./www/firefox, Web browser with support for extensions (version 68)

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 68.0.2, Package name: firefox-68.0.2, Maintainer: ryoon

Mozilla Firefox is a free, open-source and cross-platform web browser
for Windows, Linux, MacOS X and many other operating systems.

It is fast and easy to use, and offers many advantages over other web
browsers, such as tabbed browsing and the ability to block pop-up

Firefox also offers excellent bookmark and history management, and it
can be extended by developers using industry standards such as XML,
CSS, JavaScript, C++, etc. Many extensions are available.

Required to run:
[sysutils/desktop-file-utils] [sysutils/dbus-glib] [textproc/icu] [graphics/MesaLib] [net/libIDL] [devel/nspr] [devel/libffi] [devel/nss] [x11/gtk2] [x11/pixman] [x11/gtk3] [graphics/libwebp] [lang/gcc6-libs] [multimedia/ffmpeg4]

Required to build:
[pkgtools/x11-links] [devel/nasm] [devel/yasm] [x11/xcb-proto] [lang/clang] [x11/fixesproto4] [pkgtools/cwrappers] [lang/rust] [lang/gcc6] [x11/xorgproto]

Package options: dbus, oss

Master sites:

SHA1: 1e532075b573148a88296aa56ab149ddbd786882
RMD160: 5ebc53b37a46e8423a62f8c7448ec3ed6daba76e
Filesize: 303962.313 KB

Version history: (Expand)

CVS history: (Expand)

   2019-08-16 16:04:19 by Ryo ONODERA | Files touched by this commit (3) | Package updated
Log message:
Update to 68.0.2

    Fixed a bug causing some special characters to be cut off from the end of \ 
the search terms when searching from the URL bar (bug 1560228)

    Allow fonts to be loaded via file:// URLs when opening a page locally (bug \ 

    Printing emails from the Outlook web app no longer prints only the header \ 
and footer (bug 1567105)

    Fixed a bug causing some images not to be displayed on reload, including on \ 
Google Maps (bug 1565542)

    Fixed an error when starting external applications configured as URI \ 
handlers (bug 1567614)

Security fixes
#CVE-2019-11733: Stored passwords in 'Saved Logins' can be copied without master \ 
password entry
   2019-08-12 03:04:38 by Izumi Tsutsui | Files touched by this commit (2)
Log message:
firefox: fix ICE on NetBSD/i386 8.1 build. (PR pkg/54383)

Thanks to Santhosh Raju for information of the upstream fix.
   2019-08-11 15:25:21 by Thomas Klausner | Files touched by this commit (3557) | Package updated
Log message:
Bump PKGREVISIONs for perl 5.30.0
   2019-07-24 15:52:52 by Ryo ONODERA | Files touched by this commit (2) | Package updated
Log message:
Update to 68.0.1

    Fixed missing Full Screen button when watching videos in full
    screen mode on HBO GO (bug 1562837)

    Fixed a bug causing incorrect messages to appear for some
    locales when sites try to request the use of the Storage Access
    API (bug 1558503)

    Users in Russian regions may have their default search engine
    changed (bug 1565315)

    Built-in search engines in some locales do not function correctly
    (bug 1565779)
   2019-07-22 00:26:08 by Thomas Klausner | Files touched by this commit (1256)
Log message:
*: recursive bump for gdk-pixbuf2-2.38.1
   2019-07-12 05:52:13 by David H. Gutteridge | Files touched by this commit (1)
Log message:
firefox: note new cbindgen and NSS minimum dependencies

cbindgen is now >= 0.8.7 and NSS is now >= 3.44.1.
   2019-07-12 03:17:33 by David H. Gutteridge | Files touched by this commit (1)
Log message:
firefox: note Rust dependency is now >= 1.34.0
   2019-07-11 13:32:40 by Ryo ONODERA | Files touched by this commit (16) | Package updated
Log message:
Update to 68.0


    Dark mode in reader view expands so that windows are also dark on the \ 
controls, sidebars and toolbars.

    Improved extension security and discovery:
        New reporting feature in about:addons allows you to report security and \ 
performance issues with extensions and themes.
        Redesigned extensions dashboard in about:addons provides easy access to \ 
information about your extensions, including data and settings access required \ 
by each extension.
        Find high quality, secure extensions via the Recommended Extensions \ 
program in about:addons, which now displays user count and ratings for each \ 
extension. "Recommended” badges for these extensions also appear on AMO. \ 
More extensions will be added over time.

    Cryptomining and fingerprinting protections are added to strict content \ 
blocking settings in Privacy & Security preferences.

    WebRender will roll out to Windows 10 users with AMD graphics cards.

    Windows Background Intelligent Transfer Service (BITS) update download \ 
support, which allows Firefox update downloads to continue when Firefox is \ 


    Various security fixes

    Local files can no longer access other files in the same directory.

Security fixes:
#CVE-2019-9811: Sandbox escape via installation of malicious language pack
#CVE-2019-11711: Script injection within domain through inner window reuse
#CVE-2019-11712: Cross-origin POST requests can be made with NPAPI plugins by \ 
following 308 redirects
#CVE-2019-11713: Use-after-free with HTTP/2 cached stream
#CVE-2019-11714: NeckoChild can trigger crash when accessed off of main thread
#CVE-2019-11729: Empty or malformed p256-ECDH public keys may trigger a \ 
segmentation fault
#CVE-2019-11715: HTML parsing error can contribute to content XSS
#CVE-2019-11716: globalThis not enumerable until accessed
#CVE-2019-11717: Caret character improperly escaped in origins
#CVE-2019-11718: Activity Stream writes unsanitized content to innerHTML
#CVE-2019-11719: Out-of-bounds read when importing curve25519 private key
#CVE-2019-11720: Character encoding XSS vulnerability
#CVE-2019-11721: Domain spoofing through unicode latin 'kra' character
#CVE-2019-11730: Same-origin policy treats all files in a directory as having \ 
the same-origin
#CVE-2019-11723: Cookie leakage during add-on fetching across private browsing \ 
#CVE-2019-11724: Retired site input.mozilla.org has remote troubleshooting \ 
#CVE-2019-11725: Websocket resources bypass safebrowsing protections
#CVE-2019-11727: PKCS#1 v1.5 signatures can be used for TLS 1.3
#CVE-2019-11728: Port scanning through Alt-Svc header
#CVE-2019-11710: Memory safety bugs fixed in Firefox 68
#CVE-2019-11709: Memory safety bugs fixed in Firefox 68 and Firefox ESR 60.8