--- a/MozillaFirefox/MozillaFirefox.changes Tue Oct 26 21:54:27 2021 +0200
+++ b/MozillaFirefox/MozillaFirefox.changes Sat Dec 04 11:19:16 2021 +0100
@@ -1,4 +1,78 @@
-------------------------------------------------------------------
+Thu Dec 2 20:32:42 UTC 2021 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- remove x-scheme-handler/ftp from firefox.desktop boo#1193321
+
+-------------------------------------------------------------------
+Thu Nov 25 20:21:07 UTC 2021 - Bjørn Lie <bjorn.lie@gmail.com>
+
+- Drop unused libidl-devel BuildRequires.
+
+-------------------------------------------------------------------
+Tue Nov 23 22:00:38 UTC 2021 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- Mozilla Firefox 94.0.2:
+ * Update preference design for Firefox Suggest for improved clarity
+ * Resolved general instability/crashes on Linux caused by a file
+ descriptor leak when backgrounding tabs using WebGL
+ (bmo#1741997)
+
+-------------------------------------------------------------------
+Fri Nov 5 18:02:48 UTC 2021 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- Mozilla Firefox 94.0.1:
+ * fixes for other platforms
+
+-------------------------------------------------------------------
+Sat Oct 30 07:52:22 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Firefox 94.0
+ * https://www.mozilla.org/en-US/firefox/94.0/releasenotes
+ MFSA 2021-48 (bsc#1192250)
+ * CVE-2021-38503 (bmo#1729517)
+ iframe sandbox rules did not apply to XSLT stylesheets
+ * CVE-2021-38504 (bmo#1730156)
+ Use-after-free in file picker dialog
+ * CVE-2021-38505 (bmo#1730194)
+ Windows 10 Cloud Clipboard may have recorded sensitive user data
+ * CVE-2021-38506 (bmo#1730750)
+ Firefox could be coaxed into going into fullscreen mode
+ without notification or warning
+ * CVE-2021-38507 (bmo#1730935)
+ Opportunistic Encryption in HTTP2 could be used to bypass the
+ Same-Origin-Policy on services hosted on other ports
+ * MOZ-2021-0003 (bmo#1736886)
+ Universal XSS in Firefox for Android via QR Code URLs
+ * CVE-2021-38508 (bmo#1366818)
+ Permission Prompt could be overlaid, resulting in user
+ confusion and potential spoofing
+ * MOZ-2021-0004 (bmo#1659155)
+ Web Extensions could access pre-redirect URL when their
+ context menu was triggered by a user
+ * CVE-2021-38509 (bmo#1718571)
+ Javascript alert box could have been spoofed onto an
+ arbitrary domain
+ * CVE-2021-38510 (bmo#1731779)
+ Download Protections were bypassed by .inetloc files on Mac OS
+ * MOZ-2021-0005 (bmo#1719203)
+ 'Copy Image Link' context menu action could have been abused
+ to see authentication tokens
+ * MOZ-2021-0006 (bmo#1724233)
+ URL Parsing may incorrectly parse internationalized domains
+ * MOZ-2021-0007 (bmo#1606864, bmo#1712671, bmo#1730048, bmo#1735152)
+ Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3
+- removed obsolete patches
+ * mozilla-bmo1602730.patch
+ * mozilla-bmo1725828.patch
+ * mozilla-bmo1729124.patch
+- requires
+ NSS >= 3.71
+ rust >= 1.53
+- fix Plasma detection (boo#1191825)
+- fix Link error "undefined hidden symbol:"
+ https://github.com/openSUSE/firefox-maintenance/issues/37
+
+-------------------------------------------------------------------
Tue Oct 26 19:48:24 UTC 2021 - Wolfgang Rosenauer <wr@rosenauer.org>
- Drop unused pkgconfig(gdk-x11-2.0) BuildRequires
--- a/MozillaFirefox/MozillaFirefox.desktop Tue Oct 26 21:54:27 2021 +0200
+++ b/MozillaFirefox/MozillaFirefox.desktop Sat Dec 04 11:19:16 2021 +0100
@@ -8,7 +8,7 @@
Icon=%ICON
Terminal=false
StartupNotify=true
-MimeType=text/html;text/xml;application/xhtml+xml;application/vnd.mozilla.xul+xml;text/mml;application/x-xpinstall;x-scheme-handler/http;x-scheme-handler/https;x-scheme-handler/ftp;
+MimeType=text/html;text/xml;application/xhtml+xml;application/vnd.mozilla.xul+xml;text/mml;application/x-xpinstall;x-scheme-handler/http;x-scheme-handler/https;
Type=Application
Actions=new-window;PrivateBrowsing;ProfileManager
--- a/MozillaFirefox/MozillaFirefox.spec Tue Oct 26 21:54:27 2021 +0200
+++ b/MozillaFirefox/MozillaFirefox.spec Sat Dec 04 11:19:16 2021 +0100
@@ -28,9 +28,9 @@
# orig_suffix b3
# major 69
# mainver %major.99
-%define major 93
-%define mainver %major.0
-%define orig_version 93.0
+%define major 94
+%define mainver %major.0.2
+%define orig_version 94.0.2
%define orig_suffix %{nil}
%define update_channel release
%define branding 1
@@ -100,25 +100,24 @@
BuildRequires: gcc-c++
%endif
%if 0%{?suse_version} < 1550 && 0%{?sle_version} < 150300
-BuildRequires: cargo >= 1.51
-BuildRequires: rust >= 1.51
+BuildRequires: cargo >= 1.53
+BuildRequires: rust >= 1.53
%else
# Newer sle/leap/tw use parallel versioned rust releases which have
# a different method for provides that we can use to request a
# specific version
-BuildRequires: rust+cargo >= 1.51
+BuildRequires: rust+cargo >= 1.53
%endif
%if 0%{useccache} != 0
BuildRequires: ccache
%endif
BuildRequires: libXcomposite-devel
BuildRequires: libcurl-devel
-BuildRequires: libidl-devel
BuildRequires: libiw-devel
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.32
-BuildRequires: mozilla-nss-devel >= 3.70
+BuildRequires: mozilla-nss-devel >= 3.71
BuildRequires: nasm >= 2.14
BuildRequires: nodejs >= 10.22.1
%if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000
@@ -218,15 +217,12 @@
Patch20: mozilla-fix-top-level-asm.patch
Patch21: mozilla-bmo1504834-part4.patch
Patch22: mozilla-bmo849632.patch
-Patch24: mozilla-bmo1602730.patch
Patch25: mozilla-bmo998749.patch
Patch26: mozilla-bmo1626236.patch
Patch27: mozilla-s390x-skia-gradient.patch
Patch28: mozilla-libavcodec58_91.patch
Patch29: mozilla-silence-no-return-type.patch
-Patch30: mozilla-bmo1725828.patch
Patch31: mozilla-bmo531915.patch
-Patch32: mozilla-bmo1729124.patch
# Firefox/browser
Patch101: firefox-kde.patch
Patch102: firefox-branded-icons.patch
@@ -349,15 +345,12 @@
%patch20 -p1
%patch21 -p1
%patch22 -p1
-%patch24 -p1
%patch25 -p1
%patch26 -p1
%patch27 -p1
%patch28 -p1
%patch29 -p1
-%patch30 -p1
%patch31 -p1
-%patch32 -p1
# Firefox
%patch101 -p1
%patch102 -p1
