--- a/MozillaFirefox/MozillaFirefox.changes Sat Mar 04 17:54:44 2017 +0100
+++ b/MozillaFirefox/MozillaFirefox.changes Sat Mar 18 11:18:01 2017 +0100
@@ -1,16 +1,92 @@
-------------------------------------------------------------------
-Sat Feb 25 15:19:15 UTC 2017 - wr@rosenauer.org
-
-- update to Firefox 52.0b9
- * requires NSS >= 3.28.2
+Sat Mar 18 10:12:59 UTC 2017 - wr@rosenauer.org
+
+- update to Firefox 53.0b4
+ * requires NSS 3.29.3
+ * Lightweight themes are now applied in private browsing windows
+ * Reader Mode now displays estimated reading time for the page
+ * Two new 'compact' themes available in Firefox, dark and light,
+ based on the Firefox Developer Edition theme
+ * Ended Firefox Linux support for processors older than Pentium 4
+ and AMD Opteron
+ * Refresh of the media controls user interface
+ * Shortened titles on tabs are faded out instead of using ellipsis
+ for improved readability
+ * Media playback on new tabs is blocked until the tab is visible
+ * Permission notifications have a cleaner design and cannot be
+ easily missed
+- removed browser(npapi) provides as these plugins are deprecated
+
+-------------------------------------------------------------------
+Fri Mar 17 15:43:29 UTC 2017 - wr@rosenauer.org
+
+- update to Firefox 52.0.1 (boo#1029822)
+ MFSA 2017-08
+ CVE-2017-5428: integer overflow in createImageBitmap() (bmo#1348168)
+
+-------------------------------------------------------------------
+Thu Mar 9 12:30:14 UTC 2017 - wr@rosenauer.org
+
+- reenable ALSA support which was removed by default upstream
+
+-------------------------------------------------------------------
+Sat Mar 4 16:57:45 UTC 2017 - wr@rosenauer.org
+
+- update to Firefox 52.0 (boo#1028391)
+ * requires NSS >= 3.28.3
* Pages containing insecure password fields now display a warning
directly within username and password fields.
- * Windows 8 touch screen support for multiprocess Firefox
* Send and open a tab from one device to another with Sync
* Removed NPAPI support for plugins other than Flash. Silverlight,
Java, Acrobat and the like are no longer supported.
* Removed Battery Status API to reduce fingerprinting of users by
trackers
+ * MFSA 2017-05
+ CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP
+ (bmo#1334933)
+ CVE-2017-5401: Memory Corruption when handling ErrorResult
+ (bmo#1328861)
+ CVE-2017-5402: Use-after-free working with events in FontFace
+ objects (bmo#1334876)
+ CVE-2017-5403: Use-after-free using addRange to add range to an
+ incorrect root object (bmo#1340186)
+ CVE-2017-5404: Use-after-free working with ranges in selections
+ (bmo#1340138)
+ CVE-2017-5406: Segmentation fault in Skia with canvas operations
+ (bmo#1306890)
+ CVE-2017-5407: Pixel and history stealing via floating-point
+ timing side channel with SVG filters (bmo#1336622)
+ CVE-2017-5410: Memory corruption during JavaScript garbage
+ collection incremental sweeping (bmo#1330687)
+ CVE-2017-5408: Cross-origin reading of video captions in violation
