diff --git a/MozillaFirefox.changes b/MozillaFirefox.changes index 5788a7d..be955d7 100644 --- a/MozillaFirefox.changes +++ b/MozillaFirefox.changes @@ -1,3 +1,57 @@ +------------------------------------------------------------------- +Wed Aug 18 06:34:01 UTC 2021 - Wolfgang Rosenauer + +- Mozilla Firefox 91.0.1 + * Fixed an issue causing buttons on the tab bar to be resized when + loading certain websites (bmo#1704404) + * Fixed an issue which caused tabs from private windows to be + visible in non-private windows when viewing switch-to-tab results + in the address bar panel (bmo#1720369) + * Various stability fixes + MFSA 2021-37 (bsc#1189547) + * CVE-2021-29991 (bmo#1724896) + Header Splitting possible with HTTP/3 Responses + +------------------------------------------------------------------- +Mon Aug 9 14:55:22 UTC 2021 - Wolfgang Rosenauer + +- Mozilla Firefox 91.0 + MFSA 2021-33 (bsc#1188891) + * CVE-2021-29986 (bmo#1696138) + Race condition when resolving DNS names could have led to + memory corruption + * CVE-2021-29981 (bmo#1707774) + Live range splitting could have led to conflicting + assignments in the JIT + * CVE-2021-29988 (bmo#1717922) + Memory corruption as a result of incorrect style treatment + * CVE-2021-29983 (bmo#1719088) + Firefox for Android could get stuck in fullscreen mode + * CVE-2021-29984 (bmo#1720031) + Incorrect instruction reordering during JIT optimization + * CVE-2021-29980 (bmo#1722204) + Uninitialized memory in a canvas object could have led to + memory corruption + * CVE-2021-29987 (bmo#1716129) + Users could have been tricked into accepting unwanted + permissions on Linux + * CVE-2021-29985 (bmo#1722083) + Use-after-free media channels + * CVE-2021-29982 (bmo#1715318) + Single bit data leak due to incorrect JIT optimization and + type confusion + * CVE-2021-29989 (bmo#1662676, bmo#1666184, bmo#1719178, + bmo#1719998, bmo#1720568) + Memory safety bugs fixed in Firefox 91 and Firefox ESR 78.13 + * CVE-2021-29990 (bmo#1544190, bmo#1716481, bmo#1717778, + bmo#1719319, bmo#1722073) + Memory safety bugs fixed in Firefox 91 +- requires + * rustc/cargo >= 1.51 + * NSPR >= 4.32 + * NSS >= 3.68 +- force-disable webrender on BE platforms + ------------------------------------------------------------------- Sat Jul 24 07:15:54 UTC 2021 - Andreas Stieger diff --git a/MozillaFirefox.spec b/MozillaFirefox.spec index b5b6f48..b9021ba 100644 --- a/MozillaFirefox.spec +++ b/MozillaFirefox.spec @@ -32,9 +32,9 @@ # orig_suffix b3 # major 69 # mainver %major.99 -%define major 90 -%define mainver %major.0.2 -%define orig_version 90.0.2 +%define major 91 +%define mainver %major.0.1 +%define orig_version 91.0.1 %define orig_suffix %{nil} %define update_channel release %define branding 1 @@ -54,6 +54,9 @@ # define if ccache should be used or not %define useccache 1 +# SLE-12 doesn't have this macro +%{!?_rpmmacrodir: %global _rpmmacrodir %{_rpmconfigdir}/macros.d} + # Firefox only supports i686 %ifarch %ix86 ExclusiveArch: i586 i686 @@ -100,7 +103,15 @@ BuildRequires: gcc9-c++ %else BuildRequires: gcc-c++ %endif -BuildRequires: cargo >= 1.47 +%if 0%{?suse_version} < 1550 && 0%{?sle_version} < 150300 +BuildRequires: cargo >= 1.51 +BuildRequires: rust >= 1.51 +%else +# Newer sle/leap/tw use parallel versioned rust releases which have +# a different method for provides that we can use to request a +# specific version +BuildRequires: rust+cargo >= 1.51 +%endif %if 0%{useccache} != 0 BuildRequires: ccache %endif @@ -110,8 +121,8 @@ BuildRequires: libidl-devel BuildRequires: libiw-devel BuildRequires: libproxy-devel BuildRequires: makeinfo -BuildRequires: mozilla-nspr-devel >= 4.31 -BuildRequires: mozilla-nss-devel >= 3.66 +BuildRequires: mozilla-nspr-devel >= 4.32 +BuildRequires: mozilla-nss-devel >= 3.68 BuildRequires: nasm >= 2.14 BuildRequires: nodejs >= 10.22.1 %if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000 @@ -121,7 +132,6 @@ BuildRequires: python36 BuildRequires: python3 >= 3.5 BuildRequires: python3-devel %endif -BuildRequires: rust >= 1.47 BuildRequires: rust-cbindgen >= 0.19.0 BuildRequires: unzip BuildRequires: update-desktop-files @@ -367,6 +377,12 @@ sed -i "s/python3/python36/g" mach export PYTHON3=/usr/bin/python36 %endif +# Webrender does not support big endian yet, so we are forcing it off +# see: https://bugzilla.mozilla.org/show_bug.cgi?id=1716707 +%ifarch s390x ppc64 +echo 'pref("gfx.webrender.force-disabled", true);' >> %{SOURCE9} +%endif + # kdehelperversion=$(cat toolkit/xre/nsKDEUtils.cpp | grep '#define KMOZILLAHELPER_VERSION' | cut -d ' ' -f 3) if test "$kdehelperversion" != %{kde_helper_version}; then @@ -652,11 +668,8 @@ cp %{SOURCE17} %{buildroot}%{_datadir}/gnome-shell/search-providers # mkdir -p %{buildroot}%{_datadir}/mozilla/extensions/%{firefox_appid} mkdir -p %{buildroot}%{_libdir}/mozilla/extensions/%{firefox_appid} -%if %branding # Install symbolic icon for GNOME -mkdir -p %{buildroot}%{gnome_dir}/share/icons/hicolor/symbolic/apps/ -cp %{_builddir}/%{srcname}-%{orig_version}/browser/branding/official/content/identity-icons-brand.svg \ - %{buildroot}%{gnome_dir}/share/icons/hicolor/symbolic/apps/%{progname}-symbolic.svg +%if %branding for size in 16 22 24 32 48 64 128 256; do %else for size in 16 32 48; do diff --git a/firefox-90.0.2.source.tar.xz b/firefox-90.0.2.source.tar.xz deleted file mode 100644 index b5977d0..0000000 --- a/firefox-90.0.2.source.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:35c45dbc21a7bd59e5daa6b3fef7a08c51ff0a1333f47a355bb1cbc840c3ff59 -size 380670372 diff --git a/firefox-90.0.2.source.tar.xz.asc b/firefox-90.0.2.source.tar.xz.asc deleted file mode 100644 index 10c8c72..0000000 --- a/firefox-90.0.2.source.tar.xz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmD4mxoACgkQ6+QekPbx -L20sbhAAsWHM4fg9Bg1SloKaRKFHIsrOXJv2rT/5vpdNtnwglzec4oTktsPmXBLH -LcjUR7vYYN62XzrkyKWnmq2zq9NVUlP6gLNURx6M9WCeIDznjBpnUiqQFmUjJgBD -vMaB/Onm6cOq4AThnCcHb25klkbhYHuHrjQur8Gr2fkfsxt3blltn/RvSbL2Z4WQ -u4HciF5du5kx5nXxZ062lyOyDGsoN2VG/TrhB22k68KxBD3vH+eHq9QVGpH2RhM4 -8CLRuC6TcodRJ4fcIvvX84k4Va27+YL70z3Zn27vg8eK/GAuJ7GFwA+aJyClq4jt -dKKkWFgJODySCc4iHRv6JHdkHI8UolChUQPPciQnPJ3Q6FvO8XaDpLP+l4Y90pJc -kvaDddrHE/L2cSqyqGv5YgElNyqYZwtFtj84cQ/d6VpwUu8k8+wl0XPxmliFqz7b -Jb1oniJ/Yq4ncZ6vj+JvC8QIcWncKI5OvKeKSBH6hSMj1EX2ckJW3BqEkmrwIpi3 -LtY2K1d6CLHrVzhBoDTcyjBbee7DY2RFbRZfbI7/QfqcEzW3TVa10b/fWjvKkWLW -a+vvW3swN0vzlQPESTRsWaMT1jzU8UgFt7XuukXJam+QrkZ3er0GjUQEn++5HZpS -mF/C/17CMP0vGKFXyhuNYfT+Ivq0EJ9t/4Y7mV7M8GBLGOAm6Qk= -=89GF ------END PGP SIGNATURE----- diff --git a/firefox-91.0.1.source.tar.xz b/firefox-91.0.1.source.tar.xz new file mode 100644 index 0000000..f24b0b8 --- /dev/null +++ b/firefox-91.0.1.source.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:b95854ec9cb3e4409e5a1cf203c2b228146c6e3f9f3240d304cecec6b256f962 +size 389052264 diff --git a/firefox-91.0.1.source.tar.xz.asc b/firefox-91.0.1.source.tar.xz.asc new file mode 100644 index 0000000..b4eb943 --- /dev/null +++ b/firefox-91.0.1.source.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmEarIwACgkQ6+QekPbx +L22+/w/+OxM6mlW3I9ZHXEzVMyP+6SirZDm0AQdVj4VXsNcJfqUI1BCLhunq5J02 +T/nEeZlIQEiZd7WOc05Vv0AKRSs+AWbx66KIGM7N34c9lOJisJ74oIIGlbv7cHG1 +MqE+DS5WrzsO6QFzZMp/zpq9k4HSibOjSM4Vm50uqLiaQSmZoc4j2G1JBhKZqhdG +/vAFFdQ87A+Sk4V0TOMgalqFP3WTdcmhCBAL/L8j8asChIsMY1WPxd9In32z4HTO +NZ5zqWZUjSl5LqjzwT50ISLspE1PQTx+IdlTWrlMAkyvZt7waVIwv4fxSDaiwukf +GdNgdAVseiOHbEkxfwzkPtOqRItYVqnCcgUXa17s70OmjuInRXZyd9+SdDlkxUok +UDDxEKnyPjZnXFCEHwgKm0CDoR9hfDQfYRxqC29vd94gLU4mgoevnoeSogIeiA9W +5LwQTO0XoAATji5Z9V2rhg1SVDHK4ZGeKo6ZRRGhGFdHrUkWZRMoxvvG74fEiUmG +tN758R3P9of0mXFgP6j4hRnZ5gseg6uf6sZGrrk7dsY5C96whFhl29ON0bnqTnIk +4XxaSTIVhNRRn120j3B2Fi7+hvg3Z1tnHt9R9K43ZO9kQkEUKiW6teSXi2q9ncVU +rcN5Jjn/liAaMoHl9qLzCptYvv9B1oZIQBXzO13XpOVphxNCzjw= +=IFs4 +-----END PGP SIGNATURE----- diff --git a/l10n-90.0.2.tar.xz b/l10n-90.0.2.tar.xz deleted file mode 100644 index 64b6eaa..0000000 --- a/l10n-90.0.2.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:f84e59fe121846f3e2d5a2249417a2619d773d3cf58f4296284c8e3ea2aeef43 -size 51649404 diff --git a/l10n-91.0.1.tar.xz b/l10n-91.0.1.tar.xz new file mode 100644 index 0000000..409c68a --- /dev/null +++ b/l10n-91.0.1.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:51fc69a958d5f792b3d0ef94d4f9da9313685df94597eb21a0fb58e15eb9e64b +size 51031676 diff --git a/mozilla-reduce-rust-debuginfo.patch b/mozilla-reduce-rust-debuginfo.patch index 593ec70..7695b85 100644 --- a/mozilla-reduce-rust-debuginfo.patch +++ b/mozilla-reduce-rust-debuginfo.patch @@ -1,54 +1,28 @@ -# HG changeset patch -# User msirringhaus@suse.de -# Date 1560754926 -7200 -# Mon Jun 17 09:02:06 2019 +0200 -# Node ID 428161c3b9599083e1b8710eda1760f1f707ab11 -# Parent d55730171edb1935dec80234eba336787ff0e4e8 -#Description: reduce the rust debuginfo level on selected architectures where -# compiling with debuginfo=2 causes the OOM killer to interrupt the build on -# launchpad builders. Initially this was only on 32 bit architectures, but with -# firefox 63 it started happening frequently on arm64 and ppc64el too. - diff --git a/build/moz.configure/rust.configure b/build/moz.configure/rust.configure --- a/build/moz.configure/rust.configure +++ b/build/moz.configure/rust.configure -@@ -603,18 +603,19 @@ set_config("CARGO_PROFILE_DEV_OPT_LEVEL" - - - @depends( - rustc_opt_level, - debug_rust, - target, - "--enable-debug-symbols", +@@ -610,6 +610,7 @@ set_config("CARGO_PROFILE_DEV_OPT_LEVEL" "--enable-frame-pointers", -+ host, + path_remapping, + path_remappings, ++ host ) --def rust_compile_flags(opt_level, debug_rust, target, debug_symbols, frame_pointers): -+def rust_compile_flags(opt_level, debug_rust, target, debug_symbols, frame_pointers, host): + def rust_compile_flags( + opt_level, +@@ -619,6 +620,7 @@ def rust_compile_flags( + frame_pointers, + path_remapping, + path_remappings, ++ host + ): # Cargo currently supports only two interesting profiles for building: # development and release. Those map (roughly) to --enable-debug and - # --disable-debug in Gecko, respectively. - # - # But we'd also like to support an additional axis of control for - # optimization level. Since Cargo only supports 2 profiles, we're in - # a bit of a bind. - # -@@ -627,16 +628,18 @@ def rust_compile_flags(opt_level, debug_ - - # opt-level=0 implies -C debug-assertions, which may not be desired - # unless Rust debugging is enabled. - if opt_level == "0" and not debug_rust: - debug_assertions = False +@@ -642,6 +644,8 @@ def rust_compile_flags( if debug_symbols: debug_info = "2" -+ if host.bitness == 32 or host.cpu == 'aarch64' or host.cpu == 'ppc64': ++ if host.bitness == 32 or host.cpu == 'aarch64' or host.cpu == 'ppc64' or host.cpu == 's390x': + debug_info = '1' opts = [] - if debug_assertions is not None: - opts.append("debug-assertions=%s" % ("yes" if debug_assertions else "no")) - if debug_info is not None: - opts.append("debuginfo=%s" % debug_info) - if frame_pointers: diff --git a/tar_stamps b/tar_stamps index 4ae4e08..447dff4 100644 --- a/tar_stamps +++ b/tar_stamps @@ -1,11 +1,10 @@ PRODUCT="firefox" CHANNEL="release" -VERSION="90.0.2" +VERSION="91.0.1" VERSION_SUFFIX="" -PREV_VERSION="90.0.1" +PREV_VERSION="91.0" PREV_VERSION_SUFFIX="" #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation - RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release" -RELEASE_TAG="cda19fb46018c9cb8dc5e6127ebb2cfd04aa9be4" -RELEASE_TIMESTAMP="20210721174149" +RELEASE_TAG="7dafd5f51c0afd1ae627bb4762ac0c140a6cd5f5" +RELEASE_TIMESTAMP="20210816143654"