diff options
| author | Mark H Weaver <mhw@netris.org> | 2015-12-17 12:07:13 -0500 |
|---|---|---|
| committer | Mark H Weaver <mhw@netris.org> | 2015-12-17 14:12:06 -0500 |
| commit | 3faf214a0b58c10e9838fcbf59f139172fe4a871 (patch) | |
| tree | 5530a388f5930964a02bb26ae010abb6140de845 /gnu/packages/patches/icecat-CVE-2015-7214.patch | |
| parent | cbbe1a1c2c7ca86e348656ae3b7197d53c2527f2 (diff) | |
gnu: icecat: Add fixes for several security flaws.
* gnu/packages/patches/icecat-CVE-2015-7201-pt1.patch,
gnu/packages/patches/icecat-CVE-2015-7201-pt2.patch,
gnu/packages/patches/icecat-CVE-2015-7201-pt3.patch,
gnu/packages/patches/icecat-CVE-2015-7205.patch,
gnu/packages/patches/icecat-CVE-2015-7210.patch,
gnu/packages/patches/icecat-CVE-2015-7212.patch,
gnu/packages/patches/icecat-CVE-2015-7213-pt1.patch,
gnu/packages/patches/icecat-CVE-2015-7213-pt2.patch,
gnu/packages/patches/icecat-CVE-2015-7214.patch,
gnu/packages/patches/icecat-CVE-2015-7222-pt1.patch,
gnu/packages/patches/icecat-CVE-2015-7222-pt2.patch,
gnu/packages/patches/icecat-CVE-2015-7222-pt3.patch: New files.
* gnu-system.am (dist_patch_DATA): Add them.
* gnu/packages/gnuzilla.scm (icecat)[source]: Add patches.
Diffstat (limited to 'gnu/packages/patches/icecat-CVE-2015-7214.patch')
| -rw-r--r-- | gnu/packages/patches/icecat-CVE-2015-7214.patch | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/gnu/packages/patches/icecat-CVE-2015-7214.patch b/gnu/packages/patches/icecat-CVE-2015-7214.patch new file mode 100644 index 0000000000..3a56d3d2cd --- /dev/null +++ b/gnu/packages/patches/icecat-CVE-2015-7214.patch @@ -0,0 +1,47 @@ +From 487799700b0b676c2c6b95ad33c8afb8dbd329d8 Mon Sep 17 00:00:00 2001 +From: Bobby Holley <bobbyholley@gmail.com> +Date: Mon, 14 Dec 2015 15:36:20 -0500 +Subject: [PATCH] Bug 1228950 - Disallow scheme sets on nsHostObjectURI. r=bz, + a=lizzard + +--- + dom/base/nsHostObjectURI.cpp | 9 +++++++++ + dom/base/nsHostObjectURI.h | 2 ++ + 2 files changed, 11 insertions(+) + +diff --git a/dom/base/nsHostObjectURI.cpp b/dom/base/nsHostObjectURI.cpp +index 94b02ff..57b0209 100644 +--- a/dom/base/nsHostObjectURI.cpp ++++ b/dom/base/nsHostObjectURI.cpp +@@ -81,6 +81,15 @@ nsHostObjectURI::Write(nsIObjectOutputStream* aStream) + true); + } + ++NS_IMETHODIMP ++nsHostObjectURI::SetScheme(const nsACString& aScheme) ++{ ++ // Disallow setting the scheme, since that could cause us to be associated ++ // with a different protocol handler that doesn't expect us to be carrying ++ // around a principal with nsIURIWithPrincipal. ++ return NS_ERROR_FAILURE; ++} ++ + // nsIURI methods: + nsresult + nsHostObjectURI::CloneInternal(nsSimpleURI::RefHandlingEnum aRefHandlingMode, +diff --git a/dom/base/nsHostObjectURI.h b/dom/base/nsHostObjectURI.h +index b468d5d..23ff7ab 100644 +--- a/dom/base/nsHostObjectURI.h ++++ b/dom/base/nsHostObjectURI.h +@@ -34,6 +34,8 @@ public: + NS_DECL_NSISERIALIZABLE + NS_DECL_NSICLASSINFO + ++ NS_IMETHOD SetScheme(const nsACString &aProtocol) override; ++ + // Override CloneInternal() and EqualsInternal() + virtual nsresult CloneInternal(RefHandlingEnum aRefHandlingMode, + nsIURI** aClone) override; +-- +2.6.3 + |