pool/MozillaFirefox
SHA256
14
0
Fork 1
Code Issues Pull Requests Activity

Accepting request 1273825 from mozilla:Factory

Browse Source 
- Mozilla Firefox 138.0
  https://www.mozilla.org/en-US/firefox/138.0/releasenotes/
  MFSA 2025-28 (bsc#1241621)
  * CVE-2025-2817 (bmo#1917536)
    Privilege escalation in Firefox Updater
  * CVE-2025-4082 (bmo#1937097)
    WebGL shader attribute memory corruption in Firefox for macOS
  * CVE-2025-4083 (bmo#1958350)
    Process isolation bypass using "javascript:" URI links in
    cross-origin frames
  * CVE-2025-4085 (bmo#1915280)
    Potential information leakage and privilege escalation in
    UITour actor
  * CVE-2025-4086 (bmo#1945705)
    Specially crafted filename could be used to obscure download
    type
  * CVE-2025-4087 (bmo#1952465)
    Unsafe attribute access during XPath parsing
  * CVE-2025-4088 (bmo#1953521)
    Cross-site request forgery via storage access API redirects
  * CVE-2025-4089 (bmo#1949994, bmo#1956698, bmo#1960198)
    Potential local code execution in "copy as cURL" command
  * CVE-2025-4090 (bmo#1929478)
    Leaked library paths in Firefox for Android
  * CVE-2025-4091 (bmo#1951161, bmo#1952105)
    Memory safety bugs fixed in Firefox 138, Thunderbird 138,
    Firefox ESR 128.10, and Thunderbird 128.10
  * CVE-2025-4092 (bmo#1924108, bmo#1950780, bmo#1959367)
    Memory safety bugs fixed in Firefox 138 and Thunderbird 138
- requires NSS 3.110

OBS-URL: https://build.opensuse.org/request/show/1273825
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaFirefox?expand=0&rev=454
This commit is contained in:
Dominique Leuenberger
2025-05-02 12:55:53 +00:00
committed by Git OBS Bridge
parent 3ea69c38f1 2bbe0a69a1
commit 5feeaece7b
11 changed files with 77 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
MozillaFirefox.changes
View File

@@ -1,3 +1,38 @@
-------------------------------------------------------------------
Tue Apr 29 20:49:17 UTC 2025 - Wolfgang Rosenauer <wr@rosenauer.org>
- Mozilla Firefox 138.0
https://www.mozilla.org/en-US/firefox/138.0/releasenotes/
MFSA 2025-28 (bsc#1241621)
* CVE-2025-2817 (bmo#1917536)
Privilege escalation in Firefox Updater
* CVE-2025-4082 (bmo#1937097)
WebGL shader attribute memory corruption in Firefox for macOS
* CVE-2025-4083 (bmo#1958350)
Process isolation bypass using "javascript:" URI links in
cross-origin frames
* CVE-2025-4085 (bmo#1915280)
Potential information leakage and privilege escalation in
UITour actor
* CVE-2025-4086 (bmo#1945705)
Specially crafted filename could be used to obscure download
type
* CVE-2025-4087 (bmo#1952465)
Unsafe attribute access during XPath parsing
* CVE-2025-4088 (bmo#1953521)
Cross-site request forgery via storage access API redirects
* CVE-2025-4089 (bmo#1949994, bmo#1956698, bmo#1960198)
Potential local code execution in "copy as cURL" command
* CVE-2025-4090 (bmo#1929478)
Leaked library paths in Firefox for Android
* CVE-2025-4091 (bmo#1951161, bmo#1952105)
Memory safety bugs fixed in Firefox 138, Thunderbird 138,
Firefox ESR 128.10, and Thunderbird 128.10
* CVE-2025-4092 (bmo#1924108, bmo#1950780, bmo#1959367)
Memory safety bugs fixed in Firefox 138 and Thunderbird 138
- requires NSS 3.110
- rebased patches
-------------------------------------------------------------------
Tue Apr 15 20:28:46 UTC 2025 - Wolfgang Rosenauer <wr@rosenauer.org>

9
MozillaFirefox.spec
View File

@@ -28,9 +28,9 @@
# orig_suffix b3
# major 69
# mainver %%major.99
%define major 137
%define mainver %major.0.2
%define orig_version 137.0.2
%define major 138
%define mainver %major.0
%define orig_version 138.0
%define orig_suffix %{nil}
%define update_channel release
%define branding 1
@@ -114,7 +114,7 @@ BuildRequires: libiw-devel
BuildRequires: libproxy-devel
BuildRequires: makeinfo
BuildRequires: mozilla-nspr-devel >= 4.36
BuildRequires: mozilla-nss-devel >= 3.109
BuildRequires: mozilla-nss-devel >= 3.110
BuildRequires: nasm >= 2.14
BuildRequires: nodejs >= 12.22.12
%if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000
@@ -716,7 +716,6 @@ exit 0
%dir %{progdir}/browser/
%dir %{progdir}/browser/chrome/
%{progdir}/browser/defaults
%{progdir}/browser/features/
%{progdir}/browser/chrome/icons
%{progdir}/browser/omni.ja
%dir %{progdir}/distribution/

3
firefox-137.0.2.source.tar.xz
View File

@@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:06fc3abaa822148bfa5ee7b759428d74052493876c053c05379c3f6c302bcd07
size 599825260

16
firefox-137.0.2.source.tar.xz.asc
View File

@@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmf8/AsACgkQ4207E/PZ
MnR/Mw//eRsGwWcNn6HAnO/t1wViErt+I3mpxhHWOVEr+pBVW51UIvx2nQgYFZuV
ezhlFQ8a8DBzA38A7qIce/Q3ESihRpfh6ds1nMQXkNk3TEQzNfN7YjDTTrgie+1M
IP09epPm4R4iIE2/qE2GcQClvaPSm/Jb784TKROtFf5rsj70kwG3tgbo5xnx1u/l
i3Lm2IWG4EuG2ByX2pnRHpY4/jkLuokyXDGllZ2mszzJmV6LWJFV2aNaOJpfj+l9
hiXz0CnyKFKW7f532AFAq5L9rIWuI2Ij/eMoa4pA/Io1R2Uhm8ClCPLzsq1bW3Rs
JWc9gVygo/Jp1hb0xFWiAYWlwuONguHnRQH39/U7PL3Rh+H74MCsVZDFXFzhQdyy
/HFIL7IVZKI1oHOuYctEUKLlZwfWzDsuGR1Z9oeAkNBehDDFkdBQb0gecILIst1N
UTMSNkBAYT3IztQKijLjmcBRrXwK/HIfFXTs5+g3s6eN7tKXHgkB/8TQqdfsjBhC
ebSWZ63QhHijau4nNLb1ibR9/b2gnD6YSSSFjpseQ+LDbj7B6aZsEp39x2I48AwS
5lWnWnx8E77JAijcghCvsQ+zOPXZMjr4GSew7thgYZ28u21J3oyt33H9M/rHqObB
JLtNh1nykNBVk2hQMBjE6KZ9K7RuPf6kdTdZ7eCm+4BRyCR81Mc=
=qT+o
-----END PGP SIGNATURE-----

3
firefox-138.0.source.tar.xz Normal file
View File

@@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:04623d7ee88c1b456228dca1aac4d40b18fee82c803b6562a34ce30b46f19b23
size 630343992

16
firefox-138.0.source.tar.xz.asc Normal file
View File

@@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmgGnCAACgkQ4207E/PZ
MnSLUhAAvlAD9p6tSk9KWrBEkSbjBna2f6Ijk47LnsRa2xFgimaAQUsxNf9XqKlg
Jy5aBH7ctWClC6Ehu3nHnSzIM04xgTRfHIdLspyQT5aTiHWXzNRiJC69VxyIYEcQ
KvlzfeRmwNmq91+Bx+sog5KWAyylOS5hV9DU7zSpaM340VwcDk08bV54lAumtksP
rs5JYjLQj2/GjKNaNuw6YryJ/urH0O3IkxVy8NWKfwJYq3wwDfp7/E8GNpwOxpD6
QUGdQiSIK7Ui0A7SvSEZKX47NFRM0mXw/QPqRvVVrozysXU4+0G65viaOoRsLybJ
nexxdg7Y2DUt6ksOHSK+aOEmGVaUWlcf8B8Teorkaz2Deh255wWXcAuxoNIRcqK6
RZS3BeXXV2aX1tRMfUIq21gM8ih77y1fIAj6vEAQueoyAWnXCenmpBuydbLA8HOg
TqZDRmutk1urLbehiY18CWyq5XCYyZzZ3lxyHW3t/SyCi0b1pp28i+gOiyUUXa/B
D+5xQ646k3TFpdTFAAOm3nuY/pxzV2o1cMRGhbaMkeE6kbRRSwZoWUFXKcbuDWkw
fvE6S8LhBfkZSPTT+87pgjXw/BmcQyhsicw7vAPVJvKCbloX3fVMevNxaC37lHCr
fMoMDQgmWGET3/TPzp5y145VpeehS+23xLxgVY9rq36fB6IhmHo=
=4gat
-----END PGP SIGNATURE-----

6
firefox-branded-icons.patch
View File

@@ -1,6 +1,6 @@
# HG changeset patch
# Parent e0751ad74e835e80041a61ea00c2a63bf6fbe2de
# Parent ad547c5985d362e88a47ccbba0cc5fa07bd24e8b
# Parent 9309f1ac14b7173985576932c01874184be1dcf9
diff --git a/browser/branding/branding-common.mozbuild b/browser/branding/branding-common.mozbuild
--- a/browser/branding/branding-common.mozbuild
@@ -24,7 +24,7 @@ diff --git a/browser/branding/branding-common.mozbuild b/browser/branding/brandi
diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in
--- a/browser/installer/package-manifest.in
+++ b/browser/installer/package-manifest.in
@@ -208,20 +208,23 @@
@@ -221,20 +221,23 @@
; [Browser Chrome Files]
@RESPATH@/browser/chrome.manifest
@RESPATH@/browser/chrome/browser@JAREXT@
@@ -41,10 +41,10 @@ diff --git a/browser/installer/package-manifest.in b/browser/installer/package-m
@RESPATH@/browser/chrome/icons/default/default128.png
+@RESPATH@/browser/chrome/icons/default/default256.png
#endif
@RESPATH@/browser/features/*
; [DevTools Startup Files]
@RESPATH@/browser/chrome/devtools-startup@JAREXT@
@RESPATH@/browser/chrome/devtools-startup.manifest
; DevTools
@RESPATH@/browser/chrome/devtools@JAREXT@

3
l10n-137.0.2.tar.xz
View File

@@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:f7da8015ee8f418d833a3fe5737cc1011bb6950ef041c21100b02e60b2323cc3
size 35389124

3
l10n-138.0.tar.xz Normal file
View File

@@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:cc4e30510c75660549f17e28a0f0c6f50f504bc5fe83383a37e2c29069ea9458
size 35585556

39
mozilla-silence-no-return-type.patch
View File

@@ -1,5 +1,5 @@
# HG changeset patch
# Parent 51c04f4ff9825942da48a84dcc04e34a212316ee
# Parent 9ffe1fea48c514ef323c1e238a516ed01f78362b
diff --git a/gfx/skia/skia/include/codec/SkEncodedOrigin.h b/gfx/skia/skia/include/codec/SkEncodedOrigin.h
--- a/gfx/skia/skia/include/codec/SkEncodedOrigin.h
@@ -308,25 +308,25 @@ diff --git a/intl/icu/source/i18n/number_rounding.cpp b/intl/icu/source/i18n/num
}
FractionPrecision Precision::constructFraction(int32_t minFrac, int32_t maxFrac) {
FractionSignificantSettings settings;
FractionSignificantSettings settings{};
settings.fMinFrac = static_cast<digits_t>(minFrac);
settings.fMaxFrac = static_cast<digits_t>(maxFrac);
settings.fMinSig = -1;
settings.fMaxSig = -1;
+ settings.fPriority = UNUM_ROUNDING_PRIORITY_RELAXED;
PrecisionUnion union_;
PrecisionUnion union_{};
union_.fracSig = settings;
return {RND_FRACTION, union_};
}
Precision Precision::constructSignificant(int32_t minSig, int32_t maxSig) {
FractionSignificantSettings settings;
FractionSignificantSettings settings{};
settings.fMinFrac = -1;
settings.fMaxFrac = -1;
settings.fMinSig = static_cast<digits_t>(minSig);
settings.fMaxSig = static_cast<digits_t>(maxSig);
+ settings.fPriority = UNUM_ROUNDING_PRIORITY_RELAXED;
PrecisionUnion union_;
PrecisionUnion union_{};
union_.fracSig = settings;
return {RND_SIGNIFICANT, union_};
}
@@ -720,7 +720,7 @@ diff --git a/third_party/libwebrtc/modules/audio_processing/audio_processing_imp
const StreamConfig& input_config,
const StreamConfig& output_config) {
AudioFormatValidity input_validity = ValidateAudioFormat(input_config);
@@ -2061,16 +2062,17 @@ void AudioProcessingImpl::InitializeNois
@@ -2062,16 +2063,17 @@ void AudioProcessingImpl::InitializeNois
case NoiseSuppresionConfig::kModerate:
return NsConfig::SuppressionLevel::k12dB;
case NoiseSuppresionConfig::kHigh:
@@ -1103,14 +1103,14 @@ diff --git a/third_party/libwebrtc/video/adaptation/video_stream_encoder_resourc
diff --git a/third_party/libwebrtc/video/config/encoder_stream_factory.cc b/third_party/libwebrtc/video/config/encoder_stream_factory.cc
--- a/third_party/libwebrtc/video/config/encoder_stream_factory.cc
+++ b/third_party/libwebrtc/video/config/encoder_stream_factory.cc
@@ -105,16 +105,17 @@ int GetDefaultMaxQp(webrtc::VideoCodecTy
case webrtc::kVideoCodecH265:
@@ -106,16 +106,17 @@ int GetDefaultMaxQp(webrtc::VideoCodecTy
return kDefaultVideoMaxQpH26x;
case webrtc::kVideoCodecVP8:
case webrtc::kVideoCodecVP9:
case webrtc::kVideoCodecAV1:
case webrtc::kVideoCodecGeneric:
return kDefaultVideoMaxQpVpx;
case webrtc::kVideoCodecAV1:
return kDefaultVideoMaxQpAv1;
}
+ return kDefaultVideoMaxQpVpx; // fake return for hopefully not reached
}
@@ -1121,24 +1121,3 @@ diff --git a/third_party/libwebrtc/video/config/encoder_stream_factory.cc b/thir
int NormalizeSimulcastSize(const FieldTrialsView& field_trials,
int size,
size_t simulcast_layers) {
diff --git a/third_party/libwebrtc/video/config/simulcast.cc b/third_party/libwebrtc/video/config/simulcast.cc
--- a/third_party/libwebrtc/video/config/simulcast.cc
+++ b/third_party/libwebrtc/video/config/simulcast.cc
@@ -192,16 +192,17 @@ int GetDefaultSimulcastTemporalLayers(we
case webrtc::kVideoCodecGeneric:
return kDefaultNumTemporalLayers;
// For codec type that has no software fallback, defaults to L1T1 for
// initial simulcast setup, as this is the only scalability mode secure to
// be supported.
case webrtc::kVideoCodecH265:
return 1;
}
+ return 1;
}
std::vector<SimulcastFormat> GetSimulcastFormats(
bool enable_lowres_bitrate_interpolation,
webrtc::VideoCodecType codec) {
std::vector<SimulcastFormat> formats;
switch (codec) {
case webrtc::kVideoCodecVP8:

8
tar_stamps
View File

@@ -1,10 +1,10 @@
PRODUCT="firefox"
CHANNEL="release"
VERSION="137.0.2"
VERSION="138.0"
VERSION_SUFFIX=""
PREV_VERSION="137.0"
PREV_VERSION="137.0.2"
PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release"
RELEASE_TAG="5d1d0e27dc3a99271b76833be3d9a4a12e709281"
RELEASE_TIMESTAMP="20250414091429"
RELEASE_TAG="c3bba5162c988aa7e1791df8827c1a1575eddcc1"
RELEASE_TIMESTAMP="20250421163656"