CVS log for pkgsrc/www/firefox102/Attic/Makefile

Up to [cvs.NetBSD.org] / pkgsrc / www / firefox102

Request diff between arbitrary revisions

Keyword substitution: kv
Default branch: MAIN

Revision 1.39
Thu Oct 10 14:08:30 2024 UTC (6 months, 1 week ago) by wiz
Branches: MAIN
CVS tags: HEAD
FILE REMOVED
Changes since revision 1.38: +1 -1 lines

firefox102: remove

This is the pre-previous ESR release.

As discussed on pkgsrc-users.

Revision 1.38: download - view: text, markup, annotated - select for diffs
Fri Jun 21 13:25:26 2024 UTC (9 months, 4 weeks ago) by jperkin
Branches: MAIN
CVS tags: pkgsrc-2024Q3-base, pkgsrc-2024Q3, pkgsrc-2024Q2-base, pkgsrc-2024Q2
Diff to: previous 1.37: preferred, colored
Changes since revision 1.37: +4 -1 lines

firefox*: Prune -Wl,-rpath-link on SunOS.

Revision 1.37: download - view: text, markup, annotated - select for diffs
Wed May 29 16:34:49 2024 UTC (10 months, 3 weeks ago) by adam
Branches: MAIN
Diff to: previous 1.36: preferred, colored
Changes since revision 1.36: +2 -2 lines

revbump after icu and protobuf updates

Revision 1.36: download - view: text, markup, annotated - select for diffs
Sun Apr 7 07:35:12 2024 UTC (12 months, 2 weeks ago) by wiz
Branches: MAIN
Diff to: previous 1.35: preferred, colored
Changes since revision 1.35: +2 -2 lines

*: bump for cairo buildlink3.mk change

lzo was made an option

Revision 1.35: download - view: text, markup, annotated - select for diffs
Sat Apr 6 08:06:52 2024 UTC (12 months, 2 weeks ago) by wiz
Branches: MAIN
Diff to: previous 1.34: preferred, colored
Changes since revision 1.34: +2 -2 lines

* recursive bump for libxkbcommon 1.7.0

Marc Baudoin reported problems with using old binary packages
with the new libkxbcommon, so force everything to 1.7.0

Revision 1.34: download - view: text, markup, annotated - select for diffs
Tue Jan 30 14:22:37 2024 UTC (14 months, 3 weeks ago) by ryoon
Branches: MAIN
CVS tags: pkgsrc-2024Q1-base, pkgsrc-2024Q1
Diff to: previous 1.33: preferred, colored
Changes since revision 1.33: +2 -2 lines

*: Recursive revbump from audio/pulseaudio-17.0

Revision 1.33: download - view: text, markup, annotated - select for diffs
Mon Jan 22 13:17:07 2024 UTC (14 months, 4 weeks ago) by ryoon
Branches: MAIN
Diff to: previous 1.32: preferred, colored
Changes since revision 1.32: +2 -1 lines

*: Recursive revbump from multimedia/libvpx

Revision 1.32: download - view: text, markup, annotated - select for diffs
Thu Nov 23 14:22:32 2023 UTC (16 months, 4 weeks ago) by ryoon
Branches: MAIN
CVS tags: pkgsrc-2023Q4-base, pkgsrc-2023Q4
Diff to: previous 1.31: preferred, colored
Changes since revision 1.31: +2 -3 lines

firefox102: Update to 102.15.1

* Fix build with the latest textproc/icu.

Changelog:
Security fixes:
Mozilla Foundation Security Advisory 2023-40
#CVE-2023-4863: Heap buffer overflow in libwebp

Revision 1.31: download - view: text, markup, annotated - select for diffs
Tue Nov 14 14:03:04 2023 UTC (17 months ago) by wiz
Branches: MAIN
Diff to: previous 1.30: preferred, colored
Changes since revision 1.30: +2 -2 lines

*: recursive bump for cairo dependency changes

Revision 1.30: download - view: text, markup, annotated - select for diffs
Sun Nov 12 13:23:54 2023 UTC (17 months, 1 week ago) by wiz
Branches: MAIN
Diff to: previous 1.29: preferred, colored
Changes since revision 1.29: +2 -2 lines

