Navigation:
Browse pkgsrc
(this page)
New packages:Log Message:
www/firefox: Update to 133.0.3
Changelog:
133.0.3:
Fixed
* Fixed the missing scrollbar in the Library window, such as when viewing
History or Bookmarks. (Bug 1934482)
* Fixed a problem where toolbar buttons were not visible on mouseover when
using both the Windows High Contrast theme and the Firefox System theme. (
Bug 1930840)
* Fixed blurry line drawing on some Canvas elements when hardware
acceleration is enabled. (Bug 1933668)
* Fixed incorrect Firefox window positioning on Windows when restoring from
maximized. (Bug 1934238)
133.0:
New
* Firefox now has a new anti-tracking feature, Bounce Tracking Protection,
which is now available in Enhanced Tracking Protection's "Strict" mode.
This feature detects bounce trackers based on their redirect behavior and
periodically purges their cookies and site data to block tracking.
* The sidebar to view tabs from other devices can now be opened via the Tab
overview menu.
screenshot of the Tab Overview menu showing the tabs from other devices
menu entry
* Canvas2D switched from Direct2D to a platform independent acceleration
backend on Windows.
Fixed
* Various security fixes.
* The "Picture-in-Picture: auto-open on tab switch" feature from Firefox
Labs now behaves more reliably across a wider range of sites, automatically
opening relevant videos while ignoring others.
Changed
* When server time is available, the "expire" attribute value is \
adjusted by
adding the difference between the server and local times. If the current
time is set in the future, cookies that have not expired according to the
server time are considered valid.
Security fixes:
Mozilla Foundation Security Advisory 2024-63
#CVE-2024-11691: Out-of-bounds write in Apple GPU drivers via WebGL
#CVE-2024-11700: Potential Tapjacking Exploit for Intent Confirmation on
Android
#CVE-2024-11692: Select list elements could be shown over another site
#CVE-2024-11701: Misleading Address Bar State During Navigation Interruption
#CVE-2024-11702: Inadequate Clipboard Protection in Private Browsing Mode on
Android
#CVE-2024-11693: Download Protections were bypassed by .library-ms files on
Windows
#CVE-2024-11694: CSP Bypass and XSS Exposure via Web Compatibility Shims
#CVE-2024-11695: URL Bar Spoofing via Manipulated Punycode and Whitespace
Characters
#CVE-2024-11703: Password access without authentication via PIN bypass on
Android
#CVE-2024-11696: Unhandled Exception in Add-on Signature Verification
#CVE-2024-11697: Improper Keypress Handling in Executable File Confirmation
Dialog
#CVE-2024-11704: Potential Double-Free Vulnerability in PKCS#7 Decryption
Handling
#CVE-2024-11698: Fullscreen Lock-Up When Modal Dialog Interrupts Transition on
macOS
#CVE-2024-11705: Null Pointer Dereference in NSC_DeriveKey
#CVE-2024-11706: Null Pointer Dereference in PKCS#12 Utility
#CVE-2024-11708: Data race with PlaybackParams
#CVE-2024-11699: Memory safety bugs fixed in Firefox 133, Firefox ESR 128.5,
and Thunderbird 128.5