pkgsrc.se | The NetBSD package collection

./www/firefox45, Web browser with support for extensions (version 45)

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2017Q1, Version: 45.9.0nb1, Package name: firefox45-45.9.0nb1, Maintainer: ryoon

Mozilla Firefox is a free, open-source and cross-platform web browser
for Windows, Linux, MacOS X and many other operating systems.

It is fast and easy to use, and offers many advantages over other web
browsers, such as tabbed browsing and the ability to block pop-up
windows.

Firefox also offers excellent bookmark and history management, and it
can be extended by developers using industry standards such as XML,
CSS, JavaScript, C++, etc. Many extensions are available.

This package tracks Firefox 45 ESR branch.

Changelog from www/firefox 45.0.2:
Fixed in Firefox ESR 45.1
2016-47 Write to invalid HashMap entry through JavaScript.watch()
2016-44 Buffer overflow in libstagefright with CENC offsets
2016-39 Miscellaneous memory safety hazards (rv:46.0 / rv:45.1 / rv:38.8)

Required to run:
[sysutils/desktop-file-utils] [multimedia/libvpx] [multimedia/ffmpeg3] [devel/libffi] [devel/nspr] [devel/nss] [lang/gcc48-libs] [x11/pixman] [x11/gtk2] [textproc/icu] [textproc/hunspell] [net/libIDL] [graphics/MesaLib] [graphics/graphite2] [graphics/cairo] [graphics/jpeg] [audio/pulseaudio]

Required to build:
[devel/yasm] [lang/gcc48] [lang/python27] [x11/xf86driproto] [x11/xextproto] [x11/xf86vidmodeproto] [x11/recordproto] [x11/inputproto] [x11/fixesproto4] [x11/xproto] [x11/compositeproto] [x11/damageproto] [x11/renderproto] [x11/xcb-proto] [x11/dri2proto] [x11/randrproto] [x11/glproto] [pkgtools/x11-links] [pkgtools/cwrappers]

Package options: pulseaudio

Master sites: (Expand)

SHA1: bef87fc7c9b1b787e847b8b8744af494774a1d6b
RMD160: d20e4dc4c5c7b65b590b9b46e7d46cfc4daf3a05
Filesize: 180270.723 KB

Version history: (Expand)

(2017-06-14) Updated to version: firefox45-45.9.0nb1
(2017-04-04) Package added to pkgsrc.se, version firefox45-45.8.0 (created)

CVS history: (Expand)

2017-06-13 21:11:21 by Benny Siegert | Files touched by this commit (5)

Log message:
Pullup ticket #5476 - requested by khorben
www/firefox45: security fix

Revisions pulled up:
- www/firefox45-l10n/Makefile                                   1.10
- www/firefox45-l10n/distinfo                                   1.11
- www/firefox45/Makefile                                        1.25-1.27
- www/firefox45/distinfo                                        1.14
- www/firefox45/mozilla-common.mk                               1.7

---
   Module Name:	pkgsrc
   Committed By:	ryoon
   Date:		Wed May 10 14:13:26 UTC 2017

   Modified Files:
   	pkgsrc/www/firefox45: Makefile distinfo

   Log message:
   Update to 45.9.0

   Changelog:
   Security fixes:
     #CVE-2017-5433: Use-after-free in SMIL animation functions
     #CVE-2017-5435: Use-after-free during transaction processing in the editor
     #CVE-2017-5436: Out-of-bounds write with malicious font in Graphite 2
     #CVE-2017-5461: Out-of-bounds write in Base64 encoding in NSS
     #CVE-2017-5459: Buffer overflow in WebGL
     #CVE-2017-5434: Use-after-free during focus handling
     #CVE-2017-5432: Use-after-free in text input selection
     #CVE-2017-5460: Use-after-free in frame selection
     #CVE-2017-5438: Use-after-free in nsAutoPtr during XSLT processing
     #CVE-2017-5439: Use-after-free in nsTArray Length() during XSLT processing
     #CVE-2017-5440: Use-after-free in txExecutionState destructor during
   XSLT processing
     #CVE-2017-5441: Use-after-free with selection during scroll events
     #CVE-2017-5442: Use-after-free during style changes
     #CVE-2017-5464: Memory corruption with accessibility and DOM manipulation
     #CVE-2017-5443: Out-of-bounds write during BinHex decoding
     #CVE-2017-5444: Buffer overflow while parsing
   application/http-index-format content
     #CVE-2017-5446: Out-of-bounds read when HTTP/2 DATA frames are sent
   with incorrect data
     #CVE-2017-5447: Out-of-bounds read during glyph processing
     #CVE-2017-5465: Out-of-bounds read in ConvolvePixel
     #CVE-2017-5448: Out-of-bounds write in ClearKeyDecryptor
     #CVE-2016-10196: Vulnerabilities in Libevent library
     #CVE-2017-5469: Potential Buffer overflow in flex-generated code
     #CVE-2017-5445: Uninitialized values used while parsing
   application/http-index-format content
     #CVE-2017-5462: DRBG flaw in NSS
     #CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR
   45.9, and Firefox ESR 52.1

---
   Module Name:	pkgsrc
   Committed By:	ryoon
   Date:		Wed May 10 14:14:41 UTC 2017

   Modified Files:
   	pkgsrc/www/firefox45-l10n: Makefile distinfo

   Log message:
   Update to 45.9.0

   * Sync with firefox45-45.9.0

---
   Module Name:	pkgsrc
   Committed By:	khorben
   Date:		Fri May 12 20:21:27 UTC 2017

   Modified Files:
   	pkgsrc/www/firefox45: Makefile

   Log message:
   Register more binaries as not safe for PaX mprotect

   This also reflects the current situation in www/firefox.

   Bumps PKGREVISION.

---
   Module Name:	pkgsrc
   Committed By:	khorben
   Date:		Sat May 13 02:34:30 UTC 2017

   Modified Files:
   	pkgsrc/www/firefox45: Makefile mozilla-common.mk

   Log message:
   Add dependency to multimedia/ffmpeg3

   This fixes audio and H.264 support. From ryoon@ originally, on 46.0nb1 at
   the time.

   "commit" maya@