+ of CORS (bmo#1313711)
+ CVE-2017-5412: Buffer overflow read in SVG filters (bmo#1328323)
+ CVE-2017-5413: Segmentation fault during bidirectional operations
+ (bmo#1337504)
+ CVE-2017-5414: File picker can choose incorrect default directory
+ (bmo#1319370)
+ CVE-2017-5415: Addressbar spoofing through blob URL (bmo#1321719)
+ CVE-2017-5416: Null dereference crash in HttpChannel (bmo#1328121)
+ CVE-2017-5417: Addressbar spoofing by draging and dropping URLs
+ (bmo#791597)
+ CVE-2017-5426: Gecko Media Plugin sandbox is not started if
+ seccomp-bpf filter is running (bmo#1257361)
+ CVE-2017-5427: Non-existent chrome.manifest file loaded during
+ startup (bmo#1295542)
+ CVE-2017-5418: Out of bounds read when parsing HTTP digest
+ authorization responses (bmo#1338876)
+ CVE-2017-5419: Repeated authentication prompts lead to DOS
+ attack (bmo#1312243)
+ CVE-2017-5420: Javascript: URLs can obfuscate addressbar
+ location (bmo#1284395)
+ CVE-2017-5405: FTP response codes can cause use of
+ uninitialized values for ports (bmo#1336699)
+ CVE-2017-5421: Print preview spoofing (bmo#1301876)
+ CVE-2017-5422: DOS attack by using view-source: protocol
+ repeatedly in one hyperlink (bmo#1295002)
+ CVE-2017-5399: Memory safety bugs fixed in Firefox 52
+ CVE-2017-5398: Memory safety bugs fixed in Firefox 52 and
+ Firefox ESR 45.8
- removed obsolete patches
* mozilla-binutils-visibility.patch
* mozilla-check_return.patch
--- a/MozillaFirefox/MozillaFirefox.spec Sat Mar 04 17:54:44 2017 +0100
+++ b/MozillaFirefox/MozillaFirefox.spec Sat Mar 18 11:18:01 2017 +0100
@@ -18,10 +18,10 @@
# changed with every update
-%define major 51
+%define major 52
%define mainver %major.99
%define update_channel beta
-%define releasedate 20170224000000
+%define releasedate 20170317000000
# PIE, full relro (x86_64 for now)
%define build_hardened 1
@@ -31,7 +31,6 @@
%define firefox_use_rust 1
%endif
-
# general build definitions
%if "%{update_channel}" != "aurora"
%define progname firefox
@@ -81,7 +80,7 @@
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.13.1
-BuildRequires: mozilla-nss-devel >= 3.28.2
+BuildRequires: mozilla-nss-devel >= 3.29.3
BuildRequires: nss-shared-helper-devel
BuildRequires: python-devel
BuildRequires: startup-notification-devel
@@ -100,6 +99,7 @@
%if 0%{?firefox_use_rust}
BuildRequires: cargo
BuildRequires: rust >= 1.10
+BuildRequires: rust-std
%endif
# libavcodec is required for H.264 support but the
# openSUSE version is currently not able to play H.264
@@ -113,7 +113,6 @@
Provides: firefox = %{version}-%{release}
%endif
Provides: web_browser
-Provides: browser(npapi)
%if "%{update_channel}" != "aurora"
Provides: appdata()
Provides: appdata(firefox.appdata.xml)
@@ -353,6 +352,7 @@
ac_add_options --with-system-zlib
ac_add_options --disable-updater
ac_add_options --disable-tests
+ac_add_options --enable-alsa
ac_add_options --disable-debug
ac_add_options --enable-startup-notification
