--- a/MozillaFirefox/MozillaFirefox.changes Tue Jan 23 17:32:46 2024 +0100
+++ b/MozillaFirefox/MozillaFirefox.changes Thu Feb 22 20:31:18 2024 +0100
@@ -1,4 +1,77 @@
-------------------------------------------------------------------
+Tue Feb 13 21:21:15 UTC 2024 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- Mozilla Firefox 122.0.1
+ https://www.mozilla.org/en-US/firefox/122.0.1/releasenotes/
+ * Fixed the Library and Sidebar context menus only displaying
+ Multi-Account Containers icons in the "Open in New Container
+ Tab" menu. (bmo#1876518)
+ * Fixed an issue when clicking the Dismiss button in
+ notification pop-ups on Windows causing a webpage in a new tab.
+ (bmo#1848801)
+ * Fixed the yaru-remix system theme not applying correctly on
+ Linux. (bmo#1877002)
+ * Fixed adding an extra new line to a rule in the Developer
+ Tools' Inspector when copying it to the clipboard.
+ (bmo#1876220)
+ * Rolled back a keyboard behavior change made to the Developer
+ Tools' Rules view when validating a property name or input with
+ the Enter key.
+ This moves the focus to the next input, as was the behavior
+ in Firefox 121. (bmo#1877457)
+
+-------------------------------------------------------------------
+Tue Jan 30 13:51:25 UTC 2024 - Martin Sirringhaus <martin.sirringhaus@suse.com>
+
+- Recommend libfido2-udev on codestreams that exist, in order to try
+ to get security keys (e.g. Yubikeys) work out of the box. (bsc#1184272)
+
+-------------------------------------------------------------------
+Sat Jan 27 23:12:05 UTC 2024 - Andreas Schwab <schwab@suse.de>
+
+- Fix file list
+
+-------------------------------------------------------------------
+Sun Jan 21 09:16:30 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Firefox 122.0
+ https://www.mozilla.org/en-US/firefox/122.0/releasenotes/
+ MFSA 2024-01 (bsc#1218955)
+ * CVE-2024-0741 (bmo#1864587)
+ Out of bounds write in ANGLE
+ * CVE-2024-0742 (bmo#1867152)
+ Failure to update user input timestamp
+ * CVE-2024-0743 (bmo#1867408)
+ Crash in NSS TLS method
+ * CVE-2024-0744 (bmo#1871089)
+ Wild pointer dereference in JavaScript
+ * CVE-2024-0745 (bmo#1871838)
+ Stack buffer overflow in WebAudio
+ * CVE-2024-0746 (bmo#1660223)
+ Crash when listing printers on Linux
+ * CVE-2024-0747 (bmo#1764343)
+ Bypass of Content Security Policy when directive unsafe-inline was set
+ * CVE-2024-0748 (bmo#1783504)
+ Compromised content process could modify document URI
+ * CVE-2024-0749 (bmo#1813463)
+ Phishing site popup could show local origin in address bar
+ * CVE-2024-0750 (bmo#1863083)
+ Potential permissions request bypass via clickjacking
+ * CVE-2024-0751 (bmo#1865689)
+ Privilege escalation through devtools
+ * CVE-2024-0752 (bmo#1866840)
+ Use-after-free could occur when applying update on macOS
+ * CVE-2024-0753 (bmo#1870262)
+ HSTS policy on subdomain could bypass policy of upper domain
+ * CVE-2024-0754 (bmo#1871605)
+ Crash when using some WASM files in devtools
+ * CVE-2024-0755 (bmo#1868456, bmo#1871445, bmo#1873701)
+ Memory safety bugs fixed in Firefox 122, Firefox ESR 115.7,
