./www/firefox, Web browser with support for extensions (version 87)

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 87.0nb1, Package name: firefox-87.0nb1, Maintainer: ryoon

Mozilla Firefox is a free, open-source and cross-platform web browser
for Windows, Linux, MacOS X and many other operating systems.

It is fast and easy to use, and offers many advantages over other web
browsers, such as tabbed browsing and the ability to block pop-up
windows.

Firefox also offers excellent bookmark and history management, and it
can be extended by developers using industry standards such as XML,
CSS, JavaScript, C++, etc. Many extensions are available.


Required to run:
[sysutils/desktop-file-utils] [sysutils/dbus-glib] [textproc/icu] [graphics/MesaLib] [net/libIDL] [devel/nspr] [devel/libevent] [devel/libffi] [devel/nss] [x11/gtk2] [x11/pixman] [x11/gtk3] [graphics/libwebp] [multimedia/ffmpeg4]

Required to build:
[pkgtools/x11-links] [databases/py-sqlite3] [x11/xcb-proto] [lang/clang] [x11/fixesproto4] [pkgtools/cwrappers] [x11/xorgproto] [lang/rust-bin]

Package options: dbus

Master sites:

SHA1: c5b752e49d4decc6193e846236b8a044ebca400f
RMD160: 49c2f6509e9d25f2e101bfae33385cb429bf2c8f
Filesize: 368442.504 KB

Version history: (Expand)


CVS history: (Expand)


   2021-04-09 08:55:06 by Thomas Klausner | Files touched by this commit (95) | Package updated
Log message:
*: bump PKGREVISION for nss linking fix
   2021-03-30 18:39:06 by Ryo ONODERA | Files touched by this commit (4) | Package updated
Log message:
firefox: Update to 87.0

Changelog:
New

  * You'll encounter less website breakage in Private Browsing and Strict
    Enhanced Tracking Protection with SmartBlock, which provides stand-in
    scripts so that websites load properly.

  * To further protect your privacy, our new default HTTP Referrer policy will
    trim path and query string information from referrer headers to prevent
    sites from accidentally leaking sensitive user data.

  * The "Highlight All" feature on Find in Page now displays tick marks
    alongside your scrollbar that correspond to the location of matches found
    on that page.

  * We're proud to announce full support for macOS built-in screen reader,
    VoiceOver.

  * We've added a new locale: Silesian (szl)

Fixed

  * We've fixed several significant accessibility issues:

      + Video controls now have visible focus styling and video and audio
        controls are now keyboard navigable. (Bug 1681007)
      + HTML <meter> is now spoken by screen readers. (Bug 1460378)
      + Firefox now sets a useful initial focus in Add-ons Manager. (Bug 580537
        )
      + Firefox will now fire a name/description change event when
        aria-labelledby/describedby content changes. (Bug 493683)
  * Various security fixes.

Changed

  * To prevent user data loss when filling out forms, we've disabled the
    Backspace key as a navigation shortcut for the back navigation button. To
    re-enable the Backspace keyboard shortcut, you can change the about:config
    preference browser.backspace_action to 0. You can also use the recommended
    Alt + Left arrow (Command + Left arrow on Mac) shortcut instead.
    Firefox keyboard shortcuts

  * We've removed items from the Library menu that weren't used often or have
    other access points in the browser: Synced tabs, Recent highlights, and
    Pocket list.

  * We've simplified the Help menu by reducing redundant items, such as those
    that point to Firefox support pages that can also be accessed via the Get
    Help item.

Enterprise

  * Various bug fixes and new policies have been implemented in the latest
    version of Firefox. You can see more details in the Firefox for Enterprise
    87 Release Notes.

Developer

  * Developer Information
  * We've greatly simplified the Web Developer menu. Go to Application Menu >
    Web Developer > Web Developer Tools to access Inspector, Web Console,
    Debugger, Network Style Error, Performance, Storage Inspector,
    Accessibility, and Application

  * Developers can now use the Page Inspector to simulate prefers-color-scheme
    media queries, without having to change the operating system to light or
    dark mode.

  * Developers can now use the Page Inspector to toggle the :target
    pseudo-class for the currently selected element in addition to the
    pseudo-classes that were previously supported: :hover, :active and :focus,
    :focus-within, :focus-visible, and :visited.

  * There is a number of Page Inspector improvements and bug fixes related to
    inactive CSS rules:

      + The table-layout property is now marked as inactive for non-table
        elements.
      + The scroll-padding properties (shorthand and longhand) are now marked
        as inactive for non-scrollable elements.
      + The text-overflow property was previously incorrectly marked as
        inactive for some overflow values.