#ac_add_options --enable-chrome-format=jar
--- a/MozillaFirefox/create-tar.sh Sat Mar 04 17:54:44 2017 +0100
+++ b/MozillaFirefox/create-tar.sh Sat Mar 18 11:18:01 2017 +0100
@@ -7,8 +7,8 @@
CHANNEL="beta"
BRANCH="releases/mozilla-$CHANNEL"
-RELEASE_TAG="FIREFOX_52_0b9_RELEASE"
-VERSION="51.99"
+RELEASE_TAG="FIREFOX_53_0b4_RELEASE"
+VERSION="52.99"
# mozilla
if [ -d mozilla ]; then
--- a/MozillaFirefox/l10n_changesets.txt Sat Mar 04 17:54:44 2017 +0100
+++ b/MozillaFirefox/l10n_changesets.txt Sat Mar 18 11:18:01 2017 +0100
@@ -1,93 +1,94 @@
-ach 34c236a22596
-af 90f7ccd90de4
-an 10f71571821e
-ar 0edb7b32133a
-as ee642d74fde9
-ast 80b866a98b5a
-az 07778ef756d4
-bg 3e1affaac949
-bn-BD 6182802acd04
-bn-IN 0775fc62a38e
-br 88938f2eb7e2
-bs afe1158833f4
-ca c49b6bb37779
-cak 30c024aa79ef
-cs 392a1ff68cfd
-cy e9cc2975266f
-da cb1423eac811
-de 6535fbec1846
-dsb bbdbee2ecc9f
-el 4232653d09a7
-en-GB 3b1783bdb6fd
-en-ZA 86f98526de2f
-eo d478da264502
-es-AR adc3a9f3054e
-es-CL 8ce5a00c2709
-es-ES 3debdad3d876
-es-MX c2d80c000c8c
-et 5ce460a1227b
-eu 55202a38f74c
-fa de4daf555606
-ff 98974e0270a8
-fi 903b0416494a
-fr 7e9efb5f39b1
-fy-NL 551f14553b31
-ga-IE 94a750872504
-gd b2e4e78a85cf
-gl 79eda21c5b0b
-gn 8448413afd01
-gu-IN ef0d3c1d041a
-he 31df213cf89d
-hi-IN 6578b433d66e
-hr 77f103c07be0
-hsb 99f7c592ff8c
-hu 7ec46b30e96d
-hy-AM ee9609100a98
-id 584289a98164
-is 0de2039f0ead
-it ac8abee179d4
-ja c596f800130a
-ja-JP-mac e3b94e022b7d
-ka fd11643d032b
-kab 89a29ca718ef
-kk bbde07088662
-km 1d78cae948e2
-kn ceb699bfc19e
-ko ab9bc02a8c39
-lij 221601dc2320
-lt 1c563aa726f8
-lv 33dd8fbeb14e
-mai 4974d9967e3a
-mk 85557d511a18
-ml 3ac6473b90b8
-mr 9c8106a513fd
-ms f5ed710c8534
-nb-NO c84b8fb6b939
-nl b3c2ab953068
-nn-NO bc795ce8885a
-or ad0d79e1df34
-pa-IN 7a7d721c7f47
-pl 42ea1da43a3b
-pt-BR e9eaef0caba5
-pt-PT 5deb6216933d
-rm 4981325b9462
-ro 952587a63617
-ru 3d319dcf82c7
-si ea8510d62e56
-sk 968ee9fbd8ba
-sl e398e25297bc
-son a071d439a5f3
-sq c526b7451403
-sr 3fb1197cc3f3
-sv-SE 2d93a3f0c284
-ta e5fbcf49496f
-te d4cabe943952
-th e66a11b8da51
-tr 2ec45f681bb0
-uk d3ccc79b70b2
-uz 53122cc7d6ad
-vi e4f8d820bef2
-xh 6ba5a5671721
-zh-CN fb21432035d2
-zh-TW d17da9c45a93
+ach ad4861cc8b97
+af ed2ad4994929
+an 99f7617b5ca8
+ar 2f28d11d1657
+as ec72c8873d6f
+ast 234a91384f3a
+az 65e7cd3b577c
+bg 3869be765a85
+bn-BD 53c25d5b4589
+bn-IN 9f8087a5f6cd
+br 276a0bd1ddec
+bs bd981c758c72
+ca 799630b0c669
+cak 3ad4113a7360
+cs b2f1daccfa0d
+cy 09de6e11eb03
+da e0a49a797d36
+de 23defb0cb991
+dsb c53dc817114e
+el 5c938eaf3701
+en-GB 26cd2b7806cc
+en-ZA 3e25fa2becca
+eo 93972005d33e
+es-AR 3ed4ba3e0fcb
+es-CL 58ac3780452e
+es-ES 6f99cb5c975b
+es-MX 826be6e20d6c
+et 4aa55cdd1504
+eu 2333c4822f7c
+fa d5f8a48f15d2
+ff fd37d118280c
+fi db0a67c30074
+fr 54307652740e
+fy-NL 7645530de622
+ga-IE 8d20d03ac938
+gd fc9ab54d84a9
+gl 849e4e3a3fc9
+gn 51054649b046
+gu-IN c713ea51e83a
+he 68f368c165a5
+hi-IN 24a69ca3f8ea
+hr 5e08e334a84c
+hsb 393c98c68916
+hu 97f36446d52a
+hy-AM d467bd690878
+id f390b2688780
+is 9ee7f7c99512
+it ed1aa37dd8c7
+ja 3ef479bfde1a
+ja-JP-mac 80958cf82100
+ka 3b036c9e61a6
+kab 364adce77c72
+kk 08696f7c8a1a
+km c68136590500
+kn 6160ec938484
+ko 936eb0ebb2da
+lij 6f8083311567
+lt 2b1cbb210da2
+lv 10389753c571
+mai 7e4a8262ce47
+mk 123d0c7a029e
+ml 6489a17e1231
+mr 6e618c26bbbc
+ms f1b58ca03654
+nb-NO e87d4d61a15e
+nl 095e7caafd73
+nn-NO dd567e171cc0
+or 16dd77306673
+pa-IN f25671183bb9
+pl e0cb50020774
+pt-BR 291efbc7eda6
+pt-PT 8ba304b52d98
+rm ec384cb407d1
+ro d8c54284d42c
+ru 72f076d6157a
+si d0ecb8470e6b
+sk 9489c3379fe7
+sl 5057b16cc0a4
+son 8a18464fb645
+sq 8dcd80c157b4
+sr 49f0c3635d34
+sv-SE ba8c81281095
+ta 1e7e519542ff
+te 510cff80cfbe
+th 5aa843627cdb
+tr 33ade23966b0
+uk 7db099371772
+ur 8916a4a4ac78
+uz 4f2be0c7cf61
+vi a0e2d5d10028
+xh 0bbddd61bf1d
+zh-CN 0a704c7c84a1
+zh-TW 93c4d7dc2c0a
--- a/mozilla-kde.patch Sat Mar 04 17:54:44 2017 +0100
+++ b/mozilla-kde.patch Sat Mar 18 11:18:01 2017 +0100
@@ -1,5 +1,5 @@
# HG changeset patch
-# Parent 0e88a32ef7263e76f6970bab17458130d1f3677f
+# Parent 5c8ae59424f5318bf7a387257771bf95d3893063
Description: Add KDE integration to Firefox (toolkit parts)
Author: Wolfgang Rosenauer <wolfgang@rosenauer.org>
Author: Lubos Lunak <lunak@suse.com>
@@ -2200,6 +2200,117 @@
+# PrefWindow II (???)
+# PrefWindow I (June 4, 1999)
+#
+diff --git a/toolkit/mozapps/downloads/nsHelperAppDlg.js b/toolkit/mozapps/downloads/nsHelperAppDlg.js
+--- a/toolkit/mozapps/downloads/nsHelperAppDlg.js
++++ b/toolkit/mozapps/downloads/nsHelperAppDlg.js
+@@ -627,17 +627,17 @@ nsUnknownContentTypeDialog.prototype = {
+ else
+ typeString = mimeInfo.MIMEType;
+ }
+ // When the length is unknown, contentLength would be -1
+ if (this.mLauncher.contentLength >= 0) {
+ let [size, unit] = DownloadUtils.
+ convertByteUnits(this.mLauncher.contentLength);
+ type.value = this.dialogElement("strings")
+- .getFormattedString("orderedFileSizeWithType",
++ .getFormattedString("orderedFileSizeWithType",
+ [typeString, size, unit]);
+ }
+ else {
+ type.value = typeString;
+ }
+ },
+
+ // Returns true if opening the default application makes sense.
+@@ -801,17 +801,17 @@ nsUnknownContentTypeDialog.prototype = {
+ switch (this.dialogElement("openHandler").selectedIndex) {
+ case 0:
+ // No app need be specified in this case.
+ ok = true;
+ break;
+ case 1:
+ // only enable the OK button if we have a default app to use or if
+ // the user chose an app....
+- ok = this.chosenApp || /\S/.test(this.dialogElement("otherHandler").getAttribute("path"));
++ ok = this.chosenApp || /\S/.test(this.dialogElement("otherHandler").getAttribute("path"));
+ break;
+ }
+ }
+
+ // Enable Ok button if ok to press.
+ this.mDialog.document.documentElement.getButton("accept").disabled = !ok;
+ },
+
+@@ -1068,30 +1068,56 @@ nsUnknownContentTypeDialog.prototype = {
+ params.handlerApp.executable &&
+ params.handlerApp.executable.isFile()) {
+ // Remember the file they chose to run.
