From b0ba7186c6dc62882b18695112d496880c4c1a4f5c5965dccdc1f453e2c87280 Mon Sep 17 00:00:00 2001
From: Wolfgang Rosenauer <wolfgang@rosenauer.org>
Date: Wed, 9 Mar 2022 09:44:23 +0000
Subject: [PATCH] - Mozilla Firefox 98.0   * Firefox has a new optimized
 download flow   * other changes as documented here    
 https://www.mozilla.org/en-US/firefox/98.0/releasenotes   MFSA 2022-10
 (bsc#1196900)   * CVE-2022-26383 (bmo#1742421)     Browser window spoof using
 fullscreen mode   * CVE-2022-26384 (bmo#1744352)     iframe allow-scripts
 sandbox bypass   * CVE-2022-26387 (bmo#1752979)     Time-of-check time-of-use
 bug when verifying add-on signatures   * CVE-2022-26381 (bmo#1736243)    
 Use-after-free in text reflows   * CVE-2022-26382 (bmo#1741888)     Autofill
 Text could be exfiltrated via side-channel attacks   * CVE-2022-26385
 (bmo#1747526)     Use-after-free in thread shutdown   * CVE-2022-0843
 (bmo#1746523, bmo#1749062, bmo#1749164, bmo#1749214,     bmo#1749610,
 bmo#1750032, bmo#1752100, bmo#1752405, bmo#1753612,     bmo#1754508)    
 Memory safety bugs fixed in Firefox 98 - requires NSS 3.75

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=961
---
 MozillaFirefox.changes               | 26 ++++++++++++++++++++++++++
 MozillaFirefox.spec                  | 14 ++++----------
 firefox-97.0.1.source.tar.xz         |  3 ---
 firefox-97.0.1.source.tar.xz.asc     | 16 ----------------
 firefox-98.0.source.tar.xz           |  3 +++
 firefox-98.0.source.tar.xz.asc       | 16 ++++++++++++++++
 l10n-97.0.1.tar.xz                   |  3 ---
 l10n-98.0.tar.xz                     |  3 +++
 mozilla-silence-no-return-type.patch |  8 ++++----
 tar_stamps                           |  8 ++++----
 10 files changed, 60 insertions(+), 40 deletions(-)
 delete mode 100644 firefox-97.0.1.source.tar.xz
 delete mode 100644 firefox-97.0.1.source.tar.xz.asc
 create mode 100644 firefox-98.0.source.tar.xz
 create mode 100644 firefox-98.0.source.tar.xz.asc
 delete mode 100644 l10n-97.0.1.tar.xz
 create mode 100644 l10n-98.0.tar.xz

diff --git a/MozillaFirefox.changes b/MozillaFirefox.changes
index 2e537749..ed95ebf6 100644
--- a/MozillaFirefox.changes
+++ b/MozillaFirefox.changes
@@ -1,3 +1,29 @@
+-------------------------------------------------------------------
+Tue Mar  8 10:27:16 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Firefox 98.0
+  * Firefox has a new optimized download flow
+  * other changes as documented here
+    https://www.mozilla.org/en-US/firefox/98.0/releasenotes
+  MFSA 2022-10 (bsc#1196900)
+  * CVE-2022-26383 (bmo#1742421)
+    Browser window spoof using fullscreen mode
+  * CVE-2022-26384 (bmo#1744352)
+    iframe allow-scripts sandbox bypass
+  * CVE-2022-26387 (bmo#1752979)
+    Time-of-check time-of-use bug when verifying add-on signatures
+  * CVE-2022-26381 (bmo#1736243)
+    Use-after-free in text reflows
+  * CVE-2022-26382 (bmo#1741888)
+    Autofill Text could be exfiltrated via side-channel attacks
+  * CVE-2022-26385 (bmo#1747526)
+    Use-after-free in thread shutdown
+  * CVE-2022-0843 (bmo#1746523, bmo#1749062, bmo#1749164, bmo#1749214,
+    bmo#1749610, bmo#1750032, bmo#1752100, bmo#1752405, bmo#1753612,
+    bmo#1754508)
+    Memory safety bugs fixed in Firefox 98
+- requires NSS 3.75
+
 -------------------------------------------------------------------
 Fri Feb 18 20:38:22 UTC 2022 - Andreas Stieger <andreas.stieger@gmx.de>
 
