CVS commit: pkgsrc/www/firefox

["Ryo ONODERA" <ryoon%netbsd.org@localhost>]

Module Name:    pkgsrc
Committed By:   ryoon
Date:           Tue Oct 29 14:33:40 UTC 2024

Modified Files:
        pkgsrc/www/firefox: Makefile distinfo
        pkgsrc/www/firefox/files: node-wrapper.sh
        pkgsrc/www/firefox/patches:
            patch-netwerk_protocol_http_nsHttpHandler.cpp
Removed Files:
        pkgsrc/www/firefox/patches: patch-security_nss_lib_freebl_mpi_mpi.c

Log Message:
www/firefox: Update to 132.0

Changelog:
132.0:
New

  * Microsoft PlayReady encrypted media playback is now being rolled out to
    select sites on Windows. Through this support, we are gradually rolling out
    a 1080p baseline and 4K Ultra HD support with key streaming partners. An
    added benefit is that viewers get less battery drain and better performance
    when streaming their favorite movies and shows.

    This feature is part of a progressive roll out.

  * Wide Color Gamut WebGL is now available for Windows and macOS users! With
    this support, Firefox is bringing a richer, more vivid range of colors to
    the videos, games, and images on your screen. This implementation currently
    supports wider color (P3) profiles in 8-bit.

  * WebRender hardware accelerated rendering is now enabled for most SVG filter
    primitives, improving performance for certain graphics-heavy content.
    Accelerated filters are feBlend, feColorMatrix, feComponentTransfer,
    feComposite, feDropShadow, feFlood, feGaussianBlur, feMerge and feOffset.

  * Added support for macOS?? new screen and window sharing selection features
    on macOS 15 and later. Support for macOS 14 will be added in a future
    release.

  * The macOS session resume feature has been enhanced. Firefox will now
    automatically relaunch if it was open before a system restart, like after
    an OS update.

  * Firefox now blocks third-party cookie access when Enhanced Tracking
    Protection's Strict mode is enabled.

Fixed

  * Various security fixes.

Changed

  * As a follow-up to our work to upgrade mixed content starting with Firefox
    127, HTTP-favicons will now also be blocked if they can not be received
    over HTTPS instead.

  * The Copy Without Site Tracking option is now grayed out when no known
    tracking parameters are found within the link. Additionally, more tracking
    parameter support has been added for websites such as LinkedIn and Shopee.
    Please report tracking parameters that aren't removed by filing a bug in
    Bugzilla.

Security fixes:
Mozilla Foundation Security Advisory 2024-55
#CVE-2024-10458: Permission leak via embed or object elements
#CVE-2024-10459: Use-after-free in layout with accessibility
#CVE-2024-10460: Confusing display of origin for external protocol handler
 prompt
#CVE-2024-10461: XSS due to Content-Disposition being ignored in multipart/
 x-mixed-replace response
#CVE-2024-10462: Origin of permission prompt could be spoofed by long URL
#CVE-2024-10463: Cross origin video frame leak
#CVE-2024-10468: Race conditions in IndexedDB
#CVE-2024-10464: History interface could have been used to cause a Denial of
 Service condition in the browser
#CVE-2024-10465: Clipboard "paste" button persisted across tabs
#CVE-2024-10466: DOM push subscription message could hang Firefox
#CVE-2024-10467: Memory safety bugs fixed in Firefox 132, Thunderbird 132,
 Firefox ESR 128.4, and Thunderbird 128.4


To generate a diff of this commit:
cvs rdiff -u -r1.612 -r1.613 pkgsrc/www/firefox/Makefile
cvs rdiff -u -r1.544 -r1.545 pkgsrc/www/firefox/distinfo
cvs rdiff -u -r1.23 -r1.24 pkgsrc/www/firefox/files/node-wrapper.sh
cvs rdiff -u -r1.3 -r1.4 \
    pkgsrc/www/firefox/patches/patch-netwerk_protocol_http_nsHttpHandler.cpp
cvs rdiff -u -r1.1 -r0 \
    pkgsrc/www/firefox/patches/patch-security_nss_lib_freebl_mpi_mpi.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/www/firefox/Makefile
diff -u pkgsrc/www/firefox/Makefile:1.612 pkgsrc/www/firefox/Makefile:1.613
--- pkgsrc/www/firefox/Makefile:1.612   Sun Oct 20 14:04:42 2024
+++ pkgsrc/www/firefox/Makefile Tue Oct 29 14:33:40 2024
@@ -1,18 +1,17 @@
-# $NetBSD: Makefile,v 1.612 2024/10/20 14:04:42 wiz Exp $
+# $NetBSD: Makefile,v 1.613 2024/10/29 14:33:40 ryoon Exp $
 
 FIREFOX_VER=           ${MOZ_BRANCH}${MOZ_BRANCH_MINOR}
-MOZ_BRANCH=            131.0
-MOZ_BRANCH_MINOR=      .3
+MOZ_BRANCH=            132.0
+MOZ_BRANCH_MINOR=      
 
 DISTNAME=      firefox-${FIREFOX_VER}.source
 PKGNAME=       ${DISTNAME:S/.source//:S/b/beta/:S/esr//}
-PKGREVISION=   1
 CATEGORIES=    www
 MASTER_SITES+= ${MASTER_SITE_MOZILLA:=firefox/releases/${FIREFOX_VER}/source/}
 MASTER_SITES+= ${MASTER_SITE_MOZILLA_ALL:=firefox/releases/${FIREFOX_VER}/source/}
 EXTRACT_SUFX=  .tar.xz
 
-NODEJSKIT=             nodejs-output-131.0.tgz
+NODEJSKIT=             nodejs-output-132.0.tgz
 DISTFILES=             ${DEFAULT_DISTFILES} ${NODEJSKIT}
 SITES.${NODEJSKIT}=    ${MASTER_SITE_LOCAL}
 

Index: pkgsrc/www/firefox/distinfo
diff -u pkgsrc/www/firefox/distinfo:1.544 pkgsrc/www/firefox/distinfo:1.545
--- pkgsrc/www/firefox/distinfo:1.544   Fri Oct 18 14:23:04 2024
+++ pkgsrc/www/firefox/distinfo Tue Oct 29 14:33:40 2024
@@ -1,11 +1,11 @@
-$NetBSD: distinfo,v 1.544 2024/10/18 14:23:04 ryoon Exp $
+$NetBSD: distinfo,v 1.545 2024/10/29 14:33:40 ryoon Exp $
 
-BLAKE2s (firefox-131.0.3.source.tar.xz) = 077e20cc888c9581c6afad2b64923ea6841ba3b5414ca606be63c06ee0d92e51
-SHA512 (firefox-131.0.3.source.tar.xz) = 3aa96db839f7a45e34c43b5e7e3333e1100ca11545ad26a8e42987fbc72df5ae7ebebe7dfc8c4e856d2bb4676c0516914a07c001f6047799f314146a3329c0ce
-Size (firefox-131.0.3.source.tar.xz) = 568937752 bytes
-BLAKE2s (nodejs-output-131.0.tgz) = 95acb262e5fa4a5a6fa9a228c4ef4d56a61fcb053640fb33167beaddf2025337
-SHA512 (nodejs-output-131.0.tgz) = edeeb8e8ec6579ccc2fbf0010a96e16b99910cf76c341dfa261325b02e4b6a31f0ab0cc45c52b83cba524f4510de4d03d42494f4f5dc6ff8f200ff284f102606
-Size (nodejs-output-131.0.tgz) = 236943 bytes
+BLAKE2s (firefox-132.0.source.tar.xz) = ff8688bba5ff6feb247dd59834aa913c1d7faebf0cec6da0016b83ea5f2c6455
+SHA512 (firefox-132.0.source.tar.xz) = 254ffba16d6e6c61cffaa8131f81a9a78880e5723b7ee78ac36251a27d82e6ff088238ae289d07469ba3a51b5b5969a08ecd1fc02dcb4d93325a08fac1cfc916
+Size (firefox-132.0.source.tar.xz) = 564734500 bytes
+BLAKE2s (nodejs-output-132.0.tgz) = df80a8b098b4d9eb831e249054acf45b7ea5e3d9797782515819532490d83153
+SHA512 (nodejs-output-132.0.tgz) = 9af2e28ad6f02606c3b2ba8a07dbb813d80a88088092d76e474220d9db2c963f22d0d98f3e58b2a275d7ceb84ba8de55e9ae5e7f65f6bd9b61667c3237dcc3f0
+Size (nodejs-output-132.0.tgz) = 242465 bytes
 SHA1 (patch-browser_app_profile_firefox.js) = bc719edef37d18655ba79b030270438ee166fdaf
 SHA1 (patch-build_moz.configure_init.configure) = 65deb3c233df0aab81eb1fca05d708e5a4ed169a
 SHA1 (patch-build_moz.configure_rust.configure) = 25ddfacd29cebbc6db005dbe61a2a7446d480678
@@ -29,11 +29,10 @@ SHA1 (patch-js_src_vm_TypedArrayObject-i
 SHA1 (patch-media_ffvpx_libavutil_arm_bswap.h) = de58daa0fd23d4fec50426602b65c9ea5862558a
 SHA1 (patch-media_libpng_pngpriv.h) = 8320a1f7534ed5c4914b597bb3d6117d0060318f
 SHA1 (patch-modules_fdlibm_src_math__private.h) = e20b6c23011d7123cbbd64a500eb8ce8c426620e
-SHA1 (patch-netwerk_protocol_http_nsHttpHandler.cpp) = 8e1d9a0746b637f5f4259e448e72172cfb08b23f
+SHA1 (patch-netwerk_protocol_http_nsHttpHandler.cpp) = ff6df620e9da46d58350e8330e31b345dd867e99
 SHA1 (patch-nsprpub_pr_src_pthreads_ptsynch.c) = b0d1f6a6e0eb852b0fd0238ad3f8ed3166c60a50
 SHA1 (patch-python_mozbuild_mozbuild_action_node.py) = eece38efe4ee1eb51de6cca89fa1c479ef02d60c
 SHA1 (patch-python_mozbuild_mozbuild_backend_recursivemake.py) = 5be4183d9075f5a3a3c6b3e0338473af185fb50e
-SHA1 (patch-security_nss_lib_freebl_mpi_mpi.c) = a7cd867916524770609d1c307a65b315b88456f4
 SHA1 (patch-testing_mozbase_mozdevice_mozdevice_adb.py) = 14d5107ce2c945d8b8d60a8edc968443a9970291
 SHA1 (patch-testing_xpcshell_runxpcshelltests.py) = 1c42e8794da0bdd6248bd53d1450b982616aa536
 SHA1 (patch-third__party_js_cfworker_build.sh) = 46cdf97b99cf01080f290ae8d9a33b5f869fc3e4

Index: pkgsrc/www/firefox/files/node-wrapper.sh
diff -u pkgsrc/www/firefox/files/node-wrapper.sh:1.23 pkgsrc/www/firefox/files/node-wrapper.sh:1.24
--- pkgsrc/www/firefox/files/node-wrapper.sh:1.23       Sat Oct 12 07:49:07 2024
+++ pkgsrc/www/firefox/files/node-wrapper.sh    Tue Oct 29 14:33:40 2024
@@ -1,6 +1,6 @@
 #! /bin/sh
 
-VERS=v22.9.0
+VERS=v22.10.0
 
 if [ "$1" = "-v" ] || [ "$1" = "--version" ]; then
        printf "${VERS}\n"

Index: pkgsrc/www/firefox/patches/patch-netwerk_protocol_http_nsHttpHandler.cpp
diff -u pkgsrc/www/firefox/patches/patch-netwerk_protocol_http_nsHttpHandler.cpp:1.3 pkgsrc/www/firefox/patches/patch-netwerk_protocol_http_nsHttpHandler.cpp:1.4
--- pkgsrc/www/firefox/patches/patch-netwerk_protocol_http_nsHttpHandler.cpp:1.3        Sat Apr  6 08:54:54 2024
+++ pkgsrc/www/firefox/patches/patch-netwerk_protocol_http_nsHttpHandler.cpp    Tue Oct 29 14:33:40 2024
@@ -1,15 +1,15 @@
-$NetBSD: patch-netwerk_protocol_http_nsHttpHandler.cpp,v 1.3 2024/04/06 08:54:54 ryoon Exp $
+$NetBSD: patch-netwerk_protocol_http_nsHttpHandler.cpp,v 1.4 2024/10/29 14:33:40 ryoon Exp $
 
 * Do not freeze user-agent string as Linux under NetBSD.
 
---- netwerk/protocol/http/nsHttpHandler.cpp.orig       2024-03-12 14:30:47.266423256 +0000
+--- netwerk/protocol/http/nsHttpHandler.cpp.orig       2024-10-18 13:19:10.000000000 +0000
 +++ netwerk/protocol/http/nsHttpHandler.cpp
-@@ -903,6 +903,8 @@ void nsHttpHandler::InitUserAgentCompone
-   if (mozilla::StaticPrefs::network_http_useragent_freezeCpu()) {
- #  ifdef ANDROID
-     mOscpu.AssignLiteral("Linux armv81");
+@@ -1048,6 +1048,8 @@ void nsHttpHandler::InitUserAgentCompone
+   mOscpu.AssignLiteral("Intel Mac OS X 10.15");
+ #elif defined(ANDROID)
+   mOscpu.AssignLiteral("Linux armv81");
 +#  elif defined(__NetBSD__)
-+    mOscpu.AssignLiteral("NetBSD x86_64");
- #  else
-     mOscpu.AssignLiteral("Linux x86_64");
- #  endif
++  mOscpu.AssignLiteral("NetBSD x86_64");
+ #else
+   mOscpu.AssignLiteral("Linux x86_64");
+ #endif