diff --git a/MozillaFirefox.changes b/MozillaFirefox.changes index 7c262d88..454096e9 100644 --- a/MozillaFirefox.changes +++ b/MozillaFirefox.changes @@ -1,3 +1,38 @@ +------------------------------------------------------------------- +Sun Jul 11 08:53:02 UTC 2021 - Wolfgang Rosenauer + +- Mozilla Firefox 90.0 + MFSA 2021-28 (bsc#1188275) + * CVE-2021-29970 (bmo#1709976) + Use-after-free in accessibility features of a document + * CVE-2021-29971 (bmo#1713638) + Granted permissions only compared host; omitting scheme and + port on Android + * CVE-2021-30547 (bmo#1715766) + Out of bounds write in ANGLE + * CVE-2021-29972 (bmo#1696816) + Use of out-of-date library included use-after-free + vulnerability + * CVE-2021-29973 (bmo#1701932) + Password autofill on HTTP websites was enabled without user + interaction on Android + * CVE-2021-29974 (bmo#1704843) + HSTS errors could be overridden when network partitioning was + enabled + * CVE-2021-29975 (bmo#1713259) + Text message could be overlaid on top of another website + * CVE-2021-29976 (bmo#1700895, bmo#1703334, bmo#1706910, + bmo#1711576, bmo#1714391) + Memory safety bugs fixed in Firefox 90 and Firefox ESR 78.12 + * CVE-2021-29977 (bmo#1665836, bmo#1686138, bmo#1704316, + bmo#1706314, bmo#1709931, bmo#1712084, bmo#1712357, + bmo#1714066) + Memory safety bugs fixed in Firefox 90 +- requires + NSPR 4.31 + NSS 3.66 +- Gtk2 support removed (was only for Flash plugin before) + ------------------------------------------------------------------- Wed Jun 23 16:54:20 UTC 2021 - Andreas Stieger diff --git a/MozillaFirefox.spec b/MozillaFirefox.spec index c44bb601..5c780ee1 100644 --- a/MozillaFirefox.spec +++ b/MozillaFirefox.spec @@ -32,9 +32,9 @@ # orig_suffix b3 # major 69 # mainver %major.99 -%define major 89 -%define mainver %major.0.2 -%define orig_version 89.0.2 +%define major 90 +%define mainver %major.0 +%define orig_version 90.0 %define orig_suffix %{nil} %define update_channel release %define branding 1 @@ -110,8 +110,8 @@ BuildRequires: libidl-devel BuildRequires: libiw-devel BuildRequires: libproxy-devel BuildRequires: makeinfo -BuildRequires: mozilla-nspr-devel >= 4.30 -BuildRequires: mozilla-nss-devel >= 3.64 +BuildRequires: mozilla-nspr-devel >= 4.31 +BuildRequires: mozilla-nss-devel >= 3.66 BuildRequires: nasm >= 2.14 BuildRequires: nodejs >= 10.22.1 %if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000 @@ -142,9 +142,7 @@ BuildRequires: clang-devel >= 5 BuildRequires: pkgconfig(gdk-x11-2.0) BuildRequires: pkgconfig(glib-2.0) >= 2.22 BuildRequires: pkgconfig(gobject-2.0) -BuildRequires: pkgconfig(gtk+-2.0) >= 2.18.0 BuildRequires: pkgconfig(gtk+-3.0) >= 3.14.0 -BuildRequires: pkgconfig(gtk+-unix-print-2.0) BuildRequires: pkgconfig(gtk+-unix-print-3.0) BuildRequires: pkgconfig(libffi) BuildRequires: pkgconfig(libpulse) @@ -439,6 +437,7 @@ mk_add_options BUILD_OFFICIAL=1 mk_add_options