--- a/MozillaFirefox/tar_stamps Tue Oct 26 21:54:27 2021 +0200
+++ b/MozillaFirefox/tar_stamps Sat Dec 04 11:19:16 2021 +0100
@@ -1,10 +1,10 @@
PRODUCT="firefox"
CHANNEL="release"
-VERSION="93.0"
+VERSION="94.0.2"
VERSION_SUFFIX=""
-PREV_VERSION="92.0.1"
+PREV_VERSION="94.0.1"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release"
-RELEASE_TAG="08b69dc588fbdd88334ebcb6fa303eec95176cd6"
-RELEASE_TIMESTAMP="20210927210923"
+RELEASE_TAG="f09593707108af9f9f4d580cf748c3537639ecd4"
+RELEASE_TIMESTAMP="20211119140621"
--- a/firefox-kde.patch Tue Oct 26 21:54:27 2021 +0200
+++ b/firefox-kde.patch Sat Dec 04 11:19:16 2021 +0100
@@ -3,7 +3,7 @@
# Date 1559300151 -7200
# Fri May 31 12:55:51 2019 +0200
# Node ID 54d41b0033b8d649d842a1f862c6fed8b9874dec
-# Parent 856ef9c699423b1cd35e4df8745e78c409c8dbae
+# Parent 23d64c5753fda6f201477fe1f2f6cf1fb1657ccc
How to apply this patch:
1. Import and apply it
2. cp browser/base/content/browser.xul browser/base/content/browser-kde.xul
@@ -14,7 +14,7 @@
diff --git a/browser/components/preferences/main.js b/browser/components/preferences/main.js
--- a/browser/components/preferences/main.js
+++ b/browser/components/preferences/main.js
-@@ -338,16 +338,23 @@ var gMainPane = {
+@@ -353,16 +353,23 @@ var gMainPane = {
}, backoffTimes[this._backoffIndex + 1 < backoffTimes.length ? this._backoffIndex++ : backoffTimes.length - 1]);
};
@@ -38,7 +38,7 @@
);
let performanceSettingsUrl =
Services.urlFormatter.formatURLPref("app.support.baseURL") +
-@@ -1313,16 +1320,27 @@ var gMainPane = {
+@@ -1365,16 +1372,27 @@ var gMainPane = {
this._backoffIndex = 0;
let shellSvc = getShellService();
@@ -69,7 +69,7 @@
diff --git a/browser/components/shell/moz.build b/browser/components/shell/moz.build
--- a/browser/components/shell/moz.build
+++ b/browser/components/shell/moz.build
-@@ -32,16 +32,18 @@ if CONFIG["MOZ_WIDGET_TOOLKIT"] == "coco
+@@ -31,16 +31,18 @@ if CONFIG["MOZ_WIDGET_TOOLKIT"] == "coco
]
elif CONFIG["MOZ_WIDGET_TOOLKIT"] == "gtk":
XPIDL_SOURCES += [
@@ -92,7 +92,7 @@
new file mode 100644
--- /dev/null
+++ b/browser/components/shell/nsKDEShellService.cpp
-@@ -0,0 +1,103 @@
+@@ -0,0 +1,109 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
@@ -196,6 +196,12 @@
+ return NS_ERROR_NOT_IMPLEMENTED;
+}
+
++NS_IMETHODIMP
++nsKDEShellService::IsDefaultForScheme(nsTSubstring<char> const& aScheme, bool* aIsDefaultBrowser)
++{
++ return NS_ERROR_NOT_IMPLEMENTED;
++}
++
diff --git a/browser/components/shell/nsKDEShellService.h b/browser/components/shell/nsKDEShellService.h
new file mode 100644
--- /dev/null
--- a/mozilla-kde.patch Tue Oct 26 21:54:27 2021 +0200
+++ b/mozilla-kde.patch Sat Dec 04 11:19:16 2021 +0100
@@ -3,7 +3,7 @@
# Date 1559294891 -7200
# Fri May 31 11:28:11 2019 +0200
# Node ID c2aa7198fb925e7fde96abf65b6f68b9b755f112
-# Parent 0dd1b6436342922d434e7c818875b2a02a73b5ed
+# Parent 9eb4df0e07175ce38fc6699b2b8544b9eda7f0ad
Description: Add KDE integration to Firefox (toolkit parts)
Author: Wolfgang Rosenauer <wolfgang@rosenauer.org>
Author: Lubos Lunak <lunak@suse.com>
@@ -370,7 +370,7 @@
new file mode 100644
--- /dev/null
+++ b/toolkit/xre/nsKDEUtils.cpp
-@@ -0,0 +1,344 @@
+@@ -0,0 +1,321 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
@@ -410,36 +410,13 @@
+#define MAKE_STR( n ) MAKE_STR2( n )
+
+static bool getKdeSession()
++{
++ if (PR_GetEnv("KDE_FULL_SESSION"))
+ {
-+ Display* dpy = XOpenDisplay( NULL );
-+ if( dpy == NULL )
-+ return false;
-+ Atom kde_full_session = XInternAtom( dpy, "KDE_FULL_SESSION", true );
-+ bool kde = false;
-+ if( kde_full_session != None )
-+ {
-+ int cnt;
-+ if( Atom* props = XListProperties( dpy, DefaultRootWindow( dpy ), &cnt ))
-+ {
-+ for( int i = 0;
-+ i < cnt;
-+ ++i )
-+ {
-+ if( props[ i ] == kde_full_session )
-+ {
-+ kde = true;
-+#ifdef DEBUG_KDE
-+ fprintf( stderr, "KDE SESSION %d\n", kde );
-+#endif
-+ break;
-+ }
-+ }
-+ XFree( props );
-+ }
-+ }
-+ XCloseDisplay( dpy );
-+ return kde;
++ return true;
+ }
++ return false;
++}
+
+static bool getKdeSupport()
+ {
@@ -1283,7 +1260,7 @@
diff --git a/widget/gtk/moz.build b/widget/gtk/moz.build
--- a/widget/gtk/moz.build
+++ b/widget/gtk/moz.build
-@@ -137,16 +137,17 @@ FINAL_LIBRARY = "xul"
+@@ -136,16 +136,17 @@ FINAL_LIBRARY = "xul"
LOCAL_INCLUDES += [
"/layout/base",
@@ -1845,7 +1822,7 @@
# include "prmem.h"
# include "plbase64.h"
-@@ -2023,62 +2024,77 @@ nsLocalFile::SetPersistentDescriptor(con
+@@ -2025,62 +2026,77 @@ nsLocalFile::SetPersistentDescriptor(con
NS_IMETHODIMP
nsLocalFile::Reveal() {
--- a/mozilla-silence-no-return-type.patch Tue Oct 26 21:54:27 2021 +0200
+++ b/mozilla-silence-no-return-type.patch Sat Dec 04 11:19:16 2021 +0100
@@ -1,10 +1,10 @@
# HG changeset patch
-# Parent 45a1eadbae67aa05c6fa271d3dec5ac1cb0cfae8
+# Parent 9b29b6b7548b93a599167774e747f6e0661cfbe1
diff --git a/Cargo.lock b/Cargo.lock
--- a/Cargo.lock
+++ b/Cargo.lock
-@@ -2039,18 +2039,16 @@ name = "glsl-to-cxx"
+@@ -2078,18 +2078,16 @@ name = "glsl-to-cxx"
version = "0.1.0"
dependencies = [
"glsl",
@@ -20,9 +20,9 @@
]
[[package]]
- name = "goblin"
- version = "0.1.3"
- source = "registry+https://github.com/rust-lang/crates.io-index"
+ name = "gluesmith"
+ version = "0.1.0"
+ dependencies = [
diff --git a/Cargo.toml b/Cargo.toml
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -33,7 +33,7 @@
chardetng = { git = "https://github.com/hsivonen/chardetng", rev="302c995f91f44cf26e77dc4758ad56c3ff0153ad" }
chardetng_c = { git = "https://github.com/hsivonen/chardetng_c", rev="ed8a4c6f900a90d4dbc1d64b856e61490a1c3570" }
libudev-sys = { path = "dom/webauthn/libudev-sys" }
- packed_simd = { git = "https://github.com/hsivonen/packed_simd", rev="6a16f954950401b92b4e220fbf2dfaf6f00e1fb2" }
+ packed_simd = { git = "https://github.com/hsivonen/packed_simd", rev="8b4bd7d8229660a749dbe419a57ea01df9de5453" }
minidump_writer_linux = { git = "https://github.com/msirringhaus/minidump_writer_linux.git", rev = "029ac0d54b237f27dc7d8d4e51bc0fb076e5e852" }
+glslopt = { path = "third_party/rust/glslopt/" }
# The following overrides point to dummy projects, as a temporary measure until this is resolved: