1
0
MozillaFirefox/mozilla-aarch64-startup-crash.patch
Wolfgang Rosenauer a9628fa6ae - Mozilla Firefox 74.0
* https://www.mozilla.org/en-US/firefox/74.0/releasenotes/
  MFSA 2020-08 (bsc#1166238)
  * CVE-2020-6805 (bmo#1610880)
    Use-after-free when removing data about origins
  * CVE-2020-6806 (bmo#1612308)
    BodyStream::OnInputStreamReady was missing protections against
    state confusion
  * CVE-2020-6807 (bmo#1614971)
    Use-after-free in cubeb during stream destruction
  * CVE-2020-6808 (bmo#1247968)
    URL Spoofing via javascript: URL
  * CVE-2020-6809 (bmo#1420296)
    Web Extensions with the all-urls permission could access local
    files
  * CVE-2020-6810 (bmo#1432856)
    Focusing a popup while in fullscreen could have obscured the
    fullscreen notification
  * CVE-2020-6811 (bmo#1607742)
    Devtools' 'Copy as cURL' feature did not fully escape
    website-controlled data, potentially leading to command injection
  * CVE-2019-20503 (bmo#1613765)
    Out of bounds reads in sctp_load_addresses_from_init
  * CVE-2020-6812 (bmo#1616661)
    The names of AirPods with personally identifiable information
    were exposed to websites with camera or microphone permission
  * CVE-2020-6813 (bmo#1605814)
    @import statements in CSS could bypass the Content Security
    Policy nonce feature
  * CVE-2020-6814 (bmo#1592078,bmo#1604847,bmo#1608256,bmo#1612636,

OBS-URL: https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox?expand=0&rev=809
2020-03-12 19:14:24 +00:00

37 lines
1.3 KiB
Diff

# HG changeset patch
# User msirringhaus@suse.de
# Date 1558442998 -7200
# Tue May 21 14:49:58 2019 +0200
# Node ID 386083b58d8558141901d796ec6919a4aba7ad3a
# Parent a30a9b9aae5740f096a16118ed9e4bc45d3d1c35
bsc#991344 - Rpi3: Firefox crashes after a few seconds of usage
bmo#1302554 - ARM/AARCH64: Firefox crashes on NULL nsIChannel** result pointer in nsIOService::NewChannelFromURIWithProxyFlagsInternal()
diff --git a/netwerk/base/nsIOService.cpp b/netwerk/base/nsIOService.cpp
--- a/netwerk/base/nsIOService.cpp
+++ b/netwerk/base/nsIOService.cpp
@@ -1032,17 +1032,23 @@ nsresult nsIOService::NewChannelFromURIW
"doesn't support nsIUploadChannel2. An extension has "
"supplied a non-functional http protocol handler. This will "
"break behavior and in future releases not work at all.");
}
gHasWarnedUploadChannel2 = true;
}
}
+#if defined(__aarch64__)
+ if (result) {
+ channel.forget(result);
+ }
+#else
channel.forget(result);
+#endif
return NS_OK;
}
NS_IMETHODIMP
nsIOService::NewChannelFromURIWithProxyFlags(
nsIURI* aURI, nsIURI* aProxyURI, uint32_t aProxyFlags,
nsINode* aLoadingNode, nsIPrincipal* aLoadingPrincipal,
nsIPrincipal* aTriggeringPrincipal, uint32_t aSecurityFlags,