diff --git a/MozillaFirefox.spec b/MozillaFirefox.spec
index caf49761..6ec0dd3e 100644
--- a/MozillaFirefox.spec
+++ b/MozillaFirefox.spec
@@ -28,9 +28,9 @@
 # orig_suffix b3
 # major 69
 # mainver %major.99
-%define major          97
-%define mainver        %major.0.1
-%define orig_version   97.0.1
+%define major          98
+%define mainver        %major.0
+%define orig_version   98.0
 %define orig_suffix    %{nil}
 %define update_channel release
 %define branding       1
@@ -114,7 +114,7 @@ BuildRequires:  libiw-devel
 BuildRequires:  libproxy-devel
 BuildRequires:  makeinfo
 BuildRequires:  mozilla-nspr-devel >= 4.33
-BuildRequires:  mozilla-nss-devel >= 3.74
+BuildRequires:  mozilla-nss-devel >= 3.75
 BuildRequires:  nasm >= 2.14
 BuildRequires:  nodejs >= 10.22.1
 %if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000
@@ -685,12 +685,6 @@ FIN
 %fdupes %{buildroot}%{progdir}
 %fdupes %{buildroot}%{_datadir}
 
-%clean
-rm -rf %{buildroot}
-%if %localize
-rm -rf %{_tmppath}/translations.*
-%endif
-
 %post
 # update mime and desktop database
 %mime_database_post
diff --git a/firefox-97.0.1.source.tar.xz b/firefox-97.0.1.source.tar.xz
deleted file mode 100644
index d9773fd2..00000000
--- a/firefox-97.0.1.source.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:3f2c87cf28645130777e875ddc9c67e8994c8d5c859f425f3ddced6fecb78d45
-size 476866824
diff --git a/firefox-97.0.1.source.tar.xz.asc b/firefox-97.0.1.source.tar.xz.asc
deleted file mode 100644
index 602fc543..00000000
--- a/firefox-97.0.1.source.tar.xz.asc
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmINWcwACgkQ6+QekPbx
-L203Gg/8DP7jFalA6S3lU6dw5KN2+nUaPwITuzTEi66nnynUl/e4/A/tCjPsjKbA
-ZL6he7/yPbQkShImLw4mM1NX9vxCyfzJsMW+bP1Xc/tqSVhGTAEko+tKK6qnwq60
-qO1QLvFues02FERcwdXFKa8Wx9jkJwhTIG2NLGL5uEu55geGydlyDM8P8HYCrabJ
-qcViPkaPMPGWuENm8qOKLxtN/fWSAT9uOcX2ntA+dIJl0ZP8FWMR+Y4krKtVQuyp
-MIOqTGaAqK+MW0r5p7zY40yEQpRA3nJAVBhXy1BF6GDSVIRlyx0GcD4SZ1+tQW7h
-zxXKQ4glFY5oc01BW/z9NLpHldVt8unosi+EZHbapLFAxT2tm7UdwumZ/3rP1rra
-OAV+4vCiAKIiRCF3D2r30HCDk9i4zWQ+jeb4Wtf6nGNEMCIA3qY0VR5a5uod7u+b
-emKGlORxiwPDPyLEptZumvJMjIMN9KWLC86JpDVt5QT6mSBYNyVrMCCq/AYwkIny
-gJAGXybLRKU6r63MPg10eHXU+3IP5ZH3R27gHYv3IOSFC8RQnPPNhpBYSI5n0z0G
-m3Y8/Ie3LjTYx5duLQ8Dy+PF9GW7cE/MRb0RtqkvQebANQ5Eukh+iSXoa+Mf4vLU
-O6wPvncqT18apuxKfqtjOJ88aI8mqAuLXr4+wxK1lVEfHB6jH6M=
-=ekHH
------END PGP SIGNATURE-----
diff --git a/firefox-98.0.source.tar.xz b/firefox-98.0.source.tar.xz
new file mode 100644
index 00000000..a60678d0
--- /dev/null
+++ b/firefox-98.0.source.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:fd0a4c11d007d9045706667eb0f99f9b7422945188424cb937bfef530cb6f4dd
+size 480141332
diff --git a/firefox-98.0.source.tar.xz.asc b/firefox-98.0.source.tar.xz.asc
new file mode 100644
index 00000000..3a277bbe
--- /dev/null
+++ b/firefox-98.0.source.tar.xz.asc
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmIirQMACgkQ6+QekPbx
+L21y5A//a0zP75A9SFClAWPd347F+DzZoVAr9L0TL8DaN6x9h9j/yvPHKDPhHwlc
+ftHi4+34I4Pq6i+D55aXTQtU6+AkVKfD8x5JUqwTCD+GrmxpaE6WMSFdPDMMmcBA
+PV2ZUjJkGXVTpI/UnhvXBMElmglcVkv1uiivhTWyAwlce+IgBBazLV9nRJEui4iE
+bZ6Bpi+fy7tC216ZRELMkR07CWU3v7B/d+DVKaarPB6PwHJ0EFIlkGLjp1/xmqjI
+EL7xNpI96trlDzZsPZMatJdNJeiAeCnsi3yT4wawJ0MDGczcwFp5ZTs4mPgNvbnc
+JzaWaPURzBskTIB/krSw/iMf76efda8RH0s2uzYPydVF1UV8mki6fxA+uzIEHAky
+xnDD4sMVeBU582kDlmGK3MuLCxScXOXxTecBBrPlzd/ZZ7djJXgUeNZpWpW+GXs7
+jHEMHTHZr0mIiZyyTXu0pHp9oI4xAPDwN/EARdjaCD9DZtsRZOErdqK4OzV0IBtV
+Q3Uj6GW5L9DuNTEbnKSW8Sm6rj9crsLhYYUly4yx8mZZM3HpyK4P6ArO6OyjQtqj
+XAu571pZ9CiVtE8XUZn5S8N78c1WVAdbPkmw7U3jXtp3hqHqoqkE2CFK5sOPc5aD
+lBa+K51TpCmBUoTmmUp8PL9ZlR3x4jL36onn4wZ97LntaPGfo8Q=
+=67il
+-----END PGP SIGNATURE-----
diff --git a/l10n-97.0.1.tar.xz b/l10n-97.0.1.tar.xz
deleted file mode 100644
index f272320c..00000000
--- a/l10n-97.0.1.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:4f25795ef08179f70f67ceed07a66535e8d48ca586f3bbc32fc06799f9a96c20
-size 49611916
diff --git a/l10n-98.0.tar.xz b/l10n-98.0.tar.xz
new file mode 100644
index 00000000..cf811a87
--- /dev/null
+++ b/l10n-98.0.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:00d26e0a3bd24efc94be9abf574c0f2669b90d7f164111eee8dbac3290dea778
+size 49698184
diff --git a/mozilla-silence-no-return-type.patch b/mozilla-silence-no-return-type.patch
index 8843f670..2c4ae1c8 100644
--- a/mozilla-silence-no-return-type.patch
+++ b/mozilla-silence-no-return-type.patch
@@ -1,10 +1,10 @@
 # HG changeset patch
-# Parent  216843712d6d6cd9d5bd519f6ef564d00406b43f
+# Parent  1191efd2ea64c4081a1825176a50e872a525d4da
 
