pool/MozillaThunderbird
SHA256
4
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Accepting request 1097755 from mozilla:Factory

Browse Source 
- Mozilla Thunderbird 102.13.0
  * Upstream RNP version numbers now recognized as official in about:support
  MFSA 2023-24 (bsc#1212438)
  * CVE-2023-37201 (bmo#1826002)
    Use-after-free in WebRTC certificate generation
  * CVE-2023-37202 (bmo#1834711)
    Potential use-after-free from compartment mismatch in
    SpiderMonkey
  * CVE-2023-37207 (bmo#1816287)
    Fullscreen notification obscured
  * CVE-2023-37208 (bmo#1837675)
    Lack of warning when opening Diagcab files
  * CVE-2023-37211 (bmo#1832306, bmo#1834862, bmo#1835886,
    bmo#1836550, bmo#1837450)
    Memory safety bugs fixed in Firefox 115, Firefox ESR 102.13,
    and Thunderbird 102.13
- mozilla-llvm16.patch has been applied upstream, remove it here

OBS-URL: https://build.opensuse.org/request/show/1097755
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/MozillaThunderbird?expand=0&rev=312
This commit is contained in:
Dominique Leuenberger 2023-07-09 18:39:07 +00:00 committed by Git OBS Bridge
commit fbaa0b6684
9 changed files with 46 additions and 196 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
MozillaThunderbird.changes
View File

@ -1,3 +1,24 @@
-------------------------------------------------------------------
Fri Jul 7 12:47:11 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>
- Mozilla Thunderbird 102.13.0
* Upstream RNP version numbers now recognized as official in about:support
MFSA 2023-24 (bsc#1212438)
* CVE-2023-37201 (bmo#1826002)
Use-after-free in WebRTC certificate generation
* CVE-2023-37202 (bmo#1834711)
Potential use-after-free from compartment mismatch in
SpiderMonkey
* CVE-2023-37207 (bmo#1816287)
Fullscreen notification obscured
* CVE-2023-37208 (bmo#1837675)
Lack of warning when opening Diagcab files
* CVE-2023-37211 (bmo#1832306, bmo#1834862, bmo#1835886,
bmo#1836550, bmo#1837450)
Memory safety bugs fixed in Firefox 115, Firefox ESR 102.13,
and Thunderbird 102.13
- mozilla-llvm16.patch has been applied upstream, remove it here
------------------------------------------------------------------- -------------------------------------------------------------------
Sun Jun 4 08:22:58 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org> Sun Jun 4 08:22:58 UTC 2023 - Wolfgang Rosenauer <wr@rosenauer.org>

6
MozillaThunderbird.spec
View File

@ -29,8 +29,8 @@
# major 69 # major 69
# mainver %major.99 # mainver %major.99
%define major 102 %define major 102
%define mainver %major.12.0 %define mainver %major.13.0
%define orig_version 102.12.0 %define orig_version 102.13.0
%define orig_suffix %{nil} %define orig_suffix %{nil}
%define update_channel release %define update_channel release
%define source_prefix thunderbird-%{orig_version} %define source_prefix thunderbird-%{orig_version}
@ -207,7 +207,6 @@ Patch20: mozilla-bmo531915.patch
Patch21: one_swizzle_to_rule_them_all.patch Patch21: one_swizzle_to_rule_them_all.patch
Patch22: svg-rendering.patch Patch22: svg-rendering.patch
Patch23: gcc13-fix.patch Patch23: gcc13-fix.patch
Patch24: mozilla-llvm16.patch
%endif %endif
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
PreReq: /bin/sh PreReq: /bin/sh
@ -297,7 +296,6 @@ fi
%patch21 -p1 %patch21 -p1
%patch22 -p1 %patch22 -p1
%patch23 -p1 %patch23 -p1
%patch24 -p1
%endif %endif
%build %build

