diff options
| author | Sören Tempel <soeren+git@soeren-tempel.net> | 2019-02-11 18:54:09 +0100 |
|---|---|---|
| committer | Sören Tempel <soeren+git@soeren-tempel.net> | 2019-02-13 20:55:44 +0100 |
| commit | 50d6c8f738e21e88d0ebbdf4007cde60d258d012 (patch) | |
| tree | 4737514748e9472796eae38fac218d5098c953b4 /community/firefox-esr/fix-seccomp-bpf.patch | |
| parent | f6e0f94b430e8a85e14e8d64438dac12c0b455c8 (diff) | |
| download | aports-50d6c8f738e21e88d0ebbdf4007cde60d258d012.tar.bz2 aports-50d6c8f738e21e88d0ebbdf4007cde60d258d012.tar.xz | |
community/firefox-esr: upgrade to 60.5.0
OK ncopa@
Diffstat (limited to 'community/firefox-esr/fix-seccomp-bpf.patch')
| -rw-r--r-- | community/firefox-esr/fix-seccomp-bpf.patch | 30 |
1 files changed, 16 insertions, 14 deletions
diff --git a/community/firefox-esr/fix-seccomp-bpf.patch b/community/firefox-esr/fix-seccomp-bpf.patch index ee6d666400..c44d9ea48e 100644 --- a/community/firefox-esr/fix-seccomp-bpf.patch +++ b/community/firefox-esr/fix-seccomp-bpf.patch @@ -1,6 +1,7 @@ -diff -ru firefox-62.0.3.orig/security/sandbox/chromium/sandbox/linux/seccomp-bpf/trap.cc firefox-62.0.3/security/sandbox/chromium/sandbox/linux/seccomp-bpf/trap.cc ---- firefox-62.0.3.orig/security/sandbox/chromium/sandbox/linux/seccomp-bpf/trap.cc 2018-12-14 08:53:46.083976137 +0000 -+++ firefox-62.0.3/security/sandbox/chromium/sandbox/linux/seccomp-bpf/trap.cc 2018-12-14 08:51:22.084596411 +0000 +diff --git a/security/sandbox/chromium/sandbox/linux/seccomp-bpf/trap.cc b/security/sandbox/chromium/sandbox/linux/seccomp-bpf/trap.cc +index 003708d2c..79488795d 100644 +--- a/security/sandbox/chromium/sandbox/linux/seccomp-bpf/trap.cc ++++ b/security/sandbox/chromium/sandbox/linux/seccomp-bpf/trap.cc @@ -25,6 +25,11 @@ #include "sandbox/linux/system_headers/linux_seccomp.h" #include "sandbox/linux/system_headers/linux_signal.h" @@ -13,14 +14,15 @@ diff -ru firefox-62.0.3.orig/security/sandbox/chromium/sandbox/linux/seccomp-bpf namespace { struct arch_sigsys { -diff -ru firefox-62.0.3.orig/security/sandbox/linux/SandboxFilter.cpp firefox-62.0.3/security/sandbox/linux/SandboxFilter.cpp ---- firefox-62.0.3.orig/security/sandbox/linux/SandboxFilter.cpp 2018-10-01 18:35:28.000000000 +0000 -+++ firefox-62.0.3/security/sandbox/linux/SandboxFilter.cpp 2018-12-14 08:57:50.645264590 +0000 -@@ -1005,6 +1005,7 @@ - // ffmpeg, and anything else that calls isatty(), will be told - // that nothing is a typewriter: - .ElseIf(request == TCGETS, Error(ENOTTY)) -+ .ElseIf(request == TIOCGWINSZ, Error(ENOTTY)) - // Allow anything that isn't a tty ioctl, for now; bug 1302711 - // will cover changing this to a default-deny policy. - .ElseIf(shifted_type != kTtyIoctls, Allow()) +diff --git a/security/sandbox/linux/SandboxFilter.cpp b/security/sandbox/linux/SandboxFilter.cpp +index 0f59f2a87..5c07dbb31 100644 +--- a/security/sandbox/linux/SandboxFilter.cpp ++++ b/security/sandbox/linux/SandboxFilter.cpp +@@ -989,6 +989,7 @@ class ContentSandboxPolicy : public SandboxPolicyCommon { + // ffmpeg, and anything else that calls isatty(), will be told + // that nothing is a typewriter: + .ElseIf(request == TCGETS, Error(ENOTTY)) ++ .ElseIf(request == TIOCGWINSZ, Error(ENOTTY)) + // Allow anything that isn't a tty ioctl, for now; bug 1302711 + // will cover changing this to a default-deny policy. + .ElseIf(shifted_type != kTtyIoctls, Allow()) |