Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package MozillaFirefox for openSUSE:Factory checked in at 2023-03-06 18:54:05 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old) and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.31432 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "MozillaFirefox" Mon Mar 6 18:54:05 2023 rev:389 rq:1069444 version:110.0.1 Changes: -------- --- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes 2023-02-02 18:21:34.512969125 +0100 +++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.31432/MozillaFirefox.changes 2023-03-06 18:54:06.680223855 +0100 @@ -1,0 +2,67 @@ +Sat Mar 4 16:03:22 UTC 2023 - Andreas Stieger <andreas.stie...@gmx.de> + +- Fix 32 bit build bmo#1810584 add mozilla-bmo1810584.patch + +------------------------------------------------------------------- +Fri Mar 3 17:29:27 UTC 2023 - Andreas Stieger <andreas.stie...@gmx.de> + +- Mozilla Firefox 110.0.1 boo#1208886 + * Fixed clearing recent cookies clears all cookies + (bmo#1816279) + * Fixed WebGL crashes on Linux when ran inside a VMWare virtual + machine (bmo#1807942) + * Fixed a bug with CSP serialization causing bugs with the MitID + Digital ID in Denmark (Bug 1819096) + +------------------------------------------------------------------- +Wed Feb 15 09:56:46 UTC 2023 - Wolfgang Rosenauer <w...@rosenauer.org> + +- Mozilla Firefox 110.0 + * https://www.mozilla.org/en-US/firefox/110.0/releasenotes + MFSA 2023-05 (bsc#1208144) + * CVE-2023-25728 (bmo#1790345) + Content security policy leak in violation reports using iframes + * CVE-2023-25730 (bmo#1794622) + Screen hijack via browser fullscreen mode + * CVE-2023-25743 (bmo#1800203) + Fullscreen notification not shown in Firefox Focus + * CVE-2023-0767 (bmo#1804640) + Arbitrary memory write via PKCS 12 in NSS + * CVE-2023-25735 (bmo#1810711) + Potential use-after-free from compartment mismatch in SpiderMonkey + * CVE-2023-25737 (bmo#1811464) + Invalid downcast in SVGUtils::SetupStrokeGeometry + * CVE-2023-25738 (bmo#1811852) + Printing on Windows could potentially crash Firefox with some + device drivers + * CVE-2023-25739 (bmo#1811939) + Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext + * CVE-2023-25729 (bmo#1792138) + Extensions could have opened external schemes without user knowledge + * CVE-2023-25732 (bmo#1804564) + Out of bounds memory write from EncodeInputStream + * CVE-2023-25734 (bmo#1784451, bmo#1809923, bmo#1810143, bmo#1812338) + Opening local .url files could cause unexpected network loads + * CVE-2023-25740 (bmo#1812354) + Opening local .scf files could cause unexpected network loads + * CVE-2023-25731 (bmo#1801542) + Prototype pollution when rendering URLPreview + * CVE-2023-25733 (bmo#1808632) + Possible null pointer dereference in TaskbarPreviewCallback + * CVE-2023-25736 (bmo#1811331) + Invalid downcast in GetTableSelectionMode + * CVE-2023-25741 (bmo#1437126, bmo#1812611, bmo#1813376) + Same-origin policy leak via image drag and drop + * CVE-2023-25742 (bmo#1813424) + Web Crypto ImportKey crashes tab + * CVE-2023-25744 (bmo#1789449, bmo#1803628, bmo#1810536) + Memory safety bugs fixed in Firefox 110 and Firefox ESR 102.8 + * CVE-2023-25745 (bmo#1688592, bmo#1797186, bmo#1804998, + bmo#1806521, bmo#1813284) + Memory safety bugs fixed in Firefox 110 +- requires + NSS = 3.87 + rust/cargo = 1.66 +- update create-tar.sh + +------------------------------------------------------------------- Old: ---- firefox-109.0.1.source.tar.xz firefox-109.0.1.source.tar.xz.asc l10n-109.0.1.tar.xz New: ---- firefox-110.0.1.source.tar.xz firefox-110.0.1.source.tar.xz.asc l10n-110.0.1.tar.xz mozilla-bmo1810584.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ MozillaFirefox.spec ++++++ --- /var/tmp/diff_new_pack.u8bZTu/_old 2023-03-06 18:54:53.712463831 +0100 +++ /var/tmp/diff_new_pack.u8bZTu/_new 2023-03-06 18:54:53.716463851 +0100 @@ -28,9 +28,9 @@ # orig_suffix b3 # major 69 # mainver %major.99 -%define major 109 +%define major 110 %define mainver %major.0.1 -%define orig_version 109.0.1 +%define orig_version 110.0.1 %define orig_suffix %{nil} %define update_channel release %define branding 1 @@ -99,17 +99,17 @@ BuildRequires: gcc-c++ %endif %if 0%{?suse_version} < 1550 && 0%{?sle_version} < 150300 -BuildRequires: cargo >= 1.63 -BuildRequires: rust >= 1.63 +BuildRequires: cargo >= 1.65 +BuildRequires: rust >= 1.65 %else # Newer sle/leap/tw use parallel versioned rust releases which have # a different method for provides that we can use to request a # specific version # minimal requirement: -BuildRequires: rust+cargo >= 1.63 +BuildRequires: rust+cargo >= 1.65 # actually used upstream: -BuildRequires: cargo1.65 -BuildRequires: rust1.65 +BuildRequires: cargo1.66 +BuildRequires: rust1.66 %endif %if 0%{useccache} != 0 BuildRequires: ccache @@ -120,7 +120,7 @@ BuildRequires: libproxy-devel BuildRequires: makeinfo BuildRequires: mozilla-nspr-devel >= 4.35 -BuildRequires: mozilla-nss-devel >= 3.86 +BuildRequires: mozilla-nss-devel >= 3.87 BuildRequires: nasm >= 2.14 BuildRequires: nodejs >= 10.22.1 %if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000 @@ -193,7 +193,7 @@ Source11: firefox.1 Source12: mozilla-get-app-id Source13: spellcheck.js -Source14: https://github.com/openSUSE/firefox-scripts/raw/4503820/create-tar.sh +Source14: https://github.com/openSUSE/firefox-scripts/raw/7335408da3073ec6b582fc364010cf09665765b3/create-tar.sh Source15: firefox-appdata.xml Source16: %{name}.changes Source17: firefox-search-provider.ini @@ -228,6 +228,7 @@ Patch25: one_swizzle_to_rule_them_all.patch Patch26: svg-rendering.patch Patch27: mozilla-buildfixes.patch +Patch28: mozilla-bmo1810584.patch # Firefox/browser Patch101: firefox-kde.patch Patch102: firefox-branded-icons.patch ++++++ create-tar.sh ++++++ ++++ 648 lines (skipped) ++++ between /work/SRC/openSUSE:Factory/MozillaFirefox/create-tar.sh ++++ and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.31432/create-tar.sh ++++++ firefox-109.0.1.source.tar.xz -> firefox-110.0.1.source.tar.xz ++++++ /work/SRC/openSUSE:Factory/MozillaFirefox/firefox-109.0.1.source.tar.xz /work/SRC/openSUSE:Factory/.MozillaFirefox.new.31432/firefox-110.0.1.source.tar.xz differ: char 15, line 1 ++++++ l10n-109.0.1.tar.xz -> l10n-110.0.1.tar.xz ++++++ /work/SRC/openSUSE:Factory/MozillaFirefox/l10n-109.0.1.tar.xz /work/SRC/openSUSE:Factory/.MozillaFirefox.new.31432/l10n-110.0.1.tar.xz differ: char 26, line 1 ++++++ mozilla-bmo1568145.patch ++++++ --- /var/tmp/diff_new_pack.u8bZTu/_old 2023-03-06 18:54:53.996465280 +0100 +++ /var/tmp/diff_new_pack.u8bZTu/_new 2023-03-06 18:54:54.000465301 +0100 @@ -10,7 +10,7 @@ diff --git a/python/mozbuild/mozbuild/action/langpack_manifest.py b/python/mozbuild/mozbuild/action/langpack_manifest.py --- a/python/mozbuild/mozbuild/action/langpack_manifest.py +++ b/python/mozbuild/mozbuild/action/langpack_manifest.py -@@ -15,16 +15,17 @@ from __future__ import absolute_import, +@@ -13,16 +13,17 @@ import argparse import datetime @@ -26,9 +26,9 @@ import mozversioncontrol import requests from fluent.syntax.parser import FluentParser - from mozbuild.configure.util import Version from mozpack.chrome.manifest import Manifest, ManifestLocale, parse_manifest -@@ -102,17 +103,17 @@ def get_dt_from_hg(path): + +@@ -101,17 +102,17 @@ def get_dt_from_hg(path): # ts == "20170914215617" ### def get_timestamp_for_locale(path): ++++++ mozilla-bmo1810584.patch ++++++ # HG changeset patch # User Iain Ireland <iirel...@mozilla.com> # Date 1674084161 0 # Node ID 0a20a4613cc423258696c2e6200dc7d34f934cb6 # Parent 26cacd18b61e629c8c45ca45c36770d3bf3f15b8 Bug 1810584: Suppress false positive error for gcc r=mgaudet Differential Revision: https://phabricator.services.mozilla.com/D167194 diff --git a/js/src/irregexp/moz.build b/js/src/irregexp/moz.build --- a/js/src/irregexp/moz.build +++ b/js/src/irregexp/moz.build @@ -9,16 +9,20 @@ FINAL_LIBRARY = "js" # Includes should be relative to parent path LOCAL_INCLUDES += ["!..", ".."] include("../js-config.mozbuild") include("../js-cxxflags.mozbuild") CXXFLAGS += ["-Wno-error=type-limits", "-Wno-error=return-type"] +# Suppress spurious warnings in third-party code. See bug 1810584. +if CONFIG["CC_TYPE"] == "gcc": + CXXFLAGS += ["-Wno-error=nonnull"] + UNIFIED_SOURCES += [ "imported/regexp-bytecode-generator.cc", "imported/regexp-bytecode-peephole.cc", "imported/regexp-bytecodes.cc", "imported/regexp-compiler-tonode.cc", "imported/regexp-dotprinter.cc", "imported/regexp-interpreter.cc", "imported/regexp-macro-assembler-tracer.cc", ++++++ mozilla-kde.patch ++++++ --- /var/tmp/diff_new_pack.u8bZTu/_old 2023-03-06 18:54:54.052465566 +0100 +++ /var/tmp/diff_new_pack.u8bZTu/_new 2023-03-06 18:54:54.056465586 +0100 @@ -3,7 +3,7 @@ # Date 1559294891 -7200 # Fri May 31 11:28:11 2019 +0200 # Node ID c2aa7198fb925e7fde96abf65b6f68b9b755f112 -# Parent a6ee87356867ce6ed5b0be1ba2c2690a488beb55 +# Parent 191cd9e24a9e0812f74c808ceef611c8b10141e1 Description: Add KDE integration to Firefox (toolkit parts) Author: Wolfgang Rosenauer <wolfg...@rosenauer.org> Author: Lubos Lunak <lu...@suse.com> @@ -31,7 +31,7 @@ #ifdef MOZ_MEMORY # include "mozmemory.h" #endif -@@ -4878,16 +4879,27 @@ nsresult Preferences::InitInitialObjects +@@ -4882,16 +4883,27 @@ nsresult Preferences::InitInitialObjects "unix.js" # if defined(_AIX) , @@ -59,7 +59,7 @@ #if defined(MOZ_WIDGET_GTK) // Under Flatpak/Snap package, load /etc/firefox/defaults/pref/*.js. -@@ -4969,17 +4981,17 @@ nsresult Preferences::InitInitialObjects +@@ -4973,17 +4985,17 @@ nsresult Preferences::InitInitialObjects } nsCOMPtr<nsIFile> path = do_QueryInterface(elem); @@ -105,7 +105,7 @@ diff --git a/python/mozbuild/mozpack/chrome/flags.py b/python/mozbuild/mozpack/chrome/flags.py --- a/python/mozbuild/mozpack/chrome/flags.py +++ b/python/mozbuild/mozpack/chrome/flags.py -@@ -229,16 +229,17 @@ class Flags(OrderedDict): +@@ -228,16 +228,17 @@ class Flags(OrderedDict): "os": StringFlag, "osversion": VersionFlag, "abi": StringFlag, @@ -126,7 +126,7 @@ diff --git a/python/mozbuild/mozpack/chrome/manifest.py b/python/mozbuild/mozpack/chrome/manifest.py --- a/python/mozbuild/mozpack/chrome/manifest.py +++ b/python/mozbuild/mozpack/chrome/manifest.py -@@ -39,16 +39,17 @@ class ManifestEntry(object): +@@ -37,16 +37,17 @@ class ManifestEntry(object): "os", "osversion", "abi", @@ -165,7 +165,7 @@ diff --git a/toolkit/mozapps/downloads/HelperAppDlg.jsm b/toolkit/mozapps/downloads/HelperAppDlg.jsm --- a/toolkit/mozapps/downloads/HelperAppDlg.jsm +++ b/toolkit/mozapps/downloads/HelperAppDlg.jsm -@@ -1239,36 +1239,66 @@ nsUnknownContentTypeDialog.prototype = { +@@ -1240,36 +1240,66 @@ nsUnknownContentTypeDialog.prototype = { params.handlerApp && params.handlerApp.executable && params.handlerApp.executable.isFile() @@ -1704,9 +1704,9 @@ + desktop = nsKDEUtils::kdeSession() ? u"kde"_ns : u"gnome"_ns; #elif defined(MOZ_WIDGET_ANDROID) bool isTablet = false; - if (mozilla::AndroidBridge::Bridge()) { - mozilla::AndroidBridge::Bridge()->GetStaticStringField( - "android/os/Build$VERSION", "RELEASE", osVersion); + if (jni::IsAvailable()) { + jni::String::LocalRef release = java::sdk::Build::VERSION::RELEASE(); + osVersion.Assign(release->ToString()); isTablet = java::GeckoAppShell::IsTablet(); } + desktop = u"android"_ns; ++++++ mozilla-pgo.patch ++++++ --- /var/tmp/diff_new_pack.u8bZTu/_old 2023-03-06 18:54:54.076465688 +0100 +++ /var/tmp/diff_new_pack.u8bZTu/_new 2023-03-06 18:54:54.080465709 +0100 @@ -1,6 +1,6 @@ # HG changeset patch # User Wolfgang Rosenauer <w...@rosenauer.org> -# Parent 855b1f176633af8ae11c0d791c8b33e9a2ae88e0 +# Parent d6f551c7b3dc20bb47526e06c44646fd159f3dd1 diff --git a/build/moz.configure/lto-pgo.configure b/build/moz.configure/lto-pgo.configure --- a/build/moz.configure/lto-pgo.configure @@ -133,17 +133,17 @@ CXX="$MOZ_FETCHES_DIR/gcc/bin/g++" + if [ -n "$MOZ_PGO" ]; then -+ if [ -z "$USE_ARTIFACT" ]; then -+ ac_add_options --enable-lto -+ fi -+ export AR="$topsrcdir/gcc/bin/gcc-ar" -+ export NM="$topsrcdir/gcc/bin/gcc-nm" -+ export RANLIB="$topsrcdir/gcc/bin/gcc-ranlib" ++ if [ -z "$USE_ARTIFACT" ]; then ++ ac_add_options --enable-lto ++ fi ++ export AR="$topsrcdir/gcc/bin/gcc-ar" ++ export NM="$topsrcdir/gcc/bin/gcc-nm" ++ export RANLIB="$topsrcdir/gcc/bin/gcc-ranlib" + fi + # We want to make sure we use binutils and other binaries in the tooltool # package. - mk_add_options "export PATH=$MOZ_FETCHES_DIR/gcc/bin:$PATH" + mk_add_options "export PATH=$MOZ_FETCHES_DIR/gcc/bin:$MOZ_FETCHES_DIR/binutils/bin:$PATH" else # For some builds we don't want to have Clang based static-analysis activated if [ -z "$DISABLE_CLANG_PLUGIN" ]; then ++++++ mozilla-silence-no-return-type.patch ++++++ --- /var/tmp/diff_new_pack.u8bZTu/_old 2023-03-06 18:54:54.104465831 +0100 +++ /var/tmp/diff_new_pack.u8bZTu/_new 2023-03-06 18:54:54.108465852 +0100 @@ -1,10 +1,10 @@ # HG changeset patch -# Parent 9d5642506b3a46c3bb28c659173d7055c9674c77 +# Parent 2ac470c477a4897e48ca399b50614af79fececc4 diff --git a/Cargo.lock b/Cargo.lock --- a/Cargo.lock +++ b/Cargo.lock -@@ -2348,18 +2348,16 @@ name = "glsl-to-cxx" +@@ -2367,18 +2367,16 @@ name = "glsl-to-cxx" version = "0.1.0" dependencies = [ "glsl", @@ -26,24 +26,24 @@ diff --git a/Cargo.toml b/Cargo.toml --- a/Cargo.toml +++ b/Cargo.toml -@@ -154,16 +154,17 @@ async-task = { git = "https://github.com - chardetng = { git = "https://github.com/hsivonen/chardetng", rev="3484d3e3ebdc8931493aa5df4d7ee9360a90e76b" } - chardetng_c = { git = "https://github.com/hsivonen/chardetng_c", rev="ed8a4c6f900a90d4dbc1d64b856e61490a1c3570" } +@@ -155,16 +155,17 @@ chardetng_c = { git = "https://github.co coremidi = { git = "https://github.com/chris-zen/coremidi.git", rev="fc68464b5445caf111e41f643a2e69ccce0b4f83" } fog = { path = "toolkit/components/glean/api" } libudev-sys = { path = "dom/webauthn/libudev-sys" } packed_simd = { package = "packed_simd_2", git = "https://github.com/hsivonen/packed_simd", rev="412f9a0aa556611de021bde89dee8fefe6e0fbbd" } - midir = { git = "https://github.com/mozilla/midir.git", rev = "e1b4dcb767f9e69afe95a860374aaa9635d81e3d" } - minidump_writer_linux = { git = "https://github.com/rust-minidump/minidump-writer.git", rev = "75ada456c92a429704691a85e1cb42fef8cafc0d" } + midir = { git = "https://github.com/mozilla/midir.git", rev = "519e651241e867af3391db08f9ae6400bc023e18" } + minidump-writer = { git = "https://github.com/rust-minidump/minidump-writer.git", rev = "7d76616d27b9dc87fe3a94639b8b4f947d52a6aa" } + # warp 0.3.3 + https://github.com/seanmonstar/warp/pull/1007 + warp = { git = "https://github.com/glandium/warp", rev = "4af45fae95bc98b0eba1ef0db17e1dac471bb23d" } +glslopt = { path = "third_party/rust/glslopt/" } # application-services overrides to make updating them all simpler. - interrupt-support = { git = "https://github.com/mozilla/application-services", rev = "d7dbd32fa379ad46820476222f4d2aeaed2d7175" } - sql-support = { git = "https://github.com/mozilla/application-services", rev = "d7dbd32fa379ad46820476222f4d2aeaed2d7175" } - sync15 = { git = "https://github.com/mozilla/application-services", rev = "d7dbd32fa379ad46820476222f4d2aeaed2d7175" } - tabs = { git = "https://github.com/mozilla/application-services", rev = "d7dbd32fa379ad46820476222f4d2aeaed2d7175" } - viaduct = { git = "https://github.com/mozilla/application-services", rev = "d7dbd32fa379ad46820476222f4d2aeaed2d7175" } - webext-storage = { git = "https://github.com/mozilla/application-services", rev = "d7dbd32fa379ad46820476222f4d2aeaed2d7175" } + interrupt-support = { git = "https://github.com/mozilla/application-services", rev = "51b984ecb21ba00694c3eee33364123a064a7cbb" } + sql-support = { git = "https://github.com/mozilla/application-services", rev = "51b984ecb21ba00694c3eee33364123a064a7cbb" } + sync15 = { git = "https://github.com/mozilla/application-services", rev = "51b984ecb21ba00694c3eee33364123a064a7cbb" } + tabs = { git = "https://github.com/mozilla/application-services", rev = "51b984ecb21ba00694c3eee33364123a064a7cbb" } + viaduct = { git = "https://github.com/mozilla/application-services", rev = "51b984ecb21ba00694c3eee33364123a064a7cbb" } + webext-storage = { git = "https://github.com/mozilla/application-services", rev = "51b984ecb21ba00694c3eee33364123a064a7cbb" } diff --git a/gfx/skia/skia/include/codec/SkEncodedOrigin.h b/gfx/skia/skia/include/codec/SkEncodedOrigin.h --- a/gfx/skia/skia/include/codec/SkEncodedOrigin.h +++ b/gfx/skia/skia/include/codec/SkEncodedOrigin.h @@ -2223,7 +2223,7 @@ diff --git a/third_party/libwebrtc/modules/audio_processing/audio_processing_impl.cc b/third_party/libwebrtc/modules/audio_processing/audio_processing_impl.cc --- a/third_party/libwebrtc/modules/audio_processing/audio_processing_impl.cc +++ b/third_party/libwebrtc/modules/audio_processing/audio_processing_impl.cc -@@ -114,16 +114,17 @@ GainControl::Mode Agc1ConfigModeToInterf +@@ -115,16 +115,17 @@ GainControl::Mode Agc1ConfigModeToInterf case Agc1Config::kAdaptiveAnalog: return GainControl::kAdaptiveAnalog; case Agc1Config::kAdaptiveDigital: @@ -2241,7 +2241,7 @@ // Maximum lengths that frame of samples being passed from the render side to // the capture side can have (does not apply to AEC3). -@@ -1955,16 +1956,17 @@ void AudioProcessingImpl::InitializeNois +@@ -1956,16 +1957,17 @@ void AudioProcessingImpl::InitializeNois case NoiseSuppresionConfig::kModerate: return NsConfig::SuppressionLevel::k12dB; case NoiseSuppresionConfig::kHigh: ++++++ tar_stamps ++++++ --- /var/tmp/diff_new_pack.u8bZTu/_old 2023-03-06 18:54:54.176466198 +0100 +++ /var/tmp/diff_new_pack.u8bZTu/_new 2023-03-06 18:54:54.180466219 +0100 @@ -1,11 +1,11 @@ PRODUCT="firefox" CHANNEL="release" -VERSION="109.0.1" +VERSION="110.0.1" VERSION_SUFFIX="" -PREV_VERSION="109.0" +PREV_VERSION="110.0" PREV_VERSION_SUFFIX="" #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release" -RELEASE_TAG="30244986d6ff55bc3396db436fe1dba555828106" -RELEASE_TIMESTAMP="20230127170202" +RELEASE_TAG="36ae3bdd6923c31262b6452d02323e856a19e5af" +RELEASE_TIMESTAMP="20230227191043"