Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package MozillaFirefox for openSUSE:Factory checked in at 2021-04-23 17:49:47 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/MozillaFirefox (Old) and /work/SRC/openSUSE:Factory/.MozillaFirefox.new.12324 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "MozillaFirefox" Fri Apr 23 17:49:47 2021 rev:333 rq:886904 version:88.0 Changes: -------- --- /work/SRC/openSUSE:Factory/MozillaFirefox/MozillaFirefox.changes 2021-04-06 17:30:35.531178775 +0200 +++ /work/SRC/openSUSE:Factory/.MozillaFirefox.new.12324/MozillaFirefox.changes 2021-04-23 17:49:54.410720024 +0200 @@ -1,0 +2,74 @@ +Sun Apr 18 09:01:32 UTC 2021 - Wolfgang Rosenauer <[email protected]> + +- Mozilla Firefox 88.0 + * New: PDF forms now support JavaScript embedded in PDF files. + Some PDF forms use JavaScript for validation and other + interactive features + * New: Print updates: Margin units are now localized + * New: Smooth pinch-zooming using a touchpad is now supported + on Linux + * New: To protect against cross-site privacy leaks, Firefox now + isolates window.name data to the website that created it. + Learn more + * Changed: Firefox will not prompt for access to your + microphone or camera if you???ve already granted access to the + same device on the same site in the same tab within the past + 50 seconds. This new grace period reduces the number of times + you???re prompted to grant device access + * Changed: The ???Take a Screenshot??? feature was removed from the + Page Actions menu in the url bar. To take a screenshot, + right-click to open the context menu. You can also add a + screenshots shortcut directly to your toolbar via the + Customize menu. Open the Firefox menu and select Customize??? + * Changed: FTP support has been disabled, and its full removal + is planned for an upcoming release. Addressing this security + risk reduces the likelihood of an attack while also removing + support for a non-encrypted protocol + * Developer: Introduced a new toggle button in the Network + panel for switching between JSON formatted HTTP response and + raw data (as received over the wire). + !enter image description here + * Enterprise: Various bug fixes and new policies have been + implemented in the latest version of Firefox. You can see + more details in the Firefox for Enterprise 88 Release Notes. + * Fixed: Screen readers no longer incorrectly read content that + websites have visually hidden, as in the case of articles in + the Google Help panel + MFSA 2021-16 (bsc#1184960) + * CVE-2021-23994 (bmo#1699077) + Out of bound write due to lazy initialization + * CVE-2021-23995 (bmo#1699835) + Use-after-free in Responsive Design Mode + * CVE-2021-23996 (bmo#1701834) + Content rendered outside of webpage viewport + * CVE-2021-23997 (bmo#1701942) + Use-after-free when freeing fonts from cache + * CVE-2021-23998 (bmo#1667456) + Secure Lock icon could have been spoofed + * CVE-2021-23999 (bmo#1691153) + Blob URLs may have been granted additional privileges + * CVE-2021-24000 (bmo#1694698) + requestPointerLock() could be applied to a tab different from + the visible tab + * CVE-2021-24001 (bmo#1694727) + Testing code could have enabled session history manipulations + by a compromised content process + * CVE-2021-24002 (bmo#1702374) + Arbitrary FTP command execution on FTP servers using an + encoded URL + * CVE-2021-29945 (bmo#1700690) + Incorrect size computation in WebAssembly JIT could lead to + null-reads + * CVE-2021-29944 (bmo#1697604) + HTML injection vulnerability in Firefox for Android's Reader View + * CVE-2021-29946 (bmo#1698503) + Port blocking could be bypassed + * CVE-2021-29947 (bmo#1651449, bmo#1674142, bmo#1693476, + bmo#1696886, bmo#1700091) + Memory safety bugs fixed in Firefox 88 +- requires + * NSPR 4.30 + * NSS 3.63.1 +- align wayland support logic + +------------------------------------------------------------------- Old: ---- firefox-87.0.source.tar.xz firefox-87.0.source.tar.xz.asc l10n-87.0.tar.xz New: ---- firefox-88.0.source.tar.xz firefox-88.0.source.tar.xz.asc l10n-88.0.