18f716d93a
https://www.thunderbird.net/en-US/thunderbird/128.0esr/releasenotes/ and following release notes for minor version updates MFSA 2024-52 (bsc#1231413) * CVE-2024-9680 (bmo#1923344) Use-after-free in Animation timeline Mozilla Thunderbird 128.3.0 MFSA 2024-32 (128.0) MFSA 2024-37 (128.1) MFSA 2024-43 (128.2) MFSA 2024-49 (128.3) (bsc#1230979) * CVE-2024-9392 (bmo#1899154, bmo#1905843) Compromised content process can bypass site isolation * CVE-2024-9393 (bmo#1918301) Cross-origin access to PDF contents through multipart responses * CVE-2024-9394 (bmo#1918874) Cross-origin access to JSON contents through multipart responses * CVE-2024-8900 (bmo#1872841) Clipboard write permission bypass * CVE-2024-9396 (bmo#1912471) Potential memory corruption may occur when cloning certain objects * CVE-2024-9397 (bmo#1916659) Potential directory upload bypass via clickjacking * CVE-2024-9398 (bmo#1881037) External protocol handlers could be enumerated via popups * CVE-2024-9399 (bmo#1907726) Specially crafted WebTransport requests could lead to denial of service * CVE-2024-9400 (bmo#1915249) Potential memory corruption during JIT compilation OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaThunderbird?expand=0&rev=772
125 lines
4.9 KiB
Diff
125 lines
4.9 KiB
Diff
# HG changeset patch
|
|
# User Wolfgang Rosenauer <wr@rosenauer.org>
|
|
# Parent 9959fe2a13a39cbeb98ca1bef2e21caba16717bd
|
|
|
|
Index: firefox-115.0/build/moz.configure/lto-pgo.configure
|
|
===================================================================
|
|
--- firefox-115.0.orig/build/moz.configure/lto-pgo.configure
|
|
+++ firefox-115.0/build/moz.configure/lto-pgo.configure
|
|
@@ -251,8 +251,8 @@ def lto(
|
|
cflags.append("-flto")
|
|
ldflags.append("-flto")
|
|
else:
|
|
- cflags.append("-flto=thin")
|
|
- ldflags.append("-flto=thin")
|
|
+ cflags.append("-flto")
|
|
+ ldflags.append("-flto")
|
|
|
|
if target.os == "Android" and "cross" in values:
|
|
# Work around https://github.com/rust-lang/rust/issues/90088
|
|
@@ -268,7 +268,7 @@ def lto(
|
|
if "full" in values:
|
|
cflags.append("-flto")
|
|
else:
|
|
- cflags.append("-flto=thin")
|
|
+ cflags.append("-flto")
|
|
# With clang-cl, -flto can only be used with -c or -fuse-ld=lld.
|
|
# AC_TRY_LINKs during configure don't have -c, so pass -fuse-ld=lld.
|
|
cflags.append("-fuse-ld=lld")
|
|
Index: firefox-115.0/build/pgo/profileserver.py
|
|
===================================================================
|
|
--- firefox-115.0.orig/build/pgo/profileserver.py
|
|
+++ firefox-115.0/build/pgo/profileserver.py
|
|
@@ -11,7 +11,7 @@ import subprocess
|
|
import sys
|
|
|
|
import mozcrash
|
|
-from mozbuild.base import BinaryNotFoundException, MozbuildObject
|
|
+from mozbuild.base import BinaryNotFoundException, MozbuildObject, BuildEnvironmentNotFoundException
|
|
from mozfile import TemporaryDirectory
|
|
from mozhttpd import MozHttpd
|
|
from mozprofile import FirefoxProfile, Preferences
|
|
@@ -87,9 +87,22 @@ if __name__ == "__main__":
|
|
locations = ServerLocations()
|
|
locations.add_host(host="127.0.0.1", port=PORT, options="primary,privileged")
|
|
|
|
- old_profraw_files = glob.glob("*.profraw")
|
|
- for f in old_profraw_files:
|
|
- os.remove(f)
|
|
+ using_gcc = False
|
|
+ try:
|
|
+ if build.config_environment.substs.get('CC_TYPE') == 'gcc':
|
|
+ using_gcc = True
|
|
+ except BuildEnvironmentNotFoundException:
|
|
+ pass
|
|
+
|
|
+ if using_gcc:
|
|
+ for dirpath, _, filenames in os.walk('.'):
|
|
+ for f in filenames:
|
|
+ if f.endswith('.gcda'):
|
|
+ os.remove(os.path.join(dirpath, f))
|
|
+ else:
|
|
+ old_profraw_files = glob.glob('*.profraw')
|
|
+ for f in old_profraw_files:
|
|
+ os.remove(f)
|
|
|
|
with TemporaryDirectory() as profilePath:
|
|
# TODO: refactor this into mozprofile
|
|
@@ -213,6 +226,10 @@ if __name__ == "__main__":
|
|
print("Firefox exited successfully, but produced a crashreport")
|
|
sys.exit(1)
|
|
|
|
+ print('Copying profile data....')
|
|
+ os.system('pwd');
|
|
+ os.system('tar cf profdata.tar.gz `find . -name "*.gcda"`; cd ..; tar xf instrumented/profdata.tar.gz;');
|
|
+
|
|
llvm_profdata = env.get("LLVM_PROFDATA")
|
|
if llvm_profdata:
|
|
profraw_files = glob.glob("*.profraw")
|
|
Index: firefox-115.0/build/unix/mozconfig.unix
|
|
===================================================================
|
|
--- firefox-115.0.orig/build/unix/mozconfig.unix
|
|
+++ firefox-115.0/build/unix/mozconfig.unix
|
|
@@ -4,6 +4,15 @@ if [ -n "$FORCE_GCC" ]; then
|
|
CC="$MOZ_FETCHES_DIR/gcc/bin/gcc"
|
|
CXX="$MOZ_FETCHES_DIR/gcc/bin/g++"
|
|
|
|
+ if [ -n "$MOZ_PGO" ]; then
|
|
+ if [ -z "$USE_ARTIFACT" ]; then
|
|
+ ac_add_options --enable-lto
|
|
+ fi
|
|
+ export AR="$topsrcdir/gcc/bin/gcc-ar"
|
|
+ export NM="$topsrcdir/gcc/bin/gcc-nm"
|
|
+ export RANLIB="$topsrcdir/gcc/bin/gcc-ranlib"
|
|
+ fi
|
|
+
|
|
# We want to make sure we use binutils and other binaries in the tooltool
|
|
# package.
|
|
mk_add_options "export PATH=$MOZ_FETCHES_DIR/gcc/bin:$MOZ_FETCHES_DIR/binutils/bin:$PATH"
|
|
Index: firefox-115.0/extensions/spellcheck/src/moz.build
|
|
===================================================================
|
|
--- firefox-115.0.orig/extensions/spellcheck/src/moz.build
|
|
+++ firefox-115.0/extensions/spellcheck/src/moz.build
|
|
@@ -28,3 +28,5 @@ EXPORTS.mozilla += [
|
|
"mozInlineSpellChecker.h",
|
|
"mozSpellChecker.h",
|
|
]
|
|
+
|
|
+CXXFLAGS += ['-fno-devirtualize']
|
|
Index: firefox-115.0/toolkit/components/terminator/nsTerminator.cpp
|
|
===================================================================
|
|
--- firefox-115.0.orig/toolkit/components/terminator/nsTerminator.cpp
|
|
+++ firefox-115.0/toolkit/components/terminator/nsTerminator.cpp
|
|
@@ -460,6 +460,11 @@ void nsTerminator::StartWatchdog() {
|
|
}
|
|
#endif
|
|
|
|
+ // Disable watchdog for PGO train builds - writting profile information at
|
|
+ // exit may take time and it is better to make build hang rather than
|
|
+ // silently produce poorly performing binary.
|
|
+ crashAfterMS = INT32_MAX;
|
|
+
|
|
UniquePtr<Options> options(new Options());
|
|
// crashAfterTicks is guaranteed to be > 0 as
|
|
// crashAfterMS >= ADDITIONAL_WAIT_BEFORE_CRASH_MS >> HEARTBEAT_INTERVAL_MS
|