--- a/MozillaFirefox/MozillaFirefox.changes Sat Feb 05 15:04:53 2022 +0100
+++ b/MozillaFirefox/MozillaFirefox.changes Wed Mar 02 15:34:50 2022 +0100
@@ -1,10 +1,91 @@
-------------------------------------------------------------------
+Fri Feb 18 20:38:22 UTC 2022 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- Mozilla Firefox 97.0.1
+ * Fixed: Fixed an issue where TikTok videos would fail to load
+ when selected from a user's profile page (bmo#1750973)
+ * Fixed: Fixed an issue which led to Picture-in-Picture mode
+ being unable to be toggled on Hulu (bmo#1753401)
+ * Fixed: Works around problems with WebRoot SecureAnywhere
+ antivirus rendering Firefox unusable in some situations
+ (bmo#1752466)
+ * Fixed: Fixed an issue causing users to see the Restore
+ Session screen unexpectedly when starting Firefox
+ (bmo#1749996)
+
+-------------------------------------------------------------------
+Mon Feb 14 19:31:29 UTC 2022 - Luciano Santos <luc14n0@opensuse.org>
+
+- Remove bashisms ("source" and "function" keywords) from
+ mozilla.sh.in to ally with the #!/bin/sh shebang. If the end user
+ has either dash-sh package or busybox-sh to handle Bourn Shell
+ scripts rather than having bash-sh package, the script would
+ fail. Using "." instead of "source" and "create_langpack_link()"
+ function definition is enough to keep both sides sane,
+ behavior-wise.
+
+-------------------------------------------------------------------
+Tue Feb 8 08:40:45 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Firefox 97.0
+ MFSA 2022-04 (bsc#1195682)
+ * CVE-2022-22753 (bmo#1732435)
+ Privilege Escalation to SYSTEM on Windows via Maintenance Service
+ * CVE-2022-22754 (bmo#1750565)
+ Extensions could have bypassed permission confirmation during update
+ * CVE-2022-22755 (bmo#1309630)
+ XSL could have allowed JavaScript execution after a tab was closed
+ * CVE-2022-22756 (bmo#1317873)
+ Drag and dropping an image could have resulted in the dropped
+ object being an executable
+ * CVE-2022-22757 (bmo#1720098)
+ Remote Agent did not prevent local websites from connecting
+ * CVE-2022-22758 (bmo#1728742)
+ tel: links could have sent USSD codes to the dialer on
+ Firefox for Android
+ * CVE-2022-22759 (bmo#1739957)
+ Sandboxed iframes could have executed script if the parent
+ appended elements
+ * CVE-2022-22760 (bmo#1740985, bmo#1748503)
+ Cross-Origin responses could be distinguished between script
+ and non-script content-types
+ * CVE-2022-22761 (bmo#1745566)
+ frame-ancestors Content Security Policy directive was not
+ enforced for framed extension pages
+ * CVE-2022-22762 (bmo#1743931)
+ JavaScript Dialogs could have been displayed over other
+ domains on Firefox for Android
+ * CVE-2022-22764 (bmo#1742682, bmo#1744165, bmo#1746545,
+ bmo#1748210, bmo#1748279)
+ Memory safety bugs fixed in Firefox 97 and Firefox ESR 91.6
+ * CVE-2022-0511 (bmo#1713579, bmo#1735448, bmo#1743821, bmo#1746313,
+ bmo#1746314, bmo#1746316, bmo#1746321, bmo#1746322, bmo#1746323,
+ bmo#1746412, bmo#1746430, bmo#1746451, bmo#1746488, bmo#1746875,
+ bmo#1746898, bmo#1746905, bmo#1746907, bmo#1746917, bmo#1747128,
+ bmo#1747137, bmo#1747331, bmo#1747346, bmo#1747439, bmo#1747457,
+ bmo#1747870, bmo#1749051, bmo#1749274, bmo#1749831)
+ Memory safety bugs fixed in Firefox 97
+- requires NSS 3.74
+- requires rust 1.57
+
+-------------------------------------------------------------------
+Mon Feb 7 22:21:29 UTC 2022 - Dirk Müller <dmueller@suse.com>
+
+- remove memoryperjob and use %limit instead. this allows to
+ adapt to more worker types, and lowers the time the package
+ is stuck in "scheduling". raising memory above 8 to lower
+ risk for LTO jobs to run OOM
+- add hack to disable -Wl,--gc-section which avoids a binutils
+ segfault on x86
+- change mozilla-reduce-rust-debuginfo.patch: use -g1 everywhere
+
+-------------------------------------------------------------------
Sun Jan 30 23:58:34 UTC 2022 - Dirk Müller <dmueller@suse.com>
-- disable ccache, this adds about 1 minute of build time and
+- disable ccache, this adds about 1 minute of build time and
over 2 GB of disk space usage without benefit on OBS builds
- build with rust-simd like upstream does
-- use -g1 for debuginfo generation as this is what upstream
+- use -g1 for debuginfo generation as this is what upstream
does as well and it saves ~ 2GB of writes
- use %limit on x86_64 to scale down to less capable workers
- disable install stripping so that debuginfo is useful
--- a/MozillaFirefox/MozillaFirefox.spec Sat Feb 05 15:04:53 2022 +0100
+++ b/MozillaFirefox/MozillaFirefox.spec Wed Mar 02 15:34:50 2022 +0100
@@ -2,7 +2,7 @@
# spec file
#
# Copyright (c) 2022 SUSE LLC
-# 2006-2021 Wolfgang Rosenauer <wr@rosenauer.org>
+# 2006-2022 Wolfgang Rosenauer <wr@rosenauer.org>
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -28,9 +28,9 @@
# orig_suffix b3
# major 69
# mainver %major.99
-%define major 96
-%define mainver %major.0.3
-%define orig_version 96.0.3
+%define major 97
+%define mainver %major.0.1
+%define orig_version 97.0.1
%define orig_suffix %{nil}
%define update_channel release
%define branding 1
@@ -97,13 +97,13 @@
BuildRequires: gcc-c++
%endif
%if 0%{?suse_version} < 1550 && 0%{?sle_version} < 150300
-BuildRequires: cargo >= 1.53
-BuildRequires: rust >= 1.53
+BuildRequires: cargo >= 1.57
+BuildRequires: rust >= 1.57
%else
# Newer sle/leap/tw use parallel versioned rust releases which have
# a different method for provides that we can use to request a
# specific version
-BuildRequires: rust+cargo >= 1.53
+BuildRequires: rust+cargo >= 1.57
%endif
%if 0%{useccache} != 0
BuildRequires: ccache
@@ -114,7 +114,7 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.33
-BuildRequires: mozilla-nss-devel >= 3.73.1
+BuildRequires: mozilla-nss-devel >= 3.74
BuildRequires: nasm >= 2.14
BuildRequires: nodejs >= 10.22.1
%if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000
@@ -381,6 +381,8 @@
%ifarch %arm %ix86
# Limit RAM usage during link
export LDFLAGS="${LDFLAGS} -Wl,--no-keep-memory -Wl,--reduce-memory-overheads"
+# A lie to prevent -Wl,--gc-sections being set which requires more memory than 32bit can offer
+export GC_SECTIONS_BREAKS_DEBUG_RANGES=yes
%endif
export LDFLAGS="${LDFLAGS} -fPIC -Wl,-z,relro,-z,now"
%ifarch ppc64 ppc64le
@@ -408,9 +410,7 @@
echo ""
cat << EOF
%else
-%ifarch aarch64 ppc64 ppc64le x86_64
-%limit_build -m 2048
-%endif
+%limit_build -m 2560
