Merge branch 'a9' into a9-plus
This commit is contained in:
		
						commit
						eaa9fda9ac
					
				
							
								
								
									
										4
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										4
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							| @ -2,5 +2,5 @@ SOURCES/cbindgen-vendor.tar.xz | |||||||
| SOURCES/nspr-4.35.0-1.el8_1.src.rpm | SOURCES/nspr-4.35.0-1.el8_1.src.rpm | ||||||
| SOURCES/nss-3.90.0-2.el8_1.src.rpm | SOURCES/nss-3.90.0-2.el8_1.src.rpm | ||||||
| SOURCES/nss-3.90.0-3.el9_0.src.rpm | SOURCES/nss-3.90.0-3.el9_0.src.rpm | ||||||
| SOURCES/thunderbird-115.8.0.processed-source.tar.xz | SOURCES/thunderbird-115.9.0.processed-source.tar.xz | ||||||
| SOURCES/thunderbird-langpacks-115.8.0-20240219.tar.xz | SOURCES/thunderbird-langpacks-115.9.0-20240318.tar.xz | ||||||
|  | |||||||
| @ -2,5 +2,5 @@ b963b16f6879c5dbe6e33a3a3da058b494453922 SOURCES/cbindgen-vendor.tar.xz | |||||||
| d744f92e874688cc4b5376477dfdd639a97a6cd4 SOURCES/nspr-4.35.0-1.el8_1.src.rpm | d744f92e874688cc4b5376477dfdd639a97a6cd4 SOURCES/nspr-4.35.0-1.el8_1.src.rpm | ||||||
| 39d1004f8948186cdaa33bbb90423f6f994bdf6c SOURCES/nss-3.90.0-2.el8_1.src.rpm | 39d1004f8948186cdaa33bbb90423f6f994bdf6c SOURCES/nss-3.90.0-2.el8_1.src.rpm | ||||||
| df0dd588680f6ade6728a1fd3ff2d71e7a46255d SOURCES/nss-3.90.0-3.el9_0.src.rpm | df0dd588680f6ade6728a1fd3ff2d71e7a46255d SOURCES/nss-3.90.0-3.el9_0.src.rpm | ||||||
| 1a5c8aef8d5bee0e446e8a221103bf7b51e802d8 SOURCES/thunderbird-115.8.0.processed-source.tar.xz | cb287fa47bd8bdff66aacb2143a3c244250bae88 SOURCES/thunderbird-115.9.0.processed-source.tar.xz | ||||||
| b373610870988a75133b9f9b83f491ce02b68c6a SOURCES/thunderbird-langpacks-115.8.0-20240219.tar.xz | 12f6297fbc364c63712e13e30d289b37840a865f SOURCES/thunderbird-langpacks-115.9.0-20240318.tar.xz | ||||||
|  | |||||||
							
								
								
									
										375
									
								
								SOURCES/expat-CVE-2023-52425.patch
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										375
									
								
								SOURCES/expat-CVE-2023-52425.patch
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,375 @@ | |||||||
|  | # erAck: backport of expat CVE-2023-52425 DoS fix | ||||||
|  | # https://github.com/libexpat/libexpat/commit/34b598c5f594b015c513c73f06e7ced3323edbf1 | ||||||
|  | # | ||||||
|  | --- thunderbird-115.9.0/parser/expat/lib/expat.h.expat-CVE-2023-52425	2024-03-11 20:36:11.000000000 +0100
 | ||||||
|  | +++ thunderbird-115.9.0/parser/expat/lib/expat.h	2024-03-13 20:46:45.648505015 +0100
 | ||||||
|  | @@ -1045,6 +1045,10 @@ XMLPARSEAPI(const XML_Feature *)
 | ||||||
|  |  XML_GetFeatureList(void); | ||||||
|  |   | ||||||
|  |   | ||||||
|  | +/* Added in Expat 2.6.0. */
 | ||||||
|  | +XMLPARSEAPI(XML_Bool)
 | ||||||
|  | +XML_SetReparseDeferralEnabled(XML_Parser parser, XML_Bool enabled);
 | ||||||
|  | +
 | ||||||
|  |  /* Expat follows the semantic versioning convention. | ||||||
|  |     See http://semver.org. | ||||||
|  |  */ | ||||||
|  | --- thunderbird-115.9.0/parser/expat/lib/internal.h.expat-CVE-2023-52425	2024-03-11 20:36:11.000000000 +0100
 | ||||||
|  | +++ thunderbird-115.9.0/parser/expat/lib/internal.h	2024-03-14 00:14:39.334319725 +0100
 | ||||||
|  | @@ -80,6 +80,7 @@
 | ||||||
|  |  # endif | ||||||
|  |  #endif | ||||||
|  |   | ||||||
|  | +#include "expat.h" // so we can use type XML_Parser below
 | ||||||
|  |   | ||||||
|  |  #ifdef __cplusplus | ||||||
|  |  extern "C" { | ||||||
|  | @@ -90,6 +91,9 @@ void
 | ||||||
|  |  align_limit_to_full_utf8_characters(const char * from, const char ** fromLimRef); | ||||||
|  |   | ||||||
|  |   | ||||||
|  | +extern XML_Bool g_reparseDeferralEnabledDefault; // written ONLY in runtests.c
 | ||||||
|  | +extern unsigned int g_parseAttempts;             // used for testing only
 | ||||||
|  | +
 | ||||||
|  |  #ifdef __cplusplus | ||||||
|  |  } | ||||||
|  |  #endif | ||||||
|  | --- thunderbird-115.9.0/parser/expat/lib/xmlparse.c.expat-CVE-2023-52425	2024-03-11 20:36:11.000000000 +0100
 | ||||||
|  | +++ thunderbird-115.9.0/parser/expat/lib/xmlparse.c	2024-03-13 22:55:14.844756009 +0100
 | ||||||
|  | @@ -6,6 +6,7 @@
 | ||||||
|  |   | ||||||
|  |  #define _GNU_SOURCE                     /* syscall prototype */ | ||||||
|  |   | ||||||
|  | +#include <stdbool.h>
 | ||||||
|  |  #include <stddef.h> | ||||||
|  |  #include <string.h>                     /* memset(), memcpy() */ | ||||||
|  |  #include <assert.h> | ||||||
|  | @@ -89,6 +90,9 @@ typedef char ICHAR;
 | ||||||
|  |  /* Round up n to be a multiple of sz, where sz is a power of 2. */ | ||||||
|  |  #define ROUND_UP(n, sz) (((n) + ((sz) - 1)) & ~((sz) - 1)) | ||||||
|  |   | ||||||
|  | +/* Do safe (NULL-aware) pointer arithmetic */
 | ||||||
|  | +#define EXPAT_SAFE_PTR_DIFF(p, q) (((p) && (q)) ? ((p) - (q)) : 0)
 | ||||||
|  | +
 | ||||||
|  |  /* Handle the case where memmove() doesn't exist. */ | ||||||
|  |  #ifndef HAVE_MEMMOVE | ||||||
|  |  #ifdef HAVE_BCOPY | ||||||
|  | @@ -98,6 +102,8 @@ typedef char ICHAR;
 | ||||||
|  |  #endif /* HAVE_BCOPY */ | ||||||
|  |  #endif /* HAVE_MEMMOVE */ | ||||||
|  |   | ||||||
|  | +#define EXPAT_MIN(a, b) (((a) < (b)) ? (a) : (b))
 | ||||||
|  | +
 | ||||||
|  |  #include "internal.h" | ||||||
|  |  #include "xmltok.h" | ||||||
|  |  #include "xmlrole.h" | ||||||
|  | @@ -476,6 +482,9 @@ parserInit(XML_Parser parser, const XML_
 | ||||||
|  |     ? 0 \ | ||||||
|  |     : ((*((pool)->ptr)++ = c), 1)) | ||||||
|  |   | ||||||
|  | +XML_Bool g_reparseDeferralEnabledDefault = XML_TRUE; // write ONLY in runtests.c
 | ||||||
|  | +unsigned int g_parseAttempts = 0;                    // used for testing only
 | ||||||
|  | +
 | ||||||
|  |  struct XML_ParserStruct { | ||||||
|  |    /* The first member must be userData so that the XML_GetUserData | ||||||
|  |       macro works. */ | ||||||
|  | @@ -491,6 +500,9 @@ struct XML_ParserStruct {
 | ||||||
|  |    const char *m_bufferLim; | ||||||
|  |    XML_Index m_parseEndByteIndex; | ||||||
|  |    const char *m_parseEndPtr; | ||||||
|  | +  size_t m_partialTokenBytesBefore; /* used in heuristic to avoid O(n^2) */
 | ||||||
|  | +  XML_Bool m_reparseDeferralEnabled;
 | ||||||
|  | +  int m_lastBufferRequestSize;
 | ||||||
|  |    XML_Char *m_dataBuf; | ||||||
|  |    XML_Char *m_dataBufEnd; | ||||||
|  |    XML_StartElementHandler m_startElementHandler; | ||||||
|  | @@ -647,6 +659,9 @@ struct XML_ParserStruct {
 | ||||||
|  |  #define bufferEnd (parser->m_bufferEnd) | ||||||
|  |  #define parseEndByteIndex (parser->m_parseEndByteIndex) | ||||||
|  |  #define parseEndPtr (parser->m_parseEndPtr) | ||||||
|  | +#define partialTokenBytesBefore (parser->m_partialTokenBytesBefore)
 | ||||||
|  | +#define reparseDeferralEnabled (parser->m_reparseDeferralEnabled)
 | ||||||
|  | +#define lastBufferRequestSize (parser->m_lastBufferRequestSize)
 | ||||||
|  |  #define bufferLim (parser->m_bufferLim) | ||||||
|  |  #define dataBuf (parser->m_dataBuf) | ||||||
|  |  #define dataBufEnd (parser->m_dataBufEnd) | ||||||
|  | @@ -887,6 +902,47 @@ get_hash_secret_salt(XML_Parser parser)
 | ||||||
|  |    return parser->m_hash_secret_salt; | ||||||
|  |  } | ||||||
|  |   | ||||||
|  | +static enum XML_Error
 | ||||||
|  | +callProcessor(XML_Parser parser, const char *start, const char *end,
 | ||||||
|  | +              const char **endPtr) {
 | ||||||
|  | +  const size_t have_now = EXPAT_SAFE_PTR_DIFF(end, start);
 | ||||||
|  | +
 | ||||||
|  | +  if (parser->m_reparseDeferralEnabled
 | ||||||
|  | +      && ! parser->m_parsingStatus.finalBuffer) {
 | ||||||
|  | +    // Heuristic: don't try to parse a partial token again until the amount of
 | ||||||
|  | +    // available data has increased significantly.
 | ||||||
|  | +    const size_t had_before = parser->m_partialTokenBytesBefore;
 | ||||||
|  | +    // ...but *do* try anyway if we're close to causing a reallocation.
 | ||||||
|  | +    size_t available_buffer
 | ||||||
|  | +        = EXPAT_SAFE_PTR_DIFF(parser->m_bufferPtr, parser->m_buffer);
 | ||||||
|  | +#if XML_CONTEXT_BYTES > 0
 | ||||||
|  | +    available_buffer -= EXPAT_MIN(available_buffer, XML_CONTEXT_BYTES);
 | ||||||
|  | +#endif
 | ||||||
|  | +    available_buffer
 | ||||||
|  | +        += EXPAT_SAFE_PTR_DIFF(parser->m_bufferLim, parser->m_bufferEnd);
 | ||||||
|  | +    // m_lastBufferRequestSize is never assigned a value < 0, so the cast is ok
 | ||||||
|  | +    const bool enough
 | ||||||
|  | +        = (have_now >= 2 * had_before)
 | ||||||
|  | +          || ((size_t)parser->m_lastBufferRequestSize > available_buffer);
 | ||||||
|  | +
 | ||||||
|  | +    if (! enough) {
 | ||||||
|  | +      *endPtr = start; // callers may expect this to be set
 | ||||||
|  | +      return XML_ERROR_NONE;
 | ||||||
|  | +    }
 | ||||||
|  | +  }
 | ||||||
|  | +  g_parseAttempts += 1;
 | ||||||
|  | +  const enum XML_Error ret = parser->m_processor(parser, start, end, endPtr);
 | ||||||
|  | +  if (ret == XML_ERROR_NONE) {
 | ||||||
|  | +    // if we consumed nothing, remember what we had on this parse attempt.
 | ||||||
|  | +    if (*endPtr == start) {
 | ||||||
|  | +      parser->m_partialTokenBytesBefore = have_now;
 | ||||||
|  | +    } else {
 | ||||||
|  | +      parser->m_partialTokenBytesBefore = 0;
 | ||||||
|  | +    }
 | ||||||
|  | +  }
 | ||||||
|  | +  return ret;
 | ||||||
|  | +}
 | ||||||
|  | +
 | ||||||
|  |  static XML_Bool  /* only valid for root parser */ | ||||||
|  |  startParsing(XML_Parser parser) | ||||||
|  |  { | ||||||
|  | @@ -1075,6 +1131,9 @@ parserInit(XML_Parser parser, const XML_
 | ||||||
|  |    bufferEnd = buffer; | ||||||
|  |    parseEndByteIndex = 0; | ||||||
|  |    parseEndPtr = NULL; | ||||||
|  | +  partialTokenBytesBefore = 0;
 | ||||||
|  | +  reparseDeferralEnabled = g_reparseDeferralEnabledDefault;
 | ||||||
|  | +  lastBufferRequestSize = 0;
 | ||||||
|  |    declElementType = NULL; | ||||||
|  |    declAttributeId = NULL; | ||||||
|  |    declEntity = NULL; | ||||||
|  | @@ -1232,6 +1291,7 @@ XML_ExternalEntityParserCreate(XML_Parse
 | ||||||
|  |       to worry which hash secrets each table has. | ||||||
|  |    */ | ||||||
|  |    unsigned long oldhash_secret_salt; | ||||||
|  | +  XML_Bool oldReparseDeferralEnabled;
 | ||||||
|  |   | ||||||
|  |    /* Validate the oldParser parameter before we pull everything out of it */ | ||||||
|  |    if (oldParser == NULL) | ||||||
|  | @@ -1276,6 +1336,7 @@ XML_ExternalEntityParserCreate(XML_Parse
 | ||||||
|  |       to worry which hash secrets each table has. | ||||||
|  |    */ | ||||||
|  |    oldhash_secret_salt = hash_secret_salt; | ||||||
|  | +  oldReparseDeferralEnabled = reparseDeferralEnabled;
 | ||||||
|  |   | ||||||
|  |  #ifdef XML_DTD | ||||||
|  |    if (!context) | ||||||
|  | @@ -1330,6 +1391,7 @@ XML_ExternalEntityParserCreate(XML_Parse
 | ||||||
|  |    defaultExpandInternalEntities = oldDefaultExpandInternalEntities; | ||||||
|  |    ns_triplets = oldns_triplets; | ||||||
