MozillaFirefox/mozilla-s390-context.patch

# HG changeset patch
# User msirringhaus@suse.de
# Date 1558452408 -7200
#      Tue May 21 17:26:48 2019 +0200
# Node ID 602e92722e765a3c238d3b96b26c0c8063b5eeb4
# Parent  783ceb006fcdabe5ad23bd561362e721c7ed5f8c
[mq]: mozilla-s390-context.patch

diff --git a/js/src/wasm/WasmSignalHandlers.cpp b/js/src/wasm/WasmSignalHandlers.cpp
--- a/js/src/wasm/WasmSignalHandlers.cpp
+++ b/js/src/wasm/WasmSignalHandlers.cpp
@@ -174,6 +174,10 @@ using mozilla::DebugOnly;
 #      define FP_sig(p) ((p)->uc_mcontext.gregs[REG_FPRS])
 #      define SP_sig(p) ((p)->uc_mcontext.gregs[REG_SP])
 #    endif
+#    if defined(__linux__) && defined(__s390x__)
+#      define GR_sig(p, x) ((p)->uc_mcontext.gregs[x])
+#      define PSWa_sig(p) ((p)->uc_mcontext.psw.addr)
+#    endif
 #  elif defined(__NetBSD__)
 #    define EIP_sig(p) ((p)->uc_mcontext.__gregs[_REG_EIP])
 #    define EBP_sig(p) ((p)->uc_mcontext.__gregs[_REG_EBP])
@@ -416,6 +420,10 @@ struct macos_aarch64_context {
 #    define FP_sig(p) RFP_sig(p)
 #    define SP_sig(p) R03_sig(p)
 #    define LR_sig(p) RRA_sig(p)
+#  elif defined(__s390x__)
+#    define PC_sig(p) PSWa_sig(p)
+#    define SP_sig(p) GR_sig(p, 15)
+#    define FP_sig(p) GR_sig(p, 11)
 #  elif defined(__riscv)
 #    define PC_sig(p) RPC_sig(p)
 #    define FP_sig(p) RFP_sig(p)
- Mozilla Firefox 68.0 * Dark mode in reader view * Improved extension security and discovery * Cryptomining and fingerprinting protections are added to strict content blocking settings in Privacy & Security preferences * Camera and microphone access now require an HTTPS connection MFSA 2019-21 (bsc#1140868) * CVE-2019-9811 (bmo#1538007, bmo#1539598, bmo#1563327) Sandbox escape via installation of malicious languagepack * CVE-2019-11711 (bmo#1552541) Script injection within domain through inner window reuse * CVE-2019-11712 (bmo#1543804) Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects * CVE-2019-11713 (bmo#1528481) Use-after-free with HTTP/2 cached stream * CVE-2019-11714 (bmo#1542593) NeckoChild can trigger crash when accessed off of main thread * CVE-2019-11729 (bmo#1515342) Empty or malformed p256-ECDH public keys may trigger a segmentation fault * CVE-2019-11715 (bmo#1555523) HTML parsing error can contribute to content XSS * CVE-2019-11716 (bmo#1552632) globalThis not enumerable until accessed * CVE-2019-11717 (bmo#1548306) Caret character improperly escaped in origins * CVE-2019-11718 (bmo#1408349) Activity Stream writes unsanitized content to innerHTML * CVE-2019-11719 (bmo#1540541) Out-of-bounds read when importing curve25519 private key OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=748 2019-07-09 23:21:11 +02:00			`# HG changeset patch`
			`# User msirringhaus@suse.de`
			`# Date 1558452408 -7200`
			`# Tue May 21 17:26:48 2019 +0200`
			`# Node ID 602e92722e765a3c238d3b96b26c0c8063b5eeb4`
Accepting request 1092018 from home:AndreasStieger:branches:mozilla:Factory Mozilla Firefox 114.0.1 OBS-URL: https://build.opensuse.org/request/show/1092018 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1066 2023-06-10 17:11:56 +02:00			`# Parent 783ceb006fcdabe5ad23bd561362e721c7ed5f8c`
- Mozilla Firefox 68.0 * Dark mode in reader view * Improved extension security and discovery * Cryptomining and fingerprinting protections are added to strict content blocking settings in Privacy & Security preferences * Camera and microphone access now require an HTTPS connection MFSA 2019-21 (bsc#1140868) * CVE-2019-9811 (bmo#1538007, bmo#1539598, bmo#1563327) Sandbox escape via installation of malicious languagepack * CVE-2019-11711 (bmo#1552541) Script injection within domain through inner window reuse * CVE-2019-11712 (bmo#1543804) Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects * CVE-2019-11713 (bmo#1528481) Use-after-free with HTTP/2 cached stream * CVE-2019-11714 (bmo#1542593) NeckoChild can