- Mozilla Firefox 96.0

* https://www.mozilla.org/en-US/firefox/96.0/releasenotes MFSA 2022-01 (bsc#1194547) * CVE-2022-22746 (bmo#1735071) Calling into reportValidity could have lead to fullscreen window spoof * CVE-2022-22743 (bmo#1739220) Browser window spoof using fullscreen mode * CVE-2022-22742 (bmo#1739923) Out-of-bounds memory access when inserting text in edit mode * CVE-2022-22741 (bmo#1740389) Browser window spoof using fullscreen mode * CVE-2022-22740 (bmo#1742334) Use-after-free of ChannelEventQueue::mOwner * CVE-2022-22738 (bmo#1742382) Heap-buffer-overflow in blendGaussianBlur * CVE-2022-22737 (bmo#1745874) Race condition when playing audio files * CVE-2021-4140 (bmo#1746720) Iframe sandbox bypass with XSLT * CVE-2022-22750 (bmo#1566608) IPC passing of resource handles could have lead to sandbox bypass * CVE-2022-22749 (bmo#1705094) Lack of URL restrictions when scanning QR codes * CVE-2022-22748 (bmo#1705211) Spoofed origin on external protocol launch dialog * CVE-2022-22745 (bmo#1735856) Leaking cross-origin URLs through securitypolicyviolation event OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=951
2022-01-11 22:06:33 +00:00 · 2022-01-11 22:06:33 +00:00 · abe4d87b4e
commit abe4d87b4e
parent 2942ef5aaf
15 changed files with 127 additions and 173 deletions
--- a/MozillaFirefox.changes
+++ b/MozillaFirefox.changes
@ -1,3 +1,61 @@
+-------------------------------------------------------------------
+Sat Jan  8 10:32:46 UTC 2022 - Wolfgang Rosenauer <wr@rosenauer.org>
+
+- Mozilla Firefox 96.0
+  * https://www.mozilla.org/en-US/firefox/96.0/releasenotes
+  MFSA 2022-01 (bsc#1194547)
+  * CVE-2022-22746 (bmo#1735071)
+    Calling into reportValidity could have lead to fullscreen
+    window spoof
+  * CVE-2022-22743 (bmo#1739220)
+    Browser window spoof using fullscreen mode
+  * CVE-2022-22742 (bmo#1739923)
+    Out-of-bounds memory access when inserting text in edit mode
+  * CVE-2022-22741 (bmo#1740389)
+    Browser window spoof using fullscreen mode
+  * CVE-2022-22740 (bmo#1742334)
+    Use-after-free of ChannelEventQueue::mOwner
+  * CVE-2022-22738 (bmo#1742382)
+    Heap-buffer-overflow in blendGaussianBlur
+  * CVE-2022-22737 (bmo#1745874)
+    Race condition when playing audio files
+  * CVE-2021-4140 (bmo#1746720)
+    Iframe sandbox bypass with XSLT
+  * CVE-2022-22750 (bmo#1566608)
+    IPC passing of resource handles could have lead to sandbox
+    bypass
+  * CVE-2022-22749 (bmo#1705094)
+    Lack of URL restrictions when scanning QR codes
+  * CVE-2022-22748 (bmo#1705211)
+    Spoofed origin on external protocol launch dialog
+  * CVE-2022-22745 (bmo#1735856)
+    Leaking cross-origin URLs through securitypolicyviolation
+    event
+  * CVE-2022-22744 (bmo#1737252)
+    The 'Copy as curl' feature in DevTools did not fully escape
+    website-controlled data, potentially leading to command
+    injection
+  * CVE-2022-22747 (bmo#1735028)
+    Crash when handling empty pkcs7 sequence
+  * CVE-2022-22736 (bmo#1742692)
+    Potential local privilege escalation when loading modules
+    from the install directory.
