![[BACK]](/icons/back.gif){kind=icon}
Up to [cvs.NetBSD.org] / pkgsrc / www / firefox78
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.45, Thu Aug 4 15:10:41 2022 UTC (16 months ago) by nia
Branch: MAIN
CVS Tags: HEAD
Changes since 1.44: +1 -1
lines
FILE REMOVED
Remove firefox78. This was kept due to better NetBSD WebRTC support than firefox91, but webrtc video calls are absolutely perfect with sunaudio in firefox102 and newer.
Revision 1.44 / (download) - annotate - [select for diffs], Sat Jul 2 16:53:38 2022 UTC (17 months, 1 week ago) by ryoon
Branch: MAIN
Changes since 1.43: +2 -2
lines
Diff to previous 1.43 (colored)
*: Recursive revbump from audio/pulseaudio
Revision 1.43 / (download) - annotate - [select for diffs], Tue Jun 28 11:37:04 2022 UTC (17 months, 1 week ago) by wiz
Branch: MAIN
Changes since 1.42: +2 -2
lines
Diff to previous 1.42 (colored)
*: recursive bump for perl 5.36
Revision 1.42 / (download) - annotate - [select for diffs], Mon Apr 18 19:12:17 2022 UTC (19 months, 3 weeks ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2022Q2-base,
pkgsrc-2022Q2
Changes since 1.41: +2 -2
lines
Diff to previous 1.41 (colored)
revbump for textproc/icu update
Revision 1.41 / (download) - annotate - [select for diffs], Mon Mar 28 10:59:31 2022 UTC (20 months, 1 week ago) by tnn
Branch: MAIN
CVS Tags: pkgsrc-2022Q1-base,
pkgsrc-2022Q1
Changes since 1.40: +2 -2
lines
Diff to previous 1.40 (colored)
{s,t,w}*/*: revbump(1) for libsndfile
Revision 1.40 / (download) - annotate - [select for diffs], Tue Dec 28 20:05:49 2021 UTC (23 months, 1 week ago) by nia
Branch: MAIN
CVS Tags: pkgsrc-2021Q4-base,
pkgsrc-2021Q4
Changes since 1.39: +0 -0
lines
Diff to previous 1.39 (colored)
firefox78: restore deleted package This is the last version of Firefox where microphone input isn't broken on NetBSD, see PR pkg/56587
Revision 1.39, Sat Nov 13 10:02:27 2021 UTC (2 years ago) by nia
Branch: MAIN
Changes since 1.38: +1 -1
lines
FILE REMOVED
www: Remove firefox78 - out of support
Revision 1.38 / (download) - annotate - [select for diffs], Sat Oct 9 15:35:12 2021 UTC (2 years, 1 month ago) by nia
Branch: MAIN
Changes since 1.37: +2 -1
lines
Diff to previous 1.37 (colored)
Recursive revbump for multimedia/libaom
Revision 1.36.2.1 / (download) - annotate - [select for diffs], Sat Oct 9 13:14:45 2021 UTC (2 years, 1 month ago) by bsiegert
Branch: pkgsrc-2021Q3
Changes since 1.36: +2 -3
lines
Diff to previous 1.36 (colored) next main 1.37 (colored)
Pullup ticket #6508 - requested by nia
www/firefox78: security fix
www/firefox78-l10n: dependent update
Revisions pulled up:
- www/firefox78-l10n/Makefile 1.18
- www/firefox78-l10n/distinfo 1.19
- www/firefox78/Makefile 1.37
- www/firefox78/PLIST 1.5
- www/firefox78/distinfo 1.22
---
Module Name: pkgsrc
Committed By: nia
Date: Fri Oct 8 14:09:56 UTC 2021
Modified Files:
pkgsrc/www/firefox78: Makefile PLIST distinfo
pkgsrc/www/firefox78-l10n: Makefile distinfo
Log Message:
firefox78-l10n: update to 78.15.0
Security Vulnerabilities fixed in Firefox ESR 78.15
#CVE-2021-38496: Use-after-free in MessageTask
#CVE-2021-38500: Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15,
and Firefox ESR 91.2
Revision 1.37 / (download) - annotate - [select for diffs], Fri Oct 8 14:09:56 2021 UTC (2 years, 2 months ago) by nia
Branch: MAIN
Changes since 1.36: +2 -3
lines
Diff to previous 1.36 (colored)
firefox78-l10n: update to 78.15.0
Security Vulnerabilities fixed in Firefox ESR 78.15
#CVE-2021-38496: Use-after-free in MessageTask
#CVE-2021-38500: Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15,
and Firefox ESR 91.2
Revision 1.36 / (download) - annotate - [select for diffs], Thu Sep 16 19:49:15 2021 UTC (2 years, 2 months ago) by nia
Branch: MAIN
CVS Tags: pkgsrc-2021Q3-base
Branch point for: pkgsrc-2021Q3
Changes since 1.35: +13 -7
lines
Diff to previous 1.35 (colored)
firefox78: Install various icon sizes. Explicitly use "unofficial" branding. Bump PKGREVISION.
