Log message:
firefox: Update to 121.0

* CXXFLAGS has all CFLAGS values. Remove duplicated CXXFLAGS.

Changelog:
121.0
New

  * Firefox now prompts Windows users to install the Microsoft AV1 Video
    Extension to enable hardware decoding support for the AV1 video codec from
    about:support if not already installed.

  * Firefox now supports Voice Control commands on macOS systems.

  * On Linux, Firefox now defaults to the Wayland compositor when available
    instead of XWayland. This brings support for touchpad & touchscreen
    gestures, swipe-to-nav, per-monitor DPI settings, better graphics
    performance, and more.

    Note that due to Wayland protocol limitations, Picture-in-Picture windows
    require an extra user interaction (generally right-click on the window) or
    a shell / desktop-environment tweak. See bug 1621261 for related discussion
    and tracking, this post for a KDE configuration, and this extension for
    GNOME. It is also a known issue that windows are not correctly placed when
    restoring a previous session on launch.

  * Firefox can now force links to always be underlined. This option can be
    enabled in the Browsing section of the Firefox Settings menu.

  * The PDF viewer now includes a floating button to simplify deleting
    drawings, text, and images added in PDFs.

Fixed

  * Various security fixes.

  * Ubuntu Firefox Snap builds did not default to Wayland compositing on some
    systems as expected when Firefox 121 was first released. This is now fixed
    and updated builds can be installed with the Ubuntu Software Updater.

Security fixes:
Mozilla Foundation Security Advisory 2023-56
#CVE-2023-6856: Heap-buffer-overflow affecting WebGL DrawElementsInstanced
 method with Mesa VM driver
#CVE-2023-6135: NSS susceptible to "Minerva" attack
#CVE-2023-6865: Potential exposure of uninitialized data in
 EncryptingOutputStream
#CVE-2023-6857: Symlinks may resolve to smaller than expected buffers
#CVE-2023-6858: Heap buffer overflow in nsTextFragment
#CVE-2023-6859: Use-after-free in PR_GetIdentitiesLayer
#CVE-2023-6866: TypedArrays lack sufficient exception handling
#CVE-2023-6860: Potential sandbox escape due to VideoBridge lack of texture
 validation
#CVE-2023-6867: Clickjacking permission prompts using the popup transition
#CVE-2023-6861: Heap buffer overflow affected nsWindow::PickerOpen(void) in
 headless mode
#CVE-2023-6868: WebPush requests on Firefox for Android did not require VAPID
 key
#CVE-2023-6869: Content can paint outside of sandboxed iframe
#CVE-2023-6870: Android Toast notifications may obscure fullscreen event
 notifications
#CVE-2023-6871: Lack of protocol handler warning in some instances
#CVE-2023-6872: Browsing history leaked to syslogs via GNOME
#CVE-2023-6863: Undefined behavior in ShutdownObserver()
#CVE-2023-6864: Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and
 Thunderbird 115.6
#CVE-2023-6873: Memory safety bugs fixed in Firefox 121

Log message:
firefox: on i386, use -mstackrealign also in CFLAGS.

This forces stack re-alignment, so that we don't get
segfault when doing movdqa %xmm7,(%esp) and %esp is not
16-byte aligned.

Bump PKGREVISION.

Log message:
firefox: Update to 120.0.1

Changelog:
Fixed

  * Fixed a bug that was causing persistent startup slowdowns. (bug 1867095)

  * Fixed an issue that was causing 100% CPU usage on sites such as Google
    Maps. (bug 1866409)

  * Fixed an issue that was causing YouTube videos to show a green screen when
    hardware acceleration was enabled. (bug 1865928)

  * Fixed an issue where the status bar was still visible when viewing
    fullscreen video. (bug 1853896)

  * Fixed a startup crash affecting Linux users on some aarch64 systems with
    page sizes other than 4KB. (bug 1866025)

Log message:
fix typo

Log message:
firefox: Update to 120.0

Changelog:
120.0
New

  * Firefox supports a new "Copy Link Without Site Tracking" feature in the
    context menu which ensures that copied links no longer contain tracking
    information.

    Screenshot showing Copy Link feature

  * Firefox now supports a setting (in Preferences -> Privacy & Security) to
    enable Global Privacy Control. With this opt-in feature, Firefox informs
    the websites that the user doesn't want their data to be shared or sold.

    Screenshot showing GPC preference

  * Firefox's private windows and ETP-Strict privacy configuration now enhance
    the Canvas APIs with Fingerprinting Protection, thereby continuing to
    protect our users' online privacy.

  * Firefox has enabled Cookie Banner Blocker by default in private windows for
    all users in Germany. Firefox will now auto-refuse cookies and dismiss
    annoying cookie banners for supported sites.

  * Firefox has enabled URL Tracking Protection by default in private windows
    for all users in Germany. Firefox will remove non-essential URL query
    parameters that are often used to track users across the web.

  * Firefox now imports TLS trust anchors (e.g., certificates) from the
    operating system root store. This will be enabled by default on Windows,
    macOS, and Android, and if needed, can be turned off in settings
    (Preferences -> Privacy & Security -> Certificates).

  * Keyboard shortcuts have now been added for editing and deleting a selected
    credential on about:logins. For editing - Alt + enter (Option + return on
    macOS) and for deleting - Alt + Backspace (Option + Delete on macOS).

  * Users on Ubuntu Linux now have the ability to import from Chromium when
    both are installed as Snap packages.

  * Picture-in-Picture now supports corner snapping on Windows and Linux - just
    hold Ctrl as you move the PiP window.

Fixed

  * Various security fixes.

Security fixes:
Mozilla Foundation Security Advisory 2023-49
#CVE-2023-6204: Out-of-bound memory access in WebGL2 blitFramebuffer
#CVE-2023-6205: Use-after-free in MessagePort::Entangled
#CVE-2023-6206: Clickjacking permission prompts using the fullscreen transition
#CVE-2023-6207: Use-after-free in ReadableByteStreamQueueEntry::Buffer
#CVE-2023-6208: Using Selection API would copy contents into X11 primary
 selection.
#CVE-2023-6209: Incorrect parsing of relative URLs starting with "///"
#CVE-2023-6210: Mixed-content resources not blocked in a javascript: pop-up
#CVE-2023-6211: Clickjacking to load insecure pages in HTTPS-only mode
#CVE-2023-6212: Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5, and
 Thunderbird 115.5
#CVE-2023-6213: Memory safety bugs fixed in Firefox 120

Log message:
firefox: Update to 119.0.1

* Update nodejs kit to 119.0.1.

Changelog:
119.0.1:
Fixed
  * Fixed a bug causing colors in the <select> HTML element to not be applied
    to dropdown menu arrows. (bug 1861253)

  * Fixed a bug with the <input> HTML element state not changing when
    dynamically updating the disabled attribute on an ancestor <fieldset>. (bug
    1861027)

  * Fixed a bug causing elements with the indeterminate CSS selector in a radio
    group to not update. (bug 1861346)

Log message:
*: recursive bump for cairo dependency changes

Log message:
*: revebump for new brotli option for freetype2

Addresses PR 57693

Log message:
firefox: clean some pkglint

Log message:
firefox: fix build with icu 74.1