head 1.8; access; symbols pkgsrc-2017Q4:1.7.0.8 pkgsrc-2017Q4-base:1.7 pkgsrc-2017Q3:1.7.0.6 pkgsrc-2017Q3-base:1.7 pkgsrc-2017Q2:1.7.0.2 pkgsrc-2017Q2-base:1.7 pkgsrc-2017Q1:1.6.0.8 pkgsrc-2017Q1-base:1.6 pkgsrc-2016Q4:1.6.0.6 pkgsrc-2016Q4-base:1.6 pkgsrc-2016Q3:1.6.0.4 pkgsrc-2016Q3-base:1.6 pkgsrc-2016Q2:1.6.0.2 pkgsrc-2016Q2-base:1.6 pkgsrc-2016Q1:1.5.0.16 pkgsrc-2016Q1-base:1.5 pkgsrc-2015Q4:1.5.0.14 pkgsrc-2015Q4-base:1.5 pkgsrc-2015Q3:1.5.0.12 pkgsrc-2015Q3-base:1.5 pkgsrc-2015Q2:1.5.0.10 pkgsrc-2015Q2-base:1.5 pkgsrc-2015Q1:1.5.0.8 pkgsrc-2015Q1-base:1.5 pkgsrc-2014Q4:1.5.0.6 pkgsrc-2014Q4-base:1.5 pkgsrc-2014Q3:1.5.0.4 pkgsrc-2014Q3-base:1.5 pkgsrc-2014Q2:1.5.0.2 pkgsrc-2014Q2-base:1.5 pkgsrc-2014Q1:1.3.0.2 pkgsrc-2014Q1-base:1.3 pkgsrc-2013Q4:1.1.0.4 pkgsrc-2013Q4-base:1.1 pkgsrc-2013Q3:1.1.0.2 pkgsrc-2013Q3-base:1.1; locks; strict; comment @// @; 1.8 date 2018.03.17.00.59.03; author ryoon; state dead; branches; next 1.7; commitid yheX9IRIu7EcnKuA; 1.7 date 2017.06.14.11.28.44; author ryoon; state Exp; branches 1.7.8.1; next 1.6; commitid TvqH8xBKhv2gJkVz; 1.6 date 2016.06.16.12.08.21; author ryoon; state Exp; branches; next 1.5; commitid LAwegbTYgLLjCGaz; 1.5 date 2014.05.30.10.22.06; author pho; state Exp; branches; next 1.4; commitid pujOAy5YvcBW3yCx; 1.4 date 2014.05.29.15.38.19; author pho; state Exp; branches; next 1.3; commitid xGrR6Q92PtaXQrCx; 1.3 date 2014.02.20.13.19.03; author ryoon; state Exp; branches; next 1.2; commitid T9GvdtUIEdEreQpx; 1.2 date 2014.02.08.09.36.00; author ryoon; state Exp; branches; next 1.1; commitid ggxuC0XAcatWnhox; 1.1 date 2013.07.17.11.00.13; author jperkin; state Exp; branches; next ; commitid ChOTp6rsavaYsOXw; 1.7.8.1 date 2018.03.22.06.56.21; author spz; state dead; branches; next ; commitid 8s0l4dxdhHyRbqvA; desc @@ 1.8 log @Update to 59.0.1 Changelog: 59.0.1 Security fix #CVE-2018-5146: Out of bounds memory write in libvorbis 59.0 New Performance enhancements: - Faster load times for content on the Firefox Home page - Faster page load times by loading either from the networked cache or the cache on the user's hard drive (Race Cache With Network) - Improved graphics rendering using Off-Main-Thread Painting (OMTP) for Mac users (OMTP for Windows was released in Firefox 58) Drag-and-drop to rearrange Top Sites on the Firefox Home page, and customize new windows and tabs in other ways Added features for Firefox Screenshots: - Basic annotation lets the user draw on and highlight saved screenshots - Recropping to change the viewable area of saved screenshots Enhanced WebExtensions API including better support for decentralized protocols and the ability to dynamically register content scripts Improved Real-Time Communications (RTC) capabilities. - Implemented RTP Transceiver to give pages more fine grained control over calls - Implemented features to support large scale conferences Added support for W3C specs for pointer events and improved platform integration with added device support for mouse, pen, and touch screen pointer input Added the Ecosia search engine as an option for German Firefox Added the Qwant search engine as an option for French Firefox Added settings in about:preferences to stop websites from asking to send notifications or access your device's camera, microphone, and location, while still allowing trusted websites to use these features Fixed Various security fixes Changed Firefox Private Browsing Mode will remove path information from referrers to prevent cross-site tracking Security fixes: #CVE-2018-5127: Buffer overflow manipulating SVG animatedPathSegList #CVE-2018-5128: Use-after-free manipulating editor selection ranges #CVE-2018-5129: Out-of-bounds write with malformed IPC messages #CVE-2018-5130: Mismatched RTP payload type can trigger memory corruption #CVE-2018-5131: Fetch API improperly returns cached copies of no-store/no-cache resources #CVE-2018-5132: WebExtension Find API can search privileged pages #CVE-2018-5133: Value of the app.support.baseURL preference is not properly sanitized #CVE-2018-5134: WebExtensions may use view-source: URLs to bypass content restrictions #CVE-2018-5135: WebExtension browserAction can inject scripts into unintended contexts #CVE-2018-5136: Same-origin policy violation with data: URL shared workers #CVE-2018-5137: Script content can access legacy extension non-contentaccessible resources #CVE-2018-5138: Android Custom Tab address spoofing through long domain names #CVE-2018-5140: Moz-icon images accessible to web content through moz-icon: protocol #CVE-2018-5141: DOS attack through notifications Push API #CVE-2018-5142: Media Capture and Streams API permissions display incorrect origin with data: and blob: URLs #CVE-2018-5143: Self-XSS pasting javascript: URL with embedded tab into addressbar #CVE-2018-5126: Memory safety bugs fixed in Firefox 59 #CVE-2018-5125: Memory safety bugs fixed in Firefox 59 and Firefox ESR 52.7 @ text @$NetBSD: patch-toolkit_xre_nsEmbedFunctions.cpp,v 1.7 2017/06/14 11:28:44 ryoon Exp $ * Support Solaris --- toolkit/xre/nsEmbedFunctions.cpp.orig 2017-06-05 20:45:23.000000000 +0000 +++ toolkit/xre/nsEmbedFunctions.cpp @@@@ -285,7 +285,7 @@@@ XRE_SetRemoteExceptionHandler(const char { #if defined(XP_WIN) || defined(XP_MACOSX) return CrashReporter::SetRemoteExceptionHandler(nsDependentCString(aPipe)); -#elif defined(OS_LINUX) +#elif defined(OS_LINUX) || defined(OS_SOLARIS) return CrashReporter::SetRemoteExceptionHandler(); #else # error "OOP crash reporter unsupported on this platform" @@@@ -504,7 +504,7 @@@@ XRE_InitChildProcess(int aArgc, // Bug 684322 will add better visibility into this condition NS_WARNING("Could not setup crash reporting\n"); } -# elif defined(OS_LINUX) +# elif defined(OS_LINUX) || defined(OS_SOLARIS) // on POSIX, |crashReporterArg| is "true" if crash reporting is // enabled, false otherwise if (0 != strcmp("false", crashReporterArg) && @ 1.7 log @Update to 54.0 * If your 54.0 is unstable, please disable e10s with browser.tabs.remote.autostart.2=false (this works at least for me) Changelog: New Simplified the download button and download status panel Added support for multiple content processes (e10s-multi) Added Burmese (my) locale Fixed Various security fixes Changed Moved the mobile bookmarks folder to the main bookmarks menu for easier access Security fixes: #CVE-2017-5472: Use-after-free using destroyed node when regenerating trees #CVE-2017-7749: Use-after-free during docshell reloading #CVE-2017-7750: Use-after-free with track elements #CVE-2017-7751: Use-after-free with content viewer listeners #CVE-2017-7752: Use-after-free with IME input #CVE-2017-7754: Out-of-bounds read in WebGL with ImageInfo object #CVE-2017-7755: Privilege escalation through Firefox Installer with same directory DLL files #CVE-2017-7756: Use-after-free and use-after-scope logging XHR header errors #CVE-2017-7757: Use-after-free in IndexedDB #CVE-2017-7778: Vulnerabilities in the Graphite 2 library #CVE-2017-7758: Out-of-bounds read in Opus encoder #CVE-2017-7759: Android intent URLs can cause navigation to local file system #CVE-2017-7760: File manipulation and privilege escalation via callback parameter in Mozilla Windows Updater and Maintenance Service #CVE-2017-7761: File deletion and privilege escalation through Mozilla Maintenance Service helper.exe application #CVE-2017-7762: Addressbar spoofing in Reader mode #CVE-2017-7763: Mac fonts render some unicode characters as spaces #CVE-2017-7764: Domain spoofing with combination of Canadian Syllabics and other unicode blocks #CVE-2017-7765: Mark of the Web bypass when saving executable files #CVE-2017-7766: File execution and privilege escalation through updater.ini, Mozilla Windows Updater, and Mozilla Maintenance Service #CVE-2017-7767: Privilege escalation and arbitrary file overwrites through Mozilla Windows Updater and Mozilla Maintenance Service #CVE-2017-7768: 32 byte arbitrary file read through Mozilla Maintenance Service #CVE-2017-7770: Addressbar spoofing with JavaScript events and fullscreen mode #CVE-2017-5471: Memory safety bugs fixed in Firefox 54 #CVE-2017-5470: Memory safety bugs fixed in Firefox 54 and Firefox ESR 52.2 @ text @d1 1 a1 1 $NetBSD: patch-toolkit_xre_nsEmbedFunctions.cpp,v 1.6 2016/06/16 12:08:21 ryoon Exp $ @ 1.7.8.1 log @Pullup ticket #5728 - requested by maya devel/nspr: dependency update devel/nss: dependency update www/firefox-l10n: dependent update www/firefox: security update Revisions pulled up: - devel/nspr/Makefile 1.94-1.95 - devel/nspr/distinfo 1.48-1.49 - devel/nspr/patches/patch-az deleted - devel/nspr/patches/patch-nspr_pr_include_md___pth.h 1.1 - devel/nspr/patches/patch-nspr_pr_src_pthreads_ptthread.c 1.1 - devel/nspr/patches/patch-nsprpub_pr_include_md__pth.h deleted - devel/nss/Makefile 1.146,1.148 - devel/nss/PLIST 1.24 - devel/nss/distinfo 1.81,1.83 - devel/nss/patches/patch-nss_lib_freebl_config.mk deleted - devel/nss/patches/patch-nss_lib_freebl_verified_kremlib.h deleted - www/firefox-l10n/Makefile 1.121-1.123 - www/firefox-l10n/distinfo 1.111-1.113 - www/firefox/Makefile 1.320-1.321,1.324 - www/firefox/PLIST 1.127 - www/firefox/distinfo 1.307-1.309 - www/firefox/mozilla-common.mk 1.105-1.106 - www/firefox/patches/patch-aa 1.56 - www/firefox/patches/patch-build_gyp.mozbuild 1.8 - www/firefox/patches/patch-build_moz.configure_keyfiles.configure 1.5 - www/firefox/patches/patch-build_moz.configure_memory.configure deleted - www/firefox/patches/patch-config_baseconfig.mk deleted - www/firefox/patches/patch-config_external_moz.build 1.17 - www/firefox/patches/patch-dom_media_moz.build 1.9 - www/firefox/patches/patch-gfx_skia_generate__mozbuild.py 1.8 - www/firefox/patches/patch-gfx_skia_moz.build 1.15 - www/firefox/patches/patch-gfx_thebes_moz.build 1.9 - www/firefox/patches/patch-media_libcubeb_gtest_moz.build 1.2 - www/firefox/patches/patch-media_libtheora_moz.build 1.8 - www/firefox/patches/patch-media_libvorbis_moz.build 1.4 - www/firefox/patches/patch-media_webrtc_trunk_webrtc_modules_audio__device_linux_audio__device__alsa__linux.cc 1.1 - www/firefox/patches/patch-modules_libpref_init_all.js 1.7 - www/firefox/patches/patch-modules_pdfium_update.sh 1.2 - www/firefox/patches/patch-netwerk_dns_moz.build 1.8 - www/firefox/patches/patch-netwerk_srtp_src_crypto_hash_hmac.c deleted - www/firefox/patches/patch-netwerk_srtp_src_crypto_kernel_crypto__kernel.c deleted - www/firefox/patches/patch-servo_components_style_properties_helpers_animated__properties.mako.rs deleted - www/firefox/patches/patch-third__party_rust_simd_.cargo-checksum.json 1.1 - www/firefox/patches/patch-third__party_rust_simd_src_x86_avx2.rs 1.1 - www/firefox/patches/patch-toolkit_crashreporter_google-breakpad_src_third_party_curl_curlbuild.h deleted - www/firefox/patches/patch-toolkit_moz.configure 1.10 - www/firefox/patches/patch-toolkit_xre_nsEmbedFunctions.cpp deleted - www/firefox/patches/patch-xpcom_build_BinaryPath.h 1.3-1.4 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: ryoon Date: Wed Jan 24 16:21:43 UTC 2018 Modified Files: pkgsrc/devel/nspr: Makefile distinfo Added Files: pkgsrc/devel/nspr/patches: patch-nspr_pr_include_md___pth.h patch-nspr_pr_src_pthreads_ptthread.c Removed Files: pkgsrc/devel/nspr/patches: patch-az patch-nsprpub_pr_include_md__pth.h Log Message: Update to 4.18 Changelog: NSPR 4.18 contains the following changes: - removed HP-UX DCE threads support - improvements for the Windows implementation of PR_SetCurrentThreadName - fixes for the Windows implementation of TCP Fast Open To generate a diff of this commit: cvs rdiff -u -r1.93 -r1.94 pkgsrc/devel/nspr/Makefile cvs rdiff -u -r1.47 -r1.48 pkgsrc/devel/nspr/distinfo cvs rdiff -u -r1.4 -r0 pkgsrc/devel/nspr/patches/patch-az cvs rdiff -u -r0 -r1.1 \ pkgsrc/devel/nspr/patches/patch-nspr_pr_include_md___pth.h \ pkgsrc/devel/nspr/patches/patch-nspr_pr_src_pthreads_ptthread.c cvs rdiff -u -r1.3 -r0 \ pkgsrc/devel/nspr/patches/patch-nsprpub_pr_include_md__pth.h ------------------------------------------------------------------- Module Name: pkgsrc Committed By: ryoon Date: Sat Mar 17 01:06:18 UTC 2018 Modified Files: pkgsrc/devel/nspr: Makefile distinfo Log Message: Update to 4.29 Changelog: NSPR 4.19 contains the following changes: - changed order of shutdown cleanup to avoid a crash on Mac OSX - build compatibility with Android NDK r16 and glibc 2.26 To generate a diff of this commit: cvs rdiff -u -r1.94 -r1.95 pkgsrc/devel/nspr/Makefile cvs rdiff -u -r1.48 -r1.49 pkgsrc/devel/nspr/distinfo ------------------------------------------------------------------- Module Name: pkgsrc Committed By: ryoon Date: Wed Jan 24 16:23:52 UTC 2018 Modified Files: pkgsrc/devel/nss: Makefile distinfo Removed Files: pkgsrc/devel/nss/patches: patch-nss_lib_freebl_config.mk patch-nss_lib_freebl_verified_kremlib.h Log Message: Update to 3.35 Changelog: The NSS team has released Network Security Services (NSS) 3.35, which is a minor release. Summary of the major changes included in this release: - The default database storage format has been changed to SQL, using filenames cert9.db, key4.db, pkcs11.txt. - TLS 1.3 support has been updated to draft -23, along with additional significant changes. - Support for TLS compression was removed. - Added formally verified implementations of non-vectorized Chacha20 and non-vectorized Poly1305 64-bit. - When creating encrypted PKCS#7 or PKCS#12 data, NSS uses a higher iteration count for stronger security. - The CA trust list was updated to version 2.22. To generate a diff of this commit: cvs rdiff -u -r1.145 -r1.146 pkgsrc/devel/nss/Makefile cvs rdiff -u -r1.80 -r1.81 pkgsrc/devel/nss/distinfo cvs rdiff -u -r1.2 -r0 \ pkgsrc/devel/nss/patches/patch-nss_lib_freebl_config.mk cvs rdiff -u -r1.1 -r0 \ pkgsrc/devel/nss/patches/patch-nss_lib_freebl_verified_kremlib.h ------------------------------------------------------------------- Module Name: pkgsrc Committed By: ryoon Date: Sat Mar 17 01:07:15 UTC 2018 Modified Files: pkgsrc/devel/nss: Makefile PLIST distinfo Log Message: Update to 3.36 * Require devel/nspr-4.19 Changelog: The NSS team has released Network Security Services (NSS) 3.36, which is a minor release. Summary of the major changes included in this release: - Replaced existing vectorized ChaCha20 code with verified HACL* implementation. - Experimental APIs for TLS session cache handling. To generate a diff of this commit: cvs rdiff -u -r1.147 -r1.148 pkgsrc/devel/nss/Makefile cvs rdiff -u -r1.23 -r1.24 pkgsrc/devel/nss/PLIST cvs rdiff -u -r1.82 -r1.83 pkgsrc/devel/nss/distinfo ------------------------------------------------------------------- Module Name: pkgsrc Committed By: ryoon Date: Wed Jan 31 14:02:18 UTC 2018 Modified Files: pkgsrc/www/firefox: Makefile distinfo Added Files: pkgsrc/www/firefox/patches: patch-xpcom_build_BinaryPath.h Log Message: Update to 58.0.1 * Fix build under netbsd-7, PR pkg/52956 Changelog: Fix Mozilla Foundation Security Advisory 2018-05: Arbitrary code execution through unsanitized browser UI When using certain non-default security policies on Windows (for example with Windows Defender Exploit Protection or Webroot security products), Firefox 58.0 would fail to load pages (bug 1433065). To generate a diff of this commit: cvs rdiff -u -r1.319 -r1.320 pkgsrc/www/firefox/Makefile cvs rdiff -u -r1.306 -r1.307 pkgsrc/www/firefox/distinfo cvs rdiff -u -r0 -r1.3 \ pkgsrc/www/firefox/patches/patch-xpcom_build_BinaryPath.h ------------------------------------------------------------------- Module Name: pkgsrc Committed By: ryoon Date: Sat Feb 10 07:02:47 UTC 2018 Modified Files: pkgsrc/www/firefox: Makefile distinfo mozilla-common.mk pkgsrc/www/firefox/patches: patch-xpcom_build_BinaryPath.h Log Message: Update to 58.0.2 * Fix segfault on netbsd-7 Changelog: Fix Avoid a signature validation issue during update on macOS Blocklisted graphics drivers related to off main thread painting crashes Tab crash during printing Fix clicking links and scrolling emails on Microsoft Hotmail and Outlook (OWA) webmail To generate a diff of this commit: cvs rdiff -u -r1.320 -r1.321 pkgsrc/www/firefox/Makefile cvs rdiff -u -r1.307 -r1.308 pkgsrc/www/firefox/distinfo cvs rdiff -u -r1.104 -r1.105 pkgsrc/www/firefox/mozilla-common.mk cvs rdiff -u -r1.3 -r1.4 \ pkgsrc/www/firefox/patches/patch-xpcom_build_BinaryPath.h ------------------------------------------------------------------- Module Name: pkgsrc Committed By: ryoon Date: Sat Mar 17 00:59:03 UTC 2018 Modified Files: pkgsrc/www/firefox: Makefile PLIST distinfo mozilla-common.mk pkgsrc/www/firefox/patches: patch-aa patch-build_gyp.mozbuild patch-config_external_moz.build patch-dom_media_moz.build patch-gfx_skia_generate__mozbuild.py patch-gfx_skia_moz.build patch-gfx_thebes_moz.build patch-media_libcubeb_gtest_moz.build patch-media_libtheora_moz.build patch-media_libvorbis_moz.build patch-modules_pdfium_update.sh patch-netwerk_dns_moz.build patch-toolkit_moz.configure Added Files: pkgsrc/www/firefox/patches: patch-build_moz.configure_keyfiles.configure patch-media_webrtc_trunk_webrtc_modules_audio__device_linux_audio__device__alsa__linux.cc patch-modules_libpref_init_all.js patch-third__party_rust_simd_.cargo-checksum.json patch-third__party_rust_simd_src_x86_avx2.rs Removed Files: pkgsrc/www/firefox/patches: patch-build_moz.configure_memory.configure patch-config_baseconfig.mk patch-netwerk_srtp_src_crypto_hash_hmac.c patch-netwerk_srtp_src_crypto_kernel_crypto__kernel.c patch-servo_components_style_properties_helpers_animated__properties.mako.rs patch-toolkit_crashreporter_google-breakpad_src_third_party_curl_curlbuild.h patch-toolkit_xre_nsEmbedFunctions.cpp Log Message: Update to 59.0.1 Changelog: 59.0.1 Security fix #CVE-2018-5146: Out of bounds memory write in libvorbis 59.0 New Performance enhancements: - Faster load times for content on the Firefox Home page - Faster page load times by loading either from the networked cache or the cache on the user's hard drive (Race Cache With Network) - Improved graphics rendering using Off-Main-Thread Painting (OMTP) for Mac users (OMTP for Windows was released in Firefox 58) Drag-and-drop to rearrange Top Sites on the Firefox Home page, and customize new windows and tabs in other ways Added features for Firefox Screenshots: - Basic annotation lets the user draw on and highlight saved screenshots - Recropping to change the viewable area of saved screenshots Enhanced WebExtensions API including better support for decentralized protocols and the ability to dynamically register content scripts Improved Real-Time Communications (RTC) capabilities. - Implemented RTP Transceiver to give pages more fine grained control over calls - Implemented features to support large scale conferences Added support for W3C specs for pointer events and improved platform integration with added device support for mouse, pen, and touch screen pointer input Added the Ecosia search engine as an option for German Firefox Added the Qwant search engine as an option for French Firefox Added settings in about:preferences to stop websites from asking to send notifications or access your device's camera, microphone, and location, while still allowing trusted websites to use these features Fixed Various security fixes Changed Firefox Private Browsing Mode will remove path information from referrers to prevent cross-site tracking Security fixes: #CVE-2018-5127: Buffer overflow manipulating SVG animatedPathSegList #CVE-2018-5128: Use-after-free manipulating editor selection ranges #CVE-2018-5129: Out-of-bounds write with malformed IPC messages #CVE-2018-5130: Mismatched RTP payload type can trigger memory corruption #CVE-2018-5131: Fetch API improperly returns cached copies of no-store/no-cache resources #CVE-2018-5132: WebExtension Find API can search privileged pages #CVE-2018-5133: Value of the app.support.baseURL preference is not properly sanitized #CVE-2018-5134: WebExtensions may use view-source: URLs to bypass content restrictions #CVE-2018-5135: WebExtension browserAction can inject scripts into unintended contexts #CVE-2018-5136: Same-origin policy violation with data: URL shared workers #CVE-2018-5137: Script content can access legacy extension non-contentaccessible resources #CVE-2018-5138: Android Custom Tab address spoofing through long domain names #CVE-2018-5140: Moz-icon images accessible to web content through moz-icon: protocol #CVE-2018-5141: DOS attack through notifications Push API #CVE-2018-5142: Media Capture and Streams API permissions display incorrect origin with data: and blob: URLs #CVE-2018-5143: Self-XSS pasting javascript: URL with embedded tab into addressbar #CVE-2018-5126: Memory safety bugs fixed in Firefox 59 #CVE-2018-5125: Memory safety bugs fixed in Firefox 59 and Firefox ESR 52.7 To generate a diff of this commit: cvs rdiff -u -r1.323 -r1.324 pkgsrc/www/firefox/Makefile cvs rdiff -u -r1.126 -r1.127 pkgsrc/www/firefox/PLIST cvs rdiff -u -r1.308 -r1.309 pkgsrc/www/firefox/distinfo cvs rdiff -u -r1.105 -r1.106 pkgsrc/www/firefox/mozilla-common.mk cvs rdiff -u -r1.55 -r1.56 pkgsrc/www/firefox/patches/patch-aa cvs rdiff -u -r1.7 -r1.8 pkgsrc/www/firefox/patches/patch-build_gyp.mozbuild \ pkgsrc/www/firefox/patches/patch-gfx_skia_generate__mozbuild.py \ pkgsrc/www/firefox/patches/patch-media_libtheora_moz.build \ pkgsrc/www/firefox/patches/patch-netwerk_dns_moz.build cvs rdiff -u -r0 -r1.5 \ pkgsrc/www/firefox/patches/patch-build_moz.configure_keyfiles.configure cvs rdiff -u -r1.2 -r0 \ pkgsrc/www/firefox/patches/patch-build_moz.configure_memory.configure \ pkgsrc/www/firefox/patches/patch-toolkit_crashreporter_google-breakpad_src_third_party_curl_curlbuild.h cvs rdiff -u -r1.10 -r0 pkgsrc/www/firefox/patches/patch-config_baseconfig.mk cvs rdiff -u -r1.16 -r1.17 \ pkgsrc/www/firefox/patches/patch-config_external_moz.build cvs rdiff -u -r1.8 -r1.9 pkgsrc/www/firefox/patches/patch-dom_media_moz.build \ pkgsrc/www/firefox/patches/patch-gfx_thebes_moz.build cvs rdiff -u -r1.14 -r1.15 \ pkgsrc/www/firefox/patches/patch-gfx_skia_moz.build cvs rdiff -u -r1.1 -r1.2 \ pkgsrc/www/firefox/patches/patch-media_libcubeb_gtest_moz.build \ pkgsrc/www/firefox/patches/patch-modules_pdfium_update.sh cvs rdiff -u -r1.3 -r1.4 \ pkgsrc/www/firefox/patches/patch-media_libvorbis_moz.build cvs rdiff -u -r0 -r1.1 \ pkgsrc/www/firefox/patches/patch-media_webrtc_trunk_webrtc_modules_audio__device_linux_audio__device__alsa__linux.cc \ pkgsrc/www/firefox/patches/patch-third__party_rust_simd_.cargo-checksum.json \ pkgsrc/www/firefox/patches/patch-third__party_rust_simd_src_x86_avx2.rs cvs rdiff -u -r0 -r1.7 \ pkgsrc/www/firefox/patches/patch-modules_libpref_init_all.js cvs rdiff -u -r1.4 -r0 \ pkgsrc/www/firefox/patches/patch-netwerk_srtp_src_crypto_hash_hmac.c cvs rdiff -u -r1.3 -r0 \ pkgsrc/www/firefox/patches/patch-netwerk_srtp_src_crypto_kernel_crypto__kernel.c cvs rdiff -u -r1.1 -r0 \ pkgsrc/www/firefox/patches/patch-servo_components_style_properties_helpers_animated__properties.mako.rs cvs rdiff -u -r1.9 -r1.10 \ pkgsrc/www/firefox/patches/patch-toolkit_moz.configure cvs rdiff -u -r1.7 -r0 \ pkgsrc/www/firefox/patches/patch-toolkit_xre_nsEmbedFunctions.cpp ------------------------------------------------------------------- Module Name: pkgsrc Committed By: ryoon Date: Wed Jan 31 14:03:25 UTC 2018 Modified Files: pkgsrc/www/firefox-l10n: Makefile distinfo Log Message: Update to 58.0.1 * Sync with www/firefox-58.0.1 To generate a diff of this commit: cvs rdiff -u -r1.120 -r1.121 pkgsrc/www/firefox-l10n/Makefile cvs rdiff -u -r1.110 -r1.111 pkgsrc/www/firefox-l10n/distinfo ------------------------------------------------------------------- Module Name: pkgsrc Committed By: ryoon Date: Sat Feb 10 07:05:20 UTC 2018 Modified Files: pkgsrc/www/firefox-l10n: Makefile distinfo Log Message: Update to 58.0.2 * Sync with www/firefox-58.0.2 To generate a diff of this commit: cvs rdiff -u -r1.121 -r1.122 pkgsrc/www/firefox-l10n/Makefile cvs rdiff -u -r1.111 -r1.112 pkgsrc/www/firefox-l10n/distinfo ------------------------------------------------------------------- Module Name: pkgsrc Committed By: ryoon Date: Sat Mar 17 01:00:20 UTC 2018 Modified Files: pkgsrc/www/firefox-l10n: Makefile distinfo Log Message: Update to 59.0.1 * Sync with www/firefox-59.0.1 To generate a diff of this commit: cvs rdiff -u -r1.122 -r1.123 pkgsrc/www/firefox-l10n/Makefile cvs rdiff -u -r1.112 -r1.113 pkgsrc/www/firefox-l10n/distinfo @ text @d1 1 a1 1 $NetBSD: patch-toolkit_xre_nsEmbedFunctions.cpp,v 1.7 2017/06/14 11:28:44 ryoon Exp $ @ 1.6 log @Update to 47.0 * Remove macOS patches, because I cannot confirm them sadly Changelog: New Support for Google’s Widevine CDM on Windows and Mac OS X so streaming services like Amazon Video can switch from Silverlight to encrypted HTML5 video. Enable VP9 video codec for users with fast machines Embedded YouTube videos now play with HTML5 video if Flash is not installed. View and search open tabs from your smartphone or another computer in a sidebar Allow no-cache on back/forward navigations for https resources Latgalu [ltg] locale added. Wikipedia tells us there are 164,500 daily speakers. Fixed Various security fixes Changed FUEL (Firefox User Extension Library) has been removed. Add-ons relying on it will stop working. The browser.sessionstore.restore_on_demand preference has been reset to its default value (true) to avoid e10s performance problems. Because faster is better! The Firefox click-to-activate plugin whitelist has been removed. XRender is no longer used for rendering web content on Linux as this may cause a regression in remote X performance Developer Web platform changes View, start,and debug registered Service Workers in the Service Workers developer tool Simulate Push messages in the Service Workers developer tool 'Start' button for service workers in about:debugging to start registered Service Workers Changes that can affect add-on compatibility Added support for ChaCha20/Poly1305 cipher suites Custom user agents supported in Responsive Design Mode Smart multi-line input in the Web Console Developer Information HTML5 cuechange events are now available on TextTrack objects WebCrypto: PBKDF2 supports SHA-2 hash algorithms WebCrypto: RSA-PSS signature support Fixed in Firefox 47 2016-61 Network Security Services (NSS) vulnerabilities 2016-60 Java applets bypass CSP protections 2016-59 Information disclosure of disabled plugins through CSS pseudo-classes 2016-58 Entering fullscreen and persistent pointerlock without user permission 2016-57 Incorrect icon displayed on permissions notifications 2016-56 Use-after-free when textures are used in WebGL operations after recycle pool destruction 2016-55 File overwrite and privilege escalation through Mozilla Windows updater 2016-54 Partial same-origin-policy through setting location.host through data URI 2016-53 Out-of-bounds write with WebGL shader 2016-52 Addressbar spoofing though the SELECT element 2016-51 Use-after-free deleting tables from a contenteditable document 2016-50 Buffer overflow parsing HTML5 fragments 2016-49 Miscellaneous memory safety hazards (rv:47.0 / rv:45.2) @ text @d1 1 a1 1 $NetBSD: patch-toolkit_xre_nsEmbedFunctions.cpp,v 1.5 2014/05/30 10:22:06 pho Exp $ d5 1 a5 1 --- toolkit/xre/nsEmbedFunctions.cpp.orig 2013-05-11 19:19:55.000000000 +0000 d7 1 a7 1 @@@@ -239,7 +239,7 @@@@ XRE_SetRemoteExceptionHandler(const char d16 1 a16 1 @@@@ -351,7 +351,7 @@@@ XRE_InitChildProcess(int aArgc, d24 1 a24 1 if (0 != strcmp("false", crashReporterArg) && @ 1.5 log @PR pkg/48840: Remove most patches that I have recently added The preprocessor macro XP_MACOSX is misused everywhere. They tend to say "#if defined(XP_MACOSX)" to actually mean "#if defined(MOZ_WIDGET_COCOA)". It's okay to equate XP_MACOSX with XP_DARWIN but equating it with MOZ_WIDGET_COCOA is just wrong. As a result, cairo-gtk2 build on Darwin is completely broken and needs heavy patching. Ideally they should be fixed individually but that will be an extremely hard work, so don't define XP_MACOSX for now. @ text @d1 3 a3 1 $NetBSD: patch-toolkit_xre_nsEmbedFunctions.cpp,v 1.3 2014/02/20 13:19:03 ryoon Exp $ @ 1.4 log @PR pkg/48840: Don't assume cocoa toolkit just because OS_ARCH is Darwin @ text @d3 1 a3 3 * Don't assume cocoa toolkit just because OS_ARCH is Darwin. --- toolkit/xre/nsEmbedFunctions.cpp.orig 2014-05-06 22:56:36.000000000 +0000 d5 1 a5 12 @@@@ -42,7 +42,7 @@@@ #include "nsXREDirProvider.h" #include "mozilla/Omnijar.h" -#if defined(XP_MACOSX) +#if defined(MOZ_WIDGET_COCOA) #include "nsVersionComparator.h" #include "chrome/common/mach_ipc_mac.h" #endif @@@@ -228,9 +228,9 @@@@ XRE_TakeMinidumpForChild(uint32_t aChild bool XRE_SetRemoteExceptionHandler(const char* aPipe/*= 0*/) d7 1 a7 2 -#if defined(XP_WIN) || defined(XP_MACOSX) +#if defined(XP_WIN) || defined(MOZ_WIDGET_COCOA) d14 1 a14 19 @@@@ -306,7 +306,7 @@@@ XRE_InitChildProcess(int aArgc, // Complete 'task_t' exchange for Mac OS X. This structure has the same size // regardless of architecture so we don't have any cross-arch issues here. -#ifdef XP_MACOSX +#ifdef MOZ_WIDGET_COCOA if (aArgc < 1) return NS_ERROR_FAILURE; const char* const mach_port_name = aArgv[--aArgc]; @@@@ -359,7 +359,7 @@@@ XRE_InitChildProcess(int aArgc, return NS_ERROR_FAILURE; const char* const crashReporterArg = aArgv[--aArgc]; -# if defined(XP_WIN) || defined(XP_MACOSX) +# if defined(XP_WIN) || defined(MOZ_WIDGET_COCOA) // on windows and mac, |crashReporterArg| is the named pipe on which the // server is listening for requests, or "-" if crash reporting is // disabled. @@@@ -368,7 +368,7 @@@@ XRE_InitChildProcess(int aArgc, a22 36 @@@@ -636,7 +636,7 @@@@ XRE_RunAppShell() { nsCOMPtr appShell(do_GetService(kAppShellCID)); NS_ENSURE_TRUE(appShell, NS_ERROR_FAILURE); -#if defined(XP_MACOSX) +#if defined(MOZ_WIDGET_COCOA) { // In content processes that want XPCOM (and hence want // AppShell), we usually run our hybrid event loop through @@@@ -675,7 +675,7 @@@@ XRE_RunAppShell() loop->SetNestableTasksAllowed(couldNest); } -#endif // XP_MACOSX +#endif // MOZ_WIDGET_COCOA return appShell->Run(); } @@@@ -701,7 +701,7 @@@@ XRE_ShutdownChildProcess() // (4) ProcessChild joins the IO thread // (5) exit() MessageLoop::current()->Quit(); -#if defined(XP_MACOSX) +#if defined(MOZ_WIDGET_COCOA) nsCOMPtr appShell(do_GetService(kAppShellCID)); if (appShell) { // On Mac, we might be only above nsAppShell::Run(), not @@@@ -710,7 +710,7 @@@@ XRE_ShutdownChildProcess() // above MessagePump::Run(), this Exit() is just superfluous. appShell->Exit(); } -#endif // XP_MACOSX +#endif // MOZ_WIDGET_COCOA } namespace { @ 1.3 log @Update to 27.0.1 * Fix some syscall definitions in JavaScript are fixed. Thank you, tho@@. Changelog: FIXED 27.0.1 - Fixed stability issues with Greasemonkey and other JS that used ClearTimeoutOrInterval FIXED 27.0.1 - JS math correctness issue (bug 941381 @ text @d1 1 a1 1 $NetBSD: patch-toolkit_xre_nsEmbedFunctions.cpp,v 1.1 2013/07/17 11:00:13 jperkin Exp $ d3 3 a5 1 --- toolkit/xre/nsEmbedFunctions.cpp.orig 2013-05-11 19:19:55.000000000 +0000 d7 12 a18 1 @@@@ -239,7 +239,7 @@@@ XRE_SetRemoteExceptionHandler(const char d20 2 a21 1 #if defined(XP_WIN) || defined(XP_MACOSX) d28 19 a46 1 @@@@ -351,7 +351,7 @@@@ XRE_InitChildProcess(int aArgc, d55 36 @ 1.2 log @Update to 27.0 Changelog: NEW You can now run more than one service at a time with Firefox SocialAPI, allowing you to receive notifications, chat and more from multiple integrated services CHANGED Enabled TLS 1.1 (RFC 4346) and TLS 1.2 (RFC 5246) by default CHANGED Added support for SPDY 3.1 protocol DEVELOPER Ability to reset style sheets using 'all:unset' DEVELOPER You can now choose to deobfuscate javascript in the debugger (see 762761) DEVELOPER Added support for scrolled fieldsets (see 261037) DEVELOPER Implemented allow-popups directive for iframe sandbox, enabling increased security (see 766282) DEVELOPER CSS cursor keywords -moz-grab and -moz-grabbing have been unprefixed (see 880672) DEVELOPER Added support for ES6 generators in SpiderMonkey (see blog post) DEVELOPER Implemented support for mathematical function Math.hypot() in ES6 (see 896264) HTML5 Dashed line support on Canvas (see 768067) FIXED Get Azure/Skia content rendering working on Linux (see 740200) FIXED 27.0: Security fixes can be found here Fixed in Firefox 27 MFSA 2014-13 Inconsistent JavaScript handling of access to Window objects MFSA 2014-12 NSS ticket handling issues MFSA 2014-11 Crash when using web workers with asm.js MFSA 2014-10 Firefox default start page UI content invokable by script MFSA 2014-09 Cross-origin information leak through web workers MFSA 2014-08 Use-after-free with imgRequestProxy and image proccessing MFSA 2014-07 XSLT stylesheets treated as styles in Content Security Policy MFSA 2014-06 Profile path leaks to Android system log MFSA 2014-05 Information disclosure with *FromPoint on iframes MFSA 2014-04 Incorrect use of discarded images by RasterImage MFSA 2014-03 UI selection timeout missing on download prompts MFSA 2014-02 Clone protected content with XBL scopes MFSA 2014-01 Miscellaneous memory safety hazards (rv:27.0 / rv:24.3) @ text @d3 1 a3 1 --- toolkit/xre/nsEmbedFunctions.cpp.orig 2014-01-28 04:04:06.000000000 +0000 d5 1 a5 1 @@@@ -242,7 +242,7 @@@@ XRE_SetRemoteExceptionHandler(const char d14 1 a14 1 @@@@ -390,7 +390,7 @@@@ XRE_InitChildProcess(int aArgc, @ 1.1 log @Add SunOS/x86 patchset. This produces a package, but the resulting firefox binary does not yet work correctly. @ text @d1 1 a1 1 $NetBSD$ d3 1 a3 1 --- toolkit/xre/nsEmbedFunctions.cpp.orig 2013-05-11 19:19:55.000000000 +0000 d5 1 a5 1 @@@@ -239,7 +239,7 @@@@ XRE_SetRemoteExceptionHandler(const char d14 1 a14 1 @@@@ -351,7 +351,7 @@@@ XRE_InitChildProcess(int aArgc, @