firefox-esr/mozilla-ntlm-full-path.patch

# HG changeset patch
# User Petr Cerny <pcerny@novell.com>
# Parent 7308e4a7c1f769f4bbbc90870b849cadd99495a6
# Parent  3399aced682c232525633755ff79b37a0be75548
Bug 634334 - call to the ntlm_auth helper fails

diff --git a/extensions/auth/nsAuthSambaNTLM.cpp b/extensions/auth/nsAuthSambaNTLM.cpp
--- a/extensions/auth/nsAuthSambaNTLM.cpp
+++ b/extensions/auth/nsAuthSambaNTLM.cpp
@@ -148,17 +148,17 @@ nsresult nsAuthSambaNTLM::SpawnNTLMAuthH
     }
 
     base::LaunchOptions options;
     options.fds_to_remap.push_back(
         std::pair{toChildPipeRead.get(), STDIN_FILENO});
     options.fds_to_remap.push_back(
         std::pair{fromChildPipeWrite.get(), STDOUT_FILENO});
 
-    std::vector<std::string> argvVec{"ntlm_auth",        "--helper-protocol",
+    std::vector<std::string> argvVec{"/usr/bin/ntlm_auth",        "--helper-protocol",
                                      "ntlmssp-client-1", "--use-cached-creds",
                                      "--username",       username};
 
     auto result = base::LaunchApp(argvVec, std::move(options), &mChildPID);
     if (result.isErr()) {
       return NS_ERROR_FAILURE;
     }
- Firefox Extended Support Release 140.1.0 ESR * Fixed: Various security fixes. - Mozilla Firefox ESR 140.1.0 https://www.mozilla.org/security/advisories/mfsa2025-59 MFSA 2025-59 (boo#1246664) * CVE-2025-8027 (bmo#1968423) JavaScript engine only wrote partial return value to stack * CVE-2025-8028 (bmo#1971581) Large branch table could lead to truncated instruction * CVE-2025-8029 (bmo#1928021) javascript: URLs executed on object and embed tags * CVE-2025-8036 (bmo#1960834) DNS rebinding circumvents CORS * CVE-2025-8037 (bmo#1964767) Nameless cookies shadow secure cookies * CVE-2025-8030 (bmo#1968414) Potential user-assisted code execution in “Copy as cURL” command * CVE-2025-8031 (bmo#1971719) Incorrect URL stripping in CSP reports * CVE-2025-8032 (bmo#1974407) XSLT documents could bypass CSP * CVE-2025-8038 (bmo#1808979) CSP frame-src was not correctly enforced for paths * CVE-2025-8039 (bmo#1970997) Search terms persisted in URL bar * CVE-2025-8033 (bmo#1973990) Incorrect JavaScript state machine for generators * CVE-2025-8034 (bmo#1970422, bmo#1970422, bmo#1970422, bmo#1970422) Memory safety bugs fixed in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141 * CVE-2025-8040 (bmo#1975058, bmo#1975058, bmo#1975998, bmo#1975998) Memory safety bugs fixed in Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141 * CVE-2025-8035 (bmo#1975961, bmo#1975961, bmo#1975961) Memory safety bugs fixed in Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/firefox-esr?expand=0&rev=63 2025-07-22 12:41:13 +00:00			`# HG changeset patch`
			`# User Petr Cerny <pcerny@novell.com>`
			`# Parent 7308e4a7c1f769f4bbbc90870b849cadd99495a6`
			`# Parent 3399aced682c232525633755ff79b37a0be75548`
			`Bug 634334 - call to the ntlm_auth helper fails`

			`diff --git a/extensions/auth/nsAuthSambaNTLM.cpp b/extensions/auth/nsAuthSambaNTLM.cpp`
			`--- a/extensions/auth/nsAuthSambaNTLM.cpp`
			`+++ b/extensions/auth/nsAuthSambaNTLM.cpp`
			`@@ -148,17 +148,17 @@ nsresult nsAuthSambaNTLM::SpawnNTLMAuthH`
			`}`

			`base::LaunchOptions options;`
			`options.fds_to_remap.push_back(`
			`std::pair{toChildPipeRead.get(), STDIN_FILENO});`
			`options.fds_to_remap.push_back(`
			`std::pair{fromChildPipeWrite.get(), STDOUT_FILENO});`

			`- std::vector<std::string> argvVec{"ntlm_auth", "--helper-protocol",`
			`+ std::vector<std::string> argvVec{"/usr/bin/ntlm_auth", "--helper-protocol",`
			`"ntlmssp-client-1", "--use-cached-creds",`
			`"--username", username};`

			`auto result = base::LaunchApp(argvVec, std::move(options), &mChildPID);`
			`if (result.isErr()) {`
			`return NS_ERROR_FAILURE;`
			`}`