2007-01-08 12:23:18 +01:00
|
|
|
#
|
2024-01-31 18:28:29 +01:00
|
|
|
# spec file for package MozillaFirefox
|
2007-01-08 12:23:18 +01:00
|
|
|
#
|
2024-01-12 17:07:06 +01:00
|
|
|
# Copyright (c) 2024 SUSE LLC
|
2024-03-22 17:21:08 +01:00
|
|
|
# Copyright (c) 2006-2024 Wolfgang Rosenauer <wr@rosenauer.org>
|
2007-01-08 12:23:18 +01:00
|
|
|
#
|
2008-08-22 00:53:39 +02:00
|
|
|
# All modifications and additions to the file contributed by third parties
|
|
|
|
# remain the property of their copyright owners, unless otherwise agreed
|
|
|
|
# upon. The license for this file, and modifications and additions to the
|
|
|
|
# file, is the same license as for the pristine package itself (unless the
|
|
|
|
# license for the pristine package is not an Open Source License, in which
|
|
|
|
# case the license is the MIT License). An "Open Source License" is a
|
|
|
|
# license that conforms to the Open Source Definition (Version 1.9)
|
|
|
|
# published by the Open Source Initiative.
|
|
|
|
|
2019-01-12 23:48:04 +01:00
|
|
|
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
2007-01-08 12:23:18 +01:00
|
|
|
#
|
|
|
|
|
2012-03-01 10:09:12 +01:00
|
|
|
|
2021-03-17 09:41:08 +01:00
|
|
|
%define _dwz_low_mem_die_limit 40000000
|
|
|
|
%define _dwz_max_die_limit 200000000
|
|
|
|
|
2014-10-19 21:45:31 +02:00
|
|
|
# changed with every update
|
2020-06-30 13:39:58 +02:00
|
|
|
# orig_version vs. mainver: To have beta-builds
|
|
|
|
# FF70beta3 would be released as FF69.99
|
|
|
|
# orig_version would be the upstream tar ball
|
|
|
|
# orig_version 70.0
|
|
|
|
# orig_suffix b3
|
|
|
|
# major 69
|
2023-03-20 08:47:31 +01:00
|
|
|
# mainver %%major.99
|
2024-05-21 10:22:00 +02:00
|
|
|
%define major 126
|
|
|
|
%define mainver %major.0
|
|
|
|
%define orig_version 126.0
|
2019-09-09 08:28:12 +02:00
|
|
|
%define orig_suffix %{nil}
|
|
|
|
%define update_channel release
|
2018-06-25 22:56:47 +02:00
|
|
|
%define branding 1
|
2019-10-13 18:07:47 +02:00
|
|
|
%define devpkg 1
|
2008-02-15 01:45:38 +01:00
|
|
|
|
2020-12-10 13:07:53 +01:00
|
|
|
# PGO builds do not work in TW currently (bmo#1680306)
|
|
|
|
%define do_profiling 0
|
- Mozilla Firefox 73.0
* Added support for setting a default zoom level applicable for all
web content
* High-contrast mode has been updated to allow background images
* Improved audio quality when playing back audio at a faster or
slower speed
* Added NextDNS as alternative option for DNS over HTTPS
MFSA 2020-05 (bsc#1163368)
* CVE-2020-6796 (bmo#1610426)
Missing bounds check on shared memory read in the parent process
* CVE-2020-6797 (bmo#1596668) (MacOS X only)
Extensions granted downloads.open permission could open arbitrary
applications on Mac OSX
* CVE-2020-6798 (bmo#1602944)
Incorrect parsing of template tag could result in JavaScript injection
* CVE-2020-6799 (bmo#1606596) (Windows only)
Arbitrary code execution when opening pdf links from other
applications, when Firefox is configured as default pdf reader
* CVE-2020-6800 (bmo#1595786,bmo#1596706,bmo#1598543,bmo#1604851,
bmo#1608580,bmo#1608785,bmo#1605777)
Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5
* CVE-2020-6801 (bmo#1601024,bmo#1601712,bmo#1604836,bmo#1606492)
Memory safety bugs fixed in Firefox 73
- updated requirements
* rust >= 1.39
* NSS >= 3.49.2
* rust-cbindgen >= 0.12.0
- rebased patches
- removed obsolete patch
* mozilla-bmo1601707.patch
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=802
2020-02-12 15:14:39 +01:00
|
|
|
|
2020-06-02 16:55:49 +02:00
|
|
|
# upstream default is clang (to use gcc for large parts set to 0)
|
2021-08-29 16:45:03 +02:00
|
|
|
%define clang_build 0
|
2018-12-12 12:35:28 +01:00
|
|
|
|
2019-09-05 14:57:01 +02:00
|
|
|
%bcond_with only_print_mozconfig
|
|
|
|
|
2021-03-27 15:02:10 +01:00
|
|
|
# define if ccache should be used or not
|
2022-02-03 18:24:14 +01:00
|
|
|
%define useccache 0
|
2021-03-27 15:02:10 +01:00
|
|
|
|
2021-08-11 22:19:19 +02:00
|
|
|
# SLE-12 doesn't have this macro
|
|
|
|
%{!?_rpmmacrodir: %global _rpmmacrodir %{_rpmconfigdir}/macros.d}
|
|
|
|
|
2023-06-10 17:11:56 +02:00
|
|
|
# No i586 on SLE-12, as the rpmlints are broken and can't handle the big rpms resulting from this build.
|
|
|
|
%if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000
|
2023-06-20 08:31:10 +02:00
|
|
|
ExclusiveArch: aarch64 ppc64le x86_64 s390x
|
2023-06-10 17:11:56 +02:00
|
|
|
%else
|
2017-09-05 12:10:37 +02:00
|
|
|
# Firefox only supports i686
|
|
|
|
%ifarch %ix86
|
|
|
|
ExclusiveArch: i586 i686
|
|
|
|
BuildArch: i686
|
2023-08-29 14:55:43 +02:00
|
|
|
%{expand:%%global optflags %(echo "%optflags"|sed -e s/i586/i686/) -march=i686 -mtune=generic -msse2}
|
2017-03-20 17:07:00 +01:00
|
|
|
%endif
|
2023-06-10 17:11:56 +02:00
|
|
|
%endif
|
2022-10-20 23:12:10 +02:00
|
|
|
%{expand:%%global optflags %(echo "%optflags"|sed -e s/-flto=auto//) }
|
2017-03-07 09:35:10 +01:00
|
|
|
|
2014-10-19 21:45:31 +02:00
|
|
|
# general build definitions
|
2015-01-14 19:32:16 +01:00
|
|
|
%define progname firefox
|
2021-09-07 21:29:05 +02:00
|
|
|
%define appname Firefox
|
2015-01-14 19:32:16 +01:00
|
|
|
%define pkgname MozillaFirefox
|
2019-10-13 18:07:47 +02:00
|
|
|
%define srcname firefox
|
2015-01-14 19:32:16 +01:00
|
|
|
%define progdir %{_prefix}/%_lib/%{progname}
|
|
|
|
%define gnome_dir %{_prefix}
|
|
|
|
%define desktop_file_name %{progname}
|
2014-10-19 21:40:39 +02:00
|
|
|
%define firefox_appid \{ec8030f7-c20a-464f-9b0e-13a3a9e97384\}
|
2018-02-09 23:45:30 +01:00
|
|
|
%define __provides_exclude ^lib.*\\.so.*$
|
- Mozilla Firefox 118.0.1
MFSA 2023-44 (bsc#1215814)
* CVE-2023-5217 (bmo#1855550),
Heap buffer overflow in libvpx
- Mozilla Firefox 118.0
MFSA 2023-41 (bsc#1215575)
* CVE-2023-5168 (bmo#1846683)
Out-of-bounds write in FilterNodeD2D1
* CVE-2023-5169 (bmo#1846685)
Out-of-bounds write in PathOps
* CVE-2023-5170 (bmo#1846686)
Memory leak from a privileged process
* CVE-2023-5171 (bmo#1851599)
Use-after-free in Ion Compiler
* CVE-2023-5172 (bmo#1852218)
Memory Corruption in Ion Hints
* CVE-2023-5173 (bmo#1823172)
Out-of-bounds write in HTTP Alternate Services
* CVE-2023-5174 (bmo#1848454)
Double-free in process spawning on Windows
* CVE-2023-5175 (bmo#1849704)
Use-after-free of ImageBitmap during process shutdown
* CVE-2023-5176 (bmo#1836353, bmo#1842674, bmo#1843824, bmo#1843962,
bmo#1848890, bmo#1850180, bmo#1850983, bmo#1851195)
Memory safety bugs fixed in Firefox 118, Firefox ESR 115.3,
and Thunderbird 115.3
- requires NSS 3.93
- deactivated KDE integration temporarily
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1108
2023-09-29 10:31:52 +02:00
|
|
|
%define __requires_exclude ^(libmoz.*|liblgpllibs.*|libxul.*|libgk.*)$
|
2014-10-19 21:40:39 +02:00
|
|
|
%define localize 1
|
2016-11-15 19:06:29 +01:00
|
|
|
%ifarch %ix86 x86_64
|
2014-10-19 21:40:39 +02:00
|
|
|
%define crashreporter 1
|
2016-11-15 19:06:29 +01:00
|
|
|
%else
|
|
|
|
%define crashreporter 0
|
2014-10-19 21:40:39 +02:00
|
|
|
%endif
|
2021-04-20 09:57:25 +02:00
|
|
|
%define with_pipewire0_3 1
|
|
|
|
%define wayland_supported 1
|
|
|
|
%if 0%{?sle_version} > 0 && 0%{?sle_version} < 150200
|
|
|
|
# pipewire is too old on Leap <=15.1
|
2020-06-30 13:39:58 +02:00
|
|
|
%define with_pipewire0_3 0
|
2021-04-20 09:57:25 +02:00
|
|
|
# Wayland is too old on Leap <=15.1 as well
|
|
|
|
%define wayland_supported 0
|
2020-06-30 13:39:58 +02:00
|
|
|
%endif
|
2013-04-02 21:00:31 +02:00
|
|
|
|
2015-01-14 19:32:16 +01:00
|
|
|
Name: %{pkgname}
|
2011-12-18 14:10:54 +01:00
|
|
|
BuildRequires: Mesa-devel
|
2017-09-28 10:27:23 +02:00
|
|
|
BuildRequires: alsa-devel
|
2011-12-18 14:10:54 +01:00
|
|
|
BuildRequires: autoconf213
|
|
|
|
BuildRequires: dbus-1-glib-devel
|
2019-07-02 22:43:20 +02:00
|
|
|
BuildRequires: dejavu-fonts
|
2011-12-18 14:10:54 +01:00
|
|
|
BuildRequires: fdupes
|
2020-09-17 14:12:41 +02:00
|
|
|
BuildRequires: memory-constraints
|
2023-08-29 14:55:43 +02:00
|
|
|
%if 0%{?suse_version} < 1550 && 0%{?sle_version} <= 150600
|
2024-04-29 20:30:27 +02:00
|
|
|
BuildRequires: gcc13
|
|
|
|
BuildRequires: gcc13-c++
|
2017-09-05 12:10:37 +02:00
|
|
|
%else
|
2011-12-18 14:10:54 +01:00
|
|
|
BuildRequires: gcc-c++
|
2017-09-05 12:10:37 +02:00
|
|
|
%endif
|
2024-04-23 08:12:35 +02:00
|
|
|
BuildRequires: cargo1.76
|
|
|
|
BuildRequires: rust1.76
|
2021-03-27 15:02:10 +01:00
|
|
|
%if 0%{useccache} != 0
|
2020-08-14 00:06:03 +02:00
|
|
|
BuildRequires: ccache
|
2021-03-27 15:02:10 +01:00
|
|
|
%endif
|
2015-12-29 21:30:21 +01:00
|
|
|
BuildRequires: libXcomposite-devel
|
2011-12-18 14:10:54 +01:00
|
|
|
BuildRequires: libcurl-devel
|
2015-01-14 19:32:16 +01:00
|
|
|
BuildRequires: libiw-devel
|
|
|
|
BuildRequires: libproxy-devel
|
2014-04-27 18:09:32 +02:00
|
|
|
BuildRequires: makeinfo
|
2022-10-18 22:10:44 +02:00
|
|
|
BuildRequires: mozilla-nspr-devel >= 4.35
|
2024-05-21 10:22:00 +02:00
|
|
|
BuildRequires: mozilla-nss-devel >= 3.100
|
- Mozilla Firefox 76.0
* Lockwise improvements
* Improvements in Picture-in-Picture feature
* Support Audio Worklets
MFSA-2020-16 (bsc#1171186)
* CVE-2020-12387 (bmo#1545345)
Use-after-free during worker shutdown
* CVE-2020-12388 (bmo#1618911)
Sandbox escape with improperly guarded Access Tokens
* CVE-2020-12389 (bmo#1554110)
Sandbox escape with improperly separated process types
* CVE-2020-6831 (bmo#1632241)
Buffer overflow in SCTP chunk input validation
* CVE-2020-12390 (bmo#1141959)
Incorrect serialization of nsIPrincipal.origin for IPv6 addresses
* CVE-2020-12391 (bmo#1457100)
Content-Security-Policy bypass using object elements
* CVE-2020-12392 (bmo#1614468)
Arbitrary local file access with 'Copy as cURL'
* CVE-2020-12393 (bmo#1615471)
Devtools' 'Copy as cURL' feature did not fully escape
website-controlled data, potentially leading to command injection
* CVE-2020-12394 (bmo#1628288)
URL spoofing in location bar when unfocussed
* CVE-2020-12395 (bmo#1595886, bmo#1611482, bmo#1614704, bmo#1624098,
bmo#1625749, bmo#1626382, bmo#1628076, bmo#1631508)
Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8
* CVE-2020-12396 (bmo#1339601, bmo#1611938, bmo#1620488,
bmo#1622291, bmo#1627644)
Memory safety bugs fixed in Firefox 76
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=825
2020-05-05 21:25:39 +02:00
|
|
|
BuildRequires: nasm >= 2.14
|
2023-07-05 23:06:07 +02:00
|
|
|
BuildRequires: nodejs >= 12.22.12
|
2020-06-30 13:39:58 +02:00
|
|
|
%if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000
|
2023-06-10 17:11:56 +02:00
|
|
|
BuildRequires: libXtst-devel
|
2020-06-30 13:39:58 +02:00
|
|
|
BuildRequires: python-libxml2
|
2023-06-10 17:11:56 +02:00
|
|
|
BuildRequires: python39
|
|
|
|
BuildRequires: python39-curses
|
|
|
|
BuildRequires: python39-devel
|
2020-06-30 13:39:58 +02:00
|
|
|
%else
|
2023-08-29 14:55:43 +02:00
|
|
|
%if 0%{?sle_version} >= 150000 && 0%{?sle_version} <= 150600
|
2023-04-11 23:09:55 +02:00
|
|
|
BuildRequires: python39
|
|
|
|
BuildRequires: python39-curses
|
|
|
|
BuildRequires: python39-devel
|
|
|
|
%else
|
|
|
|
BuildRequires: python3 >= 3.7
|
- Mozilla Firefox 108.0
https://www.mozilla.org/en-US/firefox/108.0/releasenotes/
MFSA 2022-51 (bsc#1206242)
* CVE-2022-46871 (bmo#1795697)
libusrsctp library out of date
* CVE-2022-46872 (bmo#1799156)
Arbitrary file read from a compromised content process
* CVE-2022-46873 (bmo#1644790)
Firefox did not implement the CSP directive unsafe-hashes
* CVE-2022-46874 (bmo#1746139)
Drag and Dropped Filenames could have been truncated to
malicious extensions
* CVE-2022-46875 (bmo#1786188)
Download Protections were bypassed by .atloc and .ftploc
files on Mac OS
* CVE-2022-46877 (bmo#1795139)
Fullscreen notification bypass
* CVE-2022-46878 (bmo#1782219, bmo#1797370, bmo#1797685,
bmo#1801102, bmo#1801315, bmo#1802395)
Memory safety bugs fixed in Firefox 108 and Firefox ESR 102.6
* CVE-2022-46879 (bmo#1736224, bmo#1793407, bmo#1794249, bmo#1795845,
bmo#1797682, bmo#1797720, bmo#1798494, bmo#1799479)
Memory safety bugs fixed in Firefox 108
- requires
NSS >= 3.85
rustc/cargo 1.65
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1024
2022-12-13 22:48:56 +01:00
|
|
|
BuildRequires: python3-curses
|
2020-10-01 22:03:49 +02:00
|
|
|
BuildRequires: python3-devel
|
2020-06-30 13:39:58 +02:00
|
|
|
%endif
|
2023-04-11 23:09:55 +02:00
|
|
|
%endif
|
2024-03-22 17:21:08 +01:00
|
|
|
BuildRequires: rust-cbindgen >= 0.26
|
2011-12-18 14:10:54 +01:00
|
|
|
BuildRequires: unzip
|
|
|
|
BuildRequires: update-desktop-files
|
2012-03-01 10:09:12 +01:00
|
|
|
BuildRequires: xorg-x11-libXt-devel
|
2019-09-25 13:38:27 +02:00
|
|
|
%if 0%{?do_profiling}
|
2019-07-02 22:43:20 +02:00
|
|
|
BuildRequires: xvfb-run
|
2019-09-25 13:38:27 +02:00
|
|
|
%endif
|
2011-12-18 14:10:54 +01:00
|
|
|
BuildRequires: yasm
|
|
|
|
BuildRequires: zip
|
2018-06-25 22:56:47 +02:00
|
|
|
%if 0%{?suse_version} < 1550
|
2019-07-09 23:21:11 +02:00
|
|
|
BuildRequires: pkgconfig(gconf-2.0) >= 1.2.1
|
2018-06-25 22:56:47 +02:00
|
|
|
%endif
|
2020-06-30 13:39:58 +02:00
|
|
|
%if (0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000)
|
|
|
|
BuildRequires: clang6-devel
|
|
|
|
%else
|
2020-06-02 16:55:49 +02:00
|
|
|
BuildRequires: clang-devel >= 5
|
2020-06-30 13:39:58 +02:00
|
|
|
%endif
|
2017-10-01 23:08:36 +02:00
|
|
|
BuildRequires: pkgconfig(glib-2.0) >= 2.22
|
2016-04-12 23:13:00 +02:00
|
|
|
BuildRequires: pkgconfig(gobject-2.0)
|
2020-06-30 13:39:58 +02:00
|
|
|
BuildRequires: pkgconfig(gtk+-3.0) >= 3.14.0
|
2016-04-12 23:13:00 +02:00
|
|
|
BuildRequires: pkgconfig(gtk+-unix-print-3.0)
|
2017-09-05 12:10:37 +02:00
|
|
|
BuildRequires: pkgconfig(libffi)
|
|
|
|
BuildRequires: pkgconfig(libpulse)
|
2020-06-30 13:39:58 +02:00
|
|
|
%if %{with_pipewire0_3}
|
|
|
|
BuildRequires: pkgconfig(libpipewire-0.3)
|
|
|
|
%endif
|
- update to Firefox 47.0 (boo#983549)
* Enable VP9 video codec for users with fast machines
* Embedded YouTube videos now play with HTML5 video if Flash is
not installed
* View and search open tabs from your smartphone or another
computer in a sidebar
* Allow no-cache on back/forward navigations for https resources
security fixes:
* MFSA 2016-49/CVE-2016-2815/CVE-2016-2818
(boo#983638)
(bmo#1241896, bmo#1242798, bmo#1243466, bmo#1245743,
bmo#1264300, bmo#1271037, bmo#1234147, bmo#1256493,
bmo#1256739, bmo#1256968, bmo#1261230, bmo#1261752,
bmo#1263384, bmo#1264575, bmo#1265577, bmo#1267130,
bmo#1269729, bmo#1273202, bmo#1273701)
Miscellaneous memory safety hazards (rv:47.0 / rv:45.2)
* MFSA 2016-50/CVE-2016-2819 (boo#983655) (bmo#1270381)
Buffer overflow parsing HTML5 fragments
* MFSA 2016-51/CVE-2016-2821 (bsc#983653) (bmo#1271460)
Use-after-free deleting tables from a contenteditable document
* MFSA 2016-52/CVE-2016-2822 (boo#983652) (bmo#1273129)
Addressbar spoofing though the SELECT element
* MFSA 2016-53/CVE-2016-2824 (boo#983651) (bmo#1248580)
Out-of-bounds write with WebGL shader
* MFSA 2016-54/CVE-2016-2825 (boo#983649) (bmo#1193093)
Partial same-origin-policy through setting location.host
through data URI
* MFSA 2016-56/CVE-2016-2828 (boo#983646) (bmo#1223810)
Use-after-free when textures are used in WebGL operations
after recycle pool destruction
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=518
2016-06-08 14:26:29 +02:00
|
|
|
# libavcodec is required for H.264 support but the
|
|
|
|
# openSUSE version is currently not able to play H.264
|
|
|
|
# therefore the Packman version is required
|
|
|
|
# minimum version of libavcodec is 53
|
2016-06-08 19:47:55 +02:00
|
|
|
Recommends: libavcodec-full >= 0.10.16
|
2012-02-01 14:37:15 +01:00
|
|
|
Version: %{mainver}
|
2011-12-18 14:10:54 +01:00
|
|
|
Release: 0
|
2015-01-14 19:32:16 +01:00
|
|
|
%if "%{name}" == "MozillaFirefox"
|
2011-01-28 18:09:26 +01:00
|
|
|
Provides: firefox = %{mainver}
|
2012-03-01 10:09:12 +01:00
|
|
|
Provides: firefox = %{version}-%{release}
|
2015-01-14 19:32:16 +01:00
|
|
|
%endif
|
2012-03-01 10:09:12 +01:00
|
|
|
Provides: web_browser
|
2015-10-16 12:49:41 +02:00
|
|
|
Provides: appdata()
|
|
|
|
Provides: appdata(firefox.appdata.xml)
|
2011-06-01 08:05:09 +02:00
|
|
|
# this is needed to match this package with the kde4 helper package without the main package
|
|
|
|
# having a hard requirement on the kde4 package
|
|
|
|
%define kde_helper_version 6
|
|
|
|
Provides: mozilla-kde4-version = %{kde_helper_version}
|
2015-01-14 19:32:16 +01:00
|
|
|
Summary: Mozilla %{appname} Web Browser
|
2012-07-16 10:13:51 +02:00
|
|
|
License: MPL-2.0
|
2007-01-08 12:23:18 +01:00
|
|
|
Group: Productivity/Networking/Web/Browsers
|
- Mozilla Firefox 71.0
* Improvements to Lockwise, our integrated password manager
* More information about Enhanced Tracking Protection in action
* Native MP3 decoding on Windows, Linux, and macOS
* Configuration page (about:config) reimplemented in HTML
* New kiosk mode functionality, which allows maximum screen space
for customer-facing displays
MFSA 2019-36
* CVE-2019-11756 (bmo#1508776)
Use-after-free of SFTKSession object
* CVE-2019-17008 (bmo#1546331)
Use-after-free in worker destruction
* CVE-2019-13722 (bmo#1580156) (Windows only)
Stack corruption due to incorrect number of arguments in WebRTC code
* CVE-2019-17014 (bmo#1322864)
Dragging and dropping a cross-origin resource, incorrectly loaded
as an image, could result in information disclosure
* CVE-2019-17010 (bmo#1581084)
Use-after-free when performing device orientation checks
* CVE-2019-17005 (bmo#1584170)
Buffer overflow in plain text serializer
* CVE-2019-17011 (bmo#1591334)
Use-after-free when retrieving a document in antitracking
* CVE-2019-17012 (bmo#1449736, bmo#1533957, bmo#1560667, bmo#1567209
bmo#1580288, bmo#1585760, bmo#1592502)
Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3
* CVE-2019-17013 (bmo#1298509, bmo#1472328, bmo#1577439, bmo#1577937
bmo#1580320, bmo#1584195, bmo#1585106, bmo#1586293, bmo#1593865
bmo#1594181)
Memory safety bugs fixed in Firefox 71
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=789
2019-12-09 08:58:52 +01:00
|
|
|
URL: http://www.mozilla.org/
|
2019-09-05 14:57:01 +02:00
|
|
|
%if !%{with only_print_mozconfig}
|
2019-10-13 18:07:47 +02:00
|
|
|
Source: http://ftp.mozilla.org/pub/%{srcname}/releases/%{version}%{orig_suffix}/source/%{srcname}-%{orig_version}%{orig_suffix}.source.tar.xz
|
2007-01-08 12:23:18 +01:00
|
|
|
Source1: MozillaFirefox.desktop
|
2010-11-30 15:35:52 +01:00
|
|
|
Source2: MozillaFirefox-rpmlintrc
|
2007-01-08 12:23:18 +01:00
|
|
|
Source3: mozilla.sh.in
|
2019-07-09 23:21:11 +02:00
|
|
|
Source4: tar_stamps
|
2022-06-29 09:44:18 +02:00
|
|
|
%if %{localize}
|
2018-06-25 22:56:47 +02:00
|
|
|
Source7: l10n-%{orig_version}%{orig_suffix}.tar.xz
|
2022-06-29 09:44:18 +02:00
|
|
|
%endif
|
2008-03-26 16:01:54 +01:00
|
|
|
Source8: firefox-mimeinfo.xml
|
2012-10-09 13:14:08 +02:00
|
|
|
Source9: firefox.js
|
2010-11-30 15:35:52 +01:00
|
|
|
Source11: firefox.1
|
2011-01-28 18:09:26 +01:00
|
|
|
Source12: mozilla-get-app-id
|
2014-10-25 10:51:04 +02:00
|
|
|
Source13: spellcheck.js
|
2023-03-15 09:38:02 +01:00
|
|
|
Source14: https://github.com/openSUSE/firefox-scripts/raw/9b77cf0/create-tar.sh
|
2014-10-13 20:00:43 +02:00
|
|
|
Source15: firefox-appdata.xml
|
2019-10-13 18:07:47 +02:00
|
|
|
Source16: %{name}.changes
|
2020-11-21 09:10:39 +01:00
|
|
|
Source17: firefox-search-provider.ini
|
2017-09-05 12:10:37 +02:00
|
|
|
# Set up API keys, see http://www.chromium.org/developers/how-tos/api-keys
|
|
|
|
# Note: these are for the openSUSE Firefox builds ONLY. For your own distribution,
|
|
|
|
# please get your own set of keys.
|
2017-04-28 23:32:26 +02:00
|
|
|
Source18: mozilla-api-key
|
2017-09-05 12:10:37 +02:00
|
|
|
Source19: google-api-key
|
2019-10-13 18:07:47 +02:00
|
|
|
Source20: https://ftp.mozilla.org/pub/%{srcname}/releases/%{version}%{orig_suffix}/source/%{srcname}-%{orig_version}%{orig_suffix}.source.tar.xz.asc
|
|
|
|
Source21: https://ftp.mozilla.org/pub/%{srcname}/releases/%{version}%{orig_suffix}/KEY#/mozilla.keyring
|
2011-06-01 08:05:09 +02:00
|
|
|
# Gecko/Toolkit
|
2015-11-03 16:49:03 +01:00
|
|
|
Patch1: mozilla-nongnome-proxies.patch
|
2023-10-14 14:01:14 +02:00
|
|
|
Patch2: mozilla-kde.patch
|
2017-11-15 00:17:59 +01:00
|
|
|
Patch3: mozilla-ntlm-full-path.patch
|
- Mozilla Firefox 71.0
* Improvements to Lockwise, our integrated password manager
* More information about Enhanced Tracking Protection in action
* Native MP3 decoding on Windows, Linux, and macOS
* Configuration page (about:config) reimplemented in HTML
* New kiosk mode functionality, which allows maximum screen space
for customer-facing displays
MFSA 2019-36
* CVE-2019-11756 (bmo#1508776)
Use-after-free of SFTKSession object
* CVE-2019-17008 (bmo#1546331)
Use-after-free in worker destruction
* CVE-2019-13722 (bmo#1580156) (Windows only)
Stack corruption due to incorrect number of arguments in WebRTC code
* CVE-2019-17014 (bmo#1322864)
Dragging and dropping a cross-origin resource, incorrectly loaded
as an image, could result in information disclosure
* CVE-2019-17010 (bmo#1581084)
Use-after-free when performing device orientation checks
* CVE-2019-17005 (bmo#1584170)
Buffer overflow in plain text serializer
* CVE-2019-17011 (bmo#1591334)
Use-after-free when retrieving a document in antitracking
* CVE-2019-17012 (bmo#1449736, bmo#1533957, bmo#1560667, bmo#1567209
bmo#1580288, bmo#1585760, bmo#1592502)
Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3
* CVE-2019-17013 (bmo#1298509, bmo#1472328, bmo#1577439, bmo#1577937
bmo#1580320, bmo#1584195, bmo#1585106, bmo#1586293, bmo#1593865
bmo#1594181)
Memory safety bugs fixed in Firefox 71
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=789
2019-12-09 08:58:52 +01:00
|
|
|
Patch4: mozilla-aarch64-startup-crash.patch
|
2022-01-11 23:06:33 +01:00
|
|
|
Patch5: mozilla-fix-aarch64-libopus.patch
|
|
|
|
Patch6: mozilla-s390-context.patch
|
|
|
|
Patch7: mozilla-pgo.patch
|
|
|
|
Patch8: mozilla-reduce-rust-debuginfo.patch
|
- Mozilla Firefox 113.0
* https://www.mozilla.org/en-US/firefox/113.0/releasenotes
MFSA 2023-16 (bsc#1211175)
* CVE-2023-32205 (bmo#1753339, bmo#1753341)
Browser prompts could have been obscured by popups
* CVE-2023-32206 (bmo#1824892)
Crash in RLBox Expat driver
* CVE-2023-32207 (bmo#1826116)
Potential permissions request bypass via clickjacking
* CVE-2023-32208 (bmo#1646034)
Leak of script base URL in service workers via import()
* CVE-2023-32209 (bmo#1767194)
Persistent DoS via favicon image
* CVE-2023-32210 (bmo#1776755)
Incorrect principal object ordering
* CVE-2023-32211 (bmo#1823379)
Content process crash due to invalid wasm code
* CVE-2023-32212 (bmo#1826622)
Potential spoof due to obscured address bar
* CVE-2023-32213 (bmo#1826666)
Potential memory corruption in FileReader::DoReadData()
* MFSA-TMP-2023-0002 (bmo#1814560, bmo#1814790, bmo#1819796)
Race condition in dav1d decoding
* CVE-2023-32214 (bmo#1828716)
Potential DoS via exposed protocol handlers
* CVE-2023-32215 (bmo#1540883, bmo#1751943, bmo#1814856, bmo#1820210,
bmo#1821480, bmo#1827019, bmo#1827024, bmo#1827144, bmo#1827359,
bmo#1830186)
Memory safety bugs fixed in Firefox 113 and Firefox ESR 102.11
* CVE-2023-32216 (bmo#1746479, bmo#1806852, bmo#1815987,
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1059
2023-05-10 08:26:50 +02:00
|
|
|
Patch10: mozilla-bmo1504834-part1.patch
|
|
|
|
Patch11: mozilla-bmo1504834-part3.patch
|
|
|
|
Patch12: mozilla-bmo1512162.patch
|
|
|
|
Patch14: mozilla-bmo849632.patch
|
|
|
|
Patch15: mozilla-bmo998749.patch
|
|
|
|
Patch17: mozilla-libavcodec58_91.patch
|
|
|
|
Patch18: mozilla-silence-no-return-type.patch
|
|
|
|
Patch19: mozilla-bmo531915.patch
|
|
|
|
Patch20: one_swizzle_to_rule_them_all.patch
|
|
|
|
Patch21: svg-rendering.patch
|
2023-07-05 23:06:07 +02:00
|
|
|
Patch22: mozilla-partial-revert-1768632.patch
|
2023-08-04 19:04:22 +02:00
|
|
|
Patch23: mozilla-rust-disable-future-incompat.patch
|
2023-09-23 09:28:40 +02:00
|
|
|
Patch24: mozilla-bmo1822730.patch
|
2024-05-29 09:11:01 +02:00
|
|
|
Patch25: mozilla-bmo1886378.patch
|
2011-06-01 08:05:09 +02:00
|
|
|
# Firefox/browser
|
2023-10-14 14:01:14 +02:00
|
|
|
Patch101: firefox-kde.patch
|
2018-03-13 20:46:06 +01:00
|
|
|
Patch102: firefox-branded-icons.patch
|
2020-09-22 16:04:54 +02:00
|
|
|
%endif
|
2007-01-08 12:23:18 +01:00
|
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
2021-02-24 12:49:39 +01:00
|
|
|
Requires(post): coreutils shared-mime-info desktop-file-utils
|
2024-01-31 18:28:29 +01:00
|
|
|
Requires(postun): shared-mime-info desktop-file-utils
|
2019-10-13 18:07:47 +02:00
|
|
|
Requires: %{name}-branding >= 68
|
2020-08-14 00:06:03 +02:00
|
|
|
%requires_ge mozilla-nspr
|
|
|
|
%requires_ge mozilla-nss
|
|
|
|
%requires_ge libfreetype6
|
2012-04-20 21:18:58 +02:00
|
|
|
Recommends: libcanberra0
|
2014-03-18 20:44:32 +01:00
|
|
|
Recommends: libpulse0
|
2024-01-31 18:28:29 +01:00
|
|
|
# To make security-keys (e.g. Yubikey) work with FF, it needs the udev-rules installed.
|
|
|
|
# A clean package with the most common rules exists only in SP3 onwards. `u2f-hosts` could be used on older
|
|
|
|
# code streams, but it contains more than just the rules, so we're not recommending it here.
|
|
|
|
%if 0%{?suse_version} >= 1600 || 0%{?sle_version} >= 150300
|
|
|
|
Recommends: libfido2-udev
|
|
|
|
%endif
|
2015-01-14 19:32:16 +01:00
|
|
|
# addon leads to startup crash (bnc#908892)
|
|
|
|
Obsoletes: tracker-miner-firefox < 0.15
|
2019-10-13 18:07:47 +02:00
|
|
|
%if 0%{?devpkg} == 0
|
|
|
|
Obsoletes: %{name}-devel < %{version}
|
|
|
|
%endif
|
2023-08-04 12:12:18 +02:00
|
|
|
ExcludeArch: armv6l armv6hl ppc ppc64
|
2007-01-08 12:23:18 +01:00
|
|
|
|
|
|
|
%description
|
2008-10-06 17:34:24 +02:00
|
|
|
Mozilla Firefox is a standalone web browser, designed for standards
|
|
|
|
compliance and performance. Its functionality can be enhanced via a
|
|
|
|
plethora of extensions.
|
2007-01-08 12:23:18 +01:00
|
|
|
|
2019-10-13 18:07:47 +02:00
|
|
|
%if 0%{?devpkg}
|
2011-01-28 18:09:26 +01:00
|
|
|
%package devel
|
2015-01-14 19:32:16 +01:00
|
|
|
Summary: Devel package for %{appname}
|
2011-01-28 18:09:26 +01:00
|
|
|
Group: Development/Tools/Other
|
|
|
|
Provides: firefox-devel = %{version}-%{release}
|
|
|
|
Requires: %{name} = %{version}
|
|
|
|
Requires: perl(Archive::Zip)
|
2012-03-01 10:09:12 +01:00
|
|
|
Requires: perl(XML::Simple)
|
2023-03-20 08:47:31 +01:00
|
|
|
BuildArch: noarch
|
2007-01-08 12:23:18 +01:00
|
|
|
|
2011-01-28 18:09:26 +01:00
|
|
|
%description devel
|
2015-01-14 19:32:16 +01:00
|
|
|
Development files for %{appname} to make packaging of addons easier.
|
2019-10-13 18:07:47 +02:00
|
|
|
%endif
|
2011-01-25 09:00:34 +01:00
|
|
|
|
2011-01-28 18:09:26 +01:00
|
|
|
%if %localize
|
2009-08-10 23:34:51 +02:00
|
|
|
%package translations-common
|
2015-01-14 19:32:16 +01:00
|
|
|
Summary: Common translations for %{appname}
|
2008-10-06 17:34:24 +02:00
|
|
|
Group: System/Localization
|
2019-07-09 23:21:11 +02:00
|
|
|
Provides: locale(%{name}:ar;ca;cs;da;de;el;en_GB;es_AR;es_CL;es_ES;fi;fr;hu;it;ja;ko;nb_NO;nl;pl;pt_BR;pt_PT;ru;sv_SE;zh_CN;zh_TW)
|
2020-06-30 13:39:58 +02:00
|
|
|
# This is there for updates from Firefox before the translations-package was split up into 2 packages
|
|
|
|
Provides: %{name}-translations
|
2010-01-08 01:32:43 +01:00
|
|
|
Requires: %{name} = %{version}
|
2009-08-10 23:34:51 +02:00
|
|
|
Obsoletes: %{name}-translations < %{version}-%{release}
|
2007-01-08 12:23:18 +01:00
|
|
|
|
2009-08-10 23:34:51 +02:00
|
|
|
%description translations-common
|
|
|
|
This package contains several common languages for the user interface
|
2015-01-14 19:32:16 +01:00
|
|
|
of %{appname}.
|
2009-08-10 23:34:51 +02:00
|
|
|
|
|
|
|
%package translations-other
|
2015-01-14 19:32:16 +01:00
|
|
|
Summary: Extra translations for %{appname}
|
2009-08-10 23:34:51 +02:00
|
|
|
Group: System/Localization
|
2019-10-03 10:42:59 +02:00
|
|
|
Provides: locale(%{name}:ach;af;an;ast;az;be;bg;bn;br;bs;cak;cy;dsb;en_CA;eo;es_MX;et;eu;fa;ff;fy_NL;ga_IE;gd;gl;gn;gu_IN;he;hi_IN;hr;hsb;hy_AM;ia;id;is;ka;kab;kk;km;kn;lij;lt;lv;mk;mr;ms;my;ne_NP;nn_NO;oc;pa_IN;rm;ro;si;sk;sl;son;sq;sr;ta;te;th;tr;uk;ur;uz;vi;xh)
|
2010-01-08 01:32:43 +01:00
|
|
|
Requires: %{name} = %{version}
|
2009-08-10 23:34:51 +02:00
|
|
|
Obsoletes: %{name}-translations < %{version}-%{release}
|
|
|
|
|
|
|
|
%description translations-other
|
|
|
|
This package contains rarely used languages for the user interface
|
2015-01-14 19:32:16 +01:00
|
|
|
of %{appname}.
|
2008-09-26 16:53:00 +02:00
|
|
|
%endif
|
|
|
|
|
2009-05-04 18:28:41 +02:00
|
|
|
%package branding-upstream
|
2015-01-14 19:32:16 +01:00
|
|
|
Summary: Upstream branding for %{appname}
|
2008-08-22 00:53:39 +02:00
|
|
|
Group: Productivity/Networking/Web/Browsers
|
2013-05-15 22:58:21 +02:00
|
|
|
Provides: %{name}-branding = %{version}
|
2009-05-04 18:28:41 +02:00
|
|
|
Conflicts: otherproviders(%{name}-branding)
|
|
|
|
Supplements: packageand(%{name}:branding-upstream)
|
2008-11-10 00:34:00 +01:00
|
|
|
#BRAND: Provide three files -
|
2008-10-06 17:34:24 +02:00
|
|
|
#BRAND: /usr/lib/firefox/browserconfig.properties that contains the
|
|
|
|
#BRAND: default homepage and some other default configuration options
|
|
|
|
#BRAND: /usr/lib/firefox/defaults/profile/bookmarks.html that contains
|
|
|
|
#BRAND: the list of default bookmarks
|
|
|
|
#BRAND: It's also possible to create a file
|
|
|
|
#BRAND: /usr/lib/firefox/defaults/preferences/firefox-$vendor.js to set
|
|
|
|
#BRAND: custom preference overrides.
|
2015-08-12 09:11:49 +02:00
|
|
|
#BRAND: It's also possible to drop files in /usr/lib/firefox/distribution/searchplugins/common/
|
2008-08-22 00:53:39 +02:00
|
|
|
|
2009-05-04 18:28:41 +02:00
|
|
|
%description branding-upstream
|
2015-01-14 19:32:16 +01:00
|
|
|
This package provides upstream look and feel for %{appname}.
|
2008-08-22 00:53:39 +02:00
|
|
|
|
2019-09-05 14:57:01 +02:00
|
|
|
%if !%{with only_print_mozconfig}
|
2007-01-08 12:23:18 +01:00
|
|
|
%prep
|
2014-03-18 20:44:32 +01:00
|
|
|
%if %localize
|
2019-07-09 23:21:11 +02:00
|
|
|
|
|
|
|
# If generated incorrectly, the tarball will be ~270B in
|
|
|
|
# size, so 1MB seems like good enough limit to check.
|
|
|
|
MINSIZE=1048576
|
2019-09-09 08:28:12 +02:00
|
|
|
if (( $(stat -Lc%s "%{SOURCE7}") < MINSIZE)); then
|
2019-07-09 23:21:11 +02:00
|
|
|
echo "Translations tarball %{SOURCE7} not generated properly."
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
- Mozilla Firefox 71.0
* Improvements to Lockwise, our integrated password manager
* More information about Enhanced Tracking Protection in action
* Native MP3 decoding on Windows, Linux, and macOS
* Configuration page (about:config) reimplemented in HTML
* New kiosk mode functionality, which allows maximum screen space
for customer-facing displays
MFSA 2019-36
* CVE-2019-11756 (bmo#1508776)
Use-after-free of SFTKSession object
* CVE-2019-17008 (bmo#1546331)
Use-after-free in worker destruction
* CVE-2019-13722 (bmo#1580156) (Windows only)
Stack corruption due to incorrect number of arguments in WebRTC code
* CVE-2019-17014 (bmo#1322864)
Dragging and dropping a cross-origin resource, incorrectly loaded
as an image, could result in information disclosure
* CVE-2019-17010 (bmo#1581084)
Use-after-free when performing device orientation checks
* CVE-2019-17005 (bmo#1584170)
Buffer overflow in plain text serializer
* CVE-2019-17011 (bmo#1591334)
Use-after-free when retrieving a document in antitracking
* CVE-2019-17012 (bmo#1449736, bmo#1533957, bmo#1560667, bmo#1567209
bmo#1580288, bmo#1585760, bmo#1592502)
Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3
* CVE-2019-17013 (bmo#1298509, bmo#1472328, bmo#1577439, bmo#1577937
bmo#1580320, bmo#1584195, bmo#1585106, bmo#1586293, bmo#1593865
bmo#1594181)
Memory safety bugs fixed in Firefox 71
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=789
2019-12-09 08:58:52 +01:00
|
|
|
%setup -q -n %{srcname}-%{orig_version} -b 7
|
2014-03-18 20:44:32 +01:00
|
|
|
%else
|
2019-10-13 18:07:47 +02:00
|
|
|
%setup -q -n %{srcname}-%{orig_version}
|
2014-03-18 20:44:32 +01:00
|
|
|
%endif
|
2019-10-13 18:07:47 +02:00
|
|
|
cd $RPM_BUILD_DIR/%{srcname}-%{orig_version}
|
2022-02-03 18:24:14 +01:00
|
|
|
%autopatch -p1
|
2020-09-22 16:04:54 +02:00
|
|
|
%endif
|
2007-01-08 12:23:18 +01:00
|
|
|
|
|
|
|
%build
|
2019-09-05 14:57:01 +02:00
|
|
|
%if !%{with only_print_mozconfig}
|
2011-06-01 08:05:09 +02:00
|
|
|
# no need to add build time to binaries
|
2021-09-07 21:29:05 +02:00
|
|
|
modified="$(sed -n '/^----/n;s/ - .*$//;p;q' "%{_sourcedir}/%{pkgname}.changes")"
|
2011-06-01 08:05:09 +02:00
|
|
|
DATE="\"$(date -d "${modified}" "+%%b %%e %%Y")\""
|
|
|
|
TIME="\"$(date -d "${modified}" "+%%R")\""
|
|
|
|
find . -regex ".*\.c\|.*\.cpp\|.*\.h" -exec sed -i "s/__DATE__/${DATE}/g;s/__TIME__/${TIME}/g" {} +
|
2020-06-30 13:39:58 +02:00
|
|
|
|
2023-06-10 17:11:56 +02:00
|
|
|
# SLE-12 provides python39, but that package does not provide a python3 binary
|
2020-06-30 13:39:58 +02:00
|
|
|
%if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000
|
2023-06-10 17:11:56 +02:00
|
|
|
#sed -i "s/python3/python3.9/g" configure.in
|
|
|
|
sed -i "s|/usr/bin/env python3|/usr/bin/env python3.9|" mach
|
|
|
|
sed -i "s|potential_python_binary = f\"python3.{i}\"|potential_python_binary = f\"python3.9.{i}\"|" mach
|
|
|
|
export PYTHON3=/usr/bin/python3.9
|
2020-06-30 13:39:58 +02:00
|
|
|
%endif
|
|
|
|
|
2023-10-14 14:04:21 +02:00
|
|
|
kdehelperversion=$(cat toolkit/xre/nsKDEUtils.cpp | grep '#define KMOZILLAHELPER_VERSION' | cut -d ' ' -f 3)
|
|
|
|
if test "$kdehelperversion" != %{kde_helper_version}; then
|
|
|
|
echo fix kde helper version in the .spec file
|
|
|
|
exit 1
|
|
|
|
fi
|
2023-07-05 23:06:07 +02:00
|
|
|
|
2022-06-29 09:44:18 +02:00
|
|
|
# When doing only_print_mozconfig, this file isn't necessarily available, so skip it
|
|
|
|
cp %{SOURCE4} .obsenv.sh
|
|
|
|
%else
|
|
|
|
# We need to make sure its empty
|
|
|
|
echo "" > .obsenv.sh
|
2020-09-22 16:04:54 +02:00
|
|
|
%endif
|
2020-06-30 13:39:58 +02:00
|
|
|
|
2022-06-29 09:44:18 +02:00
|
|
|
cat >> .obsenv.sh <<EOF
|
2019-10-25 11:13:30 +02:00
|
|
|
export CARGO_HOME=${RPM_BUILD_DIR}/%{srcname}-%{orig_version}/.cargo
|
2022-10-20 23:12:10 +02:00
|
|
|
export MOZ_SOURCE_CHANGESET=\$RELEASE_TAG
|
|
|
|
export SOURCE_REPO=\$RELEASE_REPO
|
|
|
|
export source_repo=\$RELEASE_REPO
|
|
|
|
export MOZ_SOURCE_REPO=\$RELEASE_REPO
|
|
|
|
export MOZ_BUILD_DATE=\$RELEASE_TIMESTAMP
|
2007-01-08 12:23:18 +01:00
|
|
|
export MOZILLA_OFFICIAL=1
|
|
|
|
export BUILD_OFFICIAL=1
|
2011-11-09 13:04:11 +01:00
|
|
|
export MOZ_TELEMETRY_REPORTING=1
|
- Mozilla Firefox 108.0
https://www.mozilla.org/en-US/firefox/108.0/releasenotes/
MFSA 2022-51 (bsc#1206242)
* CVE-2022-46871 (bmo#1795697)
libusrsctp library out of date
* CVE-2022-46872 (bmo#1799156)
Arbitrary file read from a compromised content process
* CVE-2022-46873 (bmo#1644790)
Firefox did not implement the CSP directive unsafe-hashes
* CVE-2022-46874 (bmo#1746139)
Drag and Dropped Filenames could have been truncated to
malicious extensions
* CVE-2022-46875 (bmo#1786188)
Download Protections were bypassed by .atloc and .ftploc
files on Mac OS
* CVE-2022-46877 (bmo#1795139)
Fullscreen notification bypass
* CVE-2022-46878 (bmo#1782219, bmo#1797370, bmo#1797685,
bmo#1801102, bmo#1801315, bmo#1802395)
Memory safety bugs fixed in Firefox 108 and Firefox ESR 102.6
* CVE-2022-46879 (bmo#1736224, bmo#1793407, bmo#1794249, bmo#1795845,
bmo#1797682, bmo#1797720, bmo#1798494, bmo#1799479)
Memory safety bugs fixed in Firefox 108
- requires
NSS >= 3.85
rustc/cargo 1.65
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=1024
2022-12-13 22:48:56 +01:00
|
|
|
export MACH_BUILD_PYTHON_NATIVE_PACKAGE_SOURCE=system
|
2022-10-20 23:12:10 +02:00
|
|
|
export CFLAGS="%{optflags}"
|
2023-08-29 14:55:43 +02:00
|
|
|
%if 0%{?suse_version} < 1550 && 0%{?sle_version} <= 150600
|
2024-04-29 20:30:27 +02:00
|
|
|
export CC=gcc-13
|
|
|
|
export CXX=g++-13
|
2018-12-13 13:15:35 +01:00
|
|
|
%else
|
|
|
|
%if 0%{?clang_build} == 0
|
|
|
|
export CC=gcc
|
|
|
|
export CXX=g++
|
|
|
|
%endif
|
2017-09-05 12:10:37 +02:00
|
|
|
%endif
|
2014-12-02 23:01:52 +01:00
|
|
|
%ifarch %arm %ix86
|
2023-08-15 23:01:22 +02:00
|
|
|
### NOTE: these sections are not required anymore. Alson --no-keep-memory + -Wl,-z,pack-relative-relocs causes
|
|
|
|
### ld to go OOM (https://sourceware.org/bugzilla/show_bug.cgi?id=30756)
|
2014-11-06 21:54:53 +01:00
|
|
|
# Limit RAM usage during link
|
2023-08-15 23:01:22 +02:00
|
|
|
# export LDFLAGS="\$LDFLAGS -Wl,--no-keep-memory -Wl,--reduce-memory-overheads -Wl,--no-map-whole-files -Wl,--hash-size=31"
|
|
|
|
#
|
2022-02-08 09:38:01 +01:00
|
|
|
# A lie to prevent -Wl,--gc-sections being set which requires more memory than 32bit can offer
|
2023-08-15 23:01:22 +02:00
|
|
|
#export GC_SECTIONS_BREAKS_DEBUG_RANGES=yes
|
2013-03-14 10:58:43 +01:00
|
|
|
%endif
|
2022-10-20 23:12:10 +02:00
|
|
|
export LDFLAGS="\$LDFLAGS -fPIC -Wl,-z,relro,-z,now"
|
2014-01-02 21:02:50 +01:00
|
|
|
%ifarch ppc64 ppc64le
|
2018-12-13 13:15:35 +01:00
|
|
|
%endif
|
2023-05-08 07:59:59 +02:00
|
|
|
%ifarch %ix86
|
2023-08-15 23:01:22 +02:00
|
|
|
# Not enough memory on 32-bit systems, reduce debug info.
|
|
|
|
export CFLAGS="\$CFLAGS -g1"
|
2023-05-08 07:59:59 +02:00
|
|
|
%endif
|
2022-10-20 23:12:10 +02:00
|
|
|
export CXXFLAGS="\$CFLAGS"
|
2007-01-08 12:23:18 +01:00
|
|
|
export MOZCONFIG=$RPM_BUILD_DIR/mozconfig
|
2022-06-29 09:44:18 +02:00
|
|
|
EOF
|
|
|
|
# Done with env-variables.
|
|
|
|
source ./.obsenv.sh
|
|
|
|
|
2023-08-03 06:42:17 +02:00
|
|
|
%ifarch aarch64 %arm ppc64 ppc64le riscv64
|
2022-09-09 11:09:55 +02:00
|
|
|
%limit_build -m 2500
|
2022-07-27 09:10:26 +02:00
|
|
|
%endif
|
|
|
|
|
2022-06-29 09:44:18 +02:00
|
|
|
# Generating mozconfig
|
2007-01-08 12:23:18 +01:00
|
|
|
cat << EOF > $MOZCONFIG
|
|
|
|
mk_add_options MOZILLA_OFFICIAL=1
|
|
|
|
mk_add_options BUILD_OFFICIAL=1
|
|
|
|
mk_add_options MOZ_MAKE_FLAGS=%{?jobs:-j%jobs}
|
2010-11-30 15:35:52 +01:00
|
|
|
mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/../obj
|
2007-01-08 12:23:18 +01:00
|
|
|
. \$topsrcdir/browser/config/mozconfig
|
- Mozilla Firefox 90.0
MFSA 2021-28 (bsc#1188275)
* CVE-2021-29970 (bmo#1709976)
Use-after-free in accessibility features of a document
* CVE-2021-29971 (bmo#1713638)
Granted permissions only compared host; omitting scheme and
port on Android
* CVE-2021-30547 (bmo#1715766)
Out of bounds write in ANGLE
* CVE-2021-29972 (bmo#1696816)
Use of out-of-date library included use-after-free
vulnerability
* CVE-2021-29973 (bmo#1701932)
Password autofill on HTTP websites was enabled without user
interaction on Android
* CVE-2021-29974 (bmo#1704843)
HSTS errors could be overridden when network partitioning was
enabled
* CVE-2021-29975 (bmo#1713259)
Text message could be overlaid on top of another website
* CVE-2021-29976 (bmo#1700895, bmo#1703334, bmo#1706910,
bmo#1711576, bmo#1714391)
Memory safety bugs fixed in Firefox 90 and Firefox ESR 78.12
* CVE-2021-29977 (bmo#1665836, bmo#1686138, bmo#1704316,
bmo#1706314, bmo#1709931, bmo#1712084, bmo#1712357,
bmo#1714066)
Memory safety bugs fixed in Firefox 90
- requires
NSPR 4.31
NSS 3.66
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=922
2021-07-15 23:12:05 +02:00
|
|
|
ac_add_options --disable-bootstrap
|
2007-01-08 12:23:18 +01:00
|
|
|
ac_add_options --prefix=%{_prefix}
|
2016-08-18 08:59:29 +02:00
|
|
|
ac_add_options --libdir=%{_libdir}
|
|
|
|
ac_add_options --includedir=%{_includedir}
|
2014-09-22 18:35:40 +02:00
|
|
|
ac_add_options --enable-release
|
2021-04-20 09:57:25 +02:00
|
|
|
%if 0%{wayland_supported}
|
- Mozilla Firefox 73.0
* Added support for setting a default zoom level applicable for all
web content
* High-contrast mode has been updated to allow background images
* Improved audio quality when playing back audio at a faster or
slower speed
* Added NextDNS as alternative option for DNS over HTTPS
MFSA 2020-05 (bsc#1163368)
* CVE-2020-6796 (bmo#1610426)
Missing bounds check on shared memory read in the parent process
* CVE-2020-6797 (bmo#1596668) (MacOS X only)
Extensions granted downloads.open permission could open arbitrary
applications on Mac OSX
* CVE-2020-6798 (bmo#1602944)
Incorrect parsing of template tag could result in JavaScript injection
* CVE-2020-6799 (bmo#1606596) (Windows only)
Arbitrary code execution when opening pdf links from other
applications, when Firefox is configured as default pdf reader
* CVE-2020-6800 (bmo#1595786,bmo#1596706,bmo#1598543,bmo#1604851,
bmo#1608580,bmo#1608785,bmo#1605777)
Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5
* CVE-2020-6801 (bmo#1601024,bmo#1601712,bmo#1604836,bmo#1606492)
Memory safety bugs fixed in Firefox 73
- updated requirements
* rust >= 1.39
* NSS >= 3.49.2
* rust-cbindgen >= 0.12.0
- rebased patches
- removed obsolete patch
* mozilla-bmo1601707.patch
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=802
2020-02-12 15:14:39 +01:00
|
|
|
ac_add_options --enable-default-toolkit=cairo-gtk3-wayland
|
2021-04-20 09:57:25 +02:00
|
|
|
%else
|
|
|
|
ac_add_options --enable-default-toolkit=cairo-gtk3
|
2018-06-25 22:56:47 +02:00
|
|
|
%endif
|
2018-09-24 22:59:09 +02:00
|
|
|
# bmo#1441155 - Disable the generation of Rust debug symbols on Linux32
|
2018-11-26 11:42:10 +01:00
|
|
|
%ifarch %ix86 %arm
|
2018-09-24 22:59:09 +02:00
|
|
|
ac_add_options --disable-debug-symbols
|
2019-01-12 23:48:04 +01:00
|
|
|
%else
|
2023-08-07 09:24:23 +02:00
|
|
|
ac_add_options --enable-debug-symbols=-g0
|
2018-09-24 22:59:09 +02:00
|
|
|
%endif
|
2022-02-08 09:38:01 +01:00
|
|
|
ac_add_options --disable-install-strip
|
2023-08-11 16:20:02 +02:00
|
|
|
%ifarch %ix86 %arm
|
|
|
|
# OOM on 32-bit when ld passed -Wl,-z,pack-relative-relocs
|
2023-08-15 23:01:22 +02:00
|
|
|
# ac_add_options --enable-elf-hack
|
2018-11-12 12:49:28 +01:00
|
|
|
%endif
|
2008-03-26 16:01:54 +01:00
|
|
|
ac_add_options --with-system-nspr
|
|
|
|
ac_add_options --with-system-nss
|
2021-03-27 15:02:10 +01:00
|
|
|
%if 0%{useccache} != 0
|
2020-08-14 00:06:03 +02:00
|
|
|
ac_add_options --with-ccache
|
2021-03-27 15:02:10 +01:00
|
|
|
%endif
|
2014-03-18 20:44:32 +01:00
|
|
|
%if %{localize}
|
2010-11-30 15:35:52 +01:00
|
|
|
ac_add_options --with-l10n-base=$RPM_BUILD_DIR/l10n
|
2014-03-18 20:44:32 +01:00
|
|
|
%endif
|
2011-06-01 08:05:09 +02:00
|
|
|
#ac_add_options --with-system-jpeg # libjpeg-turbo is used internally
|
2008-03-26 16:01:54 +01:00
|
|
|
#ac_add_options --with-system-png # doesn't work because of missing APNG support
|
2007-01-08 12:23:18 +01:00
|
|
|
ac_add_options --with-system-zlib
|
2010-01-08 01:32:43 +01:00
|
|
|
ac_add_options --disable-updater
|
2007-01-08 12:23:18 +01:00
|
|
|
ac_add_options --disable-tests
|
2017-03-09 13:31:02 +01:00
|
|
|
ac_add_options --enable-alsa
|
2007-01-08 12:23:18 +01:00
|
|
|
ac_add_options --disable-debug
|
2012-04-20 21:18:58 +02:00
|
|
|
ac_add_options --enable-update-channel=%{update_channel}
|
2017-04-28 23:32:26 +02:00
|
|
|
ac_add_options --with-mozilla-api-keyfile=%{SOURCE18}
|
2020-09-22 16:04:54 +02:00
|
|
|
# Google-service currently not available for free anymore
|
2023-03-20 08:47:31 +01:00
|
|
|
#ac_add_options --with-google-location-service-api-keyfile=%%{SOURCE19}
|
2019-03-19 23:01:55 +01:00
|
|
|
ac_add_options --with-google-safebrowsing-api-keyfile=%{SOURCE19}
|
2018-09-05 09:16:27 +02:00
|
|
|
ac_add_options --with-unsigned-addon-scopes=app
|
2020-07-12 19:40:52 +02:00
|
|
|
ac_add_options --allow-addon-sideload
|
2021-12-07 22:12:25 +01:00
|
|
|
# at least temporary until the "wasi-sysroot" issue is solved
|
|
|
|
ac_add_options --without-wasm-sandboxed-libraries
|
2022-02-03 18:24:14 +01:00
|
|
|
%ifarch x86_64 aarch64
|
|
|
|
ac_add_options --enable-rust-simd
|
|
|
|
%endif
|
2008-09-26 16:53:00 +02:00
|
|
|
%if %branding
|
2007-01-08 12:23:18 +01:00
|
|
|
ac_add_options --enable-official-branding
|
|
|
|
%endif
|
2011-06-01 08:05:09 +02:00
|
|
|
ac_add_options --enable-libproxy
|
|
|
|
%if ! %crashreporter
|
|
|
|
ac_add_options --disable-crashreporter
|
2011-01-03 17:59:30 +01:00
|
|
|
%endif
|
2012-02-01 14:37:15 +01:00
|
|
|
%ifarch %arm
|
2016-04-14 12:14:02 +02:00
|
|
|
ac_add_options --with-fpu=vfpv3-d16
|
|
|
|
ac_add_options --with-float-abi=hard
|
2018-05-07 10:31:01 +02:00
|
|
|
%ifarch armv6l armv6hl
|
|
|
|
ac_add_options --with-arch=armv6
|
|
|
|
%else
|
2016-04-14 12:14:02 +02:00
|
|
|
ac_add_options --with-arch=armv7-a
|
2013-04-06 21:20:40 +02:00
|
|
|
%endif
|
2018-05-07 10:31:01 +02:00
|
|
|
%endif
|
2019-08-20 09:58:20 +02:00
|
|
|
# mitigation/workaround for bmo#1512162
|
2019-09-25 14:13:22 +02:00
|
|
|
%ifarch s390x
|
2019-08-20 09:58:20 +02:00
|
|
|
ac_add_options --enable-optimize="-O1"
|
|
|
|
%endif
|
2019-02-11 12:41:34 +01:00
|
|
|
%ifarch x86_64
|
2019-02-13 08:10:01 +01:00
|
|
|
# LTO needs newer toolchain stack only (at least GCC 8.2.1 (r268506)
|
2021-10-27 17:31:17 +02:00
|
|
|
%if 0%{?suse_version} > 1500
|
2023-08-01 22:59:19 +02:00
|
|
|
ac_add_options --enable-lto
|
2019-09-25 14:32:05 +02:00
|
|
|
%if 0%{?do_profiling}
|
2021-06-05 13:13:48 +02:00
|
|
|
ac_add_options MOZ_PGO=1
|
2019-02-11 12:41:34 +01:00
|
|
|
%endif
|
2019-02-13 08:10:01 +01:00
|
|
|
%endif
|
2019-09-25 10:59:57 +02:00
|
|
|
%endif
|
2014-03-18 20:44:32 +01:00
|
|
|
EOF
|
2022-06-29 09:44:18 +02:00
|
|
|
|
|
|
|
%if %{with only_print_mozconfig}
|
|
|
|
cat ./.obsenv.sh
|
|
|
|
cat $MOZCONFIG
|
|
|
|
%else
|
|
|
|
|
2021-03-27 15:02:10 +01:00
|
|
|
%if 0%{useccache} != 0
|
2020-08-25 20:18:25 +02:00
|
|
|
ccache -s
|
2021-03-27 15:02:10 +01:00
|
|
|
%endif
|
2019-09-25 13:38:27 +02:00
|
|
|
%if 0%{?do_profiling}
|
|
|
|
xvfb-run --server-args="-screen 0 1920x1080x24" \
|
|
|
|
%endif
|
|
|
|
./mach build -v
|
- Mozilla Firefox 71.0
* Improvements to Lockwise, our integrated password manager
* More information about Enhanced Tracking Protection in action
* Native MP3 decoding on Windows, Linux, and macOS
* Configuration page (about:config) reimplemented in HTML
* New kiosk mode functionality, which allows maximum screen space
for customer-facing displays
MFSA 2019-36
* CVE-2019-11756 (bmo#1508776)
Use-after-free of SFTKSession object
* CVE-2019-17008 (bmo#1546331)
Use-after-free in worker destruction
* CVE-2019-13722 (bmo#1580156) (Windows only)
Stack corruption due to incorrect number of arguments in WebRTC code
* CVE-2019-17014 (bmo#1322864)
Dragging and dropping a cross-origin resource, incorrectly loaded
as an image, could result in information disclosure
* CVE-2019-17010 (bmo#1581084)
Use-after-free when performing device orientation checks
* CVE-2019-17005 (bmo#1584170)
Buffer overflow in plain text serializer
* CVE-2019-17011 (bmo#1591334)
Use-after-free when retrieving a document in antitracking
* CVE-2019-17012 (bmo#1449736, bmo#1533957, bmo#1560667, bmo#1567209
bmo#1580288, bmo#1585760, bmo#1592502)
Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3
* CVE-2019-17013 (bmo#1298509, bmo#1472328, bmo#1577439, bmo#1577937
bmo#1580320, bmo#1584195, bmo#1585106, bmo#1586293, bmo#1593865
bmo#1594181)
Memory safety bugs fixed in Firefox 71
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=789
2019-12-09 08:58:52 +01:00
|
|
|
|
|
|
|
# build additional locales
|
|
|
|
%if %localize
|
|
|
|
truncate -s 0 %{_tmppath}/translations.{common,other}
|
2020-09-22 16:04:54 +02:00
|
|
|
# langpack-build can not be done in parallel easily (see https://bugzilla.mozilla.org/show_bug.cgi?id=1660943)
|
|
|
|
# Therefore, we have to have a separate obj-dir for each language
|
|
|
|
# We do this, by creating a mozconfig-template with the necessary switches
|
|
|
|
# and a placeholder obj-dir, which gets copied and modified for each language
|
|
|
|
|
|
|
|
# Create mozconfig-template for langbuild
|
|
|
|
cat << EOF > ${MOZCONFIG}_LANG
|
|
|
|
mk_add_options MOZILLA_OFFICIAL=1
|
|
|
|
mk_add_options BUILD_OFFICIAL=1
|
|
|
|
mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/../obj_LANG
|
|
|
|
. \$topsrcdir/browser/config/mozconfig
|
|
|
|
ac_add_options --prefix=%{_prefix}
|
|
|
|
ac_add_options --with-l10n-base=$RPM_BUILD_DIR/l10n
|
|
|
|
ac_add_options --disable-updater
|
2021-12-07 22:12:25 +01:00
|
|
|
ac_add_options --without-wasm-sandboxed-libraries
|
2020-09-22 16:04:54 +02:00
|
|
|
%if %branding
|
|
|
|
ac_add_options --enable-official-branding
|
|
|
|
%endif
|
|
|
|
EOF
|
|
|
|
|
2020-10-21 11:43:59 +02:00
|
|
|
%define njobs 0%{?jobs:%jobs}
|
2020-12-16 23:40:17 +01:00
|
|
|
mkdir -p $RPM_BUILD_DIR/langpacks_artifacts/
|
2020-08-25 20:18:25 +02:00
|
|
|
sed -r '/^(ja-JP-mac|ga-IE|en-US|)$/d;s/ .*$//' $RPM_BUILD_DIR/%{srcname}-%{orig_version}/browser/locales/shipped-locales \
|
2020-10-21 11:43:59 +02:00
|
|
|
| xargs -n 1 %{?njobs:-P %njobs} -I {} /bin/sh -c '
|
- Mozilla Firefox 71.0
* Improvements to Lockwise, our integrated password manager
* More information about Enhanced Tracking Protection in action
* Native MP3 decoding on Windows, Linux, and macOS
* Configuration page (about:config) reimplemented in HTML
* New kiosk mode functionality, which allows maximum screen space
for customer-facing displays
MFSA 2019-36
* CVE-2019-11756 (bmo#1508776)
Use-after-free of SFTKSession object
* CVE-2019-17008 (bmo#1546331)
Use-after-free in worker destruction
* CVE-2019-13722 (bmo#1580156) (Windows only)
Stack corruption due to incorrect number of arguments in WebRTC code
* CVE-2019-17014 (bmo#1322864)
Dragging and dropping a cross-origin resource, incorrectly loaded
as an image, could result in information disclosure
* CVE-2019-17010 (bmo#1581084)
Use-after-free when performing device orientation checks
* CVE-2019-17005 (bmo#1584170)
Buffer overflow in plain text serializer
* CVE-2019-17011 (bmo#1591334)
Use-after-free when retrieving a document in antitracking
* CVE-2019-17012 (bmo#1449736, bmo#1533957, bmo#1560667, bmo#1567209
bmo#1580288, bmo#1585760, bmo#1592502)
Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3
* CVE-2019-17013 (bmo#1298509, bmo#1472328, bmo#1577439, bmo#1577937
bmo#1580320, bmo#1584195, bmo#1585106, bmo#1586293, bmo#1593865
bmo#1594181)
Memory safety bugs fixed in Firefox 71
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=789
2019-12-09 08:58:52 +01:00
|
|
|
locale=$1
|
2020-09-22 16:04:54 +02:00
|
|
|
cp ${MOZCONFIG}_LANG ${MOZCONFIG}_$locale
|
|
|
|
sed -i "s|obj_LANG|obj_$locale|" ${MOZCONFIG}_$locale
|
|
|
|
export MOZCONFIG=${MOZCONFIG}_$locale
|
|
|
|
# nsinstall is needed for langpack-build. It is already built by `./mach build`, but building it again is very fast
|
|
|
|
./mach build config/nsinstall langpack-$locale
|
|
|
|
cp -L ../obj_$locale/dist/linux-*/xpi/firefox-%{orig_version}.$locale.langpack.xpi \
|
2020-12-16 23:40:17 +01:00
|
|
|
$RPM_BUILD_DIR/langpacks_artifacts/langpack-$locale@firefox.mozilla.org.xpi
|
- Mozilla Firefox 71.0
* Improvements to Lockwise, our integrated password manager
* More information about Enhanced Tracking Protection in action
* Native MP3 decoding on Windows, Linux, and macOS
* Configuration page (about:config) reimplemented in HTML
* New kiosk mode functionality, which allows maximum screen space
for customer-facing displays
MFSA 2019-36
* CVE-2019-11756 (bmo#1508776)
Use-after-free of SFTKSession object
* CVE-2019-17008 (bmo#1546331)
Use-after-free in worker destruction
* CVE-2019-13722 (bmo#1580156) (Windows only)
Stack corruption due to incorrect number of arguments in WebRTC code
* CVE-2019-17014 (bmo#1322864)
Dragging and dropping a cross-origin resource, incorrectly loaded
as an image, could result in information disclosure
* CVE-2019-17010 (bmo#1581084)
Use-after-free when performing device orientation checks
* CVE-2019-17005 (bmo#1584170)
Buffer overflow in plain text serializer
* CVE-2019-17011 (bmo#1591334)
Use-after-free when retrieving a document in antitracking
* CVE-2019-17012 (bmo#1449736, bmo#1533957, bmo#1560667, bmo#1567209
bmo#1580288, bmo#1585760, bmo#1592502)
Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3
* CVE-2019-17013 (bmo#1298509, bmo#1472328, bmo#1577439, bmo#1577937
bmo#1580320, bmo#1584195, bmo#1585106, bmo#1586293, bmo#1593865
bmo#1594181)
Memory safety bugs fixed in Firefox 71
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=789
2019-12-09 08:58:52 +01:00
|
|
|
# check against the fixed common list and sort into the right filelist
|
|
|
|
_matched=0
|
|
|
|
for _match in ar ca cs da de el en-GB es-AR es-CL es-ES fi fr hu it ja ko nb-NO nl pl pt-BR pt-PT ru sv-SE zh-CN zh-TW; do
|
|
|
|
[ "$_match" = "$locale" ] && _matched=1
|
|
|
|
done
|
|
|
|
[ $_matched -eq 1 ] && _l10ntarget=common || _l10ntarget=other
|
2020-07-12 19:40:52 +02:00
|
|
|
echo %{progdir}/browser/extensions/langpack-$locale@firefox.mozilla.org.xpi \
|
- Mozilla Firefox 71.0
* Improvements to Lockwise, our integrated password manager
* More information about Enhanced Tracking Protection in action
* Native MP3 decoding on Windows, Linux, and macOS
* Configuration page (about:config) reimplemented in HTML
* New kiosk mode functionality, which allows maximum screen space
for customer-facing displays
MFSA 2019-36
* CVE-2019-11756 (bmo#1508776)
Use-after-free of SFTKSession object
* CVE-2019-17008 (bmo#1546331)
Use-after-free in worker destruction
* CVE-2019-13722 (bmo#1580156) (Windows only)
Stack corruption due to incorrect number of arguments in WebRTC code
* CVE-2019-17014 (bmo#1322864)
Dragging and dropping a cross-origin resource, incorrectly loaded
as an image, could result in information disclosure
* CVE-2019-17010 (bmo#1581084)
Use-after-free when performing device orientation checks
* CVE-2019-17005 (bmo#1584170)
Buffer overflow in plain text serializer
* CVE-2019-17011 (bmo#1591334)
Use-after-free when retrieving a document in antitracking
* CVE-2019-17012 (bmo#1449736, bmo#1533957, bmo#1560667, bmo#1567209
bmo#1580288, bmo#1585760, bmo#1592502)
Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3
* CVE-2019-17013 (bmo#1298509, bmo#1472328, bmo#1577439, bmo#1577937
bmo#1580320, bmo#1584195, bmo#1585106, bmo#1586293, bmo#1593865
bmo#1594181)
Memory safety bugs fixed in Firefox 71
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=789
2019-12-09 08:58:52 +01:00
|
|
|
>> %{_tmppath}/translations.$_l10ntarget
|
|
|
|
' -- {}
|
|
|
|
%endif
|
|
|
|
|
2021-03-27 15:02:10 +01:00
|
|
|
%if 0%{useccache} != 0
|
2020-08-25 20:18:25 +02:00
|
|
|
ccache -s
|
2020-09-22 16:04:54 +02:00
|
|
|
%endif
|
2021-03-27 15:02:10 +01:00
|
|
|
%endif
|
2007-01-08 12:23:18 +01:00
|
|
|
|
|
|
|
%install
|
2010-11-30 15:35:52 +01:00
|
|
|
cd $RPM_BUILD_DIR/obj
|
- Mozilla Firefox 71.0
* Improvements to Lockwise, our integrated password manager
* More information about Enhanced Tracking Protection in action
* Native MP3 decoding on Windows, Linux, and macOS
* Configuration page (about:config) reimplemented in HTML
* New kiosk mode functionality, which allows maximum screen space
for customer-facing displays
MFSA 2019-36
* CVE-2019-11756 (bmo#1508776)
Use-after-free of SFTKSession object
* CVE-2019-17008 (bmo#1546331)
Use-after-free in worker destruction
* CVE-2019-13722 (bmo#1580156) (Windows only)
Stack corruption due to incorrect number of arguments in WebRTC code
* CVE-2019-17014 (bmo#1322864)
Dragging and dropping a cross-origin resource, incorrectly loaded
as an image, could result in information disclosure
* CVE-2019-17010 (bmo#1581084)
Use-after-free when performing device orientation checks
* CVE-2019-17005 (bmo#1584170)
Buffer overflow in plain text serializer
* CVE-2019-17011 (bmo#1591334)
Use-after-free when retrieving a document in antitracking
* CVE-2019-17012 (bmo#1449736, bmo#1533957, bmo#1560667, bmo#1567209
bmo#1580288, bmo#1585760, bmo#1592502)
Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3
* CVE-2019-17013 (bmo#1298509, bmo#1472328, bmo#1577439, bmo#1577937
bmo#1580320, bmo#1584195, bmo#1585106, bmo#1586293, bmo#1593865
bmo#1594181)
Memory safety bugs fixed in Firefox 71
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=789
2019-12-09 08:58:52 +01:00
|
|
|
source %{SOURCE4}
|
|
|
|
export MOZ_SOURCE_STAMP=$RELEASE_TAG
|
|
|
|
export MOZ_SOURCE_REPO=$RELEASE_REPO
|
2014-05-11 20:09:20 +02:00
|
|
|
# need to remove default en-US firefox-l10n.js before it gets
|
|
|
|
# populated into browser's omni.ja; it only contains general.useragent.locale
|
|
|
|
# which should be loaded from each language pack (set in firefox.js)
|
|
|
|
rm dist/bin/browser/defaults/preferences/firefox-l10n.js
|
2012-07-16 10:13:51 +02:00
|
|
|
make -C browser/installer STRIP=/bin/true MOZ_PKG_FATAL_WARNINGS=0
|
2012-04-20 21:18:58 +02:00
|
|
|
#DEBUG (break the build if searchplugins are missing / temporary)
|
2013-05-14 16:33:59 +02:00
|
|
|
grep amazondotcom dist/firefox/browser/omni.ja
|
2007-01-08 12:23:18 +01:00
|
|
|
# copy tree into RPM_BUILD_ROOT
|
2014-10-19 21:40:39 +02:00
|
|
|
mkdir -p %{buildroot}%{progdir}
|
2019-10-13 18:07:47 +02:00
|
|
|
cp -rf $RPM_BUILD_DIR/obj/dist/%{srcname}/* %{buildroot}%{progdir}
|
2020-12-16 23:40:17 +01:00
|
|
|
mkdir -p %{buildroot}%{progdir}/browser/extensions
|
|
|
|
cp -rf $RPM_BUILD_DIR/langpacks_artifacts/* %{buildroot}%{progdir}/browser/extensions/
|
2014-10-19 21:40:39 +02:00
|
|
|
mkdir -p %{buildroot}%{progdir}/distribution/extensions
|
|
|
|
mkdir -p %{buildroot}%{progdir}/browser/defaults/preferences/
|
2019-10-13 18:07:47 +02:00
|
|
|
# renaming executables (for regular vs. ESR)
|
|
|
|
%if "%{srcname}" != "%{progname}"
|
|
|
|
mv %{buildroot}%{progdir}/%{srcname} %{buildroot}%{progdir}/%{progname}
|
2019-10-25 11:13:30 +02:00
|
|
|
mv %{buildroot}%{progdir}/%{srcname}-bin %{buildroot}%{progdir}/%{progname}-bin
|
2019-10-13 18:07:47 +02:00
|
|
|
%endif
|
2014-10-25 10:51:04 +02:00
|
|
|
# install gre prefs
|
|
|
|
install -m 644 %{SOURCE13} %{buildroot}%{progdir}/defaults/pref/
|
|
|
|
# install browser prefs
|
2014-10-19 21:40:39 +02:00
|
|
|
install -m 644 %{SOURCE9} %{buildroot}%{progdir}/browser/defaults/preferences/firefox.js
|
- Mozilla Firefox 71.0
* Improvements to Lockwise, our integrated password manager
* More information about Enhanced Tracking Protection in action
* Native MP3 decoding on Windows, Linux, and macOS
* Configuration page (about:config) reimplemented in HTML
* New kiosk mode functionality, which allows maximum screen space
for customer-facing displays
MFSA 2019-36
* CVE-2019-11756 (bmo#1508776)
Use-after-free of SFTKSession object
* CVE-2019-17008 (bmo#1546331)
Use-after-free in worker destruction
* CVE-2019-13722 (bmo#1580156) (Windows only)
Stack corruption due to incorrect number of arguments in WebRTC code
* CVE-2019-17014 (bmo#1322864)
Dragging and dropping a cross-origin resource, incorrectly loaded
as an image, could result in information disclosure
* CVE-2019-17010 (bmo#1581084)
Use-after-free when performing device orientation checks
* CVE-2019-17005 (bmo#1584170)
Buffer overflow in plain text serializer
* CVE-2019-17011 (bmo#1591334)
Use-after-free when retrieving a document in antitracking
* CVE-2019-17012 (bmo#1449736, bmo#1533957, bmo#1560667, bmo#1567209
bmo#1580288, bmo#1585760, bmo#1592502)
Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3
* CVE-2019-17013 (bmo#1298509, bmo#1472328, bmo#1577439, bmo#1577937
bmo#1580320, bmo#1584195, bmo#1585106, bmo#1586293, bmo#1593865
bmo#1594181)
Memory safety bugs fixed in Firefox 71
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=789
2019-12-09 08:58:52 +01:00
|
|
|
|
2011-11-09 13:04:11 +01:00
|
|
|
# remove some executable permissions
|
2014-10-19 21:40:39 +02:00
|
|
|
find %{buildroot}%{progdir} \
|
2011-11-09 13:04:11 +01:00
|
|
|
-name "*.js" -o \
|
|
|
|
-name "*.jsm" -o \
|
|
|
|
-name "*.rdf" -o \
|
|
|
|
-name "*.properties" -o \
|
2011-12-18 14:10:54 +01:00
|
|
|
-name "*.dtd" -o \
|
|
|
|
-name "*.txt" -o \
|
|
|
|
-name "*.xml" -o \
|
2018-05-14 18:04:59 +02:00
|
|
|
-name "*.css" \
|
|
|
|
-exec chmod a-x {} +
|
2012-11-20 21:34:15 +01:00
|
|
|
# remove mkdir.done files from installed base
|
2018-05-14 18:04:59 +02:00
|
|
|
find %{buildroot}%{progdir} -type f -name ".mkdir.done" -delete
|
2007-01-08 12:23:18 +01:00
|
|
|
# overwrite the mozilla start-script and link it to /usr/bin
|
2014-10-19 21:40:39 +02:00
|
|
|
mkdir --parents %{buildroot}/usr/bin
|
2007-01-08 12:23:18 +01:00
|
|
|
sed "s:%%PREFIX:%{_prefix}:g
|
|
|
|
s:%%PROGDIR:%{progdir}:g
|
2019-10-13 18:07:47 +02:00
|
|
|
s:%%APPNAME:%{progname}:g
|
2021-04-20 09:57:25 +02:00
|
|
|
s:%%WAYLAND_SUPPORTED:%{wayland_supported}:g
|
2007-01-08 12:23:18 +01:00
|
|
|
s:%%PROFILE:.mozilla/firefox:g" \
|
2014-10-19 21:40:39 +02:00
|
|
|
%{SOURCE3} > %{buildroot}%{progdir}/%{progname}.sh
|
|
|
|
chmod 755 %{buildroot}%{progdir}/%{progname}.sh
|
|
|
|
ln -sf ../..%{progdir}/%{progname}.sh %{buildroot}%{_bindir}/%{progname}
|
2015-01-14 19:32:16 +01:00
|
|
|
# desktop file
|
2014-10-19 21:40:39 +02:00
|
|
|
mkdir -p %{buildroot}%{_datadir}/applications
|
2015-01-14 19:32:16 +01:00
|
|
|
sed "s:%%NAME:%{appname}:g
|
|
|
|
s:%%EXEC:%{progname}:g
|
2023-04-11 23:09:55 +02:00
|
|
|
s:%%ICON:%{progname}:g
|
|
|
|
s:%%WMCLASS:%{progname}%{major}:g" \
|
2015-01-14 19:32:16 +01:00
|
|
|
%{SOURCE1} > %{buildroot}%{_datadir}/applications/%{desktop_file_name}.desktop
|
|
|
|
%suse_update_desktop_file %{desktop_file_name} Network WebBrowser GTK
|
2008-03-26 16:01:54 +01:00
|
|
|
# additional mime-types
|
2014-10-19 21:40:39 +02:00
|
|
|
mkdir -p %{buildroot}%{_datadir}/mime/packages
|
|
|
|
cp %{SOURCE8} %{buildroot}%{_datadir}/mime/packages/%{progname}.xml
|
2014-10-13 20:00:43 +02:00
|
|
|
# appdata
|
2020-08-10 11:14:34 +02:00
|
|
|
mkdir -p %{buildroot}%{_datadir}/metainfo
|
2019-10-13 18:07:47 +02:00
|
|
|
sed "s:firefox.desktop:%{desktop_file_name}:g" \
|
2020-08-10 11:14:34 +02:00
|
|
|
%{SOURCE15} > %{buildroot}%{_datadir}/metainfo/%{desktop_file_name}.appdata.xml
|
2007-01-08 12:23:18 +01:00
|
|
|
# install man-page
|
2014-10-19 21:40:39 +02:00
|
|
|
mkdir -p %{buildroot}%{_mandir}/man1/
|
|
|
|
cp %{SOURCE11} %{buildroot}%{_mandir}/man1/%{progname}.1
|
2020-11-21 09:10:39 +01:00
|
|
|
# install GNOME Shell search provider
|
|
|
|
mkdir -p %{buildroot}%{_datadir}/gnome-shell/search-providers
|
|
|
|
cp %{SOURCE17} %{buildroot}%{_datadir}/gnome-shell/search-providers
|
2007-01-08 12:23:18 +01:00
|
|
|
##########
|
|
|
|
# ADDONS
|
|
|
|
#
|
2014-10-19 21:40:39 +02:00
|
|
|
mkdir -p %{buildroot}%{_datadir}/mozilla/extensions/%{firefox_appid}
|
|
|
|
mkdir -p %{buildroot}%{_libdir}/mozilla/extensions/%{firefox_appid}
|
2020-02-02 20:26:07 +01:00
|
|
|
# Install symbolic icon for GNOME
|
2021-08-11 22:19:19 +02:00
|
|
|
%if %branding
|
2018-03-13 20:46:06 +01:00
|
|
|
for size in 16 22 24 32 48 64 128 256; do
|
2011-06-01 08:05:09 +02:00
|
|
|
%else
|
|
|
|
for size in 16 32 48; do
|
|
|
|
%endif
|
2014-10-19 21:40:39 +02:00
|
|
|
mkdir -p %{buildroot}%{gnome_dir}/share/icons/hicolor/${size}x${size}/apps/
|
2015-03-21 13:49:29 +01:00
|
|
|
cp %{buildroot}%{progdir}/browser/chrome/icons/default/default$size.png \
|
2014-10-19 21:40:39 +02:00
|
|
|
%{buildroot}%{gnome_dir}/share/icons/hicolor/${size}x${size}/apps/%{progname}.png
|
2009-06-20 03:02:24 +02:00
|
|
|
done
|
2009-07-29 14:51:51 +02:00
|
|
|
# excludes
|
2014-10-19 21:40:39 +02:00
|
|
|
rm -f %{buildroot}%{progdir}/updater.ini
|
|
|
|
rm -f %{buildroot}%{progdir}/removed-files
|
|
|
|
rm -f %{buildroot}%{progdir}/README.txt
|
|
|
|
rm -f %{buildroot}%{progdir}/old-homepage-default.properties
|
|
|
|
rm -f %{buildroot}%{progdir}/run-mozilla.sh
|
|
|
|
rm -f %{buildroot}%{progdir}/LICENSE
|
|
|
|
rm -f %{buildroot}%{progdir}/precomplete
|
|
|
|
rm -f %{buildroot}%{progdir}/update-settings.ini
|
2019-10-13 18:07:47 +02:00
|
|
|
%if 0%{?devpkg}
|
2011-01-28 18:09:26 +01:00
|
|
|
# devel
|
|
|
|
mkdir -p %{buildroot}%{_bindir}
|
|
|
|
install -m 755 %SOURCE12 %{buildroot}%{_bindir}
|
|
|
|
# inspired by mandriva
|
2021-05-05 23:12:50 +02:00
|
|
|
mkdir -p %{buildroot}%{_rpmmacrodir}
|
|
|
|
cat <<'FIN' >%{buildroot}%{_rpmmacrodir}/macros.%{progname}
|
2023-03-20 08:47:31 +01:00
|
|
|
# Macros from %%{name} package
|
2011-01-28 18:09:26 +01:00
|
|
|
%%firefox_major %{major}
|
|
|
|
%%firefox_version %{version}
|
|
|
|
%%firefox_mainver %{mainver}
|
2011-03-21 10:47:37 +01:00
|
|
|
%%firefox_mozillapath %%{_libdir}/%{progname}
|
2020-01-08 12:59:18 +01:00
|
|
|
%%firefox_pluginsdir %%{_libdir}/mozilla/plugins
|
2011-01-28 18:09:26 +01:00
|
|
|
%%firefox_appid \{ec8030f7-c20a-464f-9b0e-13a3a9e97384\}
|
|
|
|
%%firefox_extdir %%(if [ "%%_target_cpu" = "noarch" ]; then echo %%{_datadir}/mozilla/extensions/%%{firefox_appid}; else echo %%{_libdir}/mozilla/extensions/%%{firefox_appid}; fi)
|
|
|
|
|
|
|
|
%%firefox_ext_install() \
|
|
|
|
extdir="%%{buildroot}%%{firefox_extdir}/`mozilla-get-app-id '%%1'`" \
|
|
|
|
mkdir -p "$extdir" \
|
|
|
|
%%{__unzip} -q -d "$extdir" "%%1" \
|
|
|
|
%%{nil}
|
|
|
|
FIN
|
2019-10-13 18:07:47 +02:00
|
|
|
%endif
|
2009-07-29 14:51:51 +02:00
|
|
|
# fdupes
|
2014-10-19 21:40:39 +02:00
|
|
|
%fdupes %{buildroot}%{progdir}
|
|
|
|
%fdupes %{buildroot}%{_datadir}
|
2007-01-08 12:23:18 +01:00
|
|
|
|
|
|
|
%post
|
2008-03-26 16:01:54 +01:00
|
|
|
# update mime and desktop database
|
2011-01-24 10:14:26 +01:00
|
|
|
%mime_database_post
|
|
|
|
%desktop_database_post
|
|
|
|
%icon_theme_cache_post
|
2007-01-08 12:23:18 +01:00
|
|
|
exit 0
|
2007-03-13 00:58:50 +01:00
|
|
|
|
2008-02-15 01:45:38 +01:00
|
|
|
%postun
|
2011-01-24 10:14:26 +01:00
|
|
|
%icon_theme_cache_postun
|
|
|
|
%desktop_database_postun
|
|
|
|
%mime_database_postun
|
|
|
|
exit 0
|
2008-03-26 16:01:54 +01:00
|
|
|
|
2010-01-08 01:32:43 +01:00
|
|
|
%files
|
2008-03-26 16:01:54 +01:00
|
|
|
%defattr(-,root,root)
|
2007-01-08 12:23:18 +01:00
|
|
|
%dir %{progdir}
|
2013-05-14 16:33:59 +02:00
|
|
|
%dir %{progdir}/browser/
|
|
|
|
%dir %{progdir}/browser/chrome/
|
|
|
|
%{progdir}/browser/defaults
|
2016-03-07 17:25:29 +01:00
|
|
|
%{progdir}/browser/features/
|
2013-05-14 16:33:59 +02:00
|
|
|
%{progdir}/browser/chrome/icons
|
|
|
|
%{progdir}/browser/omni.ja
|
2011-01-24 10:14:26 +01:00
|
|
|
%dir %{progdir}/distribution/
|
2013-05-14 16:33:59 +02:00
|
|
|
%{progdir}/distribution/extensions/
|
2007-01-08 12:23:18 +01:00
|
|
|
%{progdir}/defaults/
|
2015-02-23 21:32:13 +01:00
|
|
|
%{progdir}/gmp-clearkey/
|
2007-01-08 12:23:18 +01:00
|
|
|
%attr(755,root,root) %{progdir}/%{progname}.sh
|
2019-10-13 18:07:47 +02:00
|
|
|
%{progdir}/%{progname}
|
|
|
|
%{progdir}/%{progname}-bin
|
2008-03-26 16:01:54 +01:00
|
|
|
%{progdir}/application.ini
|
2011-06-01 08:05:09 +02:00
|
|
|
%{progdir}/dependentlibs.list
|
|
|
|
%{progdir}/*.so
|
2023-06-10 17:11:56 +02:00
|
|
|
%{progdir}/glxtest
|
|
|
|
%if 0%{wayland_supported}
|
|
|
|
%{progdir}/vaapitest
|
|
|
|
%endif
|
2023-08-04 12:12:18 +02:00
|
|
|
%ifarch aarch64 riscv64 %arm
|
|
|
|
%{progdir}/v4l2test
|
|
|
|
%endif
|
2012-02-01 14:37:15 +01:00
|
|
|
%{progdir}/omni.ja
|
2016-11-15 19:06:29 +01:00
|
|
|
%{progdir}/fonts/
|
2017-09-05 12:10:37 +02:00
|
|
|
%{progdir}/pingsender
|
2011-06-01 08:05:09 +02:00
|
|
|
%{progdir}/platform.ini
|
2010-08-01 17:17:34 +02:00
|
|
|
%if %crashreporter
|
2011-06-01 08:05:09 +02:00
|
|
|
%{progdir}/crashreporter
|
2024-05-21 10:22:00 +02:00
|
|
|
#%{progdir}/crashreporter.ini
|
|
|
|
#%{progdir}/Throbber-small.gif
|
2017-03-07 09:35:10 +01:00
|
|
|
%{progdir}/minidump-analyzer
|
2024-05-21 10:22:00 +02:00
|
|
|
#%{progdir}/browser/crashreporter-override.ini
|
2010-08-01 17:17:34 +02:00
|
|
|
%endif
|
2011-01-13 14:04:03 +01:00
|
|
|
%{_datadir}/applications/%{desktop_file_name}.desktop
|
2008-09-26 16:53:00 +02:00
|
|
|
%{_datadir}/mime/packages/%{progname}.xml
|
2020-11-21 09:10:39 +01:00
|
|
|
%dir %{_datadir}/gnome-shell
|
|
|
|
%dir %{_datadir}/gnome-shell/search-providers
|
|
|
|
%{_datadir}/gnome-shell/search-providers/*.ini
|
2011-01-28 18:09:26 +01:00
|
|
|
%dir %{_datadir}/mozilla
|
|
|
|
%dir %{_datadir}/mozilla/extensions
|
|
|
|
%dir %{_datadir}/mozilla/extensions/%{firefox_appid}
|
|
|
|
%dir %{_libdir}/mozilla
|
|
|
|
%dir %{_libdir}/mozilla/extensions
|
|
|
|
%dir %{_libdir}/mozilla/extensions/%{firefox_appid}
|
2007-01-26 00:57:56 +01:00
|
|
|
%{gnome_dir}/share/icons/hicolor/
|
2008-06-23 23:39:45 +02:00
|
|
|
%{_bindir}/%{progname}
|
2008-09-26 16:53:00 +02:00
|
|
|
%doc %{_mandir}/man1/%{progname}.1.gz
|
2020-08-10 11:14:34 +02:00
|
|
|
%{_datadir}/metainfo/
|
2010-03-26 02:09:50 +01:00
|
|
|
|
2019-10-13 18:17:42 +02:00
|
|
|
%if 0%{?devpkg}
|
2011-01-28 18:09:26 +01:00
|
|
|
%files devel
|
|
|
|
%defattr(-,root,root)
|
|
|
|
%{_bindir}/mozilla-get-app-id
|
2021-05-05 23:12:50 +02:00
|
|
|
%{_rpmmacrodir}/macros.%{progname}
|
2019-10-13 18:07:47 +02:00
|
|
|
%endif
|
2011-01-25 09:00:34 +01:00
|
|
|
|
2011-01-28 18:09:26 +01:00
|
|
|
%if %localize
|
2009-08-10 23:34:51 +02:00
|
|
|
%files translations-common -f %{_tmppath}/translations.common
|
|
|
|
%defattr(-,root,root)
|
2010-01-08 01:32:43 +01:00
|
|
|
%dir %{progdir}
|
2020-09-22 16:04:54 +02:00
|
|
|
%dir %{progdir}/browser/extensions/
|
2009-08-10 23:34:51 +02:00
|
|
|
|
|
|
|
%files translations-other -f %{_tmppath}/translations.other
|
2007-01-08 12:23:18 +01:00
|
|
|
%defattr(-,root,root)
|
2010-01-08 01:32:43 +01:00
|
|
|
%dir %{progdir}
|
2020-09-22 16:04:54 +02:00
|
|
|
%dir %{progdir}/browser/extensions/
|
2007-01-08 12:23:18 +01:00
|
|
|
%endif
|
2009-12-21 14:04:16 +01:00
|
|
|
|
2011-07-01 11:12:30 +02:00
|
|
|
# this package does not need to provide files but is needed to fulfill
|
|
|
|
# requirements if no other branding package is to be installed
|
|
|
|
%files branding-upstream
|
|
|
|
%defattr(-,root,root)
|
|
|
|
%dir %{progdir}
|
2011-06-01 08:05:09 +02:00
|
|
|
|
2007-02-25 23:32:56 +01:00
|
|
|
%changelog
|