pkgsrc.se | The NetBSD package collection

./www/firefox115, Web browser with support for extensions (version 115ESR)

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 115.18.0, Package name: firefox115-115.18.0, Maintainer: ryoon

Mozilla Firefox is a free, open-source and cross-platform web browser
for Windows, Linux, MacOS X and many other operating systems.

It is fast and easy to use, and offers many advantages over other web
browsers, such as tabbed browsing and the ability to block pop-up
windows.

Firefox also offers excellent bookmark and history management, and it
can be extended by developers using industry standards such as XML,
CSS, JavaScript, C++, etc. Many extensions are available.

Note: Due to upstream's trademark policies, this package identifies as
"Nightly" rather than "Firefox" by default.

This package provides Firefox 115 Extended Support Release.

Package options: sunaudio, webrtc

Master sites: (Expand)

Filesize: 497869.492 KB

Version history: (Expand)

(2024-11-26) Updated to version: firefox115-115.18.0
(2024-11-17) Updated to version: firefox115-115.17.0nb2
(2024-11-15) Updated to version: firefox115-115.17.0nb1
(2024-11-08) Updated to version: firefox115-115.17.0
(2024-11-01) Updated to version: firefox115-115.16.1nb3
(2024-11-01) Updated to version: firefox115-115.16.1nb2

CVS history: (Expand)

2024-11-26 20:11:54 by Benny Siegert | Files touched by this commit (2) | Package updated

Log message:
firefox115: update to 115.18.0

Security Vulnerabilities fixed in Firefox ESR 115.18

#CVE-2024-11691: Out-of-bounds write in Apple GPU drivers via WebGL

Impact: high

Certain WebGL operations on Apple silicon M series devices could have lead to
an out-of-bounds write and memory corruption due to a flaw in Apple's GPU
driver.
This bug only affected the application on Apple M series hardware. Other
platforms were unaffected.

#CVE-2024-11694: CSP Bypass and XSS Exposure via Web Compatibility Shims

Impact: moderate

Enhanced Tracking Protection's Strict mode may have inadvertently allowed a CSP
frame-src bypass and DOM-based XSS through the Google SafeFrame shim in the Web
Compatibility extension. This issue could have exposed users to malicious
frames masquerading as legitimate content.

2024-11-17 08:17:06 by Thomas Klausner | Files touched by this commit (944)

Log message:
*: recursive bump for default-on option of at-spi2-core

2024-11-14 23:22:33 by Thomas Klausner | Files touched by this commit (2429)

Log message:
*: recursive bump for icu 76 shlib major version bump

2024-11-14 00:41:15 by Thomas Klausner | Files touched by this commit (1)

Log message:
firefox115: mark as not for Python 3.13

2024-11-08 03:15:10 by David H. Gutteridge | Files touched by this commit (2) | Package updated

Log message:
firefox115: update to 115.17.0

Mozilla Foundation Security Advisory 2024-57
Security Vulnerabilities fixed in Firefox ESR 115.17

CVE-2024-10458: Permission leak via embed or object elements
CVE-2024-10459: Use-after-free in layout with accessibility
CVE-2024-10463: Cross origin video frame leak

2024-11-01 13:55:19 by Thomas Klausner | Files touched by this commit (2426)

Log message:
*: revbump for icu downgrade

2024-11-01 01:54:33 by Thomas Klausner | Files touched by this commit (2427)

Log message:
*: recursive bump for icu 76.1 shlib bump

2024-10-10 04:45:22 by David H. Gutteridge | Files touched by this commit (2) | Package updated

Log message:
firefox115: update to 115.16.1

* Fixes for mfsa2024-51, also known as CVE-2024-9680.