- Mozilla Firefox 117.0

https://www.mozilla.org/en-US/firefox/117.0/releasenotes MFSA 2023-34 (bsc#1214606) * CVE-2023-4573 (bmo#1846687) Memory corruption in IPC CanvasTranslator * CVE-2023-4574 (bmo#1846688) Memory corruption in IPC ColorPickerShownCallback * CVE-2023-4575 (bmo#1846689) Memory corruption in IPC FilePickerShownCallback * CVE-2023-4576 (bmo#1846694) Integer Overflow in RecordedSourceSurfaceCreation * CVE-2023-4577 (bmo#1847397) Memory corruption in JIT UpdateRegExpStatics * CVE-2023-4578 (bmo#1839007) Error reporting methods in SpiderMonkey could have triggered an Out of Memory Exception * CVE-2023-4579 (bmo#1842766) Persisted search terms were formatted as URLs * CVE-2023-4580 (bmo#1843046) Push notifications saved to disk unencrypted * CVE-2023-4581 (bmo#1843758) XLL file extensions were downloadable without warnings * CVE-2023-4582 (bmo#1773874) Buffer Overflow in WebGL glGetProgramiv * CVE-2023-4583 (bmo#1842030) Browsing Context potentially not cleared when closing Private Window * CVE-2023-4584 (bmo#1843968, bmo#1845205, bmo#1846080, bmo#1846526, bmo#1847529) Memory safety bugs fixed in Firefox 117, Firefox ESR 102.15, OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1102
2023-08-29 12:55:43 +00:00 · 2023-08-29 12:55:43 +00:00 · bbbb712787
commit bbbb712787
parent 42f90b08c5
11 changed files with 700 additions and 236 deletions
--- a/MozillaFirefox.changes
+++ b/MozillaFirefox.changes
@ -1,3 +1,44 @@
+-------------------------------------------------------------------
+Sun Aug 27 08:51:28 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Firefox 117.0
+  https://www.mozilla.org/en-US/firefox/117.0/releasenotes
+  MFSA 2023-34 (bsc#1214606)
+  * CVE-2023-4573 (bmo#1846687)
+    Memory corruption in IPC CanvasTranslator
+  * CVE-2023-4574 (bmo#1846688)
+    Memory corruption in IPC ColorPickerShownCallback
+  * CVE-2023-4575 (bmo#1846689)
+    Memory corruption in IPC FilePickerShownCallback
+  * CVE-2023-4576 (bmo#1846694)
+    Integer Overflow in RecordedSourceSurfaceCreation
+  * CVE-2023-4577 (bmo#1847397)
+    Memory corruption in JIT UpdateRegExpStatics
+  * CVE-2023-4578 (bmo#1839007)
+    Error reporting methods in SpiderMonkey could have triggered
+    an Out of Memory Exception
+  * CVE-2023-4579 (bmo#1842766)
+    Persisted search terms were formatted as URLs
+  * CVE-2023-4580 (bmo#1843046)
+    Push notifications saved to disk unencrypted
+  * CVE-2023-4581 (bmo#1843758)
+    XLL file extensions were downloadable without warnings
+  * CVE-2023-4582 (bmo#1773874)
+    Buffer Overflow in WebGL glGetProgramiv
+  * CVE-2023-4583 (bmo#1842030)
+    Browsing Context potentially not cleared when closing Private
+    Window
+  * CVE-2023-4584 (bmo#1843968, bmo#1845205, bmo#1846080,
+    bmo#1846526, bmo#1847529)
+    Memory safety bugs fixed in Firefox 117, Firefox ESR 102.15,
+    Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2
+  * CVE-2023-4585 (bmo#1751583, bmo#1841082, bmo#1847904, bmo#1848999)
+    Memory safety bugs fixed in Firefox 117, Firefox ESR 115.2,
+    and Thunderbird 115.2
+- requires
+  NSS = 3.92
+  rustc = 1.71
+
 -------------------------------------------------------------------
 Thu Aug 17 18:20:18 UTC 2023 - Andreas Stieger <andreas.stieger@gmx.de>

--- a/MozillaFirefox.spec
+++ b/MozillaFirefox.spec
@ -28,9 +28,9 @@
 # orig_suffix b3
 # major 69
 # mainver %%major.99
-%define major          116
-%define mainver        %major.0.3
-%define orig_version   116.0.3
+%define major          117
+%define mainver        %major.0
+%define orig_version   117.0
 %define orig_suffix    %{nil}
 %define update_channel release
 %define branding       1
@ -58,7 +58,7 @@ ExclusiveArch:  aarch64 ppc64le x86_64 s390x
 %ifarch %ix86
 ExclusiveArch:  i586 i686
 BuildArch:      i686
-%{expand:%%global optflags %(echo "%optflags"|sed -e s/i586/i686/) -Os -march=i686 -mtune=generic -msse2}
+%{expand:%%global optflags %(echo "%optflags"|sed -e s/i586/i686/) -march=i686 -mtune=generic -msse2}
 %endif
 %endif
 %{expand:%%global optflags %(echo "%optflags"|sed -e s/-flto=auto//) }
@ -97,14 +97,14 @@ BuildRequires:  dbus-1-glib-devel
 BuildRequires:  dejavu-fonts
 BuildRequires:  fdupes
 BuildRequires:  memory-constraints
-%if 0%{?suse_version} < 1550 && 0%{?sle_version} <= 150500
+%if 0%{?suse_version} < 1550 && 0%{?sle_version} <= 150600
 BuildRequires:  gcc12
 BuildRequires:  gcc12-c++
 %else
 BuildRequires:  gcc-c++
 %endif
-BuildRequires:  cargo1.69
-BuildRequires:  rust1.69
+BuildRequires:  cargo1.71
+BuildRequires:  rust1.71
 %if 0%{useccache} != 0
 BuildRequires:  ccache
 %endif
@ -114,7 +114,7 @@ BuildRequires:  libiw-devel
 BuildRequires:  libproxy-devel
 BuildRequires:  makeinfo
 BuildRequires:  mozilla-nspr-devel >= 4.35
-BuildRequires:  mozilla-nss-devel >= 3.91
+BuildRequires:  mozilla-nss-devel >= 3.92
 BuildRequires:  nasm >= 2.14
 BuildRequires:  nodejs >= 12.22.12
 %if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000
@ -124,7 +124,7 @@ BuildRequires:  python39
 BuildRequires:  python39-curses
 BuildRequires:  python39-devel
 %else
-%if 0%{?sle_version} >= 150000 && 0%{?sle_version} <= 150500
+%if 0%{?sle_version} >= 150000 && 0%{?sle_version} <= 150600
 BuildRequires:  python39
 BuildRequires:  python39-curses
 BuildRequires:  python39-devel
@ -373,7 +373,7 @@ export BUILD_OFFICIAL=1
 export MOZ_TELEMETRY_REPORTING=1
 export MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE=system
 export CFLAGS="%{optflags}"
-%if 0%{?suse_version} < 1550 && 0%{?sle_version} <= 150500
+%if 0%{?suse_version} < 1550 && 0%{?sle_version} <= 150600
 export CC=gcc-12
 export CXX=g++-12
 %else
--- a/firefox-116.0.3.source.tar.xz
+++ b/firefox-116.0.3.source.tar.xz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:575a0d11b487a03527cc90c5e6d556c09669201cbb584b73442b202ee1d3e2e6
-size 520884220
--- a/firefox-116.0.3.source.tar.xz.asc
+++ b/firefox-116.0.3.source.tar.xz.asc
@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-
-iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmTb6zkACgkQ4207E/PZ
-MnTcJxAArPWqYriMcPrO+gHF6DC+P1hSNr4zDGCK9Ia/vshY9mC4dGRSnC33sgpg
-AnidaxCOysEP0GFtf+WDWyzA8EHrfEd/u5A3iNGIMpwzPPrv+njxBoBWPM1Fwaxv
-f/Uh8Lvd8t0ImCGZWAkslKtaYGlPrxRkDma6xKj4sp8m1aTe14hlTsehq1Qw2JNj
-dvKyCyVwhvnF8vobG64gexYDudQr8bw2yDfKYEX69LCPKLTKrIgQ52/NoNCXm5M5
-jxpfbQALC13C0u9ARq0UV7x1+bngtAP9aa5RGhvqkFXV0+DmPPE25wkST3b35PI1
-WBvC8KdyGzeHM9yT9fs9V29RVGQvu3ZWo/YKLV23Yis4qHyc3gjQW8DMdQVNDfrF
-Kb/AN1QQaKOmnC4QQZbZ2Np5RYy/XuqOBQP2OFlY33fN2WFyhUyDJLFEOURBIGl8
-q0VEVssqt2Hi/qpDj586RDRNStz3yCIrgPL4oMU6u50ZNcx+8q96YiArbwzYgfi/
-21RAb0c2oTNyNr6n6OaR2AY+oSoZug50UllvHt0jt4SEOObXJx7mYb/5M3tyO8gC
-WABOkgBoU9OaIDyJVURmJFA+ej0rq3gD0UDBxtPw9oD03Wn+ClFHTtJFBNnsUGwU
-fza+b/zwaxEOE5sFGqHp6uUvc1Eolve3RtSZUrDKmR9xRnkZ5tc=
-=BJHR
-----END PGP SIGNATURE-----
--- a/firefox-117.0.source.tar.xz
+++ b/firefox-117.0.source.tar.xz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:fa524cb9a63334d74ef996f3cbaf1559b5836f6c8ef6e890fa20846029242ac7
+size 505712192
--- a/firefox-117.0.source.tar.xz.asc
+++ b/firefox-117.0.source.tar.xz.asc
@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmTnpG0ACgkQ4207E/PZ
+MnSmbRAAtCyvOcXtOr7wAxIHuY6RLZa99MXGSyj4ZQcfb3zsHJhAxotiDLalxrwR
+HmTT3HQcikp4ssBtrLfHRq4zW5uKkmCht6amUqxYqrjKnNfxfz0LuwYKToCUWXuU
+C83C4QoOxJtZAz0MSagwXG416AIyQeaRjQV8DDkc511R2oTZT19g3RWnaMy+nmkh
+Du4BBEzTH0VYrHj7Fw9Zsjt7X/K1xjqz76wJ+r347GqUmr1AFKZg0JF2xw1z7mV7
+3CJVXqNfMZorXEX5Y3lqjLbknb2/JJpE48ORHR8H5PVZHCEFY1l8nYZb22b86TJh
+Kokk6aE7y3GLMVh6B7oGV/uMaZ2GVB4aHoMbHBipNSKLtbYetxvTFiEGG5VCu4tW
+2xap/ylLNYNy9gB5GBLrUhbGRa2HH1EdlqhRXuxjBNOctM7Kg6/yGHczFy3cZN8G
+61+n1iEmqWRA9Z7PF0OLy8yCJhhKxSMETGhmVx8CqQRnXE9UZNxnmKzkdyYUXl0Z
+wy7nVhIeJyZwgXAly5y7453f9MFYBeUhuHAjTQQ/TIgvljJo5ZIDxkWYzzkNbapy
+rL/UoGjadMg/6/xB+UL1H32kA2VtU6gtsLsc837en+WRiuZN2LXHQUBynNc2oDzi
+8u6kYpZaDKdIUIeAYz2Mj2clQjlUki+l1MNVmHuFAFElI5z6CxI=
+=cdJY
+-----END PGP SIGNATURE-----
--- a/l10n-116.0.3.tar.xz
+++ b/l10n-116.0.3.tar.xz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:3ec46082fc23b0ac59a11aecb73b5f452d6089ef56095e46782bc95f794f0eb3
-size 29930756
--- a/l10n-117.0.tar.xz
+++ b/l10n-117.0.tar.xz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:e83c4ccd6549bf0e8ba1d13cedc9fc8293423d35e970b5127526d558b7c54c34
+size 30033556
--- a/mozilla-rust-disable-future-incompat.patch
+++ b/mozilla-rust-disable-future-incompat.patch
@ -1,9 +1,17 @@
-diff -rup a/Cargo.toml b/Cargo.toml
--- a/Cargo.toml	2023-07-04 15:15:01.089470619 +0200
-+++ b/Cargo.toml	2023-07-04 15:24:31.626226962 +0200
-@@ -188,3 +188,8 @@ uniffi_bindgen = "=0.23.0"
- uniffi_build = "=0.23.0"
- uniffi_macros = "=0.23.0"
+# HG changeset patch
+# Parent  b62ddf6a31854e9e3c22a81056d233a50b4dd5c4
+
+diff --git a/Cargo.toml b/Cargo.toml
+--- a/Cargo.toml
+++ b/Cargo.toml
+@@ -206,8 +206,13 @@ webext-storage = { git = "https://github
+ path = "third_party/rust/mio-0.6.23"
+ 
+ [patch."https://github.com/mozilla/uniffi-rs.git"]
+ uniffi = "=0.24.3"
+ uniffi_bindgen = "=0.24.3"
+ uniffi_build = "=0.24.3"
+ uniffi_macros = "=0.24.3"
 weedle2 = "=4.0.0"
 +
 +# Package code v0.1.4 uses code "that will be rejected by a future version of Rust"
--- a/mozilla-silence-no-return-type.patch
+++ b/mozilla-silence-no-return-type.patch
--- a/8
+++ b/8
@ -1,10 +1,10 @@
 PRODUCT="firefox"
 CHANNEL="release"
-VERSION="116.0.3"
+VERSION="117.0"
 VERSION_SUFFIX=""
-PREV_VERSION="116.0.2"
+PREV_VERSION="116.0.3"
 PREV_VERSION_SUFFIX=""
 #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
 RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release"
-RELEASE_TAG="183063cc6efa429f4f184aff169e1f9dad68cbfc"
-RELEASE_TIMESTAMP="20230815173142"
+RELEASE_TAG="27de51e74c19186044da535125895c96fc3a0f23"
+RELEASE_TIMESTAMP="20230824132758"