- Mozilla Firefox 101.0

* Reading is now easier with the prefers-contrast media query,
    which allows sites to detect if the user has requested that web
    content is presented with a higher (or lower) contrast
  * All non-configured MIME types can now be assigned a custom
    action upon download completion
  * allows users to use as many microphones as you want, at the
    same time, during video conferencing. The most exciting benefit
    is that you can easily switch your microphones at any time
    (if your conferencing service provider enables this flexibility)
  MFSA 2022-20 (bsc#1200027)
  * CVE-2022-31736 (bmo#1735923)
    Cross-Origin resource's length leaked
  * CVE-2022-31737 (bmo#1743767)
    Heap buffer overflow in WebGL
  * CVE-2022-31738 (bmo#1756388)
    Browser window spoof using fullscreen mode
  * CVE-2022-31739 (bmo#1765049)
    Attacker-influenced path traversal when saving downloaded files
  * CVE-2022-31740 (bmo#1766806)
    Register allocation problem in WASM on arm64
  * CVE-2022-31741 (bmo#1767590)
    Uninitialized variable leads to invalid memory read
  * CVE-2022-31742 (bmo#1730434)
    Querying a WebAuthn token with a large number of allowCredential
    entries may have leaked cross-origin information
  * CVE-2022-31743 (bmo#1747388)
    HTML Parsing incorrectly ended HTML comments prematurely
  * CVE-2022-31744 (bmo#1757604)
    CSP bypass enabling stylesheet injection

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=979
This commit is contained in:
Wolfgang Rosenauer 2022-05-31 21:18:50 +00:00 committed by Git OBS Bridge
parent 9498fa4a6a
commit 1ec6880184
11 changed files with 113 additions and 93 deletions

View File

@ -1,3 +1,52 @@
-------------------------------------------------------------------
Sun May 29 08:02:45 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
- Mozilla Firefox 101.0
* Reading is now easier with the prefers-contrast media query,
which allows sites to detect if the user has requested that web
content is presented with a higher (or lower) contrast
* All non-configured MIME types can now be assigned a custom
action upon download completion
* allows users to use as many microphones as you want, at the
same time, during video conferencing. The most exciting benefit
is that you can easily switch your microphones at any time
(if your conferencing service provider enables this flexibility)
MFSA 2022-20 (bsc#1200027)
* CVE-2022-31736 (bmo#1735923)
Cross-Origin resource's length leaked
* CVE-2022-31737 (bmo#1743767)
Heap buffer overflow in WebGL
* CVE-2022-31738 (bmo#1756388)
Browser window spoof using fullscreen mode
* CVE-2022-31739 (bmo#1765049)
Attacker-influenced path traversal when saving downloaded files
* CVE-2022-31740 (bmo#1766806)
Register allocation problem in WASM on arm64
* CVE-2022-31741 (bmo#1767590)
Uninitialized variable leads to invalid memory read
* CVE-2022-31742 (bmo#1730434)
Querying a WebAuthn token with a large number of allowCredential
entries may have leaked cross-origin information
* CVE-2022-31743 (bmo#1747388)
HTML Parsing incorrectly ended HTML comments prematurely
* CVE-2022-31744 (bmo#1757604)
CSP bypass enabling stylesheet injection
* CVE-2022-31745 (bmo#1760944)
Incorrect Assertion caused by unoptimized array shift operations
* CVE-2022-1919 (bmo#1761275)
Memory Corruption when manipulating webp images
* CVE-2022-31747 (bmo#1760765, bmo#1765610, bmo#1766283,
bmo#1767365, bmo#1768559, bmo#1768734)
Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10
* CVE-2022-31748 (bmo#1713773, bmo#1762201, bmo#1762469,
bmo#1762770, bmo#1764878, bmo#1765226, bmo#1765782, bmo#1765973,
bmo#1767177, bmo#1767181, bmo#1768232, bmo#1768251, bmo#1769869)
Memory safety bugs fixed in Firefox 101
- requires
* NSS 3.78.1
* rust-cbindgen 0.23.0
* rust 1.59
-------------------------------------------------------------------
Fri May 20 15:03:50 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>

