packages/firefox
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!188 fix CVE-2021-29984

Browse Source 
From: @technology208 
Reviewed-by: @wk333 
Signed-off-by: @wk333
This commit is contained in:
openeuler-ci-bot 2024-07-18 07:19:04 +00:00 committed by Gitee
commit 33da9b8a7e
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 35 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
CVE-2021-29984.patch Normal file
View File

@ -0,0 +1,28 @@
From aacfe50a8236d826f9ac615a3a2611fd1487997d Mon Sep 17 00:00:00 2001
From: Jan de Mooij <jdemooij@mozilla.com>
Date: Mon, 15 Jul 2024 16:46:36 +0800
Subject: [PATCH] Bug 1720031 - Check for SetInitializedLength when reordering. r=iain
Reference:https://hg.mozilla.org/integration/autoland/rev/7528462f1eef91beaf5a97c78c44b3c35b7f5cd1
---
js/src/jit/InstructionReordering.cpp | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/js/src/jit/InstructionReordering.cpp b/js/src/jit/InstructionReordering.cpp
index 191fcb2..224bf0f 100644
--- a/js/src/jit/InstructionReordering.cpp
+++ b/js/src/jit/InstructionReordering.cpp
@@ -141,6 +141,10 @@ bool jit::ReorderInstructions(MIRGraph& graph) {
if (prev->isInterruptCheck()) {
break;
}
+ if (prev->isSetInitializedLength()) {
+ break;
+ }
+
// The instruction can't be moved before any of its uses.
bool isUse = false;
--
2.27.0

8
firefox.spec
View File

@ -88,7 +88,7 @@
Summary: Mozilla Firefox Web browser Summary: Mozilla Firefox Web browser
Name: firefox Name: firefox
Version: 79.0 Version: 79.0
Release: 26 Release: 27
URL: https://www.mozilla.org/firefox/ URL: https://www.mozilla.org/firefox/
License: MPLv1.1 or GPLv2+ or LGPLv2+ License: MPLv1.1 or GPLv2+ or LGPLv2+
Source0: https://archive.mozilla.org/pub/firefox/releases/%{version}/source/firefox-%{version}.source.tar.xz Source0: https://archive.mozilla.org/pub/firefox/releases/%{version}/source/firefox-%{version}.source.tar.xz
@ -207,6 +207,8 @@ Patch663: CVE-2022-45406.patch
Patch664: CVE-2020-15675.patch Patch664: CVE-2020-15675.patch
Patch665: CVE-2021-23972.patch Patch665: CVE-2021-23972.patch
Patch666: CVE-2021-23954.patch Patch666: CVE-2021-23954.patch
Patch667: CVE-2021-29984.patch
%if %{?system_nss} %if %{?system_nss}
BuildRequires: pkgconfig(nspr) >= %{nspr_version} pkgconfig(nss) >= %{nss_version} BuildRequires: pkgconfig(nspr) >= %{nspr_version} pkgconfig(nss) >= %{nss_version}
BuildRequires: nss-static >= %{nss_version} BuildRequires: nss-static >= %{nss_version}
@ -407,6 +409,7 @@ tar -xf %{SOURCE3}
%patch664 -p1 %patch664 -p1
%patch665 -p1 %patch665 -p1
%patch666 -p1 %patch666 -p1
%patch667 -p1
%{__rm} -f .mozconfig %{__rm} -f .mozconfig
%{__cp} %{SOURCE10} .mozconfig %{__cp} %{SOURCE10} .mozconfig
@ -855,6 +858,9 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
%endif %endif
%changelog %changelog
* Mon Jul 15 2024 technology208 <technology@208suo.com> - 79.0-27
- Fix CVE-2021-29984
* Fri Jul 12 2024 technology208 <technology@208suo.com> - 79.0-26 * Fri Jul 12 2024 technology208 <technology@208suo.com> - 79.0-26
- Fix CVE-2020-15675,CVE-2021-23972,CVE-2021-23954 - Fix CVE-2020-15675,CVE-2021-23972,CVE-2021-23954