0
l10n-102.12.0.tar.xz → l10n-102.13.0.tar.xz
View File

169
mozilla-llvm16.patch
View File

@ -1,169 +0,0 @@
From 80738016a36e803fe3bf8b8f6f388c6589d86a1c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Emilio=20Cobos=20=C3=81lvarez?= <emilio@crisal.io>
Date: Tue, 18 Oct 2022 02:17:18 +0200
Subject: [PATCH] clang: Detect anonymous items explicitly, rather than relying
on empty names.
In Clang 16, anonymous items may return names like
`(anonymous union at ..)` rather than empty names.
The right way to detect them is using clang_Cursor_isAnonymous.
Fixes #2312
Closes #2316
Co-Authored-by: Patrick Walton <pcwalton@fb.com>
diff --git a/third_party/rust/bindgen/src/clang.rs b/third_party/rust/bindgen/src/clang.rs
index 488660c434..ef74ac08c2 100644
--- a/third_party/rust/bindgen/src/clang.rs
+++ b/third_party/rust/bindgen/src/clang.rs
@@ -54,6 +54,11 @@ impl Cursor {
unsafe { clang_isDeclaration(self.kind()) != 0 }
}
+ /// Is this cursor's referent an anonymous record or so?
+ pub fn is_anonymous(&self) -> bool {
+ unsafe { clang_Cursor_isAnonymous(self.x) != 0 }
+ }
+
/// Get this cursor's referent's spelling.
pub fn spelling(&self) -> String {
unsafe { cxstring_into_string(clang_getCursorSpelling(self.x)) }
diff --git a/third_party/rust/bindgen/src/ir/comp.rs b/third_party/rust/bindgen/src/ir/comp.rs
index 22c124fa36..b715616c5e 100644
--- a/third_party/rust/bindgen/src/ir/comp.rs
+++ b/third_party/rust/bindgen/src/ir/comp.rs
@@ -1372,8 +1372,7 @@ impl CompInfo {
// A declaration of an union or a struct without name could
// also be an unnamed field, unfortunately.
- if cur.spelling().is_empty() &&
- cur.kind() != CXCursor_EnumDecl
+ if cur.is_anonymous() && cur.kind() != CXCursor_EnumDecl
{
let ty = cur.cur_type();
let offset = cur.offset_of_field().ok();
diff --git a/third_party/rust/bindgen/src/ir/ty.rs b/third_party/rust/bindgen/src/ir/ty.rs
index e6eecc3c50..f3e1193ce2 100644
--- a/third_party/rust/bindgen/src/ir/ty.rs
+++ b/third_party/rust/bindgen/src/ir/ty.rs
@@ -737,7 +737,12 @@ impl Type {
let layout = ty.fallible_layout(ctx).ok();
let cursor = ty.declaration();
- let mut name = cursor.spelling();
+ let is_anonymous = cursor.is_anonymous();
+ let mut name = if is_anonymous {
+ None
+ } else {
+ Some(cursor.spelling()).filter(|n| !n.is_empty())
+ };
debug!(
"from_clang_ty: {:?}, ty: {:?}, loc: {:?}",
@@ -771,7 +776,7 @@ impl Type {
if is_canonical_objcpointer && is_template_type_param {
// Objective-C generics are just ids with fancy name.
// To keep it simple, just name them ids
- name = "id".to_owned();
+ name = Some("id".to_owned());
}
}
@@ -900,7 +905,7 @@ impl Type {
return Err(ParseError::Recurse);
}
} else {
- name = location.spelling();
+ name = Some(location.spelling());
}
let complex = CompInfo::from_ty(
@@ -942,7 +947,7 @@ impl Type {
CXType_Typedef
);
- name = current.spelling();
+ name = Some(location.spelling());
let inner_ty = cur
.typedef_type()
@@ -1126,10 +1131,10 @@ impl Type {
CXType_Enum => {
let enum_ = Enum::from_ty(ty, ctx).expect("Not an enum?");
- if name.is_empty() {
+ if !is_anonymous {
let pretty_name = ty.spelling();
if clang::is_valid_identifier(&pretty_name) {
- name = pretty_name;
+ name = Some(pretty_name);
}
}
@@ -1144,12 +1149,12 @@ impl Type {
)
.expect("Not a complex type?");
- if name.is_empty() {
+ if !is_anonymous {
// The pretty-printed name may contain typedefed name,
// but may also be "struct (anonymous at .h:1)"
let pretty_name = ty.spelling();
if clang::is_valid_identifier(&pretty_name) {
- name = pretty_name;
+ name = Some(pretty_name);
}
}
@@ -1161,8 +1166,7 @@ impl Type {
location,
None,
ctx,
- )
- .expect("Not able to resolve vector element?");
+ )?;
TypeKind::Vector(inner, ty.num_elements().unwrap())
}
CXType_ConstantArray => {
@@ -1189,7 +1193,9 @@ impl Type {
CXType_ObjCClass | CXType_ObjCInterface => {
let interface = ObjCInterface::from_ty(&location, ctx)
.expect("Not a valid objc interface?");
- name = interface.rust_name();
+ if !is_anonymous {
+ name = Some(interface.rust_name());
+ }
TypeKind::ObjCInterface(interface)
}
CXType_Dependent => {
@@ -1207,7 +1213,7 @@ impl Type {
}
};
- let name = if name.is_empty() { None } else { Some(name) };
+ name = name.filter(|n| !n.is_empty());
let is_const = ty.is_const() ||
(ty.kind() == CXType_ConstantArray &&
diff --git a/third_party/rust/bindgen/src/ir/var.rs b/third_party/rust/bindgen/src/ir/var.rs
index c6f121d74e..679c92bbea 100644
--- a/third_party/rust/bindgen/src/ir/var.rs
+++ b/third_party/rust/bindgen/src/ir/var.rs
@@ -301,11 +301,11 @@ impl ClangSubItemParser for Var {
let ty = match Item::from_ty(&ty, cursor, None, ctx) {
Ok(ty) => ty,
Err(e) => {
- assert_eq!(
- ty.kind(),
- CXType_Auto,
+ assert!(
+ matches!(ty.kind(), CXType_Auto | CXType_Unexposed),
"Couldn't resolve constant type, and it \
- wasn't an nondeductible auto type!"
+ wasn't an nondeductible auto type or unexposed \
+ type!"
);
return Err(e);
}

8
tar_stamps
View File

@ -1,10 +1,10 @@
PRODUCT="thunderbird" PRODUCT="thunderbird"
CHANNEL="esr102" CHANNEL="esr102"
VERSION="102.12.0" VERSION="102.13.0"
VERSION_SUFFIX="" VERSION_SUFFIX=""
PREV_VERSION="102.11.2" PREV_VERSION="102.12.0"
PREV_VERSION_SUFFIX="" PREV_VERSION_SUFFIX=""
#SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
RELEASE_REPO="https://hg.mozilla.org/releases/comm-esr102" RELEASE_REPO="https://hg.mozilla.org/releases/comm-esr102"
RELEASE_TAG="9d42734e12597ccdb59fee178bf369d8c328dcad" RELEASE_TAG="2bf94c4d195694485df5d632f2453888cf4f6657"
RELEASE_TIMESTAMP="20230604001933" RELEASE_TIMESTAMP="20230704155023"

3
thunderbird-102.12.0.source.tar.xz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:5aa776b75dd47e77303185033c2c443a425488d28ced5c6e29e5bd64e7ac5afe
size 502135796

16
thunderbird-102.12.0.source.tar.xz.asc
View File

@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmR8AegACgkQ4207E/PZ
MnSD7xAAvp3CxpTK2iAxLEajal67crBILNXeVCI7JdaS9WfcRNBEA+94sGhRP9OL
Cq4KQECQl897cOY+Wffgdm3Mdgj+KBgDE/M1zL5GqFYdqQAEN8DaMGqBf/9GCvMQ
iHb32ICUNgtBrEZIIA34wdgjfrFn3Zx+KjzIiygyRL3RhnOmwST/BfMJi+MI67lg
8vsGCEgbHEWDbEKUZkn2wtSiMaWrHYQI4sFlOAlxL15V0GJ6GBiL12utt48rddWT
BHQi1rCRgdJl4HtX5rjLrUGD3Hmy3ZyyV9AxRvlLI7XZyqaxd3RSn6SChRGyJnEQ
7aUql8sh3ccN4pxPakKxFIHQ7Y/39t5oFemlwZwU18FRozhicvSInsPLlDo+VXZH
Xz/4avO/4JSdy/2ss5I3S/idblHh9voX2qlv/PnVoc36onunnb1veP6Jaah2rPNj
WYEZzGKlAD4qU507EHGrq1U8n7lBhZWeCD6Hu5SpcIMeCEmztcw151fegZUus4kg
y9Wv1wah/b1iETAheEMtdd00G7hcvK9YkhKSiZK6CUe7WwXtMNQ9CrvtdULCAdAA
Mwvo17XTRiK8a8L379qBXyUzzUvHsfoBOTjnWZ1NXFJSlsqObnNBFZQ8Z3bBNpSI
V343EP2luGZgaRYACsSZ7/yV/N5gAejPxMUjjKEEZKsmLJTsYkQ=
=gM5a
-----END PGP SIGNATURE-----

3
thunderbird-102.13.0.source.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:7a7208cab2810231c2842334a2ffb37d704934dd212011395aec3609751affbc
size 503365504

16
thunderbird-102.13.0.source.tar.xz.asc Normal file
View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmSoJVcACgkQ4207E/PZ
MnRO+BAAklPa+yglRS7ZopMp820Jsv4GOBN4SusNjnVuDtXvESEKmBH+E00mHNiF
LaFHPr0ZY1BA7k8ImBmqX6osYEKMOGp7ksbD04mQlR3LMo5emjfOeQoTGhaBnVZy
iJGqqHj/1Ys7+8q/VmGvIjWJ4uPBVwTVDMivwKIAil2sS3ml8Dq5XuCGMSHXcq4x
i89qJE/NA1JC1YA6CO9drg6eGzhNvn0MbwtrQkcoRc65ltmIV55TUvIZnJxSA3tY
r+BAjbOij0eUnhWy8hA8igbqYEnELNZZQsghiJfm1zMWy0cpP9DJlIipLa3ODAwy
bp0yne/fEpq26y5gBAKiFHPdWpV7FWNYwlV9FPXg25MxfUqneGzs/B+TjYX8hxKF
KeSesabvNK7UYJL8Wc9HgocBlZ2S/pDPZ2T1quJ1+NFL5KAG1yanFX5CnXVEEYak
ecfgxjw7YjE/GO0MxF1spyx4abY5aQ6dVGfnVtRFDt6fh52DM18sWuPbC40lrhYE
S8UhkKMFBAZc8TvibLhgaz+8BEDJh2Y8W5bioRedwl/YWZ5wGBeiM2hJ+re92HlF
j0h5KaOOcmST/zdlOlPbBaTRChyK80T4kujU+UWM9hCEJAQ8lMyyHIBufRJVIUg5
+3LQnYNYPxWJ7E6Pb09lBtcJ6zsE8Ie3Vx/P4ltu3Usfl7I/iNk=
=Gntb
-----END PGP SIGNATURE-----