Created attachment 254130 [details] 0001-librewolf-update-to-131.0.patch Hi, this is an update to 131.0 ===== env: DEVELOPER_MODE=yes STRICT_DEPENDS=yes USER=root UID=0 GID=0 ===> Deinstalling for librewolf ===> Deinstalling librewolf-131.0 Updating database digests format: .......... done Checking integrity... done (0 conflicting) Deinstallation has been requested for the following 1 packages (of 0 packages in the universe): Installed packages to be REMOVED: librewolf: 131.0 Number of packages to be removed: 1 The operation will free 255 MiB. [133amd64-default] [1/1] Deinstalling librewolf-131.0... [133amd64-default] [1/1] Deleting files for librewolf-131.0: .......... done ==> Running trigger: desktop-file-utils.ucl Building cache database of MIME types =========================================================================== =>> Checking for extra files and directories [01:13:27] Installing from package [133amd64-default] Installing librewolf-131.0... [133amd64-default] Extracting librewolf-131.0: .......... done ==> Running trigger: desktop-file-utils.ucl Building cache database of MIME types ===== Message from librewolf-131.0:
1. Why did you create www/librewolf/files/firefox.desktop.in instead of use included in sources? 2. Are you sure www/librewolf/files/patch-bug847568 applied without warnings? Look like u reverse this change: https://cgit.freebsd.org/ports/diff/www/librewolf/files/patch-bug847568?id=7eb3b6238dea2ea5edf847c6b87484901b4356e4 3. Did you copied www/librewolf/files/patch-libwebrtc-generated from www/firefox/files/patch-libwebrtc-generated? 4. Attach plz patch-libwebrtc-generated and patch-bug847568 as separate files.
(In reply to Vladimir Druzenko from comment #1) 1. It was removed from firefox base ${MOZSRC}/taskcluster/docker/${MOZILLA}-snap/${MOZILLA}.desktop .Here is the commit: and https://github.com/freebsd/freebsd-ports/commit/494ca8e7c4aa1d7088b21acccd710893f4c34988#diff-beeb41450985361faa4549cd49c97a24be71487d62697c9f5a697144afd9689aR61 2. It is from Firefox 131.0 3. It is from Firefox 131.0
Created attachment 254137 [details] patch-bug847568
Created attachment 254138 [details] patch-libwebrtc-generated.tar.gz
(In reply to Vladimir Druzenko from comment #1) ===> Cleaning for librewolf-131.0.2 [01:06:14] Deinstalling package Updating database digests format: . done Checking integrity... done (0 conflicting) Deinstallation has been requested for the following 1 packages (of 0 packages in the universe): Installed packages to be REMOVED: librewolf: 131.0.2 Number of packages to be removed: 1 The operation will free 255 MiB. [133amd64-default] [1/1] Deinstalling librewolf-131.0.2... [133amd64-default] [1/1] Deleting files for librewolf-131.0.2: .......... done ==> Running trigger: desktop-file-utils.ucl Building cache database of MIME types build of www/librewolf | librewolf-131.0.2 ended at Thu Oct 10 19:22:53 CEST 2024 build time: 01:05:26 [01:06:14] Logs: /usr/local/poudriere/data/logs/bulk/133amd64-default/2024-10-10_18h16m38s [01:06:15] Cleaning up [01:06:15] Unmounting file systems
Created attachment 254145 [details] 0001-librewolf-update-to-131.0.2.patch
Does this patch include the fix to address https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/ https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=281992 thank you
(In reply to Martin Filla from comment #6) How was this this patch applied? git apply patchname (in /usr/ports)? I did this, it seemed to apply (giving whitespace errors, but otherwise applied). I downloaded the patch like this: [ /usr/ports # ] wget "https://bz-attachments.freebsd.org/attachment.cgi?id=254145&action=diff&format=raw&headers=1" -O librefox.patch It fails to complete building *on ARM64* with this at the end: [05:47:47] /wrkdirs/usr/ports/www/librewolf/work/.build/dist/include/mozilla/gfx/CriticalSection.h:55:3: warning: mutex 'mMutex' is still held at the end of function [-Wthread-safety-analysis] [05:47:47] 55 | } [05:47:47] | ^ [05:47:47] /wrkdirs/usr/ports/www/librewolf/work/.build/dist/include/mozilla/gfx/CriticalSection.h:53:26: note: mutex acquired here [05:47:47] 53 | DebugOnly<int> err = pthread_mutex_lock(&mMutex); [05:47:47] | ^ [05:47:47] /wrkdirs/usr/ports/www/librewolf/work/.build/dist/include/mozilla/gfx/CriticalSection.h:58:26: warning: releasing mutex 'mMutex' that was not held [-Wthread-safety-analysis] [05:47:47] 58 | DebugOnly<int> err = pthread_mutex_unlock(&mMutex); [05:47:47] | ^ [05:47:56] 2 warnings generated. [05:48:07] 2 warnings generated. [05:48:21] 2 warnings generated. [05:48:53] 2 warnings generated. [05:48:58] 2 warnings generated. [05:48:58] gmake[3]: Leaving directory '/wrkdirs/usr/ports/www/librewolf/work/.build/gfx/thebes' [05:48:58] gmake[2]: Leaving directory '/wrkdirs/usr/ports/www/librewolf/work/.build' [05:48:58] gmake[1]: *** [/wrkdirs/usr/ports/www/librewolf/work/librewolf-131.0.2-1/config/recurse.mk:34: compile] Error 2 [05:48:58] gmake[1]: Leaving directory '/wrkdirs/usr/ports/www/librewolf/work/.build' [05:48:58] gmake: *** [/wrkdirs/usr/ports/www/librewolf/work/librewolf-131.0.2-1/config/rules.mk:359: all] Error 2 [05:48:58] ===> Compilation failed unexpectedly. Full poudriere log is at http://void.f-m.fm.user.fm/bugs/librewolf-131.0.2.log
^^^ the full log is ~ 19MB
(In reply to void from comment #8) you have some problem with clang error: ../../../../../aarch64-unknown-freebsd/release/libbuiltins_static.a(builtins_static-0b2b9ab874df273d.builtins_static.b954bf7d4ddbfd8f-cgu.0.rcgu.o): Unknown attribute kind (91) (Producer: 'LLVM18.1.7-rust-1.81.0-stable' Reader: 'LLVM 17.0.6') [05:45:25] /usr/local/bin/clang17 -std=gnu99 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -fstack-protector-strong -DLIBICONV_PLUG -isystem /usr/local/include -pthread -ffunction-sections -fdata-sections -fno-math-errno -fPIC -O2 -pipe -O3 -DLIBICONV_PLUG -fstack-protector-strong -isystem /usr/local/include -fno-strict-aliasing -O2 -O3 -fomit-frame-pointer -funwind-tables -shared -Wl,-z,defs -Wl,--warn-unresolved-symbols -Wl,--gc-sections -Wl,-h,libnssckbi.so -o ../../../../../dist/bin/libnssckbi.so stub.o -flto=thin -Wl,-plugin-opt=-import-instr-limit=10 -Wl,-plugin-opt=-import-hot-multiplier=30 -Wl,--as-needed -Wl,--undefined-version -fstack-protector-strong -Wl,--icf=safe -Wl,--build-id=sha1 -Wl,-z,noexecstack -Wl,-z,text -Wl,-z,relro -Wl,-z,now -Wl,-z,nocopyreloc -fuse-ld=lld -fstack-protector-strong -Wl,-rpath-link,/wrkdirs/usr/ports/www/librewolf/work/.build/dist/bin -O2 -O3 ../../../../../aarch64-unknown-freebsd/release/libbuiltins_static.a -Wl,--version-script,libnssckbi.so.symbols -ldl [05:45:25] ld.lld: error: ../../../../../aarch64-unknown-freebsd/release/libbuiltins_static.a(builtins_static-0b2b9ab874df273d.builtins_static.b954bf7d4ddbfd8f-cgu.0.rcgu.o): Unknown attribute kind (91) (Producer: 'LLVM18.1.7-rust-1.81.0-stable' Reader: 'LLVM 17.0.6') [05:45:25] clang: error: linker command failed with exit code 1 (use -v to see invocation) [05:45:25] gmake[3]: *** [/wrkdirs/usr/ports/www/librewolf/work/librewolf-131.0.2-1/config/rules.mk:539: ../../../../../dist/bin/libnssckbi.so] Error 1
(In reply to Martin Filla from comment #10) Should I rebuild clang in poudriere?
Yes it does. According the Mozilla the bug gets exploited already in the wild so the same applies to the outdated www/firefox, www/firefox-esr and mail/thunderbird ports.