*: revebump for new brotli option for freetype2

Addresses PR 57693

Revision 1.29: download - view: text, markup, annotated - select for diffs
Wed Nov 8 13:21:17 2023 UTC (17 months, 1 week ago) by wiz
Branches: MAIN
Diff to: previous 1.28: preferred, colored
Changes since revision 1.28: +2 -2 lines

*: recursive bump for icu 74.1

Revision 1.28: download - view: text, markup, annotated - select for diffs
Tue Oct 24 22:11:26 2023 UTC (17 months, 3 weeks ago) by wiz
Branches: MAIN
Diff to: previous 1.27: preferred, colored
Changes since revision 1.27: +2 -2 lines

*: bump for openssl 3

Revision 1.27: download - view: text, markup, annotated - select for diffs
Sat Oct 21 17:11:38 2023 UTC (18 months ago) by gdt
Branches: MAIN
Diff to: previous 1.26: preferred, colored
Changes since revision 1.26: +2 -1 lines

recursive revbump for tiff update

Revision 1.26: download - view: text, markup, annotated - select for diffs
Sun Sep 10 14:42:28 2023 UTC (19 months, 1 week ago) by nia
Branches: MAIN
CVS tags: pkgsrc-2023Q3-base, pkgsrc-2023Q3
Diff to: previous 1.25: preferred, colored
Changes since revision 1.25: +2 -3 lines

firefox102: Update to 102.15.0

Add some fixes from www/firefox, thanks a lot tnn@.

Security Vulnerabilities fixed in Firefox ESR 102.15

    #CVE-2023-4573: Memory corruption in IPC CanvasTranslator

    #CVE-2023-4574: Memory corruption in IPC ColorPickerShownCallback

    #CVE-2023-4575: Memory corruption in IPC FilePickerShownCallback

    #CVE-2023-4576: Integer Overflow in RecordedSourceSurfaceCreation

    #CVE-2023-4581: XLL file extensions were downloadable without warnings

    #CVE-2023-4584: Memory safety bugs fixed in Firefox 117, Firefox ESR 102.15,
    Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2

Revision 1.25: download - view: text, markup, annotated - select for diffs
Mon Aug 14 05:25:29 2023 UTC (20 months, 1 week ago) by wiz
Branches: MAIN
Diff to: previous 1.24: preferred, colored
Changes since revision 1.24: +2 -1 lines

*: recursive bump for Python 3.11 as new default

Revision 1.21.2.2: download - view: text, markup, annotated - select for diffs
Sun Aug 13 09:01:14 2023 UTC (20 months, 1 week ago) by bsiegert
Branches: pkgsrc-2023Q2
Diff to: previous 1.21.2.1: preferred, colored; branchpoint 1.21: preferred, colored; next MAIN 1.22: preferred, colored
Changes since revision 1.21.2.1: +2 -2 lines

Pullup ticket #6783 - requested by leot
www/firefox102: Enable WebRTC X11 desktop capture
Pullup ticket #6788 - requested by nia
www/firefox102: security fix

Revisions pulled up:
- www/firefox102-l10n/Makefile                                  1.14
- www/firefox102-l10n/distinfo                                  1.13
- www/firefox102/Makefile                                       1.23-1.24
- www/firefox102/distinfo                                       1.15
- www/firefox102/files/replace-moz.build.awk                    1.2

---
   Module Name:    pkgsrc
   Committed By:   ryoon
   Date:           Wed Jul 26 15:52:05 UTC 2023

   Modified Files:
           pkgsrc/www/firefox102: Makefile
           pkgsrc/www/firefox102/files: replace-moz.build.awk

   Log Message:
   firefox102: Enable WebRTC X11 desktop capture

   Fix PR pkg/56955.
   Bump PKGREVISION.

---
   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Tue Aug  8 15:46:58 UTC 2023

   Modified Files:
   	pkgsrc/www/firefox102: Makefile distinfo
   	pkgsrc/www/firefox102-l10n: Makefile distinfo

   Log Message:
   firefox102: Update to 102.14.0

   Security Vulnerabilities fixed in Firefox ESR 102.14

       #CVE-2023-4045: Offscreen Canvas could have bypassed cross-origin
       restrictions

       #CVE-2023-4046: Incorrect value used during WASM compilation

       #CVE-2023-4047: Potential permissions request bypass via clickjacking

       #CVE-2023-4048: Crash in DOMParser due to out-of-memory conditions

       #CVE-2023-4049: Fix potential race conditions when releasing platform
       objects

