Navigation:
Browse pkgsrc
(this page)
www firefox
CVSweb ] [ 
Homepage ] [ 
RSS ] [ 
Required by ] [ 
Add to tracker ]| 2025-02-26 17:05:08 by Ryo ONODERA | Files touched by this commit (2) |
Log message:
www/firefox: Update to 135.0.1
Changelog:
135.0.1:
Fixed
* Fixed drop-down menus being unusable on some sites relying on certain
mousemove event behavior. (Bug 1944191)
* Fixed scrolling to the wrong location with anchor tags in some situations.
(Bug 1946899)
* Fixed being unable to restore closed windows and tabs via the History menu
when upgrading from an older Firefox version. (Bug 1947503)
* Fixed broken search functionality when updating to Firefox 135 with a
custom search engine with an overly-large icon installed. (Bug 1946156)
* Security fix.
Security fixes:
Mozilla Foundation Security Advisory 2025-12
#CVE-2025-1414: Memory safety bugs fixed in Firefox 135.0.1
|
| 2025-02-12 07:45:45 by Ryo ONODERA | Files touched by this commit (850) |
Log message: *: Recursive revbump from audio/flac-1.5.0 |
2025-02-06 04:11:29 by Ryo ONODERA | Files touched by this commit (6) |  |
Log message:
www/firefox: Update to 135.0
Changelog:
135.0:
New
* Firefox Translations now supports more languages than ever! Pages in
Simplified Chinese, Japanese, and Korean can now be translated and Russian
is now available as a target language for translating into.
* The credit card autofill feature is now being gradually rolled out to all
users globally.
This feature is part of a progressive roll out.
* AI Chatbot access is now being gradually rolled out to all users. To use
this optional feature, choose AI Chatbot from the sidebar or from Firefox
Labs. Then, complete the provider selection to see the chat interface
become available on the sidebar.
This feature is part of a progressive roll out.
* Firefox now enforces certificate transparency, requiring web servers to
provide sufficient proof that their certificates were publicly disclosed
before they will be trusted. This only affects servers using certificates
issued by a certificate authority in Mozilla's Root CA Program.
* Additionally, the CRLite certificate revocation checking mechanism is also
being gradually rolled out, substantially improving the performance of
these checks.
This feature is part of a progressive roll out.
* Firefox now includes safeguards to prevent sites from abusing the history
API by generating excessive history entries, which can make navigating with
the back and forward buttons difficult by cluttering the history. This
intervention ensures that such entries, unless interacted with by the user,
are skipped when using the back and forward buttons.
* Users on macOS and Linux are now given the option to close only the current
tab if the Quit keyboard shortcut is used while multiple tabs are open in
the window.
Fixed
* Made improvements to the Translations feature which will reduce the
likelihood that models will invent new, made-up words under some
circumstances.
* Various security fixes.
Changed
* The refreshed New Tab layout previously rolled out in Firefox 134 to users
in the United States is now being made available in all countries where
Stories are available. It features a repositioned logo to prioritize Web
Search, Shortcuts, and Recommended Stories at the top. The update also
includes changes to the card UI for recommended stories and allows users
with larger screens to see up to four columns for better use of space.
Screenshot of the updated New Tab page
This feature is part of a progressive roll out.
* The "Do Not Track" checkbox has been removed from preferences. If you
wish to ask websites to respect your privacy, you can use the "Tell
websites not to sell or share my data" setting instead. This option is
built on top of the Global Privacy Control (GPC).
* The "Copy Without Site Tracking" menu item was renamed to \
"Copy Clean Link"
to help clarify expectations around what the feature does. "Copy Clean
Link" is a list based approach to remove known tracking parameters from
links. This option can also now be used on plain text links.
* Linux binaries are now provided in XZ format, replacing the previous BZ2
format, offering faster unpacking and smaller file sizes.
Security fixes:
Mozilla Foundation Security Advisory 2025-07
#CVE-2025-1009: Use-after-free in XSLT
#CVE-2025-1010: Use-after-free in Custom Highlight
#CVE-2025-1018: Fullscreen notification is not displayed when fullscreen is
re-requested
#CVE-2025-1011: A bug in WebAssembly code generation could result in a crash
#CVE-2025-1012: Use-after-free during concurrent delazification
#CVE-2025-1019: Fullscreen notification not properly displayed
#CVE-2025-1013: Potential opening of private browsing tabs in normal browsing
windows
#CVE-2025-1014: Certificate length was not properly checked
#CVE-2025-1016: Memory safety bugs fixed in Firefox 135, Thunderbird 135,
Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 115.20, and Thunderbird
128.7
#CVE-2025-1017: Memory safety bugs fixed in Firefox 135, Thunderbird 135,
Firefox ESR 128.7, and Thunderbird 128.7
#CVE-2025-1020: Memory safety bugs fixed in Firefox 135 and Thunderbird 135
|
| 2025-01-23 15:28:52 by Ryo ONODERA | Files touched by this commit (2) |
Log message:
www/firefox: Update to 134.0.2
Changelog:
134.0.2:
Fixed
* Fixed crash reporter not being displayed for some localized builds (Bug
1940763).
* Fixed a regression in Firefox 134 where anchored links in HTML framesets
pointing to local files did not work (Bug 1934807).
* Fixed an issue in developer tools preventing the resending of network
requests when debugging extensions (Bug 1934478).
* Fixed an issue where data consumption from service workers may unexpectedly
halt (Bug 1941210).
|
| 2025-01-19 14:49:00 by Ryo ONODERA | Files touched by this commit (2) |
Log message:
www/firefox: Update to 134.0.1
Changelog:
134.0.1:
Fixed
* Fixed UI hangs happening on YouTube and Google Docs in some situations (Bug
1939295).
* Fixed a startup crash affecting some users upgrading from Firefox 133 (Bug
1941134).
* Fixed an issue where search engines selection menus and context menus could
be broken if a user had previously reverted to an earlier version (Bug
1940533).
|
| 2025-01-17 18:24:23 by David H. Gutteridge | Files touched by this commit (1) |
Log message: firefox: 134 requires nss>=3.107 |
| 2025-01-14 14:36:15 by Ryo ONODERA | Files touched by this commit (10) | |
Log message:
www/firefox: Update to 134.0
Changelog:
134.0:
New
* Firefox now supports touchpad hold gestures on Linux. This means that
kinetic (momentum) scrolling can now be interrupted by placing two fingers
on the touchpad.
* Hardware-accelerated playback of HEVC video content is now supported on
Windows.
* Ecosia's availability has been expanded to all languages in the German
region along with Austria, Belgium, Italy, Netherlands, Spain, Sweden and
Switzerland.
Fixed
* Various security fixes.
Changed
* Firefox now follows the model HTML specification for transient user
activation more closely. This change makes popup blocking less strict in
cases where previous versions of Firefox were overly aggressive, reducing
erroneous blocking prompts.
* A refreshed New Tab layout is being rolled out to users in the US and
Canada, featuring a repositioned logo and weather widget to prioritize Web
Search, Shortcuts, and Recommended Stories at the top. The update includes
changes to the card UI for recommended stories and allows users with larger
screens to see up to four columns, making better use of space.
Currently available in: Canada, United States
[progressiv]
This feature is part of a progressive roll out.
Security fixes:
Mozilla Foundation Security Advisory 2025-01
#CVE-2025-0244: Address bar spoofing using an invalid protocol scheme on
Firefox for Android
#CVE-2025-0245: Lock screen setting bypass in Firefox Focus for Android
#CVE-2025-0246: Address bar spoofing using an invalid protocol scheme on
Firefox for Android
#CVE-2025-0237: WebChannel APIs susceptible to confused deputy attack
#CVE-2025-0238: Use-after-free when breaking lines in text
#CVE-2025-0239: Alt-Svc ALPN validation failure when redirected
#CVE-2025-0240: Compartment mismatch when parsing JavaScript JSON module
#CVE-2025-0241: Memory corruption when using JavaScript Text Segmentation
#CVE-2025-0242: Memory safety bugs fixed in Firefox 134, Thunderbird 134,
Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird
128.6
#CVE-2025-0243: Memory safety bugs fixed in Firefox 134, Thunderbird 134,
Firefox ESR 128.6, and Thunderbird 128.6
#CVE-2025-0247: Memory safety bugs fixed in Firefox 134 and Thunderbird 134
|
| 2024-12-28 04:18:27 by David H. Gutteridge | Files touched by this commit (1) |
Log message: firefox: 133 requires nss>=3.106 |
New packages: