rpms/firefox
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Added workaround from RHEL-71999

Browse Source 
Related: RHEL-84207
This commit is contained in:
Jan Horak 2025-03-25 15:03:56 +01:00 committed by Eike Rathke
parent f74e8821f8
commit e923020b29
2 changed files with 45 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
firefox.spec
View File

@ -247,6 +247,7 @@ Patch12: firefox-system-nss-replace-xyber-with-mlkem.patch
# Enabled vsync cause the black screen when running in Kiosk mode
# This will be fixed in Firefox 140
Patch13: disable-vsync-for-kiosk.patch
Patch14: rhbz-71999-fips-youtube.patch
# -- Upstreamed patches --
Patch51: mozilla-bmo1170092.patch
@ -1226,6 +1227,7 @@ echo "--------------------------------------------"
%patch -P12 -p1 -b .system-nss-replace-xyber-with-mlkem
%endif
%patch -P13 -p1 -b .kiosk-vsync
%patch -P14 -p1 -b .rhbz-71999-fips-youtube
# We need to create the wasi.patch with the correct path to the wasm libclang_rt.
%if %{with_wasi_sdk}

43
rhbz-71999-fips-youtube.patch Normal file
View File

@ -0,0 +1,43 @@
changeset: 781221:573380ae60a7
tag: tip
user: stransky <stransky@redhat.com>
date: Mon Mar 24 10:13:50 2025 +0100
files: dom/cache/CacheStorage.cpp dom/indexedDB/ActorsParent.cpp
description:
FIPS-youtube
diff --git a/dom/cache/CacheStorage.cpp b/dom/cache/CacheStorage.cpp
--- a/dom/cache/CacheStorage.cpp
+++ b/dom/cache/CacheStorage.cpp
@@ -38,6 +38,7 @@
#include "nsURLParsers.h"
#include "js/Object.h" // JS::GetClass
#include "js/PropertyAndElement.h" // JS_DefineProperty
+#include "pk11pub.h"
namespace mozilla::dom::cache {
@@ -581,7 +582,7 @@ bool CacheStorage::HasStorageAccess(UseC
if (!principal->IsSystemPrincipal() &&
principal->GetPrivateBrowsingId() !=
nsIScriptSecurityManager::DEFAULT_PRIVATE_BROWSING_ID &&
- !StaticPrefs::dom_cache_privateBrowsing_enabled()) {
+ (!StaticPrefs::dom_cache_privateBrowsing_enabled() || PK11_IsFIPS())) {
return false;
}
}
diff --git a/dom/indexedDB/ActorsParent.cpp b/dom/indexedDB/ActorsParent.cpp
--- a/dom/indexedDB/ActorsParent.cpp
+++ b/dom/indexedDB/ActorsParent.cpp
@@ -14791,7 +14791,8 @@ nsresult FactoryOp::Open() {
mEnforcingQuota = mPersistenceType != PERSISTENCE_TYPE_PERSISTENT;
if (mOriginMetadata.mIsPrivate) {
- if (StaticPrefs::dom_indexedDB_privateBrowsing_enabled()) {
+ if (StaticPrefs::dom_indexedDB_privateBrowsing_enabled() &&
+ !PK11_IsFIPS()) {
// Explicitly disallow moz-extension urls from using the encrypted
// indexedDB storage mode when the caller is an extension (see Bug
// 1841806).