diff --git a/MozillaFirefox.changes b/MozillaFirefox.changes index a367a8e..b173ab9 100644 --- a/MozillaFirefox.changes +++ b/MozillaFirefox.changes @@ -1,3 +1,48 @@ +------------------------------------------------------------------- +Sun Sep 29 10:38:36 UTC 2024 - Wolfgang Rosenauer + +- Firefox 131.0 + https://www.mozilla.org/en-US/firefox/131.0/releasenotes/ + MFSA 2024-46 (bsc#1230979) + * CVE-2024-9391 (bmo#1892407) + Prevent users from exiting full-screen mode in Firefox Focus + for Android + * CVE-2024-9392 (bmo#1899154, bmo#1905843) + Compromised content process can bypass site isolation + * CVE-2024-9393 (bmo#1918301) + Cross-origin access to PDF contents through multipart responses + * CVE-2024-9394 (bmo#1918874) + Cross-origin access to JSON contents through multipart responses + * CVE-2024-9395 (bmo#1906024) + Specially crafted filename could be used to obscure download type + * CVE-2024-9396 (bmo#1912471) + Potential memory corruption may occur when cloning certain objects + * CVE-2024-9397 (bmo#1916659) + Potential directory upload bypass via clickjacking + * CVE-2024-9398 (bmo#1881037) + External protocol handlers could be enumerated via popups + * CVE-2024-9399 (bmo#1907726) + Specially crafted WebTransport requests could lead to denial + of service + * CVE-2024-9400 (bmo#1915249) + Potential memory corruption during JIT compilation + * CVE-2024-9401 (bmo#1872744, bmo#1897792, bmo#1911317, bmo#1916476) + Memory safety bugs fixed in Firefox 131, Firefox ESR 115.16, + Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3 + * CVE-2024-9402 (bmo#1872744, bmo#1897792, bmo#1911317, bmo#1913445, + bmo#1914106, bmo#1914475, bmo#1914963, bmo#1915008, bmo#1916476) + Memory safety bugs fixed in Firefox 131, Firefox ESR 128.3, + Thunderbird 131, and Thunderbird 128.3 + * CVE-2024-9403 (bmo#1917807) + Memory safety bugs fixed in Firefox 131 and Thunderbird 131 +- requires NSS 3.104 +- rebased patches + +------------------------------------------------------------------ +Sat Sep 21 08:14:29 UTC 2024 - Manfred Hollstein + +- Don't use clang18-devel on Leap as they don't have that version. + ------------------------------------------------------------------ Wed Sep 18 06:20:01 UTC 2024 - Manfred Hollstein diff --git a/MozillaFirefox.spec b/MozillaFirefox.spec index 67a7f62..521ea86 100644 --- a/MozillaFirefox.spec +++ b/MozillaFirefox.spec @@ -28,9 +28,9 @@ # orig_suffix b3 # major 69 # mainver %%major.99 -%define major 130 -%define mainver %major.0.1 -%define orig_version 130.0.1 +%define major 131 +%define mainver %major.0 +%define orig_version 131.0 %define orig_suffix %{nil} %define update_channel release %define branding 1 @@ -114,7 +114,7 @@ BuildRequires: libiw-devel BuildRequires: libproxy-devel BuildRequires: makeinfo BuildRequires: mozilla-nspr-devel >= 4.35 -BuildRequires: mozilla-nss-devel >= 3.103 +BuildRequires: mozilla-nss-devel >= 3.104 BuildRequires: nasm >= 2.14 BuildRequires: nodejs >= 12.22.12 %if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000 @@ -149,7 +149,11 @@ BuildRequires: zip %if 0%{?suse_version} < 1550 BuildRequires: pkgconfig(gconf-2.0) >= 1.2.1 %endif +%if 0%{?suse_version} < 1599 +BuildRequires: clang15-devel +%else BuildRequires: clang18-devel +%endif BuildRequires: pkgconfig(glib-2.0) >= 2.22 BuildRequires: pkgconfig(gobject-2.0) BuildRequires: pkgconfig(gtk+-3.0) >= 3.14.0 diff --git a/firefox-130.0.1.source.tar.xz b/firefox-130.0.1.source.tar.xz deleted file mode 100644 index e0f359a..0000000 --- a/firefox-130.0.1.source.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:027225a1e9b074f0072e22c7264cf27b0d2364c675c3ca811aa6c25fb01b9f70 -size 566583020 diff --git a/firefox-130.0.1.source.tar.xz.asc b/firefox-130.0.1.source.tar.xz.asc deleted file mode 100644 index 24cd0b9..0000000 --- a/firefox-130.0.1.source.tar.xz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmbn1CUACgkQ4207E/PZ -MnRqUA/+Ksh/rhZHHDSyTicsD9bQFkR5zq8znmgFbLl+KJNUIu8b4NjPxJkR1Hh1 -EvneMSpXVnmvp7Hvmvk78zhVCOyWwJUfTLTFTTY9GnTFI4sJPuRMrKy3vvnw7o0i -p+h5JWKD6nB4fff5TmY1Q8ilankMfezkfJbV1ePXzGQ1nBKy5+EeFj5My3gX11nR -ePlU7tIGIRSDcWFGQO21yBlSGxYrzFUc5KCNSIRKDtBsjMyso6EXQCtvCXaX2UM7 -tPEoTiHXv25Z1dz2NfcttTkF3+bMKFZ6QfO2ISHf1jyfHYT9z/O/Qpln4AFyDq2V -x8l7HKtp14yJbcSkRygHHur0jsHAkrZxv8ddzrObgu3Ilx9tnu/oLQJYUxTOeUU6 -yIH/BVjtmsi0xhA+LWQNTpANeyUPj8ouNtO2xpf852u/FnqzC9G59FmPFsg8oakz -5mS7u5pS8l2Np2I/UizIbiHOhBJQvGEbmeNLwaOfDWUVKciRwXWpo8txiI8r7fe1 -dVt6kCv8uU7G/DFRej24SRhGeDa6Pf7SNEaFBjpHrLXAK0n87ypJ/tTYL5DtfHlM -qfIAE4S+XpIF+J3eYQ++8CBiN+Yp9mGENbmNcPOIzpUg42Ndsw3tGikbGah0n4W3 -vez0QLvMI++mvDi4ad/98+6SeNo85ZAxbACdTYNvJJrFLaU//oQ= -=udmq ------END PGP SIGNATURE----- diff --git a/firefox-131.0.source.tar.xz b/firefox-131.0.source.tar.xz new file mode 100644 index 0000000..64526f8 --- /dev/null +++ b/firefox-131.0.source.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:e4066ef47c65aac570aa16deefb8c3937c1c9b0755dbf2f760937c451174fb1d +size 566366180 diff --git a/firefox-131.0.source.tar.xz.asc b/firefox-131.0.source.tar.xz.asc new file mode 100644 index 0000000..dd52735 --- /dev/null +++ b/firefox-131.0.source.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmbxrgUACgkQ4207E/PZ +MnRsEA/8Cd8UC0OzpnW3wL4BP3+RM5/S/neLGB091EI2o1OOkEDlFuWi765xPOjj +xHQ/S5Cn+0e+bVyWKE+LSDAyLhUKnVZ++Tj5KdfY9e48Aml6XLaJzbSp+8EoYDrp +3jz3lvmu/LjvVOTRn1WhAiegfpX9yQz1rFMvge3a8XynGr3HpDRFI9x6AWe0jhov +vzixjb8hZioINh8owYP2Gzb5BmHnyDOabaNs8gWQxKkPtznN8M7On54FGQabfUyU +81i1Vs8/Z3B/JlaSCEuiQlsUVwB503sG75JnhxShkeJ3KSdkcbKyBmx8gBwkySTD +n4+VbAQVD1bfSabVezw/1viODmlqD2WpMWu8+XcQ+Ifpj3puBZtmqFz3THgfkLHV +XBke8dwuiLR2cb1hEveG+pOG6koF4sGWswhyOA56yGwek0yWiIkUfHiZ7rhU/LHS +Pb+/zoe6GrA3j5YQwGVp+8lIDueZfXjRXbaF7bXDCsC9YnrW+tJvpVDWzIai/PRe +KPAPNwvhD/xgRl+itCmAOo6SqqnvbxhmfRN6l/BPt3D+5f/OXNjkefFJ6cmt+b1f +F6USZhHGCyyyRk5XaCXL8WOuVVE3QphwHvUXnf6OQ2uFOWHWF7sndanWlpLmLkvq +0Ixs3uzBhD80Qa+hm/7WERQhg/Eh4aaEALLX5WXiYNqC8h3tiJk= +=EgSo +-----END PGP SIGNATURE----- diff --git a/l10n-130.0.1.tar.xz b/l10n-130.0.1.tar.xz deleted file mode 100644 index 5ba02a2..0000000 --- a/l10n-130.0.1.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:5326a7506831b286c9544afe4e3f9cc5c492752510b16f338030e8d1e1ea6f2d -size 34677756 diff --git a/l10n-131.0.tar.xz b/l10n-131.0.tar.xz new file mode 100644 index 0000000..558e016 --- /dev/null +++ b/l10n-131.0.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:901c3c8ee1fe9ed197378b884d77b8d01c936d85a0646d75e8866c8842b89543 +size 34765400 diff --git a/mozilla-bmo1504834-part1.patch b/mozilla-bmo1504834-part1.patch index 49cf5cf..605b7c7 100644 --- a/mozilla-bmo1504834-part1.patch +++ b/mozilla-bmo1504834-part1.patch @@ -1,11 +1,11 @@ # HG changeset patch -# Parent 125a78208d2cef58191a0328ffe894dd14c6b146 +# Parent e31f5228a09ed69d7ac3c84e54f0faa6a5910ae0 Taken from https://bugzilla.mozilla.org/show_bug.cgi?id=1504834 diff --git a/gfx/2d/DrawTargetSkia.cpp b/gfx/2d/DrawTargetSkia.cpp --- a/gfx/2d/DrawTargetSkia.cpp +++ b/gfx/2d/DrawTargetSkia.cpp -@@ -151,17 +151,18 @@ static IntRect CalculateSurfaceBounds(co +@@ -155,17 +155,18 @@ static IntRect CalculateSurfaceBounds(co if (!sampledBounds.ToIntRect(&bounds)) { return surfaceBounds; } @@ -28,8 +28,8 @@ diff --git a/gfx/2d/DrawTargetSkia.cpp b/gfx/2d/DrawTargetSkia.cpp diff --git a/gfx/2d/Types.h b/gfx/2d/Types.h --- a/gfx/2d/Types.h +++ b/gfx/2d/Types.h -@@ -84,28 +84,21 @@ enum class SurfaceFormat : int8_t { - YUV422, // Single plane YUV 4:2:2 interleaved as Y`0 Cb Y`1 Cr. +@@ -94,28 +94,21 @@ enum class SurfaceFormat : int8_t { + // this format. HSV, Lab, Depth, diff --git a/mozilla-silence-no-return-type.patch b/mozilla-silence-no-return-type.patch index 349a68c..6d45245 100644 --- a/mozilla-silence-no-return-type.patch +++ b/mozilla-silence-no-return-type.patch @@ -1,5 +1,5 @@ # HG changeset patch -# Parent 1bc018c4fee525f3a9dfafdb9550e53b6d82fd65 +# Parent 104c34af9ec233f7cd5e8dc955ba7ee763f47a21 diff --git a/gfx/skia/skia/include/codec/SkEncodedOrigin.h b/gfx/skia/skia/include/codec/SkEncodedOrigin.h --- a/gfx/skia/skia/include/codec/SkEncodedOrigin.h @@ -363,7 +363,7 @@ diff --git a/intl/icu/source/i18n/number_rounding.cpp b/intl/icu/source/i18n/num diff --git a/js/src/irregexp/imported/regexp-parser.cc b/js/src/irregexp/imported/regexp-parser.cc --- a/js/src/irregexp/imported/regexp-parser.cc +++ b/js/src/irregexp/imported/regexp-parser.cc -@@ -2776,16 +2776,17 @@ bool MayContainStrings(ClassSetOperandTy +@@ -2780,16 +2780,17 @@ bool MayContainStrings(ClassSetOperandTy return false; case ClassSetOperandType::kCharacterClassEscape: case ClassSetOperandType::kClassStringDisjunction: @@ -627,7 +627,7 @@ diff --git a/third_party/libwebrtc/call/video_send_stream.cc b/third_party/libwe diff --git a/third_party/libwebrtc/media/base/codec.cc