|  |    hash_secret_salt = oldhash_secret_salt; | ||||||
|  | +  reparseDeferralEnabled = oldReparseDeferralEnabled;
 | ||||||
|  |    parentParser = oldParser; | ||||||
|  |  #ifdef XML_DTD | ||||||
|  |    paramEntityParsing = oldParamEntityParsing; | ||||||
|  | @@ -1850,39 +1912,8 @@ XML_Parse(XML_Parser parser, const char
 | ||||||
|  |      ps_parsing = XML_PARSING; | ||||||
|  |    } | ||||||
|  |   | ||||||
|  | -  if (len == 0) {
 | ||||||
|  | -    ps_finalBuffer = (XML_Bool)isFinal;
 | ||||||
|  | -    if (!isFinal)
 | ||||||
|  | -      return XML_STATUS_OK;
 | ||||||
|  | -    positionPtr = bufferPtr;
 | ||||||
|  | -    parseEndPtr = bufferEnd;
 | ||||||
|  | -
 | ||||||
|  | -    /* If data are left over from last buffer, and we now know that these
 | ||||||
|  | -       data are the final chunk of input, then we have to check them again
 | ||||||
|  | -       to detect errors based on that fact.
 | ||||||
|  | -    */
 | ||||||
|  | -    errorCode = processor(parser, bufferPtr, parseEndPtr, &bufferPtr);
 | ||||||
|  | -
 | ||||||
|  | -    if (errorCode == XML_ERROR_NONE) {
 | ||||||
|  | -      switch (ps_parsing) {
 | ||||||
|  | -      case XML_SUSPENDED:
 | ||||||
|  | -        XmlUpdatePosition(encoding, positionPtr, bufferPtr, &position);
 | ||||||
|  | -        positionPtr = bufferPtr;
 | ||||||
|  | -        return XML_STATUS_SUSPENDED;
 | ||||||
|  | -      case XML_INITIALIZED:
 | ||||||
|  | -      case XML_PARSING:
 | ||||||
|  | -        ps_parsing = XML_FINISHED;
 | ||||||
|  | -        /* fall through */
 | ||||||
|  | -      default:
 | ||||||
|  | -        return XML_STATUS_OK;
 | ||||||
|  | -      }
 | ||||||
|  | -    }
 | ||||||
|  | -    eventEndPtr = eventPtr;
 | ||||||
|  | -    processor = errorProcessor;
 | ||||||
|  | -    return XML_STATUS_ERROR;
 | ||||||
|  | -  }
 | ||||||
|  |  #ifndef XML_CONTEXT_BYTES | ||||||
|  | -  else if (bufferPtr == bufferEnd) {
 | ||||||
|  | +  if (bufferPtr == bufferEnd) {
 | ||||||
|  |      const char *end; | ||||||
|  |      int nLeftOver; | ||||||
|  |      enum XML_Status result; | ||||||
|  | @@ -1899,11 +1930,14 @@ XML_Parse(XML_Parser parser, const char
 | ||||||
|  |         processor = errorProcessor; | ||||||
|  |         return XML_STATUS_ERROR; | ||||||
|  |      } | ||||||
|  | +    // though this isn't a buffer request, we assume that `len` is the app's
 | ||||||
|  | +    // preferred buffer fill size, and therefore save it here.
 | ||||||
|  | +    lastBufferRequestSize = len;
 | ||||||
|  |      parseEndByteIndex += len; | ||||||
|  |      positionPtr = s; | ||||||
|  |      ps_finalBuffer = (XML_Bool)isFinal; | ||||||
|  |   | ||||||
|  | -    errorCode = processor(parser, s, parseEndPtr = s + len, &end);
 | ||||||
|  | +    errorCode = callProcessor(parser, s, parseEndPtr = s + len, &end);
 | ||||||
|  |   | ||||||
|  |      if (errorCode != XML_ERROR_NONE) { | ||||||
|  |        eventEndPtr = eventPtr; | ||||||
|  | @@ -1930,6 +1964,8 @@ XML_Parse(XML_Parser parser, const char
 | ||||||
|  |      XmlUpdatePosition(encoding, positionPtr, end, &position); | ||||||
|  |      nLeftOver = s + len - end; | ||||||
|  |      if (nLeftOver) { | ||||||
|  | +#if 0
 | ||||||
|  | +// erAck: replace with XML_GetBuffer() below.
 | ||||||
|  |        if (buffer == NULL || nLeftOver > bufferLim - buffer) { | ||||||
|  |          /* avoid _signed_ integer overflow */ | ||||||
|  |          char *temp = NULL; | ||||||
|  | @@ -1939,6 +1975,28 @@ XML_Parse(XML_Parser parser, const char
 | ||||||
|  |                  ? (char *)MALLOC(bytesToAllocate) | ||||||
|  |                  : (char *)REALLOC(buffer, bytesToAllocate)); | ||||||
|  |          } | ||||||
|  | +#endif
 | ||||||
|  | +#if 1
 | ||||||
|  | +// erAck: the original patch context had a call to XML_GetBuffer() instead:
 | ||||||
|  | +      // Back up and restore the parsing status to avoid XML_ERROR_SUSPENDED
 | ||||||
|  | +      // (and XML_ERROR_FINISHED) from XML_GetBuffer.
 | ||||||
|  | +      const enum XML_Parsing originalStatus = ps_parsing;
 | ||||||
|  | +      ps_parsing = XML_PARSING;
 | ||||||
|  | +      void *const temp = XML_GetBuffer(parser, nLeftOver);
 | ||||||
|  | +      ps_parsing = originalStatus;
 | ||||||
|  | +#endif
 | ||||||
|  | +      // GetBuffer may have overwritten this, but we want to remember what the
 | ||||||
|  | +      // app requested, not how many bytes were left over after parsing.
 | ||||||
|  | +      lastBufferRequestSize = len;
 | ||||||
|  | +#if 1
 | ||||||
|  | +      if (temp == NULL) {
 | ||||||
|  | +        // NOTE: parser->m_errorCode has already been set by XML_GetBuffer().
 | ||||||
|  | +        eventPtr = eventEndPtr = NULL;
 | ||||||
|  | +        processor = errorProcessor;
 | ||||||
|  | +        return XML_STATUS_ERROR;
 | ||||||
|  | +      }
 | ||||||
|  | +#endif
 | ||||||
|  | +#if 0
 | ||||||
|  |          if (temp == NULL) { | ||||||
|  |            errorCode = XML_ERROR_NO_MEMORY; | ||||||
|  |            eventPtr = eventEndPtr = NULL; | ||||||
|  | @@ -1948,6 +2006,7 @@ XML_Parse(XML_Parser parser, const char
 | ||||||
|  |          buffer = temp; | ||||||
|  |          bufferLim = buffer + bytesToAllocate; | ||||||
|  |        } | ||||||
|  | +#endif
 | ||||||
|  |        memcpy(buffer, end, nLeftOver); | ||||||
|  |      } | ||||||
|  |      bufferPtr = buffer; | ||||||
|  | @@ -1959,15 +2018,14 @@ XML_Parse(XML_Parser parser, const char
 | ||||||
|  |      return result; | ||||||
|  |    } | ||||||
|  |  #endif  /* not defined XML_CONTEXT_BYTES */ | ||||||
|  | -  else {
 | ||||||
|  | -    void *buff = XML_GetBuffer(parser, len);
 | ||||||
|  | -    if (buff == NULL)
 | ||||||
|  | -      return XML_STATUS_ERROR;
 | ||||||
|  | -    else {
 | ||||||
|  | -      memcpy(buff, s, len);
 | ||||||
|  | -      return XML_ParseBuffer(parser, len, isFinal);
 | ||||||
|  | -    }
 | ||||||
|  | +  void *buff = XML_GetBuffer(parser, len);
 | ||||||
|  | +  if (buff == NULL)
 | ||||||
|  | +    return XML_STATUS_ERROR;
 | ||||||
|  | +  if (len > 0) {
 | ||||||
|  | +    assert(s != NULL); // make sure s==NULL && len!=0 was rejected above
 | ||||||
|  | +    memcpy(buff, s, len);
 | ||||||
|  |    } | ||||||
|  | +  return XML_ParseBuffer(parser, len, isFinal);
 | ||||||
|  |  } | ||||||
|  |   | ||||||
|  |  enum XML_Status XMLCALL | ||||||
|  | @@ -2001,7 +2059,7 @@ XML_ParseBuffer(XML_Parser parser, int l
 | ||||||
|  |    parseEndByteIndex += len; | ||||||
|  |    ps_finalBuffer = (XML_Bool)isFinal; | ||||||
|  |   | ||||||
|  | -  errorCode = processor(parser, start, parseEndPtr, &bufferPtr);
 | ||||||
|  | +  errorCode = callProcessor(parser, start, parseEndPtr, &bufferPtr);
 | ||||||
|  |   | ||||||
|  |    if (errorCode != XML_ERROR_NONE) { | ||||||
|  |      eventEndPtr = eventPtr; | ||||||
|  | @@ -2047,7 +2105,11 @@ XML_GetBuffer(XML_Parser parser, int len
 | ||||||
|  |    default: ; | ||||||
|  |    } | ||||||
|  |   | ||||||
|  | -  if (len > bufferLim - bufferEnd) {
 | ||||||
|  | +  // whether or not the request succeeds, `len` seems to be the app's preferred
 | ||||||
|  | +  // buffer fill size; remember it.
 | ||||||
|  | +  lastBufferRequestSize = len;
 | ||||||
|  | +  if (len > EXPAT_SAFE_PTR_DIFF(bufferLim, bufferEnd)
 | ||||||
|  | +      || buffer == NULL) {
 | ||||||
|  |  #ifdef XML_CONTEXT_BYTES | ||||||
|  |      int keep; | ||||||
|  |  #endif  /* defined XML_CONTEXT_BYTES */ | ||||||
|  | @@ -2063,7 +2125,9 @@ XML_GetBuffer(XML_Parser parser, int len
 | ||||||
|  |        keep = XML_CONTEXT_BYTES; | ||||||
|  |      neededSize += keep; | ||||||
|  |  #endif  /* defined XML_CONTEXT_BYTES */ | ||||||
|  | -    if (neededSize  <= bufferLim - buffer) {
 | ||||||
|  | +    if (buffer && bufferPtr
 | ||||||
|  | +        && neededSize
 | ||||||
|  | +               <= EXPAT_SAFE_PTR_DIFF(bufferLim, buffer)) {
 | ||||||
|  |  #ifdef XML_CONTEXT_BYTES | ||||||
|  |        if (keep < bufferPtr - buffer) { | ||||||
|  |          int offset = (int)(bufferPtr - buffer) - keep; | ||||||
|  | @@ -2072,8 +2136,11 @@ XML_GetBuffer(XML_Parser parser, int len
 | ||||||
|  |          bufferPtr -= offset; | ||||||
|  |        } | ||||||
|  |  #else | ||||||
|  | -      memmove(buffer, bufferPtr, bufferEnd - bufferPtr);
 | ||||||
|  | -      bufferEnd = buffer + (bufferEnd - bufferPtr);
 | ||||||
|  | +      memmove(buffer, bufferPtr,
 | ||||||
|  | +              EXPAT_SAFE_PTR_DIFF(bufferEnd, bufferPtr));
 | ||||||
|  | +      bufferEnd
 | ||||||
|  | +          = buffer
 | ||||||
|  | +            + EXPAT_SAFE_PTR_DIFF(bufferEnd, bufferPtr);
 | ||||||
|  |        bufferPtr = buffer; | ||||||
|  |  #endif  /* not defined XML_CONTEXT_BYTES */ | ||||||
|  |      } | ||||||
|  | @@ -2171,7 +2238,7 @@ XML_ResumeParser(XML_Parser parser)
 | ||||||
|  |    } | ||||||
|  |    ps_parsing = XML_PARSING; | ||||||
|  |   | ||||||
|  | -  errorCode = processor(parser, bufferPtr, parseEndPtr, &bufferPtr);
 | ||||||
|  | +  errorCode = callProcessor(parser, bufferPtr, parseEndPtr, &bufferPtr);
 | ||||||
|  |   | ||||||
|  |    if (errorCode != XML_ERROR_NONE) { | ||||||
|  |      eventEndPtr = eventPtr; | ||||||
|  | @@ -2481,6 +2548,15 @@ MOZ_XML_ProcessingEntityValue(XML_Parser
 | ||||||
|  |  } | ||||||
|  |  /* END MOZILLA CHANGE */ | ||||||
|  |   | ||||||
|  | +XML_Bool XMLCALL
 | ||||||
|  | +XML_SetReparseDeferralEnabled(XML_Parser parser, XML_Bool enabled) {
 | ||||||
|  | +  if (parser != NULL && (enabled == XML_TRUE || enabled == XML_FALSE)) {
 | ||||||
|  | +    parser->m_reparseDeferralEnabled = enabled;
 | ||||||
|  | +    return XML_TRUE;
 | ||||||
|  | +  }
 | ||||||
|  | +  return XML_FALSE;
 | ||||||
|  | +}
 | ||||||
|  | +
 | ||||||
|  |  /* Initially tag->rawName always points into the parse buffer; | ||||||
|  |     for those TAG instances opened while the current parse buffer was | ||||||
|  |     processed, and not yet closed, we need to store tag->rawName in a more | ||||||
| @ -134,8 +134,8 @@ end} | |||||||
| 
 | 
 | ||||||
| Summary:        Mozilla Thunderbird mail/newsgroup client | Summary:        Mozilla Thunderbird mail/newsgroup client | ||||||
| Name:           thunderbird | Name:           thunderbird | ||||||
| Version:        115.8.0 | Version:        115.9.0 | ||||||
| Release:        1%{?dist}.alma.plus | Release:        1%{?dist}.alma.plus.1 | ||||||
| URL:            http://www.mozilla.org/projects/thunderbird/ | URL:            http://www.mozilla.org/projects/thunderbird/ | ||||||
| License:        MPLv1.1 or GPLv2+ or LGPLv2+ | License:        MPLv1.1 or GPLv2+ or LGPLv2+ | ||||||
| 
 | 
 | ||||||
| @ -165,7 +165,7 @@ ExcludeArch:    aarch64 s390 ppc ppc64 | |||||||
| #Source0:        https://archive.mozilla.org/pub/thunderbird/releases/%%{version}%%{?pre_version}/source/thunderbird-%%{version}%%{?pre_version}.processed-source.tar.xz | #Source0:        https://archive.mozilla.org/pub/thunderbird/releases/%%{version}%%{?pre_version}/source/thunderbird-%%{version}%%{?pre_version}.processed-source.tar.xz | ||||||
| Source0:        thunderbird-%{version}%{?pre_version}%{?buildnum}.processed-source.tar.xz | Source0:        thunderbird-%{version}%{?pre_version}%{?buildnum}.processed-source.tar.xz | ||||||
| %if %{with langpacks} | %if %{with langpacks} | ||||||
| Source1:        thunderbird-langpacks-%{version}-20240219.tar.xz | Source1:        thunderbird-langpacks-%{version}-20240318.tar.xz | ||||||
| %endif | %endif | ||||||
| Source2:        cbindgen-vendor.tar.xz | Source2:        cbindgen-vendor.tar.xz | ||||||
| Source3:        process-official-tarball | Source3:        process-official-tarball | ||||||
| @ -220,6 +220,7 @@ Patch155:       rhbz-1354671.patch | |||||||
| 
 | 
 | ||||||
| # ---- Security patches ---- | # ---- Security patches ---- | ||||||
| Patch301:       CVE-2023-44488-libvpx.patch | Patch301:       CVE-2023-44488-libvpx.patch | ||||||
|  | Patch302:       expat-CVE-2023-52425.patch | ||||||
| 
 | 
 | ||||||
| # BUILD REQURES/REQUIRES | # BUILD REQURES/REQUIRES | ||||||
| %if %{?system_nss} && !0%{?bundle_nss} | %if %{?system_nss} && !0%{?bundle_nss} | ||||||
| @ -973,6 +974,7 @@ echo "--------------------------------------------" | |||||||
| cd media/libvpx/libvpx | cd media/libvpx/libvpx | ||||||
| %patch -P301 -p1 -b .CVE-2023-44488-libvpx | %patch -P301 -p1 -b .CVE-2023-44488-libvpx | ||||||
| cd - | cd - | ||||||
|  | %patch -P302 -p1 -b .expat-CVE-2023-52425 | ||||||
| 
 | 
 | ||||||
| %{__rm} -f .mozconfig | %{__rm} -f .mozconfig | ||||||
| %{__cp} %{SOURCE10} .mozconfig | %{__cp} %{SOURCE10} .mozconfig | ||||||
| @ -1530,21 +1532,29 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || : | |||||||
| #=============================================================================== | #=============================================================================== | ||||||
| 
 | 
 | ||||||
| %changelog | %changelog | ||||||
| * Tue Feb 27 2024 Eduard Abdullin <eabdullin@almalinux.org> - 115.8.0-1.alma.plus | * Tue Apr 02 2024 Eduard Abdullin <eabdullin@almalinux.org> - 115.9.0-1.alma.1 | ||||||
| - Enable openpgp |  | ||||||
| 
 |  | ||||||
| * Tue Feb 27 2024 Eduard Abdullin <eabdullin@almalinux.org> - 115.8.0-1.alma |  | ||||||
| - Debrand for AlmaLinux | - Debrand for AlmaLinux | ||||||
|  | - Enable OpenPGP | ||||||
|  | 
 | ||||||
|  | * Mon Mar 18 2024 Eike Rathke <erack@redhat.com> - 115.9.0-1 | ||||||
|  | - Update to 115.9.0 build1 | ||||||
|  | - Fix expat CVE-2023-52425 | ||||||
|  | 
 | ||||||
| * Mon Feb 19 2024 Eike Rathke <erack@redhat.com> - 115.8.0-1 | * Mon Feb 19 2024 Eike Rathke <erack@redhat.com> - 115.8.0-1 | ||||||
| - Update to 115.8.0 build1 | - Update to 115.8.0 build1 | ||||||
|  | 
 | ||||||
| * Mon Jan 22 2024 Eike Rathke <erack@redhat.com> - 115.7.0-1 | * Mon Jan 22 2024 Eike Rathke <erack@redhat.com> - 115.7.0-1 | ||||||
| - Update to 115.7.0 build1 | - Update to 115.7.0 build1 | ||||||
|  | 
 | ||||||
| * Mon Dec 18 2023 Eike Rathke <erack@redhat.com> - 115.6.0-1 | * Mon Dec 18 2023 Eike Rathke <erack@redhat.com> - 115.6.0-1 | ||||||
| - Update to 115.6.0 build2 | - Update to 115.6.0 build2 | ||||||
|  | 
 | ||||||
