MozillaFirefox/mozilla-fix-top-level-asm.patch
Wolfgang Rosenauer 3763e78265 - Mozilla Firefox 96.0
* https://www.mozilla.org/en-US/firefox/96.0/releasenotes
  MFSA 2022-01 (bsc#1194547)
  * CVE-2022-22746 (bmo#1735071)
    Calling into reportValidity could have lead to fullscreen
    window spoof
  * CVE-2022-22743 (bmo#1739220)
    Browser window spoof using fullscreen mode
  * CVE-2022-22742 (bmo#1739923)
    Out-of-bounds memory access when inserting text in edit mode
  * CVE-2022-22741 (bmo#1740389)
    Browser window spoof using fullscreen mode
  * CVE-2022-22740 (bmo#1742334)
    Use-after-free of ChannelEventQueue::mOwner
  * CVE-2022-22738 (bmo#1742382)
    Heap-buffer-overflow in blendGaussianBlur
  * CVE-2022-22737 (bmo#1745874)
    Race condition when playing audio files
  * CVE-2021-4140 (bmo#1746720)
    Iframe sandbox bypass with XSLT
  * CVE-2022-22750 (bmo#1566608)
    IPC passing of resource handles could have lead to sandbox
    bypass
  * CVE-2022-22749 (bmo#1705094)
    Lack of URL restrictions when scanning QR codes
  * CVE-2022-22748 (bmo#1705211)
    Spoofed origin on external protocol launch dialog
  * CVE-2022-22745 (bmo#1735856)
    Leaking cross-origin URLs through securitypolicyviolation
    event

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=951
2022-01-11 22:06:33 +00:00

67 lines
2.5 KiB
Diff

From 91bb79836ee274855393bdf6ab10e24899b1b349 Mon Sep 17 00:00:00 2001
From: Martin Liska <mliska@suse.cz>
Date: Fri, 17 May 2019 14:41:35 +0200
Subject: [PATCH] Fix top-level asm issue.
---
security/sandbox/linux/moz.build | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/security/sandbox/linux/moz.build b/security/sandbox/linux/moz.build
--- a/security/sandbox/linux/moz.build
+++ b/security/sandbox/linux/moz.build
@@ -66,32 +66,32 @@ UNIFIED_SOURCES += [
"../chromium/base/time/time_now_posix.cc",
"../chromium/sandbox/linux/bpf_dsl/bpf_dsl.cc",
"../chromium/sandbox/linux/bpf_dsl/codegen.cc",
"../chromium/sandbox/linux/bpf_dsl/dump_bpf.cc",
"../chromium/sandbox/linux/bpf_dsl/policy.cc",
"../chromium/sandbox/linux/bpf_dsl/policy_compiler.cc",
"../chromium/sandbox/linux/bpf_dsl/syscall_set.cc",
"../chromium/sandbox/linux/seccomp-bpf/die.cc",
- "../chromium/sandbox/linux/seccomp-bpf/syscall.cc",
"broker/SandboxBrokerCommon.cpp",
"Sandbox.cpp",
"SandboxBrokerClient.cpp",
"SandboxFilter.cpp",
"SandboxFilterUtil.cpp",
"SandboxHooks.cpp",
"SandboxInfo.cpp",
"SandboxLogging.cpp",
"SandboxOpenedFiles.cpp",
"SandboxReporterClient.cpp",
]
SOURCES += [
"../chromium/base/strings/safe_sprintf.cc",
"../chromium/base/third_party/icu/icu_utf.cc",
+ "../chromium/sandbox/linux/seccomp-bpf/syscall.cc",
"../chromium/sandbox/linux/seccomp-bpf/trap.cc",
"../chromium/sandbox/linux/services/syscall_wrappers.cc",
]
# This copy of SafeSPrintf doesn't need to avoid the Chromium logging
# dependency like the one in libxul does, but this way the behavior is
# consistent. See also the comment in SandboxLogging.h.
SOURCES["../chromium/base/strings/safe_sprintf.cc"].flags += ["-DNDEBUG"]
@@ -105,16 +105,19 @@ if CONFIG["CC_TYPE"] in ("clang", "gcc")
"-Wno-unreachable-code-return"
]
if CONFIG["CC_TYPE"] in ("clang", "gcc"):
CXXFLAGS += ["-Wno-error=stack-protector"]
SOURCES["../chromium/sandbox/linux/services/syscall_wrappers.cc"].flags += [
"-Wno-empty-body",
]
+ SOURCES['../chromium/sandbox/linux/seccomp-bpf/syscall.cc'].flags += [
+ '-fno-lto'
+ ]
# gcc lto likes to put the top level asm in syscall.cc in a different partition
# from the function using it which breaks the build. Work around that by
# forcing there to be only one partition.
for f in CONFIG["OS_CXXFLAGS"]:
if f.startswith("-flto") and CONFIG["CC_TYPE"] != "clang":
LDFLAGS += ["--param lto-partitions=1"]