View File

@ -28,9 +28,9 @@
# orig_suffix b3
# major 69
# mainver %major.99
%define major 100
%define mainver %major.0.2
%define orig_version 100.0.2
%define major 101
%define mainver %major.0
%define orig_version 101.0
%define orig_suffix %{nil}
%define update_channel release
%define branding 1
@ -103,7 +103,7 @@ BuildRequires: rust >= 1.57
# Newer sle/leap/tw use parallel versioned rust releases which have
# a different method for provides that we can use to request a
# specific version
BuildRequires: rust+cargo >= 1.57
BuildRequires: rust+cargo >= 1.59
%endif
%if 0%{useccache} != 0
BuildRequires: ccache
@ -114,7 +114,7 @@ BuildRequires: libiw-devel
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.33
BuildRequires: mozilla-nss-devel >= 3.77
BuildRequires: mozilla-nss-devel >= 3.78.1
BuildRequires: nasm >= 2.14
BuildRequires: nodejs >= 10.22.1
%if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000
@ -124,7 +124,7 @@ BuildRequires: python36
BuildRequires: python3 >= 3.5
BuildRequires: python3-devel
%endif
BuildRequires: rust-cbindgen >= 0.19.0
BuildRequires: rust-cbindgen >= 0.23.0
BuildRequires: unzip
BuildRequires: update-desktop-files
BuildRequires: xorg-x11-libXt-devel

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:dc109861204f6938fd8f147af89a694eb516f3d4bb64ce3f0116452d654a8417
size 482708576

View File

@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmKG9vEACgkQ6+QekPbx
L23hBA//QKUM6apNd2eej4pXUdWxjHbVCqGsmK5hoBLpHj11n3b9YpYHNJaOMmRj
uqK0anPUCEcTz7kT7liEjXAyGhzbdCjk2IzZ5RF214zcKgHElgp0zKzvvuVnkpfF
ZA90JC2db2I6h/qFKQriohKCkPYKK32hKRj+t0cXq6yZMpaHKOjnvmBfFkLNm0y6
YjIBHWGNrPyD7r+Z66UZE1N9catNwJYCFbHQfr0BSCcjNbSRyZMo8Spx2ObdbArL
syPC408MRIGhgTHA/62u/8Z6YprQXCqg6fb9zJ+Ol6ZvFVdCkeLFQxKgAAa1lydK
M1FOJ4PWe5+1bkih5C5McdWYGQkjpePjUIk0q/NGQj08zkfLbBBChtvrgC++WLjq
7+fmILFSwyyemjH7WnG6u16gKNpW44tYfaYp0WWTghonmEAKAcj43Es3u1BIjpa2
dtKx8R3PrOYtlnxirRyP0Si8hXAluMlf3YG8VIftDGZeAvfs3Mt5wYey3vWL5fFk
d3U9WvjAaNPwsEmlwmhC0cv7/QwbxhDxI9nDIAeTohaWLyEktaLQ0HifKJEC0yZx
PJTF6iDqE/P6cQBLAEU29O5KgfHyfee6S9iTER1nyEFM7Rwpd4B64Z1NhQGMK+d5
uALQVPVybsBLI/pBat+FIy+6E5cZ6hBoJljr3aRRuCfjUTF7P24=
=i3w3
-----END PGP SIGNATURE-----

View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:55ab5b517d58bbcbc837640263a8371cf1fba3d9f508e54537c4d2cbbfb86095
size 490975228

