--- a/MozillaFirefox/MozillaFirefox.changes Sat May 26 18:04:18 2018 +0200
+++ b/MozillaFirefox/MozillaFirefox.changes Fri Jun 08 22:09:15 2018 +0200
@@ -1,9 +1,25 @@
-------------------------------------------------------------------
+Thu Jun 7 12:11:06 UTC 2018 - wr@rosenauer.org
+
+- update to Firefox 60.0.2
+ * requires NSS 3.36.4
+ MFSA 2018-14 (bsc#1096449)
+ * CVE-2018-6126 (bmo#1462682)
+ Heap buffer overflow rasterizing paths in SVG with Skia
+
+-------------------------------------------------------------------
+Wed Jun 6 18:57:52 UTC 2018 - guillaume.gardet@opensuse.org
+
+- Add upstream patch to fix boo#1093059 instead of '-ffixed-x28'
+ workaround:
+ * mozilla-bmo1375074.patch
+
+-------------------------------------------------------------------
Sat May 26 15:53:25 UTC 2018 - wr@rosenauer.org
- fixed "open with" option under KDE (boo#1094747)
- workaround crash on startup on aarch64 (boo#1093059)
- (contributed by guillaume@Arm.com)
+ (contributed by guillaume.gardet@arm.com)
-------------------------------------------------------------------
Wed May 23 08:49:09 UTC 2018 - guillaume.gardet@opensuse.org
--- a/MozillaFirefox/MozillaFirefox.spec Sat May 26 18:04:18 2018 +0200
+++ b/MozillaFirefox/MozillaFirefox.spec Fri Jun 08 22:09:15 2018 +0200
@@ -19,10 +19,10 @@
# changed with every update
%define major 60
-%define mainver %major.0.1
+%define mainver %major.0.2
%define update_channel release
%define branding 1
-%define releasedate 20180516032328
+%define releasedate 20180605171542
%define source_prefix firefox-%{mainver}
# PIE, full relro (x86_64 for now)
@@ -58,6 +58,7 @@
BuildRequires: autoconf213
BuildRequires: dbus-1-glib-devel
BuildRequires: fdupes
+BuildRequires: memory-constraints
%if 0%{?suse_version} <= 1320
BuildRequires: gcc7-c++
%else
@@ -72,7 +73,7 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.19
-BuildRequires: mozilla-nss-devel >= 3.36.1
+BuildRequires: mozilla-nss-devel >= 3.36.4
BuildRequires: python-devel
BuildRequires: python2-xml
BuildRequires: rust >= 1.24
@@ -157,6 +158,7 @@
Patch10: mozilla-i586-domPrefs.patch
Patch11: mozilla-enable-csd.patch
Patch12: mozilla-fix-skia-aarch64.patch
+Patch13: mozilla-bmo1375074.patch
# Firefox/browser
Patch101: firefox-kde.patch
Patch102: firefox-branded-icons.patch
@@ -272,6 +274,7 @@
%endif
%patch11 -p1
%patch12 -p1
+%patch13 -p1
# Firefox
%patch101 -p1
%patch102 -p1
@@ -305,9 +308,6 @@
%if 0%{?suse_version} > 1320
export CFLAGS="$CFLAGS -fno-delete-null-pointer-checks"
%endif
-%ifarch aarch64
-export CFLAGS="$CFLAGS -ffixed-x28"
-%endif
%ifarch %arm
export CFLAGS="${CFLAGS/-g / }"
%endif
@@ -328,6 +328,7 @@
export RUSTFLAGS="-Cdebuginfo=0"
%endif
export MOZCONFIG=$RPM_BUILD_DIR/mozconfig
+%limit_build -m 1500
cat << EOF > $MOZCONFIG
mk_add_options MOZILLA_OFFICIAL=1
mk_add_options BUILD_OFFICIAL=1
--- a/MozillaFirefox/create-tar.sh Sat May 26 18:04:18 2018 +0200
+++ b/MozillaFirefox/create-tar.sh Fri Jun 08 22:09:15 2018 +0200
@@ -7,8 +7,8 @@
CHANNEL="release"
BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_60_0_1_RELEASE"
-VERSION="60.0.1"
+RELEASE_TAG="FIREFOX_60_0_2_RELEASE"
+VERSION="60.0.2"
# check required tools
test -x /usr/bin/hg || ( echo "hg missing: execute zypper in mercurial"; exit 5 )
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/MozillaFirefox/mozilla-bmo1375074.patch Fri Jun 08 22:09:15 2018 +0200
@@ -0,0 +1,1 @@
+../mozilla-bmo1375074.patch
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/mozilla-bmo1375074.patch Fri Jun 08 22:09:15 2018 +0200
@@ -0,0 +1,95 @@
+
+# HG changeset patch
+# User Lars T Hansen <lhansen@mozilla.com>
+# Date 1519822672 -3600
+# Node ID 800abe66894d6b07b24bccecbf6a65e2261076f6
+# Parent 223c97459e96183eb616aed39147207bdb953ba8
+Bug 1375074 - Save and restore non-volatile x28 on ARM64 for generated unboxed object constructor. r=sstangl
+
+diff --git a/js/src/jit-test/tests/bug1375074.js b/js/src/jit-test/tests/bug1375074.js
+new file mode 100644
+--- /dev/null
++++ b/js/src/jit-test/tests/bug1375074.js
+@@ -0,0 +1,18 @@
++// This forces the VM to start creating unboxed objects and thus stresses a
++// particular path into generated code for a specialized unboxed object
++// constructor.
++
++var K = 2000; // 2000 should be plenty
++var s = "[";
++var i;
++for ( i=0; i < K-1; i++ )
++ s = s + `{"i":${i}},`;
++s += `{"i":${i}}]`;
++var v = JSON.parse(s);
++
++assertEq(v.length == K, true);
++
++for ( i=0; i < K; i++) {
++ assertEq(v[i] instanceof Object, true);
++ assertEq(v[i].i, i);
++}
+diff --git a/js/src/vm/UnboxedObject.cpp b/js/src/vm/UnboxedObject.cpp
+--- a/js/src/vm/UnboxedObject.cpp
++++ b/js/src/vm/UnboxedObject.cpp
+@@ -90,17 +90,25 @@ UnboxedLayout::makeConstructorCode(JSCon
+ masm.loadPtr(Address(masm.getStackPointer(), sizeof(void*)), propertiesReg);
+ masm.loadPtr(Address(masm.getStackPointer(), 2 * sizeof(void*)), newKindReg);
+ #else
+ propertiesReg = IntArgReg0;
+ newKindReg = IntArgReg1;
+ #endif
+
+ #ifdef JS_CODEGEN_ARM64
+- // ARM64 communicates stack address via sp, but uses a pseudo-sp for addressing.
++ // ARM64 communicates stack address via sp, but uses a pseudo-sp (PSP) for
++ // addressing. The register we use for PSP may however also be used by
++ // calling code, and it is nonvolatile, so save it. Do this as a special
++ // case first because the generic save/restore code needs the PSP to be
++ // initialized already.
++ MOZ_ASSERT(PseudoStackPointer64.Is(masm.GetStackPointer64()));
++ masm.Str(PseudoStackPointer64, vixl::MemOperand(sp, -16, vixl::PreIndex));
++
++ // Initialize the PSP from the SP.
+ masm.initStackPtr();
+ #endif
+
+ MOZ_ASSERT(propertiesReg.volatile_());
+ MOZ_ASSERT(newKindReg.volatile_());
+
+ AllocatableGeneralRegisterSet regs(GeneralRegisterSet::All());
+ regs.take(propertiesReg);
+@@ -228,17 +236,32 @@ UnboxedLayout::makeConstructorCode(JSCon
+ if (object != ReturnReg)
+ masm.movePtr(object, ReturnReg);
+
+ // Restore non-volatile registers which were saved on entry.
+ if (ScratchDoubleReg.volatile_())
+ masm.pop(ScratchDoubleReg);
+ masm.PopRegsInMask(savedNonVolatileRegisters);
+
++#ifdef JS_CODEGEN_ARM64
++ // Now restore the value that was in the PSP register on entry, and return.
++
++ // Obtain the correct SP from the PSP.
++ masm.Mov(sp, PseudoStackPointer64);
++
++ // Restore the saved value of the PSP register, this value is whatever the
++ // caller had saved in it, not any actual SP value, and it must not be
++ // overwritten subsequently.
++ masm.Ldr(PseudoStackPointer64, vixl::MemOperand(sp, 16, vixl::PostIndex));
++
++ // Perform a plain Ret(), as abiret() will move SP <- PSP and that is wrong.
++ masm.Ret(vixl::lr);
++#else
+ masm.abiret();
++#endif
+
+ masm.bind(&failureStoreOther);
+
+ // There was a failure while storing a value which cannot be stored at all
+ // in the unboxed object. Initialize the object so it is safe for GC and
+ // return null.
+ masm.initUnboxedObjectContents(object, templateObject);
+
+
--- a/series Sat May 26 18:04:18 2018 +0200
+++ b/series Fri Jun 08 22:09:15 2018 +0200
@@ -11,6 +11,7 @@
mozilla-i586-domPrefs.patch
mozilla-enable-csd.patch
mozilla-fix-skia-aarch64.patch
+mozilla-bmo1375074.patch
# Firefox patches
firefox-kde.patch