Revision 1.31.2.3 / (download) - annotate - [select for diffs], Wed Sep 15 17:11:21 2021 UTC (2 years, 2 months ago) by bsiegert
Branch: pkgsrc-2021Q2
Changes since 1.31.2.2: +2 -2
lines
Diff to previous 1.31.2.2 (colored) to branchpoint 1.31 (colored) next main 1.32 (colored)
Pullup ticket #6499 - requested by nia www/firefox78: security fix Revisions pulled up: - www/firefox78/Makefile 1.35 - www/firefox78/distinfo 1.20 --- Module Name: pkgsrc Committed By: nia Date: Fri Sep 10 11:37:53 UTC 2021 Modified Files: pkgsrc/www/firefox78: Makefile distinfo Log Message: firefox78: update to 78.14.0 Fixes CVE-2021-38493
Revision 1.35 / (download) - annotate - [select for diffs], Fri Sep 10 11:37:53 2021 UTC (2 years, 2 months ago) by nia
Branch: MAIN
Changes since 1.34: +2 -2
lines
Diff to previous 1.34 (colored)
firefox78: update to 78.14.0 Fixes CVE-2021-38493
Revision 1.31.2.2 / (download) - annotate - [select for diffs], Sat Aug 28 12:06:58 2021 UTC (2 years, 3 months ago) by bsiegert
Branch: pkgsrc-2021Q2
Changes since 1.31.2.1: +2 -2
lines
Diff to previous 1.31.2.1 (colored) to branchpoint 1.31 (colored)
Pullup ticket #6494 - requested by nia
www/firefox78: security fix
Revisions pulled up:
- www/firefox78/Makefile 1.34
- www/firefox78/distinfo 1.19
---
Module Name: pkgsrc
Committed By: ryoon
Date: Fri Aug 13 15:07:04 UTC 2021
Modified Files:
pkgsrc/www/firefox78: Makefile distinfo
Log Message:
firefox78: Update to 78.13.0
Changelog:
Various stability, functionality, and security fixes
Security fixes:
#CVE-2021-29986: Race condition when resolving DNS names could have led to
memory corruption
#CVE-2021-29988: Memory corruption as a result of incorrect style treatment
#CVE-2021-29984: Incorrect instruction reordering during JIT optimization
#CVE-2021-29980: Uninitialized memory in a canvas object could have led to
memory corruption
#CVE-2021-29985: Use-after-free media channels
#CVE-2021-29989: Memory safety bugs fixed in Firefox 91 and Firefox ESR 78.13
Revision 1.34 / (download) - annotate - [select for diffs], Fri Aug 13 15:07:03 2021 UTC (2 years, 3 months ago) by ryoon
Branch: MAIN
Changes since 1.33: +2 -3
lines
Diff to previous 1.33 (colored)
firefox78: Update to 78.13.0 Changelog: Various stability, functionality, and security fixes Security fixes: #CVE-2021-29986: Race condition when resolving DNS names could have led to memory corruption #CVE-2021-29988: Memory corruption as a result of incorrect style treatment #CVE-2021-29984: Incorrect instruction reordering during JIT optimization #CVE-2021-29980: Uninitialized memory in a canvas object could have led to memory corruption #CVE-2021-29985: Use-after-free media channels #CVE-2021-29989: Memory safety bugs fixed in Firefox 91 and Firefox ESR 78.13
Revision 1.33 / (download) - annotate - [select for diffs], Fri Jul 30 12:27:10 2021 UTC (2 years, 4 months ago) by ryoon
Branch: MAIN
Changes since 1.32: +2 -1
lines
Diff to previous 1.32 (colored)
*: Recursive revbump from audio/pulseaudio-15.0
Revision 1.31.2.1 / (download) - annotate - [select for diffs], Thu Jul 15 15:41:13 2021 UTC (2 years, 4 months ago) by bsiegert
Branch: pkgsrc-2021Q2
Changes since 1.31: +2 -2
lines
Diff to previous 1.31 (colored)
Pullup ticket #6488 - requested by nia
www/firefox78: security fix
Revisions pulled up:
- www/firefox78/Makefile 1.32
- www/firefox78/distinfo 1.18
---
Module Name: pkgsrc
Committed By: nia
Date: Thu Jul 15 06:17:45 UTC 2021
Modified Files:
pkgsrc/www/firefox78: Makefile distinfo
Log Message:
firefox78: update to 78.12.0
Security Vulnerabilities fixed in Firefox ESR 78.12
#CVE-2021-29970: Use-after-free in accessibility features of a document
#CVE-2021-30547: Out of bounds write in ANGLE
#CVE-2021-29976: Memory safety bugs fixed in Firefox 90 and Firefox ESR
78.12
Revision 1.32 / (download) - annotate - [select for diffs], Thu Jul 15 06:17:45 2021 UTC (2 years, 4 months ago) by nia
Branch: MAIN
Changes since 1.31: +2 -2
lines
Diff to previous 1.31 (colored)
firefox78: update to 78.12.0
Security Vulnerabilities fixed in Firefox ESR 78.12
#CVE-2021-29970: Use-after-free in accessibility features of a document
#CVE-2021-30547: Out of bounds write in ANGLE
#CVE-2021-29976: Memory safety bugs fixed in Firefox 90 and Firefox ESR
78.12
Revision 1.31 / (download) - annotate - [select for diffs], Fri Jun 18 18:22:41 2021 UTC (2 years, 5 months ago) by nia
Branch: MAIN
CVS Tags: pkgsrc-2021Q2-base
Branch point for: pkgsrc-2021Q2
Changes since 1.30: +3 -3
lines
Diff to previous 1.30 (colored)
firefox78: explicitly use autoconf-2.13
Revision 1.22.2.2 / (download) - annotate - [select for diffs], Sun Jun 6 09:34:53 2021 UTC (2 years, 6 months ago) by bsiegert
Branch: pkgsrc-2021Q1
Changes since 1.22.2.1: +2 -2
lines
Diff to previous 1.22.2.1 (colored) to branchpoint 1.22 (colored) next main 1.23 (colored)
Pullup ticket #6467 - requested by nia www/firefox78: security fix Revisions pulled up: - www/firefox78/Makefile 1.30 - www/firefox78/PLIST 1.3 - www/firefox78/distinfo 1.17 --- Module Name: pkgsrc Committed By: nia Date: Tue Jun 1 21:07:21 UTC 2021 Modified Files: pkgsrc/www/firefox78: Makefile PLIST distinfo Log Message: firefox78: update to 78.11.0 Security fixes: https://www.mozilla.org/en-US/security/advisories/mfsa2021-24/
Revision 1.30 / (download) - annotate - [select for diffs], Tue Jun 1 21:07:21 2021 UTC (2 years, 6 months ago) by nia
Branch: MAIN
Changes since 1.29: +3 -4
lines
Diff to previous 1.29 (colored)
firefox78: update to 78.11.0 Security fixes: https://www.mozilla.org/en-US/security/advisories/mfsa2021-24/
Revision 1.29 / (download) - annotate - [select for diffs], Mon May 24 19:55:14 2021 UTC (2 years, 6 months ago) by wiz
Branch: MAIN
Changes since 1.28: +2 -1
lines
Diff to previous 1.28 (colored)
*: recursive bump for perl 5.34
Revision 1.28 / (download) - annotate - [select for diffs], Fri May 7 16:49:14 2021 UTC (2 years, 7 months ago) by ryoon
Branch: MAIN
Changes since 1.27: +1 -2
lines
Diff to previous 1.27 (colored)
firefox78: Remove PKGREVISION after update
Revision 1.27 / (download) - annotate - [select for diffs], Fri May 7 16:47:59 2021 UTC (2 years, 7 months ago) by ryoon
Branch: MAIN
Changes since 1.26: +2 -2
lines
Diff to previous 1.26 (colored)
firefox78: Update to 78.10.1
Changelog:
Version 78.10.1, first offered to ESR channel users on May 4, 2021
Fixed
* Resolved an issue caused by a recent Widevine plugin update which prevented
some purchased video content from playing correctly (bug 1705138)
* Security fix
Security fixes:
#CVE-2021-29951: Mozilla Maintenance Service could have been started or stopped
by domain users
Revision 1.22.2.1 / (download) - annotate - [select for diffs], Sun Apr 25 08:05:09 2021 UTC (2 years, 7 months ago) by bsiegert
Branch: pkgsrc-2021Q1
Changes since 1.22: +2 -2
lines
Diff to previous 1.22 (colored)
Pullup ticket #6447 - requested by nia www/firefox78: security fix Revisions pulled up: - www/firefox78/Makefile 1.25 - www/firefox78/distinfo 1.15 --- Module Name: pkgsrc Committed By: nia Date: Mon Apr 19 20:01:06 UTC 2021 Modified Files: pkgsrc/www/firefox78: Makefile distinfo Log Message: firefox78: update to 78.10.0 security fixes: https://www.mozilla.org/en-US/security/advisories/mfsa2021-15/
Revision 1.26 / (download) - annotate - [select for diffs], Wed Apr 21 11:42:53 2021 UTC (2 years, 7 months ago) by adam
Branch: MAIN
Changes since 1.25: +2 -1
lines
Diff to previous 1.25 (colored)
revbump for textproc/icu
Revision 1.25 / (download) - annotate - [select for diffs], Mon Apr 19 20:01:06 2021 UTC (2 years, 7 months ago) by nia
Branch: MAIN
Changes since 1.24: +2 -3
lines
Diff to previous 1.24 (colored)
firefox78: update to 78.10.0 security fixes: https://www.mozilla.org/en-US/security/advisories/mfsa2021-15/
Revision 1.24 / (download) - annotate - [select for diffs], Thu Apr 15 11:23:13 2021 UTC (2 years, 7 months ago) by ryoon
Branch: MAIN
Changes since 1.23: +2 -2
lines
Diff to previous 1.23 (colored)
*: Recursive revbump from devel/nss
Revision 1.23 / (download) - annotate - [select for diffs], Fri Apr 9 06:55:05 2021 UTC (2 years, 8 months ago) by wiz
Branch: MAIN
Changes since 1.22: +2 -1
lines
Diff to previous 1.22 (colored)
*: bump PKGREVISION for nss linking fix
Revision 1.22 / (download) - annotate - [select for diffs], Wed Mar 24 18:58:06 2021 UTC (2 years, 8 months ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2021Q1-base
Branch point for: pkgsrc-2021Q1
Changes since 1.21: +2 -2
lines
Diff to previous 1.21 (colored)
firefox78: Update to 78.9.0 Changelog: Security fixes: #CVE-2021-23981: Texture upload into an unbound backing buffer resulted in an out-of-bound read #CVE-2021-23982: Internal network hosts could have been probed by a malicious webpage #CVE-2021-23984: Malicious extensions could have spoofed popup information #CVE-2021-23987: Memory safety bugs fixed in Firefox 87 and Firefox ESR 78.9
Revision 1.15.2.3 / (download) - annotate - [select for diffs], Mon Mar 1 19:53:45 2021 UTC (2 years, 9 months ago) by bsiegert
Branch: pkgsrc-2020Q4
Changes since 1.15.2.2: +2 -2
lines
Diff to previous 1.15.2.2 (colored) to branchpoint 1.15 (colored) next main 1.16 (colored)
Pullup ticket #6430 - requested by nia www/firefox78: security fix Revisions pulled up: - www/firefox78/Makefile 1.21 - www/firefox78/distinfo 1.12 --- Module Name: pkgsrc Committed By: nia Date: Wed Feb 24 13:20:06 UTC 2021 Modified Files: pkgsrc/www/firefox78: Makefile distinfo Log Message: firefox78: Update to 78.8.0 Security Vulnerabilities fixed in Firefox ESR 78.8 #CVE-2021-23969: Content Security Policy violation report could have contained the destination of a redirect #CVE-2021-23968: Content Security Policy violation report could have contained the destination of a redirect #CVE-2021-23973: MediaError message property could have leaked information about cross-origin resources #CVE-2021-23978: Memory safety bugs fixed in Firefox 86 and Firefox ESR 78.8
Revision 1.21 / (download) - annotate - [select for diffs], Wed Feb 24 13:20:06 2021 UTC (2 years, 9 months ago) by nia
Branch: MAIN
Changes since 1.20: +3 -4
lines
Diff to previous 1.20 (colored)
firefox78: Update to 78.8.0 Security Vulnerabilities fixed in Firefox ESR 78.8 #CVE-2021-23969: Content Security Policy violation report could have contained the destination of a redirect #CVE-2021-23968: Content Security Policy violation report could have contained the destination of a redirect #CVE-2021-23973: MediaError message property could have leaked information about cross-origin resources #CVE-2021-23978: Memory safety bugs fixed in Firefox 86 and Firefox ESR 78.8
Revision 1.20 / (download) - annotate - [select for diffs], Sun Feb 7 06:30:40 2021 UTC (2 years, 10 months ago) by ryoon
Branch: MAIN
Changes since 1.19: +2 -1
lines
Diff to previous 1.19 (colored)
*: Recursive revbump from audio/pulseaudio-14.2.nb1
Revision 1.19 / (download) - annotate - [select for diffs], Sat Feb 6 04:52:12 2021 UTC (2 years, 10 months ago) by ryoon
Branch: MAIN
Changes since 1.18: +2 -2
lines
Diff to previous 1.18 (colored)
firefox78: Update to 78.7.1
Changelog:
Fixed
Security fix
Prevent access to NTFS special paths that could lead to filesystem corruption.
Security fix:
#MOZ-2021-0001: Buffer overflow in depth pitch calculations for compressed textures
Revision 1.15.2.2 / (download) - annotate - [select for diffs], Sat Jan 30 06:21:26 2021 UTC (2 years, 10 months ago) by spz
Branch: pkgsrc-2020Q4
Changes since 1.15.2.1: +3 -3
lines
Diff to previous 1.15.2.1 (colored) to branchpoint 1.15 (colored)
Pullup ticket #6412 - requested by nia www/firefox78: security update Revisions pulled up: - www/firefox78/Makefile 1.18 - www/firefox78/PLIST 1.2 - www/firefox78/distinfo 1.10 - www/firefox78/mozilla-common.mk 1.9 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: nia Date: Wed Jan 27 05:24:11 UTC 2021 Modified Files: pkgsrc/www/firefox78: Makefile PLIST distinfo mozilla-common.mk Log Message: firefox78: Update to 78.7.0 changes: https://www.mozilla.org/en-US/security/advisories/mfsa2021-04/ To generate a diff of this commit: cvs rdiff -u -r1.17 -r1.18 pkgsrc/www/firefox78/Makefile cvs rdiff -u -r1.1 -r1.2 pkgsrc/www/firefox78/PLIST cvs rdiff -u -r1.9 -r1.10 pkgsrc/www/firefox78/distinfo cvs rdiff -u -r1.8 -r1.9 pkgsrc/www/firefox78/mozilla-common.mk
Revision 1.18 / (download) - annotate - [select for diffs], Wed Jan 27 05:24:11 2021 UTC (2 years, 10 months ago) by nia
Branch: MAIN
Changes since 1.17: +3 -3
lines
Diff to previous 1.17 (colored)
firefox78: Update to 78.7.0 changes: https://www.mozilla.org/en-US/security/advisories/mfsa2021-04/
Revision 1.15.2.1 / (download) - annotate - [select for diffs], Sat Jan 16 21:47:26 2021 UTC (2 years, 10 months ago) by bsiegert
Branch: pkgsrc-2020Q4
Changes since 1.15: +2 -2
lines
Diff to previous 1.15 (colored)
Pullup ticket #6396 - requested by nia www/firefox78: security fix Revisions pulled up: - www/firefox78/Makefile 1.17 - www/firefox78/distinfo 1.9 - www/firefox78/patches/patch-dom_webgpu_ipc_WebGPUParent.cpp deleted --- Module Name: pkgsrc Committed By: ryoon Date: Fri Jan 8 19:13:53 UTC 2021 Modified Files: pkgsrc/www/firefox78: Makefile distinfo Removed Files: pkgsrc/www/firefox78/patches: patch-dom_webgpu_ipc_WebGPUParent.cpp Log Message: firefox78: Update to 78.6.1 Changelog: * Fix: Fixed a crash during video playback on Apple Silicon devices (bug 1683579) * Secrity fix: #CVE-2020-16044: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk
Revision 1.17 / (download) - annotate - [select for diffs], Fri Jan 8 19:13:53 2021 UTC (2 years, 10 months ago) by ryoon
Branch: MAIN
Changes since 1.16: +2 -3
lines
Diff to previous 1.16 (colored)
firefox78: Update to 78.6.1 Changelog: * Fix: Fixed a crash during video playback on Apple Silicon devices (bug 1683579) * Secrity fix: #CVE-2020-16044: Use-after-free write when handling a malicious COOKIE-ECHO SCTP chunk
Revision 1.16 / (download) - annotate - [select for diffs], Fri Jan 1 09:52:42 2021 UTC (2 years, 11 months ago) by ryoon
Branch: MAIN
Changes since 1.15: +2 -1
lines
Diff to previous 1.15 (colored)
*: Recursive revbump from audio/pulseaudio-14.0
Revision 1.15 / (download) - annotate - [select for diffs], Sat Dec 26 10:35:16 2020 UTC (2 years, 11 months ago) by nia
Branch: MAIN
CVS Tags: pkgsrc-2020Q4-base
Branch point for: pkgsrc-2020Q4
Changes since 1.14: +1 -4
lines
Diff to previous 1.14 (colored)
Remove now-actively-harmful 32-bit ARM hack from Mozilla packages.
Revision 1.6.2.3 / (download) - annotate - [select for diffs], Sat Dec 19 20:38:04 2020 UTC (2 years, 11 months ago) by bsiegert
Branch: pkgsrc-2020Q3
Changes since 1.6.2.2: +2 -2
lines
Diff to previous 1.6.2.2 (colored) to branchpoint 1.6 (colored) next main 1.7 (colored)
Pullup ticket #6385 - requested by nia www/firefox78: security fix Revisions pulled up: - www/firefox78/Makefile 1.14 - www/firefox78/distinfo 1.7 --- Module Name: pkgsrc Committed By: nia Date: Thu Dec 17 13:24:30 UTC 2020 Modified Files: pkgsrc/www/firefox78: Makefile distinfo Log Message: firefox78: Update to 78.6.0 Security Vulnerabilities fixed in Firefox ESR 78.6 #CVE-2020-16042: Operations on a BigInt could have caused uninitialized memory to be exposed #CVE-2020-26971: Heap buffer overflow in WebGL #CVE-2020-26973: CSS Sanitizer performed incorrect sanitization #CVE-2020-26974: Incorrect cast of StyleGenericFlexBasis resulted in a heap use-after-free #CVE-2020-26978: Internal network hosts could have been probed by a malicious webpage #CVE-2020-35111: The proxy.onRequest API did not catch view-source URLs #CVE-2020-35112: Opening an extension-less download may have inadvertently launched an executable instead #CVE-2020-35113: Memory safety bugs fixed in Firefox 84 and Firefox ESR 78.6
Revision 1.14 / (download) - annotate - [select for diffs], Thu Dec 17 13:24:30 2020 UTC (2 years, 11 months ago) by nia
Branch: MAIN
Changes since 1.13: +2 -2
lines
Diff to previous 1.13 (colored)
firefox78: Update to 78.6.0 Security Vulnerabilities fixed in Firefox ESR 78.6 #CVE-2020-16042: Operations on a BigInt could have caused uninitialized memory to be exposed #CVE-2020-26971: Heap buffer overflow in WebGL #CVE-2020-26973: CSS Sanitizer performed incorrect sanitization #CVE-2020-26974: Incorrect cast of StyleGenericFlexBasis resulted in a heap use-after-free #CVE-2020-26978: Internal network hosts could have been probed by a malicious webpage #CVE-2020-35111: The proxy.onRequest API did not catch view-source URLs #CVE-2020-35112: Opening an extension-less download may have inadvertently launched an executable instead #CVE-2020-35113: Memory safety bugs fixed in Firefox 84 and Firefox ESR 78.6
Revision 1.6.2.2 / (download) - annotate - [select for diffs], Tue Nov 24 18:29:25 2020 UTC (3 years ago) by bsiegert
Branch: pkgsrc-2020Q3
Changes since 1.6.2.1: +2 -6
lines
Diff to previous 1.6.2.1 (colored) to branchpoint 1.6 (colored)
Pullup ticket #6370 - requested by nia
www/firefox78: security fix
NOTE: This also includes the changes from pullup tickets #6363 and #6369.
Revisions pulled up:
- www/firefox78/Makefile 1.9,1.13
- www/firefox78/distinfo 1.5-1.6
- www/firefox78/patches/patch-js_src_jit_ProcessExecutableMemory.cpp 1.1
- www/firefox78/patches/patch-js_src_vm_ArrayBufferObject.cpp 1.1
---
Module Name: pkgsrc
Committed By: nia
Date: Tue Nov 10 02:59:28 UTC 2020
Modified Files:
pkgsrc/www/firefox78: Makefile distinfo
Added Files:
pkgsrc/www/firefox78/patches:
patch-js_src_jit_ProcessExecutableMemory.cpp
patch-js_src_vm_ArrayBufferObject.cpp
Log Message:
firefox78: Update to 78.4.1. Apply MPROTECT patches from mozjs.
Security Vulnerabilities fixed in Firefox 82.0.3, Firefox ESR 78.4.1, and Thunderbird 78.4.2
#CVE-2020-26950: Write side effects in MCallGetProperty opcode not accounted for
---
Module Name: pkgsrc
Committed By: nia
Date: Wed Nov 18 12:33:45 UTC 2020
Modified Files:
pkgsrc/www/firefox78: Makefile distinfo
Log Message:
firefox78: Update to 78.5.0
Security Vulnerabilities fixed in Firefox ESR 78.5
#CVE-2020-26951: Parsing mismatches could confuse and bypass security
sanitizer for chrome privileged code
#CVE-2020-16012: Variable time processing of cross-origin images during
drawImage calls
#CVE-2020-26953: Fullscreen could be enabled without displaying the security
UI
#CVE-2020-26956: XSS through paste (manual and clipboard API)
#CVE-2020-26958: Requests intercepted through ServiceWorkers lacked MIME
type restrictions
#CVE-2020-26959: Use-after-free in WebRequestService
#CVE-2020-26960: Potential use-after-free in uses of nsTArray
#CVE-2020-15999: Heap buffer overflow in freetype
#CVE-2020-26961: DoH did not filter IPv4 mapped IP Addresses
#CVE-2020-26965: Software keyboards may have remembered typed passwords
#CVE-2020-26966: Single-word search queries were also broadcast to local
network
#CVE-2020-26968: Memory safety bugs fixed in Firefox 83 and Firefox ESR 78.5
Revision 1.13 / (download) - annotate - [select for diffs], Wed Nov 18 12:33:45 2020 UTC (3 years ago) by nia
Branch: MAIN
Changes since 1.12: +3 -4
lines
Diff to previous 1.12 (colored)
firefox78: Update to 78.5.0
Security Vulnerabilities fixed in Firefox ESR 78.5
#CVE-2020-26951: Parsing mismatches could confuse and bypass security
sanitizer for chrome privileged code
#CVE-2020-16012: Variable time processing of cross-origin images during
drawImage calls
#CVE-2020-26953: Fullscreen could be enabled without displaying the security
UI
#CVE-2020-26956: XSS through paste (manual and clipboard API)
#CVE-2020-26958: Requests intercepted through ServiceWorkers lacked MIME
type restrictions
#CVE-2020-26959: Use-after-free in WebRequestService
#CVE-2020-26960: Potential use-after-free in uses of nsTArray
#CVE-2020-15999: Heap buffer overflow in freetype
#CVE-2020-26961: DoH did not filter IPv4 mapped IP Addresses
#CVE-2020-26965: Software keyboards may have remembered typed passwords
#CVE-2020-26966: Single-word search queries were also broadcast to local
network
#CVE-2020-26968: Memory safety bugs fixed in Firefox 83 and Firefox ESR 78.5
Revision 1.12 / (download) - annotate - [select for diffs], Wed Nov 11 23:04:44 2020 UTC (3 years ago) by wiz
Branch: MAIN
Changes since 1.11: +4 -2
lines
Diff to previous 1.11 (colored)
firefox78: one INSTALLATION_DIRS line per dir for easier syncing with other packages
Revision 1.11 / (download) - annotate - [select for diffs], Wed Nov 11 19:10:05 2020 UTC (3 years ago) by nia
Branch: MAIN
Changes since 1.10: +2 -1
lines
Diff to previous 1.10 (colored)
firefox78: Honor user's compiler choice again, don't require Python 2. The python 2 dependency was seemingly removed in Firefox 78.0 so we can remove those old hacks. Firefox needs clang for some unknown part of the build process (rust related?), even if building with GCC. The previous solution in pkgsrc was to force the use of clang, because pkgsrc provides cwrappers which provided gcc-as-clang, which broke everything. Instead, override the clang wrapper with the actual clang executable. This means the majority of the build happens with GCC (or ccache, distcc, whatever the user chooses, rather than overriding it with clang). Should help sparc64, where clang doesn't work too well. Full build tested on NetBSD/amd64.
Revision 1.10 / (download) - annotate - [select for diffs], Wed Nov 11 10:13:29 2020 UTC (3 years ago) by nia
Branch: MAIN
Changes since 1.9: +2 -2
lines
Diff to previous 1.9 (colored)
firefox78: Clean up some problems identified by pkglint. Most of these PLIST variables are no longer used.
Revision 1.9 / (download) - annotate - [select for diffs], Tue Nov 10 02:59:27 2020 UTC (3 years ago) by nia
Branch: MAIN
Changes since 1.8: +2 -7
lines
Diff to previous 1.8 (colored)
firefox78: Update to 78.4.1. Apply MPROTECT patches from mozjs. Security Vulnerabilities fixed in Firefox 82.0.3, Firefox ESR 78.4.1, and Thunderbird 78.4.2 #CVE-2020-26950: Write side effects in MCallGetProperty opcode not accounted for
Revision 1.8 / (download) - annotate - [select for diffs], Thu Nov 5 09:09:20 2020 UTC (3 years, 1 month ago) by ryoon
Branch: MAIN
Changes since 1.7: +2 -1
lines
Diff to previous 1.7 (colored)
*: Recursive revbump from textproc/icu-68.1
Revision 1.6.2.1 / (download) - annotate - [select for diffs], Fri Oct 23 15:36:35 2020 UTC (3 years, 1 month ago) by bsiegert
Branch: pkgsrc-2020Q3
Changes since 1.6: +2 -2
lines
Diff to previous 1.6 (colored)
Pullup ticket #6348 - requested by nia www/firefox78: security fix Revisions pulled up: - www/firefox78/Makefile 1.7 - www/firefox78/distinfo 1.4 --- Module Name: pkgsrc Committed By: nia Date: Wed Oct 21 19:23:05 UTC 2020 Modified Files: pkgsrc/www/firefox78: Makefile distinfo Log Message: firefox78: Update to 78.4.0 Security Vulnerabilities fixed in Firefox ESR 78.4 #CVE-2020-15969: Use-after-free in usersctp #CVE-2020-15683: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4
Revision 1.7 / (download) - annotate - [select for diffs], Wed Oct 21 19:23:05 2020 UTC (3 years, 1 month ago) by nia
Branch: MAIN
Changes since 1.6: +2 -2
lines
Diff to previous 1.6 (colored)
firefox78: Update to 78.4.0 Security Vulnerabilities fixed in Firefox ESR 78.4 #CVE-2020-15969: Use-after-free in usersctp #CVE-2020-15683: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4
Revision 1.6 / (download) - annotate - [select for diffs], Thu Sep 24 04:31:07 2020 UTC (3 years, 2 months ago) by nia
Branch: MAIN
CVS Tags: pkgsrc-2020Q3-base
Branch point for: pkgsrc-2020Q3
Changes since 1.5: +2 -3
lines
Diff to previous 1.5 (colored)
firefox78: Update to 78.3.0
Security Vulnerabilities fixed in Firefox ESR 78.3
#CVE-2020-15677: Download origin spoofing via redirect
#CVE-2020-15676: XSS when pasting attacker-controlled data into a
contenteditable element
#CVE-2020-15678: When recursing through layers while scrolling, an iterator
may have become invalid, resulting in a potential use-after-free scenario
#CVE-2020-15673: Memory safety bugs fixed in Firefox 81 and Firefox ESR 78.3
Revision 1.5 / (download) - annotate - [select for diffs], Mon Aug 31 18:12:33 2020 UTC (3 years, 3 months ago) by wiz
Branch: MAIN
Changes since 1.4: +2 -1
lines
Diff to previous 1.4 (colored)
*: bump PKGREVISION for perl-5.32.
Revision 1.4 / (download) - annotate - [select for diffs], Sat Aug 29 15:56:43 2020 UTC (3 years, 3 months ago) by nia
Branch: MAIN
Changes since 1.3: +2 -3
lines
Diff to previous 1.3 (colored)
firefox78: Update to 78.2.0
Security Vulnerabilities fixed in Firefox ESR 78.2
#CVE-2020-15663: Downgrade attack on the Mozilla Maintenance Service could
have resulted in escalation of privilege
Note: This issue only affected Windows operating systems.
Other operating systems are unaffected.
#CVE-2020-15664: Attacker-induced prompt for extension installation
#CVE-2020-15670: Memory safety bugs fixed in Firefox 80 and Firefox ESR 78.2
Revision 1.3 / (download) - annotate - [select for diffs], Tue Aug 18 17:58:16 2020 UTC (3 years, 3 months ago) by leot
Branch: MAIN
Changes since 1.2: +2 -2
lines
Diff to previous 1.2 (colored)
*: revbump for libsndfile
Revision 1.2 / (download) - annotate - [select for diffs], Mon Aug 17 20:20:21 2020 UTC (3 years, 3 months ago) by leot
Branch: MAIN
Changes since 1.1: +2 -1
lines
Diff to previous 1.1 (colored)
*: revbump after fontconfig bl3 changes (libuuid removal)
Revision 1.1 / (download) - annotate - [select for diffs], Thu Jul 30 08:09:28 2020 UTC (3 years, 4 months ago) by nia
Branch: MAIN
www: Add firefox78 Mozilla Firefox is a free, open-source and cross-platform web browser for Windows, Linux, MacOS X and many other operating systems. It is fast and easy to use, and offers many advantages over other web browsers, such as tabbed browsing and the ability to block pop-up windows. Firefox also offers excellent bookmark and history management, and it can be extended by developers using industry standards such as XML, CSS, JavaScript, C++, etc. Many extensions are available. This package provides Firefox 78 ESR.