summaryrefslogtreecommitdiff
path: root/data
diff options
context:
space:
mode:
Diffstat (limited to 'data')
-rw-r--r--data/patches/CVE-2024-11692.patch61
-rw-r--r--data/patches/CVE-2024-11693.patch98
-rw-r--r--data/patches/CVE-2024-11697.patch40
-rw-r--r--data/patches/about-addons.patch4
-rw-r--r--data/patches/hide-firefox-view-button.patch10
-rw-r--r--data/patches/hide-protections-dashboard.patch2
-rw-r--r--data/patches/hide-submit-feedback-menu-item.patch10
-rw-r--r--data/patches/icecat-about-dialog.patch8
-rw-r--r--data/patches/icecat-preferences.patch39
-rw-r--r--data/patches/moz-configure-changes.patch6
-rw-r--r--data/settings.js6
11 files changed, 49 insertions, 235 deletions
diff --git a/data/patches/CVE-2024-11692.patch b/data/patches/CVE-2024-11692.patch
deleted file mode 100644
index 393fe5e..0000000
--- a/data/patches/CVE-2024-11692.patch
+++ /dev/null
@@ -1,61 +0,0 @@
-Fixes CVE-2024-11692 (Select list elements could be shown over another site)
-Based on <https://hg.mozilla.org/releases/mozilla-esr128/rev/a6cf1a7cd289db4f46cb34f4dd16cce133b25e8d>
-Adapted to ESR 115 by Mark H Weaver <mhw@netris.org>
-
-# HG changeset patch
-# User Edgar Chen <echen@mozilla.com>
-# Date 1730556179 0
-# Node ID a6cf1a7cd289db4f46cb34f4dd16cce133b25e8d
-# Parent e983e8a66e515a2e32497cec1b3ccf439396dadc
-Bug 1909535 - Don't show select dropdown in background tabs; a=dmeehan
-
-Original Revision: https://phabricator.services.mozilla.com/D225706
-
-Differential Revision: https://phabricator.services.mozilla.com/D227607
-
-diff --git a/toolkit/actors/SelectParent.sys.mjs b/toolkit/actors/SelectParent.sys.mjs
---- a/toolkit/actors/SelectParent.sys.mjs
-+++ b/toolkit/actors/SelectParent.sys.mjs
-@@ -273,16 +273,41 @@ export var SelectParentHelper = {
- }
-
- this._currentZoom = zoom;
- this._currentMenulist = menulist;
- this.populateChildren(menulist, items, uniqueItemStyles, selectedIndex);
- },
-
- open(browser, menulist, rect, isOpenedViaTouch, selectParentActor) {
-+ const canOpen = (() => {
-+ if (!menulist.ownerDocument.hasFocus()) {
-+ // Don't open in inactive browser windows.
-+ return false;
-+ }
-+ if (browser) {
-+ if (!browser.browsingContext.isActive) {
-+ // Don't open in inactive tabs.
-+ return false;
-+ }
-+ let tabbrowser = browser.getTabBrowser();
-+ if (tabbrowser && tabbrowser.selectedBrowser != browser) {
-+ // AsyncTabSwitcher might delay activating our browser, check
-+ // explicitly for tabbrowser.
-+ return false;
-+ }
-+ }
-+ return true;
-+ })();
-+
-+ if (!canOpen) {
-+ selectParentActor.sendAsyncMessage("Forms:DismissedDropDown", {});
-+ return;
-+ }
-+
- this._actor = selectParentActor;
- menulist.hidden = false;
- this._currentBrowser = browser;
- this._closedWithEnter = false;
- this._selectRect = rect;
- this._registerListeners(menulist.menupopup);
-
- // Set the maximum height to show exactly MAX_ROWS items.
