Up to [cvs.NetBSD.org] / pkgsrc / www / firefox52
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.98 / (download) - annotate - [select for diffs], Sun Apr 7 07:35:12 2024 UTC (12 days, 7 hours ago) by wiz
Branch: MAIN
CVS Tags: HEAD
Changes since 1.97: +2 -2
lines
Diff to previous 1.97 (colored) to selected 1.54 (colored)
*: bump for cairo buildlink3.mk change lzo was made an option
Revision 1.97 / (download) - annotate - [select for diffs], Sat Apr 6 08:06:52 2024 UTC (13 days, 6 hours ago) by wiz
Branch: MAIN
Changes since 1.96: +2 -2
lines
Diff to previous 1.96 (colored) to selected 1.54 (colored)
* recursive bump for libxkbcommon 1.7.0 Marc Baudoin reported problems with using old binary packages with the new libkxbcommon, so force everything to 1.7.0
Revision 1.96 / (download) - annotate - [select for diffs], Tue Jan 30 14:22:37 2024 UTC (2 months, 2 weeks ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2024Q1-base,
pkgsrc-2024Q1
Changes since 1.95: +2 -2
lines
Diff to previous 1.95 (colored) to selected 1.54 (colored)
*: Recursive revbump from audio/pulseaudio-17.0
Revision 1.95 / (download) - annotate - [select for diffs], Mon Jan 22 13:17:07 2024 UTC (2 months, 3 weeks ago) by ryoon
Branch: MAIN
Changes since 1.94: +2 -2
lines
Diff to previous 1.94 (colored) to selected 1.54 (colored)
*: Recursive revbump from multimedia/libvpx
Revision 1.94 / (download) - annotate - [select for diffs], Mon Dec 18 09:31:44 2023 UTC (4 months ago) by abs
Branch: MAIN
CVS Tags: pkgsrc-2023Q4-base,
pkgsrc-2023Q4
Changes since 1.93: +2 -2
lines
Diff to previous 1.93 (colored) to selected 1.54 (colored)
Fix build with icu >= 74.1 Bump PKGREVISION. No ACK from MAINTAINER but wanting to get package building before the branch
Revision 1.93 / (download) - annotate - [select for diffs], Tue Nov 14 14:03:04 2023 UTC (5 months ago) by wiz
Branch: MAIN
Changes since 1.92: +2 -2
lines
Diff to previous 1.92 (colored) to selected 1.54 (colored)
*: recursive bump for cairo dependency changes
Revision 1.92 / (download) - annotate - [select for diffs], Sun Nov 12 13:23:55 2023 UTC (5 months ago) by wiz
Branch: MAIN
Changes since 1.91: +2 -2
lines
Diff to previous 1.91 (colored) to selected 1.54 (colored)
*: revebump for new brotli option for freetype2 Addresses PR 57693
Revision 1.91 / (download) - annotate - [select for diffs], Wed Nov 8 13:21:17 2023 UTC (5 months, 1 week ago) by wiz
Branch: MAIN
Changes since 1.90: +2 -2
lines
Diff to previous 1.90 (colored) to selected 1.54 (colored)
*: recursive bump for icu 74.1
Revision 1.90 / (download) - annotate - [select for diffs], Tue Oct 24 22:11:26 2023 UTC (5 months, 3 weeks ago) by wiz
Branch: MAIN
Changes since 1.89: +2 -2
lines
Diff to previous 1.89 (colored) to selected 1.54 (colored)
*: bump for openssl 3
Revision 1.89 / (download) - annotate - [select for diffs], Sat Oct 21 17:11:38 2023 UTC (5 months, 4 weeks ago) by gdt
Branch: MAIN
Changes since 1.88: +2 -2
lines
Diff to previous 1.88 (colored) to selected 1.54 (colored)
recursive revbump for tiff update
Revision 1.88 / (download) - annotate - [select for diffs], Mon Aug 14 05:25:29 2023 UTC (8 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2023Q3-base,
pkgsrc-2023Q3
Changes since 1.87: +2 -2
lines
Diff to previous 1.87 (colored) to selected 1.54 (colored)
*: recursive bump for Python 3.11 as new default
Revision 1.87 / (download) - annotate - [select for diffs], Sat May 6 19:09:51 2023 UTC (11 months, 2 weeks ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2023Q2-base,
pkgsrc-2023Q2
Changes since 1.86: +2 -2
lines
Diff to previous 1.86 (colored) to selected 1.54 (colored)
*: Recursive revbump from audio/libopus 1.4
Revision 1.86 / (download) - annotate - [select for diffs], Wed Apr 19 08:11:46 2023 UTC (12 months ago) by adam
Branch: MAIN
Changes since 1.85: +2 -2
lines
Diff to previous 1.85 (colored) to selected 1.54 (colored)
revbump after textproc/icu update
Revision 1.85 / (download) - annotate - [select for diffs], Wed Mar 22 19:09:54 2023 UTC (12 months, 4 weeks ago) by abs
Branch: MAIN
CVS Tags: pkgsrc-2023Q1-base,
pkgsrc-2023Q1
Changes since 1.84: +6 -6
lines
Diff to previous 1.84 (colored) to selected 1.54 (colored)
Fix NetBSD/sparc64 SSP_SUPPORTED=no check It was set after the include of bsd.prefs.mk to be able to use MACHINE_PLATFORM, but needed to be before bsd.prefs.mk to take effect. Switch to testing MACHINE_ARCH, and target all sparc64
Revision 1.84 / (download) - annotate - [select for diffs], Tue Mar 21 20:08:16 2023 UTC (12 months, 4 weeks ago) by abs
Branch: MAIN
Changes since 1.83: +6 -6
lines
Diff to previous 1.83 (colored) to selected 1.54 (colored)
Fix MACHINE_PLATFORM:MNetBSD-*-sparc64 check Put after include of bsd.prefs.mk (via options.mk)
Revision 1.83 / (download) - annotate - [select for diffs], Tue Mar 21 19:59:46 2023 UTC (12 months, 4 weeks ago) by abs
Branch: MAIN
Changes since 1.82: +7 -2
lines
Diff to previous 1.82 (colored) to selected 1.54 (colored)
Set SSP_SUPPORTED=no for NetBSD/sparc64 Bump PKGREVISION
Revision 1.82 / (download) - annotate - [select for diffs], Sun Jan 29 21:18:03 2023 UTC (14 months, 2 weeks ago) by ryoon
Branch: MAIN
Changes since 1.81: +2 -2
lines
Diff to previous 1.81 (colored) to selected 1.54 (colored)
*: Recursive revbup from graphics/freetype2
Revision 1.81 / (download) - annotate - [select for diffs], Tue Jan 3 17:38:23 2023 UTC (15 months, 2 weeks ago) by wiz
Branch: MAIN
Changes since 1.80: +2 -2
lines
Diff to previous 1.80 (colored) to selected 1.54 (colored)
*: recursive bump for tiff shlib major bump
Revision 1.80 / (download) - annotate - [select for diffs], Wed Nov 23 16:21:19 2022 UTC (16 months, 3 weeks ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2022Q4-base,
pkgsrc-2022Q4
Changes since 1.79: +2 -2
lines
Diff to previous 1.79 (colored) to selected 1.54 (colored)
massive revision bump after textproc/icu update
Revision 1.79 / (download) - annotate - [select for diffs], Tue Sep 27 20:58:28 2022 UTC (18 months, 3 weeks ago) by wiz
Branch: MAIN
Changes since 1.78: +2 -2
lines
Diff to previous 1.78 (colored) to selected 1.54 (colored)
*: recursive bump for ffmpeg4 switch to x264
Revision 1.78 / (download) - annotate - [select for diffs], Sun Sep 11 12:52:09 2022 UTC (19 months, 1 week ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2022Q3-base,
pkgsrc-2022Q3
Changes since 1.77: +2 -2
lines
Diff to previous 1.77 (colored) to selected 1.54 (colored)
*: bump PKGREVISION for flac shlib bump
Revision 1.77 / (download) - annotate - [select for diffs], Thu Aug 11 05:09:22 2022 UTC (20 months, 1 week ago) by gutteridge
Branch: MAIN
Changes since 1.76: +2 -2
lines
Diff to previous 1.76 (colored) to selected 1.54 (colored)
Bump all dependent packages of wayland (belatedly) The package changed with the addition of its libepoll-shim dependency. Otherwise, we can get: ERROR: libepoll-shim>=0.0.20210418 is not installed; can't buildlink files.
Revision 1.76 / (download) - annotate - [select for diffs], Sat Jul 2 16:53:37 2022 UTC (21 months, 2 weeks ago) by ryoon
Branch: MAIN
Changes since 1.75: +2 -2
lines
Diff to previous 1.75 (colored) to selected 1.54 (colored)
*: Recursive revbump from audio/pulseaudio
Revision 1.75 / (download) - annotate - [select for diffs], Tue Jun 28 11:37:04 2022 UTC (21 months, 3 weeks ago) by wiz
Branch: MAIN
Changes since 1.74: +2 -2
lines
Diff to previous 1.74 (colored) to selected 1.54 (colored)
*: recursive bump for perl 5.36
Revision 1.74 / (download) - annotate - [select for diffs], Fri Jun 3 16:30:00 2022 UTC (22 months, 2 weeks ago) by martin
Branch: MAIN
CVS Tags: pkgsrc-2022Q2-base,
pkgsrc-2022Q2
Changes since 1.73: +2 -2
lines
Diff to previous 1.73 (colored) to selected 1.54 (colored)
One of the bigendian fixes accidently was 64bit only - make it work on 32bit powerpc too.
Revision 1.73 / (download) - annotate - [select for diffs], Mon Apr 18 19:12:17 2022 UTC (2 years ago) by adam
Branch: MAIN
Changes since 1.72: +2 -2
lines
Diff to previous 1.72 (colored) to selected 1.54 (colored)
revbump for textproc/icu update
Revision 1.72 / (download) - annotate - [select for diffs], Mon Mar 28 10:59:31 2022 UTC (2 years ago) by tnn
Branch: MAIN
CVS Tags: pkgsrc-2022Q1-base,
pkgsrc-2022Q1
Changes since 1.71: +2 -2
lines
Diff to previous 1.71 (colored) to selected 1.54 (colored)
{s,t,w}*/*: revbump(1) for libsndfile
Revision 1.71 / (download) - annotate - [select for diffs], Wed Dec 8 16:06:56 2021 UTC (2 years, 4 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2021Q4-base,
pkgsrc-2021Q4
Changes since 1.70: +2 -2
lines
Diff to previous 1.70 (colored) to selected 1.54 (colored)
revbump for icu and libffi
Revision 1.70 / (download) - annotate - [select for diffs], Sat Oct 9 15:35:11 2021 UTC (2 years, 6 months ago) by nia
Branch: MAIN
Changes since 1.69: +2 -2
lines
Diff to previous 1.69 (colored) to selected 1.54 (colored)
Recursive revbump for multimedia/libaom
Revision 1.69 / (download) - annotate - [select for diffs], Fri Jul 30 12:27:09 2021 UTC (2 years, 8 months ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2021Q3-base,
pkgsrc-2021Q3
Changes since 1.68: +2 -2
lines
Diff to previous 1.68 (colored) to selected 1.54 (colored)
*: Recursive revbump from audio/pulseaudio-15.0
Revision 1.68 / (download) - annotate - [select for diffs], Fri Jun 18 18:29:57 2021 UTC (2 years, 10 months ago) by nia
Branch: MAIN
CVS Tags: pkgsrc-2021Q2-base,
pkgsrc-2021Q2
Changes since 1.67: +3 -3
lines
Diff to previous 1.67 (colored) to selected 1.54 (colored)
firefox52: explicitly use autoconf-2.13
Revision 1.67 / (download) - annotate - [select for diffs], Mon May 24 19:55:14 2021 UTC (2 years, 10 months ago) by wiz
Branch: MAIN
Changes since 1.66: +2 -2
lines
Diff to previous 1.66 (colored) to selected 1.54 (colored)
*: recursive bump for perl 5.34
Revision 1.66 / (download) - annotate - [select for diffs], Wed Apr 21 11:42:53 2021 UTC (2 years, 11 months ago) by adam
Branch: MAIN
Changes since 1.65: +2 -2
lines
Diff to previous 1.65 (colored) to selected 1.54 (colored)
revbump for textproc/icu
Revision 1.65 / (download) - annotate - [select for diffs], Thu Apr 15 11:23:13 2021 UTC (3 years ago) by ryoon
Branch: MAIN
Changes since 1.64: +2 -2
lines
Diff to previous 1.64 (colored) to selected 1.54 (colored)
*: Recursive revbump from devel/nss
Revision 1.64 / (download) - annotate - [select for diffs], Fri Apr 9 06:55:05 2021 UTC (3 years ago) by wiz
Branch: MAIN
Changes since 1.63: +2 -2
lines
Diff to previous 1.63 (colored) to selected 1.54 (colored)
*: bump PKGREVISION for nss linking fix
Revision 1.63 / (download) - annotate - [select for diffs], Sun Feb 7 06:30:40 2021 UTC (3 years, 2 months ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2021Q1-base,
pkgsrc-2021Q1
Changes since 1.62: +2 -2
lines
Diff to previous 1.62 (colored) to selected 1.54 (colored)
*: Recursive revbump from audio/pulseaudio-14.2.nb1
Revision 1.62 / (download) - annotate - [select for diffs], Fri Jan 1 09:52:42 2021 UTC (3 years, 3 months ago) by ryoon
Branch: MAIN
Changes since 1.61: +2 -2
lines
Diff to previous 1.61 (colored) to selected 1.54 (colored)
*: Recursive revbump from audio/pulseaudio-14.0
Revision 1.61 / (download) - annotate - [select for diffs], Wed Nov 11 11:15:38 2020 UTC (3 years, 5 months ago) by nia
Branch: MAIN
CVS Tags: pkgsrc-2020Q4-base,
pkgsrc-2020Q4
Changes since 1.60: +2 -4
lines
Diff to previous 1.60 (colored) to selected 1.54 (colored)
firefox52: Make PaX MPROTECT safe on NetBSD. Bump PKGREVISION. This little bit of extra security is pretty critical when using this older Firefox release.
Revision 1.60 / (download) - annotate - [select for diffs], Thu Nov 5 09:09:20 2020 UTC (3 years, 5 months ago) by ryoon
Branch: MAIN
Changes since 1.59: +2 -2
lines
Diff to previous 1.59 (colored) to selected 1.54 (colored)
*: Recursive revbump from textproc/icu-68.1
Revision 1.59 / (download) - annotate - [select for diffs], Mon Aug 31 18:12:33 2020 UTC (3 years, 7 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2020Q3-base,
pkgsrc-2020Q3
Changes since 1.58: +2 -2
lines
Diff to previous 1.58 (colored) to selected 1.54 (colored)
*: bump PKGREVISION for perl-5.32.
Revision 1.58 / (download) - annotate - [select for diffs], Tue Aug 18 17:58:16 2020 UTC (3 years, 8 months ago) by leot
Branch: MAIN
Changes since 1.57: +2 -2
lines
Diff to previous 1.57 (colored) to selected 1.54 (colored)
*: revbump for libsndfile
Revision 1.57 / (download) - annotate - [select for diffs], Mon Aug 17 20:20:21 2020 UTC (3 years, 8 months ago) by leot
Branch: MAIN
Changes since 1.56: +2 -2
lines
Diff to previous 1.56 (colored) to selected 1.54 (colored)
*: revbump after fontconfig bl3 changes (libuuid removal)
Revision 1.56 / (download) - annotate - [select for diffs], Thu Jun 4 13:47:19 2020 UTC (3 years, 10 months ago) by nia
Branch: MAIN
CVS Tags: pkgsrc-2020Q2-base,
pkgsrc-2020Q2
Changes since 1.55: +2 -2
lines
Diff to previous 1.55 (colored) to selected 1.54 (colored)
Switch legacy mozilla software over to ffmpeg4 While here, clean up options.mk. Bump PKGREVISIONs
Revision 1.55 / (download) - annotate - [select for diffs], Tue Jun 2 08:24:56 2020 UTC (3 years, 10 months ago) by adam
Branch: MAIN
Changes since 1.54: +2 -2
lines
Diff to previous 1.54 (colored)
Revbump for icu
Revision 1.54 / (download) - annotate - [selected], Sat Apr 25 16:55:07 2020 UTC (3 years, 11 months ago) by rillig
Branch: MAIN
Changes since 1.53: +1 -7
lines
Diff to previous 1.53 (colored)
www/firefox52: remove no-op SUBST block for hunspell The word PREFIX does not occur in extensions/spellcheck/hunspell anymore.
