From 08d20cffa564e5ed3724e5e989c3ad78531bbaea Mon Sep 17 00:00:00 2001
From: technology208 <technology@208suo.com>
Date: Mon, 22 Jul 2024 11:24:33 +0800
Subject: [PATCH] fix CVE-2021-23998

---
 CVE-2021-23998.patch | 33 +++++++++++++++++++++++++++++++++
 firefox.spec         |  7 ++++++-
 2 files changed, 39 insertions(+), 1 deletion(-)
 create mode 100644 CVE-2021-23998.patch

diff --git a/CVE-2021-23998.patch b/CVE-2021-23998.patch
new file mode 100644
index 0000000..ce46126
--- /dev/null
+++ b/CVE-2021-23998.patch
@@ -0,0 +1,33 @@
+From 8bfa81da7a7869f9b7ac9092c179811a88052a41 Mon Sep 17 00:00:00 2001
+From: Gijs Kruitbosch <gijskruitbosch@gmail.com>
+Date: Mon, 22 Jul 2024 11:20:59 +0800
+Subject: [PATCH] fix pageproxystate handling in the url bar, r=johannh a=RyanVM
+
+---
+ browser/base/content/browser-siteIdentity.js | 10 ----------
+ 1 file changed, 10 deletions(-)
+
+diff --git a/browser/base/content/browser-siteIdentity.js b/browser/base/content/browser-siteIdentity.js
+index 0f69461..4214104 100644
+--- a/browser/base/content/browser-siteIdentity.js
++++ b/browser/base/content/browser-siteIdentity.js
+@@ -869,16 +869,6 @@ var gIdentityHandler = {
+       return;
+     }
+ 
+-    // If this condition is true, the URL bar will have an "invalid"
+-    // pageproxystate, which will hide the security indicators. Thus, we can
+-    // safely avoid updating the security UI.
+-    //
+-    // This will also filter out intermediate about:blank loads to avoid
+-    // flickering the identity block and doing unnecessary work.
+-    if (this._hasInvalidPageProxyState()) {
+-      return;
+-    }
+-
+     this._refreshIdentityIcons();
+ 
+     this._refreshPermissionIcons();
+-- 
+2.27.0
+
diff --git a/firefox.spec b/firefox.spec
index e92aabf..b2e17db 100644
--- a/firefox.spec
+++ b/firefox.spec
@@ -88,7 +88,7 @@
 Summary:             Mozilla Firefox Web browser
 Name:                firefox
 Version:             79.0
-Release:             28
+Release:             29
 URL:                 https://www.mozilla.org/firefox/
 License:             MPLv1.1 or GPLv2+ or LGPLv2+
 Source0:             https://archive.mozilla.org/pub/firefox/releases/%{version}/source/firefox-%{version}.source.tar.xz
@@ -209,6 +209,7 @@ Patch665:            CVE-2021-23972.patch
 Patch666:            CVE-2021-23954.patch
 Patch667:            CVE-2021-29984.patch
 Patch668:            CVE-2021-29988.patch
+Patch669:            CVE-2021-23998.patch
 
 %if %{?system_nss}
 BuildRequires:       pkgconfig(nspr) >= %{nspr_version} pkgconfig(nss) >= %{nss_version}
@@ -412,6 +413,7 @@ tar -xf %{SOURCE3}
 %patch666 -p1
 %patch667 -p1
 %patch668 -p1
+%patch669 -p1
 
 %{__rm} -f .mozconfig
 %{__cp} %{SOURCE10} .mozconfig
@@ -860,6 +862,9 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
 %endif
 
 %changelog
+* Mon Jul 22 2024 technology208 <technology@208suo.com> - 79.0-29
+- Fix CVE-2021-23998
+
 * Thu Jul 18 2024 technology208 <technology@208suo.com> - 79.0-28
 - Fix CVE-2021-29988
 
-- 
Gitee