+  * CVE-2022-22739 (bmo#1744158)
+    Missing throttling on external protocol launch dialog
+  * CVE-2022-22751 (bmo#1664149, bmo#1737816, bmo#1739366,
+    bmo#1740274, bmo#1740797, bmo#1741201, bmo#1741869,
+    bmo#1743221, bmo#1743515, bmo#1745373, bmo#1746011)
+    Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5
+  * CVE-2022-22752 (bmo#1740534, bmo#1741210, bmo#1742770)
+    Memory safety bugs fixed in Firefox 96
+- removed obsolete patches
+  * mozilla-bmo1745560.patch
+  * mozilla-bmo1744896.patch
+  * mozilla-sandbox-fips.patch
+- requires
+  NSPR >= 4.33
+  NSS  >= 3.73.1
+
 -------------------------------------------------------------------
 Tue Dec 28 17:45:28 UTC 2021 - Bjørn Lie <bjorn.lie@gmail.com>

--- a/MozillaFirefox.spec
+++ b/MozillaFirefox.spec
@ -1,7 +1,7 @@
 #
 # spec file
 #
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
 #               2006-2021 Wolfgang Rosenauer <wr@rosenauer.org>
 #
 # All modifications and additions to the file contributed by third parties
@ -28,9 +28,9 @@
 # orig_suffix b3
 # major 69
 # mainver %major.99
-%define major          95
-%define mainver        %major.0.2
-%define orig_version   95.0.2
+%define major          96
+%define mainver        %major.0
+%define orig_version   96.0
 %define orig_suffix    %{nil}
 %define update_channel release
 %define branding       1
@ -116,8 +116,8 @@ BuildRequires:  libcurl-devel
 BuildRequires:  libiw-devel
 BuildRequires:  libproxy-devel
 BuildRequires:  makeinfo
-BuildRequires:  mozilla-nspr-devel >= 4.32
-BuildRequires:  mozilla-nss-devel >= 3.71
+BuildRequires:  mozilla-nspr-devel >= 4.33
+BuildRequires:  mozilla-nss-devel >= 3.73.1
 BuildRequires:  nasm >= 2.14
 BuildRequires:  nodejs >= 10.22.1
 %if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000
@ -203,28 +203,25 @@ Patch1:         mozilla-nongnome-proxies.patch
 Patch2:         mozilla-kde.patch
 Patch3:         mozilla-ntlm-full-path.patch
 Patch4:         mozilla-aarch64-startup-crash.patch
-Patch6:         mozilla-sandbox-fips.patch
-Patch7:         mozilla-fix-aarch64-libopus.patch
-Patch9:         mozilla-s390-context.patch
-Patch10:        mozilla-pgo.patch
-Patch11:        mozilla-reduce-rust-debuginfo.patch
-Patch13:        mozilla-bmo1005535.patch
-Patch14:        mozilla-bmo1568145.patch
-Patch15:        mozilla-bmo1504834-part1.patch
-Patch16:        mozilla-bmo1504834-part2.patch
-Patch17:        mozilla-bmo1504834-part3.patch
-Patch19:        mozilla-bmo1512162.patch
-Patch20:        mozilla-fix-top-level-asm.patch
-Patch21:        mozilla-bmo1504834-part4.patch
-Patch22:        mozilla-bmo849632.patch
-Patch25:        mozilla-bmo998749.patch
-Patch26:        mozilla-bmo1626236.patch
-Patch27:        mozilla-s390x-skia-gradient.patch
-Patch28:        mozilla-libavcodec58_91.patch
-Patch29:        mozilla-silence-no-return-type.patch
-Patch31:        mozilla-bmo531915.patch
-Patch32:        mozilla-bmo1745560.patch
-Patch33:        mozilla-bmo1744896.patch
+Patch5:         mozilla-fix-aarch64-libopus.patch
+Patch6:         mozilla-s390-context.patch
+Patch7:         mozilla-pgo.patch
+Patch8:         mozilla-reduce-rust-debuginfo.patch
+Patch9:         mozilla-bmo1005535.patch
+Patch10:        mozilla-bmo1568145.patch
+Patch11:        mozilla-bmo1504834-part1.patch
+Patch12:        mozilla-bmo1504834-part2.patch
+Patch13:        mozilla-bmo1504834-part3.patch
+Patch14:        mozilla-bmo1512162.patch
+Patch15:        mozilla-fix-top-level-asm.patch
+Patch16:        mozilla-bmo1504834-part4.patch
+Patch17:        mozilla-bmo849632.patch
+Patch18:        mozilla-bmo998749.patch
+Patch19:        mozilla-bmo1626236.patch
+Patch20:        mozilla-s390x-skia-gradient.patch
+Patch21:        mozilla-libavcodec58_91.patch
+Patch22:        mozilla-silence-no-return-type.patch
+Patch23:        mozilla-bmo531915.patch
 # Firefox/browser
 Patch101:       firefox-kde.patch
 Patch102:       firefox-branded-icons.patch
@ -333,28 +330,25 @@ cd $RPM_BUILD_DIR/%{srcname}-%{orig_version}
 %patch2 -p1
 %patch3 -p1
 %patch4 -p1
+%patch5 -p1
 %patch6 -p1
 %patch7 -p1
+%patch8 -p1
 %patch9 -p1
 %patch10 -p1
 %patch11 -p1
+%patch12 -p1
 %patch13 -p1
 %patch14 -p1
 %patch15 -p1
 %patch16 -p1
 %patch17 -p1
+%patch18 -p1
 %patch19 -p1
 %patch20 -p1
 %patch21 -p1
 %patch22 -p1
-%patch25 -p1
-%patch26 -p1
-%patch27 -p1
-%patch28 -p1
-%patch29 -p1
-%patch31 -p1
-%patch32 -p1
-%patch33 -p1
+%patch23 -p1
 # Firefox
 %patch101 -p1
 %patch102 -p1
--- a/firefox-95.0.2.source.tar.xz
+++ b/firefox-95.0.2.source.tar.xz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:c178cbf61979bd39a8daa9a09c6e03089da37baded692ad1f745ecfcaae74d64
-size 384674224
--- a/firefox-95.0.2.source.tar.xz.asc
+++ b/firefox-95.0.2.source.tar.xz.asc
@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-
-iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmG+SckACgkQ6+QekPbx
-L23tPRAAqGSghR7WZBqehxYjaUKqSEUyB1+nGXzZKkHSSHoQRHoy8afbCtzXGiC0
-5MC9rPnsnsSm3nsgJcof/0lJzbLH6zFqOUCVkIhA/ynJIGGhYo7MEpH8/DlJtppV
-j0l3JYPcKWw6tzXsiXVgCYmQYKqpT+kyhm6cxTOyg24MvgYGApIOEY2D992EUi24
-dE+JDV4fEjnD5/r2RJPG4GMDvGYFFsY6Y5qkGCP4C6VgPanmSBolB/CaoqhJdyG5
-FdC4m1DE6/p1k30tMWwtaKyXfGaHyENqGU+KNDkgqY2HMqZzzAYiNkQjtb67WwLn
-dpuNTmCoq05JAgaJuA5fn0lf4ZwwP3Dhk8XF9V1Rx+8YLiH/S9RnRAdmEZpdbmOy
-yvg8jBrIQUe0EojSg4qCcG1gtvWLZVlG7ODewkz5sOch/0TbEy2bBWjbwC7UnAC2
-XDnHgBT2FRzfMp1mDSuV5F74uIICjoDHpAmGtc+1bjBX4JtQtyB+CWl5PiP0a3al
-8qCtVI9EMo9P4L7ooU5L+ByoA6+1DpQChCkCAhB/3QAhUdkwzE4EnYNsYIgzSnzw
-SWftC2M1OA0h31vWn062ewCaG+KHne2lKfActDbu09rUxMBhunfJZmsmh3ttnEJT
-Xuj51c6f8gFc1yRFzbDu7ZgxP9O2BxvLFvemc9v/PyVmUQeLpLk=
-=Q1X4
-----END PGP SIGNATURE-----
--- a/firefox-96.0.source.tar.xz
+++ b/firefox-96.0.source.tar.xz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:b4b03214ad838fe2744fed26c497c8a6fa7aedc95f47d4146da1cf5cc97860c0
+size 410165944
--- a/firefox-96.0.source.tar.xz.asc
+++ b/firefox-96.0.source.tar.xz.asc
@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEEQ2D+IQnEl2MYb44h6+QekPbxL20FAmHXOAwACgkQ6+QekPbx
+L21QmA/9HyxypJ1z1sNEL/UHmp/ZIv5IrYmMgS8ePi3+R0xYMw1mwv/0GKos3NVa
+38zpd8XQWSliADO0HqHomyf/XqZf61BS7OF8qS872LGGWVwR42PBZyn4trsvo5i0
+i5tJmAKw0Rt8UZSCo8locOntLhrwddibe0m7ioel+1aqnNn9XX8j3YCDhXiEArkK
+6TWslGd4K6qZ4v12l+Ry1bPgnrptLHX8YU7oQXruZ4O9kpBjPioyGQFGni2NgFPl
+TByRtFyqUqrnzzcsOK7OT7hDkBBBvKp5uJt+zGoDuZsCXpv3DtfvV3yvNtGPWJCC
