diff --git a/Bug-1923344-CVE-2024-9680.patch b/Bug-1923344-CVE-2024-9680.patch deleted file mode 100644 index 420f05e231acf1ebc37fb0f250b0d9a6e1923f3f..0000000000000000000000000000000000000000 --- a/Bug-1923344-CVE-2024-9680.patch +++ /dev/null @@ -1,243 +0,0 @@ - -# HG changeset patch -# User Emilio Cobos Álvarez -# Date 1728404712 0 -# Node ID e0c969a3bfc0a23219384269e5b36a589c8f6cc5 -# Parent 9a327e036cdce4d976424e729db47a5d56defc4f -Bug 1923344 - r=smaug, a=dsmith - -Differential Revision: https://phabricator.services.mozilla.com/D224958 - -diff --git a/dom/animation/AnimationTimeline.cpp b/dom/animation/AnimationTimeline.cpp ---- a/dom/animation/AnimationTimeline.cpp -+++ b/dom/animation/AnimationTimeline.cpp -@@ -35,71 +35,64 @@ AnimationTimeline::AnimationTimeline(nsI - MOZ_ASSERT(mWindow); - } - - AnimationTimeline::~AnimationTimeline() { mAnimationOrder.clear(); } - - bool AnimationTimeline::Tick(TickState& aState) { - bool needsTicks = false; - -- nsTArray animationsToRemove; -- -- for (Animation* animation = mAnimationOrder.getFirst(); animation; -- animation = -- static_cast*>(animation)->getNext()) { -+ AutoTArray, 32> animationsToTick; -+ for (Animation* animation : mAnimationOrder) { - MOZ_ASSERT(mAnimations.Contains(animation), - "The sampling order list should be a subset of the hashset"); - MOZ_ASSERT(!animation->IsHiddenByContentVisibility(), - "The sampling order list should not contain any animations " - "that are hidden by content-visibility"); -+ animationsToTick.AppendElement(animation); -+ } - -+ for (Animation* animation : animationsToTick) { - // Skip any animations that are longer need associated with this timeline. - if (animation->GetTimeline() != this) { -- // If animation has some other timeline, it better not be also in the -- // animation list of this timeline object! -- MOZ_ASSERT(!animation->GetTimeline()); -- animationsToRemove.AppendElement(animation); -+ RemoveAnimation(animation); - continue; - } - - needsTicks |= animation->NeedsTicks(); -- // Even if |animation| doesn't need future ticks, we should still -- // Tick it this time around since it might just need a one-off tick in -- // order to dispatch events. -+ // Even if |animation| doesn't need future ticks, we should still Tick it -+ // this time around since it might just need a one-off tick in order to -+ // queue events. - animation->Tick(aState); -- - if (!animation->NeedsTicks()) { -- animationsToRemove.AppendElement(animation); -+ RemoveAnimation(animation); - } - } - -- for (Animation* animation : animationsToRemove) { -- RemoveAnimation(animation); -- } -- - return needsTicks; - } - - void AnimationTimeline::NotifyAnimationUpdated(Animation& aAnimation) { - if (mAnimations.EnsureInserted(&aAnimation)) { - if (aAnimation.GetTimeline() && aAnimation.GetTimeline() != this) { - aAnimation.GetTimeline()->RemoveAnimation(&aAnimation); - } - if (!aAnimation.IsHiddenByContentVisibility()) { - mAnimationOrder.insertBack(&aAnimation); - } - } - } - - void AnimationTimeline::RemoveAnimation(Animation* aAnimation) { -- MOZ_ASSERT(!aAnimation->GetTimeline() || aAnimation->GetTimeline() == this); -- if (static_cast*>(aAnimation)->isInList()) { -+ if (static_cast*>(aAnimation)->isInList() && -+ MOZ_LIKELY(!aAnimation->GetTimeline() || -+ aAnimation->GetTimeline() == this)) { -+ static_cast*>(aAnimation)->remove(); - MOZ_ASSERT(mAnimations.Contains(aAnimation), - "The sampling order list should be a subset of the hashset"); -- static_cast*>(aAnimation)->remove(); - } - mAnimations.Remove(aAnimation); - } - - void AnimationTimeline::NotifyAnimationContentVisibilityChanged( - Animation* aAnimation, bool aIsVisible) { - bool inList = - static_cast*>(aAnimation)->isInList(); -diff --git a/dom/animation/DocumentTimeline.cpp b/dom/animation/DocumentTimeline.cpp ---- a/dom/animation/DocumentTimeline.cpp -+++ b/dom/animation/DocumentTimeline.cpp -@@ -155,17 +155,22 @@ void DocumentTimeline::NotifyAnimationUp - "We should not register with the refresh driver if we are not" - " in the document's list of timelines"); - refreshDriver->EnsureAnimationUpdate(); - } - } - } - - void DocumentTimeline::TriggerAllPendingAnimationsNow() { -+ AutoTArray, 32> animationsToTrigger; - for (Animation* animation : mAnimationOrder) { -+ animationsToTrigger.AppendElement(animation); -+ } -+ -+ for (Animation* animation : animationsToTrigger) { - animation->TryTriggerNow(); - } - } - - void DocumentTimeline::WillRefresh() { - if (!mDocument->GetPresShell()) { - // If we're not displayed, don't tick animations. - return; -@@ -183,19 +188,16 @@ void DocumentTimeline::WillRefresh() { - } - // We already assert that GetRefreshDriver() is non-null at the beginning - // of this function but we check it again here to be sure that ticking - // animations does not have any side effects that cause us to lose the - // connection with the refresh driver, such as triggering the destruction - // of mDocument's PresShell. - if (nsRefreshDriver* refreshDriver = GetRefreshDriver()) { - refreshDriver->EnsureAnimationUpdate(); -- } else { -- MOZ_ASSERT_UNREACHABLE( -- "Refresh driver should still be valid at end of WillRefresh"); - } - } - - void DocumentTimeline::RemoveAnimation(Animation* aAnimation) { - AnimationTimeline::RemoveAnimation(aAnimation); - } - - void DocumentTimeline::NotifyAnimationContentVisibilityChanged( -diff --git a/dom/animation/ScrollTimelineAnimationTracker.cpp b/dom/animation/ScrollTimelineAnimationTracker.cpp ---- a/dom/animation/ScrollTimelineAnimationTracker.cpp -+++ b/dom/animation/ScrollTimelineAnimationTracker.cpp -@@ -8,23 +8,20 @@ - - #include "mozilla/dom/Document.h" - - namespace mozilla { - - NS_IMPL_CYCLE_COLLECTION(ScrollTimelineAnimationTracker, mPendingSet, mDocument) - - void ScrollTimelineAnimationTracker::TriggerPendingAnimations() { -- for (auto iter = mPendingSet.begin(), end = mPendingSet.end(); iter != end; -- ++iter) { -- dom::Animation* animation = *iter; -- -+ for (RefPtr& animation : -+ ToTArray, 32>>(mPendingSet)) { - MOZ_ASSERT(animation->GetTimeline() && - !animation->GetTimeline()->IsMonotonicallyIncreasing()); -- - // FIXME: Trigger now may not be correct because the spec says: - // If a user agent determines that animation is immediately ready, it may - // schedule the task (i.e. ResumeAt()) as a microtask such that it runs at - // the next microtask checkpoint, but it must not perform the task - // synchronously. - // Note: So, for now, we put the animation into the tracker, and trigger - // them immediately until the frames are ready. Using TriggerOnNextTick() - // for scroll-driven animations may have issues because we don't tick if -@@ -34,15 +31,13 @@ void ScrollTimelineAnimationTracker::Tri - // inactive. It's pretty hard to tell its future status, for example, it's - // possible that the scroll container is in display:none subtree but the - // animating element isn't the subtree, then we need to keep tracking the - // situation until the scroll container gets framed. so in general we make - // this animation be pending (i.e. not ready) if its scroll-timeline is - // inactive, and this also matches the current spec definition. - continue; - } -- -- // Note: Remove() is legitimately called once per entry during the loop. -- mPendingSet.Remove(iter); -+ mPendingSet.Remove(animation); - } - } - - } // namespace mozilla -diff --git a/layout/base/nsRefreshDriver.cpp b/layout/base/nsRefreshDriver.cpp ---- a/layout/base/nsRefreshDriver.cpp -+++ b/layout/base/nsRefreshDriver.cpp -@@ -2327,18 +2327,25 @@ void nsRefreshDriver::DetermineProximity - ShouldCollect); - - for (const RefPtr& doc : documents) { - MOZ_KnownLive(doc)->DetermineProximityToViewportAndNotifyResizeObservers(); - } - } - - static CallState UpdateAndReduceAnimations(Document& aDocument) { -- for (DocumentTimeline* timeline : aDocument.Timelines()) { -- timeline->WillRefresh(); -+ { -+ AutoTArray, 32> timelinesToTick; -+ for (DocumentTimeline* timeline : aDocument.Timelines()) { -+ timelinesToTick.AppendElement(timeline); -+ } -+ -+ for (DocumentTimeline* tl : timelinesToTick) { -+ tl->WillRefresh(); -+ } - } - - if (nsPresContext* pc = aDocument.GetPresContext()) { - if (pc->EffectCompositor()->NeedsReducing()) { - pc->EffectCompositor()->ReduceAnimations(); - } - } - aDocument.EnumerateSubDocuments(UpdateAndReduceAnimations); -@@ -2358,17 +2365,18 @@ void nsRefreshDriver::UpdateAnimationsAn - // run these, however, until we have fully updated the animation state. As - // per the "update animations and send events" procedure[1], we should - // remove replaced animations and then run these microtasks before - // dispatching the corresponding animation events. - // - // [1]: - // https://drafts.csswg.org/web-animations-1/#update-animations-and-send-events - nsAutoMicroTask mt; -- UpdateAndReduceAnimations(*mPresContext->Document()); -+ RefPtr doc = mPresContext->Document(); -+ UpdateAndReduceAnimations(*doc); - } - - // Hold all AnimationEventDispatcher in mAnimationEventFlushObservers as - // a RefPtr<> array since each AnimationEventDispatcher might be destroyed - // during processing the previous dispatcher. - AutoTArray, 16> dispatchers; - dispatchers.AppendElements(mAnimationEventFlushObservers); - mAnimationEventFlushObservers.Clear(); - diff --git a/create-firefox-langpacks.sh b/create-firefox-langpacks.sh index 3df82d34f729ba7cf80d4e731b71ccc3dac6060a..025399839b795679a84e15b153031cbef5f715e7 100644 --- a/create-firefox-langpacks.sh +++ b/create-firefox-langpacks.sh @@ -5,3 +5,4 @@ mkdir firefox-langpacks find -name *.xpi | mv `xargs` firefox-langpacks/ tar -cJf firefox-langpacks-$version.tar.xz firefox-langpacks rm -rf pub firefox-langpacks +rm -f robots.txt diff --git a/firefox-128.3.0esr.source.tar.xz.asc b/firefox-128.3.0esr.source.tar.xz.asc deleted file mode 100644 index 6d0f5358a7fb0a22e6e945f999e07aff89c0caea..0000000000000000000000000000000000000000 --- a/firefox-128.3.0esr.source.tar.xz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmbxkrMACgkQ4207E/PZ -MnQ8khAA0WUg/6Ykv2Mbxq1840nUwoTqBy2OMyqCR4kuqHVJlKIbTn8U1Fqde4RS -qwgqkQ+eJUk6IAG/32KBZWJHsTFTUs+D0GYB+xqJnFGHDBcaK9IdvQz7SIIqzJUu -MlAqqbQm/vXfrVqjyIEvvG9dIaYVe85L3/KKGDcHQOSMGZxsTX/MvqOMMjGH7J6w -/kTFVjMcbrpjs1w1ovDtanNe66JNvuEnR5mdLvXa9o7Dg90ujJxq1jC/Z6h7A17f -lsey0v+7nbUBINhdiFNgg3HBlm6aj4axghd4SkEKB1Vb4eCZmlzqY0JgKY6Xw8FM -w9kKPAntGMaUXlSn0yR+XFlrwngTpi48+Ljgi/SxnKEGGOnWOj8XPpx0uxiRrIfp -xNpK/rDUT+5EEFkap7Prr0huIBzYE50H/JKx8hVIwHQFbPe/oLZE1IAwepG8wcxv -HQuYcYh+L+LG1uKqdLSlMi5EmLizobU0JWw+t989eR6wEPAyp5w+FZmYdNt9dgrk -33nc72RdaCFmkDOpF++uLf8I/s4hrpIEQ4DU5XHnaHdUFg0W7B6/BR7d1YACljHs -CkNm3XKcgYJJBeKHEskU5NozMpBbDC0OoXNzgGwpT1z2AmvsCI7JdAHTgSflTXe7 -wX/7t30hbGGzFdC9fJ6ZqUsC7EmZzPtpDmY5XI50yx9uZL32rhk= -=1kCT ------END PGP SIGNATURE----- diff --git a/firefox-128.3.0esr.source.tar.xz b/firefox-128.4.0esr.source.tar.xz similarity index 100% rename from firefox-128.3.0esr.source.tar.xz rename to firefox-128.4.0esr.source.tar.xz diff --git a/firefox-128.4.0esr.source.tar.xz.asc b/firefox-128.4.0esr.source.tar.xz.asc new file mode 100644 index 0000000000000000000000000000000000000000..f31df85c35dde0ed07a284ad71f8e2b13f69a473 --- /dev/null +++ b/firefox-128.4.0esr.source.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEErdcHlHlwDcrf3VM34207E/PZMnQFAmcW7IkACgkQ4207E/PZ +MnTf9A//VlyClh8iW411Zun0qF0f6+AdI9zav9/c2Ow3BLAs2voKC/dQT4QQpdHl +EMYqxP09c+voLeAcHQnrPIZh5W181a/WlawfGnJC5g6O9zMBovSUsNjpE+fQTcY0 +z8+qbEmYnZz8KGW9iVLdpQWDsXpwaHNKIRkAxbhFQobRbtmnODOafcAzP3kYpvPL +8Ar+6rvVLdaGGJzfvCcH4fAFaWKIYpfAzcjAgpsftypm2yx9xUBogfmSoGJOKT8L +WVl2dRmLkWXcweJKYBhNEt/fpNsb14/AL0Ct2x+IFUQ/V+iU2TgqG6xYTHvYoO3b +7sHR4kM7hZs2uVQfDqCC6eVI6mbaB9vpC7kwsFBVGBrq9wJv0xG5ebAYzwOOJZWo +RudaWnekHfPifV3g7HhDtSE0RWqPpPEXLHkOnvexsq7uVFYhQSahof7VhYsyWfa3 +EZEnzSgPiURbQ56Jld/jfHaq/z6hZKT4IL7uziv5AhH4rLezhb6ttLQIcZ67byxP +IVM74OGRKMLyOla3+QqabWpcHdbC+FIys765klMLWvdGpPQFPXDsMhEU7gieGekf +AvFpHIjUofyVPn0ezeuHpk9mwsWiTnCDfI7Xdr9TQG2G+ArzHH8HrPhkoL8hqxX/ +Lw16iMg/KJ9MNWiLAOzgt2xhPQS+LPDOpFzXla2W133TZKK0Nm4= +=cjvX +-----END PGP SIGNATURE----- diff --git a/firefox-langpacks-128.3.0esr.tar.xz b/firefox-langpacks-128.4.0esr.tar.xz similarity index 79% rename from firefox-langpacks-128.3.0esr.tar.xz rename to firefox-langpacks-128.4.0esr.tar.xz index b38dca3244799e93131ee90d56b0ca06bc0473d7..5689a5cad85b560bad2111321604a20f2656dafc 100644 Binary files a/firefox-langpacks-128.3.0esr.tar.xz and b/firefox-langpacks-128.4.0esr.tar.xz differ diff --git a/firefox.spec b/firefox.spec index 3732f347509da644c16a7baeefe201e0e4dc701e..edfbbfab12c1751c6ce7fa1f45a87c2478827a4e 100644 --- a/firefox.spec +++ b/firefox.spec @@ -44,8 +44,8 @@ Summary: Mozilla Firefox Web browser Name: firefox -Version: 128.3.0 -Release: 3 +Version: 128.4.0 +Release: 1 URL: https://www.mozilla.org/firefox/ License: MPL-1.1 or GPL-2.0-or-later or LGPL-2.0-or-later Source0: https://ftp.mozilla.org/pub/firefox/releases/%{version}esr/source/firefox-%{version}esr.source.tar.xz @@ -108,10 +108,6 @@ Patch801: bmo-1559213-fix-system-av1-libs.patch # ---- LOONGARCH patches ---- Patch1002: add-loongarch64-support-for-libwebrtc.patch -# ---- security patches ---- -# https://hg.mozilla.org/releases/mozilla-esr128/rev/e0c969a3bfc0a23219384269e5b36a589c8f6cc5 -Patch3000: Bug-1923344-CVE-2024-9680.patch - # BUILD REQURES/REQUIRES %if %{?system_nss} BuildRequires: pkgconfig(nspr) >= %{nspr_version} @@ -411,9 +407,6 @@ rm -vf ./*/layout/inspector/tests/chrome/test_fontVariationsAPI.css %patch -P1002 -p1 %endif -# security patches -%patch -P3000 -p1 - %{__rm} -f .mozconfig %{__cp} %{SOURCE10} .mozconfig %{__cp} %{SOURCE24} mozilla-api-key @@ -932,6 +925,11 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || : %endif %changelog +* Mon Nov 04 2024 wangkai <13474090681@163.com> - 128.4.0-1 +- Update to 128.4.0 +- Fix CVE-2024-10458 CVE-2024-10459 CVE-2024-10460 CVE-2024-10461 CVE-2024-10462 + CVE-2024-10463 CVE-2024-10464 CVE-2024-10465 CVE-2024-10466 CVE-2024-10467 + * Tue Oct 22 2024 Wenlong Zhang - 128.3.0-3 - fix build error for loongarch64