultPane"); - setDefaultPane.classList.toggle("is-default", isDefault); diff --git a/browser/components/shell/moz.build b/browser/components/shell/moz.build --- a/browser/components/shell/moz.build +++ b/browser/components/shell/moz.build diff -r 4c520ebe1ad7 -r 2a0735b1eb92 mozilla-bmo1822730.patch --- a/mozilla-bmo1822730.patch Tue Jan 23 17:32:46 2024 +0100 +++ b/mozilla-bmo1822730.patch Thu Feb 22 20:31:18 2024 +0100 @@ -3,13 +3,18 @@ # Date 1695432215 25200 # Fri Sep 22 18:23:35 2023 -0700 # Node ID e6a8a9f0956d124e8de34eb4bcf09d8e17077d9d -# Parent 677cbf2e64cdcd3a93e644f781be2bdc2529ba1a +# Parent 5dbbabbfaca21d2c5994f95ed095313284611c44 Bug 1822730 - Add basic blob protocol handling for blob URIs that contain parsable http/s protocols diff --git a/toolkit/mozapps/downloads/DownloadLastDir.sys.mjs b/toolkit/mozapps/downloads/DownloadLastDir.sys.mjs --- a/toolkit/mozapps/downloads/DownloadLastDir.sys.mjs +++ b/toolkit/mozapps/downloads/DownloadLastDir.sys.mjs -@@ -221,11 +221,13 @@ export class DownloadLastDir { +@@ -216,38 +216,49 @@ export class DownloadLastDir { + Services.prefs.setComplexValue(LAST_DIR_PREF, nsIFile, aFile); + } else if (Services.prefs.prefHasUserValue(LAST_DIR_PREF)) { + Services.prefs.clearUserPref(LAST_DIR_PREF); + } + } /** * Pre-processor to extract a domain name to be used with the content-prefs @@ -20,12 +25,13 @@ * - all file:/// URIs share the same folder * - data: URIs share a folder per mime-type. If a mime-type is not * specified text/plain is assumed. -+ * - blob: blob URIs are tested for http/https and the blob protocol -+ * is stripped. + * - blob: URIs share the same folder as their origin. This is done by + * ContentPrefs already, so we just let the url fall-through. * In any other case the original URL is returned as a string and ContentPrefs * will do its usual parsing. * -@@ -234,6 +236,9 @@ export class DownloadLastDir { + * @param {string|nsIURI|URL} url The URL to parse + * @returns {string} the domain name to use, or the original url. */ #cpsGroupFromURL(url) { if (typeof url == "string") { @@ -35,7 +41,7 @@ url = new URL(url); } else if (url instanceof Ci.nsIURI) { url = URL.fromURI(url); -@@ -241,6 +246,14 @@ export class DownloadLastDir { + } if (!URL.isInstance(url)) { return url; } @@ -50,3 +56,8 @@ if (url.protocol == "data:") { return url.href.match(/^data:[^;,]*/i)[0].replace(/:$/, ":text/plain"); } + if (url.protocol == "file:") { + return "file:///"; + } + return url.href; + } diff -r 4c520ebe1ad7 -r 2a0735b1eb92 mozilla-kde.patch --- a/mozilla-kde.patch Tue Jan 23 17:32:46 2024 +0100 +++ b/mozilla-kde.patch Thu Feb 22 20:31:18 2024 +0100 @@ -50,7 +50,7 @@ diff --git a/modules/libpref/Preferences.cpp b/modules/libpref/Preferences.cpp --- a/modules/libpref/Preferences.cpp +++ b/modules/libpref/Preferences.cpp -@@ -91,16 +91,17 @@ +@@ -90,16 +90,17 @@ #include "PLDHashTable.h" #include "prdtoa.h" #include "prlink.h" @@ -1235,7 +1235,7 @@ # include "Units.h" extern mozilla::LazyLogModule gWidgetLog; # define LOG(args) MOZ_LOG(gWidgetLog, mozilla::LogLevel::Debug, args) -@@ -305,17 +308,18 @@ nsFilePicker::AppendFilters(int32_t aFil +@@ -302,17 +305,18 @@ nsFilePicker::AppendFilters(int32_t aFil mAllowURLs = !!(aFilterMask & filterAllowURLs); return nsBaseFilePicker::AppendFilters(aFilterMask); } @@ -1255,19 +1255,18 @@ mFilters.AppendElement(filter); mFilterNames.AppendElement(name); -@@ -415,16 +419,41 @@ nsresult nsFilePicker::Show(nsIFilePicke +@@ -412,16 +416,39 @@ nsresult nsFilePicker::Show(nsIFilePicke return NS_OK; } NS_IMETHODIMP nsFilePicker::Open(nsIFilePickerShownCallback* aCallback) { // Can't show two dialogs concurrently with the same filepicker - if (mRunning) return NS_ERROR_NOT_AVAILABLE; + if (mFileChooser) return NS_ERROR_NOT_AVAILABLE; + // KDE file picker is not handled via callback + if (nsKDEUtils::kdeSupport()) { + mCallback = aCallback; -+ mRunning = true; + NS_ADDREF_THIS(); + g_idle_add( + [](gpointer data) -> gboolean { @@ -1280,7 +1279,6 @@ + } else { + queuedPicker->mResult = result; + } -+ queuedPicker->mRunning = false; + NS_RELEASE(queuedPicker); + return G_SOURCE_REMOVE; + }, @@ -1297,7 +1295,7 @@ GtkFileChooserAction action = GetGtkFileChooserAction(mMode); const gchar* accept_button; -@@ -696,16 +725,215 @@ void nsFilePicker::Done(void* file_choos +@@ -703,16 +730,215 @@ void nsFilePicker::Done(void* file_choos mCallback->Done(result); mCallback = nullptr; } else { diff -r 4c520ebe1ad7 -r 2a0735b1eb92 mozilla-rust-disable-future-incompat.patch --- a/mozilla-rust-disable-future-incompat.patch Tue Jan 23 17:32:46 2024 +0100 +++ b/mozilla-rust-disable-future-incompat.patch Thu Feb 22 20:31:18 2024 +0100 @@ -1,17 +1,17 @@ # HG changeset patch -# Parent b62ddf6a31854e9e3c22a81056d233a50b4dd5c4 +# Parent fa3b49f090f8b4a1af0510a675d2674a420fcbc6 diff --git a/Cargo.toml b/Cargo.toml --- a/Cargo.toml +++ b/Cargo.toml -@@ -206,8 +206,13 @@ webext-storage = { git = "https://github +@@ -219,8 +219,13 @@ webext-storage = { git = "https://github path = "third_party/rust/mio-0.6.23" [patch."https://github.com/mozilla/uniffi-rs.git"] - uniffi = "=0.24.3" - uniffi_bindgen = "=0.24.3" - uniffi_build = "=0.24.3" - uniffi_macros = "=0.24.3" + uniffi = "=0.25.3" + uniffi_bindgen = "=0.25.3" + uniffi_build = "=0.25.3" + uniffi_macros = "=0.25.3" weedle2 = "=4.0.0" + +# Package code v0.1.4 uses code "that will be rejected by a future version of Rust" diff -r 4c520ebe1ad7 -r 2a0735b1eb92 mozilla-silence-no-return-type.patch --- a/mozilla-silence-no-return-type.patch Tue Jan 23 17:32:46 2024 +0100 +++ b/mozilla-silence-no-return-type.patch Thu Feb 22 20:31:18 2024 +0100 @@ -1,5 +1,5 @@ # HG changeset patch -# Parent e7eb7e9e99204275532b04de030879c9548b88a3 +# Parent f5fd2bbd77ef4b6554a7180c9c4768e64aca3b2a diff --git a/gfx/skia/skia/include/codec/SkEncodedOrigin.h b/gfx/skia/skia/include/codec/SkEncodedOrigin.h --- a/gfx/skia/skia/include/codec/SkEncodedOrigin.h @@ -526,7 +526,7 @@ diff --git a/third_party/libwebrtc/api/video_codecs/video_encoder_software_fallback_wrapper.cc b/third_party/libwebrtc/api/video_codecs/video_encoder_software_fallback_wrapper.cc --- a/third_party/libwebrtc/api/video_codecs/video_encoder_software_fallback_wrapper.cc +++ b/third_party/libwebrtc/api/video_codecs/video_encoder_software_fallback_wrapper.cc -@@ -158,16 +158,17 @@ class VideoEncoderSoftwareFallbackWrappe +@@ -183,16 +183,17 @@ class VideoEncoderSoftwareFallbackWrappe [[fallthrough]]; case EncoderState::kMainEncoderUsed: return encoder_.get(); @@ -544,7 +544,7 @@ // Settings used in the last InitEncode call and used if a dynamic fallback to // software is required. -@@ -338,16 +339,17 @@ int32_t VideoEncoderSoftwareFallbackWrap +@@ -363,16 +364,17 @@ int32_t VideoEncoderSoftwareFallbackWrap case EncoderState::kMainEncoderUsed: { return EncodeWithMainEncoder(frame, frame_types); } @@ -684,7 +684,7 @@ diff --git a/third_party/libwebrtc/media/base/codec.cc b/third_party/libwebrtc/media/base/codec.cc --- a/third_party/libwebrtc/media/base/codec.cc +++ b/third_party/libwebrtc/media/base/codec.cc -@@ -195,16 +195,17 @@ bool Codec::Matches(const Codec& codec, +@@ -201,16 +201,17 @@ bool Codec::Matches(const Codec& codec, (codec.bitrate == 0 || bitrate <= 0 || bitrate == codec.bitrate) && ((codec.channels < 2 && channels < 2) || @@ -699,9 +699,9 @@ return matches_id && matches_type_specific(); } - bool Codec::MatchesCapability( - const webrtc::RtpCodecCapability& codec_capability) const { + bool Codec::MatchesRtpCodec(const webrtc::RtpCodec& codec_capability) const { webrtc::RtpCodecParameters codec_parameters = ToCodecParameters(); + diff --git a/third_party/libwebrtc/modules/audio_processing/agc2/clipping_predictor.cc b/third_party/libwebrtc/modules/audio_processing/agc2/clipping_predictor.cc --- a/third_party/libwebrtc/modules/audio_processing/agc2/clipping_predictor.cc +++ b/third_party/libwebrtc/modules/audio_processing/agc2/clipping_predictor.cc @@ -957,7 +957,7 @@ diff --git a/third_party/libwebrtc/modules/rtp_rtcp/source/rtp_sender_audio.cc b/third_party/libwebrtc/modules/rtp_rtcp/source/rtp_sender_audio.cc --- a/third_party/libwebrtc/modules/rtp_rtcp/source/rtp_sender_audio.cc +++ b/third_party/libwebrtc/modules/rtp_rtcp/source/rtp_sender_audio.cc -@@ -40,16 +40,17 @@ namespace { +@@ -41,16 +41,17 @@ namespace { case AudioFrameType::kEmptyFrame: return "empty"; case AudioFrameType::kAudioFrameSpeech: