MozillaFirefox/mozilla-bmo849632.patch

# HG changeset patch
# Parent  3de59fe1b8708c01e134ce698c4232b8a854f617
Problem:  webGL sites are displayed in the wrong color (usually blue-ish)
Solution: Problem is with skia once again. Output of webgl seems endian-correct, but skia only
          knows how to deal with little endian.
          So we swizzle the output of webgl after reading it from readpixels()
Note:     This does not fix all webGL sites, but is a step in the right direction

Index: firefox-115.0/gfx/gl/GLContext.h
===================================================================
--- firefox-115.0.orig/gfx/gl/GLContext.h
+++ firefox-115.0/gfx/gl/GLContext.h
@@ -1560,6 +1560,13 @@ class GLContext : public GenericAtomicRe
     BEFORE_GL_CALL;
     mSymbols.fReadPixels(x, y, width, height, format, type, pixels);
     OnSyncCall();
+#if MOZ_BIG_ENDIAN()
+    uint8_t* itr = (uint8_t*)pixels;
+    for (GLsizei i = 0; i < width * height; i++) {
+      NativeEndian::swapToLittleEndianInPlace((uint32_t*)itr, 1);
+      itr += 4;
+    }
+#endif
     AFTER_GL_CALL;
     mHeavyGLCallsSinceLastFlush = true;
   }
- Mozilla Firefox 74.0 * https://www.mozilla.org/en-US/firefox/74.0/releasenotes/ MFSA 2020-08 (bsc#1166238) * CVE-2020-6805 (bmo#1610880) Use-after-free when removing data about origins * CVE-2020-6806 (bmo#1612308) BodyStream::OnInputStreamReady was missing protections against state confusion * CVE-2020-6807 (bmo#1614971) Use-after-free in cubeb during stream destruction * CVE-2020-6808 (bmo#1247968) URL Spoofing via javascript: URL * CVE-2020-6809 (bmo#1420296) Web Extensions with the all-urls permission could access local files * CVE-2020-6810 (bmo#1432856) Focusing a popup while in fullscreen could have obscured the fullscreen notification * CVE-2020-6811 (bmo#1607742) Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection * CVE-2019-20503 (bmo#1613765) Out of bounds reads in sctp_load_addresses_from_init * CVE-2020-6812 (bmo#1616661) The names of AirPods with personally identifiable information were exposed to websites with camera or microphone permission * CVE-2020-6813 (bmo#1605814) @import statements in CSS could bypass the Content Security Policy nonce feature * CVE-2020-6814 (bmo#1592078,bmo#1604847,bmo#1608256,bmo#1612636, OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=809 2020-03-12 20:14:24 +01:00			`# HG changeset patch`
			`# Parent 3de59fe1b8708c01e134ce698c4232b8a854f617`
- Mozilla Firefox 71.0 * Improvements to Lockwise, our integrated password manager * More information about Enhanced Tracking Protection in action * Native MP3 decoding on Windows, Linux, and macOS * Configuration page (about:config) reimplemented in HTML * New kiosk mode functionality, which allows maximum screen space for customer-facing displays MFSA 2019-36 * CVE-2019-11756 (bmo#1508776) Use-after-free of SFTKSession object * CVE-2019-17008 (bmo#1546331) Use-after-free in worker destruction * CVE-2019-13722 (bmo#1580156) (Windows only) Stack corruption due to incorrect number of arguments in WebRTC code * CVE-2019-17014 (bmo#1322864) Dragging and dropping a cross-origin resource, incorrectly loaded as an image, could result in information disclosure * CVE-2019-17010 (bmo#1581084) Use-after-free when performing device orientation checks * CVE-2019-17005 (bmo#1584170) Buffer overflow in plain text serializer * CVE-2019-17011 (bmo#1591334) Use-after-free when retrieving a document in antitracking * CVE-2019-17012 (bmo#1449736, bmo#1533957, bmo#1560667, bmo#1567209 bmo#1580288, bmo#1585760, bmo#1592502) Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3 * CVE-2019-17013 (bmo#1298509, bmo#1472328, bmo#1577439, bmo#1577937 bmo#1580320, bmo#1584195, bmo#1585106, bmo#1586293, bmo#1593865 bmo#1594181) Memory safety bugs fixed in Firefox 71 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=789 2019-12-09 08:58:52 +01:00			`Problem: webGL sites are displayed in the wrong color (usually blue-ish)`
			`Solution: Problem is with skia once again. Output of webgl seems endian-correct, but skia only`
			`knows how to deal with little endian.`
			`So we swizzle the output of webgl after reading it from readpixels()`
			`Note: This does not fix all webGL sites, but is a step in the right direction`
- Mozilla Firefox 74.0 * https://www.mozilla.org/en-US/firefox/74.0/releasenotes/ MFSA 2020-08 (bsc#1166238) * CVE-2020-6805 (bmo#1610880) Use-after-free when removing data about origins * CVE-2020-6806 (bmo#1612308) BodyStream::OnInputStreamReady was missing protections against state confusion * CVE-2020-6807 (bmo#1614971) Use-after-free in cubeb during stream destruction * CVE-2020-6808 (bmo#1247968) URL Spoofing via javascript: URL * CVE-2020-6809 (bmo#1420296) Web Extensions with the all-urls permission could access local files * CVE-2020-6810 (bmo#1432856) Focusing a popup while in fullscreen could have obscured the fullscreen notification * CVE-2020-6811 (bmo#1607742) Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection * CVE-2019-20503 (bmo#1613765) Out of bounds reads in sctp_load_addresses_from_init * CVE-2020-6812 (bmo#1616661) The names of AirPods with personally identifiable information were exposed to websites with camera or microphone permission * CVE-2020-6813 (bmo#1605814) @import statements in CSS could bypass the Content Security Policy nonce feature * CVE-2020-6814 (bmo#1592078,bmo#1604847,bmo#1608256,bmo#1612636, OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=809 2020-03-12 20:14:24 +01:00
- Mozilla Firefox 115.0 * Support for importing payment methods saved in Chrome-based browser * Hardware video decoding is now enabled for Intel GPUs on Linux * The Tab Manager dropdown now features close buttons, so tabs can be closed more quickly * Streamlined the user interface for importing data in from other browsers * Users without platform support for H264 video decoding can now fallback to Cisco's OpenH264 plugin for playback. * Undo and redo are now available in Password fields * Changed: On Linux, middle clicks on the new tab button will now open the xclipboard contents in the new tab. If the xclipboard content is a URL then that URL is opened, any other text is opened with your default search provider. * Changed: For users with a Firefox Colorways built-in theme, the theme will be automatically migrated to the same theme hosted on addons.mozilla.org for Firefox profiles that have disabled add-ons auto-updates. This will allow users to keep their Colorways theme when they are later removed from Firefox installer files. * Changed: Certain Firefox users may come across a message in the extensions panel indicating that their add-ons are not allowed on the site currently open. We have introduced a new back-end feature to only allow some extensions monitored by Mozilla to run on specific websites for various reasons, including security concerns. * HTML5: The builtin editor now behaves similarly to other browsers with `contenteditable` and `designMode` when splitting a node, e.g. typing Enter to split a paragraph, and also when joining two nodes, e.g. typing Backspace at the start of a paragraph to join the paragraph and the previous OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1071 2023-07-05 23:06:07 +02:00			`Index: firefox-115.0/gfx/gl/GLContext.h`
			`===================================================================`
			`--- firefox-115.0.orig/gfx/gl/GLContext.h`
			`+++ firefox-115.0/gfx/gl/GLContext.h`
			`@@ -1560,6 +1560,13 @@ class GLContext : public GenericAtomicRe`
- Mozilla Firefox 71.0 * Improvements to Lockwise, our integrated password manager * More information about Enhanced Tracking Protection in action * Native MP3 decoding on Windows, Linux, and macOS * Configuration page (about:config) reimplemented in HTML * New kiosk mode functionality, which allows maximum screen space for customer-facing displays MFSA 2019-36 * CVE-2019-11756 (bmo#1508776) Use-after-free of SFTKSession object * CVE-2019-17008 (bmo#1546331) Use-after-free in worker destruction * CVE-2019-13722 (bmo#1580156) (Windows only) Stack corruption due to incorrect number of arguments in WebRTC code * CVE-2019-17014 (bmo#1322864) Dragging and dropping a cross-origin resource, incorrectly loaded as an image, could result in information disclosure * CVE-2019-17010 (bmo#1581084) Use-after-free when performing device orientation checks * CVE-2019-17005 (bmo#1584170) Buffer overflow in plain text serializer * CVE-2019-17011 (bmo#1591334) Use-after-free when retrieving a document in antitracking * CVE-2019-17012 (bmo#1449736, bmo#1533957, bmo#1560667, bmo#1567209 bmo#1580288, bmo#1585760, bmo#1592502) Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3 * CVE-2019-17013 (bmo#1298509, bmo#1472328, bmo#1577439, bmo#1577937 bmo#1580320, bmo#1584195, bmo#1585106, bmo#1586293, bmo#1593865 bmo#1594181) Memory safety bugs fixed in Firefox 71 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=789 2019-12-09 08:58:52 +01:00			`BEFORE_GL_CALL;`
			`mSymbols.fReadPixels(x, y, width, height, format, type, pixels);`
			`OnSyncCall();`
- big endian fixes * mozilla-bmo1610814.patch (boo#1164845, bmo#1610814) (bmo#1614535, boo#1164646) OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=807 2020-02-26 09:14:44 +01:00			`+#if MOZ_BIG_ENDIAN()`
- Mozilla Firefox 71.0 * Improvements to Lockwise, our integrated password manager * More information about Enhanced Tracking Protection in action * Native MP3 decoding on Windows, Linux, and macOS * Configuration page (about:config) reimplemented in HTML * New kiosk mode functionality, which allows maximum screen space for customer-facing displays MFSA 2019-36 * CVE-2019-11756 (bmo#1508776) Use-after-free of SFTKSession object * CVE-2019-17008 (bmo#1546331) Use-after-free in worker destruction * CVE-2019-13722 (bmo#1580156) (Windows only) Stack corruption due to incorrect number of arguments in WebRTC code * CVE-2019-17014 (bmo#1322864) Dragging and dropping a cross-origin resource, incorrectly loaded as an image, could result in information disclosure * CVE-2019-17010 (bmo#1581084) Use-after-free when performing device orientation checks * CVE-2019-17005 (bmo#1584170) Buffer overflow in plain text serializer * CVE-2019-17011 (bmo#1591334) Use-after-free when retrieving a document in antitracking * CVE-2019-17012 (bmo#1449736, bmo#1533957, bmo#1560667, bmo#1567209 bmo#1580288, bmo#1585760, bmo#1592502) Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3 * CVE-2019-17013 (bmo#1298509, bmo#1472328, bmo#1577439, bmo#1577937 bmo#1580320, bmo#1584195, bmo#1585106, bmo#1586293, bmo#1593865 bmo#1594181) Memory safety bugs fixed in Firefox 71 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=789 2019-12-09 08:58:52 +01:00			`+ uint8_t* itr = (uint8_t*)pixels;`
			`+ for (GLsizei i = 0; i < width * height; i++) {`
			`+ NativeEndian::swapToLittleEndianInPlace((uint32_t*)itr, 1);`
			`+ itr += 4;`
			`+ }`
			`+#endif`
			`AFTER_GL_CALL;`
			`mHeavyGLCallsSinceLastFlush = true;`
			`}`