Now
MAIN commitmail json YAML
pkgsrc/www/firefox/Makefile@1.569
/
diff
pkgsrc/www/firefox/distinfo@1.508 / diff
pkgsrc/www/firefox/files/node-wrapper.sh@1.10 / diff
pkgsrc/www/firefox/patches/patch-browser_app_profile_firefox.js@1.20 / diff
pkgsrc/www/firefox/patches/patch-ipc_glue_GeckoChildProcessHost.cpp@1.15 / diff
pkgsrc/www/firefox/patches/patch-third__party_libwebrtc_modules_desktop__capture_desktop__capture__gn_moz.build@1.2 / diff
pkgsrc/www/firefox/patches/patch-toolkit_modules_subprocess_subprocess__shared__unix.js@1.4 / diff
pkgsrc/www/firefox/distinfo@1.508 / diff
pkgsrc/www/firefox/files/node-wrapper.sh@1.10 / diff
pkgsrc/www/firefox/patches/patch-browser_app_profile_firefox.js@1.20 / diff
pkgsrc/www/firefox/patches/patch-ipc_glue_GeckoChildProcessHost.cpp@1.15 / diff
pkgsrc/www/firefox/patches/patch-third__party_libwebrtc_modules_desktop__capture_desktop__capture__gn_moz.build@1.2 / diff
pkgsrc/www/firefox/patches/patch-toolkit_modules_subprocess_subprocess__shared__unix.js@1.4 / diff
firefox: Update to 117.0
Changelog:
New
* Support for credit card autofill has been extended to users running Firefox
in the IT, ES, AT, BE, and PL locales.
* macOS users can now control the tabability of controls and links via
about:preferences.
Screenshot of new macOS tabability option in about:preferences
* To avoid undesirable outcomes on sites which specify their own behavior
when pressing shift+right-click, Firefox now has a
dom.event.contextmenu.shift_suppresses_event preference to prevent the
context menu from appearing.
Fixed
* YouTube video lists now scroll correctly when navigating with a screen
reader.
* Various security fixes.
Changed
* Firefox no longer shows its own screen sharing indicator on Wayland desktop
environments. The system default sharing indicator will be used instead.
Enterprise
* You can find information about policy updates and enterprise specific bug
fixes in the Firefox for Enterprise 117 Release Notes.
Developer
* Developer Information
* Web compatibility inspection has been enhanced with our new CSS
compatibility tooltip in the Developer Tools Inspector. An icon is now
displayed next to properties that could lead to web compatibility issues.
When hovered, the tooltip indicates which browsers are not supported and
displays a link to the MDN page for the property so the user can learn more
about it.
Screenshot showing CSS compatibility icon for a property shown in the
Inspector
* console.clear() no longer clears the Console output if the "Enable
persistent logs" option is enabled.
Web Platform
* Support for improved CSS nesting is now enabled by default.
* Firefox now supports RTCRtpScriptTransform.
* ReadableStream.from is now supported, allowing creation of a ReadableStream
from an (async) iterable.
* Firefox now supports the math-style and math-depth CSS properties and the
font-size: math value.
Security fixes:
#CVE-2023-4573: Memory corruption in IPC CanvasTranslator
#CVE-2023-4574: Memory corruption in IPC ColorPickerShownCallback
#CVE-2023-4575: Memory corruption in IPC FilePickerShownCallback
#CVE-2023-4576: Integer Overflow in RecordedSourceSurfaceCreation
#CVE-2023-4577: Memory corruption in JIT UpdateRegExpStatics
#CVE-2023-4578: Error reporting methods in SpiderMonkey could have triggered an
Out of Memory Exception
#CVE-2023-4579: Persisted search terms were formatted as URLs
#CVE-2023-4580: Push notifications saved to disk unencrypted
#CVE-2023-4581: XLL file extensions were downloadable without warnings
#CVE-2023-4582: Buffer Overflow in WebGL glGetProgramiv
#CVE-2023-4583: Browsing Context potentially not cleared when closing Private
Window
#CVE-2023-4584: Memory safety bugs fixed in Firefox 117, Firefox ESR 102.15,
Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2
#CVE-2023-4585: Memory safety bugs fixed in Firefox 117, Firefox ESR 115.2, and
Thunderbird 115.2
Changelog:
New
* Support for credit card autofill has been extended to users running Firefox
in the IT, ES, AT, BE, and PL locales.
* macOS users can now control the tabability of controls and links via
about:preferences.
Screenshot of new macOS tabability option in about:preferences
* To avoid undesirable outcomes on sites which specify their own behavior
when pressing shift+right-click, Firefox now has a
dom.event.contextmenu.shift_suppresses_event preference to prevent the
context menu from appearing.
Fixed
* YouTube video lists now scroll correctly when navigating with a screen
reader.
* Various security fixes.
Changed
* Firefox no longer shows its own screen sharing indicator on Wayland desktop
environments. The system default sharing indicator will be used instead.
Enterprise
* You can find information about policy updates and enterprise specific bug
fixes in the Firefox for Enterprise 117 Release Notes.
Developer
* Developer Information
* Web compatibility inspection has been enhanced with our new CSS
