From 979c93f3fd4c4004f008de84adf95ff94dfd138e Mon Sep 17 00:00:00 2001 From: lvfei Date: Thu, 21 Mar 2024 14:53:52 +0800 Subject: [PATCH 1/2] Fix CVE-2022-1802 (cherry picked from commit 1d62b6fdccb36be5cd073e63621dda2633fa7cc6) --- CVE-2022-1802.patch | 47 +++++++++++++++++++++++++++++++++++++++++++++ firefox.spec | 7 ++++++- 2 files changed, 53 insertions(+), 1 deletion(-) create mode 100644 CVE-2022-1802.patch diff --git a/CVE-2022-1802.patch b/CVE-2022-1802.patch new file mode 100644 index 0000000..83aa517 --- /dev/null +++ b/CVE-2022-1802.patch @@ -0,0 +1,47 @@ +From d7ee6342bf9a63dc47fd28567008c44cd6e44bad Mon Sep 17 00:00:00 2001 +From: Peter Van der Beken +Date: Thu, 19 May 2022 14:31:53 +0000 (22 months ago) +Subject: [PATCH] CVE-2022-1802 + +--- + dom/notification/old/NotificationDB.jsm | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/dom/notification/old/NotificationDB.jsm b/dom/notification/old/NotificationDB.jsm +index e950404f50..06c4d40680 100644 +--- a/dom/notification/old/NotificationDB.jsm ++++ b/dom/notification/old/NotificationDB.jsm +@@ -40,8 +40,8 @@ var NotificationDB = { + return; + } + +- this.notifications = {}; +- this.byTag = {}; ++ this.notifications = Object.create(null); ++ this.byTag = Object.create(null); + this.loaded = false; + + this.tasks = []; // read/write operation queue +@@ -111,7 +111,7 @@ var NotificationDB = { + // populate the list of notifications by tag + if (this.notifications) { + for (var origin in this.notifications) { +- this.byTag[origin] = {}; ++ this.byTag[origin] = Object.create(null); + for (var id in this.notifications[origin]) { + var curNotification = this.notifications[origin][id]; + if (curNotification.tag) { +@@ -344,8 +344,8 @@ var NotificationDB = { + var origin = data.origin; + var notification = data.notification; + if (!this.notifications[origin]) { +- this.notifications[origin] = {}; +- this.byTag[origin] = {}; ++ this.notifications[origin] = Object.create(null); ++ this.byTag[origin] = Object.create(null); + } + + // We might have existing notification with this tag, +-- +2.27.0 + diff --git a/firefox.spec b/firefox.spec index 0763b51..634d614 100644 --- a/firefox.spec +++ b/firefox.spec @@ -88,7 +88,7 @@ Summary: Mozilla Firefox Web browser Name: firefox Version: 79.0 -Release: 16 +Release: 17 URL: https://www.mozilla.org/firefox/ License: MPLv1.1 or GPLv2+ or LGPLv2+ Source0: https://archive.mozilla.org/pub/firefox/releases/%{version}/source/firefox-%{version}.source.tar.xz @@ -195,6 +195,7 @@ Patch651: CVE-2023-4863-2.patch Patch652: CVE-2023-5217.patch Patch653: CVE-2023-7104.patch Patch654: CVE-2022-22755.patch +Patch655: CVE-2022-1802.patch @@ -386,6 +387,7 @@ tar -xf %{SOURCE3} %patch652 -p1 %patch653 -p1 %patch654 -p1 +%patch655 -p1 %{__rm} -f .mozconfig @@ -835,6 +837,9 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || : %endif %changelog +* Thu Mar 21 2024 lvfei - 79.0-7-17 +- Fix CVE-2022-1802 + * Mon Mar 04 2024 lvfei - 79.0-16 - fix CVE-2022-22755 -- Gitee From c21dc746c5f4dfa100dee67c70d1f386c709c7cf Mon Sep 17 00:00:00 2001 From: lvfei Date: Mon, 25 Mar 2024 02:01:22 +0000 Subject: [PATCH 2/2] update firefox.spec. Signed-off-by: lvfei (cherry picked from commit 6c00f234e971066bca2000697d87c91eb8130efd) --- firefox.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/firefox.spec b/firefox.spec index 634d614..7cde77d 100644 --- a/firefox.spec +++ b/firefox.spec @@ -837,7 +837,7 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || : %endif %changelog -* Thu Mar 21 2024 lvfei - 79.0-7-17 +* Thu Mar 21 2024 lvfei - 79.0-17 - Fix CVE-2022-1802 * Mon Mar 04 2024 lvfei - 79.0-16 -- Gitee