From 1301272f7776cd382f9f42737a4dd0ba1163cbc2 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Jan 11 2022 17:08:00 +0000 Subject: import firefox-91.4.0-3.el9 --- diff --git a/.firefox.metadata b/.firefox.metadata index 96b97d2..19f80b6 100644 --- a/.firefox.metadata +++ b/.firefox.metadata @@ -1,5 +1,5 @@ c822547dbc12e2baebdfdfb38b665e23f0c2513a SOURCES/cbindgen-vendor.tar.xz -736b0b4313f678de624c0124f61a86893385d110 SOURCES/firefox-91.3.0esr.processed-source.tar.xz -7b821f5b94cba12efc8a2b86dbd8c7321b453568 SOURCES/firefox-langpacks-91.3.0esr-20211101.tar.xz +322e0ffb8b442f599b0f5dd695e6f83050b3dc82 SOURCES/firefox-91.4.0esr.processed-source.tar.xz +74a1b8c9a5f4a96f80af2d3fe542495e3af2423a SOURCES/firefox-langpacks-91.4.0esr-20211201.tar.xz b5fd1332d8e0d37339ae170c7bebcb63a40b22e0 SOURCES/nspr-4.32.0-1.el8_1.src.rpm -29da2158892dc108a7a21fd8411fccf0061481b3 SOURCES/nss-3.67.0-6.el8_1.src.rpm +8fff814901e03c2518ede2f8992d898f5ba61ed9 SOURCES/nss-3.67.0-7.el8_1.src.rpm diff --git a/.gitignore b/.gitignore index 1a94cd1..e79811e 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,5 @@ SOURCES/cbindgen-vendor.tar.xz -SOURCES/firefox-91.3.0esr.processed-source.tar.xz -SOURCES/firefox-langpacks-91.3.0esr-20211101.tar.xz +SOURCES/firefox-91.4.0esr.processed-source.tar.xz +SOURCES/firefox-langpacks-91.4.0esr-20211201.tar.xz SOURCES/nspr-4.32.0-1.el8_1.src.rpm -SOURCES/nss-3.67.0-6.el8_1.src.rpm +SOURCES/nss-3.67.0-7.el8_1.src.rpm diff --git a/README.debrand b/README.debrand deleted file mode 100644 index 01c46d2..0000000 --- a/README.debrand +++ /dev/null @@ -1,2 +0,0 @@ -Warning: This package was configured for automatic debranding, but the changes -failed to apply. diff --git a/SOURCES/firefox-nss-addon-hack.patch b/SOURCES/firefox-nss-addon-hack.patch new file mode 100644 index 0000000..0322707 --- /dev/null +++ b/SOURCES/firefox-nss-addon-hack.patch @@ -0,0 +1,19 @@ +diff -up firefox-84.0.2/security/certverifier/NSSCertDBTrustDomain.cpp.nss-hack firefox-84.0.2/security/certverifier/NSSCertDBTrustDomain.cpp +--- firefox-84.0.2/security/certverifier/NSSCertDBTrustDomain.cpp.nss-hack 2021-01-11 12:12:02.585514543 +0100 ++++ firefox-84.0.2/security/certverifier/NSSCertDBTrustDomain.cpp 2021-01-11 12:47:50.345984582 +0100 +@@ -1619,6 +1619,15 @@ SECStatus InitializeNSS(const nsACString + return srv; + } + ++ /* Sets the NSS_USE_ALG_IN_ANY_SIGNATURE bit. ++ * does not change NSS_USE_ALG_IN_CERT_SIGNATURE, ++ * so policy will still disable use of sha1 in ++ * certificate related signature processing. */ ++ srv = NSS_SetAlgorithmPolicy(SEC_OID_SHA1, NSS_USE_ALG_IN_ANY_SIGNATURE, 0); ++ if (srv != SECSuccess) { ++ NS_WARNING("Unable to use SHA1 for Add-ons, expect broken/disabled Add-ons. See https://bugzilla.redhat.com/show_bug.cgi?id=1908018 for details."); ++ } ++ + if (nssDbConfig == NSSDBConfig::ReadWrite) { + UniquePK11SlotInfo slot(PK11_GetInternalKeySlot()); + if (!slot) { diff --git a/SPECS/firefox.spec b/SPECS/firefox.spec index d920825..956d73f 100644 --- a/SPECS/firefox.spec +++ b/SPECS/firefox.spec @@ -128,8 +128,8 @@ end} Summary: Mozilla Firefox Web browser Name: firefox -Version: 91.3.0 -Release: 1%{?dist} +Version: 91.4.0 +Release: 3%{?dist} URL: https://www.mozilla.org/firefox/ License: MPLv1.1 or GPLv2+ or LGPLv2+ %if 0%{?rhel} == 9 @@ -149,7 +149,7 @@ ExcludeArch: s390 ppc # Link to official tarball: https://hg.mozilla.org/releases/mozilla-release/archive/firefox-%%{version}%%{?pre_version}.source.tar.xz Source0: firefox-%{version}%{?pre_version}.processed-source.tar.xz %if %{build_langpacks} -Source1: firefox-langpacks-%{version}%{?pre_version}-20211101.tar.xz +Source1: firefox-langpacks-%{version}%{?pre_version}-20211201.tar.xz %endif Source2: cbindgen-vendor.tar.xz Source3: process-official-tarball @@ -168,7 +168,7 @@ Source26: distribution.ini Source27: google-api-key Source28: node-stdout-nonblocking-wrapper -Source403: nss-3.67.0-6.el8_1.src.rpm +Source403: nss-3.67.0-7.el8_1.src.rpm Source401: nss-setup-flags-env.inc Source402: nspr-4.32.0-1.el8_1.src.rpm @@ -184,6 +184,7 @@ Patch6: build-nss-version.patch Patch215: firefox-enable-addons.patch Patch219: rhbz-1173156.patch Patch224: mozilla-1170092.patch +Patch225: firefox-nss-addon-hack.patch # Upstream patches @@ -424,6 +425,7 @@ echo "use_rustts %{?use_rustts}" %patch215 -p1 -b .addons %patch219 -p1 -b .rhbz-1173156 %patch224 -p1 -b .1170092 +%patch225 -p1 -b .firefox-nss-addon-hack # Patch for big endian platforms only %if 0%{?big_endian} @@ -480,7 +482,7 @@ echo "ac_add_options --disable-optimize" >> .mozconfig %else %global optimize_flags "-g -O2" %ifarch s390x -%global optimize_flags "-g -O1" +%global optimize_flags "-g -O2" %endif %ifarch ppc64le aarch64 %global optimize_flags "-g -O2" @@ -1247,8 +1249,14 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || : #--------------------------------------------------------------------- %changelog -* Tue Dec 07 2021 CentOS Sources - 91.3.0-1.el9.centos -- Apply debranding changes +* Wed Dec 22 2021 Jan Horak - 91.4.0-3 +- Enable optimalization on s390x + +* Mon Dec 13 2021 Jan Horak - 91.4.0-2 +- Added fix for failing addons signatures. + +* Wed Dec 01 2021 Eike Rathke - 91.4.0-1 +- Update to 91.4.0 build1 * Mon Nov 01 2021 Eike Rathke - 91.3.0-1 - Update to 91.3.0 build1