Package: release.debian.org
Severity: normal
User: release.debian....@packages.debian.org
Usertags: unblock
Please unblock package firefox-esr
(Please provide enough (but not too much) information to help
the release team to judge the request efficiently. E.g. by
filling in the sections below.)
[ Reason ]
New version fixes CVEs and the RC bug that was putting the package in
the autorm list.
[ Impact ]
No firefox in bookwork.
[ Tests ]
Package was smoke-tested.
[ Risks ]
Apart from the upstream differences from the CVE fixes/new upstream
release, that we'd take (and have taken) in stable, the differences are
very limited in scope (see attached diff)
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
unblock firefox-esr/102.9.0esr-2
diff -Nru firefox-esr-102.8.0esr/debian/browser.mozconfig.in
firefox-esr-102.9.0esr/debian/browser.mozconfig.in
--- firefox-esr-102.8.0esr/debian/browser.mozconfig.in 2023-02-15
08:44:35.000000000 +0900
+++ firefox-esr-102.9.0esr/debian/browser.mozconfig.in 2023-03-18
06:53:04.000000000 +0900
@@ -30,6 +30,6 @@
ac_add_options --with-unsigned-addon-scopes=app,system
ac_add_options --allow-addon-sideload
ac_add_options --enable-alsa
-%if DIST == bullseye || DIST == buster || DIST == stretch
+%if DIST == bullseye || DIST == buster || DIST == stretch || DEB_HOST_ARCH ==
s390x
ac_add_options --without-wasm-sandboxed-libraries
%endif
diff -Nru firefox-esr-102.8.0esr/debian/changelog
firefox-esr-102.9.0esr/debian/changelog
--- firefox-esr-102.8.0esr/debian/changelog 2023-02-15 08:45:08.000000000
+0900
+++ firefox-esr-102.9.0esr/debian/changelog 2023-03-18 06:53:38.000000000
+0900
@@ -1,3 +1,22 @@
+firefox-esr (102.9.0esr-2) unstable; urgency=medium
+
+ * gfx/skia/generate_mozbuild.py, gfx/skia/moz.build: Remove explicit NEON
+ flags from skia build. Closes: #982794. Thanks Emanuele Rocca.
+
+ -- Mike Hommey <gland...@debian.org> Sat, 18 Mar 2023 06:53:38 +0900
+
+firefox-esr (102.9.0esr-1) unstable; urgency=medium
+
+ * New upstream release.
+ * Fixes for mfsa2023-10, also known as:
+ CVE-2023-25751, CVE-2023-28164, CVE-2023-28162, CVE-2023-25752,
+ CVE-2023-28176.
+
+ * debian/browser.mozconfig.in: Disable wasm sandboxing on s390x for now.
+ It doesn't work at the moment.
+
+ -- Mike Hommey <gland...@debian.org> Wed, 15 Mar 2023 07:26:00 +0900
+
firefox-esr (102.8.0esr-1) unstable; urgency=medium
* New upstream release.
diff -Nru
firefox-esr-102.8.0esr/debian/patches/debian-hacks/Add-a-2-minutes-timeout-on-xpcshell-tests.patch
firefox-esr-102.9.0esr/debian/patches/debian-hacks/Add-a-2-minutes-timeout-on-xpcshell-tests.patch
---
firefox-esr-102.8.0esr/debian/patches/debian-hacks/Add-a-2-minutes-timeout-on-xpcshell-tests.patch
2023-02-15 08:44:54.000000000 +0900
+++
firefox-esr-102.9.0esr/debian/patches/debian-hacks/Add-a-2-minutes-timeout-on-xpcshell-tests.patch
2023-03-18 06:53:24.000000000 +0900
@@ -7,7 +7,7 @@
1 file changed, 18 insertions(+), 3 deletions(-)
diff --git a/testing/xpcshell/runxpcshelltests.py
b/testing/xpcshell/runxpcshelltests.py
-index 212bfeb..6761334 100755
+index c3de2a2..0636219 100755
--- a/testing/xpcshell/runxpcshelltests.py
+++ b/testing/xpcshell/runxpcshelltests.py
@@ -13,6 +13,7 @@ import os
@@ -18,7 +18,7 @@
import shutil
import signal
import subprocess
-@@ -835,9 +836,23 @@ class XPCShellTestThread(Thread):
+@@ -837,9 +838,23 @@ class XPCShellTestThread(Thread):
if self.interactive:
self.log.info("%s | Process ID: %d" % (name, self.proc_ident))
diff -Nru
firefox-esr-102.8.0esr/debian/patches/porting/Bug-1822827-Remove-explicit-NEON-flags-from-skia-bui.patch
firefox-esr-102.9.0esr/debian/patches/porting/Bug-1822827-Remove-explicit-NEON-flags-from-skia-bui.patch
---
firefox-esr-102.8.0esr/debian/patches/porting/Bug-1822827-Remove-explicit-NEON-flags-from-skia-bui.patch
1970-01-01 09:00:00.000000000 +0900
+++
firefox-esr-102.9.0esr/debian/patches/porting/Bug-1822827-Remove-explicit-NEON-flags-from-skia-bui.patch
2023-03-18 06:53:24.000000000 +0900
@@ -0,0 +1,44 @@
+From: Emanuele Rocca <e...@debian.org>
+Date: Sat, 18 Mar 2023 06:48:32 +0900
+Subject: Bug 1822827 - Remove explicit NEON flags from skia build
+
+While Firefox builds for Android ARMv7 don't support non-NEON
+processors, downstreams (including non-Android ones) may still want to
+support them.
+
+Because those Firefox builds don't support non-NEON processors, the NEON
+flags are actually already passed globally, and they don't need to be
+explicitly added. NEON_FLAGS is actually only meant to be used for
+sources that specifically need NEON support even when the target doesn't
+support it, for, e.g. specialized code behind runtime CPU detection.
+---
+ gfx/skia/generate_mozbuild.py | 2 --
+ gfx/skia/moz.build | 2 --
+ 2 files changed, 4 deletions(-)
+
+diff --git a/gfx/skia/generate_mozbuild.py b/gfx/skia/generate_mozbuild.py
+index 5e0fd17..580f092 100755
+--- a/gfx/skia/generate_mozbuild.py
++++ b/gfx/skia/generate_mozbuild.py
+@@ -59,8 +59,6 @@ if CONFIG['INTEL_ARCHITECTURE']:
+ SOURCES['skia/src/opts/SkOpts_sse42.cpp'].flags += ['-msse4.2']
+ SOURCES['skia/src/opts/SkOpts_avx.cpp'].flags += ['-mavx']
+ SOURCES['skia/src/opts/SkOpts_hsw.cpp'].flags += ['-mavx2', '-mf16c',
'-mfma']
+-elif CONFIG['CPU_ARCH'] == 'arm' and CONFIG['CC_TYPE'] in ('clang', 'gcc'):
+- CXXFLAGS += CONFIG['NEON_FLAGS']
+ elif CONFIG['CPU_ARCH'] == 'aarch64' and CONFIG['CC_TYPE'] in ('clang',
'gcc'):
+ SOURCES['skia/src/opts/SkOpts_crc32.cpp'].flags += ['-march=armv8-a+crc']
+
+diff --git a/gfx/skia/moz.build b/gfx/skia/moz.build
+index 524bd28..5fb7174 100755
+--- a/gfx/skia/moz.build
++++ b/gfx/skia/moz.build
+@@ -455,8 +455,6 @@ if CONFIG['INTEL_ARCHITECTURE']:
+ SOURCES['skia/src/opts/SkOpts_sse42.cpp'].flags += ['-msse4.2']
+ SOURCES['skia/src/opts/SkOpts_avx.cpp'].flags += ['-mavx']
+ SOURCES['skia/src/opts/SkOpts_hsw.cpp'].flags += ['-mavx2', '-mf16c',
'-mfma']
+-elif CONFIG['CPU_ARCH'] == 'arm' and CONFIG['CC_TYPE'] in ('clang', 'gcc'):
+- CXXFLAGS += CONFIG['NEON_FLAGS']
+ elif CONFIG['CPU_ARCH'] == 'aarch64' and CONFIG['CC_TYPE'] in ('clang',
'gcc'):
+ SOURCES['skia/src/opts/SkOpts_crc32.cpp'].flags += ['-march=armv8-a+crc']
+
diff -Nru
firefox-esr-102.8.0esr/debian/patches/prefs/Don-t-auto-disable-extensions-in-system-directories.patch
firefox-esr-102.9.0esr/debian/patches/prefs/Don-t-auto-disable-extensions-in-system-directories.patch
---
firefox-esr-102.8.0esr/debian/patches/prefs/Don-t-auto-disable-extensions-in-system-directories.patch
2023-02-15 08:44:54.000000000 +0900
+++
firefox-esr-102.9.0esr/debian/patches/prefs/Don-t-auto-disable-extensions-in-system-directories.patch
2023-03-18 06:53:24.000000000 +0900
@@ -7,7 +7,7 @@
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/browser/app/profile/firefox.js b/browser/app/profile/firefox.js
-index 84c76fd..328fd79 100644
+index b6bedc5..a091452 100644
--- a/browser/app/profile/firefox.js
+++ b/browser/app/profile/firefox.js
@@ -56,7 +56,7 @@ pref("extensions.systemAddon.update.enabled", true);
diff -Nru firefox-esr-102.8.0esr/debian/patches/series
firefox-esr-102.9.0esr/debian/patches/series
--- firefox-esr-102.8.0esr/debian/patches/series 2023-02-15
08:44:53.000000000 +0900
+++ firefox-esr-102.9.0esr/debian/patches/series 2023-03-18
06:53:24.000000000 +0900
@@ -5,6 +5,7 @@
porting/Work-around-GCC-ICE-on-mips-i386-and-s390x.patch
porting/Work-around-another-GCC-ICE-on-arm.patch
porting/Use-compiler-macros-to-detect-big-endian.patch
+porting/Bug-1822827-Remove-explicit-NEON-flags-from-skia-bui.patch
prefs/Set-DPI-to-system-settings.patch
prefs/Don-t-auto-disable-extensions-in-system-directories.patch
debian-hacks/Avoid-wrong-sessionstore-data-to-keep-windows-out-of.patch