MOZ_MAKE_FLAGS=%{?jobs:-j%jobs} mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/../obj . \$topsrcdir/browser/config/mozconfig +ac_add_options --disable-bootstrap ac_add_options --prefix=%{_prefix} ac_add_options --libdir=%{_libdir} ac_add_options --includedir=%{_includedir} @@ -733,8 +732,6 @@ exit 0 %dir %{progdir}/distribution/ %{progdir}/distribution/extensions/ %{progdir}/defaults/ -%dir %{progdir}/gtk2 -%{progdir}/gtk2/libmozgtk.so %{progdir}/gmp-clearkey/ %attr(755,root,root) %{progdir}/%{progname}.sh %{progdir}/%{progname} diff --git a/firefox-89.0.2.source.tar.xz b/firefox-89.0.2.source.tar.xz deleted file mode 100644 index 97abbdce..00000000 --- a/firefox-89.0.2.source.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:3225f583c5e36bdf52ad16f71a2c359deb0c765c38205acdeb6b7b6520ac5494 -size 371053016 diff --git a/firefox-89.0.2.source.tar.xz.asc b/firefox-89.0.2.source.tar.xz.asc deleted file mode 100644 index b60c5388..00000000 --- a/firefox-89.0.2.source.tar.xz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmDSPQ8ACgkQ6+QekPbx -L22eQg//eb2gODWRyRh7tFHb46x55pVclcfgRRZIrOOSFn1jyKGwTWVHx5GrjO/x -ZiQVwlG+bjcGF6ClK7rH1nMTAvygAkhRWokGWcds5kiC4z3/fb/7Xq3KyZrr2E7Q -1gIP08Ukpthtf78j6IYrlVGxvcZzuSOktFhMfxQussPEB/SpuiC4h0X3FvcSJyW8 -GCoqAw9O3EzjdB+HFC/zJ/hI366t105LYHKY7Bh3GgQoM6362w79TRTQQOHNLhXJ -KQ7gRDuLnOwXRvn+QqJ/Rqu6jhB6MbbXVDMTiTXa358SIn/B0RuK89yd5tFFr9xF -0n0bT3ttpPCrpO4Ml6O4mBhlB9FkPZGLp2/66/5r6iLswEmS0Bo+eEvOPDP/tD4M -S00lxXPsYd3uFDqrU5o+yaqyoscS1f0zWJBUAgFC/crqnlpyryTd2VvwnxPb0oBS -KXXkxD6wilOeQ39bijIbTEtGoXiSn6QHeIyHnp8bLk2dFr9PAclsvsvs4C39rY8A -4dvatl6v5wiATUNk6YRvNvzZi7ry4x4tWI2Hf1q6wInzk8Jdv6liCGATwtjujHbv -q3f9QaL04y/kgxcFSZIMwv9d8esoQjqHg2V+vMys9vFf+i7MiMQdEGkpcUiE46j5 -fbfySNhBL8tUZFbiKRwcxr+fo/jZq0xTgGRZLfRW6iyUuY5AZ6M= -=Fcf0 ------END PGP SIGNATURE----- diff --git a/firefox-90.0.source.tar.xz b/firefox-90.0.source.tar.xz new file mode 100644 index 00000000..cc01a162 --- /dev/null +++ b/firefox-90.0.source.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:43a943e7d7660c6d7f5b41c95b344b7fd6a4a88ad0bb45dbd844b372ea60d58b +size 378743212 diff --git a/firefox-90.0.source.tar.xz.asc b/firefox-90.0.source.tar.xz.asc new file mode 100644 index 00000000..9eef3e86 --- /dev/null +++ b/firefox-90.0.source.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmDjW6wACgkQ6+QekPbx +L2153A//ZqmjuM96WSVab2lxEby5DJysHygxvSQ/JcSUP0eG5vUOGuKVZXPp7FkR +WaE//wHrbFcr9LGc2WXxkGfLcawBfRDO6JVtbnY/PtMt+76dQlX0cRDuULTqRoCT +16hqPIRpuqUrsamSphwbDmlu6leOWKnnfzxg4TcMhx2KoZE/O1fUjN09ZbASzJd6 +c8haUE2IlZZTeLwDMlHjpdwtvyurEudSYxMCKR1YIIQHVomd37+RPQc6xAGERNjl +m9c+cmeaoDSrAMmqN/fz0ODwluskrzUG4oW/dJ0WZQCCamO2ZhyOc5KjaQJP0dty +L9Fb+in/IlwoTH/OevRlVIZjRgB7QaX3F5OAK5S0kYrA4V7bCU7nBThtsjT+Uw+E +TBYdd9yRkLHNiOEoMVg+YoDU3qDZUi05mhWX7DMrYp0Ya7euaEDWOXCKDH3+Ixvc +M3d/mDzJrv9QJl96Oq1Rfgw/cde4pGJGJPZXeEMrPHsO3nERTdb/PAsTGoRkgBD5 +zfkcMRyWd0eW5SvkvNFCzQhZ1smD4yDMZvkC5I8NAIELDpnF41o/N+JD+n2Yh23e +CkW0GhStkILoHeHDL3Ok7GfaCPYZifGdX3wE+oAusv0v7JhyXkvsVDHtP+hiOuxf +7xIb7JiCNh+97cdhrTIZZX4paNXoYm+UCvshTCfgxWNGPz6YUig= +=zN9Z +-----END PGP SIGNATURE----- diff --git a/l10n-89.0.2.tar.xz b/l10n-89.0.2.tar.xz deleted file mode 100644 index ad950ae6..00000000 --- a/l10n-89.0.2.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:508d9be7c41c1e65c49241290cf433f57a391699e54da71d1edcb76e16002429 -size 51091492 diff --git a/l10n-90.0.tar.xz b/l10n-90.0.tar.xz new file mode 100644 index 00000000..b982a93e --- /dev/null +++ b/l10n-90.0.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:3eb7bcffce2af327ccf714e6dfc7a52167b942126de1399f690e6a8d8a44b243 +size 51154288 diff --git a/mozilla-kde.patch b/mozilla-kde.patch index 5a1e3c3f..9c0c1eef 100644 --- a/mozilla-kde.patch +++ b/mozilla-kde.patch @@ -3,7 +3,7 @@ # Date 1559294891 -7200 # Fri May 31 11:28:11 2019 +0200 # Node ID c2aa7198fb925e7fde96abf65b6f68b9b755f112 -# Parent 53e325f006bd6a31f6f3d40ae248e4058897055a +# Parent c8bc6be5267f16016d506973a2d6a7c58a1cd441 Description: Add KDE integration to Firefox (toolkit parts) Author: Wolfgang Rosenauer Author: Lubos Lunak @@ -356,7 +356,7 @@ diff --git a/toolkit/system/unixproxy/nsUnixSystemProxySettings.cpp b/toolkit/sy diff --git a/toolkit/xre/moz.build b/toolkit/xre/moz.build --- a/toolkit/xre/moz.build +++ b/toolkit/xre/moz.build -@@ -92,17 +92,19 @@ elif CONFIG["MOZ_WIDGET_TOOLKIT"] == "co +@@ -93,17 +93,19 @@ elif CONFIG["MOZ_WIDGET_TOOLKIT"] == "co "../components/printingui", ] elif CONFIG["MOZ_WIDGET_TOOLKIT"] == "uikit": @@ -841,7 +841,7 @@ diff --git a/uriloader/exthandler/HandlerServiceParent.cpp b/uriloader/exthandle diff --git a/uriloader/exthandler/moz.build b/uriloader/exthandler/moz.build --- a/uriloader/exthandler/moz.build +++ b/uriloader/exthandler/moz.build -@@ -77,17 +77,19 @@ else: +@@ -80,17 +80,19 @@ else: SOURCES += [ osdir + "/nsOSHelperAppService.cpp", ] @@ -861,7 +861,7 @@ diff --git a/uriloader/exthandler/moz.build b/uriloader/exthandler/moz.build ] elif CONFIG["MOZ_WIDGET_TOOLKIT"] == "windows": UNIFIED_SOURCES += [ -@@ -125,16 +127,17 @@ include("/ipc/chromium/chromium-config.m +@@ -128,16 +130,17 @@ include("/ipc/chromium/chromium-config.m FINAL_LIBRARY = "xul" LOCAL_INCLUDES += [ @@ -1206,15 +1206,15 @@ diff --git a/uriloader/exthandler/unix/nsOSHelperAppService.cpp b/uriloader/exth #ifdef MOZ_WIDGET_GTK -# include "nsGNOMERegistry.h" +# include "nsCommonRegistry.h" + # ifdef MOZ_BUILD_APP_IS_BROWSER + # include "nsIToolkitShellService.h" + # include "nsIGNOMEShellService.h" + # endif #endif #include "nsISupports.h" #include "nsString.h" #include "nsReadableUtils.h" - #include "nsUnicharUtils.h" - #include "nsIFileStreams.h" - #include "nsILineInputStream.h" - #include "nsIFile.h" -@@ -1020,17 +1020,17 @@ nsresult nsOSHelperAppService::GetHandle +@@ -1024,17 +1024,17 @@ nsresult nsOSHelperAppService::GetHandle nsresult