Revision 1.53 / (download) - annotate - [select for diffs], Fri Apr 24 13:24:21 2020 UTC (3 years, 11 months ago) by nia
Branch: MAIN
Changes since 1.52: +2 -2
lines
Diff to previous 1.52 (colored) to selected 1.54 (colored)
firefox*: Mark ESR versions as such in COMMENT
Revision 1.52 / (download) - annotate - [select for diffs], Sun Apr 12 08:29:17 2020 UTC (4 years ago) by adam
Branch: MAIN
Changes since 1.51: +2 -2
lines
Diff to previous 1.51 (colored) to selected 1.54 (colored)
Recursive revision bump after textproc/icu update
Revision 1.51 / (download) - annotate - [select for diffs], Tue Mar 10 22:11:09 2020 UTC (4 years, 1 month ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2020Q1-base,
pkgsrc-2020Q1
Changes since 1.50: +2 -2
lines
Diff to previous 1.50 (colored) to selected 1.54 (colored)
librsvg: update bl3.mk to remove libcroco in rust case recursive bump for the dependency change
Revision 1.50 / (download) - annotate - [select for diffs], Sun Mar 8 16:42:30 2020 UTC (4 years, 1 month ago) by bsiegert
Branch: MAIN
Changes since 1.49: +2 -2
lines
Diff to previous 1.49 (colored) to selected 1.54 (colored)
Revbump packages depending on libffi after .so version change. Requested by Matthias Ferdinand and Oskar on pkgsrc-users.
Revision 1.49 / (download) - annotate - [select for diffs], Sat Feb 8 21:44:59 2020 UTC (4 years, 2 months ago) by kamil
Branch: MAIN
Changes since 1.48: +2 -2
lines
Diff to previous 1.48 (colored) to selected 1.54 (colored)
firefox52: Workaround broken pthread_equal() usage Switch to an internal version of pthread_equal() without sanity checks. Problems detected on NetBSD 9.99.46.
Revision 1.48 / (download) - annotate - [select for diffs], Sat Jan 18 21:51:06 2020 UTC (4 years, 3 months ago) by jperkin
Branch: MAIN
Changes since 1.47: +2 -2
lines
Diff to previous 1.47 (colored) to selected 1.54 (colored)
*: Recursive revision bump for openssl 1.1.1.
Revision 1.47 / (download) - annotate - [select for diffs], Mon Nov 4 22:09:54 2019 UTC (4 years, 5 months ago) by rillig
Branch: MAIN
CVS Tags: pkgsrc-2019Q4-base,
pkgsrc-2019Q4
Changes since 1.46: +6 -6
lines
Diff to previous 1.46 (colored) to selected 1.54 (colored)
www: align variable assignments pkglint -Wall -F --only aligned --only indent -r Manually excluded phraseanet since pkglint got the indentation wrong.
Revision 1.46 / (download) - annotate - [select for diffs], Wed Sep 18 14:17:18 2019 UTC (4 years, 7 months ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2019Q3-base,
pkgsrc-2019Q3
Changes since 1.45: +2 -2
lines
Diff to previous 1.45 (colored) to selected 1.54 (colored)
Recursive revbump from audio/pulseaudio
Revision 1.45 / (download) - annotate - [select for diffs], Sun Aug 11 13:24:19 2019 UTC (4 years, 8 months ago) by wiz
Branch: MAIN
Changes since 1.44: +2 -2
lines
Diff to previous 1.44 (colored) to selected 1.54 (colored)
Bump PKGREVISIONs for perl 5.30.0
Revision 1.44 / (download) - annotate - [select for diffs], Sun Jul 21 22:25:54 2019 UTC (4 years, 8 months ago) by wiz
Branch: MAIN
Changes since 1.43: +2 -2
lines
Diff to previous 1.43 (colored) to selected 1.54 (colored)
*: recursive bump for gdk-pixbuf2-2.38.1
Revision 1.43 / (download) - annotate - [select for diffs], Fri Jun 14 08:11:34 2019 UTC (4 years, 10 months ago) by nia
Branch: MAIN
CVS Tags: pkgsrc-2019Q2-base,
pkgsrc-2019Q2
Changes since 1.42: +3 -2
lines
Diff to previous 1.42 (colored) to selected 1.54 (colored)
firefox52: This gets a sun audio too. Like seamonkey, this uses an older API for it, so device detection for microphones (etc) is currently disabled.
Revision 1.42 / (download) - annotate - [select for diffs], Sat Jun 1 19:11:28 2019 UTC (4 years, 10 months ago) by maya
Branch: MAIN
Changes since 1.41: +2 -2
lines
Diff to previous 1.41 (colored) to selected 1.54 (colored)
firefox*: don't use /dev/sound on netbsd. it treats "pause" as a sticky operation and might randomly fail to play audio if another program has paused its audio. PR kern/54229
Revision 1.41 / (download) - annotate - [select for diffs], Sat May 25 20:17:05 2019 UTC (4 years, 10 months ago) by szptvlfn
Branch: MAIN
Changes since 1.40: +2 -2
lines
Diff to previous 1.40 (colored) to selected 1.54 (colored)
update firefox HOMEPAGE (http -> https)
Revision 1.40 / (download) - annotate - [select for diffs], Sun May 5 22:49:52 2019 UTC (4 years, 11 months ago) by ryoon
Branch: MAIN
Changes since 1.39: +2 -2
lines
Diff to previous 1.39 (colored) to selected 1.54 (colored)
Recursive rebvump from devel/nss
Revision 1.39 / (download) - annotate - [select for diffs], Wed Apr 3 00:33:11 2019 UTC (5 years ago) by ryoon
Branch: MAIN
Changes since 1.38: +2 -2
lines
Diff to previous 1.38 (colored) to selected 1.54 (colored)
Recursive revbump from textproc/icu
Revision 1.38 / (download) - annotate - [select for diffs], Tue Jan 29 22:33:58 2019 UTC (5 years, 2 months ago) by tnn
Branch: MAIN
CVS Tags: pkgsrc-2019Q1-base,
pkgsrc-2019Q1
Changes since 1.37: +13 -14
lines
Diff to previous 1.37 (colored) to selected 1.54 (colored)
remove obsolete hacks.mk & reduce diffs between mozilla derivative packages
Revision 1.37 / (download) - annotate - [select for diffs], Sun Dec 9 18:52:49 2018 UTC (5 years, 4 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2018Q4-base,
pkgsrc-2018Q4
Changes since 1.36: +2 -2
lines
Diff to previous 1.36 (colored) to selected 1.54 (colored)
revbump after updating textproc/icu
Revision 1.36 / (download) - annotate - [select for diffs], Fri Nov 23 08:06:33 2018 UTC (5 years, 4 months ago) by ryoon
Branch: MAIN
Changes since 1.35: +2 -2
lines
Diff to previous 1.35 (colored) to selected 1.54 (colored)
Recursive revbump from multimedia/libva
Revision 1.35 / (download) - annotate - [select for diffs], Fri Nov 16 13:02:46 2018 UTC (5 years, 5 months ago) by bsiegert
Branch: MAIN
Changes since 1.34: +2 -2
lines
Diff to previous 1.34 (colored) to selected 1.54 (colored)
Revbump hunspell reverse-depends after update.
Revision 1.34 / (download) - annotate - [select for diffs], Wed Nov 14 22:22:36 2018 UTC (5 years, 5 months ago) by kleink
Branch: MAIN
Changes since 1.33: +2 -2
lines
Diff to previous 1.33 (colored) to selected 1.54 (colored)
Revbump after cairo 1.16.0 update.
Revision 1.33 / (download) - annotate - [select for diffs], Mon Nov 12 03:53:04 2018 UTC (5 years, 5 months ago) by ryoon
Branch: MAIN
Changes since 1.32: +2 -2
lines
Diff to previous 1.32 (colored) to selected 1.54 (colored)
Recursive revbump from hardbuzz-2.1.1
Revision 1.32 / (download) - annotate - [select for diffs], Wed Oct 24 15:42:47 2018 UTC (5 years, 5 months ago) by bsiegert
Branch: MAIN
Changes since 1.31: +2 -2
lines
Diff to previous 1.31 (colored) to selected 1.54 (colored)
Revbump packages that depend on hunspell. The recent hunspell update has changed the name of the library, so these need to be rebuilt. prodded by wiz@ and leot@.
Revision 1.31 / (download) - annotate - [select for diffs], Wed Aug 22 09:47:24 2018 UTC (5 years, 7 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2018Q3-base,
pkgsrc-2018Q3
Changes since 1.30: +2 -2
lines
Diff to previous 1.30 (colored) to selected 1.54 (colored)
Recursive bump for perl5-5.28.0
Revision 1.30 / (download) - annotate - [select for diffs], Wed Aug 8 08:49:58 2018 UTC (5 years, 8 months ago) by martin
Branch: MAIN
Changes since 1.29: +2 -2
lines
Diff to previous 1.29 (colored) to selected 1.54 (colored)
Avoid a crash on big endian machines. Bump revision.
Revision 1.29 / (download) - annotate - [select for diffs], Mon Jul 30 12:23:11 2018 UTC (5 years, 8 months ago) by jmcneill
Branch: MAIN
Changes since 1.28: +2 -2
lines
Diff to previous 1.28 (colored) to selected 1.54 (colored)
Enable JIT for ARM64.
Revision 1.28 / (download) - annotate - [select for diffs], Mon Jul 23 04:56:12 2018 UTC (5 years, 8 months ago) by maya
Branch: MAIN
Changes since 1.27: +2 -2
lines
Diff to previous 1.27 (colored) to selected 1.54 (colored)
firefox52: switch netbsd to oss and linux to pulse. alsa is problematic and pulseaudio is more widely used on linux. oss works fine on netbsd, no need for extra dependencies.
Revision 1.27 / (download) - annotate - [select for diffs], Fri Jul 20 03:34:31 2018 UTC (5 years, 9 months ago) by ryoon
Branch: MAIN
Changes since 1.26: +2 -2
lines
Diff to previous 1.26 (colored) to selected 1.54 (colored)
Recursive revbump from textproc/icu-62.1
Revision 1.26 / (download) - annotate - [select for diffs], Fri Jul 6 15:06:51 2018 UTC (5 years, 9 months ago) by ryoon
Branch: MAIN
Changes since 1.25: +2 -1
lines
Diff to previous 1.25 (colored) to selected 1.54 (colored)
Recursive revbump from audio/pulseaudio
Revision 1.25 / (download) - annotate - [select for diffs], Tue Jun 26 21:49:32 2018 UTC (5 years, 9 months ago) by maya
Branch: MAIN
CVS Tags: pkgsrc-2018Q2-base,
pkgsrc-2018Q2
Changes since 1.24: +3 -3
lines
Diff to previous 1.24 (colored) to selected 1.54 (colored)
firefox52: update to 52.9.0esr. Security fix. CVE-2018-12359: Buffer overflow using computed size of canvas element CVE-2018-12360: Use-after-free when using focus() CVE-2018-12362: Integer overflow in SSSE3 scaler CVE-2018-5156: Media recorder segmentation fault when track type is changed during capture CVE-2018-12363: Use-after-free when appending DOM nodes CVE-2018-12364: CSRF attacks through 307 redirects and NPAPI plugins CVE-2018-12365: Compromised IPC child process can list local filenames CVE-2018-12366: Invalid data handling during QCMS transformations CVE-2018-12368: No warning when opening executable SettingContent-ms files CVE-2018-5188: Memory safety bugs fixed in Firefox 60, Firefox ESR 60.1, and Firefox ESR 52.9
Revision 1.20.2.1 / (download) - annotate - [select for diffs], Sun Jun 17 20:22:18 2018 UTC (5 years, 10 months ago) by spz
Branch: pkgsrc-2018Q1
Changes since 1.20: +3 -3
lines
Diff to previous 1.20 (colored) next main 1.21 (colored) to selected 1.54 (colored)
Pullup ticket #5767 - requested by bsiegert www/firefox52: security update Revisions pulled up: - www/firefox52/Makefile 1.23 - www/firefox52/distinfo 1.14 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: ryoon Date: Fri Jun 1 19:43:40 UTC 2018 Modified Files: pkgsrc/www/firefox52: Makefile distinfo Log Message: Update to 52.8.0 Changelog: Various security fixes Various stability and regression fixes Performance improvements to the Safe Browsing service to avoid slowdowns while updating site classification data Security fixes: #CVE-2018-5183: Backport critical security fixes in Skia #CVE-2018-5154: Use-after-free with SVG animations and clip paths #CVE-2018-5155: Use-after-free with SVG animations and text paths #CVE-2018-5157: Same-origin bypass of PDF Viewer to view protected PDF files #CVE-2018-5158: Malicious PDF can inject JavaScript into PDF Viewer #CVE-2018-5159: Integer overflow and out-of-bounds write in Skia #CVE-2018-5168: Lightweight themes can be installed without user interaction #CVE-2018-5174: Windows Defender SmartScreen UI runs with less secure behavior for downloaded files in Windows 10 April 2018 Update #CVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension #CVE-2018-5150: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 To generate a diff of this commit: cvs rdiff -u -r1.22 -r1.23 pkgsrc/www/firefox52/Makefile cvs rdiff -u -r1.13 -r1.14 pkgsrc/www/firefox52/distinfo
Revision 1.24 / (download) - annotate - [select for diffs], Sun Jun 10 04:15:44 2018 UTC (5 years, 10 months ago) by ryoon
Branch: MAIN
Changes since 1.23: +2 -2
lines
Diff to previous 1.23 (colored) to selected 1.54 (colored)
Update to 52.8.1 Changelog: Security fix: #CVE-2018-6126: Heap buffer overflow rasterizing paths in SVG with Skia
Revision 1.23 / (download) - annotate - [select for diffs], Fri Jun 1 19:43:40 2018 UTC (5 years, 10 months ago) by ryoon
Branch: MAIN
Changes since 1.22: +3 -4
lines
Diff to previous 1.22 (colored) to selected 1.54 (colored)
Update to 52.8.0 Changelog: Various security fixes Various stability and regression fixes Performance improvements to the Safe Browsing service to avoid slowdowns while updating site classification data Security fixes: #CVE-2018-5183: Backport critical security fixes in Skia #CVE-2018-5154: Use-after-free with SVG animations and clip paths #CVE-2018-5155: Use-after-free with SVG animations and text paths #CVE-2018-5157: Same-origin bypass of PDF Viewer to view protected PDF files #CVE-2018-5158: Malicious PDF can inject JavaScript into PDF Viewer #CVE-2018-5159: Integer overflow and out-of-bounds write in Skia #CVE-2018-5168: Lightweight themes can be installed without user interaction #CVE-2018-5174: Windows Defender SmartScreen UI runs with less secure behavior for downloaded files in Windows 10 April 2018 Update #CVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension #CVE-2018-5150: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8
Revision 1.22 / (download) - annotate - [select for diffs], Mon Apr 16 14:35:18 2018 UTC (6 years ago) by wiz
Branch: MAIN
Changes since 1.21: +2 -2
lines
Diff to previous 1.21 (colored) to selected 1.54 (colored)
Recursive bump for new fribidi dependency in pango.
Revision 1.21 / (download) - annotate - [select for diffs], Sat Apr 14 07:34:43 2018 UTC (6 years ago) by adam
Branch: MAIN
Changes since 1.20: +2 -1
lines
Diff to previous 1.20 (colored) to selected 1.54 (colored)
revbump after icu update
Revision 1.20 / (download) - annotate - [select for diffs], Mon Mar 26 23:33:24 2018 UTC (6 years ago) by maya
Branch: MAIN
CVS Tags: pkgsrc-2018Q1-base
Branch point for: pkgsrc-2018Q1
Changes since 1.19: +2 -3
lines
Diff to previous 1.19 (colored) to selected 1.54 (colored)
firefox52: update to 52.7.3 CVE-2018-5148: Use-after-free in compositor A use-after-free vulnerability can occur in the compositor during certain graphics operations when a raw pointer is used instead of a reference counted one. This results in a potentially exploitable crash.
Revision 1.13.2.3 / (download) - annotate - [select for diffs], Wed Mar 21 21:56:28 2018 UTC (6 years, 1 month ago) by spz
Branch: pkgsrc-2017Q4
Changes since 1.13.2.2: +2 -1
lines
Diff to previous 1.13.2.2 (colored) to branchpoint 1.13 (colored) next main 1.14 (colored) to selected 1.54 (colored)
Pullup ticket #5727 - requested by maya www/firefox52-l10n: security update www/firefox52: security update Revisions pulled up: - www/firefox52-l10n/Makefile 1.9 - www/firefox52-l10n/PLIST 1.3 - www/firefox52-l10n/distinfo 1.9 - www/firefox52/Makefile 1.19 - www/firefox52/distinfo 1.12 - www/firefox52/patches/patch-CVE-2018-5147 1.1 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: maya Date: Sat Mar 17 00:23:15 UTC 2018 Modified Files: pkgsrc/www/firefox52: Makefile distinfo Added Files: pkgsrc/www/firefox52/patches: patch-CVE-2018-5147 Log Message: firefox52: provide a patch for tremor as well (ARM-specific) upstream commit: https://hg.mozilla.org/releases/mozilla-esr52/rev/5cd5586a2f48 PKGREVISION++ To generate a diff of this commit: cvs rdiff -u -r1.18 -r1.19 pkgsrc/www/firefox52/Makefile cvs rdiff -u -r1.11 -r1.12 pkgsrc/www/firefox52/distinfo cvs rdiff -u -r0 -r1.1 pkgsrc/www/firefox52/patches/patch-CVE-2018-5147 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: ryoon Date: Sat Mar 17 01:01:49 UTC 2018 Modified Files: pkgsrc/www/firefox52-l10n: Makefile PLIST distinfo Log Message: Update to 57.0.2 * Sync with www/firefo52-52.7.2 To generate a diff of this commit: cvs rdiff -u -r1.8 -r1.9 pkgsrc/www/firefox52-l10n/Makefile \ pkgsrc/www/firefox52-l10n/distinfo cvs rdiff -u -r1.2 -r1.3 pkgsrc/www/firefox52-l10n/PLIST
Revision 1.13.2.2 / (download) - annotate - [select for diffs], Sat Mar 17 23:33:53 2018 UTC (6 years, 1 month ago) by spz
Branch: pkgsrc-2017Q4
Changes since 1.13.2.1: +2 -2
lines
Diff to previous 1.13.2.1 (colored) to branchpoint 1.13 (colored) to selected 1.54 (colored)
Pullup ticket #5725 - requested by maya www/firefox52: security update Revisions pulled up: - www/firefox52/Makefile 1.18 - www/firefox52/PLIST 1.5 - www/firefox52/distinfo 1.11 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: maya Date: Fri Mar 16 22:53:19 UTC 2018 Modified Files: pkgsrc/www/firefox52: Makefile PLIST distinfo Log Message: firefox52: update to 52.7.2esr Fixes multiple memory safety bugs remote code execution via vendored libvorbis/tremor. https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/ To generate a diff of this commit: cvs rdiff -u -r1.17 -r1.18 pkgsrc/www/firefox52/Makefile cvs rdiff -u -r1.4 -r1.5 pkgsrc/www/firefox52/PLIST cvs rdiff -u -r1.10 -r1.11 pkgsrc/www/firefox52/distinfo
Revision 1.19 / (download) - annotate - [select for diffs], Sat Mar 17 00:23:15 2018 UTC (6 years, 1 month ago) by maya
Branch: MAIN
Changes since 1.18: +2 -1
lines
Diff to previous 1.18 (colored) to selected 1.54 (colored)
firefox52: provide a patch for tremor as well (ARM-specific) upstream commit: https://hg.mozilla.org/releases/mozilla-esr52/rev/5cd5586a2f48 PKGREVISION++
Revision 1.18 / (download) - annotate - [select for diffs], Fri Mar 16 22:53:19 2018 UTC (6 years, 1 month ago) by maya
Branch: MAIN
Changes since 1.17: +3 -4
lines
Diff to previous 1.17 (colored) to selected 1.54 (colored)
firefox52: update to 52.7.2esr Fixes multiple memory safety bugs remote code execution via vendored libvorbis/tremor. https://www.mozilla.org/en-US/security/advisories/mfsa2018-08/
Revision 1.17 / (download) - annotate - [select for diffs], Mon Mar 12 11:17:46 2018 UTC (6 years, 1 month ago) by wiz
Branch: MAIN
Changes since 1.16: +2 -2
lines
Diff to previous 1.16 (colored) to selected 1.54 (colored)
Recursive bumps for fontconfig and libzip dependency changes.
Revision 1.16 / (download) - annotate - [select for diffs], Mon Feb 26 08:19:32 2018 UTC (6 years, 1 month ago) by adam
Branch: MAIN
Changes since 1.15: +2 -2
lines
Diff to previous 1.15 (colored) to selected 1.54 (colored)
revbump after x264-devel update
Revision 1.15 / (download) - annotate - [select for diffs], Sun Jan 28 20:11:07 2018 UTC (6 years, 2 months ago) by wiz
Branch: MAIN
Changes since 1.14: +2 -1
lines
Diff to previous 1.14 (colored) to selected 1.54 (colored)
Bump PKGREVISION for gdbm shlib major bump
Revision 1.13.2.1 / (download) - annotate - [select for diffs], Sun Jan 28 12:36:21 2018 UTC (6 years, 2 months ago) by bsiegert
Branch: pkgsrc-2017Q4
Changes since 1.13: +2 -3
lines
Diff to previous 1.13 (colored) to selected 1.54 (colored)
Pullup ticket #5692 - requested by he www/firefox52: security fix www/firefox52-l10n: dependent update Revisions pulled up: - www/firefox52-l10n/Makefile 1.8 - www/firefox52-l10n/PLIST 1.2 - www/firefox52-l10n/distinfo 1.8 - www/firefox52/Makefile 1.14 - www/firefox52/PLIST 1.4 - www/firefox52/distinfo 1.10 --- Module Name: pkgsrc Committed By: ryoon Date: Wed Jan 24 16:31:23 UTC 2018 Modified Files: pkgsrc/www/firefox52: Makefile PLIST distinfo Log Message: Update to 52.6.0 Changelog: CVE-2018-5091: Use-after-free with DTMF timers CVE-2018-5095: Integer overflow in Skia library during edge builder allocation CVE-2018-5096: Use-after-free while editing form elements CVE-2018-5097: Use-after-free when source document is manipulated during XSLT CVE-2018-5098: Use-after-free while manipulating form input elements CVE-2018-5099: Use-after-free with widget listener CVE-2018-5102: Use-after-free in HTML media elements CVE-2018-5103: Use-after-free during mouse event handling CVE-2018-5104: Use-after-free during font face manipulation CVE-2018-5117: URL spoofing with right-to-left text aligned left-to-right CVE-2018-5089: Memory safety bugs fixed in Firefox 58 and Firefox ESR 52.6 Fix for Speculative execution side-channel attack ("Spectre") --- Module Name: pkgsrc Committed By: ryoon Date: Wed Jan 24 16:35:28 UTC 2018 Modified Files: pkgsrc/www/firefox52-l10n: Makefile PLIST distinfo Log Message: Update to 52.6.0 * Sync with www/firefox52-52.6.0
Revision 1.14 / (download) - annotate - [select for diffs], Wed Jan 24 16:31:23 2018 UTC (6 years, 2 months ago) by ryoon
Branch: MAIN
Changes since 1.13: +2 -3
lines
Diff to previous 1.13 (colored) to selected 1.54 (colored)
Update to 52.6.0 Changelog: CVE-2018-5091: Use-after-free with DTMF timers CVE-2018-5095: Integer overflow in Skia library during edge builder allocation CVE-2018-5096: Use-after-free while editing form elements CVE-2018-5097: Use-after-free when source document is manipulated during XSLT CVE-2018-5098: Use-after-free while manipulating form input elements CVE-2018-5099: Use-after-free with widget listener CVE-2018-5102: Use-after-free in HTML media elements CVE-2018-5103: Use-after-free during mouse event handling CVE-2018-5104: Use-after-free during font face manipulation CVE-2018-5117: URL spoofing with right-to-left text aligned left-to-right CVE-2018-5089: Memory safety bugs fixed in Firefox 58 and Firefox ESR 52.6 Fix for Speculative execution side-channel attack ("Spectre")
Revision 1.8.4.2 / (download) - annotate - [select for diffs], Sun Dec 3 11:41:34 2017 UTC (6 years, 4 months ago) by bsiegert
Branch: pkgsrc-2017Q3
Changes since 1.8.4.1: +3 -3
lines
Diff to previous 1.8.4.1 (colored) to branchpoint 1.8 (colored) next main 1.9 (colored) to selected 1.54 (colored)
Pullup ticket #5655 - requested by khorben www/firefox52: security fix www/firefox52-l10n: update Revisions pulled up: - www/firefox52-l10n/Makefile 1.7 - www/firefox52-l10n/distinfo 1.7 - www/firefox52/Makefile 1.11 - www/firefox52/distinfo 1.9 --- Module Name: pkgsrc Committed By: ryoon Date: Fri Nov 17 00:19:01 UTC 2017 Modified Files: pkgsrc/www/firefox52: Makefile distinfo Log Message: Update to 52.5.0 Changelog: Security fixes: #CVE-2017-7828: Use-after-free of PressShell while restyling layout Reporter Nils Impact critical Description A use-after-free vulnerability can occur when flushing and resizing layout because the PressShell object has been freed while still in use. This results in a potentially exploitable crash during these operations. References Bug 1406750 Bug 1412252 #CVE-2017-7830: Cross-origin URL information leak through Resource Timing API Reporter Jun Kokatsu Impact high Description The Resource Timing API incorrectly revealed navigations in cross-origin iframes. This is a same-origin policy violation and could allow for data theft of URLs loaded by users. References Memory safety bugs fixed in Firefox 57 #CVE-2017-7826: Memory safety bugs fixed in Firefox 57 and Firefox ESR 52.5 Reporter Mozilla developers and community Impact critical Description Mozilla developers and community members Christian Holler, David Keeler, Jon Coppeard, Julien Cristau, Jan de Mooij, Jason Kratzer, Philipp, Nicholas Nethercote, Oriol Brufau, André Bargull, Bob Clary, Jet Villegas, Randell Jesup, Tyson Smith, Gary Kwong, and Ryan VanderMeulen reported memory safety bugs present in Firefox 56 and Firefox ESR 52.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. References Memory safety bugs fixed in Firefox 57 and Firefox ESR 52.5 --- Module Name: pkgsrc Committed By: ryoon Date: Fri Nov 17 00:53:53 UTC 2017 Modified Files: pkgsrc/www/firefox52-l10n: Makefile distinfo Log Message: Update to 52.5.0 * Sync with www/firefox52-52.5.0
Revision 1.13 / (download) - annotate - [select for diffs], Thu Nov 30 16:45:40 2017 UTC (6 years, 4 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2017Q4-base
Branch point for: pkgsrc-2017Q4
Changes since 1.12: +2 -2
lines
Diff to previous 1.12 (colored) to selected 1.54 (colored)
Revbump after textproc/icu update
Revision 1.8.4.1 / (download) - annotate - [select for diffs], Sat Nov 25 09:41:44 2017 UTC (6 years, 4 months ago) by bsiegert
Branch: pkgsrc-2017Q3
Changes since 1.8: +3 -4
lines
Diff to previous 1.8 (colored) to selected 1.54 (colored)
Pullup ticket #5652 - requested by khorben www/firefox52: security fix www/firefox52-l10n: security fix Revisions pulled up: - www/firefox52-l10n/Makefile 1.5-1.6 - www/firefox52-l10n/distinfo 1.5-1.6 - www/firefox52/Makefile 1.9-1.10 - www/firefox52/distinfo 1.7-1.8 - www/firefox52/patches/patch-extensions_spellcheck_hunspell_glue_mozHunspell.cpp deleted --- Module Name: pkgsrc Committed By: ryoon Date: Sat Sep 30 11:19:10 UTC 2017 Modified Files: pkgsrc/www/firefox52: Makefile distinfo Removed Files: pkgsrc/www/firefox52/patches: patch-extensions_spellcheck_hunspell_glue_mozHunspell.cpp Log Message: Update to 52.4.0 * Remove an unnecessary patch Changelog: Fixed Various security fixes Various stability and regression fixes Security fixes: #CVE-2017-7793: Use-after-free with Fetch API Reporter Abhishek Arya Impact high Description A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. References Bug 1371889 #CVE-2017-7818: Use-after-free during ARIA array manipulation Reporter Nils Impact high Description A use-after-free vulnerability can occur when manipulating arrays of Accessible Rich Internet Applications (ARIA) elements within containers through the DOM. This results in a potentially exploitable crash. References Bug 1363723 #CVE-2017-7819: Use-after-free while resizing images in design mode Reporter Nils Impact high Description A use-after-free vulnerability can occur in design mode when image objects are resized if objects referenced during the resizing have been freed from memory. This results in a potentially exploitable crash. References Bug 1380292 #CVE-2017-7824: Buffer overflow when drawing and validating elements with ANGLE Reporter Omair, Andre Weissflog Impact high Description A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. References Bug 1398381 #CVE-2017-7805: Use-after-free in TLS 1.2 generating handshake hashes Reporter Martin Thomson Impact high Description During TLS 1.2 exchanges, handshake hashes are generated which point to a message buffer. This saved data is used for later messages but in some cases, the handshake transcript can exceed the space available in the current buffer, causing the allocation of a new buffer. This leaves a pointer pointing to the old, freed buffer, resulting in a use-after-free when handshake hashes are then calculated afterwards. This can result in a potentially exploitable crash. References Bug 1377618 #CVE-2017-7814: Blob and data URLs bypass phishing and malware protection warnings Reporter Francois Marier Impact moderate Description File downloads encoded with blob: and data: URL elements bypassed normal file download checks though the Phishing and Malware Protection feature and its block lists of suspicious sites and files. This would allow malicious sites to lure users into downloading executables that would otherwise be detected as suspicious. References Bug 1376036 #CVE-2017-7825: OS X fonts render some Tibetan and Arabic unicode characters as spaces Reporter Khalil Zhani Impact moderate Description Several fonts on OS X display some Tibetan and Arabic characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating systems are unaffected. References Bug 1393624 Bug 1390980 #CVE-2017-7823: CSP sandbox directive did not create a unique origin Reporter Jun Kokatsu Impact moderate Description The content security policy (CSP) sandbox directive did not create a unique origin for the document, causing it to behave as if the allow-same-origin keyword were always specified. This could allow a Cross-Site Scripting (XSS) attack to be launched from unsafe content. References Bug 1396320 #CVE-2017-7810: Memory safety bugs fixed in Firefox 56 and Firefox ESR 52.4 Reporter Mozilla developers and community Impact critical Description Mozilla developers and community members Christoph Diehl, Jan de Mooij, Jason Kratzer, Randell Jesup, Tom Ritter, Tyson Smith, and Sebastian Hengst reported memory safety bugs present in Firefox 55 and Firefox ESR 52.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. References Memory safety bugs fixed in Firefox 56 and Firefox ESR 52.4 --- Module Name: pkgsrc Committed By: ryoon Date: Sat Sep 30 11:21:00 UTC 2017 Modified Files: pkgsrc/www/firefox52-l10n: Makefile distinfo Log Message: Update to 52.4.0 * Sync with firefox52-52.4.0 --- Module Name: pkgsrc Committed By: ryoon Date: Thu Nov 9 19:17:19 UTC 2017 Modified Files: pkgsrc/www/firefox52: Makefile distinfo Log Message: Update to 52.4.1 Changelog: Fixed Fixed a crash when playing videos on macOS 10.13 Fixed a crash when using the color picker on macOS 10.13 --- Module Name: pkgsrc Committed By: ryoon Date: Thu Nov 9 19:24:37 UTC 2017 Modified Files: pkgsrc/www/firefox52-l10n: Makefile distinfo Log Message: Update to 52.4.1 * Sync with www/firefox52-52.4.1
Revision 1.12 / (download) - annotate - [select for diffs], Thu Nov 23 17:20:16 2017 UTC (6 years, 4 months ago) by wiz
Branch: MAIN
Changes since 1.11: +2 -1
lines
Diff to previous 1.11 (colored) to selected 1.54 (colored)
recursive bump for libxkbcommon removal from at-spi2-core
Revision 1.11 / (download) - annotate - [select for diffs], Fri Nov 17 00:19:01 2017 UTC (6 years, 5 months ago) by ryoon
Branch: MAIN
Changes since 1.10: +3 -3
lines
Diff to previous 1.10 (colored) to selected 1.54 (colored)
Update to 52.5.0 Changelog: Security fixes: #CVE-2017-7828: Use-after-free of PressShell while restyling layout Reporter Nils Impact critical Description A use-after-free vulnerability can occur when flushing and resizing layout because the PressShell object has been freed while still in use. This results in a potentially exploitable crash during these operations. References Bug 1406750 Bug 1412252 #CVE-2017-7830: Cross-origin URL information leak through Resource Timing API Reporter Jun Kokatsu Impact high Description The Resource Timing API incorrectly revealed navigations in cross-origin iframes. This is a same-origin policy violation and could allow for data theft of URLs loaded by users. References Memory safety bugs fixed in Firefox 57 #CVE-2017-7826: Memory safety bugs fixed in Firefox 57 and Firefox ESR 52.5 Reporter Mozilla developers and community Impact critical Description Mozilla developers and community members Christian Holler, David Keeler, Jon Coppeard, Julien Cristau, Jan de Mooij, Jason Kratzer, Philipp, Nicholas Nethercote, Oriol Brufau, André Bargull, Bob Clary, Jet Villegas, Randell Jesup, Tyson Smith, Gary Kwong, and Ryan VanderMeulen reported memory safety bugs present in Firefox 56 and Firefox ESR 52.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. References Memory safety bugs fixed in Firefox 57 and Firefox ESR 52.5
Revision 1.10 / (download) - annotate - [select for diffs], Thu Nov 9 19:17:19 2017 UTC (6 years, 5 months ago) by ryoon
Branch: MAIN
Changes since 1.9: +2 -2
lines
Diff to previous 1.9 (colored) to selected 1.54 (colored)
Update to 52.4.1 Changelog: Fixed Fixed a crash when playing videos on macOS 10.13 Fixed a crash when using the color picker on macOS 10.13
Revision 1.9 / (download) - annotate - [select for diffs], Sat Sep 30 11:19:09 2017 UTC (6 years, 6 months ago) by ryoon
Branch: MAIN
Changes since 1.8: +2 -3
lines
Diff to previous 1.8 (colored) to selected 1.54 (colored)
Update to 52.4.0 * Remove an unnecessary patch Changelog: Fixed Various security fixes Various stability and regression fixes Security fixes: #CVE-2017-7793: Use-after-free with Fetch API Reporter Abhishek Arya Impact high Description A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. References Bug 1371889 #CVE-2017-7818: Use-after-free during ARIA array manipulation Reporter Nils Impact high Description A use-after-free vulnerability can occur when manipulating arrays of Accessible Rich Internet Applications (ARIA) elements within containers through the DOM. This results in a potentially exploitable crash. References Bug 1363723 #CVE-2017-7819: Use-after-free while resizing images in design mode Reporter Nils Impact high Description A use-after-free vulnerability can occur in design mode when image objects are resized if objects referenced during the resizing have been freed from memory. This results in a potentially exploitable crash. References Bug 1380292 #CVE-2017-7824: Buffer overflow when drawing and validating elements with ANGLE Reporter Omair, Andre Weissflog Impact high Description A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. References Bug 1398381 #CVE-2017-7805: Use-after-free in TLS 1.2 generating handshake hashes Reporter Martin Thomson Impact high Description During TLS 1.2 exchanges, handshake hashes are generated which point to a message buffer. This saved data is used for later messages but in some cases, the handshake transcript can exceed the space available in the current buffer, causing the allocation of a new buffer. This leaves a pointer pointing to the old, freed buffer, resulting in a use-after-free when handshake hashes are then calculated afterwards. This can result in a potentially exploitable crash. References Bug 1377618 #CVE-2017-7814: Blob and data URLs bypass phishing and malware protection warnings Reporter François Marier Impact moderate Description File downloads encoded with blob: and data: URL elements bypassed normal file download checks though the Phishing and Malware Protection feature and its block lists of suspicious sites and files. This would allow malicious sites to lure users into downloading executables that would otherwise be detected as suspicious. References Bug 1376036 #CVE-2017-7825: OS X fonts render some Tibetan and Arabic unicode characters as spaces Reporter Khalil Zhani Impact moderate Description Several fonts on OS X display some Tibetan and Arabic characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating systems are unaffected. References Bug 1393624 Bug 1390980 #CVE-2017-7823: CSP sandbox directive did not create a unique origin Reporter Jun Kokatsu Impact moderate Description The content security policy (CSP) sandbox directive did not create a unique origin for the document, causing it to behave as if the allow-same-origin keyword were always specified. This could allow a Cross-Site Scripting (XSS) attack to be launched from unsafe content. References Bug 1396320 #CVE-2017-7810: Memory safety bugs fixed in Firefox 56 and Firefox ESR 52.4 Reporter Mozilla developers and community Impact critical Description Mozilla developers and community members Christoph Diehl, Jan de Mooij, Jason Kratzer, Randell Jesup, Tom Ritter, Tyson Smith, and Sebastian Hengst reported memory safety bugs present in Firefox 55 and Firefox ESR 52.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. References Memory safety bugs fixed in Firefox 56 and Firefox ESR 52.4
Revision 1.8 / (download) - annotate - [select for diffs], Mon Sep 18 09:53:37 2017 UTC (6 years, 7 months ago) by maya
Branch: MAIN
CVS Tags: pkgsrc-2017Q3-base
Branch point for: pkgsrc-2017Q3
Changes since 1.7: +2 -2
lines
Diff to previous 1.7 (colored) to selected 1.54 (colored)
revbump for requiring ICU 59.x
Revision 1.7 / (download) - annotate - [select for diffs], Fri Sep 8 02:38:44 2017 UTC (6 years, 7 months ago) by ryoon
Branch: MAIN
Changes since 1.6: +2 -1
lines
Diff to previous 1.6 (colored) to selected 1.54 (colored)
Recursive revbump from audio/pulseaudio-11.0
Revision 1.6 / (download) - annotate - [select for diffs], Sat Aug 19 04:13:51 2017 UTC (6 years, 8 months ago) by ryoon
Branch: MAIN
Changes since 1.5: +3 -4
lines
Diff to previous 1.5 (colored) to selected 1.54 (colored)
Update to 52.3.0 Changelog: #CVE-2017-7798: XUL injection in the style editor in devtools Reporter Frederik Braun Impact critical Description The Developer Tools feature suffers from a XUL injection vulnerability due to improper sanitization of the web page source code. In the worst case, this could allow arbitrary code execution when opening a malicious page with the style editor tool. References Bug 1371586, 1372112 #CVE-2017-7800: Use-after-free in WebSockets during disconnection Reporter Looben Yang Impact critical Description A use-after-free vulnerability can occur in WebSockets when the object holding the connection is freed before the disconnection operation is finished. This results in an exploitable crash. References Bug 1374047 #CVE-2017-7801: Use-after-free with marquee during window resizing Reporter Nils Impact critical Description A use-after-free vulnerability can occur while re-computing layout for a marquee element during window resizing where the updated style object is freed while still in use. This results in a potentially exploitable crash. References Bug 1371259 #CVE-2017-7809: Use-after-free while deleting attached editor DOM node Reporter Nils Impact high Description A use-after-free vulnerability can occur when an editor DOM node is deleted prematurely during tree traversal while still bound to the document. This results in a potentially exploitable crash. References Bug 1380284 #CVE-2017-7784: Use-after-free with image observers Reporter Nils Impact high Description A use-after-free vulnerability can occur when reading an image observer during frame reconstruction after the observer has been freed. This results in a potentially exploitable crash. References Bug 1376087 #CVE-2017-7802: Use-after-free resizing image elements Reporter Nils Impact high Description A use-after-free vulnerability can occur when manipulating the DOM during the resize event of an image element. If these elements have been freed due to a lack of strong references, a potentially exploitable crash may occur when the freed elements are accessed. References Bug 1378147 #CVE-2017-7785: Buffer overflow manipulating ARIA attributes in DOM Reporter Nils Impact high Description A buffer overflow can occur when manipulating Accessible Rich Internet Applications (ARIA) attributes within the DOM. This results in a potentially exploitable crash. References Bug 1356985 #CVE-2017-7786: Buffer overflow while painting non-displayable SVG Reporter Nils Impact high Description A buffer overflow can occur when the image renderer attempts to paint non-displayable SVG elements. This results in a potentially exploitable crash. References Bug 1365189 #CVE-2017-7753: Out-of-bounds read with cached style data and pseudo-elements Reporter SkyLined Impact high Description An out-of-bounds read occurs when applying style rules to pseudo-elements, such as ::first-line, using cached style data. References Bug 1353312 #CVE-2017-7787: Same-origin policy bypass with iframes through page reloads Reporter Oliver Wagner Impact high Description Same-origin policy protections can be bypassed on pages with embedded iframes during page reloads, allowing the iframes to access content on the top level page, leading to information disclosure. References Bug 1322896 #CVE-2017-7807: Domain hijacking through AppCache fallback Reporter Mathias Karlsson Impact high Description A mechanism that uses AppCache to hijack a URL in a domain using fallback by serving the files from a sub-path on the domain. This has been addressed by requiring fallback files be inside the manifest directory. References Bug 1376459 #CVE-2017-7792: Buffer overflow viewing certificates with an extremely long OID Reporter Fraser Tweedale Impact high Description A buffer overflow will occur when viewing a certificate in the certificate manager if the certificate has an extremely long object identifier (OID). This results in a potentially exploitable crash. References Bug 1368652 #CVE-2017-7804: Memory protection bypass through WindowsDllDetourPatcher Reporter Stephen Fewer Impact high Description The destructor function for the WindowsDllDetourPatcher class can be re-purposed by malicious code in concert with another vulnerability to write arbitrary data to an attacker controlled location in memory. This can be used to bypass existing memory protections in this situation. Note: This attack only affects Windows operating systems. Other operating systems are not affected. References Bug 1372849 #CVE-2017-7791: Spoofing following page navigation with data: protocol and modal alerts Reporter Jose María Acuña Impact moderate Description On pages containing an iframe, the data: protocol can be used to create a modal alert that will render over arbitrary domains following page navigation, spoofing of the origin of the modal alert from the iframe content. References Bug 1365875 #CVE-2017-7782: WindowsDllDetourPatcher allocates memory without DEP protections Reporter Arthur Edelstein Impact moderate Description An error in the WindowsDllDetourPatcher where a RWX ("Read/Write/Execute") 4k block is allocated but never protected, violating DEP his attack only affects Windows operating systems. Other operating systems are not affected. References Bug 1344034 #CVE-2017-7803: CSP containing 'sandbox' improperly applied Reporter Rhys Enniks Impact moderate Description When a pageer directives are ignored. This results in the incorrect enforcement of CSP. References Bug 1377426 #CVE-2017-7779: Memory safety bugs fixed in Firefox 55 and Firefox ESR 52.3 Reporter Mozilla developers and community Impact critical Descrlla developers and community members Masayuki Nakano, Gary Kwong, Ronald Crane, Andrew McCreight, Tyson Smith, Bevis Tseng, Christian Holler, Bryce Van Dyk, Dragana Damjanovic, Kartikaya Gupta, Philipp, Tristan Bourvon, and Andi-Bogdan Postelnicu reported presume that with enough effort that some of these could be exploited to run arbitrary code. References Memory safety bugs fixed in Firefox 55 and Firefox ESR 52.3
Revision 1.5 / (download) - annotate - [select for diffs], Sun Jul 16 10:48:17 2017 UTC (6 years, 9 months ago) by jmcneill
Branch: MAIN
Changes since 1.4: +2 -2
lines
Diff to previous 1.4 (colored) to selected 1.54 (colored)
Adopt ARM patches from devel/protobuf; makes firefox work on NetBSD/evbarm
Revision 1.4 / (download) - annotate - [select for diffs], Sun Jul 9 09:04:00 2017 UTC (6 years, 9 months ago) by maya
Branch: MAIN
Changes since 1.3: +2 -1
lines
Diff to previous 1.3 (colored) to selected 1.54 (colored)
firefox{,45,52}: bump pkgrevision with no change. these packages pull in GCC_REQD+=4.9 via mozilla-common.mk, and are very widely used (I suspect only www/firefox actually needs it) this will take care of most of the fallout from major bumping pkgsrc-gcc-libstdc++ to 7 on netbsd. these are the most widely used packages setting GCC_REQD>4.8.
Revision 1.3 / (download) - annotate - [select for diffs], Mon Jul 3 16:26:59 2017 UTC (6 years, 9 months ago) by ryoon
Branch: MAIN
Changes since 1.2: +2 -2
lines
Diff to previous 1.2 (colored) to selected 1.54 (colored)
Update to 52.2.1 Changelog: 52.2.1 Printing text does not work on Windows when Direct2D is disabled (Bug 1318845) 52.2.0 #CVE-2017-5472: Use-after-free using destroyed node when regenerating trees #CVE-2017-7749: Use-after-free during docshell reloading #CVE-2017-7750: Use-after-free with track elements #CVE-2017-7751: Use-after-free with content viewer listeners #CVE-2017-7752: Use-after-free with IME input #CVE-2017-7754: Out-of-bounds read in WebGL with ImageInfo object #CVE-2017-7755: Privilege escalation through Firefox Installer with same directory DLL files #CVE-2017-7756: Use-after-free and use-after-scope logging XHR header errors #CVE-2017-7757: Use-after-free in IndexedDB #CVE-2017-7778: Vulnerabilities in the Graphite 2 library #CVE-2017-7758: Out-of-bounds read in Opus encoder #CVE-2017-7760: File manipulation and privilege escalation via callback parameter in Mozilla Windows Updater and Maintenance Service #CVE-2017-7761: File deletion and privilege escalation through Mozilla Maintenance Service helper.exe application #CVE-2017-7763: Mac fonts render some unicode characters as spaces #CVE-2017-7764: Domain spoofing with combination of Canadian Syllabics and other unicode blocks #CVE-2017-7765: Mark of the Web bypass when saving executable files #CVE-2017-7766: File execution and privilege escalation through updater.ini, Mozilla Windows Updater, and Mozilla Maintenance Service #CVE-2017-7767: Privilege escalation and arbitrary file overwrites through Mozilla Windows Updater and Mozilla Maintenance Service #CVE-2017-7768: 32 byte arbitrary file read through Mozilla Maintenance Service #CVE-2017-5470: Memory safety bugs fixed in Firefox 54 and Firefox ESR 52.252.2.0 52.1.2 FIx hangs when using a proxy with NTLM authentication (bug 1360574)
Revision 1.2 / (download) - annotate - [select for diffs], Mon May 8 15:37:55 2017 UTC (6 years, 11 months ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2017Q2-base,
pkgsrc-2017Q2
Changes since 1.1: +2 -2
lines
Diff to previous 1.1 (colored) to selected 1.54 (colored)
Update to 52.1.1 Changelog: Fixed Various security fixes Security fixes: #CVE-2017-5031: Use after free in ANGLE
Revision 1.1 / (download) - annotate - [select for diffs], Thu Apr 27 01:55:57 2017 UTC (6 years, 11 months ago) by ryoon
Branch: MAIN
Diff to selected 1.54 (colored)
Import firefox52-52.1.0 as www/firefox52. Mozilla Firefox is a free, open-source and cross-platform web browser for Windows, Linux, MacOS X and many other operating systems. It is fast and easy to use, and offers many advantages over other web browsers, such as tabbed browsing and the ability to block pop-up windows. Firefox also offers excellent bookmark and history management, and it can be extended by developers using industry standards such as XML, CSS, JavaScript, C++, etc. Many extensions are available.