-
diff --git a/data/patches/CVE-2024-11693.patch b/data/patches/CVE-2024-11693.patch
deleted file mode 100644
index 6bb997a..0000000
--- a/data/patches/CVE-2024-11693.patch
+++ /dev/null
@@ -1,98 +0,0 @@
-Fixes CVE-2024-11693 (Download Protections were bypassed by .library-ms files on Windows)
-Copied from <https://hg.mozilla.org/releases/mozilla-esr128/rev/e983e8a66e515a2e32497cec1b3ccf439396dadc>
-
-# HG changeset patch
-# User Marco Bonardo <mbonardo@mozilla.com>
-# Date 1730555916 0
-# Node ID e983e8a66e515a2e32497cec1b3ccf439396dadc
-# Parent 893b0489efa4b18355ea91113c28bf7c731a2749
-Bug 1921458. a=dmeehan
-
-Original Revision: https://phabricator.services.mozilla.com/D226775
-
-Differential Revision: https://phabricator.services.mozilla.com/D227221
-
-diff --git a/toolkit/components/reputationservice/ApplicationReputation.cpp b/toolkit/components/reputationservice/ApplicationReputation.cpp
---- a/toolkit/components/reputationservice/ApplicationReputation.cpp
-+++ b/toolkit/components/reputationservice/ApplicationReputation.cpp
-@@ -286,16 +286,17 @@ const char* const ApplicationReputationS
- #endif
- //".job", // Windows
- //".jpg",
- //".jpeg",
- //".js", exec // JavaScript script
- //".jse", exec // JScript
- ".ksh", // Linux shell
- //".lha",
-+ //".library-ms", exec // Windows
- //".lnk", exec // Windows
- ".local", // Windows
- //".lpaq1",
- //".lpaq5",
- //".lpaq8",
- //".lzh",
- //".lzma",
- //".mad", exec // MS Access
-diff --git a/toolkit/components/reputationservice/test/gtest/TestExecutableLists.cpp b/toolkit/components/reputationservice/test/gtest/TestExecutableLists.cpp
---- a/toolkit/components/reputationservice/test/gtest/TestExecutableLists.cpp
-+++ b/toolkit/components/reputationservice/test/gtest/TestExecutableLists.cpp
-@@ -116,16 +116,17 @@ static const char* const kTestFileExtens
- ".isp", // IIS config
- ".jar", // Java
- #ifndef MOZ_ESR
- ".jnlp", // Java
- #endif
- ".js", // JavaScript script
- ".jse", // JScript
- ".ksh", // Linux shell
-+ ".library-ms", // Windows Library Files
- ".lnk", // Windows
- ".local", // Windows
- ".mad", // MS Access
- ".maf", // MS Access
- ".mag", // MS Access
- ".mam", // MS Access
- ".manifest", // Windows
- ".maq", // MS Access
-diff --git a/xpcom/io/nsLocalFileCommon.cpp b/xpcom/io/nsLocalFileCommon.cpp
---- a/xpcom/io/nsLocalFileCommon.cpp
-+++ b/xpcom/io/nsLocalFileCommon.cpp
-@@ -67,16 +67,17 @@ const char* const sExecutableExts[] = {
- ".ins",
- ".isp",
- ".jar", // java application bundle
- #ifndef MOZ_ESR
- ".jnlp",
- #endif
- ".js",
- ".jse",
-+ ".library-ms", // Windows Library Files
- ".lnk",
- ".mad", // Access Module Shortcut
- ".maf", // Access
- ".mag", // Access Diagram Shortcut
- ".mam", // Access Macro Shortcut
- ".maq", // Access Query Shortcut
- ".mar", // Access Report Shortcut
- ".mas", // Access Stored Procedure
-diff --git a/xpcom/io/nsLocalFileCommon.h b/xpcom/io/nsLocalFileCommon.h
---- a/xpcom/io/nsLocalFileCommon.h
-+++ b/xpcom/io/nsLocalFileCommon.h
-@@ -3,14 +3,14 @@
- /* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
- #ifndef _NS_LOCAL_FILE_COMMON_H_
- #define _NS_LOCAL_FILE_COMMON_H_
-
- #ifdef MOZ_ESR
--extern const char* const sExecutableExts[108];
-+extern const char* const sExecutableExts[109];
- #else
--extern const char* const sExecutableExts[109];
-+extern const char* const sExecutableExts[110];
- #endif
-
- #endif
-
diff --git a/data/patches/CVE-2024-11697.patch b/data/patches/CVE-2024-11697.patch
deleted file mode 100644
index a22dd3e..0000000
--- a/data/patches/CVE-2024-11697.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-Fixes CVE-2024-11697 (Improper Keypress Handling in Executable File Confirmation Dialog)
-Copied from <https://hg.mozilla.org/releases/mozilla-esr128/rev/936e95e3b008cb9bcccd1512332b45757a4bb7f6>
-
-# HG changeset patch
-# User Gijs Kruitbosch <gijskruitbosch@gmail.com>
-# Date 1731505009 0
-# Node ID 936e95e3b008cb9bcccd1512332b45757a4bb7f6
-# Parent fbed98e3e9cdc2f99af7a2a14f7184f51fe07d8e
-Bug 1842187 a=dmeehan
-
-Original Revision: https://phabricator.services.mozilla.com/D223948
-
-Differential Revision: https://phabricator.services.mozilla.com/D228631
-
-diff --git a/toolkit/components/downloads/DownloadUIHelper.sys.mjs b/toolkit/components/downloads/DownloadUIHelper.sys.mjs
---- a/toolkit/components/downloads/DownloadUIHelper.sys.mjs
-+++ b/toolkit/components/downloads/DownloadUIHelper.sys.mjs
-@@ -166,17 +166,20 @@ DownloadPrompter.prototype = {
-
- const title = lazy.l10n.formatValueSync(
- "download-ui-file-executable-security-warning-title"
- );
- const message = lazy.l10n.formatValueSync(
- "download-ui-file-executable-security-warning",
- { executable: PathUtils.filename(path) }
- );
-- return this._prompter.confirm(title, message);
-+ let flags =
-+ Ci.nsIPrompt.BUTTON_DELAY_ENABLE | Ci.nsIPrompt.STD_OK_CANCEL_BUTTONS;
-+ let nulls = Array(4).fill(null);
-+ return 0 == this._prompter.confirmEx(title, message, flags, ...nulls, {});
- },
-
- /**
- * Displays a warning message box that informs that there are active
- * downloads, and asks whether the user wants to cancel them or not.
- *
- * @param aDownloadsCount
- * The current downloads count.
-
diff --git a/data/patches/about-addons.patch b/data/patches/about-addons.patch
index 4427c46..179e336 100644
--- a/data/patches/about-addons.patch
+++ b/data/patches/about-addons.patch
@@ -1,6 +1,6 @@
--- a/toolkit/mozapps/extensions/content/aboutaddons.html
+++ b/toolkit/mozapps/extensions/content/aboutaddons.html
-@@ -174,12 +174,12 @@
+@@ -171,12 +171,12 @@
<template name="addon-page-header">
<div class="sticky-container">
<div class="main-search">
@@ -15,7 +15,7 @@
</div>
<div class="main-heading">
<button
-@@ -660,6 +660,7 @@
+@@ -693,6 +693,7 @@
</div>
<div class="view-footer-item">
<a
diff --git a/data/patches/hide-firefox-view-button.patch b/data/patches/hide-firefox-view-button.patch
new file mode 100644
index 0000000..ef24a34
--- /dev/null
+++ b/data/patches/hide-firefox-view-button.patch
@@ -0,0 +1,10 @@
+--- a/browser/base/content/navigator-toolbox.inc.xhtml
++++ b/browser/base/content/navigator-toolbox.inc.xhtml
+@@ -43,6 +43,7 @@
+ oncommand="FirefoxViewHandler.openTab();"
+ onmousedown="FirefoxViewHandler.openToolbarMouseEvent(event);"
+ cui-areatype="toolbar"
++ hidden="true"
+ removable="true"/>
+
+ <tabs id="tabbrowser-tabs"
diff --git a/data/patches/hide-protections-dashboard.patch b/data/patches/hide-protections-dashboard.patch
index 9effa08..f6da18a 100644
--- a/data/patches/hide-protections-dashboard.patch
+++ b/data/patches/hide-protections-dashboard.patch
@@ -1,6 +1,6 @@
--- a/browser/base/content/browser-siteProtections.js
+++ b/browser/base/content/browser-siteProtections.js
-@@ -1553,7 +1553,7 @@
+@@ -1816,7 +1816,7 @@
this._trackingProtectionIconContainer.hidden = true;
return;
}
diff --git a/data/patches/hide-submit-feedback-menu-item.patch b/data/patches/hide-submit-feedback-menu-item.patch
index 87924c7..402ba31 100644
--- a/data/patches/hide-submit-feedback-menu-item.patch
+++ b/data/patches/hide-submit-feedback-menu-item.patch
@@ -1,10 +1,10 @@
--- a/browser/base/content/browser-menubar.inc
+++ b/browser/base/content/browser-menubar.inc
-@@ -475,6 +475,7 @@
- oncommand="openTroubleshootingPage()"
- onclick="checkForMiddleClick(this, event);" data-l10n-id="menu-help-troubleshooting-info"/>
+@@ -465,6 +465,7 @@
+ hidden="true"
+ appmenu-data-l10n-id="menu-report-broken-site"/>
<menuitem id="feedbackPage"
+ hidden="true"
oncommand="openFeedbackPage()"
- onclick="checkForMiddleClick(this, event);" data-l10n-id="menu-help-feedback-page"/>
- <menuitem id="helpSafeMode"
+ data-l10n-id="menu-help-share-ideas"
+ appmenu-data-l10n-id="appmenu-help-share-ideas"/>
diff --git a/data/patches/icecat-about-dialog.patch b/data/patches/icecat-about-dialog.patch
index 0551cf7..c7e77b0 100644
--- a/data/patches/icecat-about-dialog.patch
+++ b/data/patches/icecat-about-dialog.patch
@@ -1,6 +1,6 @@
---- a/browser/base/content/aboutDialog.xhtml.orig 2021-08-17 16:59:51.674898001 -0400
-+++ b/browser/base/content/aboutDialog.xhtml 2021-08-17 17:00:18.346884904 -0400
-@@ -161,7 +161,6 @@
+--- a/browser/base/content/aboutDialog.xhtml
++++ b/browser/base/content/aboutDialog.xhtml
+@@ -148,7 +148,6 @@
<hbox pack="center">
<label is="text-link" class="bottom-link" useoriginprincipal="true" href="about:license" data-l10n-id="bottomLinks-license"/>
<label is="text-link" class="bottom-link" useoriginprincipal="true" href="about:rights" data-l10n-id="bottomLinks-rights"/>
@@ -10,7 +10,7 @@
</vbox>
--- a/browser/base/content/aboutDialog.css
+++ b/browser/base/content/aboutDialog.css
-@@ -14,10 +14,9 @@
+@@ -38,10 +38,9 @@
#rightBox {
background-image: url("chrome://branding/content/about-wordmark.svg");
background-repeat: no-repeat;
diff --git a/data/patches/icecat-preferences.patch b/data/patches/icecat-preferences.patch
index 1d5f655..f8f00cd 100644
--- a/data/patches/icecat-preferences.patch
+++ b/data/patches/icecat-preferences.patch
@@ -1,7 +1,7 @@
---- a/browser/components/preferences/privacy.inc.xhtml.orig 2021-08-17 15:38:19.838881866 -0400
-+++ b/browser/components/preferences/privacy.inc.xhtml 2021-08-17 15:39:01.382760058 -0400
-@@ -632,6 +632,83 @@
- data-l10n-id="addressbar-suggestions-settings"/>
+--- a/browser/components/preferences/privacy.inc.xhtml
++++ b/browser/components/preferences/privacy.inc.xhtml
+@@ -705,6 +705,83 @@
+ </hbox>
</groupbox>
+<!-- IceCat-specific privacy group -->
@@ -84,18 +84,17 @@
<hbox id="permissionsCategory"
class="subcategory"
hidden="true"
---- a/browser/components/preferences/privacy.js.orig 2021-08-17 15:39:19.662709308 -0400
-+++ b/browser/components/preferences/privacy.js 2021-08-17 16:10:17.129079115 -0400
-@@ -138,6 +138,17 @@
- { id: "browser.urlbar.suggest.topsites", type: "bool" },
- { id: "browser.urlbar.suggest.engines", type: "bool" },
+--- a/browser/components/preferences/privacy.js
++++ b/browser/components/preferences/privacy.js
+@@ -155,6 +155,16 @@
+ { id: PREF_URLBAR_QUICKSUGGEST_BLOCKLIST, type: "string" },
+ { id: PREF_URLBAR_WEATHER_USER_ENABLED, type: "bool" },
+ // IceCat-specific
+ { id: "javascript.enabled", type: "bool" },
+ { id: "browser.display.use_document_fonts", type: "int" },
+ { id: "extensions.update.enabled", type: "bool" },
+ { id: "network.http.referer.spoofSource", type: "bool" },
-+ { id: "privacy.resistFingerprinting", type: "bool" },
+ { id: "webgl.disabled", type: "bool" },
+ { id: "network.captive-portal-service.enabled", type: "bool" },
+ { id: "network.connectivity-service.enabled", type: "bool" },
@@ -104,7 +103,7 @@
// History
{ id: "places.history.enabled", type: "bool" },
{ id: "browser.formfill.enable", type: "bool" },
-@@ -706,6 +716,24 @@
+@@ -1177,6 +1187,24 @@
setSyncFromPrefListener("enableOCSP", () => this.readEnableOCSP());
setSyncToPrefListener("enableOCSP", () => this.writeEnableOCSP());
@@ -129,7 +128,7 @@
if (AlertsServiceDND) {
let notificationsDoNotDisturbBox = document.getElementById(
"notificationsDoNotDisturbBox"
-@@ -825,6 +850,62 @@
+@@ -1290,6 +1318,62 @@
SiteDataManager.updateSites();
},
@@ -192,13 +191,12 @@
// CONTENT BLOCKING
/**
-diff -ru icecat-91.13.0/browser/base/content/appmenu-viewcache.inc.xhtml icecat-91.13.0.orig/browser/base/content/appmenu-viewcache.inc.xhtml
---- icecat-91.13.0/browser/base/content/appmenu-viewcache.inc.xhtml 2022-08-30 20:57:37.511721105 -0400
-+++ icecat-91.13.0.orig/browser/base/content/appmenu-viewcache.inc.xhtml 2022-08-30 20:52:39.076545425 -0400
-@@ -336,6 +336,10 @@
+--- a/browser/base/content/appmenu-viewcache.inc.xhtml
++++ b/browser/base/content/appmenu-viewcache.inc.xhtml
+@@ -126,6 +126,10 @@
key="key_preferencesCmdMac"
#endif
- oncommand="openPreferences()"/>
+ />
+ <toolbarbutton id="appMenu-icecatsettings-button"
+ class="subviewbutton"
+ data-l10n-id="appmenuitem-icecat-settings"
@@ -206,10 +204,9 @@ diff -ru icecat-91.13.0/browser/base/content/appmenu-viewcache.inc.xhtml icecat-
<toolbarbutton id="appMenu-more-button2"
class="subviewbutton subviewbutton-nav"
data-l10n-id="appmenuitem-more-tools"
-diff -ru icecat-91.13.0.orig/browser/base/content/browser-menubar.inc icecat-91.13.0/browser/base/content/browser-menubar.inc
---- icecat-91.13.0.orig/browser/base/content/browser-menubar.inc 2022-08-30 21:06:25.143226477 -0400
-+++ icecat-91.13.0/browser/base/content/browser-menubar.inc 2022-08-30 21:06:10.103469430 -0400
-@@ -139,6 +139,9 @@
+--- a/browser/base/content/browser-menubar.inc
++++ b/browser/base/content/browser-menubar.inc
+@@ -127,6 +127,9 @@
/>
#endif
#endif
diff --git a/data/patches/moz-configure-changes.patch b/data/patches/moz-configure-changes.patch
index 85d5657..6f0525e 100644
--- a/data/patches/moz-configure-changes.patch
+++ b/data/patches/moz-configure-changes.patch
@@ -1,5 +1,5 @@
---- a/browser/moz.configure.orig 2021-08-17 17:06:02.522757210 -0400
-+++ b/browser/moz.configure 2021-08-17 17:06:48.846744492 -0400
+--- a/browser/moz.configure
++++ b/browser/moz.configure
@@ -5,11 +5,11 @@
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
@@ -14,5 +14,5 @@
+imply_option("MOZ_BLOCK_PROFILE_DOWNGRADE", False)
+imply_option("MOZ_NORMANDY", False)
- with only_when(target_is_linux & compile_environment):
+ with only_when(target_has_linux_kernel & compile_environment):
option(env="MOZ_NO_PIE_COMPAT", help="Enable non-PIE wrapper")
diff --git a/data/settings.js b/data/settings.js
index 88f6d58..ced4e94 100644
--- a/data/settings.js
+++ b/data/settings.js
@@ -179,6 +179,8 @@ pref("browser.search.geoip.url", "");
pref("browser.search.geoSpecificDefaults", false);
pref("browser.search.geoSpecificDefaults.url", "");
pref("browser.search.modernConfig", false);
+// Disable network connectivity service
+pref("network.connectivity-service.enabled", false);
// Disable captive portal detection
pref("captivedetect.canonicalURL", "");
pref("network.captive-portal-service.enabled", false);
@@ -258,9 +260,13 @@ pref ("extensions.getAddons.search.browseURL", "https://gnuzilla.gnu.org/mozzare
pref ("extensions.getAddons.get.url", "https://gnuzilla.gnu.org/mozzarella");
pref ("extensions.getAddons.link.url", "https://gnuzilla.gnu.org/mozzarella");
pref ("extensions.getAddons.discovery.api_url", "https://gnuzilla.gnu.org/mozzarella");
+pref ("extensions.getAddons.browserMappings.url", "https://gnuzilla.gnu.org/mozzarella");
+pref ("extensions.recommendations.privacyPolicyUrl", "https://gnuzilla.gnu.org/mozzarella");
+pref ("extensions.recommendations.themeRecommendationUrl", "https://gnuzilla.gnu.org/mozzarella");
pref ("extensions.systemAddon.update.url", "");
pref ("extensions.systemAddon.update.enabled", false);
+pref ("extensions.getAddons.cache.enabled", false);
// FIXME: find better URLs for these:
pref ("extensions.getAddons.langpacks.url", "https://gnuzilla.gnu.org/mozzarella");
home website