Accepting request 1205704 from mozilla:Factory

- Firefox 131.0 https://www.mozilla.org/en-US/firefox/131.0/releasenotes/ MFSA 2024-46 (bsc#1230979) * CVE-2024-9391 (bmo#1892407) Prevent users from exiting full-screen mode in Firefox Focus for Android * CVE-2024-9392 (bmo#1899154, bmo#1905843) Compromised content process can bypass site isolation * CVE-2024-9393 (bmo#1918301) Cross-origin access to PDF contents through multipart responses * CVE-2024-9394 (bmo#1918874) Cross-origin access to JSON contents through multipart responses * CVE-2024-9395 (bmo#1906024) Specially crafted filename could be used to obscure download type * CVE-2024-9396 (bmo#1912471) Potential memory corruption may occur when cloning certain objects * CVE-2024-9397 (bmo#1916659) Potential directory upload bypass via clickjacking * CVE-2024-9398 (bmo#1881037) External protocol handlers could be enumerated via popups * CVE-2024-9399 (bmo#1907726) Specially crafted WebTransport requests could lead to denial of service * CVE-2024-9400 (bmo#1915249) Potential memory corruption during JIT compilation * CVE-2024-9401 (bmo#1872744, bmo#1897792, bmo#1911317, bmo#1916476) Memory safety bugs fixed in Firefox 131, Firefox ESR 115.16, Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3 * CVE-2024-9402 (bmo#1872744, bmo#1897792, bmo#1911317, bmo#1913445, OBS-URL: https://build.opensuse.org/request/show/1205704 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaFirefox?expand=0&rev=438
2024-10-06 15:51:24 +00:00 · 2024-10-06 15:51:24 +00:00 · b292b641fd
commit b292b641fd
parent e21c4e6bf7 d873e57e81
11 changed files with 90 additions and 41 deletions
--- a/MozillaFirefox.changes
+++ b/MozillaFirefox.changes
@ -1,3 +1,48 @@
+-------------------------------------------------------------------
+Sun Sep 29 10:38:36 UTC 2024 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Firefox 131.0
+  https://www.mozilla.org/en-US/firefox/131.0/releasenotes/
+  MFSA 2024-46 (bsc#1230979)
+  * CVE-2024-9391 (bmo#1892407)
+    Prevent users from exiting full-screen mode in Firefox Focus
+    for Android
+  * CVE-2024-9392 (bmo#1899154, bmo#1905843)
+    Compromised content process can bypass site isolation
+  * CVE-2024-9393 (bmo#1918301)
+    Cross-origin access to PDF contents through multipart responses
+  * CVE-2024-9394 (bmo#1918874)
+    Cross-origin access to JSON contents through multipart responses
+  * CVE-2024-9395 (bmo#1906024)
+    Specially crafted filename could be used to obscure download type
+  * CVE-2024-9396 (bmo#1912471)
+    Potential memory corruption may occur when cloning certain objects
+  * CVE-2024-9397 (bmo#1916659)
+    Potential directory upload bypass via clickjacking
+  * CVE-2024-9398 (bmo#1881037)
+    External protocol handlers could be enumerated via popups
+  * CVE-2024-9399 (bmo#1907726)
+    Specially crafted WebTransport requests could lead to denial
+    of service
+  * CVE-2024-9400 (bmo#1915249)
+    Potential memory corruption during JIT compilation
+  * CVE-2024-9401 (bmo#1872744, bmo#1897792, bmo#1911317, bmo#1916476)
+    Memory safety bugs fixed in Firefox 131, Firefox ESR 115.16,
+    Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3
+  * CVE-2024-9402 (bmo#1872744, bmo#1897792, bmo#1911317, bmo#1913445,
+    bmo#1914106, bmo#1914475, bmo#1914963, bmo#1915008, bmo#1916476)
+    Memory safety bugs fixed in Firefox 131, Firefox ESR 128.3,
+    Thunderbird 131, and Thunderbird 128.3
+  * CVE-2024-9403 (bmo#1917807)
+    Memory safety bugs fixed in Firefox 131 and Thunderbird 131
+- requires NSS 3.104
+- rebased patches
+
+------------------------------------------------------------------
+Sat Sep 21 08:14:29 UTC 2024 - Manfred Hollstein <manfred.h@gmx.net>
+
+- Don't use clang18-devel on Leap as they don't have that version.
+
 ------------------------------------------------------------------
 Wed Sep 18 06:20:01 UTC 2024 - Manfred Hollstein <manfred.h@gmx.net>

--- a/MozillaFirefox.spec
+++ b/MozillaFirefox.spec
@ -28,9 +28,9 @@
 # orig_suffix b3
 # major 69
 # mainver %%major.99
-%define major          130
-%define mainver        %major.0.1
-%define orig_version   130.0.1
+%define major          131
+%define mainver        %major.0
+%define orig_version   131.0
 %define orig_suffix    %{nil}
 %define update_channel release
 %define branding       1
@ -114,7 +114,7 @@ BuildRequires:  libiw-devel
 BuildRequires:  libproxy-devel
 BuildRequires:  makeinfo
 BuildRequires:  mozilla-nspr-devel >= 4.35
-BuildRequires:  mozilla-nss-devel >= 3.103
+BuildRequires:  mozilla-nss-devel >= 3.104
 BuildRequires:  nasm >= 2.14
 BuildRequires:  nodejs >= 12.22.12
 %if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000
@ -149,7 +149,11 @@ BuildRequires:  zip
 %if 0%{?suse_version} < 1550
 BuildRequires:  pkgconfig(gconf-2.0) >= 1.2.1
 %endif
+%if 0%{?suse_version} < 1599
+BuildRequires:  clang15-devel
+%else
 BuildRequires:  clang18-devel
+%endif
 BuildRequires:  pkgconfig(glib-2.0) >= 2.22
 BuildRequires:  pkgconfig(gobject-2.0)
 BuildRequires:  pkgconfig(gtk+-3.0) >= 3.14.0
--- a/firefox-130.0.1.source.tar.xz
+++ b/firefox-130.0.1.source.tar.xz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:027225a1e9b074f0072e22c7264cf27b0d2364c675c3ca811aa6c25fb01b9f70
-size 566583020
--- a/firefox-130.0.1.source.tar.xz.asc
+++ b/firefox-130.0.1.source.tar.xz.asc
@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-
-iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmbn1CUACgkQ4207E/PZ
-MnRqUA/+Ksh/rhZHHDSyTicsD9bQFkR5zq8znmgFbLl+KJNUIu8b4NjPxJkR1Hh1
-EvneMSpXVnmvp7Hvmvk78zhVCOyWwJUfTLTFTTY9GnTFI4sJPuRMrKy3vvnw7o0i
-p+h5JWKD6nB4fff5TmY1Q8ilankMfezkfJbV1ePXzGQ1nBKy5+EeFj5My3gX11nR
-ePlU7tIGIRSDcWFGQO21yBlSGxYrzFUc5KCNSIRKDtBsjMyso6EXQCtvCXaX2UM7
-tPEoTiHXv25Z1dz2NfcttTkF3+bMKFZ6QfO2ISHf1jyfHYT9z/O/Qpln4AFyDq2V
-x8l7HKtp14yJbcSkRygHHur0jsHAkrZxv8ddzrObgu3Ilx9tnu/oLQJYUxTOeUU6
-yIH/BVjtmsi0xhA+LWQNTpANeyUPj8ouNtO2xpf852u/FnqzC9G59FmPFsg8oakz
-5mS7u5pS8l2Np2I/UizIbiHOhBJQvGEbmeNLwaOfDWUVKciRwXWpo8txiI8r7fe1
-dVt6kCv8uU7G/DFRej24SRhGeDa6Pf7SNEaFBjpHrLXAK0n87ypJ/tTYL5DtfHlM
-qfIAE4S+XpIF+J3eYQ++8CBiN+Yp9mGENbmNcPOIzpUg42Ndsw3tGikbGah0n4W3
-vez0QLvMI++mvDi4ad/98+6SeNo85ZAxbACdTYNvJJrFLaU//oQ=
-=udmq
-----END PGP SIGNATURE-----
--- a/firefox-131.0.source.tar.xz
+++ b/firefox-131.0.source.tar.xz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:e4066ef47c65aac570aa16deefb8c3937c1c9b0755dbf2f760937c451174fb1d
+size 566366180
--- a/firefox-131.0.source.tar.xz.asc
+++ b/firefox-131.0.source.tar.xz.asc
@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmbxrgUACgkQ4207E/PZ
+MnRsEA/8Cd8UC0OzpnW3wL4BP3+RM5/S/neLGB091EI2o1OOkEDlFuWi765xPOjj
+xHQ/S5Cn+0e+bVyWKE+LSDAyLhUKnVZ++Tj5KdfY9e48Aml6XLaJzbSp+8EoYDrp
+3jz3lvmu/LjvVOTRn1WhAiegfpX9yQz1rFMvge3a8XynGr3HpDRFI9x6AWe0jhov
+vzixjb8hZioINh8owYP2Gzb5BmHnyDOabaNs8gWQxKkPtznN8M7On54FGQabfUyU
+81i1Vs8/Z3B/JlaSCEuiQlsUVwB503sG75JnhxShkeJ3KSdkcbKyBmx8gBwkySTD
+n4+VbAQVD1bfSabVezw/1viODmlqD2WpMWu8+XcQ+Ifpj3puBZtmqFz3THgfkLHV
+XBke8dwuiLR2cb1hEveG+pOG6koF4sGWswhyOA56yGwek0yWiIkUfHiZ7rhU/LHS
+Pb+/zoe6GrA3j5YQwGVp+8lIDueZfXjRXbaF7bXDCsC9YnrW+tJvpVDWzIai/PRe
+KPAPNwvhD/xgRl+itCmAOo6SqqnvbxhmfRN6l/BPt3D+5f/OXNjkefFJ6cmt+b1f
+F6USZhHGCyyyRk5XaCXL8WOuVVE3QphwHvUXnf6OQ2uFOWHWF7sndanWlpLmLkvq
+0Ixs3uzBhD80Qa+hm/7WERQhg/Eh4aaEALLX5WXiYNqC8h3tiJk=
+=EgSo
+-----END PGP SIGNATURE-----
--- a/l10n-130.0.1.tar.xz
+++ b/l10n-130.0.1.tar.xz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:5326a7506831b286c9544afe4e3f9cc5c492752510b16f338030e8d1e1ea6f2d
-size 34677756
--- a/l10n-131.0.tar.xz
+++ b/l10n-131.0.tar.xz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:901c3c8ee1fe9ed197378b884d77b8d01c936d85a0646d75e8866c8842b89543
+size 34765400
--- a/mozilla-bmo1504834-part1.patch
+++ b/mozilla-bmo1504834-part1.patch
@ -1,11 +1,11 @@
 # HG changeset patch
-# Parent  125a78208d2cef58191a0328ffe894dd14c6b146
+# Parent  e31f5228a09ed69d7ac3c84e54f0faa6a5910ae0
 Taken from https://bugzilla.mozilla.org/show_bug.cgi?id=1504834

 diff --git a/gfx/2d/DrawTargetSkia.cpp b/gfx/2d/DrawTargetSkia.cpp
 --- a/gfx/2d/DrawTargetSkia.cpp
 +++ b/gfx/2d/DrawTargetSkia.cpp
-@@ -151,17 +151,18 @@ static IntRect CalculateSurfaceBounds(co
+@@ -155,17 +155,18 @@ static IntRect CalculateSurfaceBounds(co
   if (!sampledBounds.ToIntRect(&bounds)) {
     return surfaceBounds;
   }
@ -28,8 +28,8 @@ diff --git a/gfx/2d/DrawTargetSkia.cpp b/gfx/2d/DrawTargetSkia.cpp
 diff --git a/gfx/2d/Types.h b/gfx/2d/Types.h
 --- a/gfx/2d/Types.h
 +++ b/gfx/2d/Types.h
-@@ -84,28 +84,21 @@ enum class SurfaceFormat : int8_t {
-   YUV422,  // Single plane YUV 4:2:2 interleaved as Y`0 Cb Y`1 Cr.
+@@ -94,28 +94,21 @@ enum class SurfaceFormat : int8_t {
+               // this format.
