# HG changeset patch # User Wolfgang Rosenauer # Date 1676323493 -3600 # Node ID e69790650e3c221579efc83f92be022bc5e92bff # Parent cb6f01567cf82924b33a4689312add768b4e093c Firefox 109.0.1 diff -r cb6f01567cf8 -r e69790650e3c MozillaFirefox/MozillaFirefox.changes --- a/MozillaFirefox/MozillaFirefox.changes Sun Jan 15 22:34:49 2023 +0100 +++ b/MozillaFirefox/MozillaFirefox.changes Mon Feb 13 22:24:53 2023 +0100 @@ -1,4 +1,53 @@ ------------------------------------------------------------------- +Wed Feb 1 19:48:47 UTC 2023 - Andreas Stieger + +- Mozilla Firefox 109.0.1 + * Fixed jank when loading pages containing a large number of + emoji characters (bmo#1809081) + * Fixed an issue causing authentication prompts to not appear + when loading pages in some enterprise environments + (bmo#1809151) + * ixed inconsistent sizing of event listener checkboxes inside + the Inspector developer tool (bmo#1811760) + +------------------------------------------------------------------- +Mon Jan 16 06:54:09 UTC 2023 - Wolfgang Rosenauer + +- Mozilla Firefox 109.0 + MFSA 2023-01 (bsc#1207119) + * CVE-2023-23597 (bmo#1538028) + Logic bug in process allocation allowed to read arbitrary + files + * CVE-2023-23598 (bmo#1800425) + Arbitrary file read from GTK drag and drop on Linux + * CVE-2023-23599 (bmo#1777800) + Malicious command could be hidden in devtools output on + Windows + * CVE-2023-23600 (bmo#1787034) + Notification permissions persisted between Normal and Private + Browsing on Android + * CVE-2023-23601 (bmo#1794268) + URL being dragged from cross-origin iframe into same tab + triggers navigation + * CVE-2023-23602 (bmo#1800890) + Content Security Policy wasn't being correctly applied to + WebSockets in WebWorkers + * CVE-2023-23603 (bmo#1800832) + Calls to console.log allowed bypasing Content + Security Policy via format directive + * CVE-2023-23604 (bmo#1802346) + Creation of duplicate SystemPrincipal from less + secure contexts + * CVE-2023-23605 (bmo#1764921, bmo#1802690, bmo#1806974) + Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7 + * CVE-2023-23606 (bmo#1764974, bmo#1798591, bmo#1799201, + bmo#1800446, bmo#1801248, bmo#1802100, bmo#1803393, + bmo#1804626, bmo#1804971, bmo#1807004) + Memory safety bugs fixed in Firefox 109 +- requires NSS 3.86 +- rebased patches + +------------------------------------------------------------------- Fri Jan 6 06:57:25 UTC 2023 - Luciano Santos - Mozilla Firefox 108.0.2 diff -r cb6f01567cf8 -r e69790650e3c MozillaFirefox/MozillaFirefox.spec --- a/MozillaFirefox/MozillaFirefox.spec Sun Jan 15 22:34:49 2023 +0100 +++ b/MozillaFirefox/MozillaFirefox.spec Mon Feb 13 22:24:53 2023 +0100 @@ -2,7 +2,7 @@ # spec file # # Copyright (c) 2023 SUSE LLC -# Copyright (c) 2006-2022 Wolfgang Rosenauer +# Copyright (c) 2006-2023 Wolfgang Rosenauer # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -28,9 +28,9 @@ # orig_suffix b3 # major 69 # mainver %major.99 -%define major 108 -%define mainver %major.0.2 -%define orig_version 108.0.2 +%define major 109 +%define mainver %major.0.1 +%define orig_version 109.0.1 %define orig_suffix %{nil} %define update_channel release %define branding 1 @@ -120,7 +120,7 @@ BuildRequires: libproxy-devel BuildRequires: makeinfo BuildRequires: mozilla-nspr-devel >= 4.35 -BuildRequires: mozilla-nss-devel >= 3.85 +BuildRequires: mozilla-nss-devel >= 3.86 BuildRequires: nasm >= 2.14 BuildRequires: nodejs >= 10.22.1 %if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000 diff -r cb6f01567cf8 -r e69790650e3c MozillaFirefox/tar_stamps --- a/MozillaFirefox/tar_stamps Sun Jan 15 22:34:49 2023 +0100 +++ b/MozillaFirefox/tar_stamps Mon Feb 13 22:24:53 2023 +0100 @@ -1,10 +1,10 @@ PRODUCT="firefox" CHANNEL="release" -VERSION="108.0.2" +VERSION="109.0.1" VERSION_SUFFIX="" -PREV_VERSION="108.0" +PREV_VERSION="109.0" PREV_VERSION_SUFFIX="" #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release" -RELEASE_TAG="a486bbf619936d4f8516c853ea6ffad2d576e2a3" -RELEASE_TIMESTAMP="20230104165113" +RELEASE_TAG="30244986d6ff55bc3396db436fe1dba555828106" +RELEASE_TIMESTAMP="20230127170202" diff -r cb6f01567cf8 -r e69790650e3c firefox-kde.patch --- a/firefox-kde.patch Sun Jan 15 22:34:49 2023 +0100 +++ b/firefox-kde.patch Mon Feb 13 22:24:53 2023 +0100 @@ -3,7 +3,7 @@ # Date 1559300151 -7200 # Fri May 31 12:55:51 2019 +0200 # Node ID 54d41b0033b8d649d842a1f862c6fed8b9874dec -# Parent c9baf1c9eb9359b7968a52157e8892cdd20f2c6d +# Parent 95d798f72d832c953086aa27675498fdf84177f0 How to apply this patch: 1. Import and apply it 2. cp browser/base/content/browser.xul browser/base/content/browser-kde.xul @@ -14,7 +14,7 @@ diff --git a/browser/components/preferences/main.js b/browser/components/preferences/main.js --- a/browser/components/preferences/main.js +++ b/browser/components/preferences/main.js -@@ -303,16 +303,23 @@ var gMainPane = { +@@ -296,16 +296,23 @@ var gMainPane = { }, backoffTimes[this._backoffIndex + 1 < backoffTimes.length ? this._backoffIndex++ : backoffTimes.length - 1]); }; @@ -38,7 +38,7 @@ ); let performanceSettingsUrl = Services.urlFormatter.formatURLPref("app.support.baseURL") + -@@ -1334,16 +1341,27 @@ var gMainPane = { +@@ -1333,16 +1340,27 @@ var gMainPane = { this._backoffIndex = 0; let shellSvc = getShellService(); @@ -59,7 +59,7 @@ + process.run(false, args, args.length); + } } catch (ex) { - Cu.reportError(ex); + console.error(ex); return; } diff -r cb6f01567cf8 -r e69790650e3c mozilla-bmo1568145.patch --- a/mozilla-bmo1568145.patch Sun Jan 15 22:34:49 2023 +0100 +++ b/mozilla-bmo1568145.patch Mon Feb 13 22:24:53 2023 +0100 @@ -10,25 +10,25 @@ diff --git a/python/mozbuild/mozbuild/action/langpack_manifest.py b/python/mozbuild/mozbuild/action/langpack_manifest.py --- a/python/mozbuild/mozbuild/action/langpack_manifest.py +++ b/python/mozbuild/mozbuild/action/langpack_manifest.py -@@ -11,16 +11,17 @@ - from __future__ import absolute_import, print_function, unicode_literals +@@ -15,16 +15,17 @@ from __future__ import absolute_import, import argparse - import sys - import os - import json + import datetime import io - import datetime + import json + import