[packages/firefox] - really lower sandbox level to 2 for glibc 2.34, rel 3

baggins baggins at pld-linux.org
Wed Oct 6 19:21:37 CEST 2021 

commit aa5cc6df7e5804ab07dcf4e31ff98c589aabd874
Author: Jan Rękorajski <baggins at pld-linux.org>
Date:   Wed Oct 6 19:20:51 2021 +0200

    - really lower sandbox level to 2 for glibc 2.34, rel 3

 firefox.spec     |  2 +-
 glibc-2.34.patch | 14 ++++++++++++++
 2 files changed, 15 insertions(+), 1 deletion(-)
---
diff --git a/firefox.spec b/firefox.spec
index 9a41133..7af62a8 100644
--- a/firefox.spec
+++ b/firefox.spec
@@ -49,7 +49,7 @@ Summary(hu.UTF-8):	Firefox web böngésző
 Summary(pl.UTF-8):	Firefox - przeglądarka WWW
 Name:		firefox
 Version:	93.0
-Release:	2
+Release:	3
 License:	MPL v2.0
 Group:		X11/Applications/Networking
 Source0:	https://releases.mozilla.org/pub/firefox/releases/%{version}/source/firefox-%{version}.source.tar.xz
diff --git a/glibc-2.34.patch b/glibc-2.34.patch
index d2cef94..916a879 100644
--- a/glibc-2.34.patch
+++ b/glibc-2.34.patch
@@ -12,3 +12,17 @@
  pref("general.useragent.compatMode.firefox", false);
  
  pref("general.config.obscure_value", 13); // for MCD .cfg files
+--- firefox-93.0/browser/app/profile/firefox.js~	2021-10-06 09:50:42.000000000 +0200
++++ firefox-93.0/browser/app/profile/firefox.js	2021-10-06 19:19:15.409293732 +0200
+@@ -1233,7 +1233,10 @@
+   // the sandbox while we fix their problems, or to allow running Firefox with
+   // exotic configurations we can't reasonably support out of the box.
+   //
+-  pref("security.sandbox.content.level", 4);
++// Lower from 4 to 2 due to extension problems on glibc 2.34
++// https://lists.pld-linux.org/mailman/pipermail/pld-devel-en/2021-October/026375.html
++// https://wiki.mozilla.org/Security/Sandbox#Content_Levels
++  pref("security.sandbox.content.level", 2);
+   // Introduced as part of bug 1608558.  Linux is currently the only platform
+   // that uses a sandbox level for the socket process.  There are currently
+   // only 2 levels:
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/firefox.git/commitdiff/aa5cc6df7e5804ab07dcf4e31ff98c589aabd874

More information about the pld-cvs-commit mailing list