From b390a4b555daadc6c812f4bf5f1c338b311f4554 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Ren=C3=A9=20Rebe?= Date: Fri, 31 Jan 2025 13:12:43 +0000 Subject: [PATCH] * updated firefox (133.0.3 -> 134.0.2) git-svn-id: https://svn.exactcode.de/t2/trunk@73536 c5f82cb5-29bc-0310-9cd0-bff59a50e3bc --- package/www/firefox/firefox.desc | 17 ++-- package/www/firefox/hotfix-icu4c-74.patch | 37 --------- package/www/firefox/hotfix-wgpu-atomicu64.patch | 27 +++--- package/www/firefox/sandbox-fonts.patch | 65 ++++++++------- package/www/firefox/sandbox-x11.patch | 106 +++++++++++++++--------- 5 files changed, 115 insertions(+), 137 deletions(-) delete mode 100644 package/www/firefox/hotfix-icu4c-74.patch rewrite package/www/firefox/sandbox-fonts.patch (86%) rewrite package/www/firefox/sandbox-x11.patch (99%) diff --git a/package/www/firefox/firefox.desc b/package/www/firefox/firefox.desc index 1f1f941092..b7fc0f8d0c 100644 --- a/package/www/firefox/firefox.desc +++ b/package/www/firefox/firefox.desc @@ -1,14 +1,9 @@ -[COPY] --- T2-COPYRIGHT-NOTE-BEGIN --- -[COPY] T2 SDE: package/*/firefox/firefox.desc +[COPY] --- T2-COPYRIGHT-BEGIN --- +[COPY] t2/package/*/firefox/firefox.desc [COPY] Copyright (C) 2004 - 2025 The T2 SDE Project [COPY] Copyright (C) 1998 - 2004 ROCK Linux Project -[COPY] -[COPY] This Copyright note is generated by scripts/Create-CopyPatch, -[COPY] more information can be found in the files COPYING and README. -[COPY] -[COPY] This program is free software; you can redistribute it and/or modify -[COPY] it under the terms of the GNU General Public License version 2. -[COPY] --- T2-COPYRIGHT-NOTE-END --- +[COPY] SPDX-License-Identifier: GPL-2.0 +[COPY] --- T2-COPYRIGHT-END --- [I] The award-winning, fast and secure Web browser @@ -26,9 +21,9 @@ [L] MPL [S] Stable -[V] 133.0.3 +[V] 134.0.2 [P] X -----5---9 152.700 [O] . $base/package/*/*/mozilla-conf.in -[D] 86cb6bf09c08eb5ac8c9d0add6ce40c249ca6b45166556eb828b891a firefox-133.0.3.source.tar.xz https://ftp.mozilla.org/pub/firefox/releases/133.0.3/source/ +[D] ce9f18c4b89667373408087891132a1abe8ba01786035fc9da6d1485 firefox-134.0.2.source.tar.xz https://ftp.mozilla.org/pub/firefox/releases/134.0.2/source/ diff --git a/package/www/firefox/hotfix-icu4c-74.patch b/package/www/firefox/hotfix-icu4c-74.patch deleted file mode 100644 index 18dfb79a71..0000000000 --- a/package/www/firefox/hotfix-icu4c-74.patch +++ /dev/null @@ -1,37 +0,0 @@ - -# HG changeset patch -# User André Bargull -# Date 1697435923 -7200 -# Node ID d5f3b0c4f08a426ce00a153c04e177eecb6820e2 -# Parent c63994f8259efdf6e745c960aa9e1409d5477049 -Bug xxx - Part 12: Add new line break classes. r? - -diff --git a/intl/lwbrk/LineBreaker.cpp b/intl/lwbrk/LineBreaker.cpp ---- a/intl/lwbrk/LineBreaker.cpp -+++ b/intl/lwbrk/LineBreaker.cpp -@@ -443,17 +443,23 @@ static int8_t GetClass(uint32_t u, LineB - /* JT = 34, [JT] */ CLASS_CHARACTER, - /* JV = 35, [JV] */ CLASS_CHARACTER, - /* CLOSE_PARENTHESIS = 36, [CP] */ CLASS_CLOSE_LIKE_CHARACTER, - /* CONDITIONAL_JAPANESE_STARTER = 37, [CJ] */ CLASS_CLOSE, - /* HEBREW_LETTER = 38, [HL] */ CLASS_CHARACTER, - /* REGIONAL_INDICATOR = 39, [RI] */ CLASS_CHARACTER, - /* E_BASE = 40, [EB] */ CLASS_BREAKABLE, - /* E_MODIFIER = 41, [EM] */ CLASS_CHARACTER, -- /* ZWJ = 42, [ZWJ]*/ CLASS_CHARACTER}; -+ /* ZWJ = 42, [ZWJ]*/ CLASS_CHARACTER, -+ /* AKSARA = 43, [AK] */ CLASS_CHARACTER, -+ /* AKSARA_PREBASE = 44, [AP] */ CLASS_CHARACTER, -+ /* AKSARA_START = 45, [AS] */ CLASS_CHARACTER, -+ /* VIRAMA_FINAL = 46, [VF] */ CLASS_CHARACTER, -+ /* VIRAMA = 47, [VI] */ CLASS_CHARACTER, -+ }; - - static_assert(U_LB_COUNT == mozilla::ArrayLength(sUnicodeLineBreakToClass), - "Gecko vs ICU LineBreak class mismatch"); - - auto cls = GetLineBreakClass(u); - MOZ_ASSERT(cls < mozilla::ArrayLength(sUnicodeLineBreakToClass)); - - // Overrides based on rules for the different line-break values given in - diff --git a/package/www/firefox/hotfix-wgpu-atomicu64.patch b/package/www/firefox/hotfix-wgpu-atomicu64.patch index 2272d9493c..a551a13a7d 100644 --- a/package/www/firefox/hotfix-wgpu-atomicu64.patch +++ b/package/www/firefox/hotfix-wgpu-atomicu64.patch @@ -1,25 +1,18 @@ -# --- T2-COPYRIGHT-NOTE-BEGIN --- -# T2 SDE: package/*/firefox/hotfix-wgpu-atomicu64.patch -# Copyright (C) 2024 The T2 SDE Project -# -# This Copyright note is generated by scripts/Create-CopyPatch, -# more information can be found in the files COPYING and README. -# -# This patch file is dual-licensed. It is available under the license the -# patched project is licensed under, as long as it is an OpenSource license -# as defined at http://www.opensource.org/ (e.g. BSD, X11) or under the terms -# of the GNU General Public License version 2 as used by the T2 SDE. -# --- T2-COPYRIGHT-NOTE-END --- +# --- T2-COPYRIGHT-BEGIN --- +# t2/package/*/firefox/hotfix-wgpu-atomicu64.patch +# Copyright (C) 2024 - 2025 The T2 SDE Project +# SPDX-License-Identifier: GPL-2.0 or patched project license +# --- T2-COPYRIGHT-END --- ---- firefox-131.0/third_party/rust/wgpu-core/src/device/resource.rs.vanilla 2024-10-01 17:34:29.813000000 +0100 -+++ firefox-131.0/third_party/rust/wgpu-core/src/device/resource.rs 2024-10-01 17:34:40.242000000 +0100 -@@ -48,7 +48,7 @@ - iter, +--- firefox-134.0.2/third_party/rust/wgpu-core/src/device/resource.rs.vanilla 2025-01-31 11:24:53.200939943 +0100 ++++ firefox-134.0.2/third_party/rust/wgpu-core/src/device/resource.rs 2025-01-31 11:24:58.516939731 +0100 +@@ -46,7 +46,7 @@ + mem::{self, ManuallyDrop}, num::NonZeroU32, sync::{ - atomic::{AtomicBool, AtomicU64, Ordering}, + atomic::{AtomicBool, AtomicUsize, Ordering}, - Arc, Weak, + Arc, OnceLock, Weak, }, }; @@ -280,8 +280,8 @@ diff --git a/package/www/firefox/sandbox-fonts.patch b/package/www/firefox/sandbox-fonts.patch dissimilarity index 86% index 33a06c869d..66d1e2b468 100644 --- a/package/www/firefox/sandbox-fonts.patch +++ b/package/www/firefox/sandbox-fonts.patch @@ -1,32 +1,33 @@ -# --- T2-COPYRIGHT-NOTE-BEGIN --- -# This copyright note is auto-generated by scripts/Create-CopyPatch. -# -# T2 SDE: package/.../firefox/sandbox-fonts.patch -# Copyright (C) 2020 The T2 SDE Project -# -# More information can be found in the files COPYING and README. -# -# This patch file is dual-licensed. It is available under the license the -# patched project is licensed under, as long as it is an OpenSource license -# as defined at http://www.opensource.org/ (e.g. BSD, X11) or under the terms -# of the GNU General Public License as published by the Free Software -# Foundation; either version 2 of the License, or (at your option) any later -# version. -# --- T2-COPYRIGHT-NOTE-END --- - -Adapt sandbox broker policy allow-list to the font path we usually use. - --- Signed-off-by: René Rebe - ---- firefox-57.0/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp.vanilla 2017-11-16 17:56:45.091951171 +0100 -+++ firefox-57.0/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp 2017-11-16 17:57:11.287951481 +0100 -@@ -161,7 +161,8 @@ - policy->AddDir(rdonly, "/usr/tmp"); - policy->AddDir(rdonly, "/var/tmp"); - // Various places where fonts reside -- policy->AddDir(rdonly, "/usr/X11R6/lib/X11/fonts"); -+ policy->AddDir(rdonly, "/usr/X11/share/fonts"); -+ policy->AddDir(rdonly, "/usr/X11/lib/X11/fonts"); - policy->AddDir(rdonly, "/nix/store"); - policy->AddDir(rdonly, "/run/host/fonts"); - policy->AddDir(rdonly, "/run/host/user-fonts"); +# --- T2-COPYRIGHT-BEGIN --- +# t2/package/*/firefox/sandbox-fonts.patch +# Copyright (C) 2020 - 2025 The T2 SDE Project +# SPDX-License-Identifier: GPL-2.0 or patched project license +# --- T2-COPYRIGHT-END --- + +Adapt sandbox broker policy allow-list to the font path we actually use. + +-- Signed-off-by: René Rebe + +--- firefox-134.0.2/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp.vanilla 2025-01-31 11:28:23.618931553 +0100 ++++ firefox-134.0.2/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp 2025-01-31 11:31:03.809925166 +0100 +@@ -458,17 +458,12 @@ + policy->AddTree(rdonly, "/usr/share"); + policy->AddTree(rdonly, "/usr/local/share"); + // Various places where fonts reside +- policy->AddTree(rdonly, "/usr/X11R6/lib/X11/fonts"); +- policy->AddTree(rdonly, "/nix/store"); +- // https://gitlab.com/freedesktop-sdk/freedesktop-sdk/-/blob/e434e680d22260f277f4a30ec4660ed32b591d16/files/fontconfig-flatpak.conf +- policy->AddTree(rdonly, "/run/host/fonts"); +- policy->AddTree(rdonly, "/run/host/user-fonts"); +- policy->AddTree(rdonly, "/run/host/local-fonts"); +- policy->AddTree(rdonly, "/var/cache/fontconfig"); ++ ++ policy->AddDir(rdonly, "/usr/X11/share/fonts"); ++ policy->AddDir(rdonly, "/usr/X11/lib/X11/fonts"); + + // Bug 1848615 + policy->AddPath(rdonly, "/usr"); +- policy->AddPath(rdonly, "/nix"); + + AddLdconfigPaths(policy); + AddLdLibraryEnvPaths(policy); diff --git a/package/www/firefox/sandbox-x11.patch b/package/www/firefox/sandbox-x11.patch dissimilarity index 99% index 4647bd7f87..947e6c383f 100644 --- a/package/www/firefox/sandbox-x11.patch +++ b/package/www/firefox/sandbox-x11.patch @@ -1,40 +1,66 @@ ---- firefox-127.0/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp.vanilla 2024-06-14 14:48:51.851243892 +0200 -+++ firefox-127.0/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp 2024-06-14 15:24:11.735169676 +0200 -@@ -446,6 +446,9 @@ - policy->AddDir(rdonly, "/usr/lib"); - policy->AddDir(rdonly, "/usr/lib32"); - policy->AddDir(rdonly, "/usr/lib64"); -+ policy->AddDir(rdonly, "/usr/X11/lib"); -+ policy->AddDir(rdonly, "/usr/X11/lib32"); -+ policy->AddDir(rdonly, "/usr/X11/lib64"); - policy->AddDir(rdonly, "/etc"); - policy->AddDir(rdonly, "/usr/share"); - policy->AddDir(rdonly, "/usr/local/share"); -@@ -461,7 +462,6 @@ - - // Bug 1848615 - policy->AddPath(rdonly, "/usr"); -- policy->AddPath(rdonly, "/nix"); - - AddLdconfigPaths(policy); - AddLdLibraryEnvPaths(policy); -@@ -984,6 +984,9 @@ - policy->AddDir(rdonly, "/usr/lib"); - policy->AddDir(rdonly, "/usr/lib32"); - policy->AddDir(rdonly, "/usr/lib64"); -+ policy->AddDir(rdonly, "/usr/X11/lib"); -+ policy->AddDir(rdonly, "/usr/X11/lib32"); -+ policy->AddDir(rdonly, "/usr/X11/lib64"); - policy->AddDir(rdonly, "/usr/share"); - policy->AddDir(rdonly, "/usr/local/share"); - policy->AddDir(rdonly, "/etc"); -@@ -1038,6 +1041,9 @@ - policy->AddDir(rdonly, "/usr/lib"); - policy->AddDir(rdonly, "/usr/lib32"); - policy->AddDir(rdonly, "/usr/lib64"); -+ policy->AddDir(rdonly, "/usr/X11/lib"); -+ policy->AddDir(rdonly, "/usr/X11/lib32"); -+ policy->AddDir(rdonly, "/usr/X11/lib64"); - policy->AddDir(rdonly, "/usr/share"); - policy->AddDir(rdonly, "/usr/local/share"); - policy->AddDir(rdonly, "/etc"); +# --- T2-COPYRIGHT-BEGIN --- +# t2/package/*/firefox/sandbox-x11.patch +# Copyright (C) 2025 The T2 SDE Project +# SPDX-License-Identifier: GPL-2.0 or patched project license +# --- T2-COPYRIGHT-END --- + +--- firefox-134.0.2/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp.vanilla 2025-01-31 11:35:45.944913917 +0100 ++++ firefox-134.0.2/security/sandbox/linux/broker/SandboxBrokerPolicyFactory.cpp 2025-01-31 11:42:37.705897499 +0100 +@@ -454,6 +454,10 @@ + policy->AddTree(rdonly, "/usr/lib"); + policy->AddTree(rdonly, "/usr/lib32"); + policy->AddTree(rdonly, "/usr/lib64"); ++ policy->AddTree(rdonly, "/usr/X11/lib"); ++ policy->AddTree(rdonly, "/usr/X11/lib32"); ++ policy->AddTree(rdonly, "/usr/X11/lib64"); ++ + policy->AddTree(rdonly, "/etc"); + policy->AddTree(rdonly, "/usr/share"); + policy->AddTree(rdonly, "/usr/local/share"); +@@ -548,7 +552,7 @@ + { + // If $XDG_CONFIG_HOME is set, we need to account for it. + // FIXME: Bug 1722272: Maybe this should just be handled with +- // GetSpecialSystemDirectory(Unix_XDG_ConfigHome) ? ++ // GetSpecialSystemDirectory(UNIx_XDG_ConfigHome) ? + nsCOMPtr confDirOrXDGConfigHomeDir; + if (!xdgConfigHome.IsEmpty()) { + rv = NS_NewNativeLocalFile(xdgConfigHome, +@@ -907,8 +911,9 @@ + policy->AddTree(rdonly, "/usr/lib"); + policy->AddTree(rdonly, "/usr/lib32"); + policy->AddTree(rdonly, "/usr/lib64"); +- policy->AddTree(rdonly, "/run/opengl-driver/lib"); +- policy->AddTree(rdonly, "/nix/store"); ++ policy->AddTree(rdonly, "/usr/X11/lib"); ++ policy->AddTree(rdonly, "/usr/X11/lib32"); ++ policy->AddTree(rdonly, "/usr/X11/lib64"); + + // Bug 1647957: memory reporting. + AddMemoryReporting(policy.get(), aPid); +@@ -986,6 +991,9 @@ + policy->AddTree(rdonly, "/usr/lib"); + policy->AddTree(rdonly, "/usr/lib32"); + policy->AddTree(rdonly, "/usr/lib64"); ++ policy->AddTree(rdonly, "/usr/X11/lib"); ++ policy->AddTree(rdonly, "/usr/X11/lib32"); ++ policy->AddTree(rdonly, "/usr/X11/lib64"); + policy->AddTree(rdonly, "/usr/share"); + policy->AddTree(rdonly, "/usr/local/share"); + policy->AddTree(rdonly, "/etc"); +@@ -1040,12 +1048,12 @@ + policy->AddTree(rdonly, "/usr/lib"); + policy->AddTree(rdonly, "/usr/lib32"); + policy->AddTree(rdonly, "/usr/lib64"); ++ policy->AddTree(rdonly, "/usr/X11/lib"); ++ policy->AddTree(rdonly, "/usr/X11/lib32"); ++ policy->AddTree(rdonly, "/usr/X11/lib64"); + policy->AddTree(rdonly, "/usr/share"); + policy->AddTree(rdonly, "/usr/local/share"); + policy->AddTree(rdonly, "/etc"); +- // Required to make sure ffmpeg loads properly, this is already existing on +- // Content and RDD +- policy->AddTree(rdonly, "/nix/store"); + + // glibc will try to stat64("/") while populating nsswitch database + // https://sourceware.org/git/?p=glibc.git;a=blob;f=nss/nss_database.c;h=cf0306adc47f12d9bc761ab1b013629f4482b7e6;hb=9826b03b747b841f5fc6de2054bf1ef3f5c4bdf3#l396 -- 2.11.4.GIT