head 1.2; access; symbols pkgsrc-2016Q1:1.1.0.10 pkgsrc-2016Q1-base:1.1 pkgsrc-2015Q4:1.1.0.8 pkgsrc-2015Q4-base:1.1 pkgsrc-2015Q3:1.1.0.6 pkgsrc-2015Q3-base:1.1 pkgsrc-2015Q2:1.1.0.4 pkgsrc-2015Q2-base:1.1 pkgsrc-2015Q1:1.1.0.2 pkgsrc-2015Q1-base:1.1; locks; strict; comment @// @; 1.2 date 2016.04.27.16.22.40; author ryoon; state dead; branches; next 1.1; commitid u2rwBznaaKPcDh4z; 1.1 date 2015.02.28.04.30.55; author ryoon; state Exp; branches 1.1.10.1; next ; commitid Y4EEeVfm51r1kJby; 1.1.10.1 date 2016.05.19.12.56.31; author bsiegert; state dead; branches; next ; commitid 53h9eCcjRRHEM57z; desc @@ 1.2 log @Update to 46.0 * Drop buildlink to gstreamer1 Changelog: New Improved security of the JavaScript Just In Time (JIT) Compiler GTK3 integration (GNU/Linux only) Fixed Correct rendering for scaled SVGs that use a clip and a mask Various security fixes Screen reader behavior with blank spaces in Google Docs corrected Changed WebRTC fixes to improve performance and stability Developer Display dominator trees in Memory tool Allocation and garbage collection pause profiling in the performance panel Launch responsive mode from the Style Editor @@media sidebar HTML5 Added support for document.elementsFromPoint Added HKDF support for Web Crypto API Fixed in Firefox 46 2016-48 Firefox Health Reports could accept events from untrusted domains 2016-47 Write to invalid HashMap entry through JavaScript.watch() 2016-46 Elevation of privilege with chrome.tabs.update API in web extensions 2016-45 CSP not applied to pages sent with multipart/x-mixed-replace 2016-44 Buffer overflow in libstagefright with CENC offsets 2016-43 Disclosure of user actions through JavaScript with motion and orientation sensors 2016-42 Use-after-free and buffer overflow in Service Workers 2016-41 Content provider permission bypass allows malicious application to access data 2016-40 Privilege escalation through file deletion by Maintenance Service updater 2016-39 Miscellaneous memory safety hazards (rv:46.0 / rv:45.1 / rv:38.8) @ text @$NetBSD: patch-dom_media_gstreamer_GStreamerAllocator.cpp,v 1.1 2015/02/28 04:30:55 ryoon Exp $ --- dom/media/gstreamer/GStreamerAllocator.cpp.orig 2015-02-17 21:40:44.000000000 +0000 +++ dom/media/gstreamer/GStreamerAllocator.cpp @@@@ -51,7 +51,6 @@@@ typedef struct #pragma GCC diagnostic ignored "-Wunused-function" G_DEFINE_TYPE(MozGfxMemoryAllocator, moz_gfx_memory_allocator, GST_TYPE_ALLOCATOR); G_DEFINE_TYPE(MozGfxBufferPool, moz_gfx_buffer_pool, GST_TYPE_VIDEO_BUFFER_POOL); -#pragma GCC diagnostic pop void moz_gfx_memory_reset(MozGfxMemory *mem) @ 1.1 log @Update to 36.0 Changelog: New Pinned tiles on the new tab page can be synced New Support for the full HTTP/2 protocol. HTTP/2 enables a faster, more scalable, and more responsive web. New Locale added: Uzbek (uz) Changed -remote option removed Changed No longer accept insecure RC4 ciphers whenever possible Changed Phasing out Certificates with 1024-bit RSA Keys Changed Shut down hangs will now show the crash reporter before exiting the program Changed Add-on Compatibility HTML5 Support for the ECMAScript 6 Symbol data type added HTML5 unicode-range CSS descriptor implemented HTML5 CSSOM-View scroll behavior implemented allowing smooth scrolling of content without custom libraries HTML5 object-fit and object-position implemented. Defines how and where the content of a replaced element is displayed HTML5 isolation CSS property implemented. Create a new stacking context to isolate groups of boxes to control which blend together HTML5 CSS3 will-change property implemented. Hints the browser of elements that will be modified. The browser will perform some performance optimization for these HTML5 Changed JavaScript 'const' semantics to conform better to the ES6 specification. The const declaration is now block-scoped and requires an initializer. It also can not be redeclared anymore. HTML5 Improved ES6 generators for better performance Developer Eval sources now appear in the Debugger Debug JavaScript code that is evaluated dynamically, either as a string passed to eval() or as a string passed to the Function constructor Developer DOM Promises inspection Developer Inspector: More paste options in markup view Fixed CSS gradients work on premultiplied colors Fixed Fix some unexpected logout from Facebook or Google after restart Fixed Various security fixes Fixed in Firefox 36 2015-27 Caja Compiler JavaScript sandbox bypass 2015-26 UI Tour whitelisted sites in background tab can spoof foreground tabs 2015-25 Local files or privileged URLs in pages can be opened into new tabs 2015-24 Reading of local files through manipulation of form autocomplete 2015-23 Use-after-free in Developer Console date with OpenType Sanitiser 2015-22 Crash using DrawTarget in Cairo graphics library 2015-21 Buffer underflow during MP3 playback 2015-20 Buffer overflow during CSS restyling 2015-19 Out-of-bounds read and write while rendering SVG content 2015-18 Double-free when using non-default memory allocators with a zero-length XHR 2015-17 Buffer overflow in libstagefright during MP4 video playback 2015-16 Use-after-free in IndexedDB 2015-15 TLS TURN and STUN connections silently fail to simple TCP connections 2015-14 Malicious WebGL content crash when writing strings 2015-13 Appended period to hostnames can bypass HPKP and HSTS protections 2015-12 Invoking Mozilla updater will load locally stored DLL files 2015-11 Miscellaneous memory safety hazards (rv:36.0 / rv:31.5) @ text @d1 1 a1 1 $NetBSD$ @ 1.1.10.1 log @Pullup ticket #5015 - requested by sevan www/firefox: security fix Revisions pulled up: - www/firefox/Makefile 1.249-1.250 - www/firefox/PLIST 1.105-1.106 - www/firefox/distinfo 1.242-1.243 - www/firefox/mozilla-common.mk 1.73 - www/firefox/patches/patch-aa 1.45 - www/firefox/patches/patch-config_external_moz.build 1.11 - www/firefox/patches/patch-config_system-headers 1.18 - www/firefox/patches/patch-dom_media_gstreamer_GStreamerAllocator.cpp deleted - www/firefox/patches/patch-dom_media_moz.build 1.3 - www/firefox/patches/patch-gfx_skia_generate__mozbuild.py 1.4 - www/firefox/patches/patch-gfx_skia_moz.build 1.11 - www/firefox/patches/patch-gfx_skia_skia_src_core_SkUtilsArm.cpp 1.2 - www/firefox/patches/patch-gfx_skia_skia_src_opts_SkBitmapProcState__opts__arm.cpp deleted - www/firefox/patches/patch-gfx_skia_skia_src_opts_memset.arm.S deleted - www/firefox/patches/patch-gfx_thebes_moz.build 1.3 - www/firefox/patches/patch-media_libcubeb_src_cubeb.c 1.3 - www/firefox/patches/patch-media_libcubeb_src_cubeb__alsa.c 1.14 - www/firefox/patches/patch-media_libcubeb_src_moz.build 1.7 - www/firefox/patches/patch-media_libtheora_moz.build 1.5 - www/firefox/patches/patch-pb deleted - www/firefox/patches/patch-pc deleted - www/firefox/patches/patch-toolkit_library_moz.build 1.5 - www/firefox/patches/patch-xpcom_reflect_xptcall_md_unix_moz.build 1.5 --- Module Name: pkgsrc Committed By: ryoon Date: Wed Apr 13 20:37:33 UTC 2016 Modified Files: pkgsrc/www/firefox: Makefile PLIST distinfo Log Message: Update to 45.0.2 Changelog: Fixed: Fix an issue impacting the cookie header when third-party cookies are blocked (1257861) Fix a web compatibility regression impacting the srcset attribute of the image tag (1259482) Fix a regression with the copy and paste with some old versions of some Gecko applications like Thunderbird (1254980) Fix a crash impacting the video playback with Media Source Extension (1258562) Fix a regression impacting some specific uploads (1255735) --- Module Name: pkgsrc Committed By: ryoon Date: Wed Apr 27 16:22:40 UTC 2016 Modified Files: pkgsrc/www/firefox: Makefile PLIST distinfo mozilla-common.mk pkgsrc/www/firefox/patches: patch-aa patch-config_external_moz.build patch-config_system-headers patch-dom_media_moz.build patch-gfx_skia_generate__mozbuild.py patch-gfx_skia_moz.build patch-gfx_skia_skia_src_core_SkUtilsArm.cpp patch-gfx_thebes_moz.build patch-media_libcubeb_src_cubeb.c patch-media_libcubeb_src_cubeb__alsa.c patch-media_libcubeb_src_moz.build patch-media_libtheora_moz.build patch-toolkit_library_moz.build patch-xpcom_reflect_xptcall_md_unix_moz.build Removed Files: pkgsrc/www/firefox/patches: patch-dom_media_gstreamer_GStreamerAllocator.cpp patch-gfx_skia_skia_src_opts_SkBitmapProcState__opts__arm.cpp patch-gfx_skia_skia_src_opts_memset.arm.S patch-pb patch-pc Log Message: Update to 46.0 * Drop buildlink to gstreamer1 Changelog: New Improved security of the JavaScript Just In Time (JIT) Compiler GTK3 integration (GNU/Linux only) Fixed Correct rendering for scaled SVGs that use a clip and a mask Various security fixes Screen reader behavior with blank spaces in Google Docs corrected Changed WebRTC fixes to improve performance and stability Developer Display dominator trees in Memory tool Allocation and garbage collection pause profiling in the performance panel Launch responsive mode from the Style Editor @@media sidebar HTML5 Added support for document.elementsFromPoint Added HKDF support for Web Crypto API Fixed in Firefox 46 2016-48 Firefox Health Reports could accept events from untrusted domains 2016-47 Write to invalid HashMap entry through JavaScript.watch() 2016-46 Elevation of privilege with chrome.tabs.update API in web extensions 2016-45 CSP not applied to pages sent with multipart/x-mixed-replace 2016-44 Buffer overflow in libstagefright with CENC offsets 2016-43 Disclosure of user actions through JavaScript with motion and orientation sensors 2016-42 Use-after-free and buffer overflow in Service Workers 2016-41 Content provider permission bypass allows malicious application to access data 2016-40 Privilege escalation through file deletion by Maintenance Service updater 2016-39 Miscellaneous memory safety hazards (rv:46.0 / rv:45.1 / rv:38.8) @ text @d1 1 a1 1 $NetBSD: patch-dom_media_gstreamer_GStreamerAllocator.cpp,v 1.1 2015/02/28 04:30:55 ryoon Exp $ @