cat << EOF > $MOZCONFIG
%endif
mk_add_options MOZILLA_OFFICIAL=1
@@ -433,8 +433,8 @@
ac_add_options --disable-debug-symbols
%else
ac_add_options --enable-debug-symbols=-g1
+%endif
ac_add_options --disable-install-strip
-%endif
# building with elf-hack started to fail everywhere with FF73
#%if 0%{?suse_version} > 1549
%ifnarch aarch64 ppc64 ppc64le s390x
--- a/MozillaFirefox/_constraints Sat Feb 05 15:04:53 2022 +0100
+++ b/MozillaFirefox/_constraints Wed Mar 02 15:34:50 2022 +0100
@@ -3,14 +3,11 @@
<hardware>
<jobs>4</jobs>
<disk>
- <size unit="G">24</size>
+ <size unit="G">26</size>
</disk>
<physicalmemory>
- <size unit="G">8</size>
+ <size unit="G">15</size>
</physicalmemory>
- <memoryperjob>
- <size unit="M">1536</size>
- </memoryperjob>
</hardware>
<overwrite>
<conditions>
@@ -26,4 +23,17 @@
</physicalmemory>
</hardware>
</overwrite>
+ <!-- LTO disabled - less RAM -->
+ <overwrite>
+ <conditions>
+ <arch>aarch64</arch>
+ <arch>ppc64le</arch>
+ <arch>s390x</arch>
+ </conditions>
+ <hardware>
+ <physicalmemory>
+ <size unit="G">8</size>
+ </physicalmemory>
+ </hardware>
+ </overwrite>
</constraints>
--- a/MozillaFirefox/mozilla.sh.in Sat Feb 05 15:04:53 2022 +0100
+++ b/MozillaFirefox/mozilla.sh.in Wed Mar 02 15:34:50 2022 +0100
@@ -100,7 +100,7 @@
fi
# xinput2 (boo#1173320)
-source /etc/os-release
+. /etc/os-release
if [ "$ID" = "opensuse-tumbleweed" ]; then
export MOZ_USE_XINPUT2=1
fi
@@ -151,7 +151,7 @@
# Try with a local variant first, then without a local variant
SHORTMOZLOCALE=`echo $CURRENT_LOCALE | sed "s|_\([^.]*\).*||g" | sed "s|\..*||g"`
MOZLOCALE=`echo $CURRENT_LOCALE | sed "s|_\([^.]*\).*|-\1|g" | sed "s|\..*||g"`
- function create_langpack_link() {
+ create_langpack_link() {
local language=$*
local langpack=langpack-${language}@firefox.mozilla.org.xpi
if [ -f $MOZ_LANGPACKS_DIR/$langpack ]; then
--- a/MozillaFirefox/tar_stamps Sat Feb 05 15:04:53 2022 +0100
+++ b/MozillaFirefox/tar_stamps Wed Mar 02 15:34:50 2022 +0100
@@ -1,10 +1,10 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="96.0.3"
+VERSION="97.0.1"
VERSION_SUFFIX=""
-PREV_VERSION="96.0.2"
+PREV_VERSION="97.0"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release"
-RELEASE_TAG="08a730393ae6e9e8f7096f1a040dc66948f245b1"
-RELEASE_TIMESTAMP="20220126154723"
+RELEASE_TAG="0f0ba6e8029d8148743c4aa50c2be4c4c643f8a4"
+RELEASE_TIMESTAMP="20220216172458"
--- a/mozilla-kde.patch Sat Feb 05 15:04:53 2022 +0100
+++ b/mozilla-kde.patch Wed Mar 02 15:34:50 2022 +0100
@@ -3,7 +3,7 @@
# Date 1559294891 -7200
# Fri May 31 11:28:11 2019 +0200
# Node ID c2aa7198fb925e7fde96abf65b6f68b9b755f112
-# Parent 9db1669be16001a48b62d147070fb75f60bac251
+# Parent 8d1110b6918acc4e7d3f655d1e55f4b4ff630abe
Description: Add KDE integration to Firefox (toolkit parts)
Author: Wolfgang Rosenauer <wolfgang@rosenauer.org>
Author: Lubos Lunak <lunak@suse.com>
@@ -31,7 +31,7 @@
#ifdef MOZ_MEMORY
# include "mozmemory.h"
#endif
-@@ -4635,16 +4636,27 @@ nsresult Preferences::InitInitialObjects
+@@ -4634,16 +4635,27 @@ nsresult Preferences::InitInitialObjects
"unix.js"
# if defined(_AIX)
,
@@ -59,7 +59,7 @@
// Load jar:$app/omni.jar!/defaults/preferences/*.js
// or jar:$gre/omni.jar!/defaults/preferences/*.js.
-@@ -4709,17 +4721,17 @@ nsresult Preferences::InitInitialObjects
+@@ -4708,17 +4720,17 @@ nsresult Preferences::InitInitialObjects
}
nsCOMPtr<nsIFile> path = do_QueryInterface(elem);
@@ -81,7 +81,7 @@
diff --git a/modules/libpref/moz.build b/modules/libpref/moz.build
--- a/modules/libpref/moz.build
+++ b/modules/libpref/moz.build
-@@ -119,16 +119,20 @@ EXPORTS.mozilla += [
+@@ -118,16 +118,20 @@ EXPORTS.mozilla += [
]
EXPORTS.mozilla += sorted(["!" + g for g in gen_h])
@@ -147,7 +147,7 @@
diff --git a/toolkit/components/downloads/moz.build b/toolkit/components/downloads/moz.build
--- a/toolkit/components/downloads/moz.build
+++ b/toolkit/components/downloads/moz.build
-@@ -45,10 +45,14 @@ XPCOM_MANIFESTS += [
+@@ -46,10 +46,14 @@ XPCOM_MANIFESTS += [
if CONFIG["MOZ_PLACES"]:
EXTRA_JS_MODULES += [
@@ -165,7 +165,7 @@
diff --git a/toolkit/mozapps/downloads/HelperAppDlg.jsm b/toolkit/mozapps/downloads/HelperAppDlg.jsm
--- a/toolkit/mozapps/downloads/HelperAppDlg.jsm
+++ b/toolkit/mozapps/downloads/HelperAppDlg.jsm
-@@ -1231,36 +1231,66 @@ nsUnknownContentTypeDialog.prototype = {
+@@ -1252,36 +1252,66 @@ nsUnknownContentTypeDialog.prototype = {
params.handlerApp &&
params.handlerApp.executable &&
params.handlerApp.executable.isFile()
@@ -841,11 +841,11 @@
]
if CONFIG["MOZ_ENABLE_DBUS"]:
- CXXFLAGS += CONFIG["TK_CFLAGS"]
CXXFLAGS += CONFIG["MOZ_DBUS_CFLAGS"]
if CONFIG["MOZ_WIDGET_TOOLKIT"] == "gtk":
- CXXFLAGS += CONFIG["TK_CFLAGS"]
+ CXXFLAGS += CONFIG["MOZ_GTK3_CFLAGS"]
+ CXXFLAGS += CONFIG["MOZ_DBUS_GLIB_CFLAGS"]
diff --git a/uriloader/exthandler/unix/nsCommonRegistry.cpp b/uriloader/exthandler/unix/nsCommonRegistry.cpp
new file mode 100644
--- /dev/null
@@ -1260,7 +1260,7 @@
diff --git a/widget/gtk/moz.build b/widget/gtk/moz.build
--- a/widget/gtk/moz.build
+++ b/widget/gtk/moz.build
-@@ -135,16 +135,17 @@ FINAL_LIBRARY = "xul"
+@@ -136,16 +136,17 @@ FINAL_LIBRARY = "xul"
LOCAL_INCLUDES += [
"/layout/base",
@@ -1317,7 +1317,7 @@
# include "Units.h"
extern mozilla::LazyLogModule gWidgetLog;
# define LOG(args) MOZ_LOG(gWidgetLog, mozilla::LogLevel::Debug, args)
-@@ -242,17 +245,19 @@ nsFilePicker::AppendFilters(int32_t aFil
+@@ -236,17 +239,19 @@ nsFilePicker::AppendFilters(int32_t aFil
mAllowURLs = !!(aFilterMask & filterAllowURLs);
return nsBaseFilePicker::AppendFilters(aFilterMask);
}
@@ -1338,7 +1338,7 @@
mFilters.AppendElement(filter);
mFilterNames.AppendElement(name);
-@@ -352,16 +357,39 @@ nsresult nsFilePicker::Show(int16_t* aRe
+@@ -346,16 +351,39 @@ nsresult nsFilePicker::Show(int16_t* aRe
return NS_OK;
}
@@ -1378,7 +1378,7 @@
GtkFileChooserAction action = GetGtkFileChooserAction(mMode);
const gchar* accept_button;
-@@ -581,16 +609,244 @@ void nsFilePicker::Done(void* file_choos
+@@ -575,16 +603,244 @@ void nsFilePicker::Done(void* file_choos
mCallback->Done(result);
mCallback = nullptr;
} else {
@@ -1796,7 +1796,7 @@
]
if CONFIG["MOZ_WIDGET_TOOLKIT"] == "gtk":
- CXXFLAGS += CONFIG["TK_CFLAGS"]
+ CXXFLAGS += CONFIG["MOZ_GTK3_CFLAGS"]
if CONFIG["MOZ_ENABLE_DBUS"]:
CXXFLAGS += CONFIG["MOZ_DBUS_GLIB_CFLAGS"]
@@ -1804,7 +1804,7 @@
diff --git a/xpcom/io/nsLocalFileUnix.cpp b/xpcom/io/nsLocalFileUnix.cpp
--- a/xpcom/io/nsLocalFileUnix.cpp
+++ b/xpcom/io/nsLocalFileUnix.cpp
-@@ -53,16 +53,17 @@
+@@ -54,16 +54,17 @@
#include "prproces.h"
#include "nsIDirectoryEnumerator.h"
#include "nsSimpleEnumerator.h"
@@ -1822,7 +1822,7 @@
# include "prmem.h"
# include "plbase64.h"
-@@ -2025,62 +2026,77 @@ nsLocalFile::SetPersistentDescriptor(con
+@@ -2071,62 +2072,77 @@ nsLocalFile::SetPersistentDescriptor(con
NS_IMETHODIMP
nsLocalFile::Reveal() {
--- a/mozilla-reduce-rust-debuginfo.patch Sat Feb 05 15:04:53 2022 +0100
+++ b/mozilla-reduce-rust-debuginfo.patch Wed Mar 02 15:34:50 2022 +0100
@@ -1,28 +1,11 @@
-diff --git a/build/moz.configure/rust.configure b/build/moz.configure/rust.configure
---- a/build/moz.configure/rust.configure
-+++ b/build/moz.configure/rust.configure
-@@ -610,6 +610,7 @@ set_config("CARGO_PROFILE_DEV_OPT_LEVEL"
- "--enable-frame-pointers",
- path_remapping,
- path_remappings,
-+ host
- )
- def rust_compile_flags(
- opt_level,
-@@ -619,6 +620,7 @@ def rust_compile_flags(
- frame_pointers,
- path_remapping,
- path_remappings,
-+ host
- ):
- # Cargo currently supports only two interesting profiles for building:
- # development and release. Those map (roughly) to --enable-debug and
-@@ -642,6 +644,8 @@ def rust_compile_flags(
+--- firefox-96.0.3.orig/build/moz.configure/rust.configure
++++ firefox-96.0.3/build/moz.configure/rust.configure
+@@ -641,7 +643,7 @@ def rust_compile_flags(
+ debug_assertions = False
if debug_symbols:
- debug_info = "2"
-+ if host.bitness == 32 or host.cpu == 'aarch64' or host.cpu == 'ppc64' or host.cpu == 's390x':
-+ debug_info = '1'
+- debug_info = "2"
++ debug_info = '1'
opts = []
--- a/mozilla-silence-no-return-type.patch Sat Feb 05 15:04:53 2022 +0100
