pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/pkgsrc-2022Q1]: pkgsrc/www/firefox91 Pullup ticket #6635 - requested ...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/dba2e8413fa9
branches:  pkgsrc-2022Q1
changeset: 380373:dba2e8413fa9
user:      spz <spz%pkgsrc.org@localhost>
date:      Sun Jun 05 06:09:37 2022 +0000

description:
Pullup ticket #6635 - requested by nia
www/firefox91: security update

Revisions pulled up:
- www/firefox91/Makefile                                        1.18
- www/firefox91/distinfo                                        1.13
- www/firefox91/patches/patch-browser_app_profile_firefox.js    1.2

-------------------------------------------------------------------
   Module Name: pkgsrc
   Committed By:        nia
   Date:                Mon May 16 21:16:00 UTC 2022

   Modified Files:
        pkgsrc/www/firefox91: Makefile distinfo
        pkgsrc/www/firefox91/patches: patch-browser_app_profile_firefox.js

   Log Message:
   firefox91: update to 91.9.0

   Security Vulnerabilities fixed in Firefox ESR 91.9

       #CVE-2022-29914: Fullscreen notification bypass using popups

       #CVE-2022-29909: Bypassing permission prompt in nested browsing contexts

       #CVE-2022-29916: Leaking browser history with CSS variables

       #CVE-2022-29911: iframe Sandbox bypass

       #CVE-2022-29912: Reader mode bypassed SameSite cookies

       #CVE-2022-29917: Memory safety bugs fixed in Firefox 100 and Firefox ESR
       91.9


   To generate a diff of this commit:
   cvs rdiff -u -r1.17 -r1.18 pkgsrc/www/firefox91/Makefile
   cvs rdiff -u -r1.12 -r1.13 pkgsrc/www/firefox91/distinfo
   cvs rdiff -u -r1.1 -r1.2 \
       pkgsrc/www/firefox91/patches/patch-browser_app_profile_firefox.js

diffstat:

 www/firefox91/Makefile                                     |   4 +-
 www/firefox91/distinfo                                     |  10 ++++----
 www/firefox91/patches/patch-browser_app_profile_firefox.js |  17 +++++++++++--
 3 files changed, 21 insertions(+), 10 deletions(-)

diffs (68 lines):

diff -r a2bdb76fd0bb -r dba2e8413fa9 www/firefox91/Makefile
--- a/www/firefox91/Makefile    Sat Jun 04 10:32:40 2022 +0000
+++ b/www/firefox91/Makefile    Sun Jun 05 06:09:37 2022 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.15.2.1 2022/04/13 07:16:37 bsiegert Exp $
+# $NetBSD: Makefile,v 1.15.2.2 2022/06/05 06:09:37 spz Exp $
 
 FIREFOX_VER=           ${MOZ_BRANCH}${MOZ_BRANCH_MINOR}
-MOZ_BRANCH=            91.8
+MOZ_BRANCH=            91.9
 MOZ_BRANCH_MINOR=      .0esr
 
 DISTNAME=      firefox-${FIREFOX_VER}.source
diff -r a2bdb76fd0bb -r dba2e8413fa9 www/firefox91/distinfo
--- a/www/firefox91/distinfo    Sat Jun 04 10:32:40 2022 +0000
+++ b/www/firefox91/distinfo    Sun Jun 05 06:09:37 2022 +0000
@@ -1,13 +1,13 @@
-$NetBSD: distinfo,v 1.11.2.1 2022/04/13 07:16:37 bsiegert Exp $
+$NetBSD: distinfo,v 1.11.2.2 2022/06/05 06:09:37 spz Exp $
 
-BLAKE2s (firefox-91.8.0esr.source.tar.xz) = 7d5e0d909d4a7e71e011dfe2c08802bb12aeb5fc5a807a57a30b9430e87c8de6
-SHA512 (firefox-91.8.0esr.source.tar.xz) = edea2c7d4d3d0322091b20b623019ef041090d9f89f33c8e3140f66a54624261f278257393db70d2038154de8ee02da0bee6ecf85c281f3558338da71fc173c3
-Size (firefox-91.8.0esr.source.tar.xz) = 380325092 bytes
+BLAKE2s (firefox-91.9.0esr.source.tar.xz) = 36fec9568a45386572e6383d942a091718db5bca2aad13a1bc4448beb45995f1
+SHA512 (firefox-91.9.0esr.source.tar.xz) = fd69d489429052013d2c1b8b766a47920ecee62f0688505758f593b27ae66d6343b9107163749406251aedebdf836147e4d562415a811b04d7ab2ae31e32f133
+Size (firefox-91.9.0esr.source.tar.xz) = 384516460 bytes
 BLAKE2s (nodejs-output-91.0.tgz) = 5007b8d20d6264a4cd573b465643cff83c2adc75ad7dd9fba97ff5fcae787c9f
 SHA512 (nodejs-output-91.0.tgz) = 3a457101a4aaa5ae955b77c41ba6b0d98eb5dd0ae9d6d8cc77c0c7bc0e844238a9c0d86cd1838ffb6a37ad8851f871c21e4ca1bb59d11e58fc42c5fec88c298c
 Size (nodejs-output-91.0.tgz) = 201061 bytes
 SHA1 (patch-aa) = 15b8567cee2af9853f6949c80345ffcb1fd3852a
-SHA1 (patch-browser_app_profile_firefox.js) = 89cea0a66457c96ad0b94aaa524aa5942ad781d0
+SHA1 (patch-browser_app_profile_firefox.js) = 7f6b4361fe62ccc2d1c092a5ace97ea2085727bf
 SHA1 (patch-build_moz.configure_rust.configure) = 25ddfacd29cebbc6db005dbe61a2a7446d480678
 SHA1 (patch-config_gcc-stl-wrapper.template.h) = 9d88c7b1ccfdd3c6bd2dcd9530a36ad4a501d97a
 SHA1 (patch-config_makefiles_rust.mk) = 72d7e9ecee3ccf7ef5f741aac8e35509b41ab7b8
diff -r a2bdb76fd0bb -r dba2e8413fa9 www/firefox91/patches/patch-browser_app_profile_firefox.js
--- a/www/firefox91/patches/patch-browser_app_profile_firefox.js        Sat Jun 04 10:32:40 2022 +0000
+++ b/www/firefox91/patches/patch-browser_app_profile_firefox.js        Sun Jun 05 06:09:37 2022 +0000
@@ -1,8 +1,11 @@
-$NetBSD: patch-browser_app_profile_firefox.js,v 1.1 2021/09/08 22:19:50 nia Exp $
+$NetBSD: patch-browser_app_profile_firefox.js,v 1.1.6.1 2022/06/05 06:09:37 spz Exp $
 
---- browser/app/profile/firefox.js.orig        2019-07-06 01:48:29.000000000 +0000
+This patch modifies default Firefox settings - see the comments above
+each one.
+
+--- browser/app/profile/firefox.js.orig        2022-04-28 23:01:46.000000000 +0000
 +++ browser/app/profile/firefox.js
-@@ -1851,6 +1851,12 @@ pref("fission.frontend.simulate-messages
+@@ -2205,6 +2205,20 @@ pref("fission.frontend.simulate-messages
  pref("toolkit.coverage.enabled", false);
  pref("toolkit.coverage.endpoint.base", "https://coverage.mozilla.org";);
  
@@ -12,6 +15,14 @@
 +// Enable system addons, for example langpacks from www/firefox-l10n
 +pref("extensions.autoDisableScopes", 11);
 +
++// Firefox includes a complex mechanism for "blacklisting" GPUs that
++// appears to fail on a NetBSD system where the only available OpenGL
++// implementations are all from Mesa.  WebRender was supposed to be
++// enabled by default from Firefox 91 onwards and appears to greatly
++// improve performance even with acceleration disabled at the kernel
++// level.
++pref("gfx.webrender.all", true);
++
  // Discovery prefs
  pref("browser.discovery.enabled", true);
  pref("browser.discovery.containers.enabled", true);



Home | Main Index | Thread Index | Old Index