+ and Thunderbird 115.7
+- requires NSS 3.96.1
+- rebased patches
+
+-------------------------------------------------------------------
Tue Jan 9 20:36:26 UTC 2024 - Andreas Stieger <andreas.stieger@gmx.de>
- Mozilla Firefox 121.0.1
--- a/MozillaFirefox/MozillaFirefox.spec Tue Jan 23 17:32:46 2024 +0100
+++ b/MozillaFirefox/MozillaFirefox.spec Thu Feb 22 20:31:18 2024 +0100
@@ -1,5 +1,5 @@
#
-# spec file
+# spec file for package MozillaFirefox
#
# Copyright (c) 2024 SUSE LLC
# Copyright (c) 2006-2023 Wolfgang Rosenauer <wr@rosenauer.org>
@@ -28,9 +28,9 @@
# orig_suffix b3
# major 69
# mainver %%major.99
-%define major 121
+%define major 122
%define mainver %major.0.1
-%define orig_version 121.0.1
+%define orig_version 122.0.1
%define orig_suffix %{nil}
%define update_channel release
%define branding 1
@@ -114,7 +114,7 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.35
-BuildRequires: mozilla-nss-devel >= 3.95
+BuildRequires: mozilla-nss-devel >= 3.96.1
BuildRequires: nasm >= 2.14
BuildRequires: nodejs >= 12.22.12
%if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000
@@ -235,13 +235,19 @@
%endif
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Requires(post): coreutils shared-mime-info desktop-file-utils
-Requires(postun):shared-mime-info desktop-file-utils
+Requires(postun): shared-mime-info desktop-file-utils
Requires: %{name}-branding >= 68
%requires_ge mozilla-nspr
%requires_ge mozilla-nss
%requires_ge libfreetype6
Recommends: libcanberra0
Recommends: libpulse0
+# To make security-keys (e.g. Yubikey) work with FF, it needs the udev-rules installed.
+# A clean package with the most common rules exists only in SP3 onwards. `u2f-hosts` could be used on older
+# code streams, but it contains more than just the rules, so we're not recommending it here.
+%if 0%{?suse_version} >= 1600 || 0%{?sle_version} >= 150300
+Recommends: libfido2-udev
+%endif
# addon leads to startup crash (bnc#908892)
Obsoletes: tracker-miner-firefox < 0.15
%if 0%{?devpkg} == 0
@@ -717,10 +723,8 @@
%{progdir}/*.so
%{progdir}/glxtest
%if 0%{wayland_supported}
-%ifarch %{arm} aarch64 %{ix86} x86_64
%{progdir}/vaapitest
%endif
-%endif
%ifarch aarch64 riscv64 %arm
%{progdir}/v4l2test
%endif
--- a/MozillaFirefox/mozilla.keyring Tue Jan 23 17:32:46 2024 +0100
+++ b/MozillaFirefox/mozilla.keyring Thu Feb 22 20:31:18 2024 +0100
@@ -12,8 +12,8 @@
uid [ full ] Mozilla Software Releases <release@mozilla.com>
sub rsa4096 2015-07-17 [S] [expired: 2017-07-16]
sub rsa4096 2017-06-22 [S] [expired: 2019-06-22]
-sub rsa4096 2019-05-30 [S] [expires: 2021-05-29]
-sub rsa4096 2021-05-17 [S] [expires: 2023-05-17]
+sub rsa4096 2019-05-30 [S] [expired: 2021-05-29]
+sub rsa4096 2021-05-17 [S] [expired: 2023-05-17]
sub rsa4096 2023-05-05 [S] [expires: 2025-05-04]
-----BEGIN PGP PUBLIC KEY BLOCK-----
--- a/MozillaFirefox/tar_stamps Tue Jan 23 17:32:46 2024 +0100
+++ b/MozillaFirefox/tar_stamps Thu Feb 22 20:31:18 2024 +0100
@@ -1,10 +1,10 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="121.0.1"
+VERSION="122.0.1"
VERSION_SUFFIX=""