nsOSHelperAppService::OSProtocolHandlerExists( const char* aProtocolScheme, bool* aHandlerExists) { @@ -1233,7 +1233,7 @@ diff --git a/uriloader/exthandler/unix/nsOSHelperAppService.cpp b/uriloader/exth nsCOMPtr handlerSvc = do_GetService(NS_HANDLERSERVICE_CONTRACTID, &rv); if (NS_SUCCEEDED(rv) && handlerSvc) { -@@ -1040,17 +1040,17 @@ nsresult nsOSHelperAppService::OSProtoco +@@ -1044,17 +1044,17 @@ nsresult nsOSHelperAppService::OSProtoco } return rv; @@ -1252,7 +1252,7 @@ diff --git a/uriloader/exthandler/unix/nsOSHelperAppService.cpp b/uriloader/exth NS_IMETHODIMP nsOSHelperAppService::IsCurrentAppOSDefaultForProtocol( const nsACString& aScheme, bool* _retval) { -@@ -1137,17 +1137,17 @@ already_AddRefed nsOSHel +@@ -1147,17 +1147,17 @@ already_AddRefed nsOSHel nsresult rv = LookUpTypeAndDescription(NS_ConvertUTF8toUTF16(aFileExt), majorType, minorType, mime_types_description, true); @@ -1271,7 +1271,7 @@ diff --git a/uriloader/exthandler/unix/nsOSHelperAppService.cpp b/uriloader/exth rv = LookUpTypeAndDescription(NS_ConvertUTF8toUTF16(aFileExt), majorType, minorType, mime_types_description, false); -@@ -1248,17 +1248,17 @@ already_AddRefed nsOSHel +@@ -1258,17 +1258,17 @@ already_AddRefed nsOSHel // Now look up our extensions nsAutoString extensions, mime_types_description; @@ -1293,7 +1293,7 @@ diff --git a/uriloader/exthandler/unix/nsOSHelperAppService.cpp b/uriloader/exth diff --git a/widget/gtk/moz.build b/widget/gtk/moz.build --- a/widget/gtk/moz.build +++ b/widget/gtk/moz.build -@@ -137,16 +137,17 @@ FINAL_LIBRARY = "xul" +@@ -136,16 +136,17 @@ FINAL_LIBRARY = "xul" LOCAL_INCLUDES += [ "/layout/base", @@ -1337,20 +1337,20 @@ diff --git a/widget/gtk/nsFilePicker.cpp b/widget/gtk/nsFilePicker.cpp #include "nsNetUtil.h" #include "nsReadableUtils.h" #include "MozContainer.h" - #include "gfxPlatformGtk.h" + #include "WidgetUtilsGtk.h" #include "nsFilePicker.h" +#include "nsKDEUtils.h" +#include "nsURLHelper.h" - using namespace mozilla; - - #define MAX_PREVIEW_SIZE 180 - // bug 1184009 - #define MAX_PREVIEW_SOURCE_SIZE 4096 - - nsIFile* nsFilePicker::mPrevDisplayDirectory = nullptr; -@@ -231,17 +234,19 @@ nsFilePicker::AppendFilters(int32_t aFil + #undef LOG + #ifdef MOZ_LOGGING + # include "mozilla/Logging.h" + # include "nsTArray.h" + # include "Units.h" + extern mozilla::LazyLogModule gWidgetLog; + # define LOG(args) MOZ_LOG(gWidgetLog, mozilla::LogLevel::Debug, args) +@@ -242,17 +245,19 @@ nsFilePicker::AppendFilters(int32_t aFil mAllowURLs = !!