./www/firefox, Web browser with support for extensions (version 55)

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 55.0.2, Package name: firefox-55.0.2, Maintainer: ryoon

Mozilla Firefox is a free, open-source and cross-platform web browser
for Windows, Linux, MacOS X and many other operating systems.

It is fast and easy to use, and offers many advantages over other web
browsers, such as tabbed browsing and the ability to block pop-up
windows.

Firefox also offers excellent bookmark and history management, and it
can be extended by developers using industry standards such as XML,
CSS, JavaScript, C++, etc. Many extensions are available.


Required to run:
[sysutils/desktop-file-utils] [sysutils/dbus-glib] [textproc/icu] [graphics/MesaLib] [graphics/cairo] [graphics/jpeg] [net/libIDL] [devel/nspr] [devel/libffi] [devel/nss] [x11/gtk2] [x11/pixman] [multimedia/libvpx] [x11/gtk3] [lang/gcc49-libs] [multimedia/ffmpeg3]

Required to build:
[pkgtools/x11-links] [devel/yasm] [x11/compositeproto] [x11/glproto] [x11/renderproto] [x11/xproto] [x11/xf86vidmodeproto] [x11/xf86driproto] [x11/damageproto] [x11/inputproto] [x11/xextproto] [x11/randrproto] [x11/dri2proto] [x11/xcb-proto] [x11/fixesproto4] [lang/gcc49] [pkgtools/cwrappers]

Package options: dbus, oss

Master sites: (Expand)

SHA1: c7f216a1a13f180d76c2b29e6a28063583da2314
RMD160: 449028936827eb222a6f07084691f76e70ea2760
Filesize: 228955.758 KB

Version history: (Expand)


CVS history: (Expand)


   2017-08-17 14:47:55 by Ryo ONODERA | Files touched by this commit (2) | Package updated
Log message:
Update to 55.0.2

Changelog:
Fixed
    Fix a potential issue when the username had some specific characters in the \ 
path (Bug 1388584)

    Fix an issue with new installation notification for sideload add-ons (Bug \ 
1372448)

    Fix performance regressions with WebExtension (Bugs 1386937 & 1389381)

    Fix a regression with the popup menu (Bug 1388682)
   2017-08-16 16:13:44 by Ryo ONODERA | Files touched by this commit (4) | Package updated
Log message:
Fix recent llvm/clang from FreeBSD 12

* Bump PKGREVISION
* Fix PR pkg/52487
   2017-08-15 03:24:47 by Ryo ONODERA | Files touched by this commit (5)
Log message:
Fix build under bigendian architectures from Jan Beich
   2017-08-12 06:58:45 by Ryo ONODERA | Files touched by this commit (2) | Package updated
Log message:
Update to 55.0.1

Changelog:
Fixed
    Fix a regression the tab restoration process (bug 1388160)

    Fix a problem causing What's new pages not to be displayed (bug 1386224)

    Fix a rendering issue with some PKCS#11 libraries (bug 1388370)

    Disable the predictor prefetch (bug 1388160)
   2017-08-10 16:46:15 by Ryo ONODERA | Files touched by this commit (63) | Package updated
Log message:
Update to 55.0

Changelog:
New
    Launched Windows support for WebVR, bringing immersive experiences to the \ 
web. See examples and try working demos at Mozilla VR.

    Added options that let users optimize recent performance improvements
        Setting to enable Hardware VP9 acceleration on Windows 10 Anniversary \ 
Edition for better battery life and lower CPU usage while watching videos
        Setting to modify the number of concurrent content processes for faster \ 
page loading and more responsive tab switching

    Simplified installation process with a streamlined Windows stub installer
        Firefox for Windows 64-bit is now installed by default on 64-bit systems \ 
with at least 2GB of RAM
        Full installers with advanced installation options are still available

    Improved address bar functionality
        Search with any installed one-click search engine directly from the \ 
address bar
        Search suggestions appear by default
        When entering a hostname (like pinterest.com) in the URL bar, Firefox \ 
resolves to the secure version of the site (https://www.pinterest.com) instead \ 
of the insecure version (http://www.pinterest.com) when possible

    Updated Sidebar for bookmarks, history, and synced tabs so it can appear at \ 
the right edge of the window as well as the left

    Added support for stereo microphones with WebRTC

    Pages can be simplified before printing from within Print Preview

    Updated Firefox for OSX and macOS to allow users to assign custom keyboard \ 
shortcuts to Firefox menu items via System Preferences

    Browsing sessions with a high number of tabs are now restored in an instant

    Make screenshots of webpages, and save them locally or upload them to the \ 
cloud. This feature will undergo A/B testing and will not be visible for some \ 
users.

    Added Belarusian (be) locale

Fixed
    Various security fixes

Changed
    Made the Adobe Flash plugin click-to-activate by default and allowed only on \ 
http:// and https:// URL schemes. (This change will not be visible to all users \ 
immediately. For more information see the Firefox plugin roadmap)

    Firefox does not support downgrades, even though this may have worked in \ 
past versions. Users who install Firefox 55+ and later downgrade to an earlier \ 
version may experience issues with Firefox.

    Modernized application update UI to be less intrusive and more aligned with \ 
the rest of the browser. Only users who have not restarted their browser 8 days \ 
after downloading an update or users who opted out of automatic updates will see \ 
this change.

Security fixes:
CVE-2017-7798: XUL injection in the style editor in devtools

Reporter
    Frederik Braun
Impact
    critical

Description

The Developer Tools feature suffers from a XUL injection vulnerability due to \ 
improper sanitization of the web page source code. In the worst case, this could \ 
allow arbitrary code execution when opening a malicious page with the style \ 
editor tool.
References

    Bug 1371586, 1372112

#CVE-2017-7800: Use-after-free in WebSockets during disconnection

Reporter
    Looben Yang
Impact
    critical

Description

A use-after-free vulnerability can occur in WebSockets when the object holding \ 
the connection is freed before the disconnection operation is finished. This \ 
results in an exploitable crash.
References

    Bug 1374047

#CVE-2017-7801: Use-after-free with marquee during window resizing

Reporter
    Nils
Impact
    critical

Description

A use-after-free vulnerability can occur while re-computing layout for a marquee \ 
element during window resizing where the updated style object is freed while \ 
still in use. This results in a potentially exploitable crash.
References

    Bug 1371259

#CVE-2017-7809: Use-after-free while deleting attached editor DOM node

Reporter
    Nils
Impact
    high

Description

A use-after-free vulnerability can occur when an editor DOM node is deleted \ 
prematurely during tree traversal while still bound to the document. This \ 
results in a potentially exploitable crash.
References

    Bug 1380284

#CVE-2017-7784: Use-after-free with image observers

Reporter
    Nils
Impact
    high

Description

A use-after-free vulnerability can occur when reading an image observer during \ 
frame reconstruction after the observer has been freed. This results in a \ 
potentially exploitable crash.
References

    Bug 1376087

#CVE-2017-7802: Use-after-free resizing image elements

Reporter
    Nils
Impact
    high

Description

A use-after-free vulnerability can occur when manipulating the DOM during the \ 
resize event of an image element. If these elements have been freed due to a \ 
lack of strong references, a potentially exploitable crash may occur when the \ 
freed elements are accessed.
References

    Bug 1378147

#CVE-2017-7785: Buffer overflow manipulating ARIA attributes in DOM

Reporter
    Nils
Impact
    high

Description

A buffer overflow can occur when manipulating Accessible Rich Internet \ 
Applications (ARIA) attributes within the DOM. This results in a potentially \ 
exploitable crash.
References

    Bug 1356985

#CVE-2017-7786: Buffer overflow while painting non-displayable SVG

Reporter
    Nils
Impact
    high

Description

A buffer overflow can occur when the image renderer attempts to paint \ 
non-displayable SVG elements. This results in a potentially exploitable crash.
References

    Bug 1365189

#CVE-2017-7806: Use-after-free in layer manager with SVG

Reporter
    Nils
Impact
    high

Description

A use-after-free vulnerability can occur when the layer manager is freed too \ 
early when rendering specific SVG content, resulting in a potentially \ 
exploitable crash.
References

    Bug 1378113

#CVE-2017-7753: Out-of-bounds read with cached style data and pseudo-elements

Reporter
    SkyLined
Impact
    high

Description

An out-of-bounds read occurs when applying style rules to pseudo-elements, such \ 
as ::first-line, using cached style data.
References

    Bug 1353312

#CVE-2017-7787: Same-origin policy bypass with iframes through page reloads

Reporter
    Oliver Wagner
Impact
    high

Description

Same-origin policy protections can be bypassed on pages with embedded iframes \ 
during page reloads, allowing the iframes to access content on the top level \ 
page, leading to information disclosure.
References

    Bug 1322896

#CVE-2017-7807: Domain hijacking through AppCache fallback

Reporter
    Mathias Karlsson
Impact
    high

Description

A mechanism that uses AppCache to hijack a URL in a domain using fallback by \ 
serving the files from a sub-path on the domain. This has been addressed by \ 
requiring fallback files be inside the manifest directory.
References

    Bug 1376459

#CVE-2017-7792: Buffer overflow viewing certificates with an extremely long OID

Reporter
    Fraser Tweedale
Impact
    high

Description

A buffer overflow will occur when viewing a certificate in the certificate \ 
manager if the certificate has an extremely long object identifier (OID). This \ 
results in a potentially exploitable crash.
References

    Bug 1368652

#CVE-2017-7804: Memory protection bypass through WindowsDllDetourPatcher

Reporter
    Stephen Fewer
Impact
    high

Description

The destructor function for the WindowsDllDetourPatcher class can be re-purposed \ 
by malicious code in concert with another vulnerability to write arbitrary data \ 
to an attacker controlled location in memory. This can be used to bypass \ 
existing memory protections in this situation.
Note: This attack only affects Windows operating systems. Other operating \ 
systems are not affected.
References

    Bug 1372849

#CVE-2017-7791: Spoofing following page navigation with data: protocol and modal \ 
alerts

Reporter
    Jose María Acuña
Impact
    moderate

Description

On pages containing an iframe, the data: protocol can be used to create a modal \ 
alert that will render over arbitrary domains following page navigation, \ 
spoofing of the origin of the modal alert from the iframe content.
References

    Bug 1365875

#CVE-2017-7808: CSP information leak with frame-ancestors containing paths

Reporter
    Jun Kokatsu
Impact
    moderate

Description

A content security policy (CSP) frame-ancestors directive containing origins \ 
with paths allows for comparisons against those paths instead of the origin. \ 
This results in a cross-origin information leak of this path information.
References

    Bug 1367531

#CVE-2017-7782: WindowsDllDetourPatcher allocates memory without DEP protections

Reporter
    Arthur Edelstein
Impact
    moderate

Description

An error in the WindowsDllDetourPatcher where a RWX \ 
("Read/Write/Execute") 4k block is allocated but never protected, \ 
violating DEP protections.
Note: This attack only affects Windows operating systems. Other operating \ 
systems are not affected.
References

    Bug 1344034

#CVE-2017-7781: Elliptic curve point addition error when using mixed \ 
Jacobian-affine coordinates

Reporter
    Antonio Sanso
Impact
    moderate

Description

An error occurs in the elliptic curve point addition algorithm that uses mixed \ 
Jacobian-affine coordinates where it can yield a result POINT_AT_INFINITY when \ 
it should not. A man-in-the-middle attacker could use this to interfere with a \ 
connection, resulting in an attacked party computing an incorrect shared secret.
References

    Bug 1352039

#CVE-2017-7794: Linux file truncation via sandbox broker

Reporter
    Jann Horn
Impact
    moderate

Description

On Linux systems, if the content process is compromised, the sandbox broker will \ 
allow files to be truncated even though the sandbox explicitly only has read \ 
access to the local file system and no write permissions.
Note: This attack only affects the Linux operating system. Other operating \ 
systems are not affected.
References

    Bug 1374281

#CVE-2017-7803: CSP containing 'sandbox' improperly applied

Reporter
    Rhys Enniks
Impact
    moderate

Description

When a page’s content security policy (CSP) header contains a sandbox \ 
directive, other directives are ignored. This results in the incorrect \ 
enforcement of CSP.
References

    Bug 1377426

#CVE-2017-7799: Self-XSS XUL injection in about:webrtc

Reporter
    Frederik Braun
Impact
    moderate

Description

JavaScript in the about:webrtc page is not sanitized properly being being \ 
assigned to innerHTML. Data on this page is supplied by WebRTC usage and is not \ 
under third-party control, making this difficult to exploit, but the \ 
vulnerability could possibly be used for a cross-site scripting (XSS) attack.
References

    Bug 1372509

#CVE-2017-7783: DOS attack through long username in URL

Reporter
    Amit Sangra
Impact
    low

Description

If a long user name is used in a username/password combination in a site URL \ 
(such as http://UserName:Password@example.com), the resulting modal prompt will \ 
hang in a non-responsive state or crash, causing a denial of service.
References

    Bug 1360842

#CVE-2017-7788: Sandboxed about:srcdoc iframes do not inherit CSP directives

Reporter
    Muneaki Nishimura
Impact
    low

Description

When an iframe has a sandbox attribute and its content is specified using \ 
srcdoc, that content does not inherit the containing page's Content Security \ 
Policy (CSP) as it should unless the sandbox attribute included \ 
allow-same-origin.
References

    Bug 1073952

#CVE-2017-7789: Failure to enable HSTS when two STS headers are sent for a connection

Reporter
    Muneaki Nishimura
Impact
    low

Description

If a server sends two Strict-Transport-Security (STS) headers for a single \ 
connection, they will be rejected as invalid and HTTP Strict Transport Security \ 
(HSTS) will not be enabled for the connection.
References

    Bug 1074642

#CVE-2017-7790: Windows crash reporter reads extra memory for some \ 
non-null-terminated registry values

Reporter
    Xiaoyin Liu
Impact
    low

Description

On Windows systems, if non-null-terminated strings are copied into the crash \ 
reporter for some specific registry keys, stack memory data can be copied until \ 
a null is found. This can potentially contain private data from the local \ 
system.
Note: This attack only affects Windows operating systems. Other operating \ 
systems are not affected.
References

    Bug 1350460

#CVE-2017-7796: Windows updater can delete any file named update.log

Reporter
    Matt Howell
Impact
    low

Description

On Windows systems, the logger run by the Windows updater deletes the file \ 
"update.log" before it runs in order to write a new log of that name. \ 
The path to this file is supplied at the command line to the updater and could \ 
be used in concert with another local exploit to delete a different file named \ 
"update.log" instead of the one intended.
Note: This attack only affects Windows operating systems. Other operating \ 
systems are not affected.
References

    Bug 1234401

#CVE-2017-7797: Response header name interning leaks across origins

Reporter
    Anne van Kesteren
Impact
    low

Description

Response header name interning does not have same-origin protections and these \ 
headers are stored in a global registry. This allows stored header names to be \ 
available cross-origin.
References

    Bug 1334776

#CVE-2017-7780: Memory safety bugs fixed in Firefox 55

Reporter
    Mozilla developers and community
Impact
    critical

Description

Mozilla developers and community members Gary Kwong, Christian Holler, André \ 
Bargull, Bob Clary, Carsten Book, Emilio Cobos Álvarez, Masayuki Nakano, \ 
Sebastian Hengst, Franziskus Kiefer, Tyson Smith, and Ronald Crane reported \ 
memory safety bugs present in Firefox 54. Some of these bugs showed evidence of \ 
memory corruption and we presume that with enough effort that some of these \ 
could be exploited to run arbitrary code.
References

    Memory safety bugs fixed in Firefox 55

#CVE-2017-7779: Memory safety bugs fixed in Firefox 55 and Firefox ESR 52.3

Reporter
    Mozilla developers and community
Impact
    critical

Description

Mozilla developers and community members Masayuki Nakano, Gary Kwong, Ronald \ 
Crane, Andrew McCreight, Tyson Smith, Bevis Tseng, Christian Holler, Bryce Van \ 
Dyk, Dragana Damjanovic, Kartikaya Gupta, Philipp, Tristan Bourvon, and \ 
Andi-Bogdan Postelnicu reported memory safety bugs present in Firefox 54 and \ 
Firefox ESR 52.2. Some of these bugs showed evidence of memory corruption and we \ 
presume that with enough effort that some of these could be exploited to run \ 
arbitrary code.
References

    Memory safety bugs fixed in Firefox 55 and Firefox ESR 52.3
   2017-07-12 03:47:10 by Ryo ONODERA | Files touched by this commit (1)
Log message:
Bump required devel/nspr version

Fix PR pkg/52392
   2017-07-09 11:04:00 by Maya Rashish | Files touched by this commit (3) | Package updated
Log message:
firefox{,45,52}: bump pkgrevision with no change.

these packages pull in GCC_REQD+=4.9 via mozilla-common.mk, and
are very widely used (I suspect only www/firefox actually needs it)

this will take care of most of the fallout from major bumping
pkgsrc-gcc-libstdc++ to 7 on netbsd. these are the most widely
used packages setting GCC_REQD>4.8.
   2017-07-03 14:27:49 by Ryo ONODERA | Files touched by this commit (3) | Package updated
Log message:
Update to 54.0.1

Changelog:

Fixed
    Fix a display issue of tab title (bug 1357656)

    Fix a display issue of opening new tab (bug 1371995)

    Fix a display issue when opening multiple tabs (bug 1371962)

    Fix a tab display issue when downloading files (bug 1373109)

    Fix a PDF printing issue (bug 1366744)

    Fix a Netflix issue on Linux (bug 1375708)