From 342949cc960e02caff36089c7f43751fd464c1f2d9b58dfcec56693d403a210d Mon Sep 17 00:00:00 2001 From: Wolfgang Rosenauer Date: Fri, 26 Aug 2022 06:35:29 +0000 Subject: [PATCH] - Mozilla Firefox 104.0 * https://www.mozilla.org/en-US/firefox/104.0/releasenotes MFSA 2022-33 (bsc#1202645) * CVE-2022-38472 (bmo#1769155) Address bar spoofing via XSLT error handling * CVE-2022-38473 (bmo#1771685) Cross-origin XSLT Documents would have inherited the parent's permissions * CVE-2022-38474 (bmo#1719511) Recording notification not shown when microphone was recording on Android * CVE-2022-38475 (bmo#1773266) Attacker could write a value to a zero-length array * CVE-2022-38477 (bmo#1760611, bmo#1770219, bmo#1771159, bmo#1773363) Memory safety bugs fixed in Firefox 104 and Firefox ESR 102.2 * CVE-2022-38478 (bmo#1770630, bmo#1776658) Memory safety bugs fixed in Firefox 104, Firefox ESR 102.2, and Firefox ESR 91.13 - requires NSPR 4.34.1 NSS 3.81 rust 1.62 OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=997 --- MozillaFirefox.changes | 26 +++++++++++++++++++++ MozillaFirefox.spec | 14 ++++++------ firefox-103.0.2.source.tar.xz | 3 --- firefox-103.0.2.source.tar.xz.asc | 16 ------------- firefox-104.0.source.tar.xz | 3 +++ firefox-104.0.source.tar.xz.asc | 16 +++++++++++++ l10n-103.0.2.tar.xz | 3 --- l10n-104.0.tar.xz | 3 +++ mozilla-kde.patch | 34 ++++++++++++++-------------- mozilla-silence-no-return-type.patch | 10 ++++---- tar_stamps | 8 +++---- 11 files changed, 81 insertions(+), 55 deletions(-) delete mode 100644 firefox-103.0.2.source.tar.xz delete mode 100644 firefox-103.0.2.source.tar.xz.asc create mode 100644 firefox-104.0.source.tar.xz create mode 100644 firefox-104.0.source.tar.xz.asc delete mode 100644 l10n-103.0.2.tar.xz create mode 100644 l10n-104.0.tar.xz diff --git a/MozillaFirefox.changes b/MozillaFirefox.changes index d19382e..257c21b 100644 --- a/MozillaFirefox.changes +++ b/MozillaFirefox.changes @@ -1,3 +1,29 @@ +------------------------------------------------------------------- +Sun Aug 21 11:12:14 UTC 2022 - Wolfgang Rosenauer + +- Mozilla Firefox 104.0 + * https://www.mozilla.org/en-US/firefox/104.0/releasenotes + MFSA 2022-33 (bsc#1202645) + * CVE-2022-38472 (bmo#1769155) + Address bar spoofing via XSLT error handling + * CVE-2022-38473 (bmo#1771685) + Cross-origin XSLT Documents would have inherited the parent's + permissions + * CVE-2022-38474 (bmo#1719511) + Recording notification not shown when microphone was + recording on Android + * CVE-2022-38475 (bmo#1773266) + Attacker could write a value to a zero-length array + * CVE-2022-38477 (bmo#1760611, bmo#1770219, bmo#1771159, bmo#1773363) + Memory safety bugs fixed in Firefox 104 and Firefox ESR 102.2 + * CVE-2022-38478 (bmo#1770630, bmo#1776658) + Memory safety bugs fixed in Firefox 104, Firefox ESR 102.2, + and Firefox ESR 91.13 +- requires + NSPR 4.34.1 + NSS 3.81 + rust 1.62 + ------------------------------------------------------------------- Sat Aug 13 06:25:20 UTC 