pool/firefox-esr
SHA256
11
0
Fork 0
Code Issues Pull Requests Activity
Files
devel
firefox-esr/one_swizzle_to_rule_them_all.patch

35 lines
1.2 KiB
Diff
Raw Permalink Normal View History

- Firefox Extended Support Release 140.1.0 ESR * Fixed: Various security fixes. - Mozilla Firefox ESR 140.1.0 https://www.mozilla.org/security/advisories/mfsa2025-59 MFSA 2025-59 (boo#1246664) * CVE-2025-8027 (bmo#1968423) JavaScript engine only wrote partial return value to stack * CVE-2025-8028 (bmo#1971581) Large branch table could lead to truncated instruction * CVE-2025-8029 (bmo#1928021) javascript: URLs executed on object and embed tags * CVE-2025-8036 (bmo#1960834) DNS rebinding circumvents CORS * CVE-2025-8037 (bmo#1964767) Nameless cookies shadow secure cookies * CVE-2025-8030 (bmo#1968414) Potential user-assisted code execution in “Copy as cURL” command * CVE-2025-8031 (bmo#1971719) Incorrect URL stripping in CSP reports * CVE-2025-8032 (bmo#1974407) XSLT documents could bypass CSP * CVE-2025-8038 (bmo#1808979) CSP frame-src was not correctly enforced for paths * CVE-2025-8039 (bmo#1970997) Search terms persisted in URL bar * CVE-2025-8033 (bmo#1973990) Incorrect JavaScript state machine for generators * CVE-2025-8034 (bmo#1970422, bmo#1970422, bmo#1970422, bmo#1970422) Memory safety bugs fixed in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141 * CVE-2025-8040 (bmo#1975058, bmo#1975058, bmo#1975998, bmo#1975998) Memory safety bugs fixed in Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141 * CVE-2025-8035 (bmo#1975961, bmo#1975961, bmo#1975961) Memory safety bugs fixed in Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/firefox-esr?expand=0&rev=63
2025-07-22 12:41:13 +00:00
# HG changeset patch
# User M. Sirringhaus <msirringhaus@suse.de>
# Date 1645518286 -3600
# Tue Feb 22 09:24:46 2022 +0100
# Node ID 494640792b4677f6462e95b90a54a4e22aeb738b
# Parent 81832d035e101471dcf52dd91de287268add7a91
imported patch one_swizzle_to_rule_them_all.patch
Index: firefox-115.0/gfx/webrender_bindings/RenderCompositorSWGL.cpp
===================================================================
--- firefox-115.0.orig/gfx/webrender_bindings/RenderCompositorSWGL.cpp
+++ firefox-115.0/gfx/webrender_bindings/RenderCompositorSWGL.cpp
@@ -7,6 +7,7 @@
#include "RenderCompositorSWGL.h"
#include "mozilla/gfx/Logging.h"
+#include "mozilla/gfx/Swizzle.h"
#include "mozilla/widget/CompositorWidget.h"
#ifdef MOZ_WIDGET_GTK
@@ -242,6 +243,13 @@ void RenderCompositorSWGL::CommitMappedB
}
mDT->Flush();
+#if MOZ_BIG_ENDIAN()
+ // One swizzle to rule them all.
+ gfx::SwizzleData(mMappedData, mMappedStride, gfx::SurfaceFormat::B8G8R8A8,
+ mMappedData, mMappedStride, gfx::SurfaceFormat::A8R8G8B8,
+ mDT->GetSize());
+#endif
+
// Done with the DT. Hand it back to the widget and clear out any trace of it.
mWidget->EndRemoteDrawingInRegion(mDT, mDirtyRegion);
mDirtyRegion.SetEmpty();
Reference in New Issue Copy Permalink