trigger crash when accessed off of main thread * CVE-2019-11729 (bmo#1515342) Empty or malformed p256-ECDH public keys may trigger a segmentation fault * CVE-2019-11715 (bmo#1555523) HTML parsing error can contribute to content XSS * CVE-2019-11716 (bmo#1552632) globalThis not enumerable until accessed * CVE-2019-11717 (bmo#1548306) Caret character improperly escaped in origins * CVE-2019-11718 (bmo#1408349) Activity Stream writes unsanitized content to innerHTML * CVE-2019-11719 (bmo#1540541) Out-of-bounds read when importing curve25519 private key OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=748 2019-07-09 23:21:11 +02:00			`[mq]: mozilla-s390-context.patch`

- Mozilla Firefox 74.0 * https://www.mozilla.org/en-US/firefox/74.0/releasenotes/ MFSA 2020-08 (bsc#1166238) * CVE-2020-6805 (bmo#1610880) Use-after-free when removing data about origins * CVE-2020-6806 (bmo#1612308) BodyStream::OnInputStreamReady was missing protections against state confusion * CVE-2020-6807 (bmo#1614971) Use-after-free in cubeb during stream destruction * CVE-2020-6808 (bmo#1247968) URL Spoofing via javascript: URL * CVE-2020-6809 (bmo#1420296) Web Extensions with the all-urls permission could access local files * CVE-2020-6810 (bmo#1432856) Focusing a popup while in fullscreen could have obscured the fullscreen notification * CVE-2020-6811 (bmo#1607742) Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection * CVE-2019-20503 (bmo#1613765) Out of bounds reads in sctp_load_addresses_from_init * CVE-2020-6812 (bmo#1616661) The names of AirPods with personally identifiable information were exposed to websites with camera or microphone permission * CVE-2020-6813 (bmo#1605814) @import statements in CSS could bypass the Content Security Policy nonce feature * CVE-2020-6814 (bmo#1592078,bmo#1604847,bmo#1608256,bmo#1612636, OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=809 2020-03-12 20:14:24 +01:00			`diff --git a/js/src/wasm/WasmSignalHandlers.cpp b/js/src/wasm/WasmSignalHandlers.cpp`
			`--- a/js/src/wasm/WasmSignalHandlers.cpp`
			`+++ b/js/src/wasm/WasmSignalHandlers.cpp`
Accepting request 1092018 from home:AndreasStieger:branches:mozilla:Factory Mozilla Firefox 114.0.1 OBS-URL: https://build.opensuse.org/request/show/1092018 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1066 2023-06-10 17:11:56 +02:00			`@@ -174,6 +174,10 @@ using mozilla::DebugOnly;`
- Mozilla Firefox 106.0 * support editing of PDFs * introduced Firefox View * major WebRTC update - Better screen sharing for Windows and Linux Wayland users - RTP performance and reliability improvements - Richer statistics - Cross-browser and service compatibility improvements * detailed releasenotes https://www.mozilla.org/en-US/firefox/106.0/releasenotes MFSA 2022-44 (bsc#1204421) * CVE-2022-42927 (bmo#1789128) Same-origin policy violation could have leaked cross-origin URLs * CVE-2022-42928 (bmo#1791520) Memory Corruption in JS Engine * CVE-2022-42929 (bmo#1789439) Denial of Service via window.print * CVE-2022-42930 (bmo#1789503) Race condition in DOM Workers * CVE-2022-42931 (bmo#1780571) Username saved to a plaintext file on disk * CVE-2022-42932 (bmo#1789729, bmo#1791363, bmo#1792041) Memory safety bugs fixed in Firefox OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1008 2022-10-18 22:10:44 +02:00			`# define FP_sig(p) ((p)->uc_mcontext.gregs[REG_FPRS])`
			`# define SP_sig(p) ((p)->uc_mcontext.gregs[REG_SP])`
			`# endif`
Accepting request 1092018 from home:AndreasStieger:branches:mozilla:Factory Mozilla Firefox 114.0.1 OBS-URL: https://build.opensuse.org/request/show/1092018 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1066 2023-06-10 17:11:56 +02:00			`+# if defined(__linux__) && defined(__s390x__)`
			`+# define GR_sig(p, x) ((p)->uc_mcontext.gregs[x])`
			`+# define PSWa_sig(p) ((p)->uc_mcontext.psw.addr)`
			`+# endif`
- Mozilla Firefox 93.0 * supports the new AVIF image format * PDF viewer now supports filling more forms (XFA-based forms) * now blocks downloads that rely on insecure connections, protecting against potentially malicious or unsafe downloads * Improved web compatibility for privacy protections with SmartBlock 3.0 * Introducing a new referrer tracking protection in Strict Tracking Protection and Private Browsing * TLS ciphersuites that use 3DES have been disabled. Such ciphersuites can only be enabled when deprecated versions of TLS are also enabled * The download panel now follows the Firefox visual styles MFSA 2021-43 (bsc#1191332) * CVE-2021-38496 (bmo#1725335) Use-after-free in MessageTask * CVE-2021-38497 (bmo#1726621) Validation message could have been overlaid on another origin * CVE-2021-38498 (bmo#1729642) Use-after-free of nsLanguageAtomService object * CVE-2021-32810 (bmo#1729813) https://github.com/crossbeam-rs/crossbeam/security/advisories/GHSA-pqqp-xmhj-wgcw) Data race in crossbeam-deque * CVE-2021-38500 (bmo#1725854, bmo#1728321) Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2 * CVE-2021-38501 (bmo#1685354, bmo#1715755, bmo#1723176) Memory safety bugs fixed in Firefox 93 and Firefox ESR 91.2 * CVE-2021-38499 (bmo#1667102, bmo#1723170, bmo#1725356, bmo#1727364) Memory safety bugs fixed in Firefox 93 - removed obsolete mozilla-bmo1708709.patch OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=936 2021-10-06 09:02:07 +02:00			`# elif defined(__NetBSD__)`
			`# define EIP_sig(p) ((p)->uc_mcontext.__gregs[_REG_EIP])`
			`# define EBP_sig(p) ((p)->uc_mcontext.__gregs[_REG_EBP])`
Accepting request 1092018 from home:AndreasStieger:branches:mozilla:Factory Mozilla Firefox 114.0.1 OBS-URL: https://build.opensuse.org/request/show/1092018 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1066 2023-06-10 17:11:56 +02:00			`@@ -416,6 +420,10 @@ struct macos_aarch64_context {`
- Mozilla Firefox 99.0 * You can now toggle Narrate in ReaderMode with the keyboard shortcut "n." * You can find added support for search—with or without diacritics—in the PDF viewer. * The Linux sandbox has been strengthened: processes exposed to web content no longer have access to the X Window system (X11). * Firefox now supports credit card autofill and capture in Germany and France. MFSA 2022-13 (bsc#1197903) * CVE-2022-1097 (bmo#1745667) Use-after-free in NSSToken objects * CVE-2022-28281 (bmo#1755621) Out of bounds write due to unexpected WebAuthN Extensions * CVE-2022-28282 (bmo#1751609) Use-after-free in DocumentL10n::TranslateDocument * CVE-2022-28283 (bmo#1754066) Missing security checks for fetching sourceMapURL * CVE-2022-28284 (bmo#1754522) Script could be executed via svg's use element * CVE-2022-28285 (bmo#1756957) Incorrect AliasSet used in JIT Codegen * CVE-2022-28286 (bmo#1735265) iframe contents could be rendered outside the border * CVE-2022-28287 (bmo#1741515) Text Selection could crash Firefox * CVE-2022-24713 (bmo#1758509) Denial of Service via complex regular expressions * CVE-2022-28289 (bmo#1663508, bmo#1744525, bmo#1753508, bmo#1757476, bmo#1757805, bmo#1758549, bmo#1758776) OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=970 2022-04-05 22:51:21 +02:00			`# define FP_sig(p) RFP_sig(p)`
- Mozilla Firefox 107.0 MFSA 2022-47 (bsc#1205270) * CVE-2022-45403 (bmo#1762078) Service Workers might have learned size of cross-origin media files * CVE-2022-45404 (bmo#1790815) Fullscreen notification bypass * CVE-2022-45405 (bmo#1791314) Use-after-free in InputStream implementation * CVE-2022-45406 (bmo#1791975) Use-after-free of a JavaScript Realm * CVE-2022-45407 (bmo#1793314) Loading fonts on workers was not thread-safe * CVE-2022-45408 (bmo#1793829) Fullscreen notification bypass via windowName * CVE-2022-45409 (bmo#1796901) Use-after-free in Garbage Collection * CVE-2022-45410 (bmo#1658869) ServiceWorker-intercepted requests bypassed SameSite cookie