From a4a9460d48adbbc344bf5b041dde1701f07638bc Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Feb 14 2022 08:16:12 +0000 Subject: import firefox-91.6.0-1.el8_5 --- diff --git a/.firefox.metadata b/.firefox.metadata index 49d14a0..9cc981b 100644 --- a/.firefox.metadata +++ b/.firefox.metadata @@ -1,5 +1,5 @@ c822547dbc12e2baebdfdfb38b665e23f0c2513a SOURCES/cbindgen-vendor.tar.xz -7a15042e733a831ee519372eef5b50fdc0becdde SOURCES/firefox-91.5.0esr.processed-source.tar.xz -4a72e79ba3d0861cad3e229ef54e66014f65447b SOURCES/firefox-langpacks-91.5.0esr-20220106.tar.xz +986181f538d2a6951f95b4e1a754854b8e0048ff SOURCES/firefox-91.6.0esr.processed-source.tar.xz +ea7fce0f4ee0101b6d9ef8b4d050fe8a16becff9 SOURCES/firefox-langpacks-91.6.0esr-20220202.tar.xz b5fd1332d8e0d37339ae170c7bebcb63a40b22e0 SOURCES/nspr-4.32.0-1.el8_1.src.rpm 8fff814901e03c2518ede2f8992d898f5ba61ed9 SOURCES/nss-3.67.0-7.el8_1.src.rpm diff --git a/.gitignore b/.gitignore index 1c80fd7..6475423 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,5 @@ SOURCES/cbindgen-vendor.tar.xz -SOURCES/firefox-91.5.0esr.processed-source.tar.xz -SOURCES/firefox-langpacks-91.5.0esr-20220106.tar.xz +SOURCES/firefox-91.6.0esr.processed-source.tar.xz +SOURCES/firefox-langpacks-91.6.0esr-20220202.tar.xz SOURCES/nspr-4.32.0-1.el8_1.src.rpm SOURCES/nss-3.67.0-7.el8_1.src.rpm diff --git a/README.debrand b/README.debrand deleted file mode 100644 index 01c46d2..0000000 --- a/README.debrand +++ /dev/null @@ -1,2 +0,0 @@ -Warning: This package was configured for automatic debranding, but the changes -failed to apply. diff --git a/SOURCES/Bug-1238661---fix-mozillaSignalTrampoline-to-work-.patch b/SOURCES/Bug-1238661---fix-mozillaSignalTrampoline-to-work-.patch deleted file mode 100644 index 6dfe2ad..0000000 --- a/SOURCES/Bug-1238661---fix-mozillaSignalTrampoline-to-work-.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up firefox-60.0/mfbt/LinuxSignal.h.mozilla-1238661 firefox-60.0/mfbt/LinuxSignal.h ---- firefox-60.0/mfbt/LinuxSignal.h.mozilla-1238661 2018-04-27 08:55:38.848241768 +0200 -+++ firefox-60.0/mfbt/LinuxSignal.h 2018-04-27 09:06:47.946769859 +0200 -@@ -22,7 +22,7 @@ __attribute__((naked)) void SignalTrampo - void* aContext) { - asm volatile("nop; nop; nop; nop" : : : "memory"); - -- asm volatile("b %0" : : "X"(H) : "memory"); -+ asm volatile("bx %0" : : "r"(H), "l"(aSignal), "l"(aInfo), "l"(aContext) : "memory"); - } - - # define MOZ_SIGNAL_TRAMPOLINE(h) (mozilla::SignalTrampoline) diff --git a/SOURCES/Bug-1526653---fix_user_vfp_armv7.patch b/SOURCES/Bug-1526653---fix_user_vfp_armv7.patch deleted file mode 100644 index 3f84f95..0000000 --- a/SOURCES/Bug-1526653---fix_user_vfp_armv7.patch +++ /dev/null @@ -1,35 +0,0 @@ -From fd6847c9416f9eebde636e21d794d25d1be8791d Mon Sep 17 00:00:00 2001 -From: Mike Hommey -Date: Sat, 1 Jun 2019 09:06:01 +0900 -Subject: [PATCH] Bug 1526653 - Include struct definitions for user_vfp and - user_vfp_exc. - ---- - js/src/wasm/WasmSignalHandlers.cpp | 11 ++++++++++- - 1 file changed, 10 insertions(+), 1 deletion(-) - -diff --git a/js/src/wasm/WasmSignalHandlers.cpp b/js/src/wasm/WasmSignalHandlers.cpp -index 636537f8478..383c380f04c 100644 ---- a/js/src/wasm/WasmSignalHandlers.cpp -+++ b/js/src/wasm/WasmSignalHandlers.cpp -@@ -248,7 +248,16 @@ using mozilla::DebugOnly; - #endif - - #ifdef WASM_EMULATE_ARM_UNALIGNED_FP_ACCESS --# include -+struct user_vfp { -+ unsigned long long fpregs[32]; -+ unsigned long fpscr; -+}; -+ -+struct user_vfp_exc { -+ unsigned long fpexc; -+ unsigned long fpinst; -+ unsigned long fpinst2; -+}; - #endif - - #if defined(ANDROID) --- -2.20.1 - diff --git a/SOURCES/firefox-centos-default-prefs.js b/SOURCES/firefox-centos-default-prefs.js deleted file mode 100644 index ea10021..0000000 --- a/SOURCES/firefox-centos-default-prefs.js +++ /dev/null @@ -1,35 +0,0 @@ -pref("app.update.auto", false); -pref("app.update.enabled", false); -pref("app.update.autoInstallEnabled", false); -pref("general.smoothScroll", true); -pref("intl.locale.matchOS", true); -pref("toolkit.storage.synchronous", 0); -pref("toolkit.networkmanager.disable", false); -pref("offline.autoDetect", true); -pref("browser.backspace_action", 2); -pref("browser.display.use_system_colors", true); -pref("browser.download.folderList", 1); -pref("browser.link.open_external", 3); -pref("browser.shell.checkDefaultBrowser", false); -pref("network.manage-offline-status", true); -pref("extensions.shownSelectionUI", true); -pref("ui.SpellCheckerUnderlineStyle", 1); -pref("startup.homepage_override_url", "http://www.centos.org"); -pref("startup.homepage_welcome_url", "http://www.centos.org"); -pref("browser.startup.homepage", "data:text/plain,browser.startup.homepage=file:///usr/share/doc/HTML/index.html"); -pref("geo.wifi.uri", "https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%"); -pref("media.gmp-gmpopenh264.provider.enabled",false); -pref("media.gmp-gmpopenh264.autoupdate",false); -pref("media.gmp-gmpopenh264.enabled",false); -pref("media.gmp-gmpopenh264.enabled",false); -pref("plugins.notifyMissingFlash", false); -/* See https://bugzilla.redhat.com/show_bug.cgi?id=1226489 */ -pref("browser.display.use_system_colors", false); -pref("layers.use-image-offscreen-surfaces", false); -/* Allow sending credetials to all https:// sites */ -pref("network.negotiate-auth.trusted-uris", "https://"); -pref("security.use_sqldb", false); -/* Use OS settings for UI language */ -pref("intl.locale.requested", ""); -/* See https://bugzilla.redhat.com/show_bug.cgi?id=1672424 */ -pref("storage.nfs_filesystem", true); diff --git a/SOURCES/firefox-mozconfig b/SOURCES/firefox-mozconfig index 9e8a32f..6c7afd7 100644 --- a/SOURCES/firefox-mozconfig +++ b/SOURCES/firefox-mozconfig @@ -12,7 +12,6 @@ ac_add_options --enable-chrome-format=omni ac_add_options --enable-pulseaudio ac_add_options --without-system-icu ac_add_options --enable-release -ac_add_options --update-channel=release ac_add_options --allow-addon-sideload ac_add_options --with-system-jpeg ac_add_options --enable-js-shell diff --git a/SOURCES/firefox-nss-addon-hack.patch b/SOURCES/firefox-nss-addon-hack.patch new file mode 100644 index 0000000..0322707 --- /dev/null +++ b/SOURCES/firefox-nss-addon-hack.patch @@ -0,0 +1,19 @@ +diff -up firefox-84.0.2/security/certverifier/NSSCertDBTrustDomain.cpp.nss-hack firefox-84.0.2/security/certverifier/NSSCertDBTrustDomain.cpp +--- firefox-84.0.2/security/certverifier/NSSCertDBTrustDomain.cpp.nss-hack 2021-01-11 12:12:02.585514543 +0100 ++++ firefox-84.0.2/security/certverifier/NSSCertDBTrustDomain.cpp 2021-01-11 12:47:50.345984582 +0100 +@@ -1619,6 +1619,15 @@ SECStatus InitializeNSS(const nsACString + return srv; + } + ++ /* Sets the NSS_USE_ALG_IN_ANY_SIGNATURE bit. ++ * does not change NSS_USE_ALG_IN_CERT_SIGNATURE, ++ * so policy will still disable use of sha1 in ++ * certificate related signature processing. */ ++ srv = NSS_SetAlgorithmPolicy(SEC_OID_SHA1, NSS_USE_ALG_IN_ANY_SIGNATURE, 0); ++ if (srv != SECSuccess) { ++ NS_WARNING("Unable to use SHA1 for Add-ons, expect broken/disabled Add-ons. See https://bugzilla.redhat.com/show_bug.cgi?id=1908018 for details."); ++ } ++ + if (nssDbConfig == NSSDBConfig::ReadWrite) { + UniquePK11SlotInfo slot(PK11_GetInternalKeySlot()); + if (!slot) { diff --git a/SPECS/firefox.spec b/SPECS/firefox.spec index 6b9d756..1895c9e 100644 --- a/SPECS/firefox.spec +++ b/SPECS/firefox.spec @@ -128,7 +128,7 @@ end} Summary: Mozilla Firefox Web browser Name: firefox -Version: 91.5.0 +Version: 91.6.0 Release: 1%{?dist} URL: https://www.mozilla.org/firefox/ License: MPLv1.1 or GPLv2+ or LGPLv2+ @@ -153,7 +153,7 @@ ExcludeArch: aarch64 s390 ppc # Link to official tarball: https://hg.mozilla.org/releases/mozilla-release/archive/firefox-%%{version}%%{?pre_version}.source.tar.xz Source0: firefox-%{version}%{?pre_version}.processed-source.tar.xz %if %{build_langpacks} -Source1: firefox-langpacks-%{version}%{?pre_version}-20220106.tar.xz +Source1: firefox-langpacks-%{version}%{?pre_version}-20220202.tar.xz %endif Source2: cbindgen-vendor.tar.xz Source3: process-official-tarball @@ -188,6 +188,7 @@ Patch6: build-nss-version.patch Patch215: firefox-enable-addons.patch Patch219: rhbz-1173156.patch Patch224: mozilla-1170092.patch +Patch225: firefox-nss-addon-hack.patch # Upstream patches @@ -429,6 +430,11 @@ echo "use_rustts %{?use_rustts}" %patch219 -p1 -b .rhbz-1173156 %patch224 -p1 -b .1170092 +# the nss changed in 8.6 and later, so addons are working in older releases +%if 0%{?rhel_minor_version} >= 6 +%patch225 -p1 -b .firefox-nss-addon-hack +%endif + # Patch for big endian platforms only %if 0%{?big_endian} %endif @@ -1251,12 +1257,19 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || : #--------------------------------------------------------------------- %changelog -* Wed Jan 12 2022 CentOS Sources - 91.5.0-1.el8.centos -- Apply debranding changes +* Wed Feb 02 2022 Eike Rathke - 91.6.0-1 +- Update to 91.6.0 build1 + +* Wed Feb 02 2022 Jan Horak - 91.5.0-2 +- Use default update channel to fix non working enterprise policies: + rhbz#2044667 * Thu Jan 06 2022 Eike Rathke - 91.5.0-1 - Update to 91.5.0 build1 +* Mon Dec 13 2021 Jan Horak - 91.4.0-2 +- Added fix for failing addons signatures. + * Wed Dec 01 2021 Eike Rathke - 91.4.0-1 - Update to 91.4.0 build1