pool/MozillaFirefox
SHA256
6
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity
MozillaFirefox/mozilla-rust-disable-future-incompat.patch
Wolfgang Rosenauer d873e57e81 - Firefox 131.0 
https://www.mozilla.org/en-US/firefox/131.0/releasenotes/
  MFSA 2024-46 (bsc#1230979)
  * CVE-2024-9391 (bmo#1892407)
    Prevent users from exiting full-screen mode in Firefox Focus
    for Android
  * CVE-2024-9392 (bmo#1899154, bmo#1905843)
    Compromised content process can bypass site isolation
  * CVE-2024-9393 (bmo#1918301)
    Cross-origin access to PDF contents through multipart responses
  * CVE-2024-9394 (bmo#1918874)
    Cross-origin access to JSON contents through multipart responses
  * CVE-2024-9395 (bmo#1906024)
    Specially crafted filename could be used to obscure download type
  * CVE-2024-9396 (bmo#1912471)
    Potential memory corruption may occur when cloning certain objects
  * CVE-2024-9397 (bmo#1916659)
    Potential directory upload bypass via clickjacking
  * CVE-2024-9398 (bmo#1881037)
    External protocol handlers could be enumerated via popups
  * CVE-2024-9399 (bmo#1907726)
    Specially crafted WebTransport requests could lead to denial
    of service
  * CVE-2024-9400 (bmo#1915249)
    Potential memory corruption during JIT compilation
  * CVE-2024-9401 (bmo#1872744, bmo#1897792, bmo#1911317, bmo#1916476)
    Memory safety bugs fixed in Firefox 131, Firefox ESR 115.16,
    Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3
  * CVE-2024-9402 (bmo#1872744, bmo#1897792, bmo#1911317, bmo#1913445,
    bmo#1914106, bmo#1914475, bmo#1914963, bmo#1915008, bmo#1916476)

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1178
2024-10-04 13:15:49 +00:00

17 lines
799 B
Diff
Raw Blame History

# HG changeset patch
# Parent 83a5e219b271976ee9dfa46b74ecc1c1c6d49f94
Index: firefox-128.0/Cargo.toml
===================================================================
--- firefox-128.0.orig/Cargo.toml
+++ firefox-128.0/Cargo.toml
@@ -236,3 +236,8 @@ mio_0_8 = { package = "mio", git = "http
# Patch `gpu-descriptor` 0.3.0 to remove unnecessary `allocator-api2` dep.:
# Still waiting for the now-merged <https://github.com/zakarumych/gpu-descriptor/pull/40> to be released.
gpu-descriptor = { git = "https://github.com/zakarumych/gpu-descriptor", rev = "7b71a4e47c81903ad75e2c53deb5ab1310f6ff4d" }
+
+# Package code v0.1.4 uses code "that will be rejected by a future version of Rust"
+# Shut up such messages for now to make the build succeed
+[future-incompat-report]
+frequency = "never"
Reference in New Issue View Git Blame Copy Permalink