diff --git a/CVE-2023-5217.patch b/CVE-2023-5217.patch new file mode 100644 index 0000000000000000000000000000000000000000..cab95460f1e8e166b81a81fae24c8621555ec093 --- /dev/null +++ b/CVE-2023-5217.patch @@ -0,0 +1,40 @@ + +# HG changeset patch +# User Ryan VanderMeulen +# Date 1695856343 0 +# Node ID c53f5ef77b62b79af86951a7f9130e1896b695d2 +# Parent 90445136a15d059a272041ef3c4a277732b346b6 +Bug 1855550 - VP8: disallow thread count changes. r=jesup + +Cherry-pick of upstream libvpx commits: +https://chromium.googlesource.com/webm/libvpx/+/af6dedd715f4307669366944cca6e0417b290282 +https://chromium.googlesource.com/webm/libvpx/+/3fbd1dca6a4d2dad332a2110d646e4ffef36d590 + +Differential Revision: https://phabricator.services.mozilla.com/D189428 + +Origin: +https://hg.mozilla.org/mozilla-central/raw-rev/c53f5ef77b62b79af86951a7f9130e1896b695d2 +--- + media/libvpx/libvpx/vp8/encoder/onyx_if.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/media/libvpx/libvpx/vp8/encoder/onyx_if.c b/media/libvpx/libvpx/vp8/encoder/onyx_if.c +index 2b059a1..8d05668 100644 +--- a/media/libvpx/libvpx/vp8/encoder/onyx_if.c ++++ b/media/libvpx/libvpx/vp8/encoder/onyx_if.c +@@ -1445,6 +1445,12 @@ void vp8_change_config(VP8_COMP *cpi, VP8_CONFIG *oxcf) { + last_h = cpi->oxcf.Height; + prev_number_of_layers = cpi->oxcf.number_of_layers; + ++ if (cpi->initial_width) { ++ // TODO(https://crbug.com/1486441): Allow changing thread counts; the ++ // allocation is done once in vp8_create_compressor(). ++ oxcf->multi_threaded = cpi->oxcf.multi_threaded; ++ } ++ + cpi->oxcf = *oxcf; + + switch (cpi->oxcf.Mode) { +-- +2.33.0 + diff --git a/firefox.spec b/firefox.spec index d4c544d9250a825beeaf0bc21307319df42453c4..7f8a48ac68b0a9c0c9ce177a73f09e56fcff0455 100644 --- a/firefox.spec +++ b/firefox.spec @@ -148,7 +148,7 @@ Summary: Mozilla Firefox Web browser Name: firefox Version: 102.15.0 -Release: 2 +Release: 3 URL: https://www.mozilla.org/firefox/ License: MPLv1.1 or GPLv2+ or LGPLv2+ @@ -241,6 +241,8 @@ Patch426: mozilla-1833330.patch Patch427: CVE-2023-4863-1.patch # https://hg.mozilla.org/releases/mozilla-esr115/rev/cbbf997c33890c2c49d24079db83b6ebb74cd7d8 Patch428: CVE-2023-4863-2.patch +# https://hg.mozilla.org/mozilla-central/raw-rev/c53f5ef77b62b79af86951a7f9130e1896b695d2 +Patch429: CVE-2023-5217.patch # PGO/LTO patches Patch600: pgo.patch @@ -536,6 +538,7 @@ to run Firefox explicitly on X11. %patch426 -p1 -b .mozilla-1833330 %patch427 -p1 %patch428 -p1 +%patch429 -p1 # PGO patches %if %{build_with_pgo} @@ -1130,6 +1133,9 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || : %endif %changelog +* Thu Oct 26 2023 yaoxin - 102.15.0-3 +- Fix for libvpx CVE-2023-5217 + * Thu Sep 28 2023 wangkai <13474090681@163.com> - 102.15.0-2 - Fix for libwebp CVE-2023-4863