Subject: CVS commit: pkgsrc/www/firefox
From: Ryo ONODERA
Date: 2024-01-31 16:54:52
Message id: 20240131155452.E8031FA42@cvs.NetBSD.org
Log Message:
firefox: Update to 122.0

CHangelog:
122.0:
New

  * Firefox now displays images and descriptions for search suggestions when
    provided by the search engine.

  * The translations feature received an improvement in the quality of
    translated webpages. The results should be much more stable. This fixes
    issues where the content of a page could disappear when translated, or
    interactive widgets could break.

  * Firefox now supports creating and using passkeys stored in the iCloud
    Keychain on macOS.

  * MDN Web Docs article suggestions from Firefox Suggest will be available in
    the address bar for users searching for web development-related
    information.

  * The line breaking rules of Web content now match the Unicode Standard. This
    improves Web Browser compatibility for line breaking. An additional
    improvement for East Asian and South East Asian end users, Firefox now
    supports proper language-aware word selection when double-clicking on text
    for languages including Chinese, Japanese, Burmese, Lao, Khmer, and Thai.

  * Firefox now ships with a new .deb package for Linux users on Ubuntu,
    Debian, and Linux Mint.

Fixed

  * Various security fixes.

Security fixes:
Mozilla Foundation Security Advisory 2024-01
#CVE-2024-0741: Out of bounds write in ANGLE
#CVE-2024-0742: Failure to update user input timestamp
#CVE-2024-0743: Crash in NSS TLS method
#CVE-2024-0744: Wild pointer dereference in JavaScript
#CVE-2024-0745: Stack buffer overflow in WebAudio
#CVE-2024-0746: Crash when listing printers on Linux
#CVE-2024-0747: Bypass of Content Security Policy when directive unsafe-inline
 was set
#CVE-2024-0748: Compromised content process could modify document URI
#CVE-2024-0749: Phishing site popup could show local origin in address bar
#CVE-2024-0750: Potential permissions request bypass via clickjacking
#CVE-2024-0751: Privilege escalation through devtools
#CVE-2024-0752: Use-after-free could occur when applying update on macOS
#CVE-2024-0753: HSTS policy on subdomain could bypass policy of upper domain
#CVE-2024-0754: Crash when using some WASM files in devtools
#CVE-2024-0755: Memory safety bugs fixed in Firefox 122, Firefox ESR 115.7, and
 Thunderbird 115.7
Files:
RevisionActionfile
1.588modifypkgsrc/www/firefox/Makefile
1.521modifypkgsrc/www/firefox/distinfo
1.4modifypkgsrc/www/firefox/files/replace-moz.build.awk
1.3modifypkgsrc/www/firefox/patches/patch-third__party_libwebrtc_modules_desktop__capture_desktop__capture__gn_moz.build
1.15modifypkgsrc/www/firefox/patches/patch-xpcom_reflect_xptcall_md_unix_moz.build
1.7removepkgsrc/www/firefox/patches/patch-toolkit_xre_glxtest.cpp