From 24886c13892551f164aef20375939fc4e85942ab Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Tue, 29 Jan 2019 21:21:20 -0500 Subject: gnu: icecat: Update to 60.5.0-guix1 [security-fixes]. Includes fixes for CVE-2018-18500, CVE-2018-18501, and CVE-2018-18505. * gnu/packages/gnuzilla.scm (icecat): Update to 60.5.0-guix1. [version]: Use %icecat-version. [source]: Inherit from 'icecat-source'. Remove obsolete patches. * gnu/packages/patches/icecat-avoid-bundled-libraries.patch, gnu/packages/patches/icecat-use-system-graphite2+harfbuzz.patch, gnu/packages/patches/icecat-use-system-media-libs.patch: Adapt to 60.5.0. --- .../patches/icecat-avoid-bundled-libraries.patch | 16 ++-- .../icecat-use-system-graphite2+harfbuzz.patch | 50 ++++++------- .../patches/icecat-use-system-media-libs.patch | 87 +++++++++++----------- 3 files changed, 76 insertions(+), 77 deletions(-) (limited to 'gnu/packages/patches') diff --git a/gnu/packages/patches/icecat-avoid-bundled-libraries.patch b/gnu/packages/patches/icecat-avoid-bundled-libraries.patch index 33203b1a33..d9a7dfe550 100644 --- a/gnu/packages/patches/icecat-avoid-bundled-libraries.patch +++ b/gnu/packages/patches/icecat-avoid-bundled-libraries.patch @@ -1,7 +1,7 @@ Fixes needed when avoiding bundled libraries. ---- icecat-60.2.0/xpcom/build/moz.build.orig 2018-09-13 17:46:49.000000000 -0400 -+++ icecat-60.2.0/xpcom/build/moz.build 2018-09-22 04:26:50.659564554 -0400 +--- icecat-60.5.0/xpcom/build/moz.build.orig 2018-09-13 17:46:49.000000000 -0400 ++++ icecat-60.5.0/xpcom/build/moz.build 2018-09-22 04:26:50.659564554 -0400 @@ -99,10 +99,5 @@ '/docshell/base', ] @@ -13,8 +13,8 @@ Fixes needed when avoiding bundled libraries. - if CONFIG['MOZ_WIDGET_TOOLKIT'] == 'cocoa': CXXFLAGS += CONFIG['TK_CFLAGS'] ---- icecat-60.2.0/storage/moz.build.orig 2018-09-13 17:51:11.000000000 -0400 -+++ icecat-60.2.0/storage/moz.build 2018-09-22 04:26:50.659564554 -0400 +--- icecat-60.5.0/storage/moz.build.orig 2018-09-13 17:51:11.000000000 -0400 ++++ icecat-60.5.0/storage/moz.build 2018-09-22 04:26:50.659564554 -0400 @@ -117,7 +117,6 @@ DEFINES['MOZ_MEMORY_TEMP_STORE_PRAGMA'] = True @@ -23,8 +23,8 @@ Fixes needed when avoiding bundled libraries. '/dom/base', ] ---- icecat-60.2.0/dom/indexedDB/moz.build.orig 2018-09-13 17:49:42.000000000 -0400 -+++ icecat-60.2.0/dom/indexedDB/moz.build 2018-09-22 04:26:50.663564574 -0400 +--- icecat-60.5.0/dom/indexedDB/moz.build.orig 2018-09-13 17:49:42.000000000 -0400 ++++ icecat-60.5.0/dom/indexedDB/moz.build 2018-09-22 04:26:50.663564574 -0400 @@ -102,7 +102,6 @@ CXXFLAGS += ['-Wno-error=shadow'] @@ -33,8 +33,8 @@ Fixes needed when avoiding bundled libraries. '/dom/base', '/dom/storage', '/ipc/glue', ---- icecat-60.2.0/media/webrtc/trunk/webrtc/base/rtc_task_queue_gn/moz.build.orig 2018-09-13 17:40:54.000000000 -0400 -+++ icecat-60.2.0/media/webrtc/trunk/webrtc/base/rtc_task_queue_gn/moz.build 2018-09-23 21:33:12.319975105 -0400 +--- icecat-60.5.0/media/webrtc/trunk/webrtc/base/rtc_task_queue_gn/moz.build.orig 2018-09-13 17:40:54.000000000 -0400 ++++ icecat-60.5.0/media/webrtc/trunk/webrtc/base/rtc_task_queue_gn/moz.build 2018-09-23 21:33:12.319975105 -0400 @@ -130,11 +130,6 @@ DEFINES["WEBRTC_POSIX"] = True DEFINES["_FILE_OFFSET_BITS"] = "64" diff --git a/gnu/packages/patches/icecat-use-system-graphite2+harfbuzz.patch b/gnu/packages/patches/icecat-use-system-graphite2+harfbuzz.patch index 94c211b797..776b5f3d9a 100644 --- a/gnu/packages/patches/icecat-use-system-graphite2+harfbuzz.patch +++ b/gnu/packages/patches/icecat-use-system-graphite2+harfbuzz.patch @@ -4,8 +4,8 @@ Based on: https://svnweb.freebsd.org/ports/head/www/firefox-esr/files/patch-bug847568?revision=472833&view=co Modified for use with patch -p1, and to apply cleanly to GNU IceCat. ---- icecat-60.2.0/config/system-headers.mozbuild -+++ icecat-60.2.0/config/system-headers.mozbuild +--- icecat-60.5.0/config/system-headers.mozbuild ++++ icecat-60.5.0/config/system-headers.mozbuild @@ -1311,6 +1311,19 @@ 'pixman.h', ] @@ -26,8 +26,8 @@ Modified for use with patch -p1, and to apply cleanly to GNU IceCat. if CONFIG['MOZ_SYSTEM_LIBVPX']: system_headers += [ 'vpx_mem/vpx_mem.h', ---- icecat-60.2.0/dom/base/moz.build -+++ icecat-60.2.0/dom/base/moz.build +--- icecat-60.5.0/dom/base/moz.build ++++ icecat-60.5.0/dom/base/moz.build @@ -474,6 +474,9 @@ if CONFIG['MOZ_X11']: CXXFLAGS += CONFIG['TK_CFLAGS'] @@ -38,8 +38,8 @@ Modified for use with patch -p1, and to apply cleanly to GNU IceCat. GENERATED_FILES += [ 'PropertyUseCounterMap.inc', 'UseCounterList.h', ---- icecat-60.2.0/gfx/graphite2/moz-gr-update.sh -+++ icecat-60.2.0/gfx/graphite2/moz-gr-update.sh +--- icecat-60.5.0/gfx/graphite2/moz-gr-update.sh ++++ icecat-60.5.0/gfx/graphite2/moz-gr-update.sh @@ -1,6 +1,7 @@ #!/bin/bash @@ -66,8 +66,8 @@ Modified for use with patch -p1, and to apply cleanly to GNU IceCat. echo echo If gfx/graphite2/src/files.mk has changed, please make corresponding ---- icecat-60.2.0/gfx/moz.build -+++ icecat-60.2.0/gfx/moz.build +--- icecat-60.5.0/gfx/moz.build ++++ icecat-60.5.0/gfx/moz.build @@ -10,6 +10,12 @@ with Files('**'): if CONFIG['MOZ_TREE_CAIRO']: DIRS += ['cairo'] @@ -90,8 +90,8 @@ Modified for use with patch -p1, and to apply cleanly to GNU IceCat. 'ots/src', 'thebes', 'ipc', ---- icecat-60.2.0/gfx/skia/generate_mozbuild.py -+++ icecat-60.2.0/gfx/skia/generate_mozbuild.py +--- icecat-60.5.0/gfx/skia/generate_mozbuild.py ++++ icecat-60.5.0/gfx/skia/generate_mozbuild.py @@ -148,6 +148,9 @@ '-Wno-unused-private-field', ] @@ -102,8 +102,8 @@ Modified for use with patch -p1, and to apply cleanly to GNU IceCat. if CONFIG['MOZ_WIDGET_TOOLKIT'] in ('gtk3', 'android'): CXXFLAGS += CONFIG['MOZ_CAIRO_CFLAGS'] CXXFLAGS += CONFIG['CAIRO_FT_CFLAGS'] ---- icecat-60.2.0/gfx/skia/moz.build -+++ icecat-60.2.0/gfx/skia/moz.build +--- icecat-60.5.0/gfx/skia/moz.build ++++ icecat-60.5.0/gfx/skia/moz.build @@ -822,6 +822,9 @@ '-Wno-unused-private-field', ] @@ -114,8 +114,8 @@ Modified for use with patch -p1, and to apply cleanly to GNU IceCat. if CONFIG['MOZ_WIDGET_TOOLKIT'] in ('gtk3', 'android'): CXXFLAGS += CONFIG['MOZ_CAIRO_CFLAGS'] CXXFLAGS += CONFIG['CAIRO_FT_CFLAGS'] ---- icecat-60.2.0/gfx/thebes/moz.build -+++ icecat-60.2.0/gfx/thebes/moz.build +--- icecat-60.5.0/gfx/thebes/moz.build ++++ icecat-60.5.0/gfx/thebes/moz.build @@ -272,7 +272,13 @@ LOCAL_INCLUDES += CONFIG['SKIA_INCLUDES'] @@ -131,8 +131,8 @@ Modified for use with patch -p1, and to apply cleanly to GNU IceCat. if CONFIG['CC_TYPE'] == 'clang': # Suppress warnings from Skia header files. ---- icecat-60.2.0/intl/unicharutil/util/moz.build -+++ icecat-60.2.0/intl/unicharutil/util/moz.build +--- icecat-60.5.0/intl/unicharutil/util/moz.build ++++ icecat-60.5.0/intl/unicharutil/util/moz.build @@ -25,4 +25,7 @@ UNIFIED_SOURCES += [ 'nsUnicodeProperties.cpp', ] @@ -141,8 +141,8 @@ Modified for use with patch -p1, and to apply cleanly to GNU IceCat. + CXXFLAGS += CONFIG['MOZ_HARFBUZZ_CFLAGS'] + FINAL_LIBRARY = 'xul' ---- icecat-60.2.0/netwerk/dns/moz.build -+++ icecat-60.2.0/netwerk/dns/moz.build +--- icecat-60.5.0/netwerk/dns/moz.build ++++ icecat-60.5.0/netwerk/dns/moz.build @@ -76,3 +76,6 @@ if CONFIG['CC_TYPE'] in ('clang', 'gcc'): @@ -150,9 +150,9 @@ Modified for use with patch -p1, and to apply cleanly to GNU IceCat. + +if CONFIG['MOZ_SYSTEM_HARFBUZZ']: + CXXFLAGS += CONFIG['MOZ_HARFBUZZ_CFLAGS'] ---- icecat-60.2.0/old-configure.in -+++ icecat-60.2.0/old-configure.in -@@ -3995,6 +3995,27 @@ +--- icecat-60.5.0/old-configure.in ++++ icecat-60.5.0/old-configure.in +@@ -3971,6 +3971,27 @@ AC_SUBST(MOZ_LINUX_32_SSE2_STARTUP_ERROR) dnl ======================================================== @@ -180,8 +180,8 @@ Modified for use with patch -p1, and to apply cleanly to GNU IceCat. dnl Check for pixman and cairo dnl ======================================================== ---- icecat-60.2.0/toolkit/library/moz.build -+++ icecat-60.2.0/toolkit/library/moz.build +--- icecat-60.5.0/toolkit/library/moz.build ++++ icecat-60.5.0/toolkit/library/moz.build @@ -235,6 +235,12 @@ if CONFIG['MOZ_SYSTEM_PNG']: OS_LIBS += CONFIG['MOZ_PNG_LIBS'] @@ -195,8 +195,8 @@ Modified for use with patch -p1, and to apply cleanly to GNU IceCat. if CONFIG['MOZ_SYSTEM_HUNSPELL']: OS_LIBS += CONFIG['MOZ_HUNSPELL_LIBS'] ---- icecat-60.2.0/toolkit/moz.configure -+++ icecat-60.2.0/toolkit/moz.configure +--- icecat-60.5.0/toolkit/moz.configure ++++ icecat-60.5.0/toolkit/moz.configure @@ -1051,6 +1051,26 @@ add_old_configure_assignment('FT2_CFLAGS', ft2_info.cflags) diff --git a/gnu/packages/patches/icecat-use-system-media-libs.patch b/gnu/packages/patches/icecat-use-system-media-libs.patch index 648585a6f0..00c95fb82e 100644 --- a/gnu/packages/patches/icecat-use-system-media-libs.patch +++ b/gnu/packages/patches/icecat-use-system-media-libs.patch @@ -8,8 +8,8 @@ Changes to files within the bundled libraries are omitted, since those files are removed from Guix sources. Modified for use with patch -p1, and to apply