Path to this page:
Subject: CVS commit: [pkgsrc-2016Q1] pkgsrc/www/firefox
From: Benny Siegert
Date: 2016-05-19 14:56:31
Message id: 20160519125631.2A27DFBBA@cvs.NetBSD.org
Log Message:
Pullup ticket #5015 - requested by sevan
www/firefox: security fix
Revisions pulled up:
- www/firefox/Makefile 1.249-1.250
- www/firefox/PLIST 1.105-1.106
- www/firefox/distinfo 1.242-1.243
- www/firefox/mozilla-common.mk 1.73
- www/firefox/patches/patch-aa 1.45
- www/firefox/patches/patch-config_external_moz.build 1.11
- www/firefox/patches/patch-config_system-headers 1.18
- www/firefox/patches/patch-dom_media_gstreamer_GStreamerAllocator.cpp deleted
- www/firefox/patches/patch-dom_media_moz.build 1.3
- www/firefox/patches/patch-gfx_skia_generate__mozbuild.py 1.4
- www/firefox/patches/patch-gfx_skia_moz.build 1.11
- www/firefox/patches/patch-gfx_skia_skia_src_core_SkUtilsArm.cpp 1.2
- \
www/firefox/patches/patch-gfx_skia_skia_src_opts_SkBitmapProcState__opts__arm.cpp \
deleted
- www/firefox/patches/patch-gfx_skia_skia_src_opts_memset.arm.S deleted
- www/firefox/patches/patch-gfx_thebes_moz.build 1.3
- www/firefox/patches/patch-media_libcubeb_src_cubeb.c 1.3
- www/firefox/patches/patch-media_libcubeb_src_cubeb__alsa.c 1.14
- www/firefox/patches/patch-media_libcubeb_src_moz.build 1.7
- www/firefox/patches/patch-media_libtheora_moz.build 1.5
- www/firefox/patches/patch-pb deleted
- www/firefox/patches/patch-pc deleted
- www/firefox/patches/patch-toolkit_library_moz.build 1.5
- www/firefox/patches/patch-xpcom_reflect_xptcall_md_unix_moz.build 1.5
---
Module Name: pkgsrc
Committed By: ryoon
Date: Wed Apr 13 20:37:33 UTC 2016
Modified Files:
pkgsrc/www/firefox: Makefile PLIST distinfo
Log Message:
Update to 45.0.2
Changelog:
Fixed:
Fix an issue impacting the cookie header when third-party cookies are \
blocked (1257861)
Fix a web compatibility regression impacting the srcset attribute of the \
image tag (1259482)
Fix a regression with the copy and paste with some old versions of some \
Gecko applications like Thunderbird (1254980)
Fix a crash impacting the video playback with Media Source Extension (1258562)
Fix a regression impacting some specific uploads (1255735)
---
Module Name: pkgsrc
Committed By: ryoon
Date: Wed Apr 27 16:22:40 UTC 2016
Modified Files:
pkgsrc/www/firefox: Makefile PLIST distinfo mozilla-common.mk
pkgsrc/www/firefox/patches: patch-aa patch-config_external_moz.build
patch-config_system-headers patch-dom_media_moz.build
patch-gfx_skia_generate__mozbuild.py patch-gfx_skia_moz.build
patch-gfx_skia_skia_src_core_SkUtilsArm.cpp
patch-gfx_thebes_moz.build patch-media_libcubeb_src_cubeb.c
patch-media_libcubeb_src_cubeb__alsa.c
patch-media_libcubeb_src_moz.build patch-media_libtheora_moz.build
patch-toolkit_library_moz.build
patch-xpcom_reflect_xptcall_md_unix_moz.build
Removed Files:
pkgsrc/www/firefox/patches:
patch-dom_media_gstreamer_GStreamerAllocator.cpp
patch-gfx_skia_skia_src_opts_SkBitmapProcState__opts__arm.cpp
patch-gfx_skia_skia_src_opts_memset.arm.S patch-pb patch-pc
Log Message:
Update to 46.0
* Drop buildlink to gstreamer1
Changelog:
New
Improved security of the JavaScript Just In Time (JIT) Compiler
GTK3 integration (GNU/Linux only)
Fixed
Correct rendering for scaled SVGs that use a clip and a mask
Various security fixes
Screen reader behavior with blank spaces in Google Docs corrected
Changed
WebRTC fixes to improve performance and stability
Developer
Display dominator trees in Memory tool
Allocation and garbage collection pause profiling in the performance panel
Launch responsive mode from the Style Editor @media sidebar
HTML5
Added support for document.elementsFromPoint
Added HKDF support for Web Crypto API
Fixed in Firefox 46
2016-48 Firefox Health Reports could accept events from untrusted domains
2016-47 Write to invalid HashMap entry through JavaScript.watch()
2016-46 Elevation of privilege with chrome.tabs.update API in web extensions
2016-45 CSP not applied to pages sent with multipart/x-mixed-replace
2016-44 Buffer overflow in libstagefright with CENC offsets
2016-43 Disclosure of user actions through JavaScript with motion and \
orientation sensors
2016-42 Use-after-free and buffer overflow in Service Workers
2016-41 Content provider permission bypass allows malicious application \
to access data
2016-40 Privilege escalation through file deletion by Maintenance Service \
updater
2016-39 Miscellaneous memory safety hazards (rv:46.0 / rv:45.1 / rv:38.8)
Files: