pkgsrc-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
PR/52032 CVS commit: pkgsrc/www/firefox
The following reply was made to PR pkg/52032; it has been noted by GNATS.
From: "Ryo ONODERA" <ryoon%netbsd.org@localhost>
To: gnats-bugs%gnats.NetBSD.org@localhost
Cc:
Subject: PR/52032 CVS commit: pkgsrc/www/firefox
Date: Tue, 7 Mar 2017 20:45:44 +0000
Module Name: pkgsrc
Committed By: ryoon
Date: Tue Mar 7 20:45:43 UTC 2017
Modified Files:
pkgsrc/www/firefox: Makefile PLIST distinfo mozilla-common.mk
options.mk
pkgsrc/www/firefox/patches: patch-aa
patch-build_moz.configure_old.configure patch-config_Makefile.in
patch-config_baseconfig.mk patch-config_external_moz.build
patch-config_system-headers patch-dom_system_OSFileConstants.cpp
patch-extensions_spellcheck_hunspell_glue_mozHunspell.cpp
patch-gfx_skia_generate__mozbuild.py patch-gfx_skia_moz.build
patch-gfx_thebes_moz.build
patch-js_src_jit_arm_Architecture-arm.cpp patch-js_src_moz.build
patch-media_libcubeb_src_cubeb.c
patch-media_webrtc_signaling_test_common.build
patch-media_webrtc_trunk_webrtc_modules_video__capture_linux_device__info__linux.cc
patch-toolkit_library_moz.build patch-toolkit_moz.configure
Added Files:
pkgsrc/www/firefox/patches: patch-build_buildconfig.py
patch-build_moz.configure_keyfiles.configure
patch-dom_media_platforms_ffmpeg_ffvpx_FFVPXRuntimeLinker.cpp
patch-toolkit_library_dependentlibs.py
Removed Files:
pkgsrc/www/firefox/patches: patch-browser_app_nsBrowserApp.cpp
patch-browser_components_nsBrowserGlue.js
patch-browser_themes_shared_icon-colors.inc.svg
patch-build_autoconf_toolchain.m4
patch-build_moz.configure_toolchain.configure
patch-dom_bindings_GenerateCSS2PropertiesWebIDL.py
patch-gfx_2d_BorrowedContext.h
patch-gfx_layers_composite_LayerManagerComposite.cpp
patch-gfx_layers_composite_LayerManagerComposite.h
patch-gfx_layers_moz.build
patch-gfx_skia_skia_src_core_SkUtilsArm.cpp
patch-gfx_thebes_gfxFontUtils.cpp
patch-intl_lwbrk_nsJISx4051LineBreaker.cpp
patch-ipc_chromium_src_base_message__pump__libevent.cc
patch-ipc_chromium_src_base_process__util__bsd.cc
patch-js__src__vm__SPSProfiler.cpp patch-js_src_jit-LIR.cpp
patch-js_src_jit_MIR.cpp
patch-layout_style_GenerateCSSPropsGenerated.py
patch-media_libstagefright_frameworks_av_include_media_stagefright_foundation_AString.h
patch-media_libstagefright_frameworks_av_media_libstagefright_foundation_AString.cpp
patch-media_libstagefright_system_core_liblog_fake__log__device.c
patch-media_libstagefright_system_core_liblog_logprint.c
patch-media_libtheora_lib_info.c patch-media_libtremor_Makefile.in
patch-media_libvorbis_Makefile.in
patch-media_libvorbis_lib_vorbis_info.c
patch-media_mtransport_third__party_nrappkit_src_port_generic_include_sys_queue.h
patch-memory_build_mozjemalloc__compat.c
patch-modules_libmar_tests_moz.build
patch-modules_libpref_init_all.js patch-moz.configure
patch-python_mozbuild_mozbuild_configure_options.py
patch-toolkit_library_libxul.mk patch-xpcom_components_Module.h
patch-xpcom_reflect_xptcall_md_unix_moz.build
patch-xpcom_reflect_xptcall_md_unix_xptcinvoke__gcc__x86__unix.cpp
patch-xpcom_reflect_xptcall_md_unix_xptcstubs__gcc__x86__unix.cpp
Log Message:
Update to 52.0
* Switch to GTK3 build
* Remove py-sqlite2 dependency, fix PR pkg/52032
Changelog:
New
Added support for WebAssembly, an emerging standard that brings near-native performance to Web-based games, apps, and software libraries without the use of plugins.
Added automatic captive portal detection, for easier access to Wi-Fi hotspots. When accessing the Internet via a captive portal, Firefox will alert users and open the portal login page in a new tab.
Added user warnings for non-secure HTTP pages with logins. Firefox now displays a "This connection is not secure" message when users click into the username and password fields on pages that don't use HTTPS.
Implemented the Strict Secure Cookies specification which forbids insecure HTTP sites from setting cookies with the "secure" attribute. In some cases, this will prevent an insecure site from setting a cookie with the same name as an existing "secure" cookie from the same base domain.
Enhanced Sync to allow users to send and open tabs from one device to another.
Fixed
Various security fixes
Improved text input for third-party keyboard layouts on Windows. This will address some keyboard layouts that
* have chained dead keys
* input two or more characters with a non-printable key or a dead key sequence
* input a character even when a dead key sequence failed to compose a character
Changed
Removed support for Netscape Plugin API (NPAPI) plugins other than Flash. Silverlight, Java, Acrobat and the like are no longer supported.
Removed Battery Status API to reduce fingerprinting of users by trackers
Improved experience for downloads:
* Notification in the toolbar when a download fails
* Quick access to five most recent downloads rather than three
* Larger buttons for canceling and restarting downloads
Display (but allow users to override) an "Untrusted Connection" error when encountering SHA-1 certificates that chain up to a root certificate included in Mozilla's CA Certificate Program. (Note: Firefox continues to permit SHA-1 certificates that chain to manually imported root certificates.) Read more about the Mozilla Security Team's plans to deprecate SHA-1
Migrated Firefox users on Windows XP and Windows Vista operating systems to the extended support release (ESR) version of Firefox.
When not using Direct2D on Windows, Skia is used for content rendering
Developer
Enabled CSS Grid Layout, opening up a world of new possibilities for graphic design
Redesigned Responsive Design Mode to include device selection, network throttling, and more
Improved security for screen sharing, which now shows a preview and no longer requires a whitelisted domain
unresolved
Google Hangouts temporarily won't work
Security fixes:
#CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP
#CVE-2017-5401: Memory Corruption when handling ErrorResult
#CVE-2017-5402: Use-after-free working with events in FontFace objects
#CVE-2017-5403: Use-after-free using addRange to add range to an incorrect root object
#CVE-2017-5404: Use-after-free working with ranges in selections
#CVE-2017-5406: Segmentation fault in Skia with canvas operations
#CVE-2017-5407: Pixel and history stealing via floating-point timing side channel with SVG filters
#CVE-2017-5410: Memory corruption during JavaScript garbage collection incremental sweeping
#CVE-2017-5411: Use-after-free in Buffer Storage in libGLES
#CVE-2017-5409: File deletion via callback parameter in Mozilla Windows Updater and Maintenance Service
#CVE-2017-5408: Cross-origin reading of video captions in violation of CORS
#CVE-2017-5412: Buffer overflow read in SVG filters
#CVE-2017-5413: Segmentation fault during bidirectional operations
#CVE-2017-5414: File picker can choose incorrect default directory
#CVE-2017-5415: Addressbar spoofing through blob URL
#CVE-2017-5416: Null dereference crash in HttpChannel
#CVE-2017-5417: Addressbar spoofing by draging and dropping URLs
#CVE-2017-5425: Overly permissive Gecko Media Plugin sandbox regular expression access
#CVE-2017-5426: Gecko Media Plugin sandbox is not started if seccomp-bpf filter is running
#CVE-2017-5427: Non-existent chrome.manifest file loaded during startup
#CVE-2017-5418: Out of bounds read when parsing HTTP digest authorization responses
#CVE-2017-5419: Repeated authentication prompts lead to DOS attack
#CVE-2017-5420: Javascript: URLs can obfuscate addressbar location
#CVE-2017-5405: FTP response codes can cause use of uninitialized values for ports
#CVE-2017-5421: Print preview spoofing
#CVE-2017-5422: DOS attack by using view-source: protocol repeatedly in one hyperlink
#CVE-2017-5399: Memory safety bugs fixed in Firefox 52
#CVE-2017-5398: Memory safety bugs fixed in Firefox 52 and Firefox ESR 45.8
To generate a diff of this commit:
cvs rdiff -u -r1.287 -r1.288 pkgsrc/www/firefox/Makefile
cvs rdiff -u -r1.116 -r1.117 pkgsrc/www/firefox/PLIST
cvs rdiff -u -r1.273 -r1.274 pkgsrc/www/firefox/distinfo
cvs rdiff -u -r1.88 -r1.89 pkgsrc/www/firefox/mozilla-common.mk
cvs rdiff -u -r1.37 -r1.38 pkgsrc/www/firefox/options.mk
cvs rdiff -u -r1.49 -r1.50 pkgsrc/www/firefox/patches/patch-aa
cvs rdiff -u -r1.10 -r0 \
pkgsrc/www/firefox/patches/patch-browser_app_nsBrowserApp.cpp
cvs rdiff -u -r1.1 -r0 \
pkgsrc/www/firefox/patches/patch-browser_components_nsBrowserGlue.js \
pkgsrc/www/firefox/patches/patch-browser_themes_shared_icon-colors.inc.svg \
pkgsrc/www/firefox/patches/patch-build_autoconf_toolchain.m4 \
pkgsrc/www/firefox/patches/patch-build_moz.configure_toolchain.configure \
pkgsrc/www/firefox/patches/patch-dom_bindings_GenerateCSS2PropertiesWebIDL.py \
pkgsrc/www/firefox/patches/patch-gfx_2d_BorrowedContext.h \
pkgsrc/www/firefox/patches/patch-gfx_layers_composite_LayerManagerComposite.h \
pkgsrc/www/firefox/patches/patch-gfx_layers_moz.build \
pkgsrc/www/firefox/patches/patch-gfx_thebes_gfxFontUtils.cpp \
pkgsrc/www/firefox/patches/patch-intl_lwbrk_nsJISx4051LineBreaker.cpp \
pkgsrc/www/firefox/patches/patch-layout_style_GenerateCSSPropsGenerated.py \
pkgsrc/www/firefox/patches/patch-modules_libmar_tests_moz.build \
pkgsrc/www/firefox/patches/patch-moz.configure \
pkgsrc/www/firefox/patches/patch-python_mozbuild_mozbuild_configure_options.py \
pkgsrc/www/firefox/patches/patch-xpcom_reflect_xptcall_md_unix_xptcinvoke__gcc__x86__unix.cpp \
pkgsrc/www/firefox/patches/patch-xpcom_reflect_xptcall_md_unix_xptcstubs__gcc__x86__unix.cpp
cvs rdiff -u -r0 -r1.1 pkgsrc/www/firefox/patches/patch-build_buildconfig.py \
pkgsrc/www/firefox/patches/patch-build_moz.configure_keyfiles.configure \
pkgsrc/www/firefox/patches/patch-dom_media_platforms_ffmpeg_ffvpx_FFVPXRuntimeLinker.cpp \
pkgsrc/www/firefox/patches/patch-toolkit_library_dependentlibs.py
cvs rdiff -u -r1.4 -r1.5 \
pkgsrc/www/firefox/patches/patch-build_moz.configure_old.configure \
pkgsrc/www/firefox/patches/patch-media_libcubeb_src_cubeb.c \
pkgsrc/www/firefox/patches/patch-media_webrtc_signaling_test_common.build
cvs rdiff -u -r1.9 -r1.10 pkgsrc/www/firefox/patches/patch-config_Makefile.in \
pkgsrc/www/firefox/patches/patch-config_baseconfig.mk \
pkgsrc/www/firefox/patches/patch-dom_system_OSFileConstants.cpp
cvs rdiff -u -r1.14 -r1.15 \
pkgsrc/www/firefox/patches/patch-config_external_moz.build
cvs rdiff -u -r1.21 -r1.22 \
pkgsrc/www/firefox/patches/patch-config_system-headers
cvs rdiff -u -r1.3 -r1.4 \
pkgsrc/www/firefox/patches/patch-extensions_spellcheck_hunspell_glue_mozHunspell.cpp
cvs rdiff -u -r1.3 -r0 \
pkgsrc/www/firefox/patches/patch-gfx_layers_composite_LayerManagerComposite.cpp \
pkgsrc/www/firefox/patches/patch-gfx_skia_skia_src_core_SkUtilsArm.cpp \
pkgsrc/www/firefox/patches/patch-media_libstagefright_frameworks_av_include_media_stagefright_foundation_AString.h \
pkgsrc/www/firefox/patches/patch-media_libstagefright_frameworks_av_media_libstagefright_foundation_AString.cpp \
pkgsrc/www/firefox/patches/patch-xpcom_components_Module.h
cvs rdiff -u -r1.6 -r1.7 \
pkgsrc/www/firefox/patches/patch-gfx_skia_generate__mozbuild.py \
pkgsrc/www/firefox/patches/patch-gfx_thebes_moz.build
cvs rdiff -u -r1.13 -r1.14 \
pkgsrc/www/firefox/patches/patch-gfx_skia_moz.build
cvs rdiff -u -r1.6 -r0 \
pkgsrc/www/firefox/patches/patch-ipc_chromium_src_base_message__pump__libevent.cc \
pkgsrc/www/firefox/patches/patch-xpcom_reflect_xptcall_md_unix_moz.build
cvs rdiff -u -r1.5 -r0 \
pkgsrc/www/firefox/patches/patch-ipc_chromium_src_base_process__util__bsd.cc \
pkgsrc/www/firefox/patches/patch-js_src_jit_MIR.cpp \
pkgsrc/www/firefox/patches/patch-modules_libpref_init_all.js
cvs rdiff -u -r1.8 -r0 \
pkgsrc/www/firefox/patches/patch-js__src__vm__SPSProfiler.cpp
cvs rdiff -u -r1.4 -r0 pkgsrc/www/firefox/patches/patch-js_src_jit-LIR.cpp \
pkgsrc/www/firefox/patches/patch-memory_build_mozjemalloc__compat.c \
pkgsrc/www/firefox/patches/patch-toolkit_library_libxul.mk
cvs rdiff -u -r1.7 -r1.8 \
pkgsrc/www/firefox/patches/patch-js_src_jit_arm_Architecture-arm.cpp
cvs rdiff -u -r1.1 -r1.2 pkgsrc/www/firefox/patches/patch-js_src_moz.build \
pkgsrc/www/firefox/patches/patch-toolkit_moz.configure
cvs rdiff -u -r1.2 -r0 \
pkgsrc/www/firefox/patches/patch-media_libstagefright_system_core_liblog_fake__log__device.c \
pkgsrc/www/firefox/patches/patch-media_libstagefright_system_core_liblog_logprint.c \
pkgsrc/www/firefox/patches/patch-media_libtheora_lib_info.c \
pkgsrc/www/firefox/patches/patch-media_libtremor_Makefile.in \
pkgsrc/www/firefox/patches/patch-media_libvorbis_Makefile.in \
pkgsrc/www/firefox/patches/patch-media_libvorbis_lib_vorbis_info.c
cvs rdiff -u -r1.7 -r0 \
pkgsrc/www/firefox/patches/patch-media_mtransport_third__party_nrappkit_src_port_generic_include_sys_queue.h
cvs rdiff -u -r1.10 -r1.11 \
pkgsrc/www/firefox/patches/patch-media_webrtc_trunk_webrtc_modules_video__capture_linux_device__info__linux.cc \
pkgsrc/www/firefox/patches/patch-toolkit_library_moz.build
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Home |
Main Index |
Thread Index |
Old Index