logging + import os + import sys +import time - import requests + + import fluent.syntax.ast as FTL + import mozpack.path as mozpath import mozversioncontrol - import mozpack.path as mozpath - from mozpack.chrome.manifest import ( - Manifest, - ManifestLocale, - parse_manifest, - ) -@@ -100,17 +101,17 @@ def get_dt_from_hg(path): + import requests + from fluent.syntax.parser import FluentParser + from mozbuild.configure.util import Version + from mozpack.chrome.manifest import Manifest, ManifestLocale, parse_manifest +@@ -102,17 +103,17 @@ def get_dt_from_hg(path): # ts == "20170914215617" ### def get_timestamp_for_locale(path): @@ -45,5 +45,5 @@ ### - # Parses multiple defines files into a single key-value pair object. - # + # Parses an FTL file into a key-value pair object. + # Does not support attributes, terms, variables, functions or selectors; diff -r cb6f01567cf8 -r e69790650e3c mozilla-kde.patch --- a/mozilla-kde.patch Sun Jan 15 22:34:49 2023 +0100 +++ b/mozilla-kde.patch Mon Feb 13 22:24:53 2023 +0100 @@ -3,7 +3,7 @@ # Date 1559294891 -7200 # Fri May 31 11:28:11 2019 +0200 # Node ID c2aa7198fb925e7fde96abf65b6f68b9b755f112 -# Parent e8919158faed3f4a08289fb293dd87ce56bdcc4d +# Parent a6ee87356867ce6ed5b0be1ba2c2690a488beb55 Description: Add KDE integration to Firefox (toolkit parts) Author: Wolfgang Rosenauer Author: Lubos Lunak @@ -13,9 +13,9 @@ diff --git a/modules/libpref/Preferences.cpp b/modules/libpref/Preferences.cpp --- a/modules/libpref/Preferences.cpp +++ b/modules/libpref/Preferences.cpp -@@ -89,16 +89,17 @@ - #include "PLDHashTable.h" +@@ -90,16 +90,17 @@ #include "plstr.h" + #include "prdtoa.h" #include "prlink.h" #include "xpcpublic.h" #include "js/RootingAPI.h" @@ -31,7 +31,7 @@ #ifdef MOZ_MEMORY # include "mozmemory.h" #endif -@@ -4847,16 +4848,27 @@ nsresult Preferences::InitInitialObjects +@@ -4878,16 +4879,27 @@ nsresult Preferences::InitInitialObjects "unix.js" # if defined(_AIX) , @@ -59,7 +59,7 @@ #if defined(MOZ_WIDGET_GTK) // Under Flatpak/Snap package, load /etc/firefox/defaults/pref/*.js. -@@ -4938,17 +4950,17 @@ nsresult Preferences::InitInitialObjects +@@ -4969,17 +4981,17 @@ nsresult Preferences::InitInitialObjects } nsCOMPtr path = do_QueryInterface(elem); @@ -790,7 +790,7 @@ diff --git a/uriloader/exthandler/moz.build b/uriloader/exthandler/moz.build --- a/uriloader/exthandler/moz.build +++ b/uriloader/exthandler/moz.build -@@ -78,17 +78,19 @@ elif CONFIG["MOZ_WIDGET_TOOLKIT"] == "ui +@@ -81,17 +81,19 @@ elif CONFIG["MOZ_WIDGET_TOOLKIT"] == "ui else: # These files can't be built in unified mode because they redefine LOG. SOURCES += [ @@ -810,7 +810,7 @@ ] elif CONFIG["MOZ_WIDGET_TOOLKIT"] == "windows": UNIFIED_SOURCES += [ -@@ -126,16 +128,17 @@ include("/ipc/chromium/chromium-config.m +@@ -129,16 +131,17 @@ include("/ipc/chromium/chromium-config.m FINAL_LIBRARY = "xul" LOCAL_INCLUDES += [ @@ -1807,7 +1807,7 @@ # include "prmem.h" # include "plbase64.h" -@@ -2094,20 +2095,29 @@ nsLocalFile::SetPersistentDescriptor(con +@@ -2157,20 +2158,29 @@ nsLocalFile::SetPersistentDescriptor(con