forked from pool/MozillaFirefox
c4b62217a3
* Dark mode in reader view
* Improved extension security and discovery
* Cryptomining and fingerprinting protections are added to strict
content blocking settings in Privacy & Security preferences
* Camera and microphone access now require an HTTPS connection
MFSA 2019-21 (bsc#1140868)
* CVE-2019-9811 (bmo#1538007, bmo#1539598, bmo#1563327)
Sandbox escape via installation of malicious languagepack
* CVE-2019-11711 (bmo#1552541)
Script injection within domain through inner window reuse
* CVE-2019-11712 (bmo#1543804)
Cross-origin POST requests can be made with NPAPI plugins by
following 308 redirects
* CVE-2019-11713 (bmo#1528481)
Use-after-free with HTTP/2 cached stream
* CVE-2019-11714 (bmo#1542593)
NeckoChild can trigger crash when accessed off of main thread
* CVE-2019-11729 (bmo#1515342)
Empty or malformed p256-ECDH public keys may trigger a segmentation fault
* CVE-2019-11715 (bmo#1555523)
HTML parsing error can contribute to content XSS
* CVE-2019-11716 (bmo#1552632)
globalThis not enumerable until accessed
* CVE-2019-11717 (bmo#1548306)
Caret character improperly escaped in origins
* CVE-2019-11718 (bmo#1408349)
Activity Stream writes unsanitized content to innerHTML
* CVE-2019-11719 (bmo#1540541)
Out-of-bounds read when importing curve25519 private key
OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=748
35 lines
1.5 KiB
Diff
35 lines
1.5 KiB
Diff
# HG changeset patch
|
|
# User msirringhaus@suse.de
|
|
# Date 1560754926 -7200
|
|
# Mon Jun 17 09:02:06 2019 +0200
|
|
# Node ID 428161c3b9599083e1b8710eda1760f1f707ab11
|
|
# Parent 6cd963b6c82ea6629aaf4050851789b78f310338
|
|
#Description: reduce the rust debuginfo level on selected architectures where
|
|
# compiling with debuginfo=2 causes the OOM killer to interrupt the build on
|
|
# launchpad builders. Initially this was only on 32 bit architectures, but with
|
|
# firefox 63 it started happening frequently on arm64 and ppc64el too.
|
|
|
|
diff -r 6cd963b6c82e -r 428161c3b959 build/moz.configure/toolchain.configure
|
|
--- a/build/moz.configure/toolchain.configure Tue May 21 17:26:58 2019 +0200
|
|
+++ b/build/moz.configure/toolchain.configure Mon Jun 17 09:02:06 2019 +0200
|
|
@@ -1865,8 +1865,8 @@
|
|
return '1' if moz_optimize.optimize else '0'
|
|
|
|
|
|
-@depends(rustc_opt_level, debug_rust, '--enable-debug-symbols')
|
|
-def rust_compile_flags(opt_level, debug_rust, debug_symbols):
|
|
+@depends(rustc_opt_level, debug_rust, '--enable-debug-symbols', host)
|
|
+def rust_compile_flags(opt_level, debug_rust, debug_symbols, host):
|
|
# Cargo currently supports only two interesting profiles for building:
|
|
# development and release. Those map (roughly) to --enable-debug and
|
|
# --disable-debug in Gecko, respectively.
|
|
@@ -1889,6 +1889,8 @@
|
|
|
|
if debug_symbols:
|
|
debug_info = '2'
|
|
+ if host.bitness == 32 or host.cpu == 'aarch64' or host.cpu == 'ppc64':
|
|
+ debug_info = '1'
|
|
|
|
opts = []
|
|
|