---
- branch: MAIN
  date: Thu Jun 28 13:52:37 UTC 2018
  files:
  - new: '1.334'
    old: '1.333'
    path: pkgsrc/www/firefox/Makefile
    pathrev: pkgsrc/www/firefox/Makefile@1.334
    type: modified
  - new: '1.129'
    old: '1.128'
    path: pkgsrc/www/firefox/PLIST
    pathrev: pkgsrc/www/firefox/PLIST@1.129
    type: modified
  - new: '1.320'
    old: '1.319'
    path: pkgsrc/www/firefox/distinfo
    pathrev: pkgsrc/www/firefox/distinfo@1.320
    type: modified
  - new: '1.58'
    old: '1.57'
    path: pkgsrc/www/firefox/patches/patch-aa
    pathrev: pkgsrc/www/firefox/patches/patch-aa@1.58
    type: modified
  - new: '1.8'
    old: '1.7'
    path: pkgsrc/www/firefox/patches/patch-browser_app_profile_firefox.js
    pathrev: pkgsrc/www/firefox/patches/patch-browser_app_profile_firefox.js@1.8
    type: modified
  - new: '0'
    old: '1.1'
    path: pkgsrc/www/firefox/patches/patch-dom_fetch_FetchConsumer.cpp
    pathrev: pkgsrc/www/firefox/patches/patch-dom_fetch_FetchConsumer.cpp@0
    type: deleted
  - new: '0'
    old: '1.1'
    path: pkgsrc/www/firefox/patches/patch-third__party_rust_libloading_.cargo-checksum.json
    pathrev: pkgsrc/www/firefox/patches/patch-third__party_rust_libloading_.cargo-checksum.json@0
    type: deleted
  - new: '0'
    old: '1.1'
    path: pkgsrc/www/firefox/patches/patch-third__party_rust_libloading_build.rs
    pathrev: pkgsrc/www/firefox/patches/patch-third__party_rust_libloading_build.rs@0
    type: deleted
  - new: '1.11'
    old: '1.10'
    path: pkgsrc/www/firefox/patches/patch-media_libcubeb_src_cubeb__oss.c
    pathrev: pkgsrc/www/firefox/patches/patch-media_libcubeb_src_cubeb__oss.c@1.11
    type: modified
  - new: '1.15'
    old: '1.14'
    path: pkgsrc/www/firefox/patches/patch-media_libcubeb_src_moz.build
    pathrev: pkgsrc/www/firefox/patches/patch-media_libcubeb_src_moz.build@1.15
    type: modified
  - new: '1.2'
    old: '1.1'
    path: pkgsrc/www/firefox/patches/patch-toolkit_mozapps_installer_packager.mk
    pathrev: pkgsrc/www/firefox/patches/patch-toolkit_mozapps_installer_packager.mk@1.2
    type: modified
  id: 20180628T135237Z.becef808fcf184dc00776dd357d185ac74c47272
  log: |
    Update to 61.0

    Changelog:
    New
        Enhanced performance:
            Faster page rendering with Quantum CSS improvements and the new
              retained display list feature
            Faster switching between tabs on Windows and Linux
            WebExtensions now run in their own process on MacOS

        Convenient access to more search engines: You can now add search engines
          to the address bar "Search with" tool from the page action menu when on
          a webpage that provides an OpenSearch plugin

        Share links from Firefox for MacOS more easily: You can now share the URL
          of an active tab from the page actions menu in the address bar

        Improved security:
            On-by-default support for the latest draft of the TLS 1.3 specification
            Access to FTP subresources inside http(s) pages has been blocked

        A more consistent user experience: Improvements for dark theme support
          across the entire Firefox user interface

        More customization for tab management: added support to allow WebExtensions
          to hide tabs

        Improved bookmark syncing

    Fixed
        Various security fixes

    Changed
        The settings for customizing your homepage and new tab page in Firefox
          have been added to a new Preferences section that can be accessed from
          Firefox at about:preferences#home. The settings can also be accessed via
          the gear icon on the New Tab page.

    Security fixes:
    #CVE-2018-12359: Buffer overflow using computed size of canvas element
    #CVE-2018-12360: Use-after-free when using focus()
    #CVE-2018-12361: Integer overflow in SwizzleData
    #CVE-2018-12358: Same-origin bypass using service worker and redirection
    #CVE-2018-12362: Integer overflow in SSSE3 scaler
    #CVE-2018-5156: Media recorder segmentation fault when track type is changed during capture
    #CVE-2018-12363: Use-after-free when appending DOM nodes
    #CVE-2018-12364: CSRF attacks through 307 redirects and NPAPI plugins
    #CVE-2018-12365: Compromised IPC child process can list local filenames
    #CVE-2018-12371: Integer overflow in Skia library during edge builder allocation
    #CVE-2018-12366: Invalid data handling during QCMS transformations
    #CVE-2018-12367: Timing attack mitigation of PerformanceNavigationTiming
    #CVE-2018-12368: No warning when opening executable SettingContent-ms files
    #CVE-2018-12369: WebExtension security permission checks bypassed by embedded experiments
    #CVE-2018-12370: SameSite cookie protections bypassed when exiting Reader View
    #CVE-2018-5186: Memory safety bugs fixed in Firefox 61
    #CVE-2018-5187: Memory safety bugs fixed in Firefox 60 and Firefox ESR 60.1
    #CVE-2018-5188: Memory safety bugs fixed in Firefox 60, Firefox ESR 60.1, and Firefox ESR 52.9
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/www/firefox'
  unixtime: '1530193957'
  user: ryoon