b/third_party/libwebrtc/media/base/codec.cc --- a/third_party/libwebrtc/media/base/codec.cc +++ b/third_party/libwebrtc/media/base/codec.cc -@@ -257,16 +257,17 @@ bool Codec::Matches(const Codec& codec) +@@ -267,16 +267,17 @@ bool Codec::Matches(const Codec& codec) (codec.bitrate == 0 || bitrate <= 0 || bitrate == codec.bitrate) && ((codec.channels < 2 && channels < 2) || @@ -787,7 +787,7 @@ diff --git a/third_party/libwebrtc/modules/audio_processing/transient/transient_ diff --git a/third_party/libwebrtc/modules/congestion_controller/goog_cc/goog_cc_network_control.cc b/third_party/libwebrtc/modules/congestion_controller/goog_cc/goog_cc_network_control.cc --- a/third_party/libwebrtc/modules/congestion_controller/goog_cc/goog_cc_network_control.cc +++ b/third_party/libwebrtc/modules/congestion_controller/goog_cc/goog_cc_network_control.cc -@@ -82,16 +82,18 @@ BandwidthLimitedCause GetBandwidthLimite +@@ -81,16 +81,18 @@ BandwidthLimitedCause GetBandwidthLimite // Probes may not be sent in this state. return BandwidthLimitedCause::kLossLimitedBwe; case LossBasedState::kIncreasing: @@ -804,8 +804,8 @@ diff --git a/third_party/libwebrtc/modules/congestion_controller/goog_cc/goog_cc GoogCcNetworkController::GoogCcNetworkController(NetworkControllerConfig config, GoogCcConfig goog_cc_config) - : key_value_config_(config.key_value_config ? config.key_value_config - : &trial_based_config_), + : env_(config.env), + packet_feedback_only_(goog_cc_config.feedback_only), diff --git a/third_party/libwebrtc/modules/desktop_capture/linux/wayland/screencast_portal.cc b/third_party/libwebrtc/modules/desktop_capture/linux/wayland/screencast_portal.cc --- a/third_party/libwebrtc/modules/desktop_capture/linux/wayland/screencast_portal.cc +++ b/third_party/libwebrtc/modules/desktop_capture/linux/wayland/screencast_portal.cc @@ -830,7 +830,7 @@ diff --git a/third_party/libwebrtc/modules/desktop_capture/linux/wayland/screenc diff --git a/third_party/libwebrtc/modules/pacing/bitrate_prober.cc b/third_party/libwebrtc/modules/pacing/bitrate_prober.cc --- a/third_party/libwebrtc/modules/pacing/bitrate_prober.cc +++ b/third_party/libwebrtc/modules/pacing/bitrate_prober.cc -@@ -79,16 +79,17 @@ bool BitrateProber::ReadyToSetActiveStat +@@ -80,16 +80,17 @@ bool BitrateProber::ReadyToSetActiveStat return true; } // If config_.min_packet_size > 0, a "large enough" packet must be diff --git a/tar_stamps b/tar_stamps index dc09875..0ba02db 100644 --- a/tar_stamps +++ b/tar_stamps @@ -1,10 +1,10 @@ PRODUCT="firefox" CHANNEL="release" -VERSION="130.0.1" +VERSION="131.0" VERSION_SUFFIX="" -PREV_VERSION="130.0" +PREV_VERSION="130.0.1" PREV_VERSION_SUFFIX="" #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release" -RELEASE_TAG="2f6d80ae5a069caeed2c79987422bfae1d8facc3" -RELEASE_TIMESTAMP="20240913135723" +RELEASE_TAG="61268a890b3c86ab4f5cfd7c6e1e3d14cc68f0b6" +RELEASE_TIMESTAMP="20240923135042"