cleanly to GNU IceCat. ---- icecat-60.2.0/build/moz.configure/old.configure -+++ icecat-60.2.0/build/moz.configure/old.configure +--- icecat-60.5.0/build/moz.configure/old.configure ++++ icecat-60.5.0/build/moz.configure/old.configure @@ -273,7 +273,12 @@ '--with-system-libvpx', '--with-system-nspr', @@ -23,8 +23,8 @@ cleanly to GNU IceCat. '--with-system-zlib', '--with-thumb', '--with-thumb-interwork', ---- icecat-60.2.0/config/external/moz.build -+++ icecat-60.2.0/config/external/moz.build +--- icecat-60.5.0/config/external/moz.build ++++ icecat-60.5.0/config/external/moz.build @@ -23,12 +23,21 @@ external_dirs += ['modules/xz-embedded'] @@ -61,8 +61,8 @@ cleanly to GNU IceCat. 'media/mp4parse-rust', 'media/psshparser' ] ---- icecat-60.2.0/config/system-headers.mozbuild -+++ icecat-60.2.0/config/system-headers.mozbuild +--- icecat-60.5.0/config/system-headers.mozbuild ++++ icecat-60.5.0/config/system-headers.mozbuild @@ -1324,6 +1324,28 @@ 'harfbuzz/hb.h', ] @@ -92,19 +92,19 @@ cleanly to GNU IceCat. if CONFIG['MOZ_SYSTEM_LIBVPX']: system_headers += [ 'vpx_mem/vpx_mem.h', ---- icecat-60.2.0/dom/media/AudioStream.cpp -+++ icecat-60.2.0/dom/media/AudioStream.cpp -@@ -121,7 +121,9 @@ - : mMonitor("AudioStream") - , mChannels(0) - , mOutChannels(0) +--- icecat-60.5.0/dom/media/AudioStream.cpp ++++ icecat-60.5.0/dom/media/AudioStream.cpp +@@ -128,7 +128,9 @@ + : mMonitor("AudioStream"), + mChannels(0), + mOutChannels(0), +#ifndef MOZ_SYSTEM_SOUNDTOUCH - , mTimeStretcher(nullptr) + mTimeStretcher(nullptr), +#endif - , mDumpFile(nullptr) - , mState(INITIALIZED) - , mDataSource(aSource) -@@ -142,9 +144,11 @@ + mDumpFile(nullptr), + mState(INITIALIZED), + mDataSource(aSource), +@@ -147,9 +149,11 @@ if (mDumpFile) { fclose(mDumpFile); } @@ -116,8 +116,8 @@ cleanly to GNU IceCat. #if defined(XP_WIN) if (XRE_IsContentProcess()) { audio::AudioNotificationReceiver::Unregister(this); -@@ -168,7 +172,11 @@ - { +@@ -170,7 +174,11 @@ + nsresult AudioStream::EnsureTimeStretcherInitializedUnlocked() { mMonitor.AssertCurrentThreadOwns(); if (!mTimeStretcher) { +#ifdef MOZ_SYSTEM_SOUNDTOUCH @@ -128,8 +128,8 @@ cleanly to GNU IceCat. mTimeStretcher->setSampleRate(mAudioClock.GetInputRate()); mTimeStretcher->setChannels(mOutChannels); mTimeStretcher->setPitch(1.0); ---- icecat-60.2.0/dom/media/AudioStream.h -+++ icecat-60.2.0/dom/media/AudioStream.h +--- icecat-60.5.0/dom/media/AudioStream.h ++++ icecat-60.5.0/dom/media/AudioStream.h @@ -15,7 +15,11 @@ #include "mozilla/TimeStamp.h" #include "mozilla/UniquePtr.h" @@ -142,7 +142,7 @@ cleanly to GNU IceCat. #if defined(XP_WIN) #include "mozilla/audio/AudioNotificationReceiver.h" -@@ -297,7 +301,11 @@ +@@ -293,7 +297,11 @@ uint32_t mChannels; uint32_t mOutChannels; AudioClock mAudioClock; @@ -154,8 +154,8 @@ cleanly to GNU IceCat. // Output file for dumping audio FILE* mDumpFile; ---- icecat-60.2.0/dom/media/moz.build -+++ icecat-60.2.0/dom/media/moz.build +--- icecat-60.5.0/dom/media/moz.build ++++ icecat-60.5.0/dom/media/moz.build @@ -327,6 +327,21 @@ DEFINES['MOZILLA_INTERNAL_API'] = True @@ -178,8 +178,8 @@ cleanly to GNU IceCat. if CONFIG['MOZ_ANDROID_HLS_SUPPORT']: DEFINES['MOZ_ANDROID_HLS_SUPPORT'] = True ---- icecat-60.2.0/dom/media/platforms/ffmpeg/ffvpx/FFVPXRuntimeLinker.cpp -+++ icecat-60.2.0/dom/media/platforms/ffmpeg/ffvpx/FFVPXRuntimeLinker.cpp +--- icecat-60.5.0/dom/media/platforms/ffmpeg/ffvpx/FFVPXRuntimeLinker.cpp ++++ icecat-60.5.0/dom/media/platforms/ffmpeg/ffvpx/FFVPXRuntimeLinker.cpp @@ -15,9 +15,13 @@ #include #endif @@ -194,7 +194,7 @@ cleanly to GNU IceCat. namespace mozilla { -@@ -64,6 +68,12 @@ +@@ -60,6 +64,12 @@ sLinkStatus = LinkStatus_FAILED; @@ -207,17 +207,17 @@ cleanly to GNU IceCat. // We retrieve the path of the lgpllibs library as this is where mozavcodec // and mozavutil libs are located. PathString lgpllibsname = GetLibraryName(nullptr, "lgpllibs"); -@@ -73,6 +83,7 @@ - PathString path = - GetLibraryFilePathname(lgpllibsname.get(), - (PRFuncPtr)&soundtouch::SoundTouch::getVersionId); +@@ -68,6 +78,7 @@ + } + PathString path = GetLibraryFilePathname( + lgpllibsname.get(), (PRFuncPtr)&soundtouch::SoundTouch::getVersionId); +#endif if (path.IsEmpty()) { return false; } ---- icecat-60.2.0/old-configure.in -+++ icecat-60.2.0/old-configure.in -@@ -2451,6 +2451,111 @@ +--- icecat-60.5.0/old-configure.in ++++ icecat-60.5.0/old-configure.in +@@ -2417,6 +2417,111 @@ fi fi # COMPILE_ENVIRONMENT @@ -329,8 +329,8 @@ cleanly to GNU IceCat. dnl system libvpx Support dnl ======================================================== MOZ_ARG_WITH_BOOL(system-libvpx, ---- icecat-60.2.0/toolkit/library/moz.build -+++ icecat-60.2.0/toolkit/library/moz.build +--- icecat-60.5.0/toolkit/library/moz.build ++++ icecat-60.5.0/toolkit/library/moz.build @@ -244,6 +244,21 @@ if CONFIG['MOZ_SYSTEM_HUNSPELL']: OS_LIBS += CONFIG['MOZ_HUNSPELL_LIBS'] @@ -353,9 +353,9 @@ cleanly to GNU IceCat. if CONFIG['MOZ_SYSTEM_LIBEVENT']: OS_LIBS += CONFIG['MOZ_LIBEVENT_LIBS'] ---- icecat-60.2.0/xpcom/build/XPCOMInit.cpp -+++ icecat-60.2.0/xpcom/build/XPCOMInit.cpp -@@ -138,7 +138,9 @@ +--- icecat-60.5.0/xpcom/build/XPCOMInit.cpp ++++ icecat-60.5.0/xpcom/build/XPCOMInit.cpp +@@ -139,7 +139,9 @@ #include "mozilla/ipc/GeckoChildProcessHost.h" @@ -365,16 +365,15 @@ cleanly to GNU IceCat. #if defined(MOZ_VPX) && !defined(MOZ_VPX_NO_MEM_REPORTING) #if defined(HAVE_STDINT_H) // mozilla-config.h defines HAVE_STDINT_H, and then it's defined *again* in -@@ -639,11 +641,13 @@ +@@ -635,10 +637,12 @@ // this oddness. mozilla::SetICUMemoryFunctions(); +#ifndef MOZ_OGG_NO_MEM_REPORTING // Do the same for libogg. - ogg_set_mem_functions(OggReporter::CountingMalloc, - OggReporter::CountingCalloc, - OggReporter::CountingRealloc, - OggReporter::CountingFree); + ogg_set_mem_functions( + OggReporter::CountingMalloc, OggReporter::CountingCalloc, + OggReporter::CountingRealloc, OggReporter::CountingFree); +#endif #if defined(MOZ_VPX) && !defined(MOZ_VPX_NO_MEM_REPORTING) -- cgit v1.2.3