Fix CVE-2024-11697.

* data/patches/CVE-2024-11697.patch: New file.

1 files changed, 40 insertions, 0 deletions

diff --git a/data/patches/CVE-2024-11697.patch b/data/patches/CVE-2024-11697.patch
new file mode 100644
index 0000000..a22dd3e
--- /dev/null
+++ b/data/patches/CVE-2024-11697.patch
@@ -0,0 +1,40 @@
+Fixes CVE-2024-11697 (Improper Keypress Handling in Executable File Confirmation Dialog)
+Copied from <https://hg.mozilla.org/releases/mozilla-esr128/rev/936e95e3b008cb9bcccd1512332b45757a4bb7f6>
+
+# HG changeset patch
+# User Gijs Kruitbosch <gijskruitbosch@gmail.com>
+# Date 1731505009 0
+# Node ID 936e95e3b008cb9bcccd1512332b45757a4bb7f6
+# Parent  fbed98e3e9cdc2f99af7a2a14f7184f51fe07d8e
+Bug 1842187  a=dmeehan
+
+Original Revision: https://phabricator.services.mozilla.com/D223948
+
+Differential Revision: https://phabricator.services.mozilla.com/D228631
+
+diff --git a/toolkit/components/downloads/DownloadUIHelper.sys.mjs b/toolkit/components/downloads/DownloadUIHelper.sys.mjs
+--- a/toolkit/components/downloads/DownloadUIHelper.sys.mjs
++++ b/toolkit/components/downloads/DownloadUIHelper.sys.mjs
+@@ -166,17 +166,20 @@ DownloadPrompter.prototype = {
+ 
+     const title = lazy.l10n.formatValueSync(
+       "download-ui-file-executable-security-warning-title"
+     );
+     const message = lazy.l10n.formatValueSync(
+       "download-ui-file-executable-security-warning",
+       { executable: PathUtils.filename(path) }
+     );
+-    return this._prompter.confirm(title, message);
++    let flags =
++      Ci.nsIPrompt.BUTTON_DELAY_ENABLE | Ci.nsIPrompt.STD_OK_CANCEL_BUTTONS;
++    let nulls = Array(4).fill(null);
++    return 0 == this._prompter.confirmEx(title, message, flags, ...nulls, {});
+   },
+ 
+   /**
+    * Displays a warning message box that informs that there are active
+    * downloads, and asks whether the user wants to cancel them or not.
+    *
+    * @param aDownloadsCount
+    *        The current downloads count.
+