head	1.2;
access;
symbols;
locks; strict;
comment	@// @;


1.2
date	2020.12.17.09.53.15;	author ryoon;	state dead;
branches;
next	1.1;
commitid	zhXrb1Fwr8fEZ4AC;

1.1
date	2020.11.26.09.51.22;	author tnn;	state Exp;
branches;
next	;
commitid	3pCg4H4YLcQOEnxC;


desc
@@


1.2
log
@firefox: Update to 84.0

Changelog:
New

  * Native support for macOS devices built with Apple Silicon CPUs brings
    dramatic performance improvements over the non-native build that was
    shipped in Firefox 83: Firefox launches over 2.5 times faster and web apps
    are now twice as responsive (per the SpeedoMeter 2.0 test). If you are on a
    new Apple device, follow these steps to upgrade to the latest Firefox.

  * WebRender rolls out to MacOS Big Sur, Windows devices with Intel Gen 6
    GPUs, and Intel laptops running Windows 7 and 8. Additionally we'll ship an
    accelerated rendering pipeline for Linux/GNOME/X11 users for the first
    time, ever!

  * Firefox now uses more modern techniques for allocating shared memory on
    Linux, improving performance and increasing compatibility with Docker.

  * Firefox 84 is the final release to support Adobe Flash.


Fixed

  * Various security fixes

#CVE-2020-16042: Operations on a BigInt could have caused uninitialized memory
to be exposed
#CVE-2020-26971: Heap buffer overflow in WebGL
#CVE-2020-26972: Use-After-Free in WebGL
#CVE-2020-26973: CSS Sanitizer performed incorrect sanitization
#CVE-2020-26974: Incorrect cast of StyleGenericFlexBasis resulted in a heap
use-after-free
#CVE-2020-26975: Malicious applications on Android could have induced Firefox
for Android into sending arbitrary attacker-specified headers
#CVE-2020-26976: HTTPS pages could have been intercepted by a registered
service worker when they should not have been
#CVE-2020-26977: URL spoofing via unresponsive port in Firefox for Android
#CVE-2020-26978: Internal network hosts could have been probed by a malicious
webpage
#CVE-2020-26979: When entering an address in the address or search bars, a
website could have redirected the user before they were navigated to the
intended url
#CVE-2020-35111: The proxy.onRequest API did not catch view-source URLs
#CVE-2020-35112: Opening an extension-less download may have inadvertently
launched an executable instead
#CVE-2020-35113: Memory safety bugs fixed in Firefox 84 and Firefox ESR 78.6
@
text
@$NetBSD: patch-js_src_wasm_WasmBaselineCompile.cpp,v 1.1 2020/11/26 09:51:22 tnn Exp $

https://github.com/mozilla/gecko-dev/commit/71597faac0fde4f608a60dd610d0cefac4972cc3.patch

--- js/src/wasm/WasmBaselineCompile.cpp.orig	2020-11-25 22:18:17.992966827 +0000
+++ js/src/wasm/WasmBaselineCompile.cpp
@@@@ -654,15 +654,13 @@@@ class BaseRegAlloc {
 
   template <MIRType t>
   bool hasFPU() {
-    return availFPU.hasAny<RegTypeOf<t>::value>();
-  }
-
 #ifdef RABALDR_SIDEALLOC_V128
-  template <>
-  bool hasFPU<MIRType::Simd128>() {
-    MOZ_CRASH("Should not happen");
-  }
+    if constexpr (t == MIRType::Simd128)
+      MOZ_CRASH("Should not happen");
+    else
 #endif
+    return availFPU.hasAny<RegTypeOf<t>::value>();
+  }
 
   bool isAvailableGPR(Register r) { return availGPR.has(r); }
 
@@@@ -745,15 +743,13 @@@@ class BaseRegAlloc {
 
   template <MIRType t>
   FloatRegister allocFPU() {
-    return availFPU.takeAny<RegTypeOf<t>::value>();
-  }
-
 #ifdef RABALDR_SIDEALLOC_V128
-  template <>
-  FloatRegister allocFPU<MIRType::Simd128>() {
-    MOZ_CRASH("Should not happen");
-  }
+    if constexpr (t == MIRType::Simd128)
+      MOZ_CRASH("Should not happen");
+    else
 #endif
+    return availFPU.takeAny<RegTypeOf<t>::value>();
+  }
 
   void freeGPR(Register r) { availGPR.add(r); }
 
@


1.1
log
@firefox: fix build on aarch64. Via upstream.
@
text
@d1 1
a1 1
$NetBSD$
@