   HSV,
   Lab,
   Depth,
--- a/mozilla-silence-no-return-type.patch
+++ b/mozilla-silence-no-return-type.patch
@ -1,5 +1,5 @@
 # HG changeset patch
-# Parent  1bc018c4fee525f3a9dfafdb9550e53b6d82fd65
+# Parent  104c34af9ec233f7cd5e8dc955ba7ee763f47a21

 diff --git a/gfx/skia/skia/include/codec/SkEncodedOrigin.h b/gfx/skia/skia/include/codec/SkEncodedOrigin.h
 --- a/gfx/skia/skia/include/codec/SkEncodedOrigin.h
@ -363,7 +363,7 @@ diff --git a/intl/icu/source/i18n/number_rounding.cpp b/intl/icu/source/i18n/num
 diff --git a/js/src/irregexp/imported/regexp-parser.cc b/js/src/irregexp/imported/regexp-parser.cc
 --- a/js/src/irregexp/imported/regexp-parser.cc
 +++ b/js/src/irregexp/imported/regexp-parser.cc
-@@ -2776,16 +2776,17 @@ bool MayContainStrings(ClassSetOperandTy
+@@ -2780,16 +2780,17 @@ bool MayContainStrings(ClassSetOperandTy
       return false;
     case ClassSetOperandType::kCharacterClassEscape:
     case ClassSetOperandType::kClassStringDisjunction:
@ -627,7 +627,7 @@ diff --git a/third_party/libwebrtc/call/video_send_stream.cc b/third_party/libwe
 diff --git a/third_party/libwebrtc/media/base/codec.cc b/third_party/libwebrtc/media/base/codec.cc
 --- a/third_party/libwebrtc/media/base/codec.cc
 +++ b/third_party/libwebrtc/media/base/codec.cc
-@@ -257,16 +257,17 @@ bool Codec::Matches(const Codec& codec) 
+@@ -267,16 +267,17 @@ bool Codec::Matches(const Codec& codec) 
                (codec.bitrate == 0 || bitrate <= 0 ||
                 bitrate == codec.bitrate) &&
                ((codec.channels < 2 && channels < 2) ||
@ -787,7 +787,7 @@ diff --git a/third_party/libwebrtc/modules/audio_processing/transient/transient_
 diff --git a/third_party/libwebrtc/modules/congestion_controller/goog_cc/goog_cc_network_control.cc b/third_party/libwebrtc/modules/congestion_controller/goog_cc/goog_cc_network_control.cc
 --- a/third_party/libwebrtc/modules/congestion_controller/goog_cc/goog_cc_network_control.cc
 +++ b/third_party/libwebrtc/modules/congestion_controller/goog_cc/goog_cc_network_control.cc
-@@ -82,16 +82,18 @@ BandwidthLimitedCause GetBandwidthLimite
+@@ -81,16 +81,18 @@ BandwidthLimitedCause GetBandwidthLimite
       // Probes may not be sent in this state.
       return BandwidthLimitedCause::kLossLimitedBwe;
     case LossBasedState::kIncreasing:
@ -804,8 +804,8 @@ diff --git a/third_party/libwebrtc/modules/congestion_controller/goog_cc/goog_cc
 
 GoogCcNetworkController::GoogCcNetworkController(NetworkControllerConfig config,
                                                  GoogCcConfig goog_cc_config)
-     : key_value_config_(config.key_value_config ? config.key_value_config
-                                                 : &trial_based_config_),
+     : env_(config.env),
+       packet_feedback_only_(goog_cc_config.feedback_only),
 diff --git a/third_party/libwebrtc/modules/desktop_capture/linux/wayland/screencast_portal.cc b/third_party/libwebrtc/modules/desktop_capture/linux/wayland/screencast_portal.cc
 --- a/third_party/libwebrtc/modules/desktop_capture/linux/wayland/screencast_portal.cc
 +++ b/third_party/libwebrtc/modules/desktop_capture/linux/wayland/screencast_portal.cc
@ -830,7 +830,7 @@ diff --git a/third_party/libwebrtc/modules/desktop_capture/linux/wayland/screenc
 diff --git a/third_party/libwebrtc/modules/pacing/bitrate_prober.cc b/third_party/libwebrtc/modules/pacing/bitrate_prober.cc
 --- a/third_party/libwebrtc/modules/pacing/bitrate_prober.cc
 +++ b/third_party/libwebrtc/modules/pacing/bitrate_prober.cc
-@@ -79,16 +79,17 @@ bool BitrateProber::ReadyToSetActiveStat
+@@ -80,16 +80,17 @@ bool BitrateProber::ReadyToSetActiveStat
         return true;
       }
       // If config_.min_packet_size > 0, a "large enough" packet must be
--- a/8
+++ b/8
@ -1,10 +1,10 @@
 PRODUCT="firefox"
 CHANNEL="release"
-VERSION="130.0.1"
+VERSION="131.0"
 VERSION_SUFFIX=""
-PREV_VERSION="130.0"
+PREV_VERSION="130.0.1"
 PREV_VERSION_SUFFIX=""
 #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
 RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release"
-RELEASE_TAG="2f6d80ae5a069caeed2c79987422bfae1d8facc3"
-RELEASE_TIMESTAMP="20240913135723"
+RELEASE_TAG="61268a890b3c86ab4f5cfd7c6e1e3d14cc68f0b6"
+RELEASE_TIMESTAMP="20240923135042"