NS_IMETHODIMP nsLocalFile::Reveal() { @@ -1839,7 +1839,7 @@ ::CFRelease(url); return rv; } -@@ -2119,16 +2129,23 @@ nsLocalFile::Reveal() { +@@ -2182,16 +2192,23 @@ nsLocalFile::Reveal() { NS_IMETHODIMP nsLocalFile::Launch() { diff -r cb6f01567cf8 -r e69790650e3c mozilla-pgo.patch --- a/mozilla-pgo.patch Sun Jan 15 22:34:49 2023 +0100 +++ b/mozilla-pgo.patch Mon Feb 13 22:24:53 2023 +0100 @@ -1,6 +1,6 @@ # HG changeset patch # User Wolfgang Rosenauer -# Parent 02ffee15578fd4dc2dd5ade32e7dab907d633b0d +# Parent 855b1f176633af8ae11c0d791c8b33e9a2ae88e0 diff --git a/build/moz.configure/lto-pgo.configure b/build/moz.configure/lto-pgo.configure --- a/build/moz.configure/lto-pgo.configure @@ -48,20 +48,20 @@ +++ b/build/pgo/profileserver.py @@ -6,17 +6,17 @@ + import glob import json import os + import subprocess import sys - import glob - import subprocess import mozcrash --from mozbuild.base import MozbuildObject, BinaryNotFoundException -+from mozbuild.base import MozbuildObject, BinaryNotFoundException, BuildEnvironmentNotFoundException +-from mozbuild.base import BinaryNotFoundException, MozbuildObject ++from mozbuild.base import BinaryNotFoundException, MozbuildObject, BuildEnvironmentNotFoundException from mozfile import TemporaryDirectory from mozhttpd import MozHttpd from mozprofile import FirefoxProfile, Preferences from mozprofile.permissions import ServerLocations - from mozrunner import FirefoxRunner, CLI + from mozrunner import CLI, FirefoxRunner from six import string_types PORT = 8888 @@ -101,7 +101,7 @@ base_profiles = json.load(fh)["profileserver"] prefpaths = [ -@@ -207,16 +220,20 @@ if __name__ == "__main__": +@@ -208,16 +221,20 @@ if __name__ == "__main__": # Try to move the crash reports to the artifacts even if Firefox appears # to exit successfully, in case there's a crash that doesn't set the @@ -166,7 +166,7 @@ diff --git a/toolkit/components/terminator/nsTerminator.cpp b/toolkit/components/terminator/nsTerminator.cpp --- a/toolkit/components/terminator/nsTerminator.cpp +++ b/toolkit/components/terminator/nsTerminator.cpp -@@ -461,16 +461,21 @@ void nsTerminator::StartWatchdog() { +@@ -455,16 +455,21 @@ void nsTerminator::StartWatchdog() { // Defend against overflow crashAfterMS = INT32_MAX; } else { diff -r cb6f01567cf8 -r e69790650e3c mozilla-silence-no-return-type.patch --- a/mozilla-silence-no-return-type.patch Sun Jan 15 22:34:49 2023 +0100 +++ b/mozilla-silence-no-return-type.patch Mon Feb 13 22:24:53 2023 +0100 @@ -1,10 +1,10 @@ # HG changeset patch -# Parent b1cfd1fa113437854cff1f201e2e9721104d2f61 +# Parent 9d5642506b3a46c3bb28c659173d7055c9674c77 diff --git a/Cargo.lock b/Cargo.lock --- a/Cargo.lock +++ b/Cargo.lock -@@ -2318,18 +2318,16 @@ name = "glsl-to-cxx" +@@ -2348,18 +2348,16 @@ name = "glsl-to-cxx" version = "0.1.0" dependencies = [ "glsl", @@ -26,7 +26,7 @@ diff --git a/Cargo.toml b/Cargo.toml --- a/Cargo.toml +++ b/Cargo.toml -@@ -151,16 +151,17 @@ async-task = { git = "https://github.com +@@ -154,16 +154,17 @@ async-task = { git = "https://github.com chardetng = { git = "https://github.com/hsivonen/chardetng", rev="3484d3e3ebdc8931493aa5df4d7ee9360a90e76b" } chardetng_c = { git = "https://github.com/hsivonen/chardetng_c", rev="ed8a4c6f900a90d4dbc1d64b856e61490a1c3570" } coremidi = { git = "https://github.com/chris-zen/coremidi.git", rev="fc68464b5445caf111e41f643a2e69ccce0b4f83" } @@ -38,12 +38,12 @@ +glslopt = { path = "third_party/rust/glslopt/" } # application-services overrides to make updating them all simpler. - interrupt-support = { git = "https://github.com/mozilla/application-services", rev = "b09ffe23ee60a066176e5d7f9f2c6cd95c528ceb" } - sql-support = { git = "https://github.com/mozilla/application-services", rev = "b09ffe23ee60a066176e5d7f9f2c6cd95c528ceb" } - sync15 = { git = "https://github.com/mozilla/application-services", rev = "b09ffe23ee60a066176e5d7f9f2c6cd95c528ceb" } - tabs = { git = "https://github.com/mozilla/application-services", rev = "b09ffe23ee60a066176e5d7f9f2c6cd95c528ceb" } - viaduct = { git = "https://github.com/mozilla/application-services", rev = "b09ffe23ee60a066176e5d7f9f2c6cd95c528ceb" } - webext-storage = { git = "https://github.com/mozilla/application-services", rev = "b09ffe23ee60a066176e5d7f9f2c6cd95c528ceb" } + interrupt-support = { git = "https://github.com/mozilla/application-services", rev = "d7dbd32fa379ad46820476222f4d2aeaed2d7175" } + sql-support = { git = "https://github.com/mozilla/application-services", rev = "d7dbd32fa379ad46820476222f4d2aeaed2d7175" } + sync15 = { git = "https://github.com/mozilla/application-services", rev = "d7dbd32fa379ad46820476222f4d2aeaed2d7175" } + tabs = { git = "https://github.com/mozilla/application-services", rev = "d7dbd32fa379ad46820476222f4d2aeaed2d7175" } + viaduct = { git = "https://github.com/mozilla/application-services", rev = "d7dbd32fa379ad46820476222f4d2aeaed2d7175" } + webext-storage = { git = "https://github.com/mozilla/application-services", rev = "d7dbd32fa379ad46820476222f4d2aeaed2d7175" } diff --git a/gfx/skia/skia/include/codec/SkEncodedOrigin.h b/gfx/skia/skia/include/codec/SkEncodedOrigin.h --- a/gfx/skia/skia/include/codec/SkEncodedOrigin.h +++ b/gfx/skia/skia/include/codec/SkEncodedOrigin.h @@ -1985,10 +1985,10 @@ diff --git a/third_party/libwebrtc/api/video/video_frame_buffer.cc b/third_party/libwebrtc/api/video/video_frame_buffer.cc --- a/third_party/libwebrtc/api/video/video_frame_buffer.cc +++ b/third_party/libwebrtc/api/video/video_frame_buffer.cc -@@ -87,16 +87,18 @@ const char* VideoFrameBufferTypeToString - return "kI422"; - case VideoFrameBuffer::Type::kI010: +@@ -94,16 +94,18 @@ const char* VideoFrameBufferTypeToString return "kI010"; + case VideoFrameBuffer::Type::kI210: + return "kI210"; case VideoFrameBuffer::Type::kNV12: return "kNV12"; default: @@ -2007,7 +2007,7 @@ diff --git a/third_party/libwebrtc/api/video_codecs/video_codec.cc b/third_party/libwebrtc/api/video_codecs/video_codec.cc --- a/third_party/libwebrtc/api/video_codecs/video_codec.cc +++ b/third_party/libwebrtc/api/video_codecs/video_codec.cc -@@ -117,16 +117,17 @@ const char* CodecTypeToPayloadString(Vid +@@ -113,16 +113,17 @@ const char* CodecTypeToPayloadString(Vid case kVideoCodecH264: return kPayloadNameH264; case kVideoCodecMultiplex: @@ -2223,7 +2223,7 @@ diff --git a/third_party/libwebrtc/modules/audio_processing/audio_processing_impl.cc b/third_party/libwebrtc/modules/audio_processing/audio_processing_impl.cc --- a/third_party/libwebrtc/modules/audio_processing/audio_processing_impl.cc +++ b/third_party/libwebrtc/modules/audio_processing/audio_processing_impl.cc -@@ -116,16 +116,17 @@ GainControl::Mode Agc1ConfigModeToInterf +@@ -114,16 +114,17 @@ GainControl::Mode Agc1ConfigModeToInterf case Agc1Config::kAdaptiveAnalog: return GainControl::kAdaptiveAnalog; case Agc1Config::kAdaptiveDigital: @@ -2241,7 +2241,7 @@ // Maximum lengths that frame of samples being passed from the render side to // the capture side can have (does not apply to AEC3). -@@ -1921,16 +1922,17 @@ void AudioProcessingImpl::InitializeNois +@@ -1955,16 +1956,17 @@ void AudioProcessingImpl::InitializeNois case NoiseSuppresionConfig::kModerate: return NsConfig::SuppressionLevel::k12dB; case NoiseSuppresionConfig::kHigh: @@ -2312,7 +2312,7 @@ diff --git a/third_party/libwebrtc/modules/rtp_rtcp/source/rtp_sender.cc b/third_party/libwebrtc/modules/rtp_rtcp/source/rtp_sender.cc --- a/third_party/libwebrtc/modules/rtp_rtcp/source/rtp_sender.cc +++ b/third_party/libwebrtc/modules/rtp_rtcp/source/rtp_sender.cc -@@ -132,16 +132,17 @@ bool IsNonVolatile(RTPExtensionType type +@@ -137,16 +137,17 @@ bool IsNonVolatile(RTPExtensionType type #if defined(WEBRTC_MOZILLA_BUILD) case kRtpExtensionCsrcAudioLevel: // TODO: Mozilla implement for CsrcAudioLevel @@ -2333,7 +2333,7 @@ diff --git a/third_party/libwebrtc/modules/rtp_rtcp/source/rtp_sender_audio.cc b/third_party/libwebrtc/modules/rtp_rtcp/source/rtp_sender_audio.cc --- a/third_party/libwebrtc/modules/rtp_rtcp/source/rtp_sender_audio.cc +++ b/third_party/libwebrtc/modules/rtp_rtcp/source/rtp_sender_audio.cc -@@ -42,16 +42,17 @@ const char* FrameTypeToString(AudioFrame +@@ -40,16 +40,17 @@ namespace { case AudioFrameType::kEmptyFrame: return "empty"; case AudioFrameType::kAudioFrameSpeech: @@ -2344,13 +2344,13 @@ RTC_CHECK_NOTREACHED(); + return ""; } - #endif constexpr char kIncludeCaptureClockOffset[] = "WebRTC-IncludeCaptureClockOffset"; } // namespace + RTPSenderAudio::RTPSenderAudio(Clock* clock, RTPSender* rtp_sender) diff --git a/third_party/libwebrtc/modules/video_coding/codecs/vp8/temporal_layers_checker.cc b/third_party/libwebrtc/modules/video_coding/codecs/vp8/temporal_layers_checker.cc --- a/third_party/libwebrtc/modules/video_coding/codecs/vp8/temporal_layers_checker.cc +++ b/third_party/libwebrtc/modules/video_coding/codecs/vp8/temporal_layers_checker.cc diff -r cb6f01567cf8 -r e69790650e3c series --- a/series Sun Jan 15 22:34:49 2023 +0100 +++ b/series Mon Feb 13 22:24:53 2023 +0100 @@ -22,7 +22,6 @@ one_swizzle_to_rule_them_all.patch svg-rendering.patch mozilla-buildfixes.patch -mozilla-bmo1805809.patch # Firefox patches firefox-kde.patch