Subject: CVS commit: [pkgsrc-2019Q4] pkgsrc/www/firefox68
From: Benny Siegert
Date: 2020-03-13 21:02:45
Message id: 20200313200245.54BFEFB27@cvs.NetBSD.org

Log Message:
Pullup ticket #6145 - requested by nia
www/firefox68: security fix

Revisions pulled up:
- www/firefox68/Makefile                                        1.15
- www/firefox68/PLIST                                           1.5
- www/firefox68/distinfo                                        1.11
- www/firefox68/mozilla-common.mk                               1.7
- www/firefox68/options.mk                                      1.8
- www/firefox68/patches/patch-aa                                1.2
- www/firefox68/patches/patch-build_moz.configure_old.configure deleted
- www/firefox68/patches/patch-dom_media_CubebUtils.cpp          1.2
- www/firefox68/patches/patch-media_libcubeb_src_cubeb.c        1.2
- www/firefox68/patches/patch-media_libcubeb_src_cubeb__oss.c   deleted
- www/firefox68/patches/patch-media_libcubeb_src_moz.build      1.2
- www/firefox68/patches/patch-media_libcubeb_update.sh          1.2
- www/firefox68/patches/patch-toolkit_library_moz.build         1.2

---
   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Thu Mar 12 19:39:35 UTC 2020

   Modified Files:
   	pkgsrc/www/firefox68: Makefile PLIST distinfo mozilla-common.mk
   	    options.mk
   	pkgsrc/www/firefox68/patches: patch-aa patch-dom_media_CubebUtils.cpp
   	    patch-media_libcubeb_src_cubeb.c patch-media_libcubeb_src_moz.build
   	    patch-media_libcubeb_update.sh patch-toolkit_library_moz.build
   Removed Files:
   	pkgsrc/www/firefox68/patches: patch-build_moz.configure_old.configure
   	    patch-media_libcubeb_src_cubeb__oss.c

   Log Message:
   firefox68: Update to 68.6.0

   While here,

   - Remove OSS support now that cubeb_sun has been stable for a long while
   - Appease pkglint

   Security fixes in this release:

   #CVE-2020-6805: Use-after-free when removing data about origins
   #CVE-2020-6806: BodyStream::OnInputStreamReady was missing protections
   #CVE-2020-6807: Use-after-free in cubeb during stream destruction
   #CVE-2020-6811: Devtools' 'Copy as cURL' feature did not fully escape
   #CVE-2019-20503: Out of bounds reads in sctp_load_addresses_from_init
   #CVE-2020-6812: The names of AirPods with personally identifiable
   #CVE-2020-6814: Memory safety bugs fixed in Firefox 74 and Firefox ESR 68.6

Files:
RevisionActionfile
1.5.4.3modifypkgsrc/www/firefox68/Makefile
1.3.4.2modifypkgsrc/www/firefox68/PLIST
1.5.4.3modifypkgsrc/www/firefox68/distinfo
1.6.4.1modifypkgsrc/www/firefox68/mozilla-common.mk
1.4.4.1modifypkgsrc/www/firefox68/options.mk
1.1.6.1modifypkgsrc/www/firefox68/patches/patch-aa
1.1.6.1modifypkgsrc/www/firefox68/patches/patch-dom_media_CubebUtils.cpp
1.1.6.1modifypkgsrc/www/firefox68/patches/patch-media_libcubeb_src_cubeb.c
1.1.6.1modifypkgsrc/www/firefox68/patches/patch-media_libcubeb_src_moz.build
1.1.6.1modifypkgsrc/www/firefox68/patches/patch-media_libcubeb_update.sh
1.1.6.1modifypkgsrc/www/firefox68/patches/patch-toolkit_library_moz.build
1.1removepkgsrc/www/firefox68/patches/patch-build_moz.configure_old.configure
1.1removepkgsrc/www/firefox68/patches/patch-media_libcubeb_src_cubeb__oss.c