Fix CVE-2022-1802
This commit is contained in:
lvfei
parent
64e230a6ae
commit
1d62b6fdcc
47
CVE-2022-1802.patch
Normal file
47
CVE-2022-1802.patch
Normal file
@ -0,0 +1,47 @@
|
||||
From d7ee6342bf9a63dc47fd28567008c44cd6e44bad Mon Sep 17 00:00:00 2001
|
||||
From: Peter Van der Beken <peterv@propagandism.org>
|
||||
Date: Thu, 19 May 2022 14:31:53 +0000 (22 months ago)
|
||||
Subject: [PATCH] CVE-2022-1802
|
||||
|
||||
---
|
||||
dom/notification/old/NotificationDB.jsm | 10 +++++-----
|
||||
1 file changed, 5 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/dom/notification/old/NotificationDB.jsm b/dom/notification/old/NotificationDB.jsm
|
||||
index e950404f50..06c4d40680 100644
|
||||
--- a/dom/notification/old/NotificationDB.jsm
|
||||
+++ b/dom/notification/old/NotificationDB.jsm
|
||||
@@ -40,8 +40,8 @@ var NotificationDB = {
|
||||
return;
|
||||
}
|
||||
|
||||
- this.notifications = {};
|
||||
- this.byTag = {};
|
||||
+ this.notifications = Object.create(null);
|
||||
+ this.byTag = Object.create(null);
|
||||
this.loaded = false;
|
||||
|
||||
this.tasks = []; // read/write operation queue
|
||||
@@ -111,7 +111,7 @@ var NotificationDB = {
|
||||
// populate the list of notifications by tag
|
||||
if (this.notifications) {
|
||||
for (var origin in this.notifications) {
|
||||
- this.byTag[origin] = {};
|
||||
+ this.byTag[origin] = Object.create(null);
|
||||
for (var id in this.notifications[origin]) {
|
||||
var curNotification = this.notifications[origin][id];
|
||||
if (curNotification.tag) {
|
||||
@@ -344,8 +344,8 @@ var NotificationDB = {
|
||||
var origin = data.origin;
|
||||
var notification = data.notification;
|
||||
if (!this.notifications[origin]) {
|
||||
- this.notifications[origin] = {};
|
||||
- this.byTag[origin] = {};
|
||||
+ this.notifications[origin] = Object.create(null);
|
||||
+ this.byTag[origin] = Object.create(null);
|
||||
}
|
||||
|
||||
// We might have existing notification with this tag,
|
||||
--
|
||||
2.27.0
|
||||
|
||||
@ -88,7 +88,7 @@
|
||||
Summary: Mozilla Firefox Web browser
|
||||
Name: firefox
|
||||
Version: 79.0
|
||||
Release: 16
|
||||
Release: 17
|
||||
URL: https://www.mozilla.org/firefox/
|
||||
License: MPLv1.1 or GPLv2+ or LGPLv2+
|
||||
Source0: https://archive.mozilla.org/pub/firefox/releases/%{version}/source/firefox-%{version}.source.tar.xz
|
||||
@ -195,6 +195,7 @@ Patch651: CVE-2023-4863-2.patch
|
||||
Patch652: CVE-2023-5217.patch
|
||||
Patch653: CVE-2023-7104.patch
|
||||
Patch654: CVE-2022-22755.patch
|
||||
Patch655: CVE-2022-1802.patch
|
||||
|
||||
|
||||
|
||||
@ -386,6 +387,7 @@ tar -xf %{SOURCE3}
|
||||
%patch652 -p1
|
||||
%patch653 -p1
|
||||
%patch654 -p1
|
||||
%patch655 -p1
|
||||
|
||||
|
||||
%{__rm} -f .mozconfig
|
||||
@ -835,6 +837,9 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Thu Mar 21 2024 lvfei <lvfei@kylinos.cn> - 79.0-7-17
|
||||
- Fix CVE-2022-1802
|
||||
|
||||
* Mon Mar 04 2024 lvfei <lvfei@kylinos.cn> - 79.0-16
|
||||
- fix CVE-2022-22755
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user