| * Tue Nov 21 2023 Eike Rathke <erack@redhat.com> - 115.5.0-1 | * Tue Nov 21 2023 Eike Rathke <erack@redhat.com> - 115.5.0-1 | ||||||
| - Update to 115.5.0 build1 | - Update to 115.5.0 build1 | ||||||
|  | 
 | ||||||
| * Wed Oct 25 2023 Eike Rathke <erack@redhat.com> - 115.4.1-1 | * Wed Oct 25 2023 Eike Rathke <erack@redhat.com> - 115.4.1-1 | ||||||
| - Update to 115.4.1 build1 | - Update to 115.4.1 build1 | ||||||
|  | 
 | ||||||
| * Tue Oct 24 2023 Anton Bobrov <abobrov@redhat.com> - 115.4.0-3 | * Tue Oct 24 2023 Anton Bobrov <abobrov@redhat.com> - 115.4.0-3 | ||||||
| - Update to 115.4.0 build3 | - Update to 115.4.0 build3 | ||||||
| 
 | 
 | ||||||
| @ -1565,6 +1575,7 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || : | |||||||
| 
 | 
 | ||||||
| * Thu May 04 2023 Eike Rathke <erack@redhat.com> - 102.11.0-1 | * Thu May 04 2023 Eike Rathke <erack@redhat.com> - 102.11.0-1 | ||||||
| - Update to 102.11.0 build1 | - Update to 102.11.0 build1 | ||||||
|  | 
 | ||||||
| * Tue Apr 11 2023 Eike Rathke <erack@redhat.com> - 102.10.0-2 | * Tue Apr 11 2023 Eike Rathke <erack@redhat.com> - 102.10.0-2 | ||||||
| - Update to 102.10.0 build2 | - Update to 102.10.0 build2 | ||||||
| 
 | 
 | ||||||
| @ -1573,13 +1584,16 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || : | |||||||
| 
 | 
 | ||||||
| * Mon Mar 13 2023 Eike Rathke <erack@redhat.com> - 102.9.0-2 | * Mon Mar 13 2023 Eike Rathke <erack@redhat.com> - 102.9.0-2 | ||||||
| - Update to 102.9.0 build1 | - Update to 102.9.0 build1 | ||||||
|  | 
 | ||||||
| * Wed Feb 15 2023 Eike Rathke <erack@redhat.com> - 102.8.0-2 | * Wed Feb 15 2023 Eike Rathke <erack@redhat.com> - 102.8.0-2 | ||||||
| - Update to 102.8.0 build2 | - Update to 102.8.0 build2 | ||||||
|  | 
 | ||||||
| * Fri Feb 10 2023 Eike Rathke <erack@redhat.com> - 102.8.0-1 | * Fri Feb 10 2023 Eike Rathke <erack@redhat.com> - 102.8.0-1 | ||||||
| - Update to 102.8.0 build1 | - Update to 102.8.0 build1 | ||||||
| 
 | 
 | ||||||
| * Tue Jan 31 2023 Eike Rathke <erack@redhat.com> - 102.7.1-2 | * Tue Jan 31 2023 Eike Rathke <erack@redhat.com> - 102.7.1-2 | ||||||
| - Update to 102.7.1 build2 | - Update to 102.7.1 build2 | ||||||
|  | 
 | ||||||
| * Tue Jan 24 2023 Eike Rathke <erack@redhat.com> - 102.7.1-1 | * Tue Jan 24 2023 Eike Rathke <erack@redhat.com> - 102.7.1-1 | ||||||
| - Update to 102.7.1 build1 | - Update to 102.7.1 build1 | ||||||
| 
 | 
 | ||||||
| @ -1588,6 +1602,7 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || : | |||||||
| 
 | 
 | ||||||
| * Tue Dec 13 2022 Eike Rathke <erack@redhat.com> - 102.6.0-2 | * Tue Dec 13 2022 Eike Rathke <erack@redhat.com> - 102.6.0-2 | ||||||
| - Update to 102.6.0 build2 | - Update to 102.6.0 build2 | ||||||
|  | 
 | ||||||
| * Fri Dec 09 2022 Eike Rathke <erack@redhat.com> - 102.6.0-1 | * Fri Dec 09 2022 Eike Rathke <erack@redhat.com> - 102.6.0-1 | ||||||
| - Update to 102.6.0 build1 | - Update to 102.6.0 build1 | ||||||
| 
 | 
 | ||||||
| @ -1596,6 +1611,7 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || : | |||||||
| 
 | 
 | ||||||
| * Tue Nov 15 2022 Eike Rathke <erack@redhat.com> - 102.5.0-2 | * Tue Nov 15 2022 Eike Rathke <erack@redhat.com> - 102.5.0-2 | ||||||
| - Update to 102.5.0 build2 | - Update to 102.5.0 build2 | ||||||
|  | 
 | ||||||
| * Fri Nov 11 2022 Eike Rathke <erack@redhat.com> - 102.5.0-1 | * Fri Nov 11 2022 Eike Rathke <erack@redhat.com> - 102.5.0-1 | ||||||
| - Update to 102.5.0 build1 | - Update to 102.5.0 build1 | ||||||
| 
 | 
 | ||||||
|  | |||||||
		Loading…
	
		Reference in New Issue
	
	Block a user