+Hxp94+cjhEZlzWiguvP3Qm+liuqZDeFrK5+GlzSk9yVWsJ4/16ui5tH+QA0EE3Qr
+iZzXIMVkG89vdU9GkRkuhEtytEy2p1aWk4S/D8/L0E9w23DKkpCey39DSkMI6mqH
+NuTlOkj8TwESnPw4tWTsF8eFO1AoohlkbzGR4xY9WG5P99eXCZQ27TvBXGeHRpyN
+pu/ZajVryGy9GVYU/Cc0OXOpruvH3HSj1PdsdZzjB0e05a3T+G5hUOCJoA1NqI6r
+PxU/tecZFoqtuCB3iELs2G2ZMngtdkJS2O5VN5WfMxbhL4fBEBZsLq2NA98PBD37
+ziFKB40mbIwWmzipCQcJ/SkMksLxJSoyMZ4oFkEfXX4RWvEfxaw=
+=zP98
+-----END PGP SIGNATURE-----
--- a/l10n-95.0.2.tar.xz
+++ b/l10n-95.0.2.tar.xz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:8ecd6fb56c34d30fe0696155e473db8725ba9e0e01b5f37e7ca9b5f188d4b576
-size 49025040
--- a/l10n-96.0.tar.xz
+++ b/l10n-96.0.tar.xz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:83aeb97d1afc70328dc600d2282a35070837944634166ad153d4eb8fb7c1748c
+size 49474288
--- a/mozilla-bmo1744896.patch
+++ b/mozilla-bmo1744896.patch
@ -1,43 +0,0 @@
-diff -up firefox-95.0.2/widget/gtk/nsWindow.cpp.1744896 firefox-95.0.2/widget/gtk/nsWindow.cpp
--- firefox-95.0.2/widget/gtk/nsWindow.cpp.1744896	2021-12-23 11:54:31.522539340 +0100
-+++ firefox-95.0.2/widget/gtk/nsWindow.cpp	2021-12-23 11:55:56.070270174 +0100
-@@ -5765,6 +5765,17 @@ nsresult nsWindow::Create(nsIWidget* aPa
-       }
-     }
- #endif
-+#ifdef MOZ_WAYLAND
-+  // Initialize the window specific VsyncSource early in order to avoid races
-+  // with BrowserParent::UpdateVsyncParentVsyncSource().
-+  // Only use for toplevel windows for now, see bug 1619246.
-+  if (GdkIsWaylandDisplay() &&
-+      StaticPrefs::widget_wayland_vsync_enabled_AtStartup() &&
-+      mWindowType == eWindowType_toplevel) {
-+    mWaylandVsyncSource = new WaylandVsyncSource();
-+    MOZ_RELEASE_ASSERT(mWaylandVsyncSource);
-+  }
-+#endif
- 
-     // We create input contexts for all containers, except for
-     // toplevel popup windows
-@@ -6077,19 +6088,12 @@ void nsWindow::ResumeCompositorFromCompo
- 
- void nsWindow::WaylandStartVsync() {
- #ifdef MOZ_WAYLAND
-  // only use for toplevel windows for now - see bug 1619246
-  if (!GdkIsWaylandDisplay() ||
-      !StaticPrefs::widget_wayland_vsync_enabled_AtStartup() ||
-      mWindowType != eWindowType_toplevel) {
-+  if (!mWaylandVsyncSource) {
-     return;
-   }
- 
-   LOG("nsWindow::WaylandStartVsync() [%p]\n", (void*)this);
- 
-  if (!mWaylandVsyncSource) {
-    mWaylandVsyncSource = new WaylandVsyncSource();
-  }
-
-   WaylandVsyncSource::WaylandDisplay& display =
-       static_cast<WaylandVsyncSource::WaylandDisplay&>(
-           mWaylandVsyncSource->GetGlobalDisplay());
-
--- a/mozilla-bmo1745560.patch
+++ b/mozilla-bmo1745560.patch
@ -1,15 +0,0 @@
-diff --git a/widget/gtk/mozwayland/mozwayland.c b/widget/gtk/mozwayland/mozwayland.c
--- a/widget/gtk/mozwayland/mozwayland.c
-+++ b/widget/gtk/mozwayland/mozwayland.c
-@@ -200,3 +200,10 @@
- 
- MOZ_EXPORT void wl_list_insert_list(struct wl_list* list,
-                                     struct wl_list* other) {}
-+
-+MOZ_EXPORT struct wl_proxy* wl_proxy_marshal_flags(
-+    struct wl_proxy* proxy, uint32_t opcode,
-+    const struct wl_interface* interface, uint32_t version, uint32_t flags,
-+    ...) {
-+  return NULL;
-+}
-
--- a/mozilla-fix-top-level-asm.patch
+++ b/mozilla-fix-top-level-asm.patch
@ -49,7 +49,7 @@ diff --git a/security/sandbox/linux/moz.build b/security/sandbox/linux/moz.build
     ]
 
 if CONFIG["CC_TYPE"] in ("clang", "gcc"):
-     CXXFLAGS += ["-Wno-shadow", "-Wno-error=stack-protector"]
+     CXXFLAGS += ["-Wno-error=stack-protector"]
     SOURCES["../chromium/sandbox/linux/services/syscall_wrappers.cc"].flags += [
         "-Wno-empty-body",
     ]
--- a/mozilla-kde.patch
+++ b/mozilla-kde.patch
@ -3,7 +3,7 @@
 # Date 1559294891 -7200
 #      Fri May 31 11:28:11 2019 +0200
 # Node ID c2aa7198fb925e7fde96abf65b6f68b9b755f112
-# Parent  d065e5213c971b1f80d4a13458c412a3a25f7c1c
+# Parent  9db1669be16001a48b62d147070fb75f60bac251
 Description: Add KDE integration to Firefox (toolkit parts)
 Author: Wolfgang Rosenauer <wolfgang@rosenauer.org>
 Author: Lubos Lunak <lunak@suse.com>
@ -81,7 +81,7 @@ diff --git a/modules/libpref/Preferences.cpp b/modules/libpref/Preferences.cpp
 diff --git a/modules/libpref/moz.build b/modules/libpref/moz.build
 --- a/modules/libpref/moz.build
 +++ b/modules/libpref/moz.build
-@@ -118,16 +118,20 @@ EXPORTS.mozilla += [
+@@ -119,16 +119,20 @@ EXPORTS.mozilla += [
 ]
 EXPORTS.mozilla += sorted(["!" + g for g in gen_h])
 
@ -808,12 +808,12 @@ diff --git a/uriloader/exthandler/HandlerServiceParent.cpp b/uriloader/exthandle
 diff --git a/uriloader/exthandler/moz.build b/uriloader/exthandler/moz.build
 --- a/uriloader/exthandler/moz.build
 +++ b/uriloader/exthandler/moz.build
-@@ -80,17 +80,19 @@ else:
+@@ -78,17 +78,19 @@ elif CONFIG["MOZ_WIDGET_TOOLKIT"] == "ui
+ else:
+     # These files can't be built in unified mode because they redefine LOG.
     SOURCES += [
         osdir + "/nsOSHelperAppService.cpp",
     ]
-     if CONFIG["CC_TYPE"] in ("clang", "gcc"):
-         CXXFLAGS += ["-Wno-error=shadow"]
 
 if CONFIG["MOZ_WIDGET_TOOLKIT"] == "gtk":
     UNIFIED_SOURCES += [
@ -828,7 +828,7 @@ diff --git a/uriloader/exthandler/moz.build b/uriloader/exthandler/moz.build
     ]
 elif CONFIG["MOZ_WIDGET_TOOLKIT"] == "windows":
     UNIFIED_SOURCES += [
-@@ -128,16 +130,17 @@ include("/ipc/chromium/chromium-config.m
+@@ -126,16 +128,17 @@ include("/ipc/chromium/chromium-config.m
 FINAL_LIBRARY = "xul"
 
 LOCAL_INCLUDES += [
@ -1260,7 +1260,7 @@ diff --git a/uriloader/exthandler/unix/nsOSHelperAppService.cpp b/uriloader/exth
 diff --git a/widget/gtk/moz.build b/widget/gtk/moz.build
 --- a/widget/gtk/moz.build
 +++ b/widget/gtk/moz.build
-@@ -136,16 +136,17 @@ FINAL_LIBRARY = "xul"
+@@ -135,16 +135,17 @@ FINAL_LIBRARY = "xul"
 
 LOCAL_INCLUDES += [
     "/layout/base",
--- a/mozilla-pgo.patch
+++ b/mozilla-pgo.patch
@ -1,6 +1,6 @@
 # HG changeset patch
 # User Wolfgang Rosenauer <wr@rosenauer.org>
-# Parent  066aba2f6d1fbc0fe31d1864d539714041404fe6
+# Parent  ebd7e379c85889b6f8dba0542479110ab1f6b059

 diff --git a/build/moz.configure/lto-pgo.configure b/build/moz.configure/lto-pgo.configure
 --- a/build/moz.configure/lto-pgo.configure
@ -152,15 +152,15 @@ diff --git a/build/unix/mozconfig.unix b/build/unix/mozconfig.unix
 diff --git a/extensions/spellcheck/src/moz.build b/extensions/spellcheck/src/moz.build
 --- a/extensions/spellcheck/src/moz.build
 +++ b/extensions/spellcheck/src/moz.build
-@@ -26,8 +26,10 @@ LOCAL_INCLUDES += [
+@@ -23,8 +23,10 @@ LOCAL_INCLUDES += [
+     "../hunspell/glue",
+     "../hunspell/src",
+     "/dom/base",
 ]
 EXPORTS.mozilla += [
     "mozInlineSpellChecker.h",
     "mozSpellChecker.h",
 ]
- 
- if CONFIG["CC_TYPE"] in ("clang", "gcc"):
-     CXXFLAGS += ["-Wno-error=shadow"]
 +
 +CXXFLAGS += ['-fno-devirtualize']
 diff --git a/toolkit/components/terminator/nsTerminator.cpp b/toolkit/components/terminator/nsTerminator.cpp
--- a/mozilla-sandbox-fips.patch
+++ b/mozilla-sandbox-fips.patch
@ -1,40 +0,0 @@
-From: meissner@suse.com, cgrobertson@suse.com
-Subject: allow Firefox to access addtional process information
-References:
-http://bugzilla.suse.com/show_bug.cgi?id=1167132
-bsc#1174284 - Firefox tab just crashed in FIPS mode
-
-Index: firefox-93.0/security/sandbox/linux/Sandbox.cpp
-===================================================================
--- firefox-93.0.orig/security/sandbox/linux/Sandbox.cpp
-+++ firefox-93.0/security/sandbox/linux/Sandbox.cpp
-@@ -655,6 +655,7 @@ void SetMediaPluginSandbox(const char* a
-   auto files = new SandboxOpenedFiles();
-   files->Add(std::move(plugin));
-   files->Add("/dev/urandom", SandboxOpenedFile::Dup::YES);
-+  files->Add("/dev/random", SandboxOpenedFile::Dup::YES);
-   files->Add("/etc/ld.so.cache");  // Needed for NSS in clearkey.
-   files->Add("/sys/devices/system/cpu/cpu0/tsc_freq_khz");
-   files->Add("/sys/devices/system/cpu/cpu0/cpufreq/cpuinfo_max_freq");
-Index: firefox-93.0/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
-===================================================================
--- firefox-93.0.orig/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
-+++ firefox-93.0/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp
-@@ -320,6 +320,8 @@ void SandboxBrokerPolicyFactory::InitCon
- 
-   // Read permissions
-   policy->AddPath(rdonly, "/dev/urandom");
-+  policy->AddPath(rdonly, "/dev/random");
-+  policy->AddPath(rdonly, "/proc/sys/crypto/fips_enabled");
-   policy->AddPath(rdonly, "/proc/cpuinfo");
-   policy->AddPath(rdonly, "/proc/meminfo");
-   policy->AddDir(rdonly, "/sys/devices/cpu");
-@@ -792,6 +794,8 @@ SandboxBrokerPolicyFactory::GetSocketPro
-   auto policy = MakeUnique<SandboxBroker::Policy>();
- 
-   policy->AddPath(rdonly, "/dev/urandom");
-+  policy->AddPath(rdonly, "/dev/random");
-+  policy->AddPath(rdonly, "/proc/sys/crypto/fips_enabled");
-   policy->AddPath(rdonly, "/proc/cpuinfo");
-   policy->AddPath(rdonly, "/proc/meminfo");
-   policy->AddDir(rdonly, "/sys/devices/cpu");
--- a/8
+++ b/8
@ -1,10 +1,10 @@
 PRODUCT="firefox"
 CHANNEL="release"
-VERSION="95.0.2"
+VERSION="96.0"
 VERSION_SUFFIX=""
-PREV_VERSION="95.0.1"
+PREV_VERSION="95.0.2"
 PREV_VERSION_SUFFIX=""
 #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation
 RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release"
-RELEASE_TAG="1ff2cec0bb36e389df1a209a9f882b443ed48495"
-RELEASE_TIMESTAMP="20211218203254"
+RELEASE_TAG="fc698f2bd31f78fb8586e62c7b660a08d6971b92"
+RELEASE_TIMESTAMP="20220106144528"