./www/firefox45, Web browser with support for extensions (version 45)

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 45.9.0nb1, Package name: firefox45-45.9.0nb1, Maintainer: ryoon

Mozilla Firefox is a free, open-source and cross-platform web browser
for Windows, Linux, MacOS X and many other operating systems.

It is fast and easy to use, and offers many advantages over other web
browsers, such as tabbed browsing and the ability to block pop-up
windows.

Firefox also offers excellent bookmark and history management, and it
can be extended by developers using industry standards such as XML,
CSS, JavaScript, C++, etc. Many extensions are available.

This package tracks Firefox 45 ESR branch.

Changelog from www/firefox 45.0.2:
Fixed in Firefox ESR 45.1
2016-47 Write to invalid HashMap entry through JavaScript.watch()
2016-44 Buffer overflow in libstagefright with CENC offsets
2016-39 Miscellaneous memory safety hazards (rv:46.0 / rv:45.1 / rv:38.8)



Required to run:
[sysutils/desktop-file-utils] [textproc/icu] [graphics/MesaLib] [graphics/cairo] [graphics/jpeg] [net/libIDL] [devel/nspr] [devel/libffi] [devel/nss] [x11/gtk2] [textproc/hunspell] [x11/pixman] [audio/pulseaudio] [multimedia/libvpx] [lang/gcc48-libs] [graphics/graphite2] [multimedia/ffmpeg3]

Required to build:
[pkgtools/x11-links] [devel/yasm] [x11/compositeproto] [x11/glproto] [x11/renderproto] [x11/xproto] [x11/xf86vidmodeproto] [x11/recordproto] [x11/xf86driproto] [x11/damageproto] [x11/inputproto] [x11/xextproto] [x11/randrproto] [x11/dri2proto] [x11/xcb-proto] [x11/fixesproto4] [lang/python27] [lang/gcc48] [pkgtools/cwrappers]

Package options: pulseaudio

Master sites: (Expand)

SHA1: bef87fc7c9b1b787e847b8b8744af494774a1d6b
RMD160: d20e4dc4c5c7b65b590b9b46e7d46cfc4daf3a05
Filesize: 180270.723 KB

Version history: (Expand)


CVS history: (Expand)


   2017-05-13 04:34:30 by Pierre Pronchery | Files touched by this commit (2)
Log message:
Add dependency to multimedia/ffmpeg3

This fixes audio and H.264 support. From ryoon@ originally, on 46.0nb1 at
the time.

"commit" maya@
   2017-05-12 22:21:27 by Pierre Pronchery | Files touched by this commit (1)
Log message:
Register more binaries as not safe for PaX mprotect

This also reflects the current situation in www/firefox.

Bumps PKGREVISION.
   2017-05-10 16:13:26 by Ryo ONODERA | Files touched by this commit (2) | Package updated
Log message:
Update to 45.9.0

Changelog:
Security fixes:
 #CVE-2017-5433: Use-after-free in SMIL animation functions
 #CVE-2017-5435: Use-after-free during transaction processing in the editor
 #CVE-2017-5436: Out-of-bounds write with malicious font in Graphite 2
 #CVE-2017-5461: Out-of-bounds write in Base64 encoding in NSS
 #CVE-2017-5459: Buffer overflow in WebGL
 #CVE-2017-5434: Use-after-free during focus handling
 #CVE-2017-5432: Use-after-free in text input selection
 #CVE-2017-5460: Use-after-free in frame selection
 #CVE-2017-5438: Use-after-free in nsAutoPtr during XSLT processing
 #CVE-2017-5439: Use-after-free in nsTArray Length() during XSLT processing
 #CVE-2017-5440: Use-after-free in txExecutionState destructor during XSLT processing
 #CVE-2017-5441: Use-after-free with selection during scroll events
 #CVE-2017-5442: Use-after-free during style changes
 #CVE-2017-5464: Memory corruption with accessibility and DOM manipulation
 #CVE-2017-5443: Out-of-bounds write during BinHex decoding
 #CVE-2017-5444: Buffer overflow while parsing application/http-index-format content
 #CVE-2017-5446: Out-of-bounds read when HTTP/2 DATA frames are sent with \ 
incorrect data
 #CVE-2017-5447: Out-of-bounds read during glyph processing
 #CVE-2017-5465: Out-of-bounds read in ConvolvePixel
 #CVE-2017-5448: Out-of-bounds write in ClearKeyDecryptor
 #CVE-2016-10196: Vulnerabilities in Libevent library
 #CVE-2017-5469: Potential Buffer overflow in flex-generated code
 #CVE-2017-5445: Uninitialized values used while parsing \ 
application/http-index-format content
 #CVE-2017-5462: DRBG flaw in NSS
 #CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and \ 
Firefox ESR 52.1
   2017-04-22 23:04:05 by Adam Ciarcinski | Files touched by this commit (670) | Package updated
Log message:
Revbump after icu update
   2017-03-26 05:54:37 by Ryo ONODERA | Files touched by this commit (1)
Log message:
Remove PKGREVISION
   2017-03-26 05:53:34 by Ryo ONODERA | Files touched by this commit (4) | Package updated
Log message:
Update to 45.8.0

Changelog:
 #CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP
 #CVE-2017-5401: Memory Corruption when handling ErrorResult
 #CVE-2017-5402: Use-after-free working with events in FontFace objects
 #CVE-2017-5404: Use-after-free working with ranges in selections
 #CVE-2017-5407: Pixel and history stealing via floating-point timing side \ 
channel with SVG filters
 #CVE-2017-5410: Memory corruption during JavaScript garbage collection \ 
incremental sweeping
 #CVE-2017-5409: File deletion via callback parameter in Mozilla Windows Updater \ 
and Maintenance Service
 #CVE-2017-5408: Cross-origin reading of video captions in violation of CORS
 #CVE-2017-5405: FTP response codes can cause use of uninitialized values for ports
 #CVE-2017-5398: Memory safety bugs fixed in Firefox 52 and Firefox ESR 45.8
   2017-02-12 07:26:18 by Ryo ONODERA | Files touched by this commit (1451)
Log message:
Recursive revbump from fonts/harfbuzz
   2017-02-08 08:32:01 by Maya Rashish | Files touched by this commit (4)
Log message:
firefox45: make oss audio not overflow (sound like crap) when playing
bass-heavy sounds, similar to the change made to www/firefox.

put this patch in files/ because it's the right thing and also because
I'm struggling to make changes to the patch, possibly my moving the
location of EOF so the patch doesn't apply fully (guessing)

PKGREVISION->2