Log message:
firefox: reflect correct minimum NSS and Rust for 125

Log message:
www/firefox: Update to 125.0.1

* Back to multimedia/ffmpeg6.
  ffmpeg7 causes unstable H.264 and AV1 playback.

Changelog:
125.0.1;
New

  * Firefox now supports the AV1 codec for Encrypted Media Extensions (EME),
    enabling higher-quality playback from video streaming providers.

  * The Firefox PDF viewer now supports text highlighting.

  * Firefox View now displays pinned tabs in the Open tabs section. Tab
    indicators have also been added to Open tabs, so users can do things like
    see which tabs are playing media and quickly mute or unmute across windows.
    Indicators were also added for bookmarks, tabs with notifications, and
    more!

  * Firefox now prompts users in the US and Canada to save their addresses upon
    submitting an address form, allowing Firefox to autofill stored address
    information in the future.

  * Firefox now more proactively blocks downloads from URLs that are considered
    to be potentially untrustworthy.

  * The URL Paste Suggestion feature provides a convenient way for users to
    quickly visit URLs copied to the clipboard in the address bar of Firefox.
    When the clipboard contains a URL and the URL bar is focused, an
    autocomplete result appears automatically. Activating the clipboard
    suggestion will navigate the user to the URL with 1 click.

  * Users of tab-specific Container add-ons can now search in the Address Bar
    for tabs that are open in different containers. Special thanks to volunteer
    contributor atararx for kicking off the work on this feature!

  * Firefox now provides an option to enable Web Proxy Auto-Discovery (WPAD)
    while configured to use system proxy settings.

Fixed

  * Various security fixes.

Security fixes:
Mozilla Foundation Security Advisory 2024-18
#CVE-2024-3852: GetBoundName in the JIT returned the wrong object
#CVE-2024-3853: Use-after-free if garbage collection runs during realm
 initialization
#CVE-2024-3854: Out-of-bounds-read after mis-optimized switch statement
#CVE-2024-3855: Incorrect JIT optimization of MSubstr leads to out-of-bounds
 reads
#CVE-2024-3856: Use-after-free in WASM garbage collection
#CVE-2024-3857: Incorrect JITting of arguments led to use-after-free during
 garbage collection
#CVE-2024-3858: Corrupt pointer dereference in js::CheckTracedThing<js::Shape>
#CVE-2024-3859: Integer-overflow led to out-of-bounds-read in the OpenType
 sanitizer
#CVE-2024-3860: Crash when tracing empty shape lists
#CVE-2024-3861: Potential use-after-free due to AlignedBuffer self-move
#CVE-2024-3862: Potential use of uninitialized memory in MarkStack assignment
 operator on self-assignment
#CVE-2024-3863: Download Protections were bypassed by .xrm-ms files on Windows
#CVE-2024-3302: Denial of Service using HTTP/2 CONTINUATION frames
#CVE-2024-3864: Memory safety bug fixed in Firefox 125, Firefox ESR 115.10, and
 Thunderbird 115.10
#CVE-2024-3865: Memory safety bugs fixed in Firefox 125

Log message:
firefox: drop comment that's no longer relevant

Log message:
firefox: Use ffmpeg7

Bump PKGREVISION.

Log message:
*: bump for cairo buildlink3.mk change

lzo was made an option

Log message:
www/firefox: Add missing patch

Log message:
www/firefox: Update to 124.0.1

Changelog:
124.0.2:
Fixed

  * Fixed an issue where users with a large amount of bookmarks would be unable
    to restore a bookmarks backup. (Bug 1884308)

  * Fixed an issue that would cause open Firefox windows to go blank or crash
    during video playback on sites such as Netflix. (Bug 1883932)

  * Fixed a crash that affected Linux AArch64 builds.(Bug 1866396)

  * Fixed an issue where some users experienced difficulties loading webpages
    due to changes made to the default AppArmor configuration shipping in
    Ubuntu 24.04. (Bug 1884347)

124.0.1:
Fixed

  * Security fixes.

Mozilla Foundation Security Advisory 2024-15
#CVE-2024-29943: Out-of-bounds access via Range Analysis bypass
#CVE-2024-29944: Privileged JavaScript Execution via Event Handlers

124.0:
New

  * Caret browsing mode now also works in the PDF viewer. (Learn more)

  * In Firefox View, open tabs can now be sorted by either recent activity or
    tab order. Recent activity is the default setting.

  * Firefox now populates the Windows taskbar jump list more efficiently, which
    should allow for a smoother overall browsing experience.

  * Firefox on Mac now uses the macOS fullscreen API for all types of
    fullscreen windows. This should better match the expected macOS user
    experience for fullscreen spaces, menubar and the Dock.

  * As of Firefox 124, Qwant's availability has been expanded to all languages
    in the France region along with Belgium, Italy, Netherlands, Spain, and
    Switzerland.

Fixed

  * Various security fixes.

Mozilla Foundation Security Advisory 2024-12
#CVE-2024-2605: Windows Error Reporter could be used as a Sandbox escape vector
#CVE-2024-2606: Mishandling of WASM register values
#CVE-2024-2607: JIT code failed to save return registers on Armv7-A
#CVE-2024-2608: Integer overflow could have led to out of bounds write
#CVE-2023-5388: NSS susceptible to timing attack against RSA decryption
#CVE-2024-2609: Permission prompt input delay could expire when not in focus
#CVE-2024-2610: Improper handling of html and body tags enabled CSP nonce
#CVE-2024-2611: Clickjacking vulnerability could have led to a user
 accidentally granting permissions
#CVE-2024-2612: Self referencing object could have potentially led to a
 use-after-free
#CVE-2024-2613: Improper handling of QUIC ACK frame data could have led to OOM
#CVE-2024-2614: Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9, and
 Thunderbird 115.9
#CVE-2024-2615: Memory safety bugs fixed in Firefox 124

Log message:
* recursive bump for libxkbcommon 1.7.0

Marc Baudoin reported problems with using old binary packages
with the new libkxbcommon, so force everything to 1.7.0

Log message:
firefox: restore webcam support,  bump PKGREVISION

Log message:
firefox: Update to 123.0.1

Changelog:
123.0.1:
Fixed

  * Fixed the Firefox Translation language indicator in the address bar
    displaying a colored square icon instead of the language code icon. (Bug
    1879415)

  * Fixed incorrect rendering of Canvas2D conic gradients colors on Windows. (
    Bug 1851963)

  * Fixed a regression with the onChange event not firing when clearing the
    value of a textarea HTML field. (Bug 1881457)

  * Fixed availability of system-level dictionaries for Linux users with
    Firefox installed as a Flatpak package. (Bug 1881830)

  * Fixed a regression in the JavaScript JIT engine incorrectly inlining
    strings in some cases. (Bug 1882386)

  * Fixed low contrast of text when selecting rows in the Developer tools'
    Storage panel. (Bug 1877090)