1. Copy www/firefox/files/patch-bug1559213 too. 2. I'll post suggestion about desktop file tomorrow.
2. Suggestion about desktop file. diff for Makefile: @@ -66,7 +65,6 @@ FIREFOX_ICON= ${MOZILLA}.png FIREFOX_ICON_SRC= ${PREFIX}/lib/${MOZILLA}/browser/chrome/icons/default/default48.png -FIREFOX_DESKTOP= ${MOZSRC}/taskcluster/docker/firefox-snap/firefox.desktop .include "${.CURDIR}/../../www/firefox/Makefile.options" @@ -86,18 +84,21 @@ MOZ_OPTIONS+= --with-wasi-sysroot=${LOCALBASE}/share/wasi-sysroot .endif +post-extract: + @${SED} -e 's|@FIREFOX_ICON@|${FIREFOX_ICON:R}|;s|@MOZILLA@|${MOZILLA}|' \ + -e 's|firefox|${MOZILLA}|' \ + -e 's|Firefox|${MOZILLA_CAP}|' \ + ${.CURDIR}/../firefox/files/firefox.desktop.in > ${WRKDIR}/${MOZILLA_EXEC_NAME}.desktop + post-patch: - @${REINPLACE_CMD} -e 's/%u/%U/' -e '/X-MultipleArgs/d' \ - -e 's/firefox/${MOZILLA}/' \ - -e 's/Firefox/${MOZILLA_CAP}/' \ - -e '/^Icon/s/=.*/=${FIREFOX_ICON:R}/' \ - ${FIREFOX_DESKTOP} @${REINPLACE_CMD} -e 's|%%LOCALBASE%%|${LOCALBASE}|g' \ ${WRKSRC}/browser/app/nsBrowserApp.cpp @${RM} ${WRKSRC}/mozconfig + @${REINPLACE_CMD} -e 's|%%LOCALBASE%%|${LOCALBASE}|g' \ + ${WRKSRC}/browser/app/nsBrowserApp.cpp post-install: - ${INSTALL_DATA} ${FIREFOX_DESKTOP} ${STAGEDIR}${PREFIX}/share/applications/${MOZILLA}.desktop + ${INSTALL_DATA} ${WRKDIR}/${MOZILLA_EXEC_NAME}.desktop ${STAGEDIR}${PREFIX}/share/applications ${MKDIR} ${STAGEDIR}${PREFIX}/share/pixmaps ${LN} -sf ${FIREFOX_ICON_SRC} ${STAGEDIR}${PREFIX}/share/pixmaps/${FIREFOX_ICON}
Created attachment 254199 [details] 0001-librewolf-update-to-131.0.2.patch
Created attachment 254222 [details] 0001-librewolf-update-to-131.0.2.patch
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=634c08de92be7b90316ba381a4e495fb15a73d5e commit 634c08de92be7b90316ba381a4e495fb15a73d5e Author: Martin Filla <freebsd@sysctl.cz> AuthorDate: 2024-10-14 14:03:35 +0000 Commit: Vladimir Druzenko <vvd@FreeBSD.org> CommitDate: 2024-10-14 14:08:47 +0000 www/librewolf: Update 129.0-1 → 131.0.2-1 (CVE-2024-9680) Changelog: https://www.mozilla.org/en-US/firefox/131.0/releasenotes/ https://www.mozilla.org/en-US/firefox/131.0.2/releasenotes/ Fix CVE-2024-9680: Use-after-free in Animation timeline: https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/ Fix build on aarch64. PR: 281985 281902 MFH: 2024Q4 www/librewolf/Makefile | 23 +- www/librewolf/distinfo | 6 +- www/librewolf/files/patch-bug1559213 | 63 +- www/librewolf/files/patch-bug847568 | 91 +- .../patch-gfx_skia_skia_src_core_SkCpu.cpp (gone) | 33 - www/librewolf/files/patch-libwebrtc-generated | 8418 +++++++++++--------- 6 files changed, 4750 insertions(+), 3884 deletions(-)
A commit in branch 2024Q4 references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=1cefc8e9488cd60f3cd53f5b68a27df4a70c7e57 commit 1cefc8e9488cd60f3cd53f5b68a27df4a70c7e57 Author: Martin Filla <freebsd@sysctl.cz> AuthorDate: 2024-10-14 14:03:35 +0000 Commit: Vladimir Druzenko <vvd@FreeBSD.org> CommitDate: 2024-10-14 14:12:02 +0000 www/librewolf: Update 129.0-1 → 131.0.2-1 (CVE-2024-9680) Changelog: https://www.mozilla.org/en-US/firefox/131.0/releasenotes/ https://www.mozilla.org/en-US/firefox/131.0.2/releasenotes/ Fix CVE-2024-9680: Use-after-free in Animation timeline: https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/ Fix build on aarch64. PR: 281985 281902 MFH: 2024Q4 (cherry picked from commit 634c08de92be7b90316ba381a4e495fb15a73d5e) www/librewolf/Makefile | 23 +- www/librewolf/distinfo | 6 +- www/librewolf/files/patch-bug1559213 | 63 +- www/librewolf/files/patch-bug847568 | 91 +- .../patch-gfx_skia_skia_src_core_SkCpu.cpp (gone) | 33 - www/librewolf/files/patch-libwebrtc-generated | 8418 +++++++++++--------- 6 files changed, 4750 insertions(+), 3884 deletions(-)
Thanks.