./www/firefox, Web browser with support for extensions (version 59)

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 59.0.2nb3, Package name: firefox-59.0.2nb3, Maintainer: ryoon

Mozilla Firefox is a free, open-source and cross-platform web browser
for Windows, Linux, MacOS X and many other operating systems.

It is fast and easy to use, and offers many advantages over other web
browsers, such as tabbed browsing and the ability to block pop-up

Firefox also offers excellent bookmark and history management, and it
can be extended by developers using industry standards such as XML,
CSS, JavaScript, C++, etc. Many extensions are available.

Required to run:
[sysutils/desktop-file-utils] [sysutils/dbus-glib] [textproc/icu] [graphics/MesaLib] [graphics/jpeg] [net/libIDL] [devel/nspr] [devel/libffi] [devel/nss] [x11/gtk2] [x11/pixman] [multimedia/libvpx] [x11/gtk3] [lang/gcc49-libs] [multimedia/ffmpeg3]

Required to build:
[pkgtools/x11-links] [devel/yasm] [x11/xcb-proto] [lang/clang] [x11/fixesproto4] [lang/gcc49] [pkgtools/cwrappers] [lang/rust] [x11/xorgproto]

Package options: dbus, oss

Master sites:

SHA1: 8fcf726b4d23716c7ff2b7ebc6527782b5bafe9c
RMD160: ff7ab2f9da93eda98de8aecb4563cfd176b896d9
Filesize: 297817.479 KB

Version history: (Expand)

CVS history: (Expand)

   2018-04-16 16:35:28 by Thomas Klausner | Files touched by this commit (1284)
Log message:
Recursive bump for new fribidi dependency in pango.
   2018-04-14 09:05:14 by Ryo ONODERA | Files touched by this commit (4) | Package updated
Log message:
Autodetect www/firefox UI language, bump PKGREVISION of www/firefox
   2018-04-03 05:10:51 by Ryo ONODERA | Files touched by this commit (4) | Package updated
Log message:
Remove EME support for NetBSD. Bump PKGREVISION

I cannot provide effective CDM module.
   2018-03-27 00:24:45 by Maya Rashish | Files touched by this commit (3) | Package updated
Log message:
firefox: update to 59.0.2

CVE-2018-5148: Use-after-free in compositor

Invalid page rendering with hardware acceleration enabled (Bug 1435472)

Windows 7 users with touch screens or certain 3rd party desktop applications \ 
which interact with Firefox through accessibility services may experience random \ 
browser crashes. Known 3rd party applicatioins with issues: StickyPassword, \ 
Windows 7 touch screen. (Bug 1424505)

Browser keyboard shortcuts (eg copy Ctrl+C) don't work on sites that use those \ 
keys with resistFingerprinting enabled (Bug 1433592)

High CPU / memory churn caused by third-party software on some computers (Bug \ 

Users who have configured an "automatic proxy configuration URL" and \ 
want to reload their proxy settings from the URL will find the Reload button \ 
disabled in the Connection Settings dialog when they select Preferences/Options \ 
> Network Proxy > Settings... (Bug 1445991)

URL Fragment Identifiers Break Service Worker Responses (Bug 1443850)

User's trying to cancel a print around the time it completes will continue to \ 
get intermittent crashes (Bug 1441598)

Broken getUserMedia (audio) on DragonFly, FreeBSD, NetBSD, OpenBSD. Video chat \ 
apps either wouldn't work or be always muted (Bug 1444074)
   2018-03-21 17:06:29 by Takahiro Kambe | Files touched by this commit (1)
Log message:
www/firefox: set some macro before including <bsd.prefs.mk>

Set some make macro before including <bsd.prefs.mk> in order to allow
to set additional values in mk.conf.
   2018-03-17 18:55:13 by Maya Rashish | Files touched by this commit (1)
Log message:
firefox: configure whines about outdated nspr/nss, tell pkgsrc about this
   2018-03-17 01:59:03 by Ryo ONODERA | Files touched by this commit (29) | Package updated
Log message:
Update to 59.0.1

Security fix
#CVE-2018-5146: Out of bounds memory write in libvorbis

    Performance enhancements:
    - Faster load times for content on the Firefox Home page
    - Faster page load times by loading either from the networked cache
        or the cache on the user's hard drive (Race Cache With Network)
    - Improved graphics rendering using Off-Main-Thread Painting (OMTP)
        for Mac users (OMTP for Windows was released in Firefox 58)

    Drag-and-drop to rearrange Top Sites on the Firefox Home page, and
      customize new windows and tabs in other ways

    Added features for Firefox Screenshots:
    - Basic annotation lets the user draw on and highlight saved screenshots
    - Recropping to change the viewable area of saved screenshots

    Enhanced WebExtensions API including better support for decentralized
      protocols and the ability to dynamically register content scripts

    Improved Real-Time Communications (RTC) capabilities.
    - Implemented RTP Transceiver to give pages more fine grained control
        over calls
    - Implemented features to support large scale conferences

    Added support for W3C specs for pointer events and improved platform
      integration with added device support for mouse, pen, and touch
      screen pointer input

    Added the Ecosia search engine as an option for German Firefox

    Added the Qwant search engine as an option for French Firefox

    Added settings in about:preferences to stop websites from asking to
      send notifications or access your device's camera, microphone, and
      location, while still allowing trusted websites to use these features

    Various security fixes

    Firefox Private Browsing Mode will remove path information from
      referrers to prevent cross-site tracking

Security fixes:
#CVE-2018-5127: Buffer overflow manipulating SVG animatedPathSegList
#CVE-2018-5128: Use-after-free manipulating editor selection ranges
#CVE-2018-5129: Out-of-bounds write with malformed IPC messages
#CVE-2018-5130: Mismatched RTP payload type can trigger memory corruption
#CVE-2018-5131: Fetch API improperly returns cached copies of
  no-store/no-cache resources
#CVE-2018-5132: WebExtension Find API can search privileged pages
#CVE-2018-5133: Value of the app.support.baseURL preference is not properly
#CVE-2018-5134: WebExtensions may use view-source: URLs to bypass content
#CVE-2018-5135: WebExtension browserAction can inject scripts into
  unintended contexts
#CVE-2018-5136: Same-origin policy violation with data: URL shared workers
#CVE-2018-5137: Script content can access legacy extension
  non-contentaccessible resources
#CVE-2018-5138: Android Custom Tab address spoofing through long domain names
#CVE-2018-5140: Moz-icon images accessible to web content through moz-icon:
#CVE-2018-5141: DOS attack through notifications Push API
#CVE-2018-5142: Media Capture and Streams API permissions display
  incorrect origin with data: and blob: URLs
#CVE-2018-5143: Self-XSS pasting javascript: URL with embedded tab into
#CVE-2018-5126: Memory safety bugs fixed in Firefox 59
#CVE-2018-5125: Memory safety bugs fixed in Firefox 59 and Firefox ESR 52.7
   2018-03-12 12:18:01 by Thomas Klausner | Files touched by this commit (2155)
Log message:
Recursive bumps for fontconfig and libzip dependency changes.