Securiy fixes:
#CVE-2021-23981: Texture upload into an unbound backing buffer resulted in an
 out-of-bound read
#CVE-2021-23982: Internal network hosts could have been probed by a malicious
 webpage
#CVE-2021-23983: Transitions for invalid ::marker properties resulted in memory
 corruption
#CVE-2021-23984: Malicious extensions could have spoofed popup information
#CVE-2021-23985: Devtools remote debugging feature could have been enabled
 without indication to the user
#CVE-2021-23986: A malicious extension could have performed credential-less
 same origin policy violations
#CVE-2021-23987: Memory safety bugs fixed in Firefox 87 and Firefox ESR 78.9
#CVE-2021-23988: Memory safety bugs fixed in Firefox 87
   2021-03-12 15:11:47 by Ryo ONODERA | Files touched by this commit (2) | Package updated
Log message:
firefox: Update to 86.0.1

Changelog:
86.0.1
Firefox Release

March 11, 2021

Version 86.0.1, first offered to Release channel users on March 11, 2021
-------------------------------------------------------------------------------
#

Fixed

  * Fixed an issue on Apple Silicon machines that caused Firefox to be
    unresponsive after system sleep (bug 1682713)

  * Fixed an issue causing windows to gain or lose focus unexpectedly (bug
    1694927)

  * Fixed truncation of date and time widgets due to incorrect width
    calculation (bug 1695578)

  * Fixed an issue causing unexpected behavior with extensions managing tab
    groups (bug 1694699)

  * Fixed a frequent Linux crash on browser launch (bug 1694670)
   2021-03-09 04:50:25 by Ryo ONODERA | Files touched by this commit (2)
Log message:
firefox: Remove workaround for strange devel/nss installation
   2021-02-23 19:28:30 by Izumi Tsutsui | Files touched by this commit (1)
Log message:
firefox: 86.0 requires cbindgen>=0.16.0 and nss>=3.61.
   2021-02-23 18:02:05 by Ryo ONODERA | Files touched by this commit (5) | Package updated
Log message:
firefox: Update to 86.0

Changelog:
New

  * Firefox now supports simultaneously watching multiple videos in
    Picture-in-Picture.

  * Today, Firefox introduces Total Cookie Protection to Strict Mode. In Total
    Cookie Protection, every website gets its own "cookie jar," preventing
    cookies from being used to track you from site to site.

  * We've improved our Print functionality with a cleaner design and better
    integration with your computer's printer settings.

  * For Firefox users in Canada, credit card management and auto-fill are now
    enabled.

  * Notable performance and stability improvements are achieved by moving
    canvas drawing and WebGL drawing to the GPU process.

Fixed

  * Reader mode now works with local HTML pages.

  * Using screen reader quick navigation to move to editable text controls no
    longer incorrectly reaches non-editable cells in some grids such as on
    messenger.com.

  * The Orca screen reader's mouse review feature now works correctly after
    switching tabs in Firefox.

  * Screen readers no longer report column headers incorrectly in tables
    containing cells spanning multiple columns.

  * Links in Reader View now have more color contrast.

  * Various security fixes.

Changed

  * On Linux and Android, the protection to mitigate the stack clash attack has
    been activated.

  * From Firefox 86 onward, DTLS 1.0 is no longer supported for establishing
    WebRTC's PeerConnections. All WebRTC services need to support DTLS 1.2 from
    now on as the minimum version.

  * Consolidated all video decoding in the new RDD process which results in a
    more secure Firefox.

Enterprise

  * Various bug fixes and new policies have been implemented in the latest
    version of Firefox. You can see more details in the Firefox for Enterprise
    86 Release Notes.

Developer

  * Developer Information
  * CSS image-set() function in CSS is now enabled, allowing for responsive
    images in CSS.

  * Inactive CSS tool is now showing a warning when margin or padding is set on
    internal table elements.
    Inactive CSS screenshot

  * Developer Tools Toolbox is now showing a number of errors on the current
    page. This is a quick way to surface information to a developer that
    something is wrong with their page. Clicking on the red exclamation icon
    navigates the user to the Console panel.
    Develeoper tools: screenshot of number of errors

Security fixes:
#CVE-2021-23969: Content Security Policy violation report could have contained
the destination of a redirect
#CVE-2021-23970: Multithreaded WASM triggered assertions validating separation
of script domains
#CVE-2021-23968: Content Security Policy violation report could have contained
the destination of a redirect
#CVE-2021-23974: noscript elements could have led to an HTML Sanitizer bypass
#CVE-2021-23971: A website's Referrer-Policy could have been be overridden,
potentially resulting in the full URL being sent as a Referrer
#CVE-2021-23976: Local spoofing of web manifests for arbitrary pages in Firefox
for Android
#CVE-2021-23977: Malicious application could read sensitive data from Firefox
for Android's application directories
#CVE-2021-23972: HTTP Auth phishing warning was omitted when a redirect is
cached
#CVE-2021-23975: about:memory Measure function caused an incorrect pointer
operation
#CVE-2021-23973: MediaError message property could have leaked information
about cross-origin resources
#CVE-2021-23978: Memory safety bugs fixed in Firefox 86 and Firefox ESR 78.8
#CVE-2021-23979: Memory safety bugs fixed in Firefox 86
   2021-02-10 13:25:05 by Ryo ONODERA | Files touched by this commit (2) | Package updated
Log message:
firefox: Update to 85.0.2

Changelog:
    Fixed a deadlock during startup (bug 1679933)
   2021-02-07 07:30:42 by Ryo ONODERA | Files touched by this commit (357)
Log message:
*: Recursive revbump from audio/pulseaudio-14.2.nb1