       #CVE-2023-4050: Stack buffer overflow in StorageManager

       #CVE-2023-4054: Lack of warning when opening appref-ms files

       #CVE-2023-4055: Cookie jar overflow caused unexpected cookie jar state

       #CVE-2023-4056: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1,
       Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14

Revision 1.24: download - view: text, markup, annotated - select for diffs
Tue Aug 8 15:46:57 2023 UTC (20 months, 1 week ago) by nia
Branches: MAIN
Diff to: previous 1.23: preferred, colored
Changes since revision 1.23: +2 -3 lines

firefox102: Update to 102.14.0

Security Vulnerabilities fixed in Firefox ESR 102.14

    #CVE-2023-4045: Offscreen Canvas could have bypassed cross-origin
    restrictions

    #CVE-2023-4046: Incorrect value used during WASM compilation

    #CVE-2023-4047: Potential permissions request bypass via clickjacking

    #CVE-2023-4048: Crash in DOMParser due to out-of-memory conditions

    #CVE-2023-4049: Fix potential race conditions when releasing platform
    objects

    #CVE-2023-4050: Stack buffer overflow in StorageManager

    #CVE-2023-4054: Lack of warning when opening appref-ms files

    #CVE-2023-4055: Cookie jar overflow caused unexpected cookie jar state

    #CVE-2023-4056: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1,
    Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14

Revision 1.23: download - view: text, markup, annotated - select for diffs
Wed Jul 26 15:52:05 2023 UTC (20 months, 3 weeks ago) by ryoon
Branches: MAIN
Diff to: previous 1.22: preferred, colored
Changes since revision 1.22: +2 -1 lines

firefox102: Enable WebRTC X11 desktop capture

Fix PR pkg/56955.
Bump PKGREVISION.

Revision 1.21.2.1: download - view: text, markup, annotated - select for diffs
Sun Jul 16 18:05:57 2023 UTC (21 months ago) by bsiegert
Branches: pkgsrc-2023Q2
Diff to: previous 1.21: preferred, colored
Changes since revision 1.21: +2 -2 lines

Pullup ticket #6780 - requested by nia
www/firefox102: security fix
www/firefox102-l10n: dependent update

Revisions pulled up:
- www/firefox102-l10n/Makefile                                  1.13
- www/firefox102-l10n/distinfo                                  1.12
- www/firefox102/Makefile                                       1.22
- www/firefox102/distinfo                                       1.14

---
   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Fri Jul  7 20:47:53 UTC 2023

   Modified Files:
   	pkgsrc/www/firefox102: Makefile distinfo
   	pkgsrc/www/firefox102-l10n: Makefile distinfo

   Log Message:
   firefox102: update to 102.13.0

   Security Vulnerabilities fixed in Firefox ESR 102.13

       #CVE-2023-37201: Use-after-free in WebRTC certificate generation

       #CVE-2023-37202: Potential use-after-free from compartment mismatch in
       SpiderMonkey

       #CVE-2023-37207: Fullscreen notification obscured

       #CVE-2023-37208: Lack of warning when opening Diagcab files

       #CVE-2023-37211: Memory safety bugs fixed in Firefox 115, Firefox ESR
       102.13, and Thunderbird 102.13

Revision 1.22: download - view: text, markup, annotated - select for diffs
Fri Jul 7 20:47:53 2023 UTC (21 months, 2 weeks ago) by nia
Branches: MAIN
Diff to: previous 1.21: preferred, colored
Changes since revision 1.21: +2 -2 lines

firefox102: update to 102.13.0

Security Vulnerabilities fixed in Firefox ESR 102.13

    #CVE-2023-37201: Use-after-free in WebRTC certificate generation

    #CVE-2023-37202: Potential use-after-free from compartment mismatch in
    SpiderMonkey

    #CVE-2023-37207: Fullscreen notification obscured

    #CVE-2023-37208: Lack of warning when opening Diagcab files

    #CVE-2023-37211: Memory safety bugs fixed in Firefox 115, Firefox ESR
    102.13, and Thunderbird 102.13