-PREV_VERSION="121.0"
+PREV_VERSION="122.0"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release"
-RELEASE_TAG="484be1feb7138af0917df98dda85050e0a3317a8"
-RELEASE_TIMESTAMP="20240108143603"
+RELEASE_TAG="5eb7272884b4ce02cffab7900e41551608885492"
+RELEASE_TIMESTAMP="20240205133611"
--- a/firefox-branded-icons.patch Tue Jan 23 17:32:46 2024 +0100
+++ b/firefox-branded-icons.patch Thu Feb 22 20:31:18 2024 +0100
@@ -1,26 +1,35 @@
# HG changeset patch
# Parent e0751ad74e835e80041a61ea00c2a63bf6fbe2de
-# Parent fe7e6fdd75484993420740244f21b5b41d6e0fa1
+# Parent ebf6598a9309200fcea0cedb08e39161b82a73f9
-Index: firefox-115.0/browser/branding/branding-common.mozbuild
-===================================================================
---- firefox-115.0.orig/browser/branding/branding-common.mozbuild
-+++ firefox-115.0/browser/branding/branding-common.mozbuild
-@@ -30,6 +30,9 @@ def FirefoxBranding():
+diff --git a/browser/branding/branding-common.mozbuild b/browser/branding/branding-common.mozbuild
+--- a/browser/branding/branding-common.mozbuild
++++ b/browser/branding/branding-common.mozbuild
+@@ -26,12 +26,15 @@ def FirefoxBranding():
+ "PrivateBrowsing_70.png",
+ "VisualElements_150.png",
+ "VisualElements_70.png",
+ ]
+ elif CONFIG["MOZ_WIDGET_TOOLKIT"] == "gtk":
FINAL_TARGET_FILES.chrome.icons.default += [
- 'default128.png',
- 'default16.png',
-+ 'default22.png',
-+ 'default24.png',
-+ 'default256.png',
- 'default32.png',
- 'default48.png',
- 'default64.png',
-Index: firefox-115.0/browser/installer/package-manifest.in
-===================================================================
---- firefox-115.0.orig/browser/installer/package-manifest.in
-+++ firefox-115.0/browser/installer/package-manifest.in
-@@ -227,10 +227,13 @@
+ "default128.png",
+ "default16.png",
++ "default22.png",
++ "default24.png",
++ "default256.png",
+ "default32.png",
+ "default48.png",
+ "default64.png",
+ ]
+diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in
+--- a/browser/installer/package-manifest.in
++++ b/browser/installer/package-manifest.in
+@@ -216,20 +216,23 @@
+ @RESPATH@/browser/chrome/browser@JAREXT@
+ @RESPATH@/browser/chrome/browser.manifest
+ @RESPATH@/chrome/pdfjs.manifest
+ @RESPATH@/chrome/pdfjs/*
+ @RESPATH@/chrome/toolkit@JAREXT@
@RESPATH@/chrome/toolkit.manifest
#ifdef MOZ_GTK
@RESPATH@/browser/chrome/icons/default/default16.png
@@ -34,3 +43,8 @@
#endif
@RESPATH@/browser/features/*
+ ; [DevTools Startup Files]
+ @RESPATH@/browser/chrome/devtools-startup@JAREXT@
+ @RESPATH@/browser/chrome/devtools-startup.manifest
+
+ ; DevTools
--- a/firefox-kde.patch Tue Jan 23 17:32:46 2024 +0100
+++ b/firefox-kde.patch Thu Feb 22 20:31:18 2024 +0100
@@ -29,7 +29,7 @@
diff --git a/browser/components/preferences/main.js b/browser/components/preferences/main.js
--- a/browser/components/preferences/main.js
+++ b/browser/components/preferences/main.js
-@@ -291,16 +291,23 @@ var gMainPane = {
+@@ -292,16 +292,23 @@ var gMainPane = {
}, backoffTimes[this._backoffIndex + 1 < backoffTimes.length ? this._backoffIndex++ : backoffTimes.length - 1]);
};
@@ -53,15 +53,15 @@
let defaultPerformancePref = Preferences.get(
"browser.preferences.defaultPerformanceSettings.enabled"
);
-@@ -1744,16 +1751,27 @@ var gMainPane = {
- this._backoffIndex = 0;
+@@ -1753,16 +1760,27 @@ var gMainPane = {
- let shellSvc = getShellService();
- if (!shellSvc) {
- return;
- }
+ // Disable the set default button, so that the user doesn't try to hit it again
+ // while awaiting on setDefaultBrowser
+ let setDefaultButton = document.getElementById("setDefaultButton");
+ setDefaultButton.disabled = true;
+
try {
- shellSvc.setDefaultBrowser(false);
+ await shellSvc.setDefaultBrowser(false);
+ if (kde_session == 1) {
+ var shellObj = Components.classes["@mozilla.org/file/local;1"]
+ .createInstance(Components.interfaces.nsILocalFile);
@@ -76,11 +76,11 @@
} catch (ex) {
console.error(ex);
return;
+ } finally {
+ // Make sure to re-enable the default button when we're finished, regardless of the outcome
+ setDefaultButton.disabled = false;
}
- let isDefault = shellSvc.isDefaultBrowser(false, true);
- let setDefaultPane = document.getElementById("setDefaultPane");
- setDefaultPane.classList.toggle("is-default", isDefault);
diff --git a/browser/components/shell/moz.build b/browser/components/shell/moz.build
--- a/browser/components/shell/moz.build
+++ b/browser/components/shell/moz.build
--- a/mozilla-bmo1822730.patch Tue Jan 23 17:32:46 2024 +0100
+++ b/mozilla-bmo1822730.patch Thu Feb 22 20:31:18 2024 +0100
@@ -3,13 +3,18 @@
# Date 1695432215 25200
# Fri Sep 22 18:23:35 2023 -0700
# Node ID e6a8a9f0956d124e8de34eb4bcf09d8e17077d9d
-# Parent 677cbf2e64cdcd3a93e644f781be2bdc2529ba1a
+# Parent 5dbbabbfaca21d2c5994f95ed095313284611c44
Bug 1822730 - Add basic blob protocol handling for blob URIs that contain parsable http/s protocols
diff --git a/toolkit/mozapps/downloads/DownloadLastDir.sys.mjs b/toolkit/mozapps/downloads/DownloadLastDir.sys.mjs
--- a/toolkit/mozapps/downloads/DownloadLastDir.sys.mjs
+++ b/toolkit/mozapps/downloads/DownloadLastDir.sys.mjs
-@@ -221,11 +221,13 @@ export class DownloadLastDir {
+@@ -216,38 +216,49 @@ export class DownloadLastDir {
+ Services.prefs.setComplexValue(LAST_DIR_PREF, nsIFile, aFile);
+ } else if (Services.prefs.prefHasUserValue(LAST_DIR_PREF)) {
+ Services.prefs.clearUserPref(LAST_DIR_PREF);
+ }
+ }
/**
* Pre-processor to extract a domain name to be used with the content-prefs
@@ -20,12 +25,13 @@
* - all file:/// URIs share the same folder
* - data: URIs share a folder per mime-type. If a mime-type is not
* specified text/plain is assumed.
-+ * - blob: blob URIs are tested for http/https and the blob protocol
-+ * is stripped.
+ * - blob: URIs share the same folder as their origin. This is done by
+ * ContentPrefs already, so we just let the url fall-through.
* In any other case the original URL is returned as a string and ContentPrefs
* will do its usual parsing.
*
-@@ -234,6 +236,9 @@ export class DownloadLastDir {
+ * @param {string|nsIURI|URL} url The URL to parse
+ * @returns {string} the domain name to use, or the original url.
