gnu: icecat: Add fix for CVE-2015-4495.

* gnu/packages/patches/icecat-CVE-2015-4495.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add patch.  Move the 'patches'
  field above the snippet.
This commit is contained in:
Mark H Weaver 2015-08-07 23:06:02 -04:00
parent ff6f33cf80
commit a5e55dfbb7
3 changed files with 34 additions and 4 deletions

View file

@ -483,6 +483,7 @@ dist_patch_DATA = \
gnu/packages/patches/hwloc-gather-topology-lstopo.patch \
gnu/packages/patches/hydra-automake-1.15.patch \
gnu/packages/patches/hydra-disable-darcs-test.patch \
gnu/packages/patches/icecat-CVE-2015-4495.patch \
gnu/packages/patches/icecat-enable-acceleration-and-webgl.patch \
gnu/packages/patches/icecat-freetype-2.6.patch \
gnu/packages/patches/icecat-libvpx-1.4.patch \

View file

@ -240,6 +240,10 @@ (define-public icecat
(sha256
(base32
"11wx29mb5pcg4mgk07a6vjwh52ca90k0x4m9wv0v3y5dmp88f01p"))
(patches (map search-patch '("icecat-CVE-2015-4495.patch"
"icecat-enable-acceleration-and-webgl.patch"
"icecat-freetype-2.6.patch"
"icecat-libvpx-1.4.patch")))
(modules '((guix build utils)))
(snippet
'(begin
@ -277,10 +281,7 @@ (define-public icecat
"gfx/cairo"
"js/src/ctypes/libffi"
"db/sqlite3"))
#t))
(patches (map search-patch '("icecat-enable-acceleration-and-webgl.patch"
"icecat-freetype-2.6.patch"
"icecat-libvpx-1.4.patch")))))
#t))))
(build-system gnu-build-system)
(inputs
`(("alsa-lib" ,alsa-lib)

View file

@ -0,0 +1,28 @@
Backported from upstream commits labelled "Bug 1178058" from the esr38 branch
by Boris Zbarsky <bzbarsky@mit.edu> and Bobby Holley <bobbyholley@gmail.com>.
--- icecat-31.8.0/docshell/base/nsDocShell.cpp
+++ icecat-31.8.0/docshell/base/nsDocShell.cpp
@@ -1546,12 +1546,21 @@
if (owner && mItemType != typeChrome) {
nsCOMPtr<nsIPrincipal> ownerPrincipal = do_QueryInterface(owner);
- if (nsContentUtils::IsSystemOrExpandedPrincipal(ownerPrincipal)) {
+ if (nsContentUtils::IsSystemPrincipal(ownerPrincipal)) {
if (ownerIsExplicit) {
return NS_ERROR_DOM_SECURITY_ERR;
}
owner = nullptr;
inheritOwner = true;
+ } else if (nsContentUtils::IsExpandedPrincipal(ownerPrincipal)) {
+ if (ownerIsExplicit) {
+ return NS_ERROR_DOM_SECURITY_ERR;
+ }
+ // Don't inherit from the current page. Just do the safe thing
+ // and pretend that we were loaded by a nullprincipal.
+ owner = do_CreateInstance("@mozilla.org/nullprincipal;1");
+ NS_ENSURE_TRUE(owner, NS_ERROR_FAILURE);
+ inheritOwner = false;
}
}
if (!owner && !inheritOwner && !ownerIsExplicit) {