policy * CVE-2022-45411 (bmo#1790311) Cross-Site Tracing was possible via non-standard override headers * CVE-2022-45412 (bmo#1791029) Symlinks may resolve to partially uninitialized buffers * CVE-2022-45413 (bmo#1791201) SameSite=Strict cookies could have been sent cross-site via intent URLs * CVE-2022-40674 (bmo#1791598) Use-after-free vulnerability in expat * CVE-2022-45415 (bmo#1793551) Downloaded file may have been saved with malicious extension * CVE-2022-45416 (bmo#1793676) OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1019 2022-11-16 14:36:59 +01:00			`# define SP_sig(p) R03_sig(p)`
- Mozilla Firefox 99.0 * You can now toggle Narrate in ReaderMode with the keyboard shortcut "n." * You can find added support for search—with or without diacritics—in the PDF viewer. * The Linux sandbox has been strengthened: processes exposed to web content no longer have access to the X Window system (X11). * Firefox now supports credit card autofill and capture in Germany and France. MFSA 2022-13 (bsc#1197903) * CVE-2022-1097 (bmo#1745667) Use-after-free in NSSToken objects * CVE-2022-28281 (bmo#1755621) Out of bounds write due to unexpected WebAuthN Extensions * CVE-2022-28282 (bmo#1751609) Use-after-free in DocumentL10n::TranslateDocument * CVE-2022-28283 (bmo#1754066) Missing security checks for fetching sourceMapURL * CVE-2022-28284 (bmo#1754522) Script could be executed via svg's use element * CVE-2022-28285 (bmo#1756957) Incorrect AliasSet used in JIT Codegen * CVE-2022-28286 (bmo#1735265) iframe contents could be rendered outside the border * CVE-2022-28287 (bmo#1741515) Text Selection could crash Firefox * CVE-2022-24713 (bmo#1758509) Denial of Service via complex regular expressions * CVE-2022-28289 (bmo#1663508, bmo#1744525, bmo#1753508, bmo#1757476, bmo#1757805, bmo#1758549, bmo#1758776) OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=970 2022-04-05 22:51:21 +02:00			`# define LR_sig(p) RRA_sig(p)`
- Mozilla Firefox 93.0 * supports the new AVIF image format * PDF viewer now supports filling more forms (XFA-based forms) * now blocks downloads that rely on insecure connections, protecting against potentially malicious or unsafe downloads * Improved web compatibility for privacy protections with SmartBlock 3.0 * Introducing a new referrer tracking protection in Strict Tracking Protection and Private Browsing * TLS ciphersuites that use 3DES have been disabled. Such ciphersuites can only be enabled when deprecated versions of TLS are also enabled * The download panel now follows the Firefox visual styles MFSA 2021-43 (bsc#1191332) * CVE-2021-38496 (bmo#1725335) Use-after-free in MessageTask * CVE-2021-38497 (bmo#1726621) Validation message could have been overlaid on another origin * CVE-2021-38498 (bmo#1729642) Use-after-free of nsLanguageAtomService object * CVE-2021-32810 (bmo#1729813) https://github.com/crossbeam-rs/crossbeam/security/advisories/GHSA-pqqp-xmhj-wgcw) Data race in crossbeam-deque * CVE-2021-38500 (bmo#1725854, bmo#1728321) Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2 * CVE-2021-38501 (bmo#1685354, bmo#1715755, bmo#1723176) Memory safety bugs fixed in Firefox 93 and Firefox ESR 91.2 * CVE-2021-38499 (bmo#1667102, bmo#1723170, bmo#1725356, bmo#1727364) Memory safety bugs fixed in Firefox 93 - removed obsolete mozilla-bmo1708709.patch OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=936 2021-10-06 09:02:07 +02:00			`+# elif defined(__s390x__)`
			`+# define PC_sig(p) PSWa_sig(p)`
			`+# define SP_sig(p) GR_sig(p, 15)`
			`+# define FP_sig(p) GR_sig(p, 11)`
Accepting request 1092018 from home:AndreasStieger:branches:mozilla:Factory Mozilla Firefox 114.0.1 OBS-URL: https://build.opensuse.org/request/show/1092018 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1066 2023-06-10 17:11:56 +02:00			`# elif defined(__riscv)`
			`# define PC_sig(p) RPC_sig(p)`
			`# define FP_sig(p) RFP_sig(p)`