diff --git a/build-aarch64-skia.patch b/build-aarch64-skia.patch index b3abe7aaea977733959adea14cd2a76c0ee2d495..9223bb858a70f9db99667a5c980abd66425eeaff 100644 --- a/build-aarch64-skia.patch +++ b/build-aarch64-skia.patch @@ -1,6 +1,6 @@ -diff -up firefox-128.0/gfx/skia/skia/modules/skcms/src/Transform_inl.h.aarch64-skia firefox-128.0/gfx/skia/skia/modules/skcms/src/Transform_inl.h ---- firefox-128.0/gfx/skia/skia/modules/skcms/src/Transform_inl.h.aarch64-skia 2024-07-02 11:10:25.047099913 +0200 -+++ firefox-128.0/gfx/skia/skia/modules/skcms/src/Transform_inl.h 2024-07-02 11:15:43.855410571 +0200 +diff -up firefox-134.0-build/firefox-134.0/gfx/skia/skia/modules/skcms/src/Transform_inl.h.aarch64-skia firefox-134.0-build/firefox-134.0/gfx/skia/skia/modules/skcms/src/Transform_inl.h +--- firefox-134.0/gfx/skia/skia/modules/skcms/src/Transform_inl.h.aarch64-skia 2024-12-30 19:30:46.000000000 +0100 ++++ firefox-134.0/gfx/skia/skia/modules/skcms/src/Transform_inl.h 2025-01-02 20:51:07.855087265 +0100 @@ -151,7 +151,7 @@ SI U32 to_fixed(F f) { return (U32)cast @@ -19,17 +19,15 @@ diff -up firefox-128.0/gfx/skia/skia/modules/skcms/src/Transform_inl.h.aarch64-s return (U16)vcvt_f16_f32(f); #elif defined(USING_AVX512F) return (U16)_mm512_cvtps_ph((__m512 )f, _MM_FROUND_CUR_DIRECTION ); -diff -up firefox-128.0/gfx/skia/skia/src/opts/SkRasterPipeline_opts.h.aarch64-skia firefox-128.0/gfx/skia/skia/src/opts/SkRasterPipeline_opts.h ---- firefox-128.0/gfx/skia/skia/src/opts/SkRasterPipeline_opts.h.aarch64-skia 2024-07-02 11:10:25.048099949 +0200 -+++ firefox-128.0/gfx/skia/skia/src/opts/SkRasterPipeline_opts.h 2024-07-02 11:13:33.384783413 +0200 -@@ -1425,8 +1425,8 @@ SI F from_half(U16 h) { +diff -up firefox-134.0-build/firefox-134.0/gfx/skia/skia/src/opts/SkRasterPipeline_opts.h.aarch64-skia firefox-134.0-build/firefox-134.0/gfx/skia/skia/src/opts/SkRasterPipeline_opts.h +--- firefox-134.0/gfx/skia/skia/src/opts/SkRasterPipeline_opts.h.aarch64-skia 2025-01-02 20:51:07.856087299 +0100 ++++ firefox-134.0/gfx/skia/skia/src/opts/SkRasterPipeline_opts.h 2025-01-02 23:09:47.802283444 +0100 +@@ -1421,7 +1421,7 @@ SI F from_half(U16 h) { } SI U16 to_half(F f) { --#if defined(JUMPER_IS_NEON) && defined(SK_CPU_ARM64) -- return (U16)vcvt_f16_f32(f); -+#if 0 //defined(JUMPER_IS_NEON) && defined(SK_CPU_ARM64) -+ return (U16)vcvt_f16_f32(f); +-#if defined(SKRP_CPU_NEON) && defined(SK_CPU_ARM64) ++#if 0 // defined(SKRP_CPU_NEON) && defined(SK_CPU_ARM64) + return (U16)vcvt_f16_f32(f); - #elif defined(JUMPER_IS_SKX) - return (U16)_mm512_cvtps_ph(f, _MM_FROUND_CUR_DIRECTION); + #elif defined(SKRP_CPU_SKX) diff --git a/expat-CVE-2022-25235.patch b/expat-CVE-2022-25235.patch deleted file mode 100644 index ac495b151c5c10255892bb232e3f389d1f906234..0000000000000000000000000000000000000000 --- a/expat-CVE-2022-25235.patch +++ /dev/null @@ -1,49 +0,0 @@ -diff -up thunderbird-91.7.0/parser/expat/lib/xmltok.c.expat-CVE-2022-25235 thunderbird-91.7.0/parser/expat/lib/xmltok.c ---- thunderbird-91.7.0/parser/expat/lib/xmltok.c.expat-CVE-2022-25235 2022-03-02 17:57:38.364361168 +0100 -+++ thunderbird-91.7.0/parser/expat/lib/xmltok.c 2022-03-02 17:58:22.235512399 +0100 -@@ -65,13 +65,6 @@ - + ((((byte)[2]) >> 5) & 1)] \ - & (1u << (((byte)[2]) & 0x1F))) - --#define UTF8_GET_NAMING(pages, p, n) \ -- ((n) == 2 \ -- ? UTF8_GET_NAMING2(pages, (const unsigned char *)(p)) \ -- : ((n) == 3 \ -- ? UTF8_GET_NAMING3(pages, (const unsigned char *)(p)) \ -- : 0)) -- - /* Detection of invalid UTF-8 sequences is based on Table 3.1B - of Unicode 3.2: http://www.unicode.org/unicode/reports/tr28/ - with the additional restriction of not allowing the Unicode -diff -up thunderbird-91.7.0/parser/expat/lib/xmltok_impl.c.expat-CVE-2022-25235 thunderbird-91.7.0/parser/expat/lib/xmltok_impl.c ---- thunderbird-91.7.0/parser/expat/lib/xmltok_impl.c.expat-CVE-2022-25235 2022-03-02 17:57:38.365361172 +0100 -+++ thunderbird-91.7.0/parser/expat/lib/xmltok_impl.c 2022-03-02 18:04:51.240853247 +0100 -@@ -34,7 +34,7 @@ - case BT_LEAD ## n: \ - if (end - ptr < n) \ - return XML_TOK_PARTIAL_CHAR; \ -- if (!IS_NAME_CHAR(enc, ptr, n)) { \ -+ if (IS_INVALID_CHAR(enc, ptr, n) || ! IS_NAME_CHAR(enc, ptr, n)) { \ - *nextTokPtr = ptr; \ - return XML_TOK_INVALID; \ - } \ -@@ -62,7 +62,7 @@ - case BT_LEAD ## n: \ - if (end - ptr < n) \ - return XML_TOK_PARTIAL_CHAR; \ -- if (!IS_NMSTRT_CHAR(enc, ptr, n)) { \ -+ if (IS_INVALID_CHAR(enc, ptr, n) || ! IS_NMSTRT_CHAR(enc, ptr, n)) { \ - *nextTokPtr = ptr; \ - return XML_TOK_INVALID; \ - } \ -@@ -1090,6 +1090,10 @@ PREFIX(prologTok)(const ENCODING *enc, c - case BT_LEAD ## n: \ - if (end - ptr < n) \ - return XML_TOK_PARTIAL_CHAR; \ -+ if (IS_INVALID_CHAR(enc, ptr, n)) { \ -+ *nextTokPtr = ptr; \ -+ return XML_TOK_INVALID; \ -+ } \ - if (IS_NMSTRT_CHAR(enc, ptr, n)) { \ - ptr += n; \ - tok = XML_TOK_NAME; \ diff --git a/expat-CVE-2022-25236.patch b/expat-CVE-2022-25236.patch deleted file mode 100644 index 84cafd27b767c02e4a4580a9fa7cc01b3bb97579..0000000000000000000000000000000000000000 --- a/expat-CVE-2022-25236.patch +++ /dev/null @@ -1,40 +0,0 @@ -diff -up thunderbird-91.7.0/parser/expat/lib/xmlparse.c.expat-CVE-2022-25236 thunderbird-91.7.0/parser/expat/lib/xmlparse.c ---- thunderbird-91.7.0/parser/expat/lib/xmlparse.c.expat-CVE-2022-25236 2022-03-02 18:08:40.085642028 +0100 -+++ thunderbird-91.7.0/parser/expat/lib/xmlparse.c 2022-03-02 18:13:31.838667958 +0100 -@@ -700,8 +700,7 @@ XML_ParserCreate(const XML_Char *encodin - XML_Parser XMLCALL - XML_ParserCreateNS(const XML_Char *encodingName, XML_Char nsSep) - { -- XML_Char tmp[2]; -- *tmp = nsSep; -+ XML_Char tmp[2] = {nsSep, 0}; - return XML_ParserCreate_MM(encodingName, NULL, tmp); - } - #endif -@@ -1276,8 +1275,7 @@ XML_ExternalEntityParserCreate(XML_Parse - would be otherwise. - */ - if (ns) { -- XML_Char tmp[2]; -- *tmp = namespaceSeparator; -+ XML_Char tmp[2] = {parser->m_namespaceSeparator, 0}; - parser = parserCreate(encodingName, &parser->m_mem, tmp, newDtd); - } - else { -@@ -3667,6 +3665,16 @@ addBinding(XML_Parser parser, PREFIX *pr - if (!mustBeXML && isXMLNS - && (len > xmlnsLen || uri[len] != xmlnsNamespace[len])) - isXMLNS = XML_FALSE; -+ // NOTE: While Expat does not validate namespace URIs against RFC 3986, -+ // we have to at least make sure that the XML processor on top of -+ // Expat (that is splitting tag names by namespace separator into -+ // 2- or 3-tuples (uri-local or uri-local-prefix)) cannot be confused -+ // by an attacker putting additional namespace separator characters -+ // into namespace declarations. That would be ambiguous and not to -+ // be expected. -+ if (parser->m_ns && (uri[len] == parser->m_namespaceSeparator)) { -+ return XML_ERROR_SYNTAX; -+ } - } - isXML = isXML && len == xmlLen; - isXMLNS = isXMLNS && len == xmlnsLen; diff --git a/expat-CVE-2022-25315.patch b/expat-CVE-2022-25315.patch deleted file mode 100644 index 4d4efb7977313fe084fb1ddf83c764770dfbd650..0000000000000000000000000000000000000000 --- a/expat-CVE-2022-25315.patch +++ /dev/null @@ -1,24 +0,0 @@ -diff -up thunderbird-91.7.0/parser/expat/lib/xmlparse.c.expat-CVE-2022-25315 thunderbird-91.7.0/parser/expat/lib/xmlparse.c ---- thunderbird-91.7.0/parser/expat/lib/xmlparse.c.expat-CVE-2022-25315 2022-03-02 18:17:50.966583254 +0100 -+++ thunderbird-91.7.0/parser/expat/lib/xmlparse.c 2022-03-02 18:19:27.636924735 +0100 -@@ -2479,6 +2479,7 @@ storeRawNames(XML_Parser parser) - while (tag) { - int bufSize; - int nameLen = sizeof(XML_Char) * (tag->name.strLen + 1); -+ size_t rawNameLen; - char *rawNameBuf = tag->buf + nameLen; - /* Stop if already stored. Since tagStack is a stack, we can stop - at the first entry that has already been copied; everything -@@ -2490,7 +2491,11 @@ storeRawNames(XML_Parser parser) - /* For re-use purposes we need to ensure that the - size of tag->buf is a multiple of sizeof(XML_Char). - */ -- bufSize = nameLen + ROUND_UP(tag->rawNameLength, sizeof(XML_Char)); -+ rawNameLen = ROUND_UP(tag->rawNameLength, sizeof(XML_Char)); -+ /* Detect and prevent integer overflow. */ -+ if (rawNameLen > (size_t)INT_MAX - nameLen) -+ return XML_FALSE; -+ bufSize = nameLen + (int)rawNameLen; - if (bufSize > tag->bufEnd - tag->buf) { - char *temp = (char *)REALLOC(tag->buf, bufSize); - if (temp == NULL) diff --git a/icu-76.patch b/icu-76.patch deleted file mode 100644 index 6a94fa633dd32910eee8efc8fb0595b775515df8..0000000000000000000000000000000000000000 --- a/icu-76.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- thunderbird-128.12.0/js/moz.configure.orig 2025-07-06 12:09:10.637465000 +0800 -+++ thunderbird-128.12.0/js/moz.configure 2025-07-06 12:09:30.917088400 +0800 -@@ -1305,7 +1305,7 @@ - return enable_system_icu - - --system_icu = pkg_check_modules("MOZ_ICU", "icu-i18n >= 73.1", when="--with-system-icu") -+system_icu = pkg_check_modules("MOZ_ICU", "icu-i18n >= 73.1 icu-uc >= 73.1", when="--with-system-icu") - - - @depends(enable_system_icu_option) diff --git a/thunderbird-128.14.0esr.source.tar.xz b/thunderbird-140.3.0esr.source.tar.xz similarity index 32% rename from thunderbird-128.14.0esr.source.tar.xz rename to thunderbird-140.3.0esr.source.tar.xz index 5d6c0cc68eb643d9fc40ee97ca94b031579c43c7..182a73f89558875e2691e8b31f0fb86657c1a3eb 100644 --- a/thunderbird-128.14.0esr.source.tar.xz +++ b/thunderbird-140.3.0esr.source.tar.xz @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:4f26f2356a09f6ac484dd26e1a2ad89bbe855abb25f0c9a2ab93a7069be495c7 -size 672907156 +oid sha256:b538c6cde261e06e37e9cedb854c392ab7850aa220f5007c876357b6546418ae +size 755800156 diff --git a/thunderbird-langpacks-128.14.0esr.tar.xz b/thunderbird-langpacks-140.3.0esr.tar.xz similarity index 32% rename from thunderbird-langpacks-128.14.0esr.tar.xz rename to thunderbird-langpacks-140.3.0esr.tar.xz index ce9bad7f191ca2681864e3d73616f36989e5d65b..0ba8b5a750c3faebfc735fa33618ecccf44e131b 100644 --- a/thunderbird-langpacks-128.14.0esr.tar.xz +++ b/thunderbird-langpacks-140.3.0esr.tar.xz @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:e7123beaa41b8ee7d2044fe9aa9322dae304f4ca420a7a134aa8faac743e72cd -size 42315612 +oid sha256:ca63a388bc76fde12aa35e2034f4030f5b4506a251120eae113b7244ac85d9dd +size 26157652 diff --git a/thunderbird.spec b/thunderbird.spec index 48cd37c7c36a520c85477f414a6562138e0df527..7e9a3cb837cfc9fc672a5391353671a8fb7ae9ea 100644 --- a/thunderbird.spec +++ b/thunderbird.spec @@ -59,7 +59,7 @@ Summary: Mozilla Thunderbird mail/newsgroup client Name: thunderbird -Version: 128.14.0 +Version: 140.3.0 Release: 1 URL: https://www.mozilla.org/projects/thunderbird/ License: MPL-2.0 OR GPL-2.0-or-later OR LGPL-2.0-or-later @@ -83,7 +83,6 @@ Source32: node-stdout-nonblocking-wrapper # Build patches Patch0: build-aarch64-skia.patch -Patch1: icu-76.patch # gcc 12 build fix patches Patch422: 0001-GLIBCXX-fix-for-GCC-12.patch @@ -93,11 +92,6 @@ Patch425: build-disable-elfhack.patch Patch402: mozilla-526293.patch Patch406: mozilla-1170092.patch -# Bundled expat backported patches -Patch501: expat-CVE-2022-25235.patch -Patch502: expat-CVE-2022-25236.patch -Patch503: expat-CVE-2022-25315.patch - # openEuler specific BuildRequires: make @@ -219,7 +213,6 @@ debug %{name}, you want to install %{name}-debuginfo instead. # Build patches %patch -P 0 -p1 -b .build-aarch64-skia -%patch -P 1 -p1 -b .icu %patch -P 402 -p1 -b .526293 %patch -P 406 -p1 -b .1170092-etc-conf @@ -228,10 +221,6 @@ debug %{name}, you want to install %{name}-debuginfo instead. %patch -P 425 -p1 -b .build-disable-elfhack %endif -%patch -P 501 -p1 -b .expat-CVE-2022-25235 -%patch -P 502 -p1 -b .expat-CVE-2022-25236 -%patch -P 503 -p1 -b .expat-CVE-2022-25315 - %{__rm} -f .mozconfig %{__cp} %{SOURCE10} .mozconfig %if %{official_branding} @@ -573,6 +562,9 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || : #=============================================================================== %changelog +* Thu Sep 18 2025 Funda Wang - 140.3.0-1 +- update to 140.3.0 + * Wed Aug 20 2025 Funda Wang - 128.14.0-1 - update to 128.14.0