*/
#cpsGroupFromURL(url) {
if (typeof url == "string") {
@@ -35,7 +41,7 @@
url = new URL(url);
} else if (url instanceof Ci.nsIURI) {
url = URL.fromURI(url);
-@@ -241,6 +246,14 @@ export class DownloadLastDir {
+ }
if (!URL.isInstance(url)) {
return url;
}
@@ -50,3 +56,8 @@
if (url.protocol == "data:") {
return url.href.match(/^data:[^;,]*/i)[0].replace(/:$/, ":text/plain");
}
+ if (url.protocol == "file:") {
+ return "file:///";
+ }
+ return url.href;
+ }
--- a/mozilla-kde.patch Tue Jan 23 17:32:46 2024 +0100
+++ b/mozilla-kde.patch Thu Feb 22 20:31:18 2024 +0100
@@ -50,7 +50,7 @@
diff --git a/modules/libpref/Preferences.cpp b/modules/libpref/Preferences.cpp
--- a/modules/libpref/Preferences.cpp
+++ b/modules/libpref/Preferences.cpp
-@@ -91,16 +91,17 @@
+@@ -90,16 +90,17 @@
#include "PLDHashTable.h"
#include "prdtoa.h"
#include "prlink.h"
@@ -1235,7 +1235,7 @@
# include "Units.h"
extern mozilla::LazyLogModule gWidgetLog;
# define LOG(args) MOZ_LOG(gWidgetLog, mozilla::LogLevel::Debug, args)
-@@ -305,17 +308,18 @@ nsFilePicker::AppendFilters(int32_t aFil
+@@ -302,17 +305,18 @@ nsFilePicker::AppendFilters(int32_t aFil
mAllowURLs = !!(aFilterMask & filterAllowURLs);
return nsBaseFilePicker::AppendFilters(aFilterMask);
}
@@ -1255,19 +1255,18 @@
mFilters.AppendElement(filter);
mFilterNames.AppendElement(name);
-@@ -415,16 +419,41 @@ nsresult nsFilePicker::Show(nsIFilePicke
+@@ -412,16 +416,39 @@ nsresult nsFilePicker::Show(nsIFilePicke
return NS_OK;
}
NS_IMETHODIMP
nsFilePicker::Open(nsIFilePickerShownCallback* aCallback) {
// Can't show two dialogs concurrently with the same filepicker
- if (mRunning) return NS_ERROR_NOT_AVAILABLE;
+ if (mFileChooser) return NS_ERROR_NOT_AVAILABLE;
+ // KDE file picker is not handled via callback
+ if (nsKDEUtils::kdeSupport()) {
+ mCallback = aCallback;
-+ mRunning = true;
+ NS_ADDREF_THIS();
+ g_idle_add(
+ [](gpointer data) -> gboolean {
@@ -1280,7 +1279,6 @@
+ } else {
+ queuedPicker->mResult = result;
+ }
-+ queuedPicker->mRunning = false;
+ NS_RELEASE(queuedPicker);
+ return G_SOURCE_REMOVE;
+ },
@@ -1297,7 +1295,7 @@
GtkFileChooserAction action = GetGtkFileChooserAction(mMode);
const gchar* accept_button;
-@@ -696,16 +725,215 @@ void nsFilePicker::Done(void* file_choos
+@@ -703,16 +730,215 @@ void nsFilePicker::Done(void* file_choos
mCallback->Done(result);
mCallback = nullptr;
} else {
--- a/mozilla-rust-disable-future-incompat.patch Tue Jan 23 17:32:46 2024 +0100
+++ b/mozilla-rust-disable-future-incompat.patch Thu Feb 22 20:31:18 2024 +0100
@@ -1,17 +1,17 @@
# HG changeset patch
-# Parent b62ddf6a31854e9e3c22a81056d233a50b4dd5c4
+# Parent fa3b49f090f8b4a1af0510a675d2674a420fcbc6
diff --git a/Cargo.toml b/Cargo.toml
--- a/Cargo.toml
+++ b/Cargo.toml
-@@ -206,8 +206,13 @@ webext-storage = { git = "https://github
+@@ -219,8 +219,13 @@ webext-storage = { git = "https://github
path = "third_party/rust/mio-0.6.23"
[patch."https://github.com/mozilla/uniffi-rs.git"]
- uniffi = "=0.24.3"
- uniffi_bindgen = "=0.24.3"
- uniffi_build = "=0.24.3"
- uniffi_macros = "=0.24.3"
+ uniffi = "=0.25.3"
+ uniffi_bindgen = "=0.25.3"
