head	1.3;
access;
symbols;
locks; strict;
comment	@# @;


1.3
date	2023.06.14.16.22.18;	author ryoon;	state dead;
branches;
next	1.2;
commitid	adeI2K7tyj3zVVsE;

1.2
date	2023.06.04.09.26.35;	author ryoon;	state Exp;
branches;
next	1.1;
commitid	Ch6cdqZaSEfLWBrE;

1.1
date	2023.04.28.18.56.22;	author maya;	state Exp;
branches;
next	;
commitid	kGNZtv7rhyWUhUmE;


desc
@@


1.3
log
@firefox: Update to 114.0.1

* mprotect support for firefox and firefox-bin is insufficient now.

Changelog:
114.0.1

Fixed

  * Fix a startup crash (bug 1837201).

114.0

New

  * Added UI to manage the DNS over HTTPS exception list.

  * Bookmarks can now be searched from the Bookmarks menu. The Bookmarks menu
    is accessible by adding the Bookmarks menu button to the toolbar.

  * Restrict searches to your local browsing history by selecting Search
    history from the History, Library or Application menu buttons.

  * Mac users can now capture video from their cameras in all supported native
    resolutions. This enables resolutions higher than 1280x720.

  * It is now possible to reorder the extensions listed in the extensions
    panel.

  * Users on macOS, Linux, and Windows 7 can now use FIDO2 / WebAuthn
    authenticators over USB. Some advanced features, such as fully passwordless
    logins, require a PIN to be set on the authenticator.

  * Pocket Recommended content can now be seen in France, Italy, and Spain.

Fixed

  * Various security fixes.

Changed

  * DNS over HTTPS settings are now part of the Privacy & Security section of
    the Settings page and allow the user to choose from all the supported
    modes.

Enterprise

  * You can find information about policy updates and enterprise specific bug
    fixes in the Firefox for Enterprise 114 Release Notes.

Developer

  * Developer Information
  * The Copy as cURL feature, available in the Network panel, has been
    enhanced. It now supports the --compressed argument.

  * The Accessibility Inspector has been improved to accurately recognize all
    the ARIA roles like banner, main, navigation, and contentinfo, etc. This
    enhancement is particularly beneficial for web developers working with ARIA
    roles to improve web accessibility.

  * Firefox now provides support for the CSS Cascading Level 4 supports()
    syntax for @@import rules. This allows for the importation of other
    stylesheets based on support-dependency. In addition, the Inspector panel
    now accurately displays the conditions at the top of the imported rule.

    developer tools screenshot of the new @@import syntax rule

Web Platform

  * DOM: Added support for ES Modules on DedicatedWorker and SharedWorker

  * WebTransport is now enabled by default and will be going to release with
    114. As the original Explainer notes, it enables multiple use-cases that
    are hard or impossible to handle without it, especially for Gaming and live
    streaming. It covers cases that are problematic for alternative mechanisms,
    such as WebSockets.

    Built on top of HTTP3 (HTTP2 support will be coming later). The current
    implementation in Firefox is passing 505 out of 565 Web-Platform Tests.

  * CSS: The infinity and NaN constants are now supported inside the calc()
    function.

Security fixes
#CVE-2023-34414: Click-jacking certificate exceptions through rendering lag
#CVE-2023-34415: Site-isolation bypass on sites that allow open redirects to
 data: urls
#CVE-2023-34416: Memory safety bugs fixed in Firefox 114 and Firefox ESR 102.12
#CVE-2023-34417: Memory safety bugs fixed in Firefox 114
@
text
@$NetBSD: patch-Cargo.lock,v 1.2 2023/06/04 09:26:35 ryoon Exp $

Enable patching authenticator-rs

--- Cargo.lock.orig	2023-04-27 21:16:08.000000000 +0000
+++ Cargo.lock
@@@@ -321,8 +321,6 @@@@ dependencies = [
 [[package]]
 name = "authenticator"
 version = "0.4.0-alpha.11"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e73e25e6ae754b553f930c48af8f0e5ca71e641c419151e95bafd5644ff6e21b"
 dependencies = [
  "base64",
  "bitflags 1.3.2",
@


1.2
log
@firefox: Update to 113.0.2

* Not tested under NetBSD/i386 and 9 for this commit. If you find problems,
  please report your failure to me.
* Disable WebGL for a while to avoid runtime errors under NetBSD.
* Do not pass '-j1 -j1' to cargo when MAKE_JOBS=1.
* Do not restrict cargo to unconditional -j1.
* Use ffmpeg6 instead of ffmpeg5.

Changelog:
113.0.2

Fixed

  * Fixed an issue which caused Picture-in-Picture windows to not be snappable
    on Windows 11 or on systems with the FancyZones PowerToy installed (bug
    1832331)

  * Fixed a video playback crash on some Windows systems with Intel graphics (
    bug 1831329)

  * Fixed a bug which could cause Firefox to freeze on some pages when loading
    them with the Developer Tools Web Console open (bug 1828026)

  * Fixed a bug which would cause the bookmarks and history sidebars to not
    properly react to the browser window being vertically resized (bug 1831535)

113.0.1

Fixed

  * Fixed incorrect colors for Windows users with installed monitor/display
    color profiles, particularly on wide gamut displays (bug 1832215)

  * Fixed borders being visible around fullscreen windows for some
    configurations (bug 1830721)

  * Fixed an issue which may cause users in some configurations to experience
    tearing when watching videos in fullscreen mode (bug 1830792)

113.0

New

  * Say hello to enhanced Picture-in-Picture! Rewind, check video duration, and
    effortlessly switch to full-screen mode on the web's most popular video
    websites.

  * Firefox's address bar is already a great place to search for what you're
    looking for. Now you'll always be able to see your web search terms and
    refine them while viewing your search's results - no additional scrolling
    needed! Also, a new result menu has been added making it easier to remove
    history results and dismiss sponsored Firefox Suggest entries.
    Image demonstrating search terms persisting in the address bar after
    hitting Enter for easier editing

  * Private windows now protect users even better by blocking third-party
    cookies and storage of content trackers.

  * Passwords automatically generated by Firefox now include special
    characters, giving users more secure passwords by default.

  * Firefox 113 introduces a redesigned accessibility engine which
    significantly improves the speed, responsiveness, and stability of Firefox
    when used with:

      + Screen readers, as well as certain other accessibility software;
      + East Asian input methods;
      + Enterprise single sign-on software; and
      + Other applications which use accessibility frameworks to access
        information.
  * Importing bookmarks from Safari or a Chrome-based browser? The favicons for
    those bookmarks will now also be imported by default to make them easier to
    identify.

  * Firefox 113 now supports AV1 Image Format files containing animations
    (AVIS), improving support for AVIF images across the web.

  * The Windows GPU sandbox first shipped in the Firefox 110 release has been
    tightened to enhance the security benefits it provides.

  * A 13-year-old feature request was fulfilled and Firefox now supports files
    being drag-and-dropped directly from Microsoft Outlook. A special thanks to
    volunteer contributor Marco Spiess for helping to get this across the
    finish line!

  * Users on macOS can now access the Services sub-menu directly from Firefox
    context menus.

  * On Windows, the elastic overscroll effect has been enabled by default. When
    two-finger scrolling on the touchpad or scrolling on the touchscreen, you
    will now see a bouncing animation when scrolling past the edge of a scroll
    container.

  * Firefox is now available in the Tajik (tg) language.

Fixed

  * Various security fixes.

Changed

  * The long-deprecated mozRTCPeerConnection, mozRTCIceCandidate, and
    mozRTCSessionDescription WebRTC interfaces have been removed. Sites should
    utilize the non-prefixed versions instead.

Security fixes:
#CVE-2023-32205: Browser prompts could have been obscured by popups
#CVE-2023-32206: Crash in RLBox Expat driver
#CVE-2023-32207: Potential permissions request bypass via clickjacking
#CVE-2023-32208: Leak of script base URL in service workers via import()
#CVE-2023-32209: Persistent DoS via favicon image
#CVE-2023-32210: Incorrect principal object ordering
#CVE-2023-32211: Content process crash due to invalid wasm code
#CVE-2023-32212: Potential spoof due to obscured address bar
#CVE-2023-32213: Potential memory corruption in FileReader::DoReadData()
#MFSA-TMP-2023-0002: Race condition in dav1d decoding
#CVE-2023-32214: Potential DoS via exposed protocol handlers
#CVE-2023-32215: Memory safety bugs fixed in Firefox 113 and Firefox ESR 102.11
#CVE-2023-32216: Memory safety bugs fixed in Firefox 113
@
text
@d1 1
a1 1
$NetBSD: patch-Cargo.lock,v 1.1 2023/04/28 18:56:22 maya Exp $
@


1.1
log
@firefox: fix webauthn support on netbsd with patch committed upstream

PKGREVISION++
@
text
@d1 1
a1 1
$NetBSD$
d5 1
a5 1
--- Cargo.lock.orig	2023-04-14 16:27:56.000000000 +0000
d7 1
a7 1
@@@@ -380,8 +380,6 @@@@ dependencies = [
d10 1
a10 1
 version = "0.4.0-alpha.10"
d12 1
a12 1
-checksum = "2238116278e3a069a5148ce1efaa73d750a0d7341e011235a0ddb3e7079cb1be"
d15 1
a15 1
  "bitflags",
@