2022 - Wolfgang Rosenauer diff --git a/MozillaFirefox.spec b/MozillaFirefox.spec index 2ab6c2b..d9b7cb9 100644 --- a/MozillaFirefox.spec +++ b/MozillaFirefox.spec @@ -28,9 +28,9 @@ # orig_suffix b3 # major 69 # mainver %major.99 -%define major 103 -%define mainver %major.0.2 -%define orig_version 103.0.2 +%define major 104 +%define mainver %major.0 +%define orig_version 104.0 %define orig_suffix %{nil} %define update_channel release %define branding 1 @@ -106,8 +106,8 @@ BuildRequires: rust >= 1.59 # minimal requirement: BuildRequires: rust+cargo >= 1.59 # actually used upstream: -BuildRequires: cargo1.61 -BuildRequires: rust1.61 +BuildRequires: cargo1.62 +BuildRequires: rust1.62 %endif %if 0%{useccache} != 0 BuildRequires: ccache @@ -117,8 +117,8 @@ BuildRequires: libcurl-devel BuildRequires: libiw-devel BuildRequires: libproxy-devel BuildRequires: makeinfo -BuildRequires: mozilla-nspr-devel >= 4.34 -BuildRequires: mozilla-nss-devel >= 3.80 +BuildRequires: mozilla-nspr-devel >= 4.34.1 +BuildRequires: mozilla-nss-devel >= 3.81 BuildRequires: nasm >= 2.14 BuildRequires: nodejs >= 10.22.1 %if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000 diff --git a/firefox-103.0.2.source.tar.xz b/firefox-103.0.2.source.tar.xz deleted file mode 100644 index c837d0a..0000000 --- a/firefox-103.0.2.source.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:766183e8e39c17a84305a85da3237919ffaeb018c6c9d97a7324aea51bd453aa -size 481280156 diff --git a/firefox-103.0.2.source.tar.xz.asc b/firefox-103.0.2.source.tar.xz.asc deleted file mode 100644 index 98a67db..0000000 --- a/firefox-103.0.2.source.tar.xz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmLxNMQACgkQ6+QekPbx -L23jvhAAqWUrOZN73hvIMIIiUStHYgKQpvaEjUVHT/KBmuQaeFARaFHFOTUbgU7j -Ej0BTwPyY5OgErEiti8kXvfZyrSPMc0jPMUojedlp/8q7gYObMRXCCexmYDEYwUD -41b42yeLiwV+zufIeIjWo/uF1VwwUSOdrDi+FmMvWvx3NzRLmKUYuj4MqyElkU7t -6eE0ouzpXmN7DPfdUyXE59DfOXq630F8R1sZjm/7vnWh215tsmcur4uvZBeardcH -m5otzA3fYVWzPkBfNIrbyuq5oWMXaM7sFWvAZbrO8Ymjz7MNMKtYkMZaOC1Hds9V -fCYD434t/LmwXDjtWAcYt8WEknNCoqzhStY7ZX6pHM5bLwVOmZGowcbd1NQ/47pp -C3rfPS6PU61j7BhI0KEX7cgrShpQDkVRyfTlHjvo0xKv6Ez8psCfhipynKzirBAa -l5JgxrINAzDABETrgc336und8SPvyO3VwdRrUtMZFVrrYGDhvE2DMA6aJPug9fQ1 -Teclh8WhPkeh7Yk172HsoIuHn5WRDDS0Kyz4Fk26eZOnC+A8wl8V00Dwa80q7E9P -pUzqCFVseJ7LzpkSCs5cMCEG+LofdrntyORkYG3U/c1NN0TI9EeYwBGZv7gC6uY8 -/G3jtRn9wDvN0XLvd/3zxYUEOiukTL/rysISSjqmPom6VEBI/hM= -=tWUs ------END PGP SIGNATURE----- diff --git a/firefox-104.0.source.tar.xz b/firefox-104.0.source.tar.xz new file mode 100644 index 0000000..dd22704 --- /dev/null +++ b/firefox-104.0.source.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:1a294a651dc6260f9a72a3ab9f10e7792a4ab41a9cfa8527ad3dd9979cdc98ce +size 486299816 diff --git a/firefox-104.0.source.tar.xz.asc b/firefox-104.0.source.tar.xz.asc new file mode 100644 index 0000000..58d07fa --- /dev/null +++ b/firefox-104.0.source.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmL+6JUACgkQ6+QekPbx +L206/w/+IKFX1Fj2MkusjcySy49V/iYyOnSSgWxF81b36j0hn8ydrXbnSiAHruUM +E2c8TI+qPnlghpqgBCYrIGSd18Pv/BO9g9aqrKPL6Py2mn03zaR0Ttxptz0lVBIG +BrcyA18kz/Ci6SqlsmHw6rWNd0pTKmBrUBo4JzOP4XIttMr2b1TfQIx5AL4ZWE+I +tdpYFXrwB3mwPG3XpnEEStImKaDidbVZEsw+lacXRnehBCz6HSJ0DROzDAv2COyV +dO6uNC7Im1O8RJfSWrU+ishtAA5K0D10lSE3Vssr8OP1LtZJ9TgitZ9MJ0/eZAv1 +wQdN+AKDxHFBibS0MgoS+hJjKQDNCnt0ilZpnLXoUj5CvgLptVoiV2zZjIlFl2f1 +FAuV7x3nQlRKot6voCbYqB3D4Sf9UBjS0MUDm0n3EW8Y6gamtztVaHrrKKIPzAbO +KiBkq7OilY5tnRwruq+x9Lot1szVZezqPYNRF4oeWcG4T+dmF+44Oe1xsxlsfpl6 +5MvCn0pkR5N2FP48Px/Psk+ZzAboT+hECD/kdlJNPdtEJ0Y6J381pOAay54wDT8Y +sZti/maLMojiuaTnJ//snupVTVMp5tQSA6r0m51oU2DHsld9uARBV3NSg+Qj6trB +j14ZwCuEFJDa7z7ZXdxi+3b8TlrF1ArgyyZ+MIFZZyary3DBbT0= +=IXLK +-----END PGP SIGNATURE----- diff --git a/l10n-103.0.2.tar.xz b/l10n-103.0.2.tar.xz deleted file mode 100644 index cd5fd7b..0000000 --- a/l10n-103.0.2.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:4ed83842b2e6efb7900ad3dfc8bb87321ce44ecd8822817110f0554e213df111 -size 49343512 diff --git a/l10n-104.0.tar.xz b/l10n-104.0.tar.xz new file mode 100644 index 0000000..99d5029 --- /dev/null +++ b/l10n-104.0.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:68dedca71e0281727f7f467378ddcd3176887f6ac274b84086345278a6f4d90e +size 49571548 diff --git a/mozilla-kde.patch b/mozilla-kde.patch index 1d9ed2d..6c5eed4 100644 --- a/mozilla-kde.patch +++ b/mozilla-kde.patch @@ -3,7 +3,7 @@ # Date 1559294891 -7200 # Fri May 31 11:28:11 2019 +0200 # Node ID c2aa7198fb925e7fde96abf65b6f68b9b755f112 -# Parent b7a9df31234bb6342e8b01dcfa98b7d8ecdfd1dd +# Parent 65e96e081f6f4b68d6b7998f4182a3764832c2ce Description: Add KDE integration to Firefox (toolkit parts) Author: Wolfgang Rosenauer Author: Lubos Lunak @@ -810,7 +810,7 @@ diff --git a/uriloader/exthandler/moz.build b/uriloader/exthandler/moz.build ] elif CONFIG["MOZ_WIDGET_TOOLKIT"] == "windows": UNIFIED_SOURCES += [ -@@ -130,16 +132,17 @@ include("/ipc/chromium/chromium-config.m +@@ -126,16 +128,17 @@ include("/ipc/chromium/chromium-config.m FINAL_LIBRARY = "xul" LOCAL_INCLUDES += [ @@ -1166,7 +1166,7 @@ diff --git a/uriloader/exthandler/unix/nsOSHelperAppService.cpp b/uriloader/exth #include "nsISupports.h" #include "nsString.h" #include "nsReadableUtils.h" -@@ -1025,17 +1025,17 @@ nsresult nsOSHelperAppService::GetHandle +@@ -1102,17 +1102,17 @@ nsresult nsOSHelperAppService::GetHandle nsresult nsOSHelperAppService::OSProtocolHandlerExists( const char* aProtocolScheme, bool* aHandlerExists) { @@ -1185,7 +1185,7 @@ diff --git a/uriloader/exthandler/unix/nsOSHelperAppService.cpp b/uriloader/exth nsCOMPtr handlerSvc = do_GetService(NS_HANDLERSERVICE_CONTRACTID, &rv); if (NS_SUCCEEDED(rv) && handlerSvc) { -@@ -1045,17 +1045,17 @@ nsresult nsOSHelperAppService::OSProtoco +@@ -1122,17 +1122,17 @@ nsresult nsOSHelperAppService::OSProtoco } return rv; @@ -1204,26 +1204,26 @@ diff --git a/uriloader/exthandler/unix/nsOSHelperAppService.cpp b/uriloader/exth NS_IMETHODIMP nsOSHelperAppService::IsCurrentAppOSDefaultForProtocol( const