forked from pool/MozillaFirefox
a9628fa6ae
* https://www.mozilla.org/en-US/firefox/74.0/releasenotes/ MFSA 2020-08 (bsc#1166238) * CVE-2020-6805 (bmo#1610880) Use-after-free when removing data about origins * CVE-2020-6806 (bmo#1612308) BodyStream::OnInputStreamReady was missing protections against state confusion * CVE-2020-6807 (bmo#1614971) Use-after-free in cubeb during stream destruction * CVE-2020-6808 (bmo#1247968) URL Spoofing via javascript: URL * CVE-2020-6809 (bmo#1420296) Web Extensions with the all-urls permission could access local files * CVE-2020-6810 (bmo#1432856) Focusing a popup while in fullscreen could have obscured the fullscreen notification * CVE-2020-6811 (bmo#1607742) Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection * CVE-2019-20503 (bmo#1613765) Out of bounds reads in sctp_load_addresses_from_init * CVE-2020-6812 (bmo#1616661) The names of AirPods with personally identifiable information were exposed to websites with camera or microphone permission * CVE-2020-6813 (bmo#1605814) @import statements in CSS could bypass the Content Security Policy nonce feature * CVE-2020-6814 (bmo#1592078,bmo#1604847,bmo#1608256,bmo#1612636, OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=809
37 lines
1.3 KiB
Diff
37 lines
1.3 KiB
Diff
# HG changeset patch
|
|
# User msirringhaus@suse.de
|
|
# Date 1558442998 -7200
|
|
# Tue May 21 14:49:58 2019 +0200
|
|
# Node ID 386083b58d8558141901d796ec6919a4aba7ad3a
|
|
# Parent a30a9b9aae5740f096a16118ed9e4bc45d3d1c35
|
|
bsc#991344 - Rpi3: Firefox crashes after a few seconds of usage
|
|
bmo#1302554 - ARM/AARCH64: Firefox crashes on NULL nsIChannel** result pointer in nsIOService::NewChannelFromURIWithProxyFlagsInternal()
|
|
|
|
diff --git a/netwerk/base/nsIOService.cpp b/netwerk/base/nsIOService.cpp
|
|
--- a/netwerk/base/nsIOService.cpp
|
|
+++ b/netwerk/base/nsIOService.cpp
|
|
@@ -1032,17 +1032,23 @@ nsresult nsIOService::NewChannelFromURIW
|
|
"doesn't support nsIUploadChannel2. An extension has "
|
|
"supplied a non-functional http protocol handler. This will "
|
|
"break behavior and in future releases not work at all.");
|
|
}
|
|
gHasWarnedUploadChannel2 = true;
|
|
}
|
|
}
|
|
|
|
+#if defined(__aarch64__)
|
|
+ if (result) {
|
|
+ channel.forget(result);
|
|
+ }
|
|
+#else
|
|
channel.forget(result);
|
|
+#endif
|
|
return NS_OK;
|
|
}
|
|
|
|
NS_IMETHODIMP
|
|
nsIOService::NewChannelFromURIWithProxyFlags(
|
|
nsIURI* aURI, nsIURI* aProxyURI, uint32_t aProxyFlags,
|
|
nsINode* aLoadingNode, nsIPrincipal* aLoadingPrincipal,
|
|
nsIPrincipal* aTriggeringPrincipal, uint32_t aSecurityFlags,
|