Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package MozillaFirefox for openSUSE:Factory checked in at 2024-04-26 23:26:13 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old) and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1880 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "MozillaFirefox" Fri Apr 26 23:26:13 2024 rev:425 rq:1169983 version:125.0.2 Changes: -------- --- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes 2024-04-04 22:24:23.715194799 +0200 +++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1880/MozillaFirefox.changes 2024-04-26 23:26:20.686918219 +0200 @@ -1,0 +2,120 @@ +Sun Apr 21 04:49:23 UTC 2024 - Wolfgang Rosenauer <w...@rosenauer.org> + +- Mozilla Firefox 125.0.2 + * The 125.0 and 125.0.1 releases were skipped due to problems with a + feature that proactively blocked downloads from potentially + untrustworthy URLs + * New: Firefox now supports the AV1 codec for Encrypted Media + Extensions (EME), enabling higher-quality playback from video + streaming providers + * New: The Firefox PDF viewer now supports text highlighting. + * New: Firefox View now displays pinned tabs in the Open tabs + section. Tab indicators have also been added to Open tabs, so + users can do things like see which tabs are playing media and + quickly mute or unmute across windows. Indicators were also + added for bookmarks, tabs with notifications, and more! + their addresses upon submitting an address form, allowing + Firefox to autofill stored address information in the future. + * New: The URL Paste Suggestion feature provides a convenient + way for users to quickly visit URLs copied to the clipboard + in the address bar of Firefox. When the clipboard contains a + URL and the URL bar is focused, an autocomplete result + appears automatically. Activating the clipboard suggestion + will navigate the user to the URL with 1 click. + * New: Users of tab-specific Container add-ons can now search + in the Address Bar for tabs that are open in different + containers. Special thanks to volunteer contributor atararx + for kicking off the work on this feature! + * New: Firefox now provides an option to enable Web Proxy Auto- + Discovery (WPAD) while configured to use system proxy + settings. + * Changed: In a group of radio buttons where no option is + selected, the tab key now only reaches the first option + rather than cycling through all available options. The arrow + keys navigate between options as they do when there is a + selected option. This makes keyboard navigation more + efficient and consistent + * HTML5: Firefox now supports the `popover` global attribute + used for designating an element as a popover element. The + element won't be rendered until it is made visible, after + which it will appear on top of other page content. + * HTML5: WebAssembly multi-memory is now enabled by default. + Wasm multi-memory allows wasm modules to use and import + multiple independent linear memories. This enables more + efficient interoperability between modules and provides + better polyfills for upcoming wasm standards, such as the + component model. + * HTML5: Added support for Unicode Text Segmentation to + JavaScript. + * HTML5: Added support for `contextlost` and `contextrestored` + events on HTMLCanvasElement and OffscreenCanvas to allow user + code to recover from context loss with hardware accelerated + 2d canvas. + * HTML5: Firefox now supports the + `navigator.clipboard.readText()` web API. A paste context + menu will appear for the user to confirm when attempting to + read clipboard data not provided by the same-origin page. + * HTML5: Added support for the `content-box` and `stroke-box` + keywords of the `transform-box` CSS property. + * HTML5: The `align-content` property now works in block + layout, allowing block direction alignment without needing a + flex or grid container. + * HTML5: Support for `SVGAElement.text` was removed in favor of + the more widely-implemented `SVGAElement.textContent` method. + * Developer: Following several requests, we have reintroduced + the option to disable the Pause Debugger Overlay + (`devtools.debugger.features.overlay`). This overlay appears + over the page content when the debugger pauses JavaScript + execution. In certain scenarios, the overlay can be + intrusive, making it challenging to interact with the page, + for instance, evaluating shades of color underneath. + * Developer: We've added a new drop-down menu button at the + bottom of the source view in the Debugger panel, specifically + designed for Source Map related actions. Users can now easily + disable or enable Source Maps support, open the Source Map + file in a new tab, switch between the original source and the + generated bundle, toggle the "open original source by + default" option, and view the Source Map status such as + errors, loading status, etc. + MFSA 2024-18 (bsc#1221327) + * CVE-2024-3852 (bmo#1883542) + GetBoundName in the JIT returned the wrong object + * CVE-2024-3853 (bmo#1884427) + Use-after-free if garbage collection runs during realm initialization + * CVE-2024-3854 (bmo#1884552) + Out-of-bounds-read after mis-optimized switch statement + * CVE-2024-3855 (bmo#1885828) + Incorrect JIT optimization of MSubstr leads to out-of-bounds reads + * CVE-2024-3856 (bmo#1885829) + Use-after-free in WASM garbage collection + * CVE-2024-3857 (bmo#1886683) + Incorrect JITting of arguments led to use-after-free during + garbage collection + * CVE-2024-3858 (bmo#1888892) + Corrupt pointer dereference in js::CheckTracedThing<js::Shape> + * CVE-2024-3859 (bmo#1874489) + Integer-overflow led to out-of-bounds-read in the OpenType + sanitizer + * CVE-2024-3860 (bmo#1881417) + Crash when tracing empty shape lists + * CVE-2024-3861 (bmo#1883158) + Potential use-after-free due to AlignedBuffer self-move + * CVE-2024-3862 (bmo#1884457) + Potential use of uninitialized memory in MarkStack assignment + operator on self-assignment + * CVE-2024-3863 (bmo#1885855) + Download Protections were bypassed by .xrm-ms files on Windows + * CVE-2024-3302 (bmo#1881183, + bmo#https://kb.cert.org/vuls/id/421644) + Denial of Service using HTTP/2 CONTINUATION frames + * CVE-2024-3864 (bmo#1888333) + Memory safety bug fixed in Firefox 125, Firefox ESR 115.10, + and Thunderbird 115.10 + * CVE-2024-3865 (bmo#1881076, bmo#1884887, bmo#1885359, bmo#1889049) + Memory safety bugs fixed in Firefox 125 +- requires + NSS 3.99 + rust 1.76 +- add mozilla-libproxy-fix.patch to fix with-libproxy build variant + +------------------------------------------------------------------- Old: ---- firefox-124.0.2.source.tar.xz firefox-124.0.2.source.tar.xz.asc l10n-124.0.2.tar.xz New: ---- firefox-125.0.2.source.tar.xz firefox-125.0.2.source.tar.xz.asc l10n-125.0.2.tar.xz mozilla-libproxy-fix.patch BETA DEBUG BEGIN: New: rust 1.76 - add mozilla-libproxy-fix.patch to fix with-libproxy build variant BETA DEBUG END: ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ MozillaFirefox.spec ++++++ --- /var/tmp/diff_new_pack.rDQ29f/_old 2024-04-26 23:26:30.943292581 +0200 +++ /var/tmp/diff_new_pack.rDQ29f/_new 2024-04-26 23:26:30.947292727 +0200 @@ -28,9 +28,9 @@ # orig_suffix b3 # major 69 # mainver %%major.99 -%define major 124 +%define major 125 %define mainver %major.0.2 -%define orig_version 124.0.2 +%define orig_version 125.0.2 %define orig_suffix %{nil} %define update_channel release %define branding 1 @@ -103,8 +103,8 @@ %else BuildRequires: gcc-c++ %endif -BuildRequires: cargo1.71 -BuildRequires: rust1.71 +BuildRequires: cargo1.76 +BuildRequires: rust1.76 %if 0%{useccache} != 0 BuildRequires: ccache %endif @@ -114,7 +114,7 @@ BuildRequires: libproxy-devel BuildRequires: makeinfo BuildRequires: mozilla-nspr-devel >= 4.35 -BuildRequires: mozilla-nss-devel >= 3.98 +BuildRequires: mozilla-nss-devel >= 3.99 BuildRequires: nasm >= 2.14 BuildRequires: nodejs >= 12.22.12 %if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000 @@ -229,6 +229,7 @@ Patch22: mozilla-partial-revert-1768632.patch Patch23: mozilla-rust-disable-future-incompat.patch Patch24: mozilla-bmo1822730.patch +Patch25: mozilla-libproxy-fix.patch # Firefox/browser Patch101: firefox-kde.patch Patch102: firefox-branded-icons.patch ++++++ firefox-124.0.2.source.tar.xz -> firefox-125.0.2.source.tar.xz ++++++ /work/SRC/openSUSE:Factory/MozillaFirefox/firefox-124.0.2.source.tar.xz /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1880/firefox-125.0.2.source.tar.xz differ: char 15, line 1 ++++++ l10n-124.0.2.tar.xz -> l10n-125.0.2.tar.xz ++++++ /work/SRC/openSUSE:Factory/MozillaFirefox/l10n-124.0.2.tar.xz /work/SRC/openSUSE:Factory/.MozillaFirefox.new.1880/l10n-125.0.2.tar.xz differ: char 13, line 1 ++++++ mozilla-kde.patch ++++++ --- /var/tmp/diff_new_pack.rDQ29f/_old 2024-04-26 23:26:31.291305283 +0200 +++ /var/tmp/diff_new_pack.rDQ29f/_new 2024-04-26 23:26:31.295305429 +0200 @@ -155,7 +155,7 @@ diff --git a/toolkit/mozapps/downloads/HelperAppDlg.sys.mjs b/toolkit/mozapps/downloads/HelperAppDlg.sys.mjs --- a/toolkit/mozapps/downloads/HelperAppDlg.sys.mjs +++ b/toolkit/mozapps/downloads/HelperAppDlg.sys.mjs -@@ -1241,36 +1241,66 @@ nsUnknownContentTypeDialog.prototype = { +@@ -1227,36 +1227,66 @@ nsUnknownContentTypeDialog.prototype = { params.handlerApp && params.handlerApp.executable && params.handlerApp.executable.isFile() @@ -238,7 +238,7 @@ var nsIFilePicker = Ci.nsIFilePicker; var fp = Cc["@mozilla.org/filepicker;1"].createInstance(nsIFilePicker); fp.init( - this.mDialog, + this.mDialog.browsingContext, this.dialogElement("strings").getString("chooseAppFilePickerTitle"), nsIFilePicker.modeOpen ); @@ -283,7 +283,7 @@ nsUnixSystemProxySettings::GetMainThreadOnly(bool* aMainThreadOnly) { // dbus prevents us from being threadsafe, but this routine should not block // anyhow -@@ -388,21 +392,46 @@ nsresult nsUnixSystemProxySettings::GetP +@@ -388,24 +392,49 @@ nsresult nsUnixSystemProxySettings::GetP return NS_OK; } @@ -325,11 +325,14 @@ + return NS_OK; +} + + NS_IMETHODIMP + nsUnixSystemProxySettings::GetSystemWPADSetting(bool* aSystemWPADSetting) { + *aSystemWPADSetting = false; + return NS_OK; + } + NS_IMPL_COMPONENT_FACTORY(nsUnixSystemProxySettings) { auto result = MakeRefPtr<nsUnixSystemProxySettings>(); - result->Init(); - return result.forget().downcast<nsISupports>(); - } diff --git a/toolkit/xre/moz.build b/toolkit/xre/moz.build --- a/toolkit/xre/moz.build +++ b/toolkit/xre/moz.build ++++++ mozilla-libproxy-fix.patch ++++++ # HG changeset patch # User Wolfgang Rosenauer <w...@rosenauer.org> # Parent 302a32e4a14475d3bae305decad92870ec37bbe5 diff --git a/toolkit/system/unixproxy/nsLibProxySettings.cpp b/toolkit/system/unixproxy/nsLibProxySettings.cpp --- a/toolkit/system/unixproxy/nsLibProxySettings.cpp +++ b/toolkit/system/unixproxy/nsLibProxySettings.cpp @@ -94,11 +94,17 @@ nsresult nsUnixSystemProxySettings::GetP c++; } free(proxyArray); return NS_OK; } +NS_IMETHODIMP +nsUnixSystemProxySettings::GetSystemWPADSetting(bool* aSystemWPADSetting) { + *aSystemWPADSetting = false; + return NS_OK; +} + NS_IMPL_COMPONENT_FACTORY(nsUnixSystemProxySettings) { return do_AddRef(new nsUnixSystemProxySettings()).downcast<nsISupports>(); } ++++++ mozilla-silence-no-return-type.patch ++++++ --- /var/tmp/diff_new_pack.rDQ29f/_old 2024-04-26 23:26:31.351307473 +0200 +++ /var/tmp/diff_new_pack.rDQ29f/_new 2024-04-26 23:26:31.355307619 +0200 @@ -1,5 +1,5 @@ # HG changeset patch -# Parent 831d03cde86aa6b8803d5ac431e2d28bf85c9289 +# Parent af0655f894a27ef60aa8438af7939a5ebc498df0 diff --git a/gfx/skia/skia/include/codec/SkEncodedOrigin.h b/gfx/skia/skia/include/codec/SkEncodedOrigin.h --- a/gfx/skia/skia/include/codec/SkEncodedOrigin.h @@ -420,7 +420,7 @@ diff --git a/js/src/irregexp/imported/regexp-parser.cc b/js/src/irregexp/imported/regexp-parser.cc --- a/js/src/irregexp/imported/regexp-parser.cc +++ b/js/src/irregexp/imported/regexp-parser.cc -@@ -2644,16 +2644,17 @@ bool MayContainStrings(ClassSetOperandTy +@@ -2764,16 +2764,17 @@ bool MayContainStrings(ClassSetOperandTy return false; case ClassSetOperandType::kCharacterClassEscape: case ClassSetOperandType::kClassStringDisjunction: @@ -434,10 +434,10 @@ } // namespace - // TODO(v8:11935): Change permalink once proposal is in stage 4. - // https://arai-a.github.io/ecma262-compare/snapshot.html?pr=2418#prod-ClassUnion template <class CharT> - RegExpTree* RegExpParserImpl<CharT>::ParseClassUnion( + void RegExpParserImpl<CharT>::AddMaybeSimpleCaseFoldedRange( + ZoneList<CharacterRange>* ranges, CharacterRange new_range) { + DCHECK(unicode_sets()); diff --git a/third_party/libwebrtc/api/adaptation/resource.cc b/third_party/libwebrtc/api/adaptation/resource.cc --- a/third_party/libwebrtc/api/adaptation/resource.cc +++ b/third_party/libwebrtc/api/adaptation/resource.cc @@ -684,7 +684,7 @@ diff --git a/third_party/libwebrtc/media/base/codec.cc b/third_party/libwebrtc/media/base/codec.cc --- a/third_party/libwebrtc/media/base/codec.cc +++ b/third_party/libwebrtc/media/base/codec.cc -@@ -201,16 +201,17 @@ bool Codec::Matches(const Codec& codec, +@@ -200,16 +200,17 @@ bool Codec::Matches(const Codec& codec) (codec.bitrate == 0 || bitrate <= 0 || bitrate == codec.bitrate) && ((codec.channels < 2 && channels < 2) || ++++++ tar_stamps ++++++ --- /var/tmp/diff_new_pack.rDQ29f/_old 2024-04-26 23:26:31.427310247 +0200 +++ /var/tmp/diff_new_pack.rDQ29f/_new 2024-04-26 23:26:31.431310393 +0200 @@ -1,11 +1,11 @@ PRODUCT="firefox" CHANNEL="release" -VERSION="124.0.2" +VERSION="125.0.2" VERSION_SUFFIX="" -PREV_VERSION="124.0.1" +PREV_VERSION="125.0.1" PREV_VERSION_SUFFIX="" #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release" -RELEASE_TAG="2718fafaf6b2e4137cff8a71794487d25057e688" -RELEASE_TIMESTAMP="20240401114208" +RELEASE_TAG="c5ee44e4135571bec3220340242f9189c59ca5ba" +RELEASE_TIMESTAMP="20240419144423"