The NetBSD Project

CVS log for pkgsrc/www/firefox68/Attic/Makefile

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / www / firefox68

Request diff between arbitrary revisions


Keyword substitution: kv
Default branch: MAIN


Revision 1.52
Thu Aug 4 15:15:38 2022 UTC (2 years, 3 months ago) by nia
Branches: MAIN
CVS tags: HEAD
FILE REMOVED
Changes since revision 1.51: +1 -1 lines
Remove firefox68. This was kept due to being the last LTS release of
Firefox that functioned on NetBSD 8, but it's now so far gone, many
dependencies of this aren't compiling with the old toolchain and
userspace... Users of platforms like NetBSD 8 might have an easier
time using arcticfox instead.

Revision 1.51: download - view: text, markup, annotated - select for diffs
Sat Jul 2 16:53:38 2022 UTC (2 years, 5 months ago) by ryoon
Branches: MAIN
Diff to: previous 1.50: preferred, colored
Changes since revision 1.50: +2 -2 lines
*: Recursive revbump from audio/pulseaudio

Revision 1.50: download - view: text, markup, annotated - select for diffs
Tue Jun 28 11:37:04 2022 UTC (2 years, 5 months ago) by wiz
Branches: MAIN
Diff to: previous 1.49: preferred, colored
Changes since revision 1.49: +2 -2 lines
*: recursive bump for perl 5.36

Revision 1.49: download - view: text, markup, annotated - select for diffs
Mon Apr 18 19:12:17 2022 UTC (2 years, 7 months ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2022Q2-base, pkgsrc-2022Q2
Diff to: previous 1.48: preferred, colored
Changes since revision 1.48: +2 -2 lines
revbump for textproc/icu update

Revision 1.48: download - view: text, markup, annotated - select for diffs
Mon Mar 28 10:59:31 2022 UTC (2 years, 8 months ago) by tnn
Branches: MAIN
CVS tags: pkgsrc-2022Q1-base, pkgsrc-2022Q1
Diff to: previous 1.47: preferred, colored
Changes since revision 1.47: +2 -2 lines
{s,t,w}*/*: revbump(1) for libsndfile

Revision 1.47: download - view: text, markup, annotated - select for diffs
Wed Dec 8 16:06:56 2021 UTC (2 years, 11 months ago) by adam
Branches: MAIN
CVS tags: pkgsrc-2021Q4-base, pkgsrc-2021Q4
Diff to: previous 1.46: preferred, colored
Changes since revision 1.46: +2 -2 lines
revbump for icu and libffi

Revision 1.46: download - view: text, markup, annotated - select for diffs
Sat Oct 9 15:35:12 2021 UTC (3 years, 1 month ago) by nia
Branches: MAIN
Diff to: previous 1.45: preferred, colored
Changes since revision 1.45: +2 -2 lines
Recursive revbump for multimedia/libaom

Revision 1.45: download - view: text, markup, annotated - select for diffs
Fri Jul 30 12:27:10 2021 UTC (3 years, 4 months ago) by ryoon
Branches: MAIN
CVS tags: pkgsrc-2021Q3-base, pkgsrc-2021Q3
Diff to: previous 1.44: preferred, colored
Changes since revision 1.44: +2 -2 lines
*: Recursive revbump from audio/pulseaudio-15.0

Revision 1.44: download - view: text, markup, annotated - select for diffs
Fri Jun 18 18:41:27 2021 UTC (3 years, 5 months ago) by nia
Branches: MAIN
CVS tags: pkgsrc-2021Q2-base, pkgsrc-2021Q2
Diff to: previous 1.43: preferred, colored
Changes since revision 1.43: +3 -3 lines
firefox68: explicitly use autoconf-2.13

Revision 1.43: download - view: text, markup, annotated - select for diffs
Mon May 24 19:55:14 2021 UTC (3 years, 6 months ago) by wiz
Branches: MAIN
Diff to: previous 1.42: preferred, colored
Changes since revision 1.42: +2 -2 lines
*: recursive bump for perl 5.34

Revision 1.42: download - view: text, markup, annotated - select for diffs
Wed Apr 21 11:42:53 2021 UTC (3 years, 7 months ago) by adam
Branches: MAIN
Diff to: previous 1.41: preferred, colored
Changes since revision 1.41: +2 -2 lines
revbump for textproc/icu

Revision 1.41: download - view: text, markup, annotated - select for diffs
Thu Apr 15 11:23:13 2021 UTC (3 years, 7 months ago) by ryoon
Branches: MAIN
Diff to: previous 1.40: preferred, colored
Changes since revision 1.40: +2 -2 lines
*: Recursive revbump from devel/nss

Revision 1.40: download - view: text, markup, annotated - select for diffs
Fri Apr 9 06:55:05 2021 UTC (3 years, 7 months ago) by wiz
Branches: MAIN
Diff to: previous 1.39: preferred, colored
Changes since revision 1.39: +2 -2 lines
*: bump PKGREVISION for nss linking fix

Revision 1.39: download - view: text, markup, annotated - select for diffs
Sun Feb 7 06:30:40 2021 UTC (3 years, 9 months ago) by ryoon
Branches: MAIN
CVS tags: pkgsrc-2021Q1-base, pkgsrc-2021Q1
Diff to: previous 1.38: preferred, colored
Changes since revision 1.38: +2 -2 lines
*: Recursive revbump from audio/pulseaudio-14.2.nb1

Revision 1.38: download - view: text, markup, annotated - select for diffs
Fri Jan 1 09:52:42 2021 UTC (3 years, 11 months ago) by ryoon
Branches: MAIN
Diff to: previous 1.37: preferred, colored
Changes since revision 1.37: +2 -2 lines
*: Recursive revbump from audio/pulseaudio-14.0

Revision 1.37: download - view: text, markup, annotated - select for diffs
Sat Dec 26 10:35:16 2020 UTC (3 years, 11 months ago) by nia
Branches: MAIN
CVS tags: pkgsrc-2020Q4-base, pkgsrc-2020Q4
Diff to: previous 1.36: preferred, colored
Changes since revision 1.36: +1 -2 lines
Remove now-actively-harmful 32-bit ARM hack from Mozilla packages.

Revision 1.36: download - view: text, markup, annotated - select for diffs
Thu Nov 5 09:09:20 2020 UTC (4 years ago) by ryoon
Branches: MAIN
Diff to: previous 1.35: preferred, colored
Changes since revision 1.35: +2 -2 lines
*: Recursive revbump from textproc/icu-68.1

Revision 1.35: download - view: text, markup, annotated - select for diffs
Mon Aug 31 18:12:33 2020 UTC (4 years, 3 months ago) by wiz
Branches: MAIN
CVS tags: pkgsrc-2020Q3-base, pkgsrc-2020Q3
Diff to: previous 1.34: preferred, colored
Changes since revision 1.34: +2 -1 lines
*: bump PKGREVISION for perl-5.32.

Revision 1.34: download - view: text, markup, annotated - select for diffs
Sat Aug 29 18:39:34 2020 UTC (4 years, 3 months ago) by nia
Branches: MAIN
Diff to: previous 1.33: preferred, colored
Changes since revision 1.33: +2 -3 lines
firefox68: Update to 68.12.0

Security Vulnerabilities fixed in Firefox ESR 68.12

    #CVE-2020-15663: Downgrade attack on the Mozilla Maintenance Service could
    have resulted in escalation of privilege

    #CVE-2020-15664: Attacker-induced prompt for extension installation

    #CVE-2020-15669: Use-After-Free when aborting an operation

Revision 1.33: download - view: text, markup, annotated - select for diffs
Tue Aug 18 17:58:16 2020 UTC (4 years, 3 months ago) by leot
Branches: MAIN
Diff to: previous 1.32: preferred, colored
Changes since revision 1.32: +2 -2 lines
*: revbump for libsndfile

Revision 1.32: download - view: text, markup, annotated - select for diffs
Mon Aug 17 20:20:21 2020 UTC (4 years, 3 months ago) by leot
Branches: MAIN
Diff to: previous 1.31: preferred, colored
Changes since revision 1.31: +2 -1 lines
*: revbump after fontconfig bl3 changes (libuuid removal)

Revision 1.26.2.2: download - view: text, markup, annotated - select for diffs
Thu Jul 30 18:13:52 2020 UTC (4 years, 4 months ago) by bsiegert
Branches: pkgsrc-2020Q2
Diff to: previous 1.26.2.1: preferred, colored; branchpoint 1.26: preferred, colored; next MAIN 1.27: preferred, colored
Changes since revision 1.26.2.1: +2 -2 lines
Pullup ticket #6287 - requested by nia
www/firefox68: security fix

Revisions pulled up:
- www/firefox68/Makefile                                        1.31
- www/firefox68/distinfo                                        1.21

---
   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Wed Jul 29 14:20:30 UTC 2020

   Modified Files:
   	pkgsrc/www/firefox68: Makefile distinfo

   Log Message:
   firefox68: Update to 68.11.0

   Security Vulnerabilities fixed in Firefox ESR 68.11

       #CVE-2020-15652: Potential leak of redirect targets when loading scripts in
       a worker

       #CVE-2020-6514: WebRTC data channel leaks internal address to peer

       #CVE-2020-6463: Use-after-free in ANGLE
       gl::Texture::onUnbindAsSamplerTexture

       #CVE-2020-15650: Overwriting local files through malicious file picker
       application

       #CVE-2020-15649: Exfiltrating local files through malicious file picker
       application

       #CVE-2020-15659: Memory safety bugs fixed in Firefox 79 and Firefox ESR
       68.11

Revision 1.31: download - view: text, markup, annotated - select for diffs
Wed Jul 29 14:20:30 2020 UTC (4 years, 4 months ago) by nia
Branches: MAIN
Diff to: previous 1.30: preferred, colored
Changes since revision 1.30: +2 -3 lines
firefox68: Update to 68.11.0

Security Vulnerabilities fixed in Firefox ESR 68.11

    #CVE-2020-15652: Potential leak of redirect targets when loading scripts in
    a worker

    #CVE-2020-6514: WebRTC data channel leaks internal address to peer

    #CVE-2020-6463: Use-after-free in ANGLE
    gl::Texture::onUnbindAsSamplerTexture

    #CVE-2020-15650: Overwriting local files through malicious file picker
    application

    #CVE-2020-15649: Exfiltrating local files through malicious file picker
    application

    #CVE-2020-15659: Memory safety bugs fixed in Firefox 79 and Firefox ESR
    68.11

Revision 1.30: download - view: text, markup, annotated - select for diffs
Wed Jul 15 19:52:23 2020 UTC (4 years, 4 months ago) by riastradh
Branches: MAIN
Diff to: previous 1.29: preferred, colored
Changes since revision 1.29: +2 -1 lines
www/firefox68: Add NetBSD support for U2F/FIDO2 security keys.

Based on patch submitted upstream:
https://github.com/mozilla/authenticator-rs/pull/116

Adapted lightly for firefox68 which had its own copy of an older
version of authenticator-rs.

Revision 1.26.2.1: download - view: text, markup, annotated - select for diffs
Thu Jul 9 08:07:51 2020 UTC (4 years, 4 months ago) by bsiegert
Branches: pkgsrc-2020Q2
Diff to: previous 1.26: preferred, colored
Changes since revision 1.26: +2 -3 lines
Pullup ticket #6266 - requested by nia
www/firefox68: security fix

Revisions pulled up:
- www/firefox68/Makefile                                        1.29
- www/firefox68/distinfo                                        1.19

---
   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Tue Jul  7 16:44:11 UTC 2020

   Modified Files:
   	pkgsrc/www/firefox68: Makefile distinfo

   Log Message:
   firefox68: Update to 68.10.0

   For anyone curious about the delay: apparently, my ccache cache
   was corrupted so the build was failing. *sigh* that won't be a problem
   soon...

   Security Vulnerabilities fixed in Firefox ESR 68.10

       #CVE-2020-12417: Memory corruption due to missing sign-extension for
       ValueTags on ARM64

       #CVE-2020-12418: Information disclosure due to manipulated URL object

       #CVE-2020-12419: Use-after-free in nsGlobalWindowInner

       #CVE-2020-12420: Use-After-Free when trying to connect to a STUN server

       #CVE-2020-12421: Add-On updates did not respect the same certificate trust
       rules as software updates

Revision 1.29: download - view: text, markup, annotated - select for diffs
Tue Jul 7 16:44:11 2020 UTC (4 years, 4 months ago) by nia
Branches: MAIN
Diff to: previous 1.28: preferred, colored
Changes since revision 1.28: +2 -3 lines
firefox68: Update to 68.10.0

For anyone curious about the delay: apparently, my ccache cache
was corrupted so the build was failing. *sigh* that won't be a problem
soon...

Security Vulnerabilities fixed in Firefox ESR 68.10

    #CVE-2020-12417: Memory corruption due to missing sign-extension for
    ValueTags on ARM64

    #CVE-2020-12418: Information disclosure due to manipulated URL object

    #CVE-2020-12419: Use-after-free in nsGlobalWindowInner

    #CVE-2020-12420: Use-After-Free when trying to connect to a STUN server

    #CVE-2020-12421: Add-On updates did not respect the same certificate trust
    rules as software updates

Revision 1.28: download - view: text, markup, annotated - select for diffs
Wed Jul 1 09:18:49 2020 UTC (4 years, 5 months ago) by nia
Branches: MAIN
Diff to: previous 1.27: preferred, colored
Changes since revision 1.27: +3 -2 lines
firefox68: Revert accidental partial update

Revision 1.27: download - view: text, markup, annotated - select for diffs
Wed Jul 1 09:17:03 2020 UTC (4 years, 5 months ago) by nia
Branches: MAIN
Diff to: previous 1.26: preferred, colored
Changes since revision 1.26: +2 -38 lines
firefox68: Remove cargo SUBSTs since there's no clear patching of crates

Revision 1.26: download - view: text, markup, annotated - select for diffs
Wed Jun 17 17:57:25 2020 UTC (4 years, 5 months ago) by nia
Branches: MAIN
CVS tags: pkgsrc-2020Q2-base
Branch point for: pkgsrc-2020Q2
Diff to: previous 1.25: preferred, colored
Changes since revision 1.25: +2 -2 lines
firefox68: Remove patches for NetBSD 7, rust dropped support for NetBSD 7

Revision 1.25: download - view: text, markup, annotated - select for diffs
Mon Jun 15 10:04:03 2020 UTC (4 years, 5 months ago) by nia
Branches: MAIN
Diff to: previous 1.24: preferred, colored
Changes since revision 1.24: +2 -1 lines
firefox68: Remove hack to disable multiprocess mode

This was working around the lack of pshared semaphores on older NetBSD
releases, and restrictions on which process can destroy semaphores
on newer NetBSD releases.

However, we've switched to a new NetBSD-exclusive hack in www/firefox
where we force the use of the tiled rendering mode. This copies what
Firefox does on macOS, which has similar limitations on cross-process
semaphores. The discovery of this was a joint effort between maya
and me.

This avoids several bugs:

1) Multiprocess mode being outright broken on older NetBSD releases
2) Multiprocess mode leaking semaphores and eventually hitting open
   file limits on newer NetBSD releases

Bump PKGREVISION

Revision 1.24: download - view: text, markup, annotated - select for diffs
Sun Jun 14 20:19:43 2020 UTC (4 years, 5 months ago) by nia
Branches: MAIN
Diff to: previous 1.23: preferred, colored
Changes since revision 1.23: +36 -19 lines
firefox68: Clean up checksum SUBSTs, following lang/rust

Revision 1.23: download - view: text, markup, annotated - select for diffs
Sun Jun 7 10:34:43 2020 UTC (4 years, 5 months ago) by nia
Branches: MAIN
Diff to: previous 1.22: preferred, colored
Changes since revision 1.22: +3 -1 lines
www: Remove firefox60 - EOL

Revision 1.15.2.4: download - view: text, markup, annotated - select for diffs
Thu Jun 4 11:36:28 2020 UTC (4 years, 5 months ago) by bsiegert
Branches: pkgsrc-2020Q1
Diff to: previous 1.15.2.3: preferred, colored; branchpoint 1.15: preferred, colored; next MAIN 1.16: preferred, colored
Changes since revision 1.15.2.3: +2 -2 lines
Pullup ticket #6220 - requested by nia
www/firefox68: security fix

Revisions pulled up:
- www/firefox68/Makefile                                        1.22
- www/firefox68/distinfo                                        1.16
- www/firefox68/patches/patch-build_moz.configure_rust.configure 1.1

---
   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Wed Jun  3 13:00:24 UTC 2020

   Modified Files:
   	pkgsrc/www/firefox68: Makefile distinfo
   Added Files:
   	pkgsrc/www/firefox68/patches: patch-build_moz.configure_rust.configure

   Log Message:
   firefox68: Update to 68.9.0

   Security Vulnerabilities fixed in Firefox ESR 68.9

       #CVE-2020-12399: Timing attack on DSA signatures in NSS library

       #CVE-2020-12405: Use-after-free in SharedWorkerService

       #CVE-2020-12406: JavaScript Type confusion with NativeTypes

       #CVE-2020-12410: Memory safety bugs fixed in Firefox 77 and Firefox ESR 68.9

Revision 1.22: download - view: text, markup, annotated - select for diffs
Wed Jun 3 13:00:24 2020 UTC (4 years, 5 months ago) by nia
Branches: MAIN
Diff to: previous 1.21: preferred, colored
Changes since revision 1.21: +2 -3 lines
firefox68: Update to 68.9.0

Security Vulnerabilities fixed in Firefox ESR 68.9

    #CVE-2020-12399: Timing attack on DSA signatures in NSS library

    #CVE-2020-12405: Use-after-free in SharedWorkerService

    #CVE-2020-12406: JavaScript Type confusion with NativeTypes

    #CVE-2020-12410: Memory safety bugs fixed in Firefox 77 and Firefox ESR 68.9

Revision 1.21: download - view: text, markup, annotated - select for diffs
Tue Jun 2 08:24:56 2020 UTC (4 years, 6 months ago) by adam
Branches: MAIN
Diff to: previous 1.20: preferred, colored
Changes since revision 1.20: +2 -1 lines
Revbump for icu

Revision 1.15.2.3: download - view: text, markup, annotated - select for diffs
Wed May 13 13:40:16 2020 UTC (4 years, 6 months ago) by bsiegert
Branches: pkgsrc-2020Q1
Diff to: previous 1.15.2.2: preferred, colored; branchpoint 1.15: preferred, colored
Changes since revision 1.15.2.2: +2 -2 lines
Pullup ticket #6190 - requested by nia
www/firefox68: security fix

Revisions pulled up:
- www/firefox68/Makefile                                        1.20
- www/firefox68/PLIST                                           1.6
- www/firefox68/distinfo                                        1.15

---
   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Sat May  9 13:08:01 UTC 2020

   Modified Files:
   	pkgsrc/www/firefox68: Makefile PLIST distinfo

   Log Message:
   firefox68: Update to 68.8.0

   Security Vulnerabilities fixed in Firefox ESR 68.8

       #CVE-2020-12387: Use-after-free during worker shutdown

       #CVE-2020-12388: Sandbox escape with improperly guarded Access Tokens

       #CVE-2020-12389: Sandbox escape with improperly separated process types

       #CVE-2020-6831: Buffer overflow in SCTP chunk input validation

       #CVE-2020-12392: Arbitrary local file access with 'Copy as cURL'

       #CVE-2020-12393: Devtools' 'Copy as cURL' feature did not fully escape
       website-controlled data, potentially leading to command injection

       #CVE-2020-12395: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8

Revision 1.20: download - view: text, markup, annotated - select for diffs
Sat May 9 13:08:01 2020 UTC (4 years, 6 months ago) by nia
Branches: MAIN
Diff to: previous 1.19: preferred, colored
Changes since revision 1.19: +2 -3 lines
firefox68: Update to 68.8.0

Security Vulnerabilities fixed in Firefox ESR 68.8

    #CVE-2020-12387: Use-after-free during worker shutdown

    #CVE-2020-12388: Sandbox escape with improperly guarded Access Tokens

    #CVE-2020-12389: Sandbox escape with improperly separated process types

    #CVE-2020-6831: Buffer overflow in SCTP chunk input validation

    #CVE-2020-12392: Arbitrary local file access with 'Copy as cURL'

    #CVE-2020-12393: Devtools' 'Copy as cURL' feature did not fully escape
    website-controlled data, potentially leading to command injection

    #CVE-2020-12395: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8

Revision 1.19: download - view: text, markup, annotated - select for diffs
Fri Apr 24 13:24:21 2020 UTC (4 years, 7 months ago) by nia
Branches: MAIN
Diff to: previous 1.18: preferred, colored
Changes since revision 1.18: +2 -2 lines
firefox*: Mark ESR versions as such in COMMENT

Revision 1.18: download - view: text, markup, annotated - select for diffs
Sun Apr 12 08:29:17 2020 UTC (4 years, 7 months ago) by adam
Branches: MAIN
Diff to: previous 1.17: preferred, colored
Changes since revision 1.17: +2 -1 lines
Recursive revision bump after textproc/icu update

Revision 1.15.2.2: download - view: text, markup, annotated - select for diffs
Sat Apr 11 12:39:25 2020 UTC (4 years, 7 months ago) by bsiegert
Branches: pkgsrc-2020Q1
Diff to: previous 1.15.2.1: preferred, colored; branchpoint 1.15: preferred, colored
Changes since revision 1.15.2.1: +3 -3 lines
Pullup ticket #6155 - requested by nia
www/firefox68: security fix

Revisions pulled up:
- www/firefox68/Makefile                                        1.17
- www/firefox68/distinfo                                        1.14

---
   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Fri Apr 10 10:41:50 UTC 2020

   Modified Files:
   	pkgsrc/www/firefox68: Makefile distinfo

   Log Message:
   firefox68: Update to 68.7.0

   Security Vulnerabilities fixed in Firefox ESR 68.7

       #CVE-2020-6828: Preference overwrite via crafted Intent from malicious
       Android application

       #CVE-2020-6827: Custom Tabs in Firefox for Android could have the URI
       spoofed

       #CVE-2020-6821: Uninitialized memory could be read when using the WebGL
       copyTexSubImage method

       #CVE-2020-6822: Out of bounds write in GMPDecodeData when processing large
       images

       #CVE-2020-6825: Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7

Revision 1.17: download - view: text, markup, annotated - select for diffs
Fri Apr 10 10:41:50 2020 UTC (4 years, 7 months ago) by nia
Branches: MAIN
Diff to: previous 1.16: preferred, colored
Changes since revision 1.16: +3 -3 lines
firefox68: Update to 68.7.0

Security Vulnerabilities fixed in Firefox ESR 68.7

    #CVE-2020-6828: Preference overwrite via crafted Intent from malicious
    Android application

    #CVE-2020-6827: Custom Tabs in Firefox for Android could have the URI
    spoofed

    #CVE-2020-6821: Uninitialized memory could be read when using the WebGL
    copyTexSubImage method

    #CVE-2020-6822: Out of bounds write in GMPDecodeData when processing large
    images

    #CVE-2020-6825: Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7

Revision 1.15.2.1: download - view: text, markup, annotated - select for diffs
Thu Apr 9 10:53:14 2020 UTC (4 years, 7 months ago) by bsiegert
Branches: pkgsrc-2020Q1
Diff to: previous 1.15: preferred, colored
Changes since revision 1.15: +2 -2 lines
Pullup ticket #6150 - requested by nia
www/firefox68: security fix

Revisions pulled up:
- www/firefox68/Makefile                                        1.16
- www/firefox68/distinfo                                        1.13

---
   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Sat Apr  4 15:26:42 UTC 2020

   Modified Files:
   	pkgsrc/www/firefox68: Makefile distinfo

   Log Message:
   firefox68: Update to 68.6.1

   Security Vulnerabilities fixed in Firefox 74.0.1 and Firefox ESR 68.6.1

       #CVE-2020-6819: Use-after-free while running the nsDocShell destructor
       #CVE-2020-6820: Use-after-free when handling a ReadableStream

Revision 1.16: download - view: text, markup, annotated - select for diffs
Sat Apr 4 15:26:42 2020 UTC (4 years, 7 months ago) by nia
Branches: MAIN
Diff to: previous 1.15: preferred, colored
Changes since revision 1.15: +2 -2 lines
firefox68: Update to 68.6.1

Security Vulnerabilities fixed in Firefox 74.0.1 and Firefox ESR 68.6.1

    #CVE-2020-6819: Use-after-free while running the nsDocShell destructor
    #CVE-2020-6820: Use-after-free when handling a ReadableStream

Revision 1.5.4.3: download - view: text, markup, annotated - select for diffs
Fri Mar 13 20:02:44 2020 UTC (4 years, 8 months ago) by bsiegert
Branches: pkgsrc-2019Q4
Diff to: previous 1.5.4.2: preferred, colored; branchpoint 1.5: preferred, colored; next MAIN 1.6: preferred, colored
Changes since revision 1.5.4.2: +2 -2 lines
Pullup ticket #6145 - requested by nia
www/firefox68: security fix

Revisions pulled up:
- www/firefox68/Makefile                                        1.15
- www/firefox68/PLIST                                           1.5
- www/firefox68/distinfo                                        1.11
- www/firefox68/mozilla-common.mk                               1.7
- www/firefox68/options.mk                                      1.8
- www/firefox68/patches/patch-aa                                1.2
- www/firefox68/patches/patch-build_moz.configure_old.configure deleted
- www/firefox68/patches/patch-dom_media_CubebUtils.cpp          1.2
- www/firefox68/patches/patch-media_libcubeb_src_cubeb.c        1.2
- www/firefox68/patches/patch-media_libcubeb_src_cubeb__oss.c   deleted
- www/firefox68/patches/patch-media_libcubeb_src_moz.build      1.2
- www/firefox68/patches/patch-media_libcubeb_update.sh          1.2
- www/firefox68/patches/patch-toolkit_library_moz.build         1.2

---
   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Thu Mar 12 19:39:35 UTC 2020

   Modified Files:
   	pkgsrc/www/firefox68: Makefile PLIST distinfo mozilla-common.mk
   	    options.mk
   	pkgsrc/www/firefox68/patches: patch-aa patch-dom_media_CubebUtils.cpp
   	    patch-media_libcubeb_src_cubeb.c patch-media_libcubeb_src_moz.build
   	    patch-media_libcubeb_update.sh patch-toolkit_library_moz.build
   Removed Files:
   	pkgsrc/www/firefox68/patches: patch-build_moz.configure_old.configure
   	    patch-media_libcubeb_src_cubeb__oss.c

   Log Message:
   firefox68: Update to 68.6.0

   While here,

   - Remove OSS support now that cubeb_sun has been stable for a long while
   - Appease pkglint

   Security fixes in this release:

   #CVE-2020-6805: Use-after-free when removing data about origins
   #CVE-2020-6806: BodyStream::OnInputStreamReady was missing protections
   #CVE-2020-6807: Use-after-free in cubeb during stream destruction
   #CVE-2020-6811: Devtools' 'Copy as cURL' feature did not fully escape
   #CVE-2019-20503: Out of bounds reads in sctp_load_addresses_from_init
   #CVE-2020-6812: The names of AirPods with personally identifiable
   #CVE-2020-6814: Memory safety bugs fixed in Firefox 74 and Firefox ESR 68.6

Revision 1.15: download - view: text, markup, annotated - select for diffs
Thu Mar 12 19:39:35 2020 UTC (4 years, 8 months ago) by nia
Branches: MAIN
CVS tags: pkgsrc-2020Q1-base
Branch point for: pkgsrc-2020Q1
Diff to: previous 1.14: preferred, colored
Changes since revision 1.14: +2 -3 lines
firefox68: Update to 68.6.0

While here,

- Remove OSS support now that cubeb_sun has been stable for a long while
- Appease pkglint

Security fixes in this release:

#CVE-2020-6805: Use-after-free when removing data about origins
#CVE-2020-6806: BodyStream::OnInputStreamReady was missing protections
#CVE-2020-6807: Use-after-free in cubeb during stream destruction
#CVE-2020-6811: Devtools' 'Copy as cURL' feature did not fully escape
#CVE-2019-20503: Out of bounds reads in sctp_load_addresses_from_init
#CVE-2020-6812: The names of AirPods with personally identifiable
#CVE-2020-6814: Memory safety bugs fixed in Firefox 74 and Firefox ESR 68.6

Revision 1.14: download - view: text, markup, annotated - select for diffs
Tue Mar 10 22:11:10 2020 UTC (4 years, 8 months ago) by wiz
Branches: MAIN
Diff to: previous 1.13: preferred, colored
Changes since revision 1.13: +2 -2 lines
librsvg: update bl3.mk to remove libcroco in rust case

recursive bump for the dependency change

Revision 1.13: download - view: text, markup, annotated - select for diffs
Sun Mar 8 16:42:30 2020 UTC (4 years, 8 months ago) by bsiegert
Branches: MAIN
Diff to: previous 1.12: preferred, colored
Changes since revision 1.12: +2 -1 lines
Revbump packages depending on libffi after .so version change.

Requested by Matthias Ferdinand and Oskar on pkgsrc-users.

Revision 1.5.4.2: download - view: text, markup, annotated - select for diffs
Sun Feb 23 11:50:10 2020 UTC (4 years, 9 months ago) by bsiegert
Branches: pkgsrc-2019Q4
Diff to: previous 1.5.4.1: preferred, colored; branchpoint 1.5: preferred, colored
Changes since revision 1.5.4.1: +3 -3 lines
Pullup ticket #6134 - requested by nia
www/firefox68: security fix

Revisions pulled up:
- www/firefox68/Makefile                                        1.12
- www/firefox68/PLIST                                           1.4
- www/firefox68/distinfo                                        1.10

---
   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Sat Feb 15 12:48:22 UTC 2020

   Modified Files:
   	pkgsrc/www/firefox68: Makefile PLIST distinfo

   Log Message:
   firefox68: Update to 68.5.0

   Security Vulnerabilities fixed in Firefox ESR68.5

   # CVE-2020-6796: Missing bounds check on shared memory read in the parent process
   # CVE-2020-6797: Extensions granted downloads.open permission could open arbitrary applications on Mac OSX
   # CVE-2020-6798: Incorrect parsing of template tag could result in JavaScript injection
   # CVE-2020-6799: Arbitrary code execution when opening pdf links from other applications, when Firefox is configured as default pdf reader
   	Note: This issue only affects Windows operating systems and when Firefox is configured as the default handler for non-default filetypes. Other operating systems are unaffected.
   # CVE-2020-6800: Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5

Revision 1.12: download - view: text, markup, annotated - select for diffs
Sat Feb 15 12:48:22 2020 UTC (4 years, 9 months ago) by nia
Branches: MAIN
Diff to: previous 1.11: preferred, colored
Changes since revision 1.11: +3 -4 lines
firefox68: Update to 68.5.0

Security Vulnerabilities fixed in Firefox ESR68.5

# CVE-2020-6796: Missing bounds check on shared memory read in the parent process
# CVE-2020-6797: Extensions granted downloads.open permission could open arbitrary applications on Mac OSX
# CVE-2020-6798: Incorrect parsing of template tag could result in JavaScript injection
# CVE-2020-6799: Arbitrary code execution when opening pdf links from other applications, when Firefox is configured as default pdf reader
	Note: This issue only affects Windows operating systems and when Firefox is configured as the default handler for non-default filetypes. Other operating systems are unaffected.
# CVE-2020-6800: Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5

Revision 1.11: download - view: text, markup, annotated - select for diffs
Sat Feb 8 22:06:38 2020 UTC (4 years, 9 months ago) by kamil
Branches: MAIN
Diff to: previous 1.10: preferred, colored
Changes since revision 1.10: +2 -1 lines
firefox68: Workaround broken pthread_equal() usage

Switch to an internal version of pthread_equal() without sanity checks.

Problems detected on NetBSD 9.99.46.

Revision 1.10: download - view: text, markup, annotated - select for diffs
Wed Jan 22 13:36:27 2020 UTC (4 years, 10 months ago) by ryoon
Branches: MAIN
Diff to: previous 1.9: preferred, colored
Changes since revision 1.9: +2 -3 lines
firefox68: Update to 68.4.2

Changelog:
Fixed
    Fixed various issues opening files with spaces in their path (bug 1601905, bug 1602726)

Revision 1.9: download - view: text, markup, annotated - select for diffs
Sat Jan 18 21:51:06 2020 UTC (4 years, 10 months ago) by jperkin
Branches: MAIN
Diff to: previous 1.8: preferred, colored
Changes since revision 1.8: +2 -1 lines
*: Recursive revision bump for openssl 1.1.1.

Revision 1.5.4.1: download - view: text, markup, annotated - select for diffs
Fri Jan 10 13:56:19 2020 UTC (4 years, 10 months ago) by bsiegert
Branches: pkgsrc-2019Q4
Diff to: previous 1.5: preferred, colored
Changes since revision 1.5: +3 -3 lines
Pullup ticket #6113 - requested by nia
www/firefox68: security fix (zero-day)

Revisions pulled up:
- www/firefox68/Makefile                                        1.7-1.8
- www/firefox68/distinfo                                        1.6-1.7
- www/firefox68/patches/patch-rust-1.39.0                       deleted

---
   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Wed Jan  8 21:49:32 UTC 2020

   Modified Files:
   	pkgsrc/www/firefox68: Makefile distinfo
   Removed Files:
   	pkgsrc/www/firefox68/patches: patch-rust-1.39.0

   Log Message:
   firefox68: Update to 68.4.0

   Security Vulnerabilities fixed in Firefox ESR 68.4:

   # CVE-2019-17015: Memory corruption in parent process during new content process initialization on Windows
   # CVE-2019-17016: Bypass of @namespace CSS sanitization during pasting
   # CVE-2019-17017: Type Confusion in XPCVariant.cpp
   # CVE-2019-17021: Heap address disclosure in parent process during content process initialization on Windows
   # CVE-2019-17022: CSS sanitization does not escape HTML tags
   # CVE-2019-17024: Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4

---
   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Thu Jan  9 20:51:59 UTC 2020

   Modified Files:
   	pkgsrc/www/firefox68: Makefile distinfo

   Log Message:
   firefox68: Update to 68.4.1

   This release fixes one zero-day vulnerability:

   CVE-2019-17026: IonMonkey type confusion with StoreElementHole and FallibleStoreElement

   Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion.
   We are aware of targeted attacks in the wild abusing this flaw

Revision 1.8: download - view: text, markup, annotated - select for diffs
Thu Jan 9 20:51:59 2020 UTC (4 years, 10 months ago) by nia
Branches: MAIN
Diff to: previous 1.7: preferred, colored
Changes since revision 1.7: +2 -2 lines
firefox68: Update to 68.4.1

This release fixes one zero-day vulnerability:

CVE-2019-17026: IonMonkey type confusion with StoreElementHole and FallibleStoreElement

Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion.
We are aware of targeted attacks in the wild abusing this flaw

Revision 1.7: download - view: text, markup, annotated - select for diffs
Wed Jan 8 21:49:32 2020 UTC (4 years, 10 months ago) by nia
Branches: MAIN
Diff to: previous 1.6: preferred, colored
Changes since revision 1.6: +2 -3 lines
firefox68: Update to 68.4.0

Security Vulnerabilities fixed in Firefox ESR 68.4:

# CVE-2019-17015: Memory corruption in parent process during new content process initialization on Windows
# CVE-2019-17016: Bypass of @namespace CSS sanitization during pasting
# CVE-2019-17017: Type Confusion in XPCVariant.cpp
# CVE-2019-17021: Heap address disclosure in parent process during content process initialization on Windows
# CVE-2019-17022: CSS sanitization does not escape HTML tags
# CVE-2019-17024: Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4

Revision 1.6: download - view: text, markup, annotated - select for diffs
Sun Jan 5 17:55:22 2020 UTC (4 years, 10 months ago) by nia
Branches: MAIN
Diff to: previous 1.5: preferred, colored
Changes since revision 1.5: +2 -1 lines
*: Enable Wayland where supported in GTK and Firefox.

Bump PKGREVISIONs

Revision 1.5: download - view: text, markup, annotated - select for diffs
Sun Dec 8 20:09:41 2019 UTC (4 years, 11 months ago) by nia
Branches: MAIN
CVS tags: pkgsrc-2019Q4-base
Branch point for: pkgsrc-2019Q4
Diff to: previous 1.4: preferred, colored
Changes since revision 1.4: +2 -3 lines
firefox68: Update to 68.3.0

pkgsrc changes:

- Fixed building with wayland libs installed

Security fixes:

- CVE-2019-17008: Use-after-free in worker destruction
- CVE-2019-13722: Stack corruption due to incorrect number of arguments in WebRTC code
- CVE-2019-11745: Out of bounds write in NSS when encrypting with a block cipher
- CVE-2019-17009: Updater temporary files accessible to unprivileged processes
- CVE-2019-17010: Use-after-free when performing device orientation checks
- CVE-2019-17005: Buffer overflow in plain text serializer
- CVE-2019-17011: Use-after-free when retrieving a document in antitracking
- CVE-2019-17012: Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3

Revision 1.1.2.1: download - view: text, markup, annotated - select for diffs
Sat Dec 7 10:50:33 2019 UTC (4 years, 11 months ago) by bsiegert
Branches: pkgsrc-2019Q3
Diff to: previous 1.1: preferred, colored; next MAIN 1.2: preferred, colored
Changes since revision 1.1: +2 -2 lines
Pullup ticket #6090 - requested by nia
www/firefox68: security fix

Revisions pulled up:
- www/firefox68/Makefile                                        1.3
- www/firefox68/PLIST                                           1.2
- www/firefox68/distinfo                                        1.2

---
   Module Name:	pkgsrc
   Committed By:	ryoon
   Date:		Tue Nov  5 17:14:30 UTC 2019

   Modified Files:
   	pkgsrc/www/firefox68: Makefile PLIST distinfo

   Log Message:
   Update to 68.2.0 with patch from Piotr Meyer

   Changelog:
   Security fixes:
   #CVE-2019-15903: Heap overflow in expat library in XML_GetCurrentLineNumber
   #CVE-2019-11757: Use-after-free when creating index updates in IndexedDB
   #CVE-2019-11758: Potentially exploitable crash due to 360 Total Security
   #CVE-2019-11759: Stack buffer overflow in HKDF output
   #CVE-2019-11760: Stack buffer overflow in WebRTC networking
   #CVE-2019-11761: Unintended access to a privileged JSONView object
   #CVE-2019-11762: document.domain-based origin isolation has same-origin-property violation
   #CVE-2019-11763: Incorrect HTML parsing results in XSS bypass technique
   #CVE-2019-11764: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2

Revision 1.4: download - view: text, markup, annotated - select for diffs
Mon Nov 18 12:09:15 2019 UTC (5 years ago) by ryoon
Branches: MAIN
Diff to: previous 1.3: preferred, colored
Changes since revision 1.3: +9 -1 lines
Fix build with Rust 1.39.0, bump PKGREVISION

Revision 1.3: download - view: text, markup, annotated - select for diffs
Tue Nov 5 17:14:30 2019 UTC (5 years ago) by ryoon
Branches: MAIN
Diff to: previous 1.2: preferred, colored
Changes since revision 1.2: +2 -2 lines
Update to 68.2.0 with patch from Piotr Meyer

Changelog:
Security fixes:
#CVE-2019-15903: Heap overflow in expat library in XML_GetCurrentLineNumber
#CVE-2019-11757: Use-after-free when creating index updates in IndexedDB
#CVE-2019-11758: Potentially exploitable crash due to 360 Total Security
#CVE-2019-11759: Stack buffer overflow in HKDF output
#CVE-2019-11760: Stack buffer overflow in WebRTC networking
#CVE-2019-11761: Unintended access to a privileged JSONView object
#CVE-2019-11762: document.domain-based origin isolation has same-origin-property violation
#CVE-2019-11763: Incorrect HTML parsing results in XSS bypass technique
#CVE-2019-11764: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2

Revision 1.2: download - view: text, markup, annotated - select for diffs
Mon Nov 4 22:09:55 2019 UTC (5 years ago) by rillig
Branches: MAIN
Diff to: previous 1.1: preferred, colored
Changes since revision 1.1: +6 -6 lines
www: align variable assignments

pkglint -Wall -F --only aligned --only indent -r

Manually excluded phraseanet since pkglint got the indentation wrong.

Revision 1.1: download - view: text, markup, annotated - select for diffs
Sat Sep 21 07:31:43 2019 UTC (5 years, 2 months ago) by ryoon
Branches: MAIN
CVS tags: pkgsrc-2019Q3-base
Branch point for: pkgsrc-2019Q3
www/firefox68: import firefox68-68.1.0

Mozilla Firefox is a free, open-source and cross-platform web browser
for Windows, Linux, MacOS X and many other operating systems.

It is fast and easy to use, and offers many advantages over other web
browsers, such as tabbed browsing and the ability to block pop-up
windows.

Firefox also offers excellent bookmark and history management, and it
can be extended by developers using industry standards such as XML,
CSS, JavaScript, C++, etc. Many extensions are available.

This package provides Firefox 68 ESR.

Diff request

This form allows you to request diffs between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.

Log view options

CVSweb <webmaster@jp.NetBSD.org>