packages/firefox
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!190 fix CVE-2021-23998

Browse Source 
From: @technology208 
Reviewed-by: @wk333 
Signed-off-by: @wk333
This commit is contained in:
openeuler-ci-bot 2024-08-05 06:43:05 +00:00 committed by Gitee
commit 2a2e9de956
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 39 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
CVE-2021-23998.patch Normal file
View File

@ -0,0 +1,33 @@
From 8bfa81da7a7869f9b7ac9092c179811a88052a41 Mon Sep 17 00:00:00 2001
From: Gijs Kruitbosch <gijskruitbosch@gmail.com>
Date: Mon, 22 Jul 2024 11:20:59 +0800
Subject: [PATCH] fix pageproxystate handling in the url bar, r=johannh a=RyanVM
---
browser/base/content/browser-siteIdentity.js | 10 ----------
1 file changed, 10 deletions(-)
diff --git a/browser/base/content/browser-siteIdentity.js b/browser/base/content/browser-siteIdentity.js
index 0f69461..4214104 100644
--- a/browser/base/content/browser-siteIdentity.js
+++ b/browser/base/content/browser-siteIdentity.js
@@ -869,16 +869,6 @@ var gIdentityHandler = {
return;
}
- // If this condition is true, the URL bar will have an "invalid"
- // pageproxystate, which will hide the security indicators. Thus, we can
- // safely avoid updating the security UI.
- //
- // This will also filter out intermediate about:blank loads to avoid
- // flickering the identity block and doing unnecessary work.
- if (this._hasInvalidPageProxyState()) {
- return;
- }
-
this._refreshIdentityIcons();
this._refreshPermissionIcons();
--
2.27.0

7
firefox.spec
View File

@ -88,7 +88,7 @@
Summary: Mozilla Firefox Web browser Summary: Mozilla Firefox Web browser
Name: firefox Name: firefox
Version: 79.0 Version: 79.0
Release: 28 Release: 29
URL: https://www.mozilla.org/firefox/ URL: https://www.mozilla.org/firefox/
License: MPLv1.1 or GPLv2+ or LGPLv2+ License: MPLv1.1 or GPLv2+ or LGPLv2+
Source0: https://archive.mozilla.org/pub/firefox/releases/%{version}/source/firefox-%{version}.source.tar.xz Source0: https://archive.mozilla.org/pub/firefox/releases/%{version}/source/firefox-%{version}.source.tar.xz
@ -209,6 +209,7 @@ Patch665: CVE-2021-23972.patch
Patch666: CVE-2021-23954.patch Patch666: CVE-2021-23954.patch
Patch667: CVE-2021-29984.patch Patch667: CVE-2021-29984.patch
Patch668: CVE-2021-29988.patch Patch668: CVE-2021-29988.patch
Patch669: CVE-2021-23998.patch
%if %{?system_nss} %if %{?system_nss}
BuildRequires: pkgconfig(nspr) >= %{nspr_version} pkgconfig(nss) >= %{nss_version} BuildRequires: pkgconfig(nspr) >= %{nspr_version} pkgconfig(nss) >= %{nss_version}
@ -412,6 +413,7 @@ tar -xf %{SOURCE3}
%patch666 -p1 %patch666 -p1
%patch667 -p1 %patch667 -p1
%patch668 -p1 %patch668 -p1
%patch669 -p1
%{__rm} -f .mozconfig %{__rm} -f .mozconfig
%{__cp} %{SOURCE10} .mozconfig %{__cp} %{SOURCE10} .mozconfig
@ -860,6 +862,9 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
%endif %endif
%changelog %changelog
* Mon Jul 22 2024 technology208 <technology@208suo.com> - 79.0-29
- Fix CVE-2021-23998
* Thu Jul 18 2024 technology208 <technology@208suo.com> - 79.0-28 * Thu Jul 18 2024 technology208 <technology@208suo.com> - 79.0-28
- Fix CVE-2021-29988 - Fix CVE-2021-29988