CVS commit: pkgsrc/www/firefox

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/www/firefox
From: "Ryo ONODERA" <ryoon%netbsd.org@localhost>
Date: Fri, 28 Jun 2024 13:19:52 +0000

Module Name:    pkgsrc
Committed By:   ryoon
Date:           Fri Jun 28 13:19:52 UTC 2024

Modified Files:
        pkgsrc/www/firefox: Makefile distinfo
        pkgsrc/www/firefox/files: node-wrapper.sh

Log Message:
www/firefox: Update to 127.0.2

Changelog:
127.0.2:
Fixed

  * Fixed an issue where YouTube playback may experience stalling under certain
    conditions (bug 1900191, bug 1878510).

  * Fixed an issue where the Private Window icon was displayed in the taskbar
    on Windows when browser.privateWindowSeparation.enabled was set to false (
    bug 1901840).

127.0.1:
Fixed

  * Fixed an issue where users with a primary password set on their profile
    could lose their previous session of tabs upon upgrading if they dismissed
    the primary password prompt (bug 1901899).

  * Fixed an issue where Linux users with accessibility.monoaudio.enable set to
    true were experiencing slow audio speeds (bug 1900972).

  * Fixed an issue where, in some circumstances, the Firefox installer on
    Windows failed to complete the installation (bug 1896868).

  * Fixed an issue causing Firefox to incorrectly reject cookies for certain
    websites (bug 1901325).

127.0:
New

  * You can now set Firefox to automatically launch whenever you start or
    restart your Windows computer. Setting Firefox to auto-launch optimizes
    efficiency in our browser-centric digital routines, eliminating manual
    startup delays and facilitating immediate web access. (Learn more)

  * We completed work to optimize and enable DNS prefetching for HTTPS
    documents via the rel="dns-prefetch" link hint. This standard allows web
    developers to specify domain names for important assets that should be
    resolved preemptively.

  * It is now possible to close all duplicate tabs in a window with the Close
    duplicate tabs command available from the List all tabs widget in the tab
    bar or a tab context menu.

  * Firefox will now automatically try to upgrade <img>, <audio>, and <video>
    elements from HTTP to HTTPS if they are embedded within an HTTPS page. If
    these so-called mixed content elements do not support HTTPS, they will no
    longer load.

  * For added protection on MacOS and Windows, a device sign in (e.g. your
    operating system password, fingerprint, face or voice login if enabled) can
    be required when accessing and filling stored passwords in the Firefox
    Password Manager about:logins page.

Fixed

  * Various security fixes.

Changed

  * To reduce user fingerprinting information and the risk of some website
    compatibility issues, the CPU architecture for 32-bit x86 Linux will now be
    reported as x86_64 in Firefox's User-Agent string and navigator.platform
    and navigator.oscpu Web APIs.

  * Links and other focusable elements are now tab-navigable by default on
    macOS, instead of following macOS' "Keyboard navigation" setting. This is a
    more accessible default and matches the default in all other platforms. A
    checkbox in the settings page still allows users to restore the old
    behavior.

  * The Screenshots feature in Firefox has gotten a big update! It now supports
    taking screenshots of file types like SVG, XML, and more as well as various
    about: pages within Firefox. We've also made the screenshot tool more
    accessible to everyone by implementing new keyboard shortcuts and adding
    theme compatibility and High Contrast Mode (HCM) support. And finally,
    performance for capturing large screenshots has been improved.

Security fixes:
Mozilla Foundation Security Advisory 2024-25
#CVE-2024-5687: An incorrect principal could have been used when opening new
 tabs
#CVE-2024-5688: Use-after-free in JavaScript object transplant
#CVE-2024-5689: User confusion and possible phishing vector via Firefox
 Screenshots
#CVE-2024-5690: External protocol handlers leaked by timing attack
#CVE-2024-5691: Sandboxed iframes were able to bypass sandbox restrictions to
 open a new window
#CVE-2024-5692: Bypass of file name restrictions during saving
#CVE-2024-5693: Cross-Origin Image leak via Offscreen Canvas
#CVE-2024-5694: Use-after-free in JavaScript Strings
#CVE-2024-5695: Memory Corruption using allocation using out-of-memory
 conditions
#CVE-2024-5696: Memory Corruption in Text Fragments
#CVE-2024-5697: Website was able to detect when Firefox was taking a screenshot
 of them
#CVE-2024-5698: Data-list could have overlaid address bar
#CVE-2024-5699: Cookie prefixes not treated as case-sensitive
#CVE-2024-5700: Memory safety bugs fixed in Firefox 127, Firefox ESR 115.12,
 and Thunderbird 115.12
#CVE-2024-5701: Memory safety bugs fixed in Firefox 127


To generate a diff of this commit:
cvs rdiff -u -r1.602 -r1.603 pkgsrc/www/firefox/Makefile
cvs rdiff -u -r1.531 -r1.532 pkgsrc/www/firefox/distinfo
cvs rdiff -u -r1.18 -r1.19 pkgsrc/www/firefox/files/node-wrapper.sh

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/www/firefox/Makefile
diff -u pkgsrc/www/firefox/Makefile:1.602 pkgsrc/www/firefox/Makefile:1.603
--- pkgsrc/www/firefox/Makefile:1.602   Fri Jun 21 13:25:25 2024
+++ pkgsrc/www/firefox/Makefile Fri Jun 28 13:19:52 2024
@@ -1,18 +1,17 @@
-# $NetBSD: Makefile,v 1.602 2024/06/21 13:25:25 jperkin Exp $
+# $NetBSD: Makefile,v 1.603 2024/06/28 13:19:52 ryoon Exp $
 
 FIREFOX_VER=           ${MOZ_BRANCH}${MOZ_BRANCH_MINOR}
-MOZ_BRANCH=            126.0
-MOZ_BRANCH_MINOR=      
+MOZ_BRANCH=            127.0
+MOZ_BRANCH_MINOR=      .2
 
 DISTNAME=      firefox-${FIREFOX_VER}.source
 PKGNAME=       ${DISTNAME:S/.source//:S/b/beta/:S/esr//}
-PKGREVISION=   1
 CATEGORIES=    www
 MASTER_SITES+= ${MASTER_SITE_MOZILLA:=firefox/releases/${FIREFOX_VER}/source/}
 MASTER_SITES+= ${MASTER_SITE_MOZILLA_ALL:=firefox/releases/${FIREFOX_VER}/source/}
 EXTRACT_SUFX=  .tar.xz
 
-NODEJSKIT=             nodejs-output-126.0.tgz
+NODEJSKIT=             nodejs-output-127.0.tgz
 DISTFILES=             ${DEFAULT_DISTFILES} ${NODEJSKIT}
 SITES.${NODEJSKIT}=    ${MASTER_SITE_LOCAL}
 

Index: pkgsrc/www/firefox/distinfo
diff -u pkgsrc/www/firefox/distinfo:1.531 pkgsrc/www/firefox/distinfo:1.532
--- pkgsrc/www/firefox/distinfo:1.531   Sat May 18 00:22:38 2024
+++ pkgsrc/www/firefox/distinfo Fri Jun 28 13:19:52 2024
@@ -1,11 +1,11 @@
-$NetBSD: distinfo,v 1.531 2024/05/18 00:22:38 ryoon Exp $
+$NetBSD: distinfo,v 1.532 2024/06/28 13:19:52 ryoon Exp $
 
-BLAKE2s (firefox-126.0.source.tar.xz) = c648d4a7ff8983a6b7e07575e2c9ff34775f7b7320c6c2121524c077745f147b
-SHA512 (firefox-126.0.source.tar.xz) = 56025b051d544ca294911a1d6a66f09945f71012131881b64313dafb579730810a4b091950c90a21d4fd3f393ba23670d8409086e1677d80d0bbbe347c303527
-Size (firefox-126.0.source.tar.xz) = 552065476 bytes
-BLAKE2s (nodejs-output-126.0.tgz) = 25f99a80ee2eb42ccf9f79f6909698ba2411dd83726acdfcefd31570f8aa461e
-SHA512 (nodejs-output-126.0.tgz) = 6f4e7111947e74464dd7a99330b81641a0c3d9e0aa47430ebb06602a3451b518974002968fbc7ba329fc4730b0d09e1639d938b935e68006586c5a5ac0fc47b9
-Size (nodejs-output-126.0.tgz) = 226081 bytes
+BLAKE2s (firefox-127.0.2.source.tar.xz) = 82feab9fe0fba70c9af0b682b1ce1b8899ca962eb6cd9ddddf6fc6fc74146eb3
+SHA512 (firefox-127.0.2.source.tar.xz) = d5a959a032309b8a42690b7f5afd5110c2e6ca7de426e1529d50f59cf065e67623ed98bf3aab39ce4d345ccfad2a273b24ce4f87c7ba7e6eccf2e9dfe3008d8b
+Size (firefox-127.0.2.source.tar.xz) = 554998504 bytes
+BLAKE2s (nodejs-output-127.0.tgz) = 80641508926e10e327972b11ddef40b00f6215b4f527160b02bc7444ffdb3a2a
+SHA512 (nodejs-output-127.0.tgz) = 03371c3ee3b6b60fc81743e8d2e89f9c7c43f5a8b16775dd4cd23932b5e0776e03cf0d0875136d612b98c9bf4240197728df5f0b05e0ee82bf75738981398a95
+Size (nodejs-output-127.0.tgz) = 226801 bytes
 SHA1 (patch-browser_app_profile_firefox.js) = bc719edef37d18655ba79b030270438ee166fdaf
 SHA1 (patch-build_moz.configure_init.configure) = 65deb3c233df0aab81eb1fca05d708e5a4ed169a
 SHA1 (patch-build_moz.configure_rust.configure) = 25ddfacd29cebbc6db005dbe61a2a7446d480678

Index: pkgsrc/www/firefox/files/node-wrapper.sh
diff -u pkgsrc/www/firefox/files/node-wrapper.sh:1.18 pkgsrc/www/firefox/files/node-wrapper.sh:1.19
--- pkgsrc/www/firefox/files/node-wrapper.sh:1.18       Sat May 18 00:22:38 2024
+++ pkgsrc/www/firefox/files/node-wrapper.sh    Fri Jun 28 13:19:52 2024
@@ -1,6 +1,6 @@
 #! /bin/sh
 
-VERS=v22.1.0
+VERS=v22.2.0
 
 if [ "$1" = "-v" ] || [ "$1" = "--version" ]; then
        printf "${VERS}\n"

Prev by Date: CVS commit: pkgsrc/mail/s-nail
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/mail/s-nail
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index