aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMark H Weaver <mhw@netris.org>2015-08-07 23:06:02 -0400
committerMark H Weaver <mhw@netris.org>2015-08-07 23:08:41 -0400
commita5e55dfbb7318f8c79e9d56f8c8dcd5b20566efb (patch)
tree757e9677aa340a68e66f41b9c1c3765cd05e76ea
parentff6f33cf80d04717cad90177c934ae5b2dd6086c (diff)
downloadpatches-a5e55dfbb7318f8c79e9d56f8c8dcd5b20566efb.tar
patches-a5e55dfbb7318f8c79e9d56f8c8dcd5b20566efb.tar.gz
gnu: icecat: Add fix for CVE-2015-4495.
* gnu/packages/patches/icecat-CVE-2015-4495.patch: New file. * gnu-system.am (dist_patch_DATA): Add it. * gnu/packages/gnuzilla.scm (icecat)[source]: Add patch. Move the 'patches' field above the snippet.
-rw-r--r--gnu-system.am1
-rw-r--r--gnu/packages/gnuzilla.scm9
-rw-r--r--gnu/packages/patches/icecat-CVE-2015-4495.patch28
3 files changed, 34 insertions, 4 deletions
diff --git a/gnu-system.am b/gnu-system.am
index 1946ee2a65..43ea021536 100644
--- a/gnu-system.am
+++ b/gnu-system.am
@@ -483,6 +483,7 @@ dist_patch_DATA = \
gnu/packages/patches/hwloc-gather-topology-lstopo.patch \
gnu/packages/patches/hydra-automake-1.15.patch \
gnu/packages/patches/hydra-disable-darcs-test.patch \
+ gnu/packages/patches/icecat-CVE-2015-4495.patch \
gnu/packages/patches/icecat-enable-acceleration-and-webgl.patch \
gnu/packages/patches/icecat-freetype-2.6.patch \
gnu/packages/patches/icecat-libvpx-1.4.patch \
diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm
index dfa1d5d8a4..0200039f5c 100644
--- a/gnu/packages/gnuzilla.scm
+++ b/gnu/packages/gnuzilla.scm
@@ -240,6 +240,10 @@ standards.")
(sha256
(base32
"11wx29mb5pcg4mgk07a6vjwh52ca90k0x4m9wv0v3y5dmp88f01p"))
+ (patches (map search-patch '("icecat-CVE-2015-4495.patch"
+ "icecat-enable-acceleration-and-webgl.patch"
+ "icecat-freetype-2.6.patch"
+ "icecat-libvpx-1.4.patch")))
(modules '((guix build utils)))
(snippet
'(begin
@@ -277,10 +281,7 @@ standards.")
"gfx/cairo"
"js/src/ctypes/libffi"
"db/sqlite3"))
- #t))
- (patches (map search-patch '("icecat-enable-acceleration-and-webgl.patch"
- "icecat-freetype-2.6.patch"
- "icecat-libvpx-1.4.patch")))))
+ #t))))
(build-system gnu-build-system)
(inputs
`(("alsa-lib" ,alsa-lib)
diff --git a/gnu/packages/patches/icecat-CVE-2015-4495.patch b/gnu/packages/patches/icecat-CVE-2015-4495.patch
new file mode 100644
index 0000000000..e7514d9a5e
--- /dev/null
+++ b/gnu/packages/patches/icecat-CVE-2015-4495.patch
@@ -0,0 +1,28 @@
+Backported from upstream commits labelled "Bug 1178058" from the esr38 branch
+by Boris Zbarsky <bzbarsky@mit.edu> and Bobby Holley <bobbyholley@gmail.com>.
+
+--- icecat-31.8.0/docshell/base/nsDocShell.cpp
++++ icecat-31.8.0/docshell/base/nsDocShell.cpp
+@@ -1546,12 +1546,21 @@
+
+ if (owner && mItemType != typeChrome) {
+ nsCOMPtr<nsIPrincipal> ownerPrincipal = do_QueryInterface(owner);
+- if (nsContentUtils::IsSystemOrExpandedPrincipal(ownerPrincipal)) {
++ if (nsContentUtils::IsSystemPrincipal(ownerPrincipal)) {
+ if (ownerIsExplicit) {
+ return NS_ERROR_DOM_SECURITY_ERR;
+ }
+ owner = nullptr;
+ inheritOwner = true;
++ } else if (nsContentUtils::IsExpandedPrincipal(ownerPrincipal)) {
++ if (ownerIsExplicit) {
++ return NS_ERROR_DOM_SECURITY_ERR;
++ }
++ // Don't inherit from the current page. Just do the safe thing
++ // and pretend that we were loaded by a nullprincipal.
++ owner = do_CreateInstance("@mozilla.org/nullprincipal;1");
++ NS_ENSURE_TRUE(owner, NS_ERROR_FAILURE);
++ inheritOwner = false;
+ }
+ }
+ if (!owner && !inheritOwner && !ownerIsExplicit) {