head	1.2;
access;
symbols
	pkgsrc-2026Q1:1.2.0.22
	pkgsrc-2026Q1-base:1.2
	pkgsrc-2025Q4:1.2.0.20
	pkgsrc-2025Q4-base:1.2
	pkgsrc-2025Q3:1.2.0.18
	pkgsrc-2025Q3-base:1.2
	pkgsrc-2025Q2:1.2.0.16
	pkgsrc-2025Q2-base:1.2
	pkgsrc-2025Q1:1.2.0.14
	pkgsrc-2025Q1-base:1.2
	pkgsrc-2024Q4:1.2.0.12
	pkgsrc-2024Q4-base:1.2
	pkgsrc-2024Q3:1.2.0.10
	pkgsrc-2024Q3-base:1.2
	pkgsrc-2024Q2:1.2.0.8
	pkgsrc-2024Q2-base:1.2
	pkgsrc-2024Q1:1.2.0.6
	pkgsrc-2024Q1-base:1.2
	pkgsrc-2023Q4:1.2.0.4
	pkgsrc-2023Q4-base:1.2
	pkgsrc-2023Q3:1.2.0.2
	pkgsrc-2023Q3-base:1.2
	pkgsrc-2023Q2:1.1.0.2
	pkgsrc-2023Q2-base:1.1;
locks; strict;
comment	@# @;


1.2
date	2023.07.07.13.47.10;	author ryoon;	state Exp;
branches;
next	1.1;
commitid	2n2W1ND0SO1wkSvE;

1.1
date	2023.06.14.16.22.18;	author ryoon;	state Exp;
branches;
next	;
commitid	adeI2K7tyj3zVVsE;


desc
@@


1.2
log
@firefox: Update to 115.0

Changelog:
New

  * Migrating from another browser? Now you can bring over payment methods
    you've saved in Chrome-based browsers to Firefox.

  * Hardware video decoding is now enabled for Intel GPUs on Linux.

  * The Tab Manager dropdown now features close buttons, so you can close tabs
    more quickly.

  * We've refreshed and streamlined the user interface for importing data in
    from other browsers.

  * Users without platform support for H264 video decoding can now fallback to
    Cisco's OpenH264 plugin for playback.

Fixed

  * Windows Magnifier now follows the text cursor correctly when the Firefox
    title bar is visible.

  * Windows users on low-end/USB wifi drivers and with OS geolocation disabled
    can now approve geolocation on a case by case basis without causing
    system-wide network instability.

  * Various security fixes.

Changed

  * Undo and redo are now available in Password fields.

  * On Linux, middle clicks on the new tab button will now open the xclipboard
    contents in the new tab. If the xclipboard content is a URL then that URL
    is opened, any other text is opened with your default search provider.

  * For users with a Firefox Colorways built-in theme, the theme will be
    automatically migrated to the same theme hosted on addons.mozilla.org for
    Firefox profiles that have disabled add-ons auto-updates. This will allow
    users to keep their Colorways theme when they are later removed from
    Firefox installer files.

  * Certain Firefox users may come across a message in the extensions panel
    indicating that their add-ons are not allowed on the site currently open.
    We have introduced a new back-end feature to only allow some extensions
    monitored by Mozilla to run on specific websites for various reasons,
    including security concerns.

Security fixes:
#CVE-2023-3482: Block all cookies bypass for localstorage
#CVE-2023-37201: Use-after-free in WebRTC certificate generation
#CVE-2023-37202: Potential use-after-free from compartment mismatch in
 SpiderMonkey
#CVE-2023-37203: Drag and Drop API may provide access to local system files
#CVE-2023-37204: Fullscreen notification obscured via option element
#CVE-2023-37205: URL spoofing in address bar using RTL characters
#CVE-2023-37206: Insufficient validation of symlinks in the FileSystem API
#CVE-2023-37207: Fullscreen notification obscured
#CVE-2023-37208: Lack of warning when opening Diagcab files
#CVE-2023-37209: Use-after-free in `NotifyOnHistoryReload`
#CVE-2023-37210: Full-screen mode exit prevention
#CVE-2023-37211: Memory safety bugs fixed in Firefox 115, Firefox ESR 102.13,
 and Thunderbird 102.13
#CVE-2023-37212: Memory safety bugs fixed in Firefox 115
@
text
@$NetBSD: patch-third__party_sqlite3_src_moz.build,v 1.1 2023/06/14 16:22:18 ryoon Exp $

* Fix segfault under NetBSD/i386 9 and pkgsrc/lang/gcc8-8.5.0
  For NetBSD/i386 9, @@SQLITE3OPTFLAG@@ will be replaced with "'-O0',".

--- third_party/sqlite3/src/moz.build.orig	2023-06-22 21:19:22.000000000 +0000
+++ third_party/sqlite3/src/moz.build
@@@@ -108,6 +108,7 @@@@ if CONFIG['CC_TYPE'] in ('clang', 'gcc')
     CFLAGS += [
         '-Wno-sign-compare',
         '-Wno-type-limits',
+        @@SQLITE3OPTFLAG@@
     ]
 
 # Set a default journal size limit. Note an hot journal can grow over this
@


1.1
log
@firefox: Update to 114.0.1

* mprotect support for firefox and firefox-bin is insufficient now.

Changelog:
114.0.1

Fixed

  * Fix a startup crash (bug 1837201).

114.0

New

  * Added UI to manage the DNS over HTTPS exception list.

  * Bookmarks can now be searched from the Bookmarks menu. The Bookmarks menu
    is accessible by adding the Bookmarks menu button to the toolbar.

  * Restrict searches to your local browsing history by selecting Search
    history from the History, Library or Application menu buttons.

  * Mac users can now capture video from their cameras in all supported native
    resolutions. This enables resolutions higher than 1280x720.

  * It is now possible to reorder the extensions listed in the extensions
    panel.

  * Users on macOS, Linux, and Windows 7 can now use FIDO2 / WebAuthn
    authenticators over USB. Some advanced features, such as fully passwordless
    logins, require a PIN to be set on the authenticator.

  * Pocket Recommended content can now be seen in France, Italy, and Spain.

Fixed

  * Various security fixes.

Changed

  * DNS over HTTPS settings are now part of the Privacy & Security section of
    the Settings page and allow the user to choose from all the supported
    modes.

Enterprise

  * You can find information about policy updates and enterprise specific bug
    fixes in the Firefox for Enterprise 114 Release Notes.

Developer

  * Developer Information
  * The Copy as cURL feature, available in the Network panel, has been
    enhanced. It now supports the --compressed argument.

  * The Accessibility Inspector has been improved to accurately recognize all
    the ARIA roles like banner, main, navigation, and contentinfo, etc. This
    enhancement is particularly beneficial for web developers working with ARIA
    roles to improve web accessibility.

  * Firefox now provides support for the CSS Cascading Level 4 supports()
    syntax for @@import rules. This allows for the importation of other
    stylesheets based on support-dependency. In addition, the Inspector panel
    now accurately displays the conditions at the top of the imported rule.

    developer tools screenshot of the new @@import syntax rule

Web Platform

  * DOM: Added support for ES Modules on DedicatedWorker and SharedWorker

  * WebTransport is now enabled by default and will be going to release with
    114. As the original Explainer notes, it enables multiple use-cases that
    are hard or impossible to handle without it, especially for Gaming and live
    streaming. It covers cases that are problematic for alternative mechanisms,
    such as WebSockets.

    Built on top of HTTP3 (HTTP2 support will be coming later). The current
    implementation in Firefox is passing 505 out of 565 Web-Platform Tests.

  * CSS: The infinity and NaN constants are now supported inside the calc()
    function.

Security fixes
#CVE-2023-34414: Click-jacking certificate exceptions through rendering lag
#CVE-2023-34415: Site-isolation bypass on sites that allow open redirects to
 data: urls
#CVE-2023-34416: Memory safety bugs fixed in Firefox 114 and Firefox ESR 102.12
#CVE-2023-34417: Memory safety bugs fixed in Firefox 114
@
text
@d1 1
a1 1
$NetBSD$
d6 1
a6 1
--- third_party/sqlite3/src/moz.build.orig	2023-06-08 22:35:48.000000000 +0000
d8 1
a8 1
@@@@ -106,4 +106,5 @@@@ if CONFIG['CC_TYPE'] in ('clang', 'gcc')
d14 2
@