Navigation:
Browse pkgsrc
(this page)| 2020-02-08 23:06:38 by Kamil Rytarowski | Files touched by this commit (3) |
Log message: firefox68: Workaround broken pthread_equal() usage Switch to an internal version of pthread_equal() without sanity checks. Problems detected on NetBSD 9.99.46. |
| 2020-01-22 14:36:27 by Ryo ONODERA | Files touched by this commit (2) |
Log message:
firefox68: Update to 68.4.2
Changelog:
Fixed
Fixed various issues opening files with spaces in their path (bug 1601905, \
bug 1602726)
|
| 2020-01-18 22:51:16 by Jonathan Perkin | Files touched by this commit (1836) |
Log message: *: Recursive revision bump for openssl 1.1.1. |
| 2020-01-09 21:51:59 by Nia Alarie | Files touched by this commit (2) |
Log message: firefox68: Update to 68.4.1 This release fixes one zero-day vulnerability: CVE-2019-17026: IonMonkey type confusion with StoreElementHole and \ FallibleStoreElement Incorrect alias information in IonMonkey JIT compiler for setting array elements \ could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw |
| 2020-01-08 22:49:32 by Nia Alarie | Files touched by this commit (3) |
Log message: firefox68: Update to 68.4.0 Security Vulnerabilities fixed in Firefox ESR 68.4: # CVE-2019-17015: Memory corruption in parent process during new content process \ initialization on Windows # CVE-2019-17016: Bypass of @namespace CSS sanitization during pasting # CVE-2019-17017: Type Confusion in XPCVariant.cpp # CVE-2019-17021: Heap address disclosure in parent process during content \ process initialization on Windows # CVE-2019-17022: CSS sanitization does not escape HTML tags # CVE-2019-17024: Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4 |
| 2020-01-05 18:57:58 by Nia Alarie | Files touched by this commit (2) |
Log message: firefox[68]: Enable WebRTC by default on NetBSD 9+. Tested with Jitsi Meet. |
| 2020-01-05 18:55:22 by Nia Alarie | Files touched by this commit (9) |
Log message: *: Enable Wayland where supported in GTK and Firefox. Bump PKGREVISIONs |
| 2019-12-22 17:07:48 by Nia Alarie | Files touched by this commit (1) |
Log message: firefox68: Uncomment SUPPORTED_OPTIONS for PLIST fix |
| 2019-12-22 15:33:58 by Greg Troxel | Files touched by this commit (2) |
Log message: www/firefox68: Resolve pkg-build-options/not-bl3 issue firefox68 tries to use pkg-build-options to find out if gtk3 was (or will be) built with wayland, as that affects the PLIST. The current code works for some and causes failures for others, including failures of thunderbird. pkg-build-options insists on only being called from bl3, but the use in Makefile (to manage PLIST changes) seems sensible. This commit removes the use of pkg-build-options, resolving the build issues on netbsd-8, and adds a default-off wayland option to firefox68 that merely adjusts the PLIST, so that people building firefox68 with a wayland-enabled gtk3 have an easier time. I don't believe that any default-option binary packages will change, so no PKGREVISION++. A proper fix is deferred until after the branch. This could involve allowing pkg-build-options to be used in Makefile* instead of only bl3, or adding wayland detection and setting some variable to gtk3's bl3. As discussed on pkgsrc-users and offlist with nia@. |
| 2019-12-08 21:09:41 by Nia Alarie | Files touched by this commit (4) |
Log message: firefox68: Update to 68.3.0 pkgsrc changes: - Fixed building with wayland libs installed Security fixes: - CVE-2019-17008: Use-after-free in worker destruction - CVE-2019-13722: Stack corruption due to incorrect number of arguments in \ WebRTC code - CVE-2019-11745: Out of bounds write in NSS when encrypting with a block cipher - CVE-2019-17009: Updater temporary files accessible to unprivileged processes - CVE-2019-17010: Use-after-free when performing device orientation checks - CVE-2019-17005: Buffer overflow in plain text serializer - CVE-2019-17011: Use-after-free when retrieving a document in antitracking - CVE-2019-17012: Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3 |
New packages: