--- - branch: MAIN date: Tue Jul 13 14:52:22 UTC 2021 files: - new: '1.485' old: '1.484' path: pkgsrc/www/firefox/Makefile pathrev: pkgsrc/www/firefox/Makefile@1.485 type: modified - new: '1.176' old: '1.175' path: pkgsrc/www/firefox/PLIST pathrev: pkgsrc/www/firefox/PLIST@1.176 type: modified - new: '1.439' old: '1.438' path: pkgsrc/www/firefox/distinfo pathrev: pkgsrc/www/firefox/distinfo@1.439 type: modified - new: '0' old: '1.1' path: pkgsrc/www/firefox/patches/patch-js_public_ErrorReport.h pathrev: pkgsrc/www/firefox/patches/patch-js_public_ErrorReport.h@0 type: deleted - new: '0' old: '1.1' path: pkgsrc/www/firefox/patches/patch-js_src_jit_arm64_Architecture-arm64.h pathrev: pkgsrc/www/firefox/patches/patch-js_src_jit_arm64_Architecture-arm64.h@0 type: deleted id: 20210713T145222Z.820c06a494baede79910bc011b35ca2574bbba9d log: | firefox: Update to 90.0 Changelog: New * On Windows, updates can now be applied in the background while Firefox is not running. * Firefox for Windows now offers a new page about:third-party to help identify compatibility issues caused by third-party applications * Exceptions to HTTPS-Only mode can be managed in about:preferences#privacy * Print to PDF now produces working hyperlinks * Version 2 of Firefox??s SmartBlock feature further improves private browsing. Third-party Facebook scripts are blocked to prevent you from being tracked, but are now automatically loaded ??just in time?? if you decide to ??Log in with Facebook?? on any website. Fixed * Various security fixes Changed * The "Open Image in New Tab" context menu item now opens images and media in a background tab by default. Learn more * Most users without hardware accelerated WebRender will now be using software WebRender. * Improved software WebRender performance * FTP support has been removed Enterprise * Various bug fixes and new policies have been implemented in the latest version of Firefox. See more details in the Firefox for Enterprise 90 Release Notes. Developer * Developer Information * Support for Private Fields (TC39 proposal, stage 3) is available in DevTools. The support includes: object inspection, autocompletion, expression evaluation, variable tooltips, and pretty printing (bug) * The Network panel shows a preview of HTTP requests for fonts in the Response tab (bug) Network panel font preview screenshot Web Platform * Support for Fetch Metadata Request Headers, which allows web applications to better protect themselves and their users against various cross-origin threats. * Added the ability to use client authentication certificates stored in hardware tokens or in Operating System storage. Security fixes: #CVE-2021-29970: Use-after-free in accessibility features of a document #CVE-2021-29971: Granted permissions only compared host; omitting scheme and port on Android #CVE-2021-30547: Out of bounds write in ANGLE #CVE-2021-29972: Use of out-of-date library included use-after-free vulnerability #CVE-2021-29973: Password autofill on HTTP websites was enabled without user interaction on Android #CVE-2021-29974: HSTS errors could be overridden when network partitioning was enabled #CVE-2021-29975: Text message could be overlaid on top of another website #CVE-2021-29976: Memory safety bugs fixed in Firefox 90 and Firefox ESR 78.12 #CVE-2021-29977: Memory safety bugs fixed in Firefox 90 module: pkgsrc subject: 'CVS commit: pkgsrc/www/firefox' unixtime: '1626187942' user: ryoon