(aFilterMask & filterAllowURLs); return nsBaseFilePicker::AppendFilters(aFilterMask); } @@ -1371,7 +1371,7 @@ diff --git a/widget/gtk/nsFilePicker.cpp b/widget/gtk/nsFilePicker.cpp mFilters.AppendElement(filter); mFilterNames.AppendElement(name); -@@ -341,16 +346,39 @@ nsresult nsFilePicker::Show(int16_t* aRe +@@ -352,16 +357,39 @@ nsresult nsFilePicker::Show(int16_t* aRe return NS_OK; } @@ -1411,7 +1411,7 @@ diff --git a/widget/gtk/nsFilePicker.cpp b/widget/gtk/nsFilePicker.cpp GtkFileChooserAction action = GetGtkFileChooserAction(mMode); const gchar* accept_button; -@@ -570,16 +598,244 @@ void nsFilePicker::Done(void* file_choos +@@ -581,16 +609,244 @@ void nsFilePicker::Done(void* file_choos mCallback->Done(result); mCallback = nullptr; } else { diff --git a/mozilla-reduce-rust-debuginfo.patch b/mozilla-reduce-rust-debuginfo.patch index 9de0e084..593ec706 100644 --- a/mozilla-reduce-rust-debuginfo.patch +++ b/mozilla-reduce-rust-debuginfo.patch @@ -3,16 +3,16 @@ # Date 1560754926 -7200 # Mon Jun 17 09:02:06 2019 +0200 # Node ID 428161c3b9599083e1b8710eda1760f1f707ab11 -# Parent 2a004fe4d56123f6e73a9436d1a290bbfc5e0b6b +# Parent d55730171edb1935dec80234eba336787ff0e4e8 #Description: reduce the rust debuginfo level on selected architectures where # compiling with debuginfo=2 causes the OOM killer to interrupt the build on # launchpad builders. Initially this was only on 32 bit architectures, but with # firefox 63 it started happening frequently on arm64 and ppc64el too. -diff --git a/build/moz.configure/toolchain.configure b/build/moz.configure/toolchain.configure ---- a/build/moz.configure/toolchain.configure -+++ b/build/moz.configure/toolchain.configure -@@ -2145,18 +2145,19 @@ def rustc_opt_level(opt_level_option, mo +diff --git a/build/moz.configure/rust.configure b/build/moz.configure/rust.configure +--- a/build/moz.configure/rust.configure ++++ b/build/moz.configure/rust.configure +@@ -603,18 +603,19 @@ set_config("CARGO_PROFILE_DEV_OPT_LEVEL" @depends( @@ -33,7 +33,7 @@ diff --git a/build/moz.configure/toolchain.configure b/build/moz.configure/toolc # optimization level. Since Cargo only supports 2 profiles, we're in # a bit of a bind. # -@@ -2169,16 +2170,18 @@ def rust_compile_flags(opt_level, debug_ +@@ -627,16 +628,18 @@ def rust_compile_flags(opt_level, debug_ # opt-level=0 implies -C debug-assertions, which may not be desired # unless Rust debugging is enabled. @@ -47,8 +47,8 @@ diff --git a/build/moz.configure/toolchain.configure b/build/moz.configure/toolc opts = [] - if opt_level is not None: - opts.append("opt-level=%s" % opt_level) if debug_assertions is not None: opts.append("debug-assertions=%s" % ("yes" if debug_assertions else "no")) if debug_info is not None: + opts.append("debuginfo=%s" % debug_info) + if frame_pointers: diff --git a/tar_stamps b/tar_stamps index 43389e4f..9f2c146a 100644 --- a/tar_stamps +++ b/tar_stamps @@ -1,11 +1,11 @@ PRODUCT="firefox" CHANNEL="release" -VERSION="89.0.2" +VERSION="90.0" VERSION_SUFFIX="" -PREV_VERSION="89.0.1" +PREV_VERSION="89.0.2" PREV_VERSION_SUFFIX="" #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release" -RELEASE_TAG="9fcea995d1dabc5a4f4ef3811dc0e6e00d88cbe3" -RELEASE_TIMESTAMP="20210622155641" +RELEASE_TAG="47c82d2ce122eab0664b51c372d99fc868227506" +RELEASE_TIMESTAMP="20210705185941"