+ this.chosenApp = params.handlerApp;
+ }
+ }
+ else {
+ #if MOZ_WIDGET_GTK == 3
+- var nsIApplicationChooser = Components.interfaces.nsIApplicationChooser;
+- var appChooser = Components.classes["@mozilla.org/applicationchooser;1"]
+- .createInstance(nsIApplicationChooser);
+- appChooser.init(this.mDialog, this.dialogElement("strings").getString("chooseAppFilePickerTitle"));
+- var contentTypeDialogObj = this;
+- let appChooserCallback = function appChooserCallback_done(aResult) {
+- if (aResult) {
+- contentTypeDialogObj.chosenApp = aResult.QueryInterface(Components.interfaces.nsILocalHandlerApp);
++ // handle the KDE case which is implemented in the filepicker
++ // therefore falling back to Gtk2 like behaviour if KDE is running
++ // FIXME this should be better handled in the nsIApplicationChooser interface
++ var env = Components.classes["@mozilla.org/process/environment;1"]
++ .getService(Components.interfaces.nsIEnvironment);
++ if (env.get('KDE_FULL_SESSION') == "true")
++ {
++ var nsIFilePicker = Components.interfaces.nsIFilePicker;
++ var fp = Components.classes["@mozilla.org/filepicker;1"]
++ .createInstance(nsIFilePicker);
++ fp.init(this.mDialog,
++ this.dialogElement("strings").getString("chooseAppFilePickerTitle"),
++ nsIFilePicker.modeOpen);
++
++ fp.appendFilters(nsIFilePicker.filterApps);
++
++ if (fp.show() == nsIFilePicker.returnOK && fp.file) {
++ // Remember the file they chose to run.
++ var localHandlerApp =
++ Components.classes["@mozilla.org/uriloader/local-handler-app;1"].
++ createInstance(Components.interfaces.nsILocalHandlerApp);
++ localHandlerApp.executable = fp.file;
++ this.chosenApp = localHandlerApp;
+ }
+- contentTypeDialogObj.finishChooseApp();
+- };
+- appChooser.open(this.mLauncher.MIMEInfo.MIMEType, appChooserCallback);
+- // The finishChooseApp is called from appChooserCallback
+- return;
++ } else {
++ var nsIApplicationChooser = Components.interfaces.nsIApplicationChooser;
++ var appChooser = Components.classes["@mozilla.org/applicationchooser;1"]
++ .createInstance(nsIApplicationChooser);
++ appChooser.init(this.mDialog, this.dialogElement("strings").getString("chooseAppFilePickerTitle"));
++ var contentTypeDialogObj = this;
++ let appChooserCallback = function appChooserCallback_done(aResult) {
++ if (aResult) {
++ contentTypeDialogObj.chosenApp = aResult.QueryInterface(Components.interfaces.nsILocalHandlerApp);
++ }
++ contentTypeDialogObj.finishChooseApp();
++ };
++ appChooser.open(this.mLauncher.MIMEInfo.MIMEType, appChooserCallback);
++ // The finishChooseApp is called from appChooserCallback
++ return;
++ }
+ #else
+ var nsIFilePicker = Components.interfaces.nsIFilePicker;
+ var fp = Components.classes["@mozilla.org/filepicker;1"]
+ .createInstance(nsIFilePicker);
+ fp.init(this.mDialog,
+ this.dialogElement("strings").getString("chooseAppFilePickerTitle"),
+ nsIFilePicker.modeOpen);
+
diff --git a/toolkit/system/unixproxy/nsUnixSystemProxySettings.cpp b/toolkit/system/unixproxy/nsUnixSystemProxySettings.cpp
--- a/toolkit/system/unixproxy/nsUnixSystemProxySettings.cpp
+++ b/toolkit/system/unixproxy/nsUnixSystemProxySettings.cpp
@@ -3696,7 +3807,7 @@
diff --git a/xpcom/io/nsLocalFileUnix.cpp b/xpcom/io/nsLocalFileUnix.cpp
--- a/xpcom/io/nsLocalFileUnix.cpp
+++ b/xpcom/io/nsLocalFileUnix.cpp
-@@ -45,16 +45,17 @@
+@@ -46,16 +46,17 @@
#include "prproces.h"
#include "nsIDirectoryEnumerator.h"
#include "nsISimpleEnumerator.h"
@@ -3714,7 +3825,7 @@
#include "prmem.h"
#include "plbase64.h"
-@@ -1947,42 +1948,52 @@ nsLocalFile::SetPersistentDescriptor(con
+@@ -1948,42 +1949,52 @@ nsLocalFile::SetPersistentDescriptor(con
return InitWithNativePath(aPersistentDescriptor);
#endif
}
@@ -3773,7 +3884,7 @@
return rv;
}
return NS_ERROR_FAILURE;
-@@ -1990,16 +2001,22 @@ nsLocalFile::Reveal()
+@@ -1991,16 +2002,22 @@ nsLocalFile::Reveal()
return NS_ERROR_FAILURE;
#endif
}