View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmKQC4IACgkQ6+QekPbx
L23CXQ//UoQerap0tAeT7sVMGPih6knlnS5vPnqAHFIihgVIMagqmg60BMiTp+y4
z4Ax8btlnBiS/nH3QoQtVfWwqjXdmE9MRlKkFKUhsoFDrDZwLHv9eda6TtZnHpxR
TJAGGOGGLX6DQePOikzGDX9qcmstspxgpbNRuWD7tMRVlT9+L6JfK9zdmItl514b
WORhj/zBTqVmDEV38Yp8Zf0JuiUX0WOng7Bf0A5ITSuJjMy7H0s0M2NtxcmaSuDE
g1ZZimCvXVt9BXwVPXgkZNyI5fUXY0INa0xqEd8MQxLjnxCEnoXD/Tgeg80kGPDx
kXTEpS3Nt9oAloXW7V8Zdna3LOx54gigzr3HclJw5G/+nFXedMYFSXFAmZeZxCg0
hhWCk5yKl+88ZVFR4rY0HAm/wz7lmr7F3MnvbrV1DDSNijy4Nnxq/u3kPLeAv+R6
6UyIKaUZr9ZXxxj9IWKhEoyhuN/jPoNnk8f89erQYzBQWCHprMI81kjwEq1gcNKj
GO/aL7/+xEWlNI/CUxh7sOXlXMraGfTW0Lk4lI2KwU0fA4INQKJWFvfL6uD/0tl7
Kj3rlJLJxiEn0AzKminVSLeL6bFaYKxySOEiNzU2ckB96jGwgjikWiEKEENPjNFQ
OO9TTNurjWXZGtvVnCAm0SFs9wikYVPSWMLUIKPiDj0x4TB9bSQ=
=lp45
-----END PGP SIGNATURE-----

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:131c6ea39bf44e0d55d176151b8f002d0394a7bc50568ddb197d238abeed4f70
size 49952564

3
l10n-101.0.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:afcc91cfc8920c3343deabf634d83d5d6e1517f8b3f659941959b9dbfdd84da2
size 48915416

View File

@ -3,7 +3,7 @@
# Date 1559294891 -7200
# Fri May 31 11:28:11 2019 +0200
# Node ID c2aa7198fb925e7fde96abf65b6f68b9b755f112
# Parent 8d1110b6918acc4e7d3f655d1e55f4b4ff630abe
# Parent eeedc49c16aba3b50d1547315a88091a1c765904
Description: Add KDE integration to Firefox (toolkit parts)
Author: Wolfgang Rosenauer <wolfgang@rosenauer.org>
Author: Lubos Lunak <lunak@suse.com>
@ -13,12 +13,12 @@ Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=140751
diff --git a/modules/libpref/Preferences.cpp b/modules/libpref/Preferences.cpp
--- a/modules/libpref/Preferences.cpp
+++ b/modules/libpref/Preferences.cpp
@@ -84,16 +84,17 @@
#include "plbase64.h"
@@ -88,16 +88,17 @@
#include "PLDHashTable.h"
#include "plstr.h"
#include "prlink.h"
#include "xpcpublic.h"
#include "js/RootingAPI.h"
#ifdef MOZ_BACKGROUNDTASKS
# include "mozilla/BackgroundTasks.h"
#endif
@ -31,7 +31,7 @@ diff --git a/modules/libpref/Preferences.cpp b/modules/libpref/Preferences.cpp
#ifdef MOZ_MEMORY
# include "mozmemory.h"
#endif
@@ -4634,16 +4635,27 @@ nsresult Preferences::InitInitialObjects
@@ -4767,16 +4768,27 @@ nsresult Preferences::InitInitialObjects
"unix.js"
# if defined(_AIX)
,
@ -59,7 +59,7 @@ diff --git a/modules/libpref/Preferences.cpp b/modules/libpref/Preferences.cpp
// Load jar:$app/omni.jar!/defaults/preferences/*.js
// or jar:$gre/omni.jar!/defaults/preferences/*.js.
@@ -4708,17 +4720,17 @@ nsresult Preferences::InitInitialObjects
@@ -4841,17 +4853,17 @@ nsresult Preferences::InitInitialObjects
}
nsCOMPtr<nsIFile> path = do_QueryInterface(elem);
@ -81,7 +81,7 @@ diff --git a/modules/libpref/Preferences.cpp b/modules/libpref/Preferences.cpp
diff --git a/modules/libpref/moz.build b/modules/libpref/moz.build
--- a/modules/libpref/moz.build
+++ b/modules/libpref/moz.build
@@ -118,16 +118,20 @@ EXPORTS.mozilla += [
@@ -120,16 +120,20 @@ EXPORTS.mozilla += [
]
EXPORTS.mozilla += sorted(["!" + g for g in gen_h])
@ -828,7 +828,7 @@ diff --git a/uriloader/exthandler/moz.build b/uriloader/exthandler/moz.build
]
elif CONFIG["MOZ_WIDGET_TOOLKIT"] == "windows":
UNIFIED_SOURCES += [
@@ -126,16 +128,17 @@ include("/ipc/chromium/chromium-config.m
@@ -130,16 +132,17 @@ include("/ipc/chromium/chromium-config.m
FINAL_LIBRARY = "xul"
LOCAL_INCLUDES += [
@ -1263,7 +1263,7 @@ diff --git a/uriloader/exthandler/unix/nsOSHelperAppService.cpp b/uriloader/exth
diff --git a/widget/gtk/moz.build b/widget/gtk/moz.build
--- a/widget/gtk/moz.build
+++ b/widget/gtk/moz.build
@@ -136,16 +136,17 @@ FINAL_LIBRARY = "xul"
@@ -154,16 +154,17 @@ FINAL_LIBRARY = "xul"
LOCAL_INCLUDES += [
"/layout/base",
@ -1277,7 +1277,7 @@ diff --git a/widget/gtk/moz.build b/widget/gtk/moz.build
"/widget/headless",
]
if CONFIG["MOZ_X11"]:
if CONFIG["MOZ_X11"] or CONFIG["MOZ_WAYLAND"]:
LOCAL_INCLUDES += [
"/widget/x11",
]
@ -1825,7 +1825,7 @@ diff --git a/xpcom/io/nsLocalFileUnix.cpp b/xpcom/io/nsLocalFileUnix.cpp
# include "prmem.h"
# include "plbase64.h"
@@ -2071,62 +2072,77 @@ nsLocalFile::SetPersistentDescriptor(con
@@ -2071,20 +2072,29 @@ nsLocalFile::SetPersistentDescriptor(con
NS_IMETHODIMP
nsLocalFile::Reveal() {
@ -1834,47 +1834,10 @@ diff --git a/xpcom/io/nsLocalFileUnix.cpp b/xpcom/io/nsLocalFileUnix.cpp
}
#ifdef MOZ_WIDGET_GTK
- nsCOMPtr<nsIGIOService> giovfs = do_GetService(NS_GIOSERVICE_CONTRACTID);
- if (!giovfs) {
- return NS_ERROR_FAILURE;
- }
+ nsAutoCString url;
bool isDirectory;
if (NS_FAILED(IsDirectory(&isDirectory))) {
return NS_ERROR_FAILURE;
}
+ nsCOMPtr<nsIGIOService> giovfs = do_GetService(NS_GIOSERVICE_CONTRACTID);
if (isDirectory) {
- return giovfs->ShowURIForInput(mPath);
+ url = mPath;
}
if (NS_SUCCEEDED(giovfs->OrgFreedesktopFileManager1ShowItems(mPath))) {
return NS_OK;
}
nsCOMPtr<nsIFile> parentDir;
nsAutoCString dirPath;
if (NS_FAILED(GetParent(getter_AddRefs(parentDir)))) {
return NS_ERROR_FAILURE;
}
if (NS_FAILED(parentDir->GetNativePath(dirPath))) {
return NS_ERROR_FAILURE;
}
- return giovfs->ShowURIForInput(dirPath);
+ url = dirPath;
#elif defined(MOZ_WIDGET_COCOA)
CFURLRef url;
if (NS_SUCCEEDED(GetCFURL(&url))) {
nsresult rv = CocoaFileUtils::RevealFileInFinder(url);
::CFRelease(url);
return rv;
}
return NS_ERROR_FAILURE;
#else
return NS_ERROR_FAILURE;
#endif
nsCOMPtr<nsIGIOService> giovfs = do_GetService(NS_GIOSERVICE_CONTRACTID);
- if (!giovfs) {
+ url = mPath;
+ if(nsKDEUtils::kdeSupport()) {
+ nsTArray<nsCString> command;
+ command.AppendElement( "REVEAL"_ns );
@ -1883,10 +1846,18 @@ diff --git a/xpcom/io/nsLocalFileUnix.cpp b/xpcom/io/nsLocalFileUnix.cpp
+ }
+
+ if (!giovfs)
+ return NS_ERROR_FAILURE;
return NS_ERROR_FAILURE;
- }
+
+ return giovfs->ShowURIForInput(url);
}
return giovfs->RevealFile(this);
#elif defined(MOZ_WIDGET_COCOA)
CFURLRef url;
if (NS_SUCCEEDED(GetCFURL(&url))) {
nsresult rv = CocoaFileUtils::RevealFileInFinder(url);
::CFRelease(url);
return rv;
}
@@ -2096,16 +2106,23 @@ nsLocalFile::Reveal() {
NS_IMETHODIMP
nsLocalFile::Launch() {
@ -1901,11 +1872,12 @@ diff --git a/xpcom/io/nsLocalFileUnix.cpp b/xpcom/io/nsLocalFileUnix.cpp
+ command.AppendElement( mPath );
+ return nsKDEUtils::command( command ) ? NS_OK : NS_ERROR_FAILURE;
+ }
+
nsCOMPtr<nsIGIOService> giovfs = do_GetService(NS_GIOSERVICE_CONTRACTID);
if (!giovfs) {
return NS_ERROR_FAILURE;
}
return giovfs->ShowURIForInput(mPath);
return giovfs->LaunchFile(mPath);
#elif defined(MOZ_WIDGET_ANDROID)
// Not supported on GeckoView

