CVS commit: pkgsrc/www/firefox

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/www/firefox
From: "Ryo ONODERA" <ryoon%netbsd.org@localhost>
Date: Sat, 12 Oct 2024 07:49:07 +0000

Module Name:    pkgsrc
Committed By:   ryoon
Date:           Sat Oct 12 07:49:07 UTC 2024

Modified Files:
        pkgsrc/www/firefox: Makefile distinfo
        pkgsrc/www/firefox/files: node-wrapper.sh
Removed Files:
        pkgsrc/www/firefox/patches: patch-js_src_old-configure.in

Log Message:
www/firefox: Update to 131.0.2

131.0.2:
Fixed

  * Security fix.

Security fixes:
Mozilla Foundation Security Advisory 2024-51
#CVE-2024-9680: Use-after-free in Animation timeline

131.0:
New

  * Firefox will now offer to temporarily remember when users grant permissions
    to sites (e.g. geolocation). Temporary permissions will be removed either
    after one hour or when the tab is closed.

    permission-option

  * A tab preview is now displayed when hovering the mouse over background
    tabs, making it easier to locate the desired tab without needing to switch
    tabs.

    screenshot of a preview image displayed under a background tab when you
    mouse over the tab

  * When suggesting a default translation language, Firefox will now take into
    consideration languages you have previously used for translations.

  * We??ve re-introduced the ability to navigate to the search engine home page
    when the search bar is empty by using shift-enter/shift-click.

Fixed

  * Various security fixes.

Securiry fixes:
Mozilla Foundation Security Advisory 2024-46
#CVE-2024-9391: Prevent users from exiting full-screen mode in Firefox Focus
 for Android
#CVE-2024-9392: Compromised content process can bypass site isolation
#CVE-2024-9393: Cross-origin access to PDF contents through multipart responses
#CVE-2024-9394: Cross-origin access to JSON contents through multipart
 responses
#CVE-2024-9395: Specially crafted filename could be used to obscure download
 type
#CVE-2024-9396: Potential memory corruption may occur when cloning certain
 objects
#CVE-2024-9397: Potential directory upload bypass via clickjacking
#CVE-2024-9398: External protocol handlers could be enumerated via popups
#CVE-2024-9399: Specially crafted WebTransport requests could lead to denial of
 service
#CVE-2024-9400: Potential memory corruption during JIT compilation
#CVE-2024-9401: Memory safety bugs fixed in Firefox 131, Firefox ESR 115.16,
 Firefox ESR 128.3, Thunderbird 131, and Thunderbird 128.3
#CVE-2024-9402: Memory safety bugs fixed in Firefox 131, Firefox ESR 128.3,
 Thunderbird 131, and Thunderbird 128.3
#CVE-2024-9403: Memory safety bugs fixed in Firefox 131 and Thunderbird 131


To generate a diff of this commit:
cvs rdiff -u -r1.609 -r1.610 pkgsrc/www/firefox/Makefile
cvs rdiff -u -r1.542 -r1.543 pkgsrc/www/firefox/distinfo
cvs rdiff -u -r1.22 -r1.23 pkgsrc/www/firefox/files/node-wrapper.sh
cvs rdiff -u -r1.1 -r0 \
    pkgsrc/www/firefox/patches/patch-js_src_old-configure.in

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/www/firefox/Makefile
diff -u pkgsrc/www/firefox/Makefile:1.609 pkgsrc/www/firefox/Makefile:1.610
--- pkgsrc/www/firefox/Makefile:1.609   Tue Oct  1 12:47:18 2024
+++ pkgsrc/www/firefox/Makefile Sat Oct 12 07:49:07 2024
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.609 2024/10/01 12:47:18 ryoon Exp $
+# $NetBSD: Makefile,v 1.610 2024/10/12 07:49:07 ryoon Exp $
 
 FIREFOX_VER=           ${MOZ_BRANCH}${MOZ_BRANCH_MINOR}
-MOZ_BRANCH=            130.0
-MOZ_BRANCH_MINOR=      .1
+MOZ_BRANCH=            131.0
+MOZ_BRANCH_MINOR=      .2
 
 DISTNAME=      firefox-${FIREFOX_VER}.source
 PKGNAME=       ${DISTNAME:S/.source//:S/b/beta/:S/esr//}
@@ -11,7 +11,7 @@ MASTER_SITES+=        ${MASTER_SITE_MOZILLA:=fi
 MASTER_SITES+= ${MASTER_SITE_MOZILLA_ALL:=firefox/releases/${FIREFOX_VER}/source/}
 EXTRACT_SUFX=  .tar.xz
 
-NODEJSKIT=             nodejs-output-130.0.tgz
+NODEJSKIT=             nodejs-output-131.0.tgz
 DISTFILES=             ${DEFAULT_DISTFILES} ${NODEJSKIT}
 SITES.${NODEJSKIT}=    ${MASTER_SITE_LOCAL}
 

Index: pkgsrc/www/firefox/distinfo
diff -u pkgsrc/www/firefox/distinfo:1.542 pkgsrc/www/firefox/distinfo:1.543
--- pkgsrc/www/firefox/distinfo:1.542   Fri Oct 11 13:55:47 2024
+++ pkgsrc/www/firefox/distinfo Sat Oct 12 07:49:07 2024
@@ -1,11 +1,11 @@
-$NetBSD: distinfo,v 1.542 2024/10/11 13:55:47 wiz Exp $
+$NetBSD: distinfo,v 1.543 2024/10/12 07:49:07 ryoon Exp $
 
-BLAKE2s (firefox-130.0.1.source.tar.xz) = 2aee241b1375f2132fc79c2162d1f29134ff30c24ed23f544b46e2cac30b1ffa
-SHA512 (firefox-130.0.1.source.tar.xz) = 163d1ce9f671a4716686955c43ff23d9f200f6c52dfdabcbb93af6a326c24aa5096404f42447b02b5a3ad02e2f60d17271783638fe027d24865aebb3e70e97fe
-Size (firefox-130.0.1.source.tar.xz) = 566583020 bytes
-BLAKE2s (nodejs-output-130.0.tgz) = 26b8c396956a9616e6fbca147dce077a46f9234e2d5aa28705dab6522ce0efee
-SHA512 (nodejs-output-130.0.tgz) = c084f97e9d0bc33b6ac85957072723833494adeb367ef09c4c9c1ad851b6fdff322dd633308ff5861ee805d52d1b622b4b35d4d659ee931d58bb573d7c3819aa
-Size (nodejs-output-130.0.tgz) = 236896 bytes
+BLAKE2s (firefox-131.0.2.source.tar.xz) = b84c8196f808f62ac163fc038a5b114c34e24961a3c2ae99367aa00dbeed7e5e
+SHA512 (firefox-131.0.2.source.tar.xz) = fb1a1179a8c62de975c93e1ac6f058cb5492e955bbb7ac2d4b83cdd14ba17bdb2450078bd6f626124b14542f3fda9514bea476aaa34ff4f5a2bee6b1625ec963
+Size (firefox-131.0.2.source.tar.xz) = 567226924 bytes
+BLAKE2s (nodejs-output-131.0.tgz) = 95acb262e5fa4a5a6fa9a228c4ef4d56a61fcb053640fb33167beaddf2025337
+SHA512 (nodejs-output-131.0.tgz) = edeeb8e8ec6579ccc2fbf0010a96e16b99910cf76c341dfa261325b02e4b6a31f0ab0cc45c52b83cba524f4510de4d03d42494f4f5dc6ff8f200ff284f102606
+Size (nodejs-output-131.0.tgz) = 236943 bytes
 SHA1 (patch-browser_app_profile_firefox.js) = bc719edef37d18655ba79b030270438ee166fdaf
 SHA1 (patch-build_moz.configure_init.configure) = 65deb3c233df0aab81eb1fca05d708e5a4ed169a
 SHA1 (patch-build_moz.configure_rust.configure) = 25ddfacd29cebbc6db005dbe61a2a7446d480678
@@ -23,7 +23,6 @@ SHA1 (patch-ipc_glue_GeckoChildProcessHo
 SHA1 (patch-js-src-jit-arm64-vixl-MozCpu-vixl.cpp) = d90fca47d79551fd74214d47f8184670b901b792
 SHA1 (patch-js_public_Utility.h) = bb5464a0398b91693ab362e6b9b06d48429b9e7d
 SHA1 (patch-js_src_jit_FlushICache.cpp) = d1e611eaf7d7be22abfac6b39fbcd99df3570e47
-SHA1 (patch-js_src_old-configure.in) = 589e24765615ede2c3c6abfe0b3529c5645193ed
 SHA1 (patch-js_src_tests_lib_results.py) = 5634207e249cab7270b47f4515657740e803d616
 SHA1 (patch-js_src_util_NativeStack.cpp) = a0a16d8d8d78d3cc3f4d2a508586f1a7821f7dba
 SHA1 (patch-js_src_vm_TypedArrayObject-inl.h) = e7913c8d4b2b05b67040baa64dae62d6ba40390e

Index: pkgsrc/www/firefox/files/node-wrapper.sh
diff -u pkgsrc/www/firefox/files/node-wrapper.sh:1.22 pkgsrc/www/firefox/files/node-wrapper.sh:1.23
--- pkgsrc/www/firefox/files/node-wrapper.sh:1.22       Tue Oct  1 12:47:19 2024
+++ pkgsrc/www/firefox/files/node-wrapper.sh    Sat Oct 12 07:49:07 2024
@@ -1,6 +1,6 @@
 #! /bin/sh
 
-VERS=v22.7.0
+VERS=v22.9.0
 
 if [ "$1" = "-v" ] || [ "$1" = "--version" ]; then
        printf "${VERS}\n"

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index