# HG changeset patch # User Wolfgang Rosenauer # Date 1697184787 -7200 # Node ID d1b75dcb25fc21b764b710422ab3c9beea3e415d # Parent 16de98d33e9797beee9db364c183f30b2c00e1b8 Firefox 118.0.1 diff -r 16de98d33e97 -r d1b75dcb25fc MozillaFirefox/MozillaFirefox.changes --- a/MozillaFirefox/MozillaFirefox.changes Sat Sep 23 09:32:28 2023 +0200 +++ b/MozillaFirefox/MozillaFirefox.changes Fri Oct 13 10:13:07 2023 +0200 @@ -1,7 +1,39 @@ ------------------------------------------------------------------- -Sat Sep 23 07:29:25 UTC 2023 - Wolfgang Rosenauer - +Fri Sep 29 06:50:26 UTC 2023 - Wolfgang Rosenauer + +- Mozilla Firefox 118.0.1 + MFSA 2023-44 (bsc#1215814) + * CVE-2023-5217 (bmo#1855550), + Heap buffer overflow in libvpx + +------------------------------------------------------------------- +Mon Sep 25 06:35:49 UTC 2023 - Wolfgang Rosenauer + +- Mozilla Firefox 118.0 + MFSA 2023-41 (bsc#1215575) + * CVE-2023-5168 (bmo#1846683) + Out-of-bounds write in FilterNodeD2D1 + * CVE-2023-5169 (bmo#1846685) + Out-of-bounds write in PathOps + * CVE-2023-5170 (bmo#1846686) + Memory leak from a privileged process + * CVE-2023-5171 (bmo#1851599) + Use-after-free in Ion Compiler + * CVE-2023-5172 (bmo#1852218) + Memory Corruption in Ion Hints + * CVE-2023-5173 (bmo#1823172) + Out-of-bounds write in HTTP Alternate Services + * CVE-2023-5174 (bmo#1848454) + Double-free in process spawning on Windows + * CVE-2023-5175 (bmo#1849704) + Use-after-free of ImageBitmap during process shutdown + * CVE-2023-5176 (bmo#1836353, bmo#1842674, bmo#1843824, bmo#1843962, + bmo#1848890, bmo#1850180, bmo#1850983, bmo#1851195) + Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3, + and Thunderbird 115.3 +- requires NSS 3.93 - add mozilla-bmo1822730.patch +- deactivated KDE integration temporarily ------------------------------------------------------------------- Tue Sep 12 17:04:01 UTC 2023 - Andreas Stieger diff -r 16de98d33e97 -r d1b75dcb25fc MozillaFirefox/MozillaFirefox.spec --- a/MozillaFirefox/MozillaFirefox.spec Sat Sep 23 09:32:28 2023 +0200 +++ b/MozillaFirefox/MozillaFirefox.spec Fri Oct 13 10:13:07 2023 +0200 @@ -28,9 +28,9 @@ # orig_suffix b3 # major 69 # mainver %%major.99 -%define major 117 +%define major 118 %define mainver %major.0.1 -%define orig_version 117.0.1 +%define orig_version 118.0.1 %define orig_suffix %{nil} %define update_channel release %define branding 1 @@ -73,7 +73,7 @@ %define desktop_file_name %{progname} %define firefox_appid \{ec8030f7-c20a-464f-9b0e-13a3a9e97384\} %define __provides_exclude ^lib.*\\.so.*$ -%define __requires_exclude ^(libmoz.*|liblgpllibs.*|libxul.*)$ +%define __requires_exclude ^(libmoz.*|liblgpllibs.*|libxul.*|libgk.*)$ %define localize 1 %ifarch %ix86 x86_64 %define crashreporter 1 @@ -114,7 +114,7 @@ BuildRequires: libproxy-devel BuildRequires: makeinfo BuildRequires: mozilla-nspr-devel >= 4.35 -BuildRequires: mozilla-nss-devel >= 3.92 +BuildRequires: mozilla-nss-devel >= 3.93 BuildRequires: nasm >= 2.14 BuildRequires: nodejs >= 12.22.12 %if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000 @@ -209,7 +209,7 @@ Source21: https://ftp.mozilla.org/pub/%{srcname}/releases/%{version}%{orig_suffix}/KEY#/mozilla.keyring # Gecko/Toolkit Patch1: mozilla-nongnome-proxies.patch -Patch2: mozilla-kde.patch +#Patch2: mozilla-kde.patch Patch3: mozilla-ntlm-full-path.patch Patch4: mozilla-aarch64-startup-crash.patch Patch5: mozilla-fix-aarch64-libopus.patch @@ -230,7 +230,7 @@ Patch23: mozilla-rust-disable-future-incompat.patch Patch24: mozilla-bmo1822730.patch # Firefox/browser -Patch101: firefox-kde.patch +#Patch101: firefox-kde.patch Patch102: firefox-branded-icons.patch %endif BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -349,11 +349,11 @@ export PYTHON3=/usr/bin/python3.9 %endif -kdehelperversion=$(cat toolkit/xre/nsKDEUtils.cpp | grep '#define KMOZILLAHELPER_VERSION' | cut -d ' ' -f 3) -if test "$kdehelperversion" != %{kde_helper_version}; then - echo fix kde helper version in the .spec file - exit 1 -fi +#kdehelperversion=$(cat toolkit/xre/nsKDEUtils.cpp | grep '#define KMOZILLAHELPER_VERSION' | cut -d ' ' -f 3) +#if test "$kdehelperversion" != %{kde_helper_version}; then +# echo fix kde helper version in the .spec file +# exit 1 +#fi # When doing only_print_mozconfig, this file isn't necessarily available, so skip it cp %{SOURCE4} .obsenv.sh diff -r 16de98d33e97 -r d1b75dcb25fc MozillaFirefox/tar_stamps --- a/MozillaFirefox/tar_stamps Sat Sep 23 09:32:28 2023 +0200 +++ b/MozillaFirefox/tar_stamps Fri Oct 13 10:13:07 2023 +0200 @@ -1,10 +1,10 @@ PRODUCT="firefox" CHANNEL="release" -VERSION="117.0.1" +VERSION="118.0.1" VERSION_SUFFIX="" -PREV_VERSION="117.0" +PREV_VERSION="118.0" PREV_VERSION_SUFFIX="" #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release" -RELEASE_TAG="e245ca2125a6eb1e2d08cc9e5824f15e1e67a566" -RELEASE_TIMESTAMP="20230912013654" +RELEASE_TAG="68e4c357d26c5a1f075a1ec0c696d4fe684ed881" +RELEASE_TIMESTAMP="20230927232528" diff -r 16de98d33e97 -r d1b75dcb25fc mozilla-silence-no-return-type.patch --- a/mozilla-silence-no-return-type.patch Sat Sep 23 09:32:28 2023 +0200 +++ b/mozilla-silence-no-return-type.patch Fri Oct 13 10:13:07 2023 +0200 @@ -1,5 +1,5 @@ # HG changeset patch -# Parent 505c5ac5cad0268fe81c67d39f70cbab3bff616a +# Parent f809af927a59e945c76f51c25b1044fb42748c24 diff --git a/gfx/skia/skia/include/codec/SkEncodedOrigin.h b/gfx/skia/skia/include/codec/SkEncodedOrigin.h --- a/gfx/skia/skia/include/codec/SkEncodedOrigin.h @@ -722,7 +722,7 @@ diff --git a/third_party/libwebrtc/modules/audio_processing/agc2/rnn_vad/rnn_fc.cc b/third_party/libwebrtc/modules/audio_processing/agc2/rnn_vad/rnn_fc.cc --- a/third_party/libwebrtc/modules/audio_processing/agc2/rnn_vad/rnn_fc.cc +++ b/third_party/libwebrtc/modules/audio_processing/agc2/rnn_vad/rnn_fc.cc -@@ -54,16 +54,18 @@ std::vector PreprocessWeights(rtc +@@ -55,16 +55,18 @@ std::vector PreprocessWeights(rtc rtc::FunctionView GetActivationFunction( ActivationFunction activation_function) { switch (activation_function) { @@ -948,12 +948,12 @@ + return ""; } - constexpr char kIncludeCaptureClockOffset[] = - "WebRTC-IncludeCaptureClockOffset"; - } // namespace RTPSenderAudio::RTPSenderAudio(Clock* clock, RTPSender* rtp_sender) + : clock_(clock), + rtp_sender_(rtp_sender), + absolute_capture_time_sender_(clock) { diff --git a/third_party/libwebrtc/modules/video_coding/codecs/vp8/default_temporal_layers.cc b/third_party/libwebrtc/modules/video_coding/codecs/vp8/default_temporal_layers.cc --- a/third_party/libwebrtc/modules/video_coding/codecs/vp8/default_temporal_layers.cc +++ b/third_party/libwebrtc/modules/video_coding/codecs/vp8/default_temporal_layers.cc diff -r 16de98d33e97 -r d1b75dcb25fc series --- a/series Sat Sep 23 09:32:28 2023 +0200 +++ b/series Fri Oct 13 10:13:07 2023 +0200 @@ -1,6 +1,6 @@ # xulrunner/gecko patches mozilla-nongnome-proxies.patch -mozilla-kde.patch +#mozilla-kde.patch mozilla-ntlm-full-path.patch mozilla-aarch64-startup-crash.patch mozilla-fix-aarch64-libopus.patch