+ uniffi_build = "=0.25.3"
+ uniffi_macros = "=0.25.3"
weedle2 = "=4.0.0"
+
+# Package code v0.1.4 uses code "that will be rejected by a future version of Rust"
--- a/mozilla-silence-no-return-type.patch Tue Jan 23 17:32:46 2024 +0100
+++ b/mozilla-silence-no-return-type.patch Thu Feb 22 20:31:18 2024 +0100
@@ -1,5 +1,5 @@
# HG changeset patch
-# Parent e7eb7e9e99204275532b04de030879c9548b88a3
+# Parent f5fd2bbd77ef4b6554a7180c9c4768e64aca3b2a
diff --git a/gfx/skia/skia/include/codec/SkEncodedOrigin.h b/gfx/skia/skia/include/codec/SkEncodedOrigin.h
--- a/gfx/skia/skia/include/codec/SkEncodedOrigin.h
@@ -526,7 +526,7 @@
diff --git a/third_party/libwebrtc/api/video_codecs/video_encoder_software_fallback_wrapper.cc b/third_party/libwebrtc/api/video_codecs/video_encoder_software_fallback_wrapper.cc
--- a/third_party/libwebrtc/api/video_codecs/video_encoder_software_fallback_wrapper.cc
+++ b/third_party/libwebrtc/api/video_codecs/video_encoder_software_fallback_wrapper.cc
-@@ -158,16 +158,17 @@ class VideoEncoderSoftwareFallbackWrappe
+@@ -183,16 +183,17 @@ class VideoEncoderSoftwareFallbackWrappe
[[fallthrough]];
case EncoderState::kMainEncoderUsed:
return encoder_.get();
@@ -544,7 +544,7 @@
// Settings used in the last InitEncode call and used if a dynamic fallback to
// software is required.
-@@ -338,16 +339,17 @@ int32_t VideoEncoderSoftwareFallbackWrap
+@@ -363,16 +364,17 @@ int32_t VideoEncoderSoftwareFallbackWrap
case EncoderState::kMainEncoderUsed: {
return EncodeWithMainEncoder(frame, frame_types);
}
@@ -684,7 +684,7 @@
diff --git a/third_party/libwebrtc/media/base/codec.cc b/third_party/libwebrtc/media/base/codec.cc
--- a/third_party/libwebrtc/media/base/codec.cc
+++ b/third_party/libwebrtc/media/base/codec.cc
-@@ -195,16 +195,17 @@ bool Codec::Matches(const Codec& codec,
+@@ -201,16 +201,17 @@ bool Codec::Matches(const Codec& codec,
(codec.bitrate == 0 || bitrate <= 0 ||
bitrate == codec.bitrate) &&
((codec.channels < 2 && channels < 2) ||
@@ -699,9 +699,9 @@
return matches_id && matches_type_specific();
}
- bool Codec::MatchesCapability(
- const webrtc::RtpCodecCapability& codec_capability) const {
+ bool Codec::MatchesRtpCodec(const webrtc::RtpCodec& codec_capability) const {
webrtc::RtpCodecParameters codec_parameters = ToCodecParameters();
+
diff --git a/third_party/libwebrtc/modules/audio_processing/agc2/clipping_predictor.cc b/third_party/libwebrtc/modules/audio_processing/agc2/clipping_predictor.cc
--- a/third_party/libwebrtc/modules/audio_processing/agc2/clipping_predictor.cc
+++ b/third_party/libwebrtc/modules/audio_processing/agc2/clipping_predictor.cc
@@ -957,7 +957,7 @@
diff --git a/third_party/libwebrtc/modules/rtp_rtcp/source/rtp_sender_audio.cc b/third_party/libwebrtc/modules/rtp_rtcp/source/rtp_sender_audio.cc
--- a/third_party/libwebrtc/modules/rtp_rtcp/source/rtp_sender_audio.cc
+++ b/third_party/libwebrtc/modules/rtp_rtcp/source/rtp_sender_audio.cc
-@@ -40,16 +40,17 @@ namespace {
+@@ -41,16 +41,17 @@ namespace {
case AudioFrameType::kEmptyFrame:
return "empty";
case AudioFrameType::kAudioFrameSpeech: