--- - branch: MAIN date: Thu Apr 27 01:49:47 UTC 2017 files: - new: '1.293' old: '1.292' path: pkgsrc/www/firefox/Makefile pathrev: pkgsrc/www/firefox/Makefile@1.293 type: modified - new: '1.119' old: '1.118' path: pkgsrc/www/firefox/PLIST pathrev: pkgsrc/www/firefox/PLIST@1.119 type: modified - new: '1.278' old: '1.277' path: pkgsrc/www/firefox/distinfo pathrev: pkgsrc/www/firefox/distinfo@1.278 type: modified - new: '1.91' old: '1.90' path: pkgsrc/www/firefox/mozilla-common.mk pathrev: pkgsrc/www/firefox/mozilla-common.mk@1.91 type: modified - new: '1.51' old: '1.50' path: pkgsrc/www/firefox/patches/patch-aa pathrev: pkgsrc/www/firefox/patches/patch-aa@1.51 type: modified - new: '0' old: '1.15' path: pkgsrc/www/firefox/patches/patch-ao pathrev: pkgsrc/www/firefox/patches/patch-ao@0 type: deleted - new: '1.12' old: '0' path: pkgsrc/www/firefox/patches/patch-browser_app_nsBrowserApp.cpp pathrev: pkgsrc/www/firefox/patches/patch-browser_app_nsBrowserApp.cpp@1.12 type: added - new: '0' old: '1.8' path: pkgsrc/www/firefox/patches/patch-browser_installer_package-manifest.in pathrev: pkgsrc/www/firefox/patches/patch-browser_installer_package-manifest.in@0 type: deleted - new: '0' old: '1.1' path: pkgsrc/www/firefox/patches/patch-build_buildconfig.py pathrev: pkgsrc/www/firefox/patches/patch-build_buildconfig.py@0 type: deleted - new: '0' old: '1.1' path: pkgsrc/www/firefox/patches/patch-image_Downscaler.h pathrev: pkgsrc/www/firefox/patches/patch-image_Downscaler.h@0 type: deleted - new: '0' old: '1.1' path: pkgsrc/www/firefox/patches/patch-image_decoders_nsIconDecoder.cpp pathrev: pkgsrc/www/firefox/patches/patch-image_decoders_nsIconDecoder.cpp@0 type: deleted - new: '0' old: '1.1' path: pkgsrc/www/firefox/patches/patch-media_libcubeb_tests_moz.build pathrev: pkgsrc/www/firefox/patches/patch-media_libcubeb_tests_moz.build@0 type: deleted - new: '0' old: '1.1' path: pkgsrc/www/firefox/patches/patch-modules_woff2_src_store_bytes.h pathrev: pkgsrc/www/firefox/patches/patch-modules_woff2_src_store_bytes.h@0 type: deleted - new: '0' old: '1.1' path: pkgsrc/www/firefox/patches/patch-modules_woff2_src_woff2_common.cc pathrev: pkgsrc/www/firefox/patches/patch-modules_woff2_src_woff2_common.cc@0 type: deleted - new: '0' old: '1.1' path: pkgsrc/www/firefox/patches/patch-toolkit_library_dependentlibs.py pathrev: pkgsrc/www/firefox/patches/patch-toolkit_library_dependentlibs.py@0 type: deleted - new: '0' old: '1.1' path: pkgsrc/www/firefox/patches/patch-toolkit_mozapps_extensions_test_browser_browser__gmpProvider.js pathrev: pkgsrc/www/firefox/patches/patch-toolkit_mozapps_extensions_test_browser_browser__gmpProvider.js@0 type: deleted - new: '1.5' old: '1.4' path: pkgsrc/www/firefox/patches/patch-build_gyp.mozbuild pathrev: pkgsrc/www/firefox/patches/patch-build_gyp.mozbuild@1.5 type: modified - new: '1.5' old: '1.4' path: pkgsrc/www/firefox/patches/patch-extensions_spellcheck_hunspell_glue_mozHunspell.cpp pathrev: pkgsrc/www/firefox/patches/patch-extensions_spellcheck_hunspell_glue_mozHunspell.cpp@1.5 type: modified - new: '1.6' old: '1.5' path: pkgsrc/www/firefox/patches/patch-build_moz.configure_old.configure pathrev: pkgsrc/www/firefox/patches/patch-build_moz.configure_old.configure@1.6 type: modified - new: '1.6' old: '1.5' path: pkgsrc/www/firefox/patches/patch-media_libcubeb_src_cubeb.c pathrev: pkgsrc/www/firefox/patches/patch-media_libcubeb_src_cubeb.c@1.6 type: modified - new: '1.6' old: '1.5' path: pkgsrc/www/firefox/patches/patch-media_webrtc_signaling_test_common.build pathrev: pkgsrc/www/firefox/patches/patch-media_webrtc_signaling_test_common.build@1.6 type: modified - new: '1.11' old: '1.10' path: pkgsrc/www/firefox/patches/patch-config_Makefile.in pathrev: pkgsrc/www/firefox/patches/patch-config_Makefile.in@1.11 type: modified - new: '1.11' old: '1.10' path: pkgsrc/www/firefox/patches/patch-media_libcubeb_src_moz.build pathrev: pkgsrc/www/firefox/patches/patch-media_libcubeb_src_moz.build@1.11 type: modified - new: '1.11' old: '1.10' path: pkgsrc/www/firefox/patches/patch-media_webrtc_trunk_webrtc_modules_video__capture_video__capture.gypi pathrev: pkgsrc/www/firefox/patches/patch-media_webrtc_trunk_webrtc_modules_video__capture_video__capture.gypi@1.11 type: modified - new: '1.23' old: '1.22' path: pkgsrc/www/firefox/patches/patch-config_system-headers pathrev: pkgsrc/www/firefox/patches/patch-config_system-headers@1.23 type: modified - new: '1.1' old: '0' path: pkgsrc/www/firefox/patches/patch-dom_media_CubebUtils.cpp pathrev: pkgsrc/www/firefox/patches/patch-dom_media_CubebUtils.cpp@1.1 type: added - new: '1.1' old: '0' path: pkgsrc/www/firefox/patches/patch-dom_media_webrtc_MediaEngine.h pathrev: pkgsrc/www/firefox/patches/patch-dom_media_webrtc_MediaEngine.h@1.1 type: added - new: '1.1' old: '0' path: pkgsrc/www/firefox/patches/patch-media_libcubeb_gtest_moz.build pathrev: pkgsrc/www/firefox/patches/patch-media_libcubeb_gtest_moz.build@1.1 type: added - new: '1.1' old: '0' path: pkgsrc/www/firefox/patches/patch-python_futures_concurrent_futures_process.py pathrev: pkgsrc/www/firefox/patches/patch-python_futures_concurrent_futures_process.py@1.1 type: added - new: '1.9' old: '1.8' path: pkgsrc/www/firefox/patches/patch-dom_plugins_ipc_PluginModuleChild.cpp pathrev: pkgsrc/www/firefox/patches/patch-dom_plugins_ipc_PluginModuleChild.cpp@1.9 type: modified - new: '1.9' old: '1.8' path: pkgsrc/www/firefox/patches/patch-media_libcubeb_src_cubeb__oss.c pathrev: pkgsrc/www/firefox/patches/patch-media_libcubeb_src_cubeb__oss.c@1.9 type: modified - new: '1.12' old: '1.11' path: pkgsrc/www/firefox/patches/patch-ipc_glue_GeckoChildProcessHost.cpp pathrev: pkgsrc/www/firefox/patches/patch-ipc_glue_GeckoChildProcessHost.cpp@1.12 type: modified - new: '1.12' old: '1.11' path: pkgsrc/www/firefox/patches/patch-media_webrtc_trunk_webrtc_modules_video__capture_linux_device__info__linux.cc pathrev: pkgsrc/www/firefox/patches/patch-media_webrtc_trunk_webrtc_modules_video__capture_linux_device__info__linux.cc@1.12 type: modified - new: '1.12' old: '1.11' path: pkgsrc/www/firefox/patches/patch-media_webrtc_trunk_webrtc_modules_video__capture_linux_video__capture__linux.cc pathrev: pkgsrc/www/firefox/patches/patch-media_webrtc_trunk_webrtc_modules_video__capture_linux_video__capture__linux.cc@1.12 type: modified - new: '1.12' old: '1.11' path: pkgsrc/www/firefox/patches/patch-toolkit_library_moz.build pathrev: pkgsrc/www/firefox/patches/patch-toolkit_library_moz.build@1.12 type: modified - new: '1.21' old: '1.20' path: pkgsrc/www/firefox/patches/patch-media_libcubeb_src_cubeb__alsa.c pathrev: pkgsrc/www/firefox/patches/patch-media_libcubeb_src_cubeb__alsa.c@1.21 type: modified - new: '1.2' old: '1.1' path: pkgsrc/www/firefox/patches/patch-media_libcubeb_update.sh pathrev: pkgsrc/www/firefox/patches/patch-media_libcubeb_update.sh@1.2 type: modified - new: '1.2' old: '1.1' path: pkgsrc/www/firefox/patches/patch-media_libtheora_lib_arm_armcpu.c pathrev: pkgsrc/www/firefox/patches/patch-media_libtheora_lib_arm_armcpu.c@1.2 type: modified - new: '0' old: '1.5' path: pkgsrc/www/firefox/patches/patch-mobile_android_installer_Makefile.in pathrev: pkgsrc/www/firefox/patches/patch-mobile_android_installer_Makefile.in@0 type: deleted - new: '0' old: '1.5' path: pkgsrc/www/firefox/patches/patch-mobile_android_installer_package-manifest.in pathrev: pkgsrc/www/firefox/patches/patch-mobile_android_installer_package-manifest.in@0 type: deleted - new: '0' old: '1.2' path: pkgsrc/www/firefox/patches/patch-toolkit_components_protobuf_src_google_protobuf_stubs_platform__macros.h pathrev: pkgsrc/www/firefox/patches/patch-toolkit_components_protobuf_src_google_protobuf_stubs_platform__macros.h@0 type: deleted - new: '0' old: '1.3' path: pkgsrc/www/firefox/patches/patch-toolkit_modules_GMPUtils.jsm pathrev: pkgsrc/www/firefox/patches/patch-toolkit_modules_GMPUtils.jsm@0 type: deleted id: 20170427T014947Z.9b5d0ecdfc7ba875b6755763227aab5a4a0ecc9a log: | Update to 53.0 Changelog: New Improved graphics stability for Windows users with the addition of compositor process separation (Quantum Compositor) Two new 'compact' themes available in Firefox, dark and light, based on the Firefox Developer Edition theme Lightweight themes are now applied in private browsing windows Reader Mode now displays estimated reading time for the page Windows 7+ users on 64-bit OS can select 32-bit or 64-bit versions in the stub installer Fixed Various security fixes Changed Updated the design of site permission requests to make them harder to miss and easier to understand Windows XP and Vista are no longer supported. XP and Vista users running Firefox 52 will continue to receive security updates on Firefox ESR 52. 32-bit Mac OS X is no longer supported. 32-bit Mac OS X users can switch to Firefox ESR 52 to continue receiving security updates. Updates for Mac OS X are smaller in size compared to updates for Firefox 52 New visual design for audio and video controls Ended Firefox Linux support for processors older than Pentium 4 and AMD Opteron The last few characters of shortened tab titles fade out instead of being replaced by ellipses to keep more of the title visible Security fixes: #CVE-2017-5433: Use-after-free in SMIL animation functions #CVE-2017-5435: Use-after-free during transaction processing in the editor #CVE-2017-5436: Out-of-bounds write with malicious font in Graphite 2 #CVE-2017-5461: Out-of-bounds write in Base64 encoding in NSS #CVE-2017-5459: Buffer overflow in WebGL #CVE-2017-5466: Origin confusion when reloading isolated data:text/html URL #CVE-2017-5434: Use-after-free during focus handling #CVE-2017-5432: Use-after-free in text input selection #CVE-2017-5460: Use-after-free in frame selection #CVE-2017-5438: Use-after-free in nsAutoPtr during XSLT processing #CVE-2017-5439: Use-after-free in nsTArray Length() during XSLT processing #CVE-2017-5440: Use-after-free in txExecutionState destructor during XSLT processing #CVE-2017-5441: Use-after-free with selection during scroll events #CVE-2017-5442: Use-after-free during style changes #CVE-2017-5464: Memory corruption with accessibility and DOM manipulation #CVE-2017-5443: Out-of-bounds write during BinHex decoding #CVE-2017-5444: Buffer overflow while parsing application/http-index-format content #CVE-2017-5446: Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data #CVE-2017-5447: Out-of-bounds read during glyph processing #CVE-2017-5465: Out-of-bounds read in ConvolvePixel #CVE-2017-5448: Out-of-bounds write in ClearKeyDecryptor #CVE-2017-5437: Vulnerabilities in Libevent library #CVE-2017-5454: Sandbox escape allowing file system read access through file picker #CVE-2017-5455: Sandbox escape through internal feed reader APIs #CVE-2017-5456: Sandbox escape allowing local file system access #CVE-2017-5469: Potential Buffer overflow in flex-generated code #CVE-2017-5445: Uninitialized values used while parsing application/http-index-format content #CVE-2017-5449: Crash during bidirectional unicode manipulation with animation #CVE-2017-5450: Addressbar spoofing using javascript: URI on Firefox for Android #CVE-2017-5451: Addressbar spoofing with onblur event #CVE-2017-5462: DRBG flaw in NSS #CVE-2017-5463: Addressbar spoofing through reader view on Firefox for Android #CVE-2017-5467: Memory corruption when drawing Skia content #CVE-2017-5452: Addressbar spoofing during scrolling with editable content on Firefox for Android #CVE-2017-5453: HTML injection into RSS Reader feed preview page through TITLE element #CVE-2017-5458: Drag and drop of javascript: URLs can allow for self-XSS #CVE-2017-5468: Incorrect ownership model for Private Browsing information #CVE-2017-5430: Memory safety bugs fixed in Firefox 53 and Firefox ESR 52.1 #CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and Firefox ESR 52.1 module: pkgsrc subject: 'CVS commit: pkgsrc/www/firefox' unixtime: '1493257787' user: ryoon