Merge branch 'master' into security-updates

1 files changed, 44 insertions, 0 deletions

diff --git a/gnu/packages/patches/icecat-CVE-2016-1965.patch b/gnu/packages/patches/icecat-CVE-2016-1965.patch
new file mode 100644
index 0000000000..8a37d4975c
--- /dev/null
+++ b/gnu/packages/patches/icecat-CVE-2016-1965.patch
@@ -0,0 +1,44 @@
+Copied from upstream:
+https://hg.mozilla.org/releases/mozilla-esr38/raw-rev/b4467681abd6
+
+# HG changeset patch
+# User Gijs Kruitbosch <gijskruitbosch@gmail.com>
+# Date 1455276061 0
+# Node ID b4467681abd676cd5575cbdf922927f8f54d2ad9
+# Parent  8c1d40e45a72c6432e879137a0afa519dc6c9841
+Bug 1245264 - r=bz, r=ritu
+
+MozReview-Commit-ID: I0sVdritpD3
+
+diff --git a/dom/base/nsLocation.cpp b/dom/base/nsLocation.cpp
+--- a/dom/base/nsLocation.cpp
++++ b/dom/base/nsLocation.cpp
+@@ -735,16 +735,27 @@ nsLocation::SetProtocol(const nsAString&
+     return rv;
+   }
+ 
+   rv = uri->SetScheme(NS_ConvertUTF16toUTF8(aProtocol));
+   if (NS_WARN_IF(NS_FAILED(rv))) {
+     return rv;
+   }
+ 
++  nsAutoCString newSpec;
++  rv = uri->GetSpec(newSpec);
++  if (NS_FAILED(rv)) {
++    return rv;
++  }
++  // We may want a new URI class for the new URI, so recreate it:
++  rv = NS_NewURI(getter_AddRefs(uri), newSpec);
++  if (NS_FAILED(rv)) {
++    return rv;
++  }
++
+   return SetURI(uri);
+ }
+ 
+ void
+ nsLocation::GetUsername(nsAString& aUsername, ErrorResult& aError)
+ {
+   if (!CallerSubsumes()) {
+     aError.Throw(NS_ERROR_DOM_SECURITY_ERR);
+