View File

@ -1,10 +1,10 @@
# HG changeset patch
# Parent 1191efd2ea64c4081a1825176a50e872a525d4da
# Parent 6d59717f59a1c0dc50140e750d665c7e98de3e66
diff --git a/Cargo.lock b/Cargo.lock
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -2196,18 +2196,16 @@ name = "glsl-to-cxx"
@@ -2207,18 +2207,16 @@ name = "glsl-to-cxx"
version = "0.1.0"
dependencies = [
"glsl",
@ -26,16 +26,15 @@ diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -106,13 +106,13 @@ moz_asserts = { path = "mozglue/static/r
async-task = { git = "https://github.com/smol-rs/async-task", rev="f6488e35beccb26eb6e85847b02aa78a42cd3d0e" }
chardetng = { git = "https://github.com/hsivonen/chardetng", rev="3484d3e3ebdc8931493aa5df4d7ee9360a90e76b" }
@@ -109,12 +109,13 @@ chardetng = { git = "https://github.com/
chardetng_c = { git = "https://github.com/hsivonen/chardetng_c", rev="ed8a4c6f900a90d4dbc1d64b856e61490a1c3570" }
coremidi = { git = "https://github.com/chris-zen/coremidi.git", rev="fc68464b5445caf111e41f643a2e69ccce0b4f83" }
fog = { path = "toolkit/components/glean/api" }
libudev-sys = { path = "dom/webauthn/libudev-sys" }
packed_simd = { git = "https://github.com/hsivonen/packed_simd", rev="8b4bd7d8229660a749dbe419a57ea01df9de5453" }
packed_simd = { package = "packed_simd_2", git = "https://github.com/hsivonen/packed_simd", rev="c149d0a519bf878567c7630096737669ec2ff15f" }
midir = { git = "https://github.com/mozilla/midir.git", rev = "4c11f0ffb5d6a10de4aff40a7b81218b33b94e6f" }
minidump_writer_linux = { git = "https://github.com/msirringhaus/minidump_writer_linux.git", rev = "029ac0d54b237f27dc7d8d4e51bc0fb076e5e852" }
-
+glslopt = { path = "third_party/rust/glslopt/" }
# Patch mio 0.6 to use winapi 0.3 and miow 0.3, getting rid of winapi 0.2.
# There is not going to be new version of mio 0.6, mio now being >= 0.7.11.

View File

@ -1,10 +1,10 @@
PRODUCT="firefox"
CHANNEL="release"
VERSION="100.0.2"
VERSION="101.0"
VERSION_SUFFIX=""
PREV_VERSION="100.0.1"
PREV_VERSION="100.0.2"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release"
RELEASE_TAG="7ce9f0fe6cb4c4a2eb518c0add727a60d5672542"
RELEASE_TIMESTAMP="20220519220738"
RELEASE_TAG="bd46064a613aac667555769b4c804a3d757cb7c5"
RELEASE_TIMESTAMP="20220526203855"