packages/firefox
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!231 fix CVE-2021-29970

Browse Source 
From: @jackssir 
Reviewed-by: @wk333 
Signed-off-by: @wk333
This commit is contained in:
openeuler-ci-bot 2024-11-05 11:13:06 +00:00 committed by Gitee
commit 2bfdfd1c87
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 47 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
CVE-2021-29970.patch Normal file
View File

@ -0,0 +1,41 @@
From 454d20cad04692c443e7a66dd53f0918b22a5638 Mon Sep 17 00:00:00 2001
From: Eitan Isaacson <eitan@monotonous.org>
Date: Tue, 08 Jun 2021 22:21:05 +0000 (2021-06-09)
Subject: [PATCH] CVE-2021-29970
---
accessible/base/SelectionManager.cpp | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/accessible/base/SelectionManager.cpp b/accessible/base/SelectionManager.cpp
index 5b37cf1528..c86841d20c 100644
--- a/accessible/base/SelectionManager.cpp
+++ b/accessible/base/SelectionManager.cpp
@@ -101,6 +101,24 @@ void SelectionManager::RemoveDocSelectionListener(PresShell* aPresShell) {
// selection.
Selection* spellSel = frameSel->GetSelection(SelectionType::eSpellCheck);
spellSel->RemoveSelectionListener(this);
+
+ if (mCurrCtrlNormalSel) {
+ if (mCurrCtrlNormalSel->GetPresShell() == aPresShell) {
+ // Remove 'this' registered as selection listener for the normal selection
+ // if we are removing listeners for its PresShell.
+ mCurrCtrlNormalSel->RemoveSelectionListener(this);
+ mCurrCtrlNormalSel = nullptr;
+ }
+ }
+
+ if (mCurrCtrlSpellSel) {
+ if (mCurrCtrlSpellSel->GetPresShell() == aPresShell) {
+ // Remove 'this' registered as selection listener for the spellcheck
+ // selection if we are removing listeners for its PresShell.
+ mCurrCtrlSpellSel->RemoveSelectionListener(this);
+ mCurrCtrlSpellSel = nullptr;
+ }
+ }
}
void SelectionManager::ProcessTextSelChangeEvent(AccEvent* aEvent) {
--
2.27.0

7
firefox.spec
View File

@ -88,7 +88,7 @@
Summary: Mozilla Firefox Web browser Summary: Mozilla Firefox Web browser
Name: firefox Name: firefox
Version: 79.0 Version: 79.0
Release: 32 Release: 33
URL: https://www.mozilla.org/firefox/ URL: https://www.mozilla.org/firefox/
License: MPLv1.1 or GPLv2+ or LGPLv2+ License: MPLv1.1 or GPLv2+ or LGPLv2+
Source0: https://archive.mozilla.org/pub/firefox/releases/%{version}/source/firefox-%{version}.source.tar.xz Source0: https://archive.mozilla.org/pub/firefox/releases/%{version}/source/firefox-%{version}.source.tar.xz
@ -213,6 +213,7 @@ Patch669: CVE-2021-23998.patch
Patch670: CVE-2022-29912.patch Patch670: CVE-2022-29912.patch
Patch671: CVE-2024-0745.patch Patch671: CVE-2024-0745.patch
Patch672: CVE-2023-1945.patch Patch672: CVE-2023-1945.patch
Patch673: CVE-2021-29970.patch
%if %{?system_nss} %if %{?system_nss}
BuildRequires: pkgconfig(nspr) >= %{nspr_version} pkgconfig(nss) >= %{nss_version} BuildRequires: pkgconfig(nspr) >= %{nspr_version} pkgconfig(nss) >= %{nss_version}
@ -420,6 +421,7 @@ tar -xf %{SOURCE3}
%patch670 -p1 %patch670 -p1
%patch671 -p1 %patch671 -p1
%patch672 -p1 %patch672 -p1
%patch673 -p1
%{__rm} -f .mozconfig %{__rm} -f .mozconfig
%{__cp} %{SOURCE10} .mozconfig %{__cp} %{SOURCE10} .mozconfig
@ -868,6 +870,9 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
%endif %endif
%changelog %changelog
* Fri Nov 01 2024 lvfei <lvfei@kylinos.cn> - 79.0-33
- Fix CVE-2021-29970
* Wed Aug 14 2024 happyworker <208suo@208suo.com> - 79.0-32 * Wed Aug 14 2024 happyworker <208suo@208suo.com> - 79.0-32
- Fix CVE-2023-1945 - Fix CVE-2023-1945