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ MozillaFirefox.spec ++++++ --- /var/tmp/diff_new_pack.wbsVjy/_old 2021-04-23 17:50:03.570735772 +0200 +++ /var/tmp/diff_new_pack.wbsVjy/_new 2021-04-23 17:50:03.574735780 +0200 @@ -32,9 +32,9 @@ # orig_suffix b3 # major 69 # mainver %major.99 -%define major 87 +%define major 88 %define mainver %major.0 -%define orig_version 87.0 +%define orig_version 88.0 %define orig_suffix %{nil} %define update_channel release %define branding 1 @@ -85,11 +85,13 @@ %else %define crashreporter 0 %endif -%if 0%{?suse_version} < 1550 && 0%{?sle_version} <= 150100 -# pipewire is too old on Leap <15.1 -%define with_pipewire0_3 0 -%else %define with_pipewire0_3 1 +%define wayland_supported 1 +%if 0%{?sle_version} > 0 && 0%{?sle_version} < 150200 +# pipewire is too old on Leap <=15.1 +%define with_pipewire0_3 0 +# Wayland is too old on Leap <=15.1 as well +%define wayland_supported 0 %endif Name: %{pkgname} @@ -115,8 +117,8 @@ BuildRequires: libiw-devel BuildRequires: libproxy-devel BuildRequires: makeinfo -BuildRequires: mozilla-nspr-devel >= 4.29 -BuildRequires: mozilla-nss-devel >= 3.62 +BuildRequires: mozilla-nspr-devel >= 4.30 +BuildRequires: mozilla-nss-devel >= 3.63.1 BuildRequires: nasm >= 2.14 BuildRequires: nodejs10 >= 10.22.1 %if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000 @@ -448,10 +450,10 @@ ac_add_options --libdir=%{_libdir} ac_add_options --includedir=%{_includedir} ac_add_options --enable-release -%if 0%{?sle_version} >= 120000 && 0%{?sle_version} < 150000 -ac_add_options --enable-default-toolkit=cairo-gtk3 -%else +%if 0%{wayland_supported} ac_add_options --enable-default-toolkit=cairo-gtk3-wayland +%else +ac_add_options --enable-default-toolkit=cairo-gtk3 %endif # bmo#1441155 - Disable the generation of Rust debug symbols on Linux32 %ifarch %ix86 %arm @@ -628,6 +630,7 @@ sed "s:%%PREFIX:%{_prefix}:g s:%%PROGDIR:%{progdir}:g s:%%APPNAME:%{progname}:g +s:%%WAYLAND_SUPPORTED:%{wayland_supported}:g s:%%PROFILE:.mozilla/firefox:g" \ %{SOURCE3} > %{buildroot}%{progdir}/%{progname}.sh chmod 755 %{buildroot}%{progdir}/%{progname}.sh ++++++ firefox-87.0.source.tar.xz -> firefox-88.0.source.tar.xz ++++++ /work/SRC/openSUSE:Factory/MozillaFirefox/firefox-87.0.source.tar.xz /work/SRC/openSUSE:Factory/.MozillaFirefox.new.12324/firefox-88.0.source.tar.xz differ: char 15, line 1 ++++++ l10n-87.0.tar.xz -> l10n-88.0.tar.xz ++++++ /work/SRC/openSUSE:Factory/MozillaFirefox/l10n-87.0.tar.xz /work/SRC/openSUSE:Factory/.MozillaFirefox.new.12324/l10n-88.0.tar.xz differ: char 26, line 1 ++++++ mozilla-kde.patch ++++++ --- /var/tmp/diff_new_pack.wbsVjy/_old 2021-04-23 17:50:03.814736192 +0200 +++ /var/tmp/diff_new_pack.wbsVjy/_new 2021-04-23 17:50:03.814736192 +0200 @@ -3,7 +3,7 @@ # Date 1559294891 -7200 # Fri May 31 11:28:11 2019 +0200 # Node ID c2aa7198fb925e7fde96abf65b6f68b9b755f112 -# Parent 929fbcb071c2e1ff551c73e8c364e9c1f4495171 +# Parent 53e325f006bd6a31f6f3d40ae248e4058897055a Description: Add KDE integration to Firefox (toolkit parts) Author: Wolfgang Rosenauer <[email protected]> Author: Lubos Lunak <[email protected]> @@ -31,7 +31,7 @@ #ifdef MOZ_MEMORY # include "mozmemory.h" #endif -@@ -4573,25 +4574,37 @@ nsresult Preferences::InitInitialObjects +@@ -4635,25 +4636,37 @@ nsresult Preferences::InitInitialObjects // application pref files for backwards compatibility. static const char* specialFiles[] = { #if defined(XP_MACOSX) @@ -69,7 +69,7 @@ // Load jar:$app/omni.jar!/defaults/preferences/*.js // or jar:$gre/omni.jar!