./www/firefox, Web browser with support for extensions (version 53)

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 53.0.3, Package name: firefox-53.0.3, Maintainer: ryoon

Mozilla Firefox is a free, open-source and cross-platform web browser
for Windows, Linux, MacOS X and many other operating systems.

It is fast and easy to use, and offers many advantages over other web
browsers, such as tabbed browsing and the ability to block pop-up

Firefox also offers excellent bookmark and history management, and it
can be extended by developers using industry standards such as XML,
CSS, JavaScript, C++, etc. Many extensions are available.

Required to run:
[sysutils/desktop-file-utils] [sysutils/dbus-glib] [textproc/icu] [graphics/MesaLib] [graphics/cairo] [graphics/jpeg] [net/libIDL] [devel/nspr] [devel/libffi] [devel/nss] [x11/gtk2] [x11/pixman] [multimedia/libvpx] [x11/gtk3] [lang/gcc49-libs] [multimedia/ffmpeg3]

Required to build:
[pkgtools/x11-links] [devel/yasm] [x11/compositeproto] [x11/glproto] [x11/renderproto] [x11/xproto] [x11/xf86vidmodeproto] [x11/xf86driproto] [x11/damageproto] [x11/inputproto] [x11/xextproto] [x11/randrproto] [x11/dri2proto] [x11/xcb-proto] [x11/fixesproto4] [lang/gcc49] [pkgtools/cwrappers]

Package options: dbus, gtk3, oss

Master sites: (Expand)

SHA1: c185c345207597480ad169d10e9a770cf241f2da
RMD160: e62d22fec71f1488432611045d47134e0906410a
Filesize: 210208.215 KB

Version history: (Expand)

CVS history: (Expand)

   2017-05-22 13:39:12 by Ryo ONODERA | Files touched by this commit (2) | Package updated
Log message:
Update to 53.0.3

    Fix excessive resource usage from the captive portal detection service (bug \ 
    FIx hangs when using a proxy with NTLM authentication (bug 1360574)

    Bump preloaded security information expiration times (bug 1364240)
   2017-05-15 17:49:27 by Maya Rashish | Files touched by this commit (2) | Package updated
Log message:
firefox: default to oss everywhere but linux, which defaults to pulseaudio.

alsa is not supported upstream, and checks for failures by calling assert,
which means the default setup crashes whenever audio is played.

bump pkgrevision
   2017-05-08 17:33:43 by Ryo ONODERA | Files touched by this commit (2) | Package updated
Log message:
Update to 53.0.2

    Various security fixes
    Make form validation errors and date picker panel visible to the user (Bug \ 

    The non-standard showDialog argument to window.find is now ignored (Bug 1348409)

Security fixes:
 #CVE-2017-5031: Use after free in ANGLE
   2017-05-01 02:13:45 by Ryo ONODERA | Files touched by this commit (1)
Log message:
Fix duplicate GCC_REQD. Noticed by tsutsui@. Thank you.
   2017-04-29 04:45:20 by Ryo ONODERA | Files touched by this commit (1)
Log message:
Require GCC 4.9 or later. Thank you, oster@
   2017-04-27 16:08:34 by Ryo ONODERA | Files touched by this commit (2)
Log message:
Add a comment to patch
   2017-04-27 13:19:35 by Maya Rashish | Files touched by this commit (1)
Log message:
firefox: bump required nss
   2017-04-27 03:49:47 by Ryo ONODERA | Files touched by this commit (42) | Package updated
Log message:
Update to 53.0

    Improved graphics stability for Windows users with the addition of \ 
compositor process separation (Quantum Compositor)
    Two new 'compact' themes available in Firefox, dark and light, based on the \ 
Firefox Developer Edition theme
    Lightweight themes are now applied in private browsing windows
    Reader Mode now displays estimated reading time for the page
    Windows 7+ users on 64-bit OS can select 32-bit or 64-bit versions in the \ 
stub installer

    Various security fixes

    Updated the design of site permission requests to make them harder to miss \ 
and easier to understand
    Windows XP and Vista are no longer supported. XP and Vista users running \ 
Firefox 52 will continue to receive security updates on Firefox ESR 52.
    32-bit Mac OS X is no longer supported. 32-bit Mac OS X users can switch to \ 
Firefox ESR 52 to continue receiving security updates.
    Updates for Mac OS X are smaller in size compared to updates for Firefox 52
    New visual design for audio and video controls
    Ended Firefox Linux support for processors older than Pentium 4 and AMD Opteron
    The last few characters of shortened tab titles fade out instead of being \ 
replaced by ellipses to keep more of the title visible

Security fixes:
 #CVE-2017-5433: Use-after-free in SMIL animation functions
 #CVE-2017-5435: Use-after-free during transaction processing in the editor
 #CVE-2017-5436: Out-of-bounds write with malicious font in Graphite 2
 #CVE-2017-5461: Out-of-bounds write in Base64 encoding in NSS
 #CVE-2017-5459: Buffer overflow in WebGL
 #CVE-2017-5466: Origin confusion when reloading isolated data:text/html URL
 #CVE-2017-5434: Use-after-free during focus handling
 #CVE-2017-5432: Use-after-free in text input selection
 #CVE-2017-5460: Use-after-free in frame selection
 #CVE-2017-5438: Use-after-free in nsAutoPtr during XSLT processing
 #CVE-2017-5439: Use-after-free in nsTArray Length() during XSLT processing
 #CVE-2017-5440: Use-after-free in txExecutionState destructor during XSLT processing
 #CVE-2017-5441: Use-after-free with selection during scroll events
 #CVE-2017-5442: Use-after-free during style changes
 #CVE-2017-5464: Memory corruption with accessibility and DOM manipulation
 #CVE-2017-5443: Out-of-bounds write during BinHex decoding
 #CVE-2017-5444: Buffer overflow while parsing application/http-index-format content
 #CVE-2017-5446: Out-of-bounds read when HTTP/2 DATA frames are sent with \ 
incorrect data
 #CVE-2017-5447: Out-of-bounds read during glyph processing
 #CVE-2017-5465: Out-of-bounds read in ConvolvePixel
 #CVE-2017-5448: Out-of-bounds write in ClearKeyDecryptor
 #CVE-2017-5437: Vulnerabilities in Libevent library
 #CVE-2017-5454: Sandbox escape allowing file system read access through file picker
 #CVE-2017-5455: Sandbox escape through internal feed reader APIs
 #CVE-2017-5456: Sandbox escape allowing local file system access
 #CVE-2017-5469: Potential Buffer overflow in flex-generated code
 #CVE-2017-5445: Uninitialized values used while parsing \ 
application/http-index-format content
 #CVE-2017-5449: Crash during bidirectional unicode manipulation with animation
 #CVE-2017-5450: Addressbar spoofing using javascript: URI on Firefox for Android
 #CVE-2017-5451: Addressbar spoofing with onblur event
 #CVE-2017-5462: DRBG flaw in NSS
 #CVE-2017-5463: Addressbar spoofing through reader view on Firefox for Android
 #CVE-2017-5467: Memory corruption when drawing Skia content
 #CVE-2017-5452: Addressbar spoofing during scrolling with editable content on \ 
Firefox for Android
 #CVE-2017-5453: HTML injection into RSS Reader feed preview page through TITLE \ 
 #CVE-2017-5458: Drag and drop of javascript: URLs can allow for self-XSS
 #CVE-2017-5468: Incorrect ownership model for Private Browsing information
 #CVE-2017-5430: Memory safety bugs fixed in Firefox 53 and Firefox ESR 52.1
 #CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and \ 
Firefox ESR 52.1