+++ b/mozilla-silence-no-return-type.patch Wed Mar 02 15:34:50 2022 +0100
@@ -1,10 +1,10 @@
# HG changeset patch
-# Parent 9b29b6b7548b93a599167774e747f6e0661cfbe1
+# Parent 216843712d6d6cd9d5bd519f6ef564d00406b43f
diff --git a/Cargo.lock b/Cargo.lock
--- a/Cargo.lock
+++ b/Cargo.lock
-@@ -2078,18 +2078,16 @@ name = "glsl-to-cxx"
+@@ -2165,18 +2165,16 @@ name = "glsl-to-cxx"
version = "0.1.0"
dependencies = [
"glsl",
@@ -26,24 +26,21 @@
diff --git a/Cargo.toml b/Cargo.toml
--- a/Cargo.toml
+++ b/Cargo.toml
-@@ -78,16 +78,17 @@ opt-level = 2
- opt-level = 2
-
- [patch.crates-io]
- chardetng = { git = "https://github.com/hsivonen/chardetng", rev="302c995f91f44cf26e77dc4758ad56c3ff0153ad" }
+@@ -102,13 +102,13 @@ moz_asserts = { path = "mozglue/static/r
+ # Other overrides
+ chardetng = { git = "https://github.com/hsivonen/chardetng", rev="3484d3e3ebdc8931493aa5df4d7ee9360a90e76b" }
chardetng_c = { git = "https://github.com/hsivonen/chardetng_c", rev="ed8a4c6f900a90d4dbc1d64b856e61490a1c3570" }
+ coremidi = { git = "https://github.com/chris-zen/coremidi.git", rev="fc68464b5445caf111e41f643a2e69ccce0b4f83" }
libudev-sys = { path = "dom/webauthn/libudev-sys" }
packed_simd = { git = "https://github.com/hsivonen/packed_simd", rev="8b4bd7d8229660a749dbe419a57ea01df9de5453" }
+ midir = { git = "https://github.com/mozilla/midir.git", rev = "4c11f0ffb5d6a10de4aff40a7b81218b33b94e6f" }
minidump_writer_linux = { git = "https://github.com/msirringhaus/minidump_writer_linux.git", rev = "029ac0d54b237f27dc7d8d4e51bc0fb076e5e852" }
+-
+glslopt = { path = "third_party/rust/glslopt/" }
- # The following overrides point to dummy projects, as a temporary measure until this is resolved:
- # https://github.com/rust-lang/cargo/issues/6179
- js-sys = { git = "https://github.com/kvark/dummy-web" }
- slotmap = { git = "https://github.com/kvark/dummy-web" }
- wasm-bindgen = { git = "https://github.com/kvark/dummy-web" }
- web-sys = { git = "https://github.com/kvark/dummy-web" }
-
- [patch.crates-io.cranelift-codegen]
+ # Patch mio 0.6 to use winapi 0.3 and miow 0.3, getting rid of winapi 0.2.
+ # There is not going to be new version of mio 0.6, mio now being >= 0.7.11.
+ [patch.crates-io.mio]
+ path = "third_party/rust/mio-0.6.23"
diff --git a/gfx/skia/skia/include/codec/SkEncodedOrigin.h b/gfx/skia/skia/include/codec/SkEncodedOrigin.h
--- a/gfx/skia/skia/include/codec/SkEncodedOrigin.h
+++ b/gfx/skia/skia/include/codec/SkEncodedOrigin.h