Revision 1.16.2.3: download - view: text, markup, annotated - select for diffs
Mon Jun 26 09:34:50 2023 UTC (21 months, 3 weeks ago) by bsiegert
Branches: pkgsrc-2023Q1
Diff to: previous 1.16.2.2: preferred, colored; branchpoint 1.16: preferred, colored; next MAIN 1.17: preferred, colored
Changes since revision 1.16.2.2: +2 -2 lines

Pullup ticket #6765 - requested by nia
www/firefox102: security fix
www/firefox102-l10n: dependent update

Revisions pulled up:
- www/firefox102-l10n/Makefile                                  1.12
- www/firefox102-l10n/distinfo                                  1.11
- www/firefox102/Makefile                                       1.21
- www/firefox102/distinfo                                       1.13

---
   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Sun Jun 25 16:07:08 UTC 2023

   Modified Files:
   	pkgsrc/www/firefox102: Makefile distinfo
   	pkgsrc/www/firefox102-l10n: Makefile distinfo

   Log Message:
   firefox102: update to 102.12

   Security Vulnerabilities fixed in Firefox ESR 102.12

       #CVE-2023-34414: Click-jacking certificate exceptions through rendering lag

       #CVE-2023-34416: Memory safety bugs fixed in Firefox 114 and Firefox ESR
       102.12

Revision 1.21: download - view: text, markup, annotated - select for diffs
Sun Jun 25 16:07:08 2023 UTC (21 months, 3 weeks ago) by nia
Branches: MAIN
CVS tags: pkgsrc-2023Q2-base
Branch point for: pkgsrc-2023Q2
Diff to: previous 1.20: preferred, colored
Changes since revision 1.20: +2 -2 lines

firefox102: update to 102.12

Security Vulnerabilities fixed in Firefox ESR 102.12

    #CVE-2023-34414: Click-jacking certificate exceptions through rendering lag

    #CVE-2023-34416: Memory safety bugs fixed in Firefox 114 and Firefox ESR
    102.12

Revision 1.16.2.2: download - view: text, markup, annotated - select for diffs
Tue May 16 16:28:36 2023 UTC (23 months ago) by bsiegert
Branches: pkgsrc-2023Q1
Diff to: previous 1.16.2.1: preferred, colored; branchpoint 1.16: preferred, colored
Changes since revision 1.16.2.1: +2 -2 lines

Pullup ticket #6760 - requested by nia
www/firefox102: security fix
www/firefox102-l10n: dependent update

Revisions pulled up:
- www/firefox102-l10n/Makefile                                  1.11
- www/firefox102-l10n/distinfo                                  1.10
- www/firefox102/Makefile                                       1.20
- www/firefox102/distinfo                                       1.12

---
   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Sun May 14 19:50:11 UTC 2023

   Modified Files:
   	pkgsrc/www/firefox102: Makefile distinfo
   	pkgsrc/www/firefox102-l10n: Makefile distinfo

   Log Message:
   firefox102: update to 102.11

   Security Vulnerabilities fixed in Firefox ESR 102.11

       #CVE-2023-32205: Browser prompts could have been obscured by popups

       #CVE-2023-32206: Crash in RLBox Expat driver

       #CVE-2023-32207: Potential permissions request bypass via clickjacking

       #CVE-2023-32211: Content process crash due to invalid wasm code

       #CVE-2023-32212: Potential spoof due to obscured address bar

       #CVE-2023-32213: Potential memory corruption in FileReader::DoReadData()

       #CVE-2023-32214: Potential DoS via exposed protocol handlers

Revision 1.20: download - view: text, markup, annotated - select for diffs
Sun May 14 19:50:11 2023 UTC (23 months, 1 week ago) by nia
Branches: MAIN
Diff to: previous 1.19: preferred, colored
Changes since revision 1.19: +2 -3 lines

firefox102: update to 102.11

Security Vulnerabilities fixed in Firefox ESR 102.11

    #CVE-2023-32205: Browser prompts could have been obscured by popups

    #CVE-2023-32206: Crash in RLBox Expat driver

    #CVE-2023-32207: Potential permissions request bypass via clickjacking

    #CVE-2023-32211: Content process crash due to invalid wasm code

    #CVE-2023-32212: Potential spoof due to obscured address bar

    #CVE-2023-32213: Potential memory corruption in FileReader::DoReadData()

    #CVE-2023-32214: Potential DoS via exposed protocol handlers

Revision 1.19: download - view: text, markup, annotated - select for diffs
Sat May 6 19:09:50 2023 UTC (23 months, 2 weeks ago) by ryoon
Branches: MAIN
Diff to: previous 1.18: preferred, colored
Changes since revision 1.18: +2 -2 lines

*: Recursive revbump from audio/libopus 1.4

Revision 1.16.2.1: download - view: text, markup, annotated - select for diffs
Sat Apr 22 15:06:23 2023 UTC (23 months, 4 weeks ago) by bsiegert
Branches: pkgsrc-2023Q1
Diff to: previous 1.16: preferred, colored
Changes since revision 1.16: +2 -3 lines

Pullup ticket #6754 - requested by nia
www/firefox102: security fix
www/firefox102-l10n: dependent update

Revisions pulled up:
- www/firefox102-l10n/Makefile                                  1.10
- www/firefox102-l10n/distinfo                                  1.9
- www/firefox102/Makefile                                       1.17
- www/firefox102/distinfo                                       1.11

---
   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Fri Apr 14 08:53:12 UTC 2023

   Modified Files:
   	pkgsrc/www/firefox102: Makefile distinfo
   	pkgsrc/www/firefox102-l10n: Makefile distinfo

   Log Message:
   firefox102: Update to 102.10.0

   Security Vulnerabilities fixed in Firefox ESR 102.10

       #CVE-2023-29531: Out-of-bound memory access in WebGL on macOS
       #CVE-2023-29533: Fullscreen notification obscured
       #CVE-2023-29535: Potential Memory Corruption following Garbage Collector
       compaction
       #CVE-2023-29536: Invalid free from JavaScript code
       #CVE-2023-29539: Content-Disposition filename truncation leads to Reflected
       File Download
       #CVE-2023-29541: Files with malicious extensions could have been downloaded
       unsafely on Linux
       #CVE-2023-29542: Bypass of file download extension restrictions
       #CVE-2023-1945: Memory Corruption in Safe Browsing Code
       #CVE-2023-29548: Incorrect optimization result on ARM64
       #CVE-2023-29550: Memory safety bugs fixed in Firefox 112 and Firefox ESR
       102.10

Revision 1.18: download - view: text, markup, annotated - select for diffs
Wed Apr 19 08:11:46 2023 UTC (2 years ago) by adam
Branches: MAIN
Diff to: previous 1.17: preferred, colored
Changes since revision 1.17: +2 -1 lines

revbump after textproc/icu update

Revision 1.17: download - view: text, markup, annotated - select for diffs
Fri Apr 14 08:53:12 2023 UTC (2 years ago) by nia
Branches: MAIN
Diff to: previous 1.16: preferred, colored
Changes since revision 1.16: +2 -3 lines

firefox102: Update to 102.10.0

Security Vulnerabilities fixed in Firefox ESR 102.10

    #CVE-2023-29531: Out-of-bound memory access in WebGL on macOS
    #CVE-2023-29533: Fullscreen notification obscured
    #CVE-2023-29535: Potential Memory Corruption following Garbage Collector
    compaction
    #CVE-2023-29536: Invalid free from JavaScript code
    #CVE-2023-29539: Content-Disposition filename truncation leads to Reflected
    File Download
    #CVE-2023-29541: Files with malicious extensions could have been downloaded
    unsafely on Linux
    #CVE-2023-29542: Bypass of file download extension restrictions
    #CVE-2023-1945: Memory Corruption in Safe Browsing Code
    #CVE-2023-29548: Incorrect optimization result on ARM64
    #CVE-2023-29550: Memory safety bugs fixed in Firefox 112 and Firefox ESR
    102.10

Revision 1.16: download - view: text, markup, annotated - select for diffs
Sun Jan 29 21:18:03 2023 UTC (2 years, 2 months ago) by ryoon
Branches: MAIN
CVS tags: pkgsrc-2023Q1-base
Branch point for: pkgsrc-2023Q1
Diff to: previous 1.15: preferred, colored
Changes since revision 1.15: +2 -1 lines

*: Recursive revbup from graphics/freetype2

Revision 1.13.2.1: download - view: text, markup, annotated - select for diffs
Thu Jan 26 19:58:25 2023 UTC (2 years, 2 months ago) by bsiegert
Branches: pkgsrc-2022Q4
Diff to: previous 1.13: preferred, colored; next MAIN 1.14: preferred, colored
Changes since revision 1.13: +2 -2 lines

Pullup ticket #6725 - requested by nia
www/firefox102: security fix
www/firefox102-l10n: dependent update

Revisions pulled up:
- www/firefox102-l10n/Makefile                                  1.9
- www/firefox102-l10n/distinfo                                  1.8
- www/firefox102/Makefile                                       1.15
- www/firefox102/distinfo                                       1.10

---
   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Tue Jan 24 17:59:28 UTC 2023

   Modified Files:
   	pkgsrc/www/firefox102: Makefile distinfo
   	pkgsrc/www/firefox102-l10n: Makefile distinfo

   Log Message:
   firefox102: Update to 102.7.0

   Security Vulnerabilities fixed in Firefox ESR 102.7

       #CVE-2022-46871: libusrsctp library out of date

       #CVE-2023-23598: Arbitrary file read from GTK drag and drop on Linux

       #CVE-2023-23599: Malicious command could be hidden in devtools output on
       Windows

       #CVE-2023-23601: URL being dragged from cross-origin iframe into same tab
       triggers navigation

       #CVE-2023-23602: Content Security Policy wasn't being correctly applied to
       WebSockets in WebWorkers

       #CVE-2022-46877: Fullscreen notification bypass

       #CVE-2023-23603: Calls to <code>console.log</code> allowed bypasing Content
       Security Policy via format directive

       #CVE-2023-23605: Memory safety bugs fixed in Firefox 109 and Firefox ESR
       102.7

Revision 1.15: download - view: text, markup, annotated - select for diffs
Tue Jan 24 17:59:27 2023 UTC (2 years, 2 months ago) by nia
Branches: MAIN
Diff to: previous 1.14: preferred, colored
Changes since revision 1.14: +2 -3 lines

firefox102: Update to 102.7.0

Security Vulnerabilities fixed in Firefox ESR 102.7

    #CVE-2022-46871: libusrsctp library out of date

    #CVE-2023-23598: Arbitrary file read from GTK drag and drop on Linux

    #CVE-2023-23599: Malicious command could be hidden in devtools output on
    Windows

    #CVE-2023-23601: URL being dragged from cross-origin iframe into same tab
    triggers navigation

    #CVE-2023-23602: Content Security Policy wasn't being correctly applied to
    WebSockets in WebWorkers

    #CVE-2022-46877: Fullscreen notification bypass

    #CVE-2023-23603: Calls to <code>console.log</code> allowed bypasing Content
    Security Policy via format directive

    #CVE-2023-23605: Memory safety bugs fixed in Firefox 109 and Firefox ESR
    102.7

Revision 1.14: download - view: text, markup, annotated - select for diffs
Tue Jan 3 17:38:23 2023 UTC (2 years, 3 months ago) by wiz
Branches: MAIN
Diff to: previous 1.13: preferred, colored
Changes since revision 1.13: +2 -1 lines

*: recursive bump for tiff shlib major bump

Revision 1.13: download - view: text, markup, annotated - select for diffs
Sat Dec 24 15:47:54 2022 UTC (2 years, 3 months ago) by nia
Branches: MAIN
CVS tags: pkgsrc-2022Q4-base
Branch point for: pkgsrc-2022Q4
Diff to: previous 1.12: preferred, colored
Changes since revision 1.12: +2 -3 lines

firefox102: update to 102.6.0

Security Vulnerabilities fixed in Firefox ESR 102.6

    #CVE-2022-46880: Use-after-free in WebGL

    #CVE-2022-46872: Arbitrary file read from a compromised content process

    #CVE-2022-46881: Memory corruption in WebGL

    #CVE-2022-46874: Drag and Dropped Filenames could have been truncated to
    malicious extensions

    #CVE-2022-46875: Download Protections were bypassed by .atloc and .ftploc
    files on Mac OS

    #CVE-2022-46882: Use-after-free in WebGL

    #CVE-2022-46878: Memory safety bugs fixed in Firefox 108 and Firefox ESR
    102.6

Revision 1.12: download - view: text, markup, annotated - select for diffs
Wed Dec 21 10:10:37 2022 UTC (2 years, 4 months ago) by nia
Branches: MAIN
Diff to: previous 1.11: preferred, colored
Changes since revision 1.11: +2 -1 lines

firefox102: Disable service worker support until the root cause of the
crashes is investigated.

Revision 1.11: download - view: text, markup, annotated - select for diffs
Sun Dec 4 09:49:59 2022 UTC (2 years, 4 months ago) by nia
Branches: MAIN
Diff to: previous 1.10: preferred, colored
Changes since revision 1.10: +2 -3 lines

firefox102: Update to 102.5.0

Security Vulnerabilities fixed in Firefox ESR 102.5

    #CVE-2022-45403: Service Workers might have learned size of cross-origin
    media files

    #CVE-2022-45404: Fullscreen notification bypass

    #CVE-2022-45405: Use-after-free in InputStream implementation

    #CVE-2022-45406: Use-after-free of a JavaScript Realm

    #CVE-2022-45408: Fullscreen notification bypass via windowName

    #CVE-2022-45409: Use-after-free in Garbage Collection

    #CVE-2022-45410: ServiceWorker-intercepted requests bypassed SameSite cookie
    policy

    #CVE-2022-45411: Cross-Site Tracing was possible via non-standard override
    headers

    #CVE-2022-45412: Symlinks may resolve to partially uninitialized buffers

    #CVE-2022-45416: Keystroke Side-Channel Leakage

    #CVE-2022-45418: Custom mouse cursor could have been drawn over browser UI

    #CVE-2022-45420: Iframe contents could be rendered outside the iframe

    #CVE-2022-45421: Memory safety bugs fixed in Firefox 107 and Firefox ESR
    102.5

Revision 1.10: download - view: text, markup, annotated - select for diffs
Wed Nov 23 16:21:19 2022 UTC (2 years, 4 months ago) by adam
Branches: MAIN
Diff to: previous 1.9: preferred, colored
Changes since revision 1.9: +2 -1 lines

massive revision bump after textproc/icu update

Revision 1.8.2.1: download - view: text, markup, annotated - select for diffs
Thu Oct 27 06:27:40 2022 UTC (2 years, 5 months ago) by bsiegert
Branches: pkgsrc-2022Q3
Diff to: previous 1.8: preferred, colored; next MAIN 1.9: preferred, colored
Changes since revision 1.8: +2 -2 lines

Pullup ticket #6693 - requested by nia
www/firefox102: security fix

Revisions pulled up:
- www/firefox102-l10n/Makefile                                  1.6
- www/firefox102-l10n/distinfo                                  1.5
- www/firefox102/Makefile                                       1.9
- www/firefox102/distinfo                                       1.6

---
   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Sat Oct 22 15:59:27 UTC 2022

   Modified Files:
   	pkgsrc/www/firefox102: Makefile distinfo
   	pkgsrc/www/firefox102-l10n: Makefile distinfo

   Log Message:
   firefox102: Update to 102.4.0

   Security Vulnerabilities fixed in Firefox ESR 102.4

       #CVE-2022-42927: Same-origin policy violation could have leaked cross-origin
       URLs

       #CVE-2022-42928: Memory Corruption in JS Engine

       #CVE-2022-42929: Denial of Service via window.print

       #CVE-2022-42932: Memory safety bugs fixed in Firefox 106 and Firefox ESR
       102.4

Revision 1.9: download - view: text, markup, annotated - select for diffs
Sat Oct 22 15:59:26 2022 UTC (2 years, 5 months ago) by nia
Branches: MAIN
Diff to: previous 1.8: preferred, colored
Changes since revision 1.8: +2 -2 lines

firefox102: Update to 102.4.0

Security Vulnerabilities fixed in Firefox ESR 102.4

    #CVE-2022-42927: Same-origin policy violation could have leaked cross-origin
    URLs

    #CVE-2022-42928: Memory Corruption in JS Engine

    #CVE-2022-42929: Denial of Service via window.print

    #CVE-2022-42932: Memory safety bugs fixed in Firefox 106 and Firefox ESR
    102.4

Revision 1.8: download - view: text, markup, annotated - select for diffs
Fri Sep 23 22:52:49 2022 UTC (2 years, 6 months ago) by nia
Branches: MAIN
CVS tags: pkgsrc-2022Q3-base
Branch point for: pkgsrc-2022Q3
Diff to: previous 1.7: preferred, colored
Changes since revision 1.7: +2 -3 lines

firefox102: update to 102.3.0

Security Vulnerabilities fixed in Firefox ESR 102.3

    #CVE-2022-3266: Out of bounds read when decoding H264

    #CVE-2022-40959: Bypassing FeaturePolicy restrictions on transient pages

    #CVE-2022-40960: Data-race when parsing non-UTF-8 URLs in threads

    #CVE-2022-40958: Bypassing Secure Context restriction for cookies with
    __Host and __Secure prefix

    #CVE-2022-40956: Content-Security-Policy base-uri bypass

    #CVE-2022-40957: Incoherent instruction cache when building WASM on ARM64

    #CVE-2022-40962: Memory safety bugs fixed in Firefox 105 and Firefox ESR
    102.3

Revision 1.7: download - view: text, markup, annotated - select for diffs
Sun Sep 11 12:52:09 2022 UTC (2 years, 7 months ago) by wiz
Branches: MAIN
Diff to: previous 1.6: preferred, colored
Changes since revision 1.6: +2 -1 lines

*: bump PKGREVISION for flac shlib bump

Revision 1.6: download - view: text, markup, annotated - select for diffs
Tue Sep 6 09:16:42 2022 UTC (2 years, 7 months ago) by nia
Branches: MAIN
Diff to: previous 1.5: preferred, colored
Changes since revision 1.5: +2 -3 lines

firefox102: Update to 102.2.0

                  Mozilla Foundation Security Advisory 2022-34

Security Vulnerabilities fixed in Firefox ESR 102.2

    #CVE-2022-38472: Address bar spoofing via XSLT error handling

    #CVE-2022-38473: Cross-origin XSLT Documents would have inherited the
    parent's permissions

    #CVE-2022-38476: Data race and potential use-after-free in PK11_ChangePW

    #CVE-2022-38477: Memory safety bugs fixed in Firefox 104 and Firefox ESR
    102.2

    #CVE-2022-38478: Memory safety bugs fixed in Firefox 104, Firefox ESR 102.2,
    and Firefox ESR 91.13

Revision 1.5: download - view: text, markup, annotated - select for diffs
Thu Aug 11 05:09:22 2022 UTC (2 years, 8 months ago) by gutteridge
Branches: MAIN
Diff to: previous 1.4: preferred, colored
Changes since revision 1.4: +2 -2 lines

Bump all dependent packages of wayland (belatedly)

The package changed with the addition of its libepoll-shim dependency.
Otherwise, we can get:
ERROR: libepoll-shim>=0.0.20210418 is not installed; can't buildlink files.

Revision 1.4: download - view: text, markup, annotated - select for diffs
Sun Aug 7 18:08:08 2022 UTC (2 years, 8 months ago) by nia
Branches: MAIN
Diff to: previous 1.3: preferred, colored
Changes since revision 1.3: +8 -1 lines

firefox102: Sync fixes with www/firefox

Revision 1.3: download - view: text, markup, annotated - select for diffs
Fri Aug 5 08:41:25 2022 UTC (2 years, 8 months ago) by nia
Branches: MAIN
Diff to: previous 1.2: preferred, colored
Changes since revision 1.2: +2 -3 lines

firefox102: update to 102.1.0

Security Vulnerabilities fixed in Firefox ESR 102.1

    #CVE-2022-36319: Mouse Position spoofing with CSS transforms

    #CVE-2022-36318: Directory indexes for bundled resources reflected URL
    parameters

    #CVE-2022-36314: Opening local <code>.lnk</code> files could cause
    unexpected network loads

    #CVE-2022-2505: Memory safety bugs fixed in Firefox 103 and 102.1

Revision 1.2: download - view: text, markup, annotated - select for diffs
Mon Jul 25 01:01:54 2022 UTC (2 years, 8 months ago) by tnn
Branches: MAIN
Diff to: previous 1.1: preferred, colored
Changes since revision 1.1: +2 -1 lines

*: revbump for ffmpeg5

Revision 1.1: download - view: text, markup, annotated - select for diffs
Thu Jul 21 23:56:38 2022 UTC (2 years, 9 months ago) by nia
Branches: MAIN

Add a package for Firefox 102 ESR

Diff request

This form allows you to request diffs between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.

Diffs between
and

CVSweb <webmaster@jp.NetBSD.org>

Preferred diff type:
View only branch:
Sort log by: