diff --git a/MozillaFirefox.changes b/MozillaFirefox.changes index 2cc20b3..8da05cf 100644 --- a/MozillaFirefox.changes +++ b/MozillaFirefox.changes @@ -1,3 +1,77 @@ +------------------------------------------------------------------- +Sun Apr 18 09:01:32 UTC 2021 - Wolfgang Rosenauer + +- Mozilla Firefox 88.0 + * New: PDF forms now support JavaScript embedded in PDF files. + Some PDF forms use JavaScript for validation and other + interactive features + * New: Print updates: Margin units are now localized + * New: Smooth pinch-zooming using a touchpad is now supported + on Linux + * New: To protect against cross-site privacy leaks, Firefox now + isolates window.name data to the website that created it. + Learn more + * Changed: Firefox will not prompt for access to your + microphone or camera if you’ve already granted access to the + same device on the same site in the same tab within the past + 50 seconds. This new grace period reduces the number of times + you’re prompted to grant device access + * Changed: The ‘Take a Screenshot’ feature was removed from the + Page Actions menu in the url bar. To take a screenshot, + right-click to open the context menu. You can also add a + screenshots shortcut directly to your toolbar via the + Customize menu. Open the Firefox menu and select Customize… + * Changed: FTP support has been disabled, and its full removal + is planned for an upcoming release. Addressing this security + risk reduces the likelihood of an attack while also removing + support for a non-encrypted protocol + * Developer: Introduced a new toggle button in the Network + panel for switching between JSON formatted HTTP response and + raw data (as received over the wire). + !enter image description here + * Enterprise: Various bug fixes and new policies have been + implemented in the latest version of Firefox. You can see + more details in the Firefox for Enterprise 88 Release Notes. + * Fixed: Screen readers no longer incorrectly read content that + websites have visually hidden, as in the case of articles in + the Google Help panel + MFSA 2021-16 (bsc#1184960) + * CVE-2021-23994 (bmo#1699077) + Out of bound write due to lazy initialization + * CVE-2021-23995 (bmo#1699835) + Use-after-free in Responsive Design Mode + * CVE-2021-23996 (bmo#1701834) + Content rendered outside of webpage viewport + * CVE-2021-23997 (bmo#1701942) + Use-after-free when freeing fonts from cache + * CVE-2021-23998 (bmo#1667456) + Secure Lock icon could have been spoofed + * CVE-2021-23999 (bmo#1691153) + Blob URLs may have been granted additional privileges + * CVE-2021-24000 (bmo#1694698) + requestPointerLock() could be applied to a tab different from + the visible tab + * CVE-2021-24001 (bmo#1694727) + Testing code could have enabled session history manipulations + by a compromised content process + * CVE-2021-24002 (bmo#1702374) + Arbitrary FTP command execution on FTP servers using an + encoded URL + * CVE-2021-29945 (bmo#1700690) + Incorrect size computation in WebAssembly JIT could lead to + null-reads + * CVE-2021-29944 (bmo#1697604) + HTML injection vulnerability in Firefox for Android's Reader View + * CVE-2021-29946 (bmo#1698503) + Port blocking could be bypassed + * CVE-2021-29947 (bmo#1651449, bmo#1674142, bmo#1693476, + bmo#1696886, bmo#1700091) + Memory safety bugs fixed in Firefox 88 +- requires + * NSPR 4.30 + * NSS 3.63.1 +- align wayland support logic + ------------------------------------------------------------------- Sat Mar 27 10:40:46 UTC 2021 - Manfred Hollstein diff --git a/MozillaFirefox.spec b/MozillaFirefox.spec index 51ef77f..5cd0839 100644 --- a/MozillaFirefox.spec +++ b/MozillaFirefox.spec @@ -32,9 +32,9 @@ # orig_suffix b3 # major 69 # mainver %major.99 -%define major 87 +%define major 88 %define mainver %major.0 -%define orig_version 87.0 +%define orig_version 88.0 %define orig_suffix %{nil} %define update_channel release %define branding 1 @@ -85,11 +85,13 @@ BuildArch: i686 %else %define crashreporter 0 %endif -%if 0%{?suse_version} < 1550 && 0%{?sle_version} <= 150100 -# pipewire is too old on Leap <15.1 +%define with_pipewire0_3 1 +%define wayland_supported 1 +%if 0%{?sle_version} > 0 && 0%{?sle_version} < 150200 +# pipewire is too old on Leap <=15.1 %define with_pipewire0_3 0 -%else -%define with_pipewire0_3 1 +# Wayland is too old on Leap <=15.1 as well +%define wayland_supported 0 %endif Name: %{pkgname} @@ -115,8 +117,8 @@ BuildRequires: libidl-devel BuildRequires: libiw-devel BuildRequires: libproxy-devel BuildRequires: makeinfo -BuildRequires: mozilla-nspr-devel >= 4.29 -BuildRequires: mozilla-nss-devel >= 3.62 +BuildRequires: mozilla-nspr-devel >= 4.30 +BuildRequires: mozilla-nss-devel >= 3.63.1 BuildRequires: nasm >= 2.14 BuildRequires: nodejs10 >= 10.22.1 %if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000 @@ -448,10 +450,10 @@ ac_add_options --prefix=%{_prefix} ac_add_options --libdir=%{_libdir} ac_add_options --includedir=%{_includedir} ac_add_options --enable-release -%if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000 -ac_add_options --enable-default-toolkit=cairo-gtk3 -%else +%if 0%{wayland_supported} ac_add_options --enable-default-toolkit=cairo-gtk3-wayland +%else +ac_add_options --enable-default-toolkit=cairo-gtk3 %endif # bmo#1441155 - Disable the generation of Rust debug symbols on Linux32 %ifarch %ix86 %arm @@ -628,6 +630,7 @@ mkdir --parents %{buildroot}/usr/bin sed "s:%%PREFIX:%{_prefix}:g s:%%PROGDIR:%{progdir}:g s:%%APPNAME:%{progname}:g +s:%%WAYLAND_SUPPORTED:%{wayland_supported}:g s:%%PROFILE:.mozilla/firefox:g" \ %{SOURCE3} > %{buildroot}%{progdir}/%{progname}.sh chmod 755 %{buildroot}%{progdir}/%{progname}.sh diff --git a/firefox-87.0.source.tar.xz b/firefox-87.0.source.tar.xz deleted file mode 100644 index 482d32d..0000000 --- a/firefox-87.0.source.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:ce98be0522f971b6950f22c738c4b2caf19cf7f48ab2ae2e6d46694af7fd58ab -size 377285124 diff --git a/firefox-87.0.source.tar.xz.asc b/firefox-87.0.source.tar.xz.asc deleted file mode 100644 index 40cdf86..0000000 --- a/firefox-87.0.source.tar.xz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCgAdFiEECXsxMHeuYqAvhNpN8aZmj7t9Vy4FAmBTXTkACgkQ8aZmj7t9 -Vy73qxAAoKpCcflQ4vtfDhgql8jsAS4gA4uP0wbtHq1BoPHfOAGaiGRc6J7zfi3u -eR5MjrmfDbLq3ATNFo6Ss/emkXbSq9nyJ+xbZAPjVgKp1VPxFFK1CrByMMqLZn+z -b4cuR920Y7lFdldNaZdkVtqcp+ZiSXV0PrZeixZu4t05AE46LDGrvCtsUoTWOyi6 -jCCqPSHsSCe7EqUQLj20uhw9kfP5WoNyJROQZUROuvKwQ1a9k9zlEVcpSMAs+eI9 -yLu6lfgWbHlOeWm4ZoUTIirZX/vqgA/kKyOJQaAmLpveiu3PfrQXhrxbz89Lf1vg -Y4xBgHompwN7X8x9IHwQSV6gXvknceTjNyCIKrPxKwuB5xY+FhMCscsViHawgtEl -93yxdqUGQdDwO7qV9vl53wkxOpne4yxQ7DnAw5BBIlUNlOy4I0uBgQNx/LBFEz6p -kyrlg/0RwvvkjJtNWpN4poWP6zPOfJzRwR3TsaLktuPC56CoXZ2P567LHWjrqc56 -cKFYWRbtfoqS2JJUIRBEwJRmtkFISErydHnCa5gnkG+pSvPIrquz83jRIpd0+utz -Ts5SDPImkQ0DQZLwVm+NguDXfEfbSkvIQW3FPAZxo141+xMX9Fwq4pkZkoPZqhQf -YfyHIRrct6XVhS3oUxU3gg+7D5m8r3eVvdzO5rbi9Top/IYnl8U= -=ulQ4 ------END PGP SIGNATURE----- diff --git a/firefox-88.0.source.tar.xz b/firefox-88.0.source.tar.xz new file mode 100644 index 0000000..df07a4b --- /dev/null +++ b/firefox-88.0.source.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:6b50dbfb393f843e4401e23965a1d8f7fd44b5a7628d95138294094094eee297 +size 373744508 diff --git a/firefox-88.0.source.tar.xz.asc b/firefox-88.0.source.tar.xz.asc new file mode 100644 index 0000000..68780aa --- /dev/null +++ b/firefox-88.0.source.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEECXsxMHeuYqAvhNpN8aZmj7t9Vy4FAmB4ySwACgkQ8aZmj7t9 +Vy6Chg//ZyYy5NV1hpRBY16KrReJnUXJkkz+BPQ7zoNXTqsUNeA9BIjFdUVq9thB +N/bE3drySFnIpRACx88OksaSF2Ix3QYz4XL864+bexAnhHyIZ3uqW7p7MUltFJ1+ +wP7WgegLrXmqK6V4GxiV4Undy0wQhFth4hayM4AdUrqO3VGTHTbX+ATZMQYHVJkq +h1JiLJyfovtxtLn+2Tc9brUbJWptrxet4GutDMYuY8SDFLm9J0+oDYeVompIVIgE +e24w+LWuPb9B/rM7ReQBUGlnT+f3Sa96VUSxv6aEpLTtYTsGHZO9MbEpWjTXo1W9 +I6TKBGk6l0TQ12R5+0wBcrBVoeD42Ac/01sXOHeRg6VIu+jgxP/z6b4RDPw3AnTm +kN97rnOAw+QjO+Mi+fVf+wrgd3KAptbQxgYT0zfaRRpijAWWjFEVxAjIaIWTv5F3 +dnhcey5+/qDhrtfVIQNu5K0VUOqPhkszxzm6k8qcy5gjeoBE0GxzIrR5K78P/Cqb +hOUhQpJiZ/oiopO+Ur0b/GbkNDw2RaRq2Bg/zJeVxkamOvkS9Jj+nFgaJBAiUbBp +EhNQGOY5RveKsK6uQ/4zLP/KXbMu21BST4ba5suyJK08H1YgpCLZQhKprst7pYor +ZvQ0Mkl7kromqTFPGy0k9Kv6DqHVYfrXd7eT5LYN8PPeE3VNtLg= +=/g2j +-----END PGP SIGNATURE----- diff --git a/l10n-87.0.tar.xz b/l10n-87.0.tar.xz deleted file mode 100644 index f060f6d..0000000 --- a/l10n-87.0.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:e62d275b344f0972a032c5b6d6aa1522671b08856890d03ae55b569310b8a686 -size 49925540 diff --git a/l10n-88.0.tar.xz b/l10n-88.0.tar.xz new file mode 100644 index 0000000..9f3d1c5 --- /dev/null +++ b/l10n-88.0.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:136f07092b9418d2201afac769ae5bca7fa5c26af954a4ec81a17019b3e76f2a +size 50355440 diff --git a/mozilla-kde.patch b/mozilla-kde.patch index d393488..5a1e3c3 100644 --- a/mozilla-kde.patch +++ b/mozilla-kde.patch @@ -3,7 +3,7 @@ # Date 1559294891 -7200 # Fri May 31 11:28:11 2019 +0200 # Node ID c2aa7198fb925e7fde96abf65b6f68b9b755f112 -# Parent 929fbcb071c2e1ff551c73e8c364e9c1f4495171 +# Parent 53e325f006bd6a31f6f3d40ae248e4058897055a Description: Add KDE integration to Firefox (toolkit parts) Author: Wolfgang Rosenauer Author: Lubos Lunak @@ -31,7 +31,7 @@ diff --git a/modules/libpref/Preferences.cpp b/modules/libpref/Preferences.cpp #ifdef MOZ_MEMORY # include "mozmemory.h" #endif -@@ -4573,25 +4574,37 @@ nsresult Preferences::InitInitialObjects +@@ -4635,25 +4636,37 @@ nsresult Preferences::InitInitialObjects // application pref files for backwards compatibility. static const char* specialFiles[] = { #if defined(XP_MACOSX) @@ -69,7 +69,7 @@ diff --git a/modules/libpref/Preferences.cpp b/modules/libpref/Preferences.cpp // Load jar:$app/omni.jar!/defaults/preferences/*.js // or jar:$gre/omni.jar!/defaults/preferences/*.js. -@@ -4656,17 +4669,17 @@ nsresult Preferences::InitInitialObjects +@@ -4718,17 +4731,17 @@ nsresult Preferences::InitInitialObjects } nsCOMPtr path = do_QueryInterface(elem); @@ -841,7 +841,7 @@ diff --git a/uriloader/exthandler/HandlerServiceParent.cpp b/uriloader/exthandle diff --git a/uriloader/exthandler/moz.build b/uriloader/exthandler/moz.build --- a/uriloader/exthandler/moz.build +++ b/uriloader/exthandler/moz.build -@@ -86,17 +86,19 @@ else: +@@ -77,17 +77,19 @@ else: SOURCES += [ osdir + "/nsOSHelperAppService.cpp", ] @@ -857,11 +857,11 @@ diff --git a/uriloader/exthandler/moz.build b/uriloader/exthandler/moz.build ] elif CONFIG["MOZ_WIDGET_TOOLKIT"] == "android": UNIFIED_SOURCES += [ - "android/nsAndroidHandlerApp.cpp", - "android/nsExternalURLHandlerService.cpp", "android/nsMIMEInfoAndroid.cpp", ] -@@ -136,16 +138,17 @@ include("/ipc/chromium/chromium-config.m + elif CONFIG["MOZ_WIDGET_TOOLKIT"] == "windows": + UNIFIED_SOURCES += [ +@@ -125,16 +127,17 @@ include("/ipc/chromium/chromium-config.m FINAL_LIBRARY = "xul" LOCAL_INCLUDES += [ @@ -1837,7 +1837,7 @@ diff --git a/xpcom/components/moz.build b/xpcom/components/moz.build diff --git a/xpcom/io/nsLocalFileUnix.cpp b/xpcom/io/nsLocalFileUnix.cpp --- a/xpcom/io/nsLocalFileUnix.cpp +++ b/xpcom/io/nsLocalFileUnix.cpp -@@ -49,16 +49,17 @@ +@@ -53,16 +53,17 @@ #include "prproces.h" #include "nsIDirectoryEnumerator.h" #include "nsSimpleEnumerator.h" @@ -1855,7 +1855,7 @@ diff --git a/xpcom/io/nsLocalFileUnix.cpp b/xpcom/io/nsLocalFileUnix.cpp # include "prmem.h" # include "plbase64.h" -@@ -2001,62 +2002,77 @@ nsLocalFile::SetPersistentDescriptor(con +@@ -2021,62 +2022,77 @@ nsLocalFile::SetPersistentDescriptor(con NS_IMETHODIMP nsLocalFile::Reveal() { @@ -1938,4 +1938,4 @@ diff --git a/xpcom/io/nsLocalFileUnix.cpp b/xpcom/io/nsLocalFileUnix.cpp return giovfs->ShowURIForInput(mPath); #elif defined(MOZ_WIDGET_ANDROID) - // Try to get a mimetype, if this fails just use the file uri alone + // Not supported on GeckoView diff --git a/mozilla-pgo.patch b/mozilla-pgo.patch index e9f41bd..2c453dd 100644 --- a/mozilla-pgo.patch +++ b/mozilla-pgo.patch @@ -1,6 +1,6 @@ # HG changeset patch # User Wolfgang Rosenauer -# Parent 07b5ae8ccc4806fcc5ad74e32a2d3fb2b9d605d0 +# Parent ed9681bd4359b83145247fb6b01a56a2c84879fd diff --git a/build/moz.configure/lto-pgo.configure b/build/moz.configure/lto-pgo.configure --- a/build/moz.configure/lto-pgo.configure @@ -155,7 +155,7 @@ diff --git a/extensions/spellcheck/src/moz.build b/extensions/spellcheck/src/moz diff --git a/toolkit/components/terminator/nsTerminator.cpp b/toolkit/components/terminator/nsTerminator.cpp --- a/toolkit/components/terminator/nsTerminator.cpp +++ b/toolkit/components/terminator/nsTerminator.cpp -@@ -425,16 +425,21 @@ void nsTerminator::StartWatchdog() { +@@ -451,16 +451,21 @@ void nsTerminator::StartWatchdog() { // Defend against overflow crashAfterMS = INT32_MAX; } else { @@ -170,10 +170,10 @@ diff --git a/toolkit/components/terminator/nsTerminator.cpp b/toolkit/components + crashAfterMS = INT32_MAX; + UniquePtr options(new Options()); - const PRIntervalTime ticksDuration = PR_MillisecondsToInterval(1000); + const PRIntervalTime ticksDuration = + PR_MillisecondsToInterval(HEARTBEAT_INTERVAL_MS); options->crashAfterTicks = crashAfterMS / ticksDuration; // Handle systems where ticksDuration is greater than crashAfterMS. if (options->crashAfterTicks == 0) { - options->crashAfterTicks = crashAfterMS / 1000; + options->crashAfterTicks = crashAfterMS / HEARTBEAT_INTERVAL_MS; } - diff --git a/mozilla.sh.in b/mozilla.sh.in index e283739..c488da9 100644 --- a/mozilla.sh.in +++ b/mozilla.sh.in @@ -84,8 +84,11 @@ export LIBXCB_ALLOW_SLOPPY_LOCK=1 export GNOME_DISABLE_CRASH_DIALOG=1 # Wayland +# Only supported on newer systems +WAYLAND_SUPPORTED=%WAYLAND_SUPPORTED + # $XDG_SESSION_TYPE should contain either x11 or wayland -if [ "$XDG_SESSION_TYPE" = "wayland" ]; then +if [ $WAYLAND_SUPPORTED -eq 1 ] && [ "$XDG_SESSION_TYPE" = "wayland" ]; then export MOZ_ENABLE_WAYLAND=1 fi diff --git a/tar_stamps b/tar_stamps index 2a91030..01c6740 100644 --- a/tar_stamps +++ b/tar_stamps @@ -1,11 +1,11 @@ PRODUCT="firefox" CHANNEL="release" -VERSION="87.0" +VERSION="88.0" VERSION_SUFFIX="" -PREV_VERSION="86.0.1" +PREV_VERSION="87.0" PREV_VERSION_SUFFIX="" #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release" -RELEASE_TAG="bb9bf7e886787222b18094a4723949a29b4d329a" -RELEASE_TIMESTAMP="20210318103112" +RELEASE_TAG="38ee7c9c51c5c95d854c6e9eaa962f21d4f17753" +RELEASE_TIMESTAMP="20210415204500"