Accepting request 999342 from mozilla:Factory

- Mozilla Firefox 104.0
  * https://www.mozilla.org/en-US/firefox/104.0/releasenotes
  MFSA 2022-33 (bsc#1202645)
  * CVE-2022-38472 (bmo#1769155)
    Address bar spoofing via XSLT error handling
  * CVE-2022-38473 (bmo#1771685)
    Cross-origin XSLT Documents would have inherited the parent's
    permissions
  * CVE-2022-38474 (bmo#1719511)
    Recording notification not shown when microphone was
    recording on Android
  * CVE-2022-38475 (bmo#1773266)
    Attacker could write a value to a zero-length array
  * CVE-2022-38477 (bmo#1760611, bmo#1770219, bmo#1771159, bmo#1773363)
    Memory safety bugs fixed in Firefox 104 and Firefox ESR 102.2
  * CVE-2022-38478 (bmo#1770630, bmo#1776658)
    Memory safety bugs fixed in Firefox 104, Firefox ESR 102.2,
    and Firefox ESR 91.13
- requires
  NSPR 4.34.1
  NSS 3.81
  rust 1.62

OBS-URL: https://build.opensuse.org/request/show/999342
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaFirefox?expand=0&rev=373

MozillaFirefox.changes

@@ -1,3 +1,29 @@
+-------------------------------------------------------------------
+Sun Aug 21 11:12:14 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Firefox 104.0
+  * https://www.mozilla.org/en-US/firefox/104.0/releasenotes
+  MFSA 2022-33 (bsc#1202645)
+  * CVE-2022-38472 (bmo#1769155)
+    Address bar spoofing via XSLT error handling
+  * CVE-2022-38473 (bmo#1771685)
+    Cross-origin XSLT Documents would have inherited the parent's
+    permissions
+  * CVE-2022-38474 (bmo#1719511)
+    Recording notification not shown when microphone was
+    recording on Android
+  * CVE-2022-38475 (bmo#1773266)
+    Attacker could write a value to a zero-length array
+  * CVE-2022-38477 (bmo#1760611, bmo#1770219, bmo#1771159, bmo#1773363)
+    Memory safety bugs fixed in Firefox 104 and Firefox ESR 102.2
+  * CVE-2022-38478 (bmo#1770630, bmo#1776658)
+    Memory safety bugs fixed in Firefox 104, Firefox ESR 102.2,
+    and Firefox ESR 91.13
+- requires
+  NSPR 4.34.1
+  NSS 3.81
+  rust 1.62
+
 -------------------------------------------------------------------
 Sat Aug 13 06:25:20 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
 

MozillaFirefox.spec

@@ -28,9 +28,9 @@
 # orig_suffix b3
 # major 69
 # mainver %major.99
-%define major          103
+%define major          104
-%define mainver        %major.0.2
+%define mainver        %major.0
-%define orig_version   103.0.2
+%define orig_version   104.0
 %define orig_suffix    %{nil}
 %define update_channel release
 %define branding       1
@@ -106,8 +106,8 @@ BuildRequires:  rust >= 1.59
 # minimal requirement:
 BuildRequires:  rust+cargo >= 1.59
 # actually used upstream:
-BuildRequires:  cargo1.61
+BuildRequires:  cargo1.62
-BuildRequires:  rust1.61
+BuildRequires:  rust1.62
 %endif
 %if 0%{useccache} != 0
 BuildRequires:  ccache
@@ -117,8 +117,8 @@ BuildRequires:  libcurl-devel
 BuildRequires:  libiw-devel
 BuildRequires:  libproxy-devel
 BuildRequires:  makeinfo
-BuildRequires:  mozilla-nspr-devel >= 4.34
+BuildRequires:  mozilla-nspr-devel >= 4.34.1
-BuildRequires:  mozilla-nss-devel >= 3.80
+BuildRequires:  mozilla-nss-devel >= 3.81
 BuildRequires:  nasm >= 2.14
 BuildRequires:  nodejs >= 10.22.1
 %if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000

firefox-103.0.2.source.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:766183e8e39c17a84305a85da3237919ffaeb018c6c9d97a7324aea51bd453aa
-size 481280156

firefox-103.0.2.source.tar.xz.asc

@@ -1,16 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmLxNMQACgkQ6+QekPbx
-L23jvhAAqWUrOZN73hvIMIIiUStHYgKQpvaEjUVHT/KBmuQaeFARaFHFOTUbgU7j
-Ej0BTwPyY5OgErEiti8kXvfZyrSPMc0jPMUojedlp/8q7gYObMRXCCexmYDEYwUD
-41b42yeLiwV+zufIeIjWo/uF1VwwUSOdrDi+FmMvWvx3NzRLmKUYuj4MqyElkU7t
-6eE0ouzpXmN7DPfdUyXE59DfOXq630F8R1sZjm/7vnWh215tsmcur4uvZBeardcH
-m5otzA3fYVWzPkBfNIrbyuq5oWMXaM7sFWvAZbrO8Ymjz7MNMKtYkMZaOC1Hds9V
-fCYD434t/LmwXDjtWAcYt8WEknNCoqzhStY7ZX6pHM5bLwVOmZGowcbd1NQ/47pp
-C3rfPS6PU61j7BhI0KEX7cgrShpQDkVRyfTlHjvo0xKv6Ez8psCfhipynKzirBAa
-l5JgxrINAzDABETrgc336und8SPvyO3VwdRrUtMZFVrrYGDhvE2DMA6aJPug9fQ1
-Teclh8WhPkeh7Yk172HsoIuHn5WRDDS0Kyz4Fk26eZOnC+A8wl8V00Dwa80q7E9P
-pUzqCFVseJ7LzpkSCs5cMCEG+LofdrntyORkYG3U/c1NN0TI9EeYwBGZv7gC6uY8
-/G3jtRn9wDvN0XLvd/3zxYUEOiukTL/rysISSjqmPom6VEBI/hM=
-=tWUs
------END PGP SIGNATURE-----

firefox-104.0.source.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:1a294a651dc6260f9a72a3ab9f10e7792a4ab41a9cfa8527ad3dd9979cdc98ce
+size 486299816

firefox-104.0.source.tar.xz.asc

@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmL+6JUACgkQ6+QekPbx
+L206/w/+IKFX1Fj2MkusjcySy49V/iYyOnSSgWxF81b36j0hn8ydrXbnSiAHruUM
+E2c8TI+qPnlghpqgBCYrIGSd18Pv/BO9g9aqrKPL6Py2mn03zaR0Ttxptz0lVBIG
+BrcyA18kz/Ci6SqlsmHw6rWNd0pTKmBrUBo4JzOP4XIttMr2b1TfQIx5AL4ZWE+I
+tdpYFXrwB3mwPG3XpnEEStImKaDidbVZEsw+lacXRnehBCz6HSJ0DROzDAv2COyV
+dO6uNC7Im1O8RJfSWrU+ishtAA5K0D10lSE3Vssr8OP1LtZJ9TgitZ9MJ0/eZAv1
+wQdN+AKDxHFBibS0MgoS+hJjKQDNCnt0ilZpnLXoUj5CvgLptVoiV2zZjIlFl2f1
+FAuV7x3nQlRKot6voCbYqB3D4Sf9UBjS0MUDm0n3EW8Y6gamtztVaHrrKKIPzAbO
+KiBkq7OilY5tnRwruq+x9Lot1szVZezqPYNRF4oeWcG4T+dmF+44Oe1xsxlsfpl6
+5MvCn0pkR5N2FP48Px/Psk+ZzAboT+hECD/kdlJNPdtEJ0Y6J381pOAay54wDT8Y
+sZti/maLMojiuaTnJ//snupVTVMp5tQSA6r0m51oU2DHsld9uARBV3NSg+Qj6trB
+j14ZwCuEFJDa7z7ZXdxi+3b8TlrF1ArgyyZ+MIFZZyary3DBbT0=
+=IXLK
+-----END PGP SIGNATURE-----

l10n-103.0.2.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:4ed83842b2e6efb7900ad3dfc8bb87321ce44ecd8822817110f0554e213df111
-size 49343512

l10n-104.0.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:68dedca71e0281727f7f467378ddcd3176887f6ac274b84086345278a6f4d90e
+size 49571548

mozilla-kde.patch

@@ -3,7 +3,7 @@
 # Date 1559294891 -7200
 #      Fri May 31 11:28:11 2019 +0200
 # Node ID c2aa7198fb925e7fde96abf65b6f68b9b755f112
-# Parent  b7a9df31234bb6342e8b01dcfa98b7d8ecdfd1dd
+# Parent  65e96e081f6f4b68d6b7998f4182a3764832c2ce
 Description: Add KDE integration to Firefox (toolkit parts)
 Author: Wolfgang Rosenauer <wolfgang@rosenauer.org>
 Author: Lubos Lunak <lunak@suse.com>
@@ -810,7 +810,7 @@ diff --git a/uriloader/exthandler/moz.build b/uriloader/exthandler/moz.build
      ]
  elif CONFIG["MOZ_WIDGET_TOOLKIT"] == "windows":
      UNIFIED_SOURCES += [
-@@ -130,16 +132,17 @@ include("/ipc/chromium/chromium-config.m
+@@ -126,16 +128,17 @@ include("/ipc/chromium/chromium-config.m
  FINAL_LIBRARY = "xul"
  
  LOCAL_INCLUDES += [
@@ -1166,7 +1166,7 @@ diff --git a/uriloader/exthandler/unix/nsOSHelperAppService.cpp b/uriloader/exth
  #include "nsISupports.h"
  #include "nsString.h"
  #include "nsReadableUtils.h"
-@@ -1025,17 +1025,17 @@ nsresult nsOSHelperAppService::GetHandle
+@@ -1102,17 +1102,17 @@ nsresult nsOSHelperAppService::GetHandle
  
  nsresult nsOSHelperAppService::OSProtocolHandlerExists(
      const char* aProtocolScheme, bool* aHandlerExists) {
@@ -1185,7 +1185,7 @@ diff --git a/uriloader/exthandler/unix/nsOSHelperAppService.cpp b/uriloader/exth
      nsCOMPtr<nsIHandlerService> handlerSvc =
          do_GetService(NS_HANDLERSERVICE_CONTRACTID, &rv);
      if (NS_SUCCEEDED(rv) && handlerSvc) {
-@@ -1045,17 +1045,17 @@ nsresult nsOSHelperAppService::OSProtoco
+@@ -1122,17 +1122,17 @@ nsresult nsOSHelperAppService::OSProtoco
    }
  
    return rv;
@@ -1204,26 +1204,26 @@ diff --git a/uriloader/exthandler/unix/nsOSHelperAppService.cpp b/uriloader/exth
  
  NS_IMETHODIMP nsOSHelperAppService::IsCurrentAppOSDefaultForProtocol(
      const nsACString& aScheme, bool* _retval) {
-@@ -1148,17 +1148,17 @@ already_AddRefed<nsMIMEInfoBase> nsOSHel
+@@ -1227,17 +1227,17 @@ already_AddRefed<nsMIMEInfoBase> nsOSHel
    nsresult rv =
        LookUpTypeAndDescription(NS_ConvertUTF8toUTF16(aFileExt), majorType,
                                 minorType, mime_types_description, true);
  
    if (NS_FAILED(rv) || majorType.IsEmpty()) {
  #ifdef MOZ_WIDGET_GTK
-     LOG(("Looking in GNOME registry\n"));
+     LOG("Looking in GNOME registry\n");
      RefPtr<nsMIMEInfoBase> gnomeInfo =
 -        nsGNOMERegistry::GetFromExtension(aFileExt);
 +        nsCommonRegistry::GetFromExtension(aFileExt);
      if (gnomeInfo) {
-       LOG(("Got MIMEInfo from GNOME registry\n"));
+       LOG("Got MIMEInfo from GNOME registry\n");
        return gnomeInfo.forget();
      }
  #endif
  
      rv = LookUpTypeAndDescription(NS_ConvertUTF8toUTF16(aFileExt), majorType,
                                    minorType, mime_types_description, false);
-@@ -1261,17 +1261,17 @@ already_AddRefed<nsMIMEInfoBase> nsOSHel
+@@ -1342,17 +1342,17 @@ already_AddRefed<nsMIMEInfoBase> nsOSHel
  
    // Now look up our extensions
    nsAutoString extensions, mime_types_description;
@@ -1235,17 +1235,17 @@ diff --git a/uriloader/exthandler/unix/nsOSHelperAppService.cpp b/uriloader/exth
 -    RefPtr<nsMIMEInfoBase> gnomeInfo = nsGNOMERegistry::GetFromType(aMIMEType);
 +    RefPtr<nsMIMEInfoBase> gnomeInfo = nsCommonRegistry::GetFromType(aMIMEType);
      if (gnomeInfo) {
-       LOG(
+       LOG("Got MIMEInfo from GNOME registry without extensions; setting them "
-           ("Got MIMEInfo from GNOME registry without extensions; setting them "
+           "to %s\n",
-            "to %s\n",
+           NS_LossyConvertUTF16toASCII(extensions).get());
-            NS_LossyConvertUTF16toASCII(extensions).get()));
  
        NS_ASSERTION(!gnomeInfo->HasExtensions(), "How'd that happen?");
        gnomeInfo->SetFileExtensions(NS_ConvertUTF16toUTF8(extensions));
+       return gnomeInfo.forget();
 diff --git a/widget/gtk/moz.build b/widget/gtk/moz.build
 --- a/widget/gtk/moz.build
 +++ b/widget/gtk/moz.build
-@@ -146,16 +146,17 @@ FINAL_LIBRARY = "xul"
+@@ -147,16 +147,17 @@ FINAL_LIBRARY = "xul"
  
  LOCAL_INCLUDES += [
      "/layout/base",
@@ -1655,7 +1655,7 @@ diff --git a/xpcom/components/ManifestParser.cpp b/xpcom/components/ManifestPars
    int argc;
  
    bool ischrome;
-@@ -397,16 +398,17 @@ void ParseManifest(NSLocationType aType,
+@@ -389,16 +390,17 @@ void ParseManifest(NSLocationType aType,
    constexpr auto kRemoteEnabled = u"remoteenabled"_ns;
    constexpr auto kRemoteRequired = u"remoterequired"_ns;
    constexpr auto kApplication = u"application"_ns;
@@ -1673,7 +1673,7 @@ diff --git a/xpcom/components/ManifestParser.cpp b/xpcom/components/ManifestPars
    // possible to have conditional manifest contents, so we need to recognize and
    // discard these tokens even when MOZ_BACKGROUNDTASKS is not set.
    constexpr auto kBackgroundTask = u"backgroundtask"_ns;
-@@ -456,39 +458,44 @@ void ParseManifest(NSLocationType aType,
+@@ -448,39 +450,44 @@ void ParseManifest(NSLocationType aType,
          CopyUTF8toUTF16(s, abi);
          abi.Insert(char16_t('_'), 0);
          abi.Insert(osTarget, 0);
@@ -1718,7 +1718,7 @@ diff --git a/xpcom/components/ManifestParser.cpp b/xpcom/components/ManifestPars
      process = kMain;
    }
  
-@@ -583,25 +590,27 @@ void ParseManifest(NSLocationType aType,
+@@ -571,25 +578,27 @@ void ParseManifest(NSLocationType aType,
      // When in background task mode, default to not registering
      // category directivies unless backgroundtask=1 is specified.
      TriState stBackgroundTask = (BackgroundTasks::IsBackgroundTaskMode() &&
@@ -1746,7 +1746,7 @@ diff --git a/xpcom/components/ManifestParser.cpp b/xpcom/components/ManifestPars
          continue;
        }
  
-@@ -650,17 +659,17 @@ void ParseManifest(NSLocationType aType,
+@@ -638,17 +647,17 @@ void ParseManifest(NSLocationType aType,
        }
  
        LogMessageWithContext(

mozilla-silence-no-return-type.patch

@@ -1,10 +1,10 @@
 # HG changeset patch
-# Parent  df69adcb42a137798460d007b5acae9ec85b95fd
+# Parent  baaeb7c2d2540633134a74438dab2768ea4c97ef
 
 diff --git a/Cargo.lock b/Cargo.lock
 --- a/Cargo.lock
 +++ b/Cargo.lock
-@@ -2347,18 +2347,16 @@ name = "glsl-to-cxx"
+@@ -2363,18 +2363,16 @@ name = "glsl-to-cxx"
  version = "0.1.0"
  dependencies = [
   "glsl",
@@ -26,14 +26,14 @@ diff --git a/Cargo.lock b/Cargo.lock
 diff --git a/Cargo.toml b/Cargo.toml
 --- a/Cargo.toml
 +++ b/Cargo.toml
-@@ -150,16 +150,17 @@ async-task = { git = "https://github.com
+@@ -143,16 +143,17 @@ async-task = { git = "https://github.com
  chardetng = { git = "https://github.com/hsivonen/chardetng", rev="3484d3e3ebdc8931493aa5df4d7ee9360a90e76b" }
  chardetng_c = { git = "https://github.com/hsivonen/chardetng_c", rev="ed8a4c6f900a90d4dbc1d64b856e61490a1c3570" }
  coremidi = { git = "https://github.com/chris-zen/coremidi.git", rev="fc68464b5445caf111e41f643a2e69ccce0b4f83" }
  fog = { path = "toolkit/components/glean/api" }
  libudev-sys = { path = "dom/webauthn/libudev-sys" }
- packed_simd = { package = "packed_simd_2", git = "https://github.com/hsivonen/packed_simd", rev="c149d0a519bf878567c7630096737669ec2ff15f" }
+ packed_simd = { package = "packed_simd_2", git = "https://github.com/hsivonen/packed_simd", rev="90eebb82a107cbec1c8e406d9223819417e96de1" }
- midir = { git = "https://github.com/mozilla/midir.git", rev = "4c11f0ffb5d6a10de4aff40a7b81218b33b94e6f" }
+ midir = { git = "https://github.com/mozilla/midir.git", rev = "e1b4dcb767f9e69afe95a860374aaa9635d81e3d" }
  minidump_writer_linux = { git = "https://github.com/rust-minidump/minidump-writer.git", rev = "75ada456c92a429704691a85e1cb42fef8cafc0d" }
 +glslopt = { path = "third_party/rust/glslopt/" }
  

tar_stamps

@@ -1,10 +1,10 @@
 PRODUCT="firefox"
 CHANNEL="release"
-VERSION="103.0.2"
+VERSION="104.0"
 VERSION_SUFFIX=""
-PREV_VERSION="103.0.1"
+PREV_VERSION="103.0.2"
 PREV_VERSION_SUFFIX=""
 #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
 RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release"
-RELEASE_TAG="97d08aedd7235666566f23d51b4a966a0be0bc42"
+RELEASE_TAG="ae56b3bb7fa30ac2160cce6fb65aa95ce6586959"
-RELEASE_TIMESTAMP="20220808125904"
+RELEASE_TIMESTAMP="20220818191623"