/defaults/preferences/*.js. -@@ -4656,17 +4669,17 @@ nsresult Preferences::InitInitialObjects +@@ -4718,17 +4731,17 @@ nsresult Preferences::InitInitialObjects } nsCOMPtr<nsIFile> path = do_QueryInterface(elem); @@ -841,7 +841,7 @@ diff --git a/uriloader/exthandler/moz.build b/uriloader/exthandler/moz.build --- a/uriloader/exthandler/moz.build +++ b/uriloader/exthandler/moz.build -@@ -86,17 +86,19 @@ else: +@@ -77,17 +77,19 @@ else: SOURCES += [ osdir + "/nsOSHelperAppService.cpp", ] @@ -857,11 +857,11 @@ ] elif CONFIG["MOZ_WIDGET_TOOLKIT"] == "android": UNIFIED_SOURCES += [ - "android/nsAndroidHandlerApp.cpp", - "android/nsExternalURLHandlerService.cpp", "android/nsMIMEInfoAndroid.cpp", ] -@@ -136,16 +138,17 @@ include("/ipc/chromium/chromium-config.m + elif CONFIG["MOZ_WIDGET_TOOLKIT"] == "windows": + UNIFIED_SOURCES += [ +@@ -125,16 +127,17 @@ include("/ipc/chromium/chromium-config.m FINAL_LIBRARY = "xul" LOCAL_INCLUDES += [ @@ -1837,7 +1837,7 @@ diff --git a/xpcom/io/nsLocalFileUnix.cpp b/xpcom/io/nsLocalFileUnix.cpp --- a/xpcom/io/nsLocalFileUnix.cpp +++ b/xpcom/io/nsLocalFileUnix.cpp -@@ -49,16 +49,17 @@ +@@ -53,16 +53,17 @@ #include "prproces.h" #include "nsIDirectoryEnumerator.h" #include "nsSimpleEnumerator.h" @@ -1855,7 +1855,7 @@ # include "prmem.h" # include "plbase64.h" -@@ -2001,62 +2002,77 @@ nsLocalFile::SetPersistentDescriptor(con +@@ -2021,62 +2022,77 @@ nsLocalFile::SetPersistentDescriptor(con NS_IMETHODIMP nsLocalFile::Reveal() { @@ -1938,4 +1938,4 @@ return giovfs->ShowURIForInput(mPath); #elif defined(MOZ_WIDGET_ANDROID) - // Try to get a mimetype, if this fails just use the file uri alone + // Not supported on GeckoView ++++++ mozilla-pgo.patch ++++++ --- /var/tmp/diff_new_pack.wbsVjy/_old 2021-04-23 17:50:03.830736220 +0200 +++ /var/tmp/diff_new_pack.wbsVjy/_new 2021-04-23 17:50:03.830736220 +0200 @@ -1,6 +1,6 @@ # HG changeset patch # User Wolfgang Rosenauer <[email protected]> -# Parent 07b5ae8ccc4806fcc5ad74e32a2d3fb2b9d605d0 +# Parent ed9681bd4359b83145247fb6b01a56a2c84879fd diff --git a/build/moz.configure/lto-pgo.configure b/build/moz.configure/lto-pgo.configure --- a/build/moz.configure/lto-pgo.configure @@ -155,7 +155,7 @@ diff --git a/toolkit/components/terminator/nsTerminator.cpp b/toolkit/components/terminator/nsTerminator.cpp --- a/toolkit/components/terminator/nsTerminator.cpp +++ b/toolkit/components/terminator/nsTerminator.cpp -@@ -425,16 +425,21 @@ void nsTerminator::StartWatchdog() { +@@ -451,16 +451,21 @@ void nsTerminator::StartWatchdog() { // Defend against overflow crashAfterMS = INT32_MAX; } else { @@ -170,10 +170,10 @@ + crashAfterMS = INT32_MAX; + UniquePtr<Options> options(new Options()); - const PRIntervalTime ticksDuration = PR_MillisecondsToInterval(1000); + const PRIntervalTime ticksDuration = + PR_MillisecondsToInterval(HEARTBEAT_INTERVAL_MS); options->crashAfterTicks = crashAfterMS / ticksDuration; // Handle systems where ticksDuration is greater than crashAfterMS. if (options->crashAfterTicks == 0) { - options->crashAfterTicks = crashAfterMS / 1000; + options->crashAfterTicks = crashAfterMS / HEARTBEAT_INTERVAL_MS; } - ++++++ mozilla.sh.in ++++++ --- /var/tmp/diff_new_pack.wbsVjy/_old 2021-04-23 17:50:03.866736282 +0200 +++ /var/tmp/diff_new_pack.wbsVjy/_new 2021-04-23 17:50:03.866736282 +0200 @@ -84,8 +84,11 @@ export GNOME_DISABLE_CRASH_DIALOG=1 # Wayland +# Only supported on newer systems +WAYLAND_SUPPORTED=%WAYLAND_SUPPORTED + # $XDG_SESSION_TYPE should contain either x11 or wayland -if [ "$XDG_SESSION_TYPE" = "wayland" ]; then +if [ $WAYLAND_SUPPORTED -eq 1 ] && [ "$XDG_SESSION_TYPE" = "wayland" ]; then export MOZ_ENABLE_WAYLAND=1 fi ++++++ tar_stamps ++++++ --- /var/tmp/diff_new_pack.wbsVjy/_old 2021-04-23 17:50:03.894736330 +0200 +++ /var/tmp/diff_new_pack.wbsVjy/_new 2021-04-23 17:50:03.894736330 +0200 @@ -1,11 +1,11 @@ PRODUCT="firefox" CHANNEL="release" -VERSION="87.0" +VERSION="88.0" VERSION_SUFFIX="" -PREV_VERSION="86.0.1" +PREV_VERSION="87.0" PREV_VERSION_SUFFIX="" #SKIP_LOCALES="" # Uncomment to skip l10n and compare-locales-generation RELEASE_REPO="https://hg.mozilla.org/releases/mozilla-release"; -RELEASE_TAG="bb9bf7e886787222b18094a4723949a29b4d329a" -RELEASE_TIMESTAMP="20210318103112" +RELEASE_TAG="38ee7c9c51c5c95d854c6e9eaa962f21d4f17753" +RELEASE_TIMESTAMP="20210415204500"
