db2c7e2e1d
* https://www.mozilla.org/en-US/firefox/74.0/releasenotes/ MFSA 2020-08 (bsc#1166238) * CVE-2020-6805 (bmo#1610880) Use-after-free when removing data about origins * CVE-2020-6806 (bmo#1612308) BodyStream::OnInputStreamReady was missing protections against state confusion * CVE-2020-6807 (bmo#1614971) Use-after-free in cubeb during stream destruction * CVE-2020-6808 (bmo#1247968) URL Spoofing via javascript: URL * CVE-2020-6809 (bmo#1420296) Web Extensions with the all-urls permission could access local files * CVE-2020-6810 (bmo#1432856) Focusing a popup while in fullscreen could have obscured the fullscreen notification * CVE-2020-6811 (bmo#1607742) Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection * CVE-2019-20503 (bmo#1613765) Out of bounds reads in sctp_load_addresses_from_init * CVE-2020-6812 (bmo#1616661) The names of AirPods with personally identifiable information were exposed to websites with camera or microphone permission * CVE-2020-6813 (bmo#1605814) @import statements in CSS could bypass the Content Security Policy nonce feature * CVE-2020-6814 (bmo#1592078,bmo#1604847,bmo#1608256,bmo#1612636, OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=809
55 lines
2.3 KiB
Diff
55 lines
2.3 KiB
Diff
# HG changeset patch
|
|
# User msirringhaus@suse.de
|
|
# Date 1560754926 -7200
|
|
# Mon Jun 17 09:02:06 2019 +0200
|
|
# Node ID 428161c3b9599083e1b8710eda1760f1f707ab11
|
|
# Parent 83625bab561d09fb68aa2c71cea7cbafd9ec09b4
|
|
#Description: reduce the rust debuginfo level on selected architectures where
|
|
# compiling with debuginfo=2 causes the OOM killer to interrupt the build on
|
|
# launchpad builders. Initially this was only on 32 bit architectures, but with
|
|
# firefox 63 it started happening frequently on arm64 and ppc64el too.
|
|
|
|
diff --git a/build/moz.configure/toolchain.configure b/build/moz.configure/toolchain.configure
|
|
--- a/build/moz.configure/toolchain.configure
|
|
+++ b/build/moz.configure/toolchain.configure
|
|
@@ -1823,18 +1823,18 @@ imply_option('RUSTC_OPT_LEVEL', '2', whe
|
|
@depends('RUSTC_OPT_LEVEL', moz_optimize)
|
|
def rustc_opt_level(opt_level_option, moz_optimize):
|
|
if opt_level_option:
|
|
return opt_level_option[0]
|
|
else:
|
|
return '1' if moz_optimize.optimize else '0'
|
|
|
|
|
|
-@depends(rustc_opt_level, debug_rust, '--enable-debug-symbols', '--enable-frame-pointers')
|
|
-def rust_compile_flags(opt_level, debug_rust, debug_symbols, frame_pointers):
|
|
+@depends(rustc_opt_level, debug_rust, '--enable-debug-symbols', '--enable-frame-pointers', host)
|
|
+def rust_compile_flags(opt_level, debug_rust, debug_symbols, frame_pointers, host):
|
|
# Cargo currently supports only two interesting profiles for building:
|
|
# development and release. Those map (roughly) to --enable-debug and
|
|
# --disable-debug in Gecko, respectively.
|
|
#
|
|
# But we'd also like to support an additional axis of control for
|
|
# optimization level. Since Cargo only supports 2 profiles, we're in
|
|
# a bit of a bind.
|
|
#
|
|
@@ -1847,16 +1847,18 @@ def rust_compile_flags(opt_level, debug_
|
|
|
|
# opt-level=0 implies -C debug-assertions, which may not be desired
|
|
# unless Rust debugging is enabled.
|
|
if opt_level == '0' and not debug_rust:
|
|
debug_assertions = False
|
|
|
|
if debug_symbols:
|
|
debug_info = '2'
|
|
+ if host.bitness == 32 or host.cpu == 'aarch64' or host.cpu == 'ppc64':
|
|
+ debug_info = '1'
|
|
|
|
opts = []
|
|
|
|
if opt_level is not None:
|
|
opts.append('opt-level=%s' % opt_level)
|
|
if debug_assertions is not None:
|
|
opts.append('debug-assertions=%s' %
|
|
('yes' if debug_assertions else 'no'))
|