From ad0df123cf15a43a0d9f48bd7acd05d1dd5b1c39 Mon Sep 17 00:00:00 2001
From: Patrick J Volkerding <volkerdi@slackware.com>
Date: Tue, 22 Oct 2019 18:48:37 +0000
Subject: Tue Oct 22 18:48:37 UTC 2019

a/btrfs-progs-5.3-x86_64-1.txz:  Upgraded.
a/kernel-firmware-20191022_2b016af-noarch-1.txz:  Upgraded.
d/parallel-20191022-noarch-1.txz:  Upgraded.
l/glib2-2.62.2-x86_64-1.txz:  Upgraded.
l/python-pillow-6.2.1-x86_64-1.txz:  Upgraded.
n/php-7.3.11-x86_64-1.txz:  Upgraded.
  This update fixes bugs and a security issue:
  FPM: env_path_info underflow in fpm_main.c can lead to RCE.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11043
  (* Security fix *)
x/xkeyboard-config-2.28-noarch-1.txz:  Upgraded.
xap/mozilla-firefox-68.2.0esr-x86_64-1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/68.2.0/releasenotes/
    https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11758
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764
  (* Security fix *)
---
 source/n/php/fetch-php.sh                          |  4 +--
 source/n/php/php.SlackBuild                        |  2 +-
 .../xap/mozilla-firefox/mozilla-firefox.SlackBuild | 31 +++++++++++++++++++++-
 3 files changed, 33 insertions(+), 4 deletions(-)

(limited to 'source')

diff --git a/source/n/php/fetch-php.sh b/source/n/php/fetch-php.sh
index ff5dd150a..5b5153486 100755
--- a/source/n/php/fetch-php.sh
+++ b/source/n/php/fetch-php.sh
@@ -1,2 +1,2 @@
-lftpget http://us.php.net/distributions/php-7.3.10.tar.xz.asc
-lftpget http://us.php.net/distributions/php-7.3.10.tar.xz
+lftpget http://us.php.net/distributions/php-7.3.11.tar.xz.asc
+lftpget http://us.php.net/distributions/php-7.3.11.tar.xz
diff --git a/source/n/php/php.SlackBuild b/source/n/php/php.SlackBuild
index 013eef26f..115a02fca 100755
--- a/source/n/php/php.SlackBuild
+++ b/source/n/php/php.SlackBuild
@@ -28,7 +28,7 @@ cd $(dirname $0) ; CWD=$(pwd)
 PKGNAM=php
 VERSION=${VERSION:-$(echo php-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
 ALPINE=2.21
-BUILD=${BUILD:-2}
+BUILD=${BUILD:-1}
 
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
diff --git a/source/xap/mozilla-firefox/mozilla-firefox.SlackBuild b/source/xap/mozilla-firefox/mozilla-firefox.SlackBuild
index 0e11e04cc..b4863b518 100755
--- a/source/xap/mozilla-firefox/mozilla-firefox.SlackBuild
+++ b/source/xap/mozilla-firefox/mozilla-firefox.SlackBuild
@@ -42,6 +42,16 @@ MOZLOCALIZE=${MOZLOCALIZE:-}
 # "UnicodeDecodeError: 'ascii' codec can't decode byte 0xe2 in position 36: ordinal not in range(128)"
 LANG=C
 
+# Add a shell script to start the firefox binary with MOZ_ALLOW_DOWNGRADE=1
+# to avoid backing up (and disabling) the user profile if a browser downgrade
+# is detected. We made it fine for years without this feature, and all the
+# feedback we've seen suggests that it is causing more problems than it
+# solves. For example, this feature causes a profile reset trying to switch
+# between a 32-bit and 64-bit browser on installations that share a common
+# /home directory. If you want to build with the stock default behavior, set
+# this to something other than "YES":
+MOZ_ALLOW_DOWNGRADE=${MOZ_ALLOW_DOWNGRADE:-YES}
+
 # Automatically determine the architecture we're building on:
 if [ -z "$ARCH" ]; then
   case "$( uname -m )" in
@@ -366,6 +376,26 @@ install -m 644 browser/branding/official/default16.png \
 # Copy over the LICENSE
 install -p -c -m 644 LICENSE $PKG/usr/lib${LIBDIRSUFFIX}/firefox-$RELEASEVER/
 
+# If MOZ_ALLOW_DOWNGRADE=YES, replace the /usr/bin/firefox symlink with a
+# shell script that sets the MOZ_ALLOW_DOWNGRADE=1 environment variable so
+# that a detected browser downgrade does not reset the user profile:
+if [ "$MOZ_ALLOW_DOWNGRADE" = "YES" ]; then
+  rm -f $PKG/usr/bin/firefox
+  cat << EOF > $PKG/usr/bin/firefox
+#!/bin/sh
+#
+# Shell script to start Mozilla Firefox.
+#
+# Don't reset the user profile on a detected browser downgrade:
+export MOZ_ALLOW_DOWNGRADE=1
+
+# Start Firefox:
+exec /usr/lib${LIBDIRSUFFIX}/firefox/firefox "\$@"
+EOF
+  chown root:root $PKG/usr/bin/firefox
+  chmod 755 $PKG/usr/bin/firefox
+fi
+
 mkdir $PKG/install
 cat $CWD/slack-desc > $PKG/install/slack-desc
 
@@ -375,4 +405,3 @@ if [ -z $MOZLOCALIZE ]; then
 else
   /sbin/makepkg -l y -c n $TMP/mozilla-firefox-$VERSION-$ARCH-${BUILD}_$MOZLOCALIZE.txz
 fi
-
-- 
cgit v1.2.3