./www/firefox, Web browser with support for extensions (version 60)

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 60.0.2, Package name: firefox-60.0.2, Maintainer: ryoon

Mozilla Firefox is a free, open-source and cross-platform web browser
for Windows, Linux, MacOS X and many other operating systems.

It is fast and easy to use, and offers many advantages over other web
browsers, such as tabbed browsing and the ability to block pop-up

Firefox also offers excellent bookmark and history management, and it
can be extended by developers using industry standards such as XML,
CSS, JavaScript, C++, etc. Many extensions are available.

Required to run:
[sysutils/desktop-file-utils] [sysutils/dbus-glib] [textproc/icu] [graphics/MesaLib] [graphics/jpeg] [net/libIDL] [devel/nspr] [devel/libffi] [devel/nss] [x11/gtk2] [x11/pixman] [multimedia/libvpx] [x11/gtk3] [lang/gcc49-libs] [multimedia/ffmpeg3]

Required to build:
[pkgtools/x11-links] [devel/yasm] [x11/xcb-proto] [lang/clang] [x11/fixesproto4] [lang/gcc49] [pkgtools/cwrappers] [lang/rust] [x11/xorgproto]

Package options: dbus, oss

Master sites: (Expand)

SHA1: 44e60ed14ada854af8a978a9bc46c22a601356e8
RMD160: 448ef6236799c190df4fa1f0f9c84ceb8eba3e30
Filesize: 265556.855 KB

Version history: (Expand)

CVS history: (Expand)

   2018-06-10 06:09:05 by Ryo ONODERA | Files touched by this commit (2) | Package updated
Log message:
Update to 60.0.2

    Fix missing nodes in the developer tools Inspector panel (bug 1460223)

    Various security fixes

    Fix font rendering when using third-party font managers on OS X 10.11
      and earlier (bug 1460917)

Security fix:
#CVE-2018-6126: Heap buffer overflow rasterizing paths in SVG with Skia
   2018-05-18 14:50:09 by Ryo ONODERA | Files touched by this commit (3) | Package updated
Log message:
Update to 60.0.1

* Restore automatic www/firefox-l10n selection
* Disable multiprocess window by default to reduce tab crashes


    Avoid overly long cycle collector pauses with some add-ons installed (Bug \ 

    After unckecking the "Sponsored Stories" option, the New Tab page \ 
now immediately stops displaying "Sponsored content" cards (Bug \ 

    On touchscreen devices, fixed momentum scrolling on non-zoomable pages (Bug \ 

    Fixed black map on Google Maps with updated Nvidia Web Drivers on macOS (Bug \ 

    Use the right default background when opening tabs or windows in high \ 
contrast mode (Bug 1458956)

    The Firefox uninstaller on Windows is now translated again (Bug 1436662)

    Restored translations of the Preferences panels when using a language pack \ 
(Bug 1461590)
   2018-05-10 22:02:59 by Ryo ONODERA | Files touched by this commit (3)
Log message:
Add patches
   2018-05-10 22:01:54 by Ryo ONODERA | Files touched by this commit (65) | Package removed
Log message:
Update to 60.0

* Remove untested patches including NetBSD/earm support

    Added a policy engine that allows customized Firefox deployments in
      enterprise environments, using Windows Group Policy or a cross-platform
      JSON file

    Enhancements to New Tab / Firefox Home
        Responsive layout that shows more content for users with wide-screen
        Highlights section includes web sites saved to Pocket
        More options to reorder sections and content on the page
        Pocket Sponsored Stories will appear for a percentage of users in
          the US. Read about our privacy-conscious approach to sponsored content

    Redesigned Cookies and Site Storage section in Preferences for greater
      clarity and control of first- and third-party cookies

    Applied Quantum CSS to render browser UI

    Added support for Web Authentication API, which allows USB tokens for
      website authentication

    Enhanced camera privacy indicators: Firefox now turns off your camera
      and the camera's light when you disable video recording, and turns
      the camera and light on when you resume recording

    Added an option for Linux users to show or hide page titles in a bar
      at the top of the browser. You'll find the Title Bar option in the
      Customize panel available from the main browser menu.

    Improved WebRTC audio performance and playback for Linux users

    Locale added: Occitan (oc)

    Various security fixes

#CVE-2018-5154: Use-after-free with SVG animations and clip paths
#CVE-2018-5155: Use-after-free with SVG animations and text paths
#CVE-2018-5157: Same-origin bypass of PDF Viewer to view protected PDF files
#CVE-2018-5158: Malicious PDF can inject JavaScript into PDF Viewer
#CVE-2018-5159: Integer overflow and out-of-bounds write in Skia
#CVE-2018-5160: Uninitialized memory use by WebRTC encoder
#CVE-2018-5152: WebExtensions information leak through webRequest API
#CVE-2018-5153: Out-of-bounds read in mixed content websocket messages
#CVE-2018-5163: Replacing cached data in JavaScript Start-up Bytecode Cache
#CVE-2018-5164: CSP not applied to all multipart content sent with
#CVE-2018-5166: WebExtension host permission bypass through filterReponseData
#CVE-2018-5167: Improper linkification of chrome: and javascript: content
                in web console and JavaScript debugger
#CVE-2018-5168: Lightweight themes can be installed without user interaction
#CVE-2018-5169: Dragging and dropping link text onto home button can set home
                page to include chrome pages
#CVE-2018-5172: Pasted script from clipboard can run in the Live Bookmarks
                page or PDF viewer
#CVE-2018-5173: File name spoofing of Downloads panel with Unicode characters
#CVE-2018-5174: Windows Defender SmartScreen UI runs with less secure behavior
                for downloaded files in Windows 10 April 2018 Update
#CVE-2018-5175: Universal CSP bypass on sites using strict-dynamic in
                their policies
#CVE-2018-5176: JSON Viewer script injection
#CVE-2018-5177: Buffer overflow in XSLT during number formatting
#CVE-2018-5165: Checkbox for enabling Flash protected mode is inverted in
                32-bit Firefox
#CVE-2018-5180: heap-use-after-free in mozilla::WebGLContext::DrawElementsInstanced
#CVE-2018-5181: Local file can be displayed in noopener tab through drag and
                drop of hyperlink
#CVE-2018-5182: Local file can be displayed from hyperlink dragged and dropped
                on addressbar
#CVE-2018-5151: Memory safety bugs fixed in Firefox 60
#CVE-2018-5150: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8
   2018-05-08 12:38:58 by Maya Rashish | Files touched by this commit (2) | Package updated
Log message:
firefox: update to 59.0.3

Fix for compatibility with Windows 10 April 2018 update (Bug 1452619)
   2018-04-29 15:36:00 by Martin Husemann | Files touched by this commit (1) | Package updated
Log message:
My calendar is off - can't ride a bump from a earlier this months, so
bump PKGREVISION for clipboard paste fixes.
   2018-04-29 15:27:08 by Martin Husemann | Files touched by this commit (5)
Log message:
Apply upstream patches for Bug 1447925 - pasting from clipboard did not
work from non-UTF8 applications.
Ride todays (unrelated) rev bump.
   2018-04-16 16:35:28 by Thomas Klausner | Files touched by this commit (1284)
Log message:
Recursive bump for new fribidi dependency in pango.