diff --git a/disable-glean-sdk,psutil,zstandard.patch b/disable-glean-sdk,psutil,zstandard.patch index 1f40e093b8e8215862a83eddaaefd773a774cf11..39580dadf6e3eb044d98e0f956fe8d23f2bc52ac 100644 --- a/disable-glean-sdk,psutil,zstandard.patch +++ b/disable-glean-sdk,psutil,zstandard.patch @@ -11,4 +11,4 @@ -# We aren't (yet) able to pin packages in automation, so we have to -# support down to the oldest locally-installed version (5.4.2). -pypi-optional:psutil>=5.4.2,<=5.9.4:telemetry will be missing some data --pypi-optional:zstandard>=0.11.1,<=0.19.0:zstd archives will not be possible to extract +-pypi-optional:zstandard>=0.11.1,<=0.22.0:zstd archives will not be possible to extract diff --git a/firefox-115.5.0esr.source.tar.xz.asc b/firefox-115.5.0esr.source.tar.xz.asc deleted file mode 100644 index 6fc728d11ba92d952ad3a74dcfff5138ca404fea..0000000000000000000000000000000000000000 --- a/firefox-115.5.0esr.source.tar.xz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmVSlbIACgkQ4207E/PZ -MnR3WA/+O5D9Fw1dTYXE46QtjpWye6M10LZRmG9R+OSNmmnVskPopfWkYxXK58Sh -TN9dehPYABd+woxAD1a+XXk4xCifKCAE8ekYr2bI5dzDDdUFKO82k+MxMHZWn6J/ -hWKXq64DJ9tpKVVxwg80WL9q4dGoMEZBGUNKBZp81T64xal9iUiZqyNW4qCAuvAh -JGuP+CEz4w2POWdYUnMN+I5sxYk2pYS3qDdffLr3vkINdoOjxsttX6hg74DFt2KP -zE1z2MlWoIWq563g0i9VbpLzjF7wfNUI4mkPh9OLh9wUSStsfmKUrqr3HYBP97MO -x00ZtbNL7/KLPji2ivLqLh5291FBNIeE+PQa5DIweq7jTcwtFdZQ+ZL6Aw4qOxd9 -WIz6X/uVlTf6Lt3R6AnzoiSeW306C7AEPInb/M2PY52vi6cshbAxRfj+xRzmeBP8 -YKTw2FLoxY/8w2HYXgdhiVWJMalZZH5I4dnGklL25+4Sg8J1osV2g9JtTCimXBEk -g16oZrdtXTn4RcE0cWUPNKIvzmenEHUlaA4K5p/I4uMlcjj50ktxW6m22CikNitT -TKrfh2knsJkOyuUSOIqQ4uLN0CwMEDVax0YIDoJ2F8F7Nwv/QXKWORZjovjsaBlp -0Vw4qcrvhdtSzImjhbZlqosCEnx+WtLiK/udguITTjylulf+8Q4= -=MiOF ------END PGP SIGNATURE----- diff --git a/firefox-115.5.0esr.source.tar.xz b/firefox-115.9.0esr.source.tar.xz similarity index 100% rename from firefox-115.5.0esr.source.tar.xz rename to firefox-115.9.0esr.source.tar.xz diff --git a/firefox-115.9.0esr.source.tar.xz.asc b/firefox-115.9.0esr.source.tar.xz.asc new file mode 100644 index 0000000000000000000000000000000000000000..dbd93c57d0974d2e39b4cef0b31bcdd410ff9df2 --- /dev/null +++ b/firefox-115.9.0esr.source.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmXyisMACgkQ4207E/PZ +MnTDRhAAmTBt2/CYTWrNfBxz71vSR/brjJJHTSavv3M/VvgQl8iLMh4DOrCX6J+I +bAoRXjmlmv2nwUITQZgkMZ0spnhhJ9eIN4U0yBSwrBWk2Fe3sPwPWp97vdg9PsRG +xYFIhFFLzxep/9F0Dktw8/hy6hV00utOcr9qBTlG07PQQRv5wQVCFtFtGOJYu4hi +qTdJIvlnOj8ZEgv0cNtVmpLqbD/7hspapVfACiQ8LvgggTD33Yx/QQ1SaRRla+p9 +YOd2Mwyyb7/MZHfypM0qDvtU0uOyZp6HB0ca40L4VPfrYi42JKfmDgGuDmww1Nnk +DPOzTWjZ57eCgAHxW5zvqu7XA6TgOT7mqRlRYv5GX+uo+YXsp4mYcaKZqwyX25P8 +c3aQfNdwSzX8K31qLlh3XaeX+xObNDus6u2paPmIkjo48nJV9Bu18/mHAQJ5p+7c +MgtVGpiK4u8/dcpgmIpjiL/S+Srg/anjPchV3DPSusb7d3eEIpSat46u98718Zbj +d+oM0oURd4ErtgtovsLqWkqrA/PE/qeFriZfywGvMWpUb5rhWPOsz4HLP7dAqFKi +yLGe+U7owcffEslvpgyliuUnbef5rGxbthEKEp+uJ4iq9Hpvp6PY1Tjm3JuWC/0M +0vhjYo/TxInfjobdS8oGolp1r1NOArXuJ6l6n/qIN9ESu75lIP8= +=WePS +-----END PGP SIGNATURE----- diff --git a/firefox-langpacks-115.5.0esr.tar.xz b/firefox-langpacks-115.9.0esr.tar.xz similarity index 76% rename from firefox-langpacks-115.5.0esr.tar.xz rename to firefox-langpacks-115.9.0esr.tar.xz index 48217b104e97f71f785434a7ce2d88674ceef074..910da92b247007abef2920e2deb27dffa0e918fa 100644 Binary files a/firefox-langpacks-115.5.0esr.tar.xz and b/firefox-langpacks-115.9.0esr.tar.xz differ diff --git a/firefox.spec b/firefox.spec index b4545b3660c067a1d99a8781273833ec65918ea2..c600f73846c0fae9fce85ec3da4925385ce7220c 100644 --- a/firefox.spec +++ b/firefox.spec @@ -44,10 +44,10 @@ Summary: Mozilla Firefox Web browser Name: firefox -Version: 115.5.0 -Release: 4 +Version: 115.9.0 +Release: 1 URL: https://www.mozilla.org/firefox/ -License: MPLv1.1 or GPLv2+ or LGPLv2+ +License: MPL-1.1 or GPL-2.0-or-later or LGPL-2.0-or-later Source0: https://ftp.mozilla.org/pub/firefox/releases/%{version}esr/source/firefox-%{version}esr.source.tar.xz %if %{with langpacks} # sh create-firefox-langpacks.sh %{version}esr @@ -377,12 +377,9 @@ to run Firefox explicitly on X11. %prep # download source0 and gpg check -cd %{_sourcedir} -rm -f %{SOURCE0} -wget https://user-repo.openeuler.openatom.cn/lfs-tar/firefox/firefox-%{version}esr.source.tar.xz +wget -O %{SOURCE0} https://user-repo.openeuler.openatom.cn/lfs-tar/firefox/firefox-%{version}esr.source.tar.xz gpg --import %{SOURCE6} gpg --verify %{SOURCE5} %{SOURCE0} -cd - %setup -q -n %{name}-%{version} @@ -958,6 +955,13 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || : %endif %changelog +* Wed Mar 20 2024 wangkai <13474090681@163.com> - 115.9.0-1 +- Update to 115.9.0 +- Fix CVE-2024-2616 CVE-2024-2608 CVE-2024-2610 CVE-2024-2612 CVE-2024-2614 CVE-2023-5388 CVE-2024-2607 CVE-2024-2611 +- CVE-2024-1546 CVE-2024-1549 CVE-2024-1547 CVE-2024-1553 CVE-2024-1551 CVE-2024-1548 CVE-2024-1552 CVE-2024-1550 +- CVE-2024-0750 CVE-2024-0746 CVE-2024-0742 CVE-2024-0741 CVE-2024-0747 CVE-2024-0751 CVE-2024-0749 CVE-2024-0753 CVE-2024-0755 +- CVE-2023-6856 CVE-2023-6859 CVE-2023-6857 CVE-2023-6860 CVE-2023-6867 CVE-2023-6858 CVE-2023-6865 CVE-2023-6863 CVE-2023-6861 CVE-2023-6864 + * Sun Feb 18 2024 wangkai <13474090681@163.com> - 115.5.0-4 - Modify the way to get the source package