nsACString& aScheme, bool* _retval) { -@@ -1148,17 +1148,17 @@ already_AddRefed nsOSHel +@@ -1227,17 +1227,17 @@ already_AddRefed nsOSHel nsresult rv = LookUpTypeAndDescription(NS_ConvertUTF8toUTF16(aFileExt), majorType, minorType, mime_types_description, true); if (NS_FAILED(rv) || majorType.IsEmpty()) { #ifdef MOZ_WIDGET_GTK - LOG(("Looking in GNOME registry\n")); + LOG("Looking in GNOME registry\n"); RefPtr gnomeInfo = - nsGNOMERegistry::GetFromExtension(aFileExt); + nsCommonRegistry::GetFromExtension(aFileExt); if (gnomeInfo) { - LOG(("Got MIMEInfo from GNOME registry\n")); + LOG("Got MIMEInfo from GNOME registry\n"); return gnomeInfo.forget(); } #endif rv = LookUpTypeAndDescription(NS_ConvertUTF8toUTF16(aFileExt), majorType, minorType, mime_types_description, false); -@@ -1261,17 +1261,17 @@ already_AddRefed nsOSHel +@@ -1342,17 +1342,17 @@ already_AddRefed nsOSHel // Now look up our extensions nsAutoString extensions, mime_types_description; @@ -1235,17 +1235,17 @@ diff --git a/uriloader/exthandler/unix/nsOSHelperAppService.cpp b/uriloader/exth - RefPtr gnomeInfo = nsGNOMERegistry::GetFromType(aMIMEType); + RefPtr gnomeInfo = nsCommonRegistry::GetFromType(aMIMEType); if (gnomeInfo) { - LOG( - ("Got MIMEInfo from GNOME registry without extensions; setting them " - "to %s\n", - NS_LossyConvertUTF16toASCII(extensions).get())); + LOG("Got MIMEInfo from GNOME registry without extensions; setting them " + "to %s\n", + NS_LossyConvertUTF16toASCII(extensions).get()); NS_ASSERTION(!gnomeInfo->HasExtensions(), "How'd that happen?"); gnomeInfo->SetFileExtensions(NS_ConvertUTF16toUTF8(extensions)); + return gnomeInfo.forget(); diff --git a/widget/gtk/moz.build b/widget/gtk/moz.build --- a/widget/gtk/moz.build +++ b/widget/gtk/moz.build -@@ -146,16 +146,17 @@ FINAL_LIBRARY = "xul" +@@ -147,16 +147,17 @@ FINAL_LIBRARY = "xul" LOCAL_INCLUDES += [ "/layout/base", @@ -1655,7 +1655,7 @@ diff --git a/xpcom/components/ManifestParser.cpp b/xpcom/components/ManifestPars int argc; bool ischrome; -@@ -397,16 +398,17 @@ void ParseManifest(NSLocationType aType, +@@ -389,16 +390,17 @@ void ParseManifest(NSLocationType aType, constexpr auto kRemoteEnabled = u"remoteenabled"_ns; constexpr auto kRemoteRequired = u"remoterequired"_ns; constexpr auto kApplication = u"application"_ns; @@ -1673,7 +1673,7 @@ diff --git a/xpcom/components/ManifestParser.cpp b/xpcom/components/ManifestPars // possible to have conditional manifest contents, so we need to recognize and // discard these tokens even when MOZ_BACKGROUNDTASKS is not set. constexpr auto kBackgroundTask = u"backgroundtask"_ns; -@@ -456,39 +458,44 @@ void ParseManifest(NSLocationType aType, +@@ -448,39 +450,44 @@ void ParseManifest(NSLocationType aType, CopyUTF8toUTF16(s, abi); abi.Insert(char16_t('_'), 0); abi.Insert(osTarget, 0); @@ -1718,7 +1718,7 @@ diff --git a/xpcom/components/ManifestParser.cpp b/xpcom/components/ManifestPars process = kMain; } -@@ -583,25 +590,27 @@ void ParseManifest(NSLocationType aType, +@@ -571,25 +578,27 @@ void ParseManifest(NSLocationType aType, // When in background task mode, default to not registering // category directivies unless backgroundtask=1 is specified. TriState stBackgroundTask = (BackgroundTasks::IsBackgroundTaskMode() && @@ -1746,7 +1746,7 @@ diff --git a/xpcom/components/ManifestParser.cpp b/xpcom/components/ManifestPars continue; } -@@ -650,17 +659,17 @@ void ParseManifest(NSLocationType aType, +@@ -638,17 +647,17 @@ void ParseManifest(NSLocationType aType, } LogMessageWithContext( diff --git a/mozilla-silence-no-return-type.patch b/mozilla-silence-no-return-type.patch index 9085754..44e6b15 100644 --- a/mozilla-silence-no-return-type.patch +++ b/mozilla-silence-no-return-type.patch @@ -1,10 +1,10 @@ # HG changeset patch -# Parent df69adcb42a137798460d007b5acae9ec85b95fd +# Parent baaeb7c2d2540633134a74438dab2768ea4c97ef diff --git a/Cargo.lock b/Cargo.lock --- a/Cargo.lock +++ b/Cargo.lock -@@ -2347,18 +2347,16 @@ name = "glsl-to-cxx" +@@ -2363,18 +2363,16 @@ name = "glsl-to-cxx" version = "0.1.0" dependencies = [ "glsl", @@ -26,14 +26,14 @@ diff --git a/Cargo.lock b/Cargo.lock diff --git a/Cargo.toml b/Cargo.toml --- a/Cargo.toml +++ b/Cargo.toml -@@ -150,16 +150,17 @@ async-task = { git = "https://github.com +@@ -143,16 +143,17 @@ async-task = { git = "https://github.com chardetng = { git = "https://github.com/hsivonen/chardetng", rev="3484d3e3ebdc8931493aa5df4d7ee9360a90e76b" } chardetng_c = { git = "https://github.com/hsivonen/chardetng_c", rev="ed8a4c6f900a90d4dbc1d64b856e61490a1c3570" } coremidi = { git = "https://github.com/chris-zen/coremidi.git", rev="fc68464b5445caf111e41f643a2e69ccce0b4f83" } fog = { path = "toolkit/components/glean/api" } libudev-sys = { path = "dom/webauthn/libudev-sys" } - packed_simd = { package = "packed_simd_2", git = "https://github.com/hsivonen/packed_simd", rev="c149d0a519bf878567c7630096737669ec2ff15f" } - midir = { git = "https://github.com/mozilla/midir.git", rev = "4c11f0ffb5d6a10de4aff40a7b81218b33b94e6f" } + packed_simd = { package = "packed_simd_2", git = "https://github.com/hsivonen/packed_simd", rev="90eebb82a107cbec1c8e406d9223819417e96de1" } + midir = { git = "https://github.com/mozilla/midir.git", rev = "e1b4dcb767f9e69afe95a860374aaa9635d81e3d" } minidump_writer_linux = { git = "https://github.com/rust-minidump/minidump-writer.git", rev = "75ada456c92a429704691a85e1cb42fef8cafc0d" } +glslopt = { path = "third_party/rust/glslopt/" } diff --git a/tar_stamps b/tar_stamps index ac44944..fea3f88 100644 --- a/tar_stamps +++ b/tar_stamps @@ -1,10 +1,10 @@ PRODUCT="firefox" CHANNEL="release" -VERSION="103.0.2" +VERSION="104.0" VERSION_SUFFIX="" -PREV_VERSION="103.0.1" +PREV_VERSION="103.0.2" PREV_VERSION_SUFFIX="" #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release" -RELEASE_TAG="97d08aedd7235666566f23d51b4a966a0be0bc42" -RELEASE_TIMESTAMP="20220808125904" +RELEASE_TAG="ae56b3bb7fa30ac2160cce6fb65aa95ce6586959" +RELEASE_TIMESTAMP="20220818191623"