packages/firefox
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

CVE-2023-1945

Browse Source
This commit is contained in:
happyworker 2024-10-10 14:37:31 +08:00
parent 398f070801
commit 03d7fe9120
2 changed files with 41 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
CVE-2023-1945.patch Normal file
View File

@ -0,0 +1,35 @@
From 7798fafb53081cb22407bc4371247413146fda7b Mon Sep 17 00:00:00 2001
From: Dimi <dlee@mozilla.com>
Date: Thu, 10 Oct 2024 14:33:37 +0800
Subject: [PATCH] Init variable length prefix set in constructor. r=timhuang, a=RyanVM
---
toolkit/components/url-classifier/LookupCache.cpp | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/toolkit/components/url-classifier/LookupCache.cpp b/toolkit/components/url-classifier/LookupCache.cpp
index d0b03054f1..0931c93048 100644
--- a/toolkit/components/url-classifier/LookupCache.cpp
+++ b/toolkit/components/url-classifier/LookupCache.cpp
@@ -171,7 +171,8 @@ LookupCache::LookupCache(const nsACString& aTableName,
: mPrimed(false),
mTableName(aTableName),
mProvider(aProvider),
- mRootStoreDirectory(aRootStoreDir) {
+ mRootStoreDirectory(aRootStoreDir),
+ mVLPrefixSet(nullptr) {
UpdateRootDirHandle(mRootStoreDirectory);
}
@@ -192,6 +193,8 @@ nsresult LookupCache::Open() {
}
nsresult LookupCache::Init() {
+ MOZ_ASSERT(!mVLPrefixSet);
+
mVLPrefixSet = new VariableLengthPrefixSet();
nsresult rv = mVLPrefixSet->Init(mTableName);
NS_ENSURE_SUCCESS(rv, rv);
--
2.27.0

7
firefox.spec
View File

@ -88,7 +88,7 @@
Summary: Mozilla Firefox Web browser Summary: Mozilla Firefox Web browser
Name: firefox Name: firefox
Version: 79.0 Version: 79.0
Release: 31 Release: 32
URL: https://www.mozilla.org/firefox/ URL: https://www.mozilla.org/firefox/
License: MPLv1.1 or GPLv2+ or LGPLv2+ License: MPLv1.1 or GPLv2+ or LGPLv2+
Source0: https://archive.mozilla.org/pub/firefox/releases/%{version}/source/firefox-%{version}.source.tar.xz Source0: https://archive.mozilla.org/pub/firefox/releases/%{version}/source/firefox-%{version}.source.tar.xz
@ -212,6 +212,7 @@ Patch668: CVE-2021-29988.patch
Patch669: CVE-2021-23998.patch Patch669: CVE-2021-23998.patch
Patch670: CVE-2022-29912.patch Patch670: CVE-2022-29912.patch
Patch671: CVE-2024-0745.patch Patch671: CVE-2024-0745.patch
Patch672: CVE-2023-1945.patch
%if %{?system_nss} %if %{?system_nss}
BuildRequires: pkgconfig(nspr) >= %{nspr_version} pkgconfig(nss) >= %{nss_version} BuildRequires: pkgconfig(nspr) >= %{nspr_version} pkgconfig(nss) >= %{nss_version}
@ -418,6 +419,7 @@ tar -xf %{SOURCE3}
%patch669 -p1 %patch669 -p1
%patch670 -p1 %patch670 -p1
%patch671 -p1 %patch671 -p1
%patch672 -p1
%{__rm} -f .mozconfig %{__rm} -f .mozconfig
%{__cp} %{SOURCE10} .mozconfig %{__cp} %{SOURCE10} .mozconfig
@ -866,6 +868,9 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
%endif %endif
%changelog %changelog
* Wed Aug 14 2024 happyworker <208suo@208suo.com> - 79.0-32
- Fix CVE-2023-1945
* Wed Aug 14 2024 lvfei <lvfei@kylinos.cn> - 79.0-31 * Wed Aug 14 2024 lvfei <lvfei@kylinos.cn> - 79.0-31
- Fix CVE-2024-0745 - Fix CVE-2024-0745