 diff --git a/Cargo.lock b/Cargo.lock
 --- a/Cargo.lock
 +++ b/Cargo.lock
-@@ -2165,18 +2165,16 @@ name = "glsl-to-cxx"
+@@ -2196,18 +2196,16 @@ name = "glsl-to-cxx"
  version = "0.1.0"
  dependencies = [
   "glsl",
@@ -26,8 +26,8 @@ diff --git a/Cargo.lock b/Cargo.lock
 diff --git a/Cargo.toml b/Cargo.toml
 --- a/Cargo.toml
 +++ b/Cargo.toml
-@@ -102,13 +102,13 @@ moz_asserts = { path = "mozglue/static/r
- # Other overrides
+@@ -106,13 +106,13 @@ moz_asserts = { path = "mozglue/static/r
+ async-task = { git = "https://github.com/smol-rs/async-task", rev="f6488e35beccb26eb6e85847b02aa78a42cd3d0e" }
  chardetng = { git = "https://github.com/hsivonen/chardetng", rev="3484d3e3ebdc8931493aa5df4d7ee9360a90e76b" }
  chardetng_c = { git = "https://github.com/hsivonen/chardetng_c", rev="ed8a4c6f900a90d4dbc1d64b856e61490a1c3570" }
  coremidi = { git = "https://github.com/chris-zen/coremidi.git", rev="fc68464b5445caf111e41f643a2e69ccce0b4f83" }
diff --git a/tar_stamps b/tar_stamps
index fac25538..d4b2eef9 100644
--- a/tar_stamps
+++ b/tar_stamps
@@ -1,10 +1,10 @@
 PRODUCT="firefox"
 CHANNEL="release"
-VERSION="97.0.1"
+VERSION="98.0"
 VERSION_SUFFIX=""
-PREV_VERSION="97.0"
+PREV_VERSION="97.0.1"
 PREV_VERSION_SUFFIX=""
 #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
 RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release"
-RELEASE_TAG="0f0ba6e8029d8148743c4aa50c2be4c4c643f8a4"
-RELEASE_TIMESTAMP="20220216172458"
+RELEASE_TAG="829802cfd689497a5e8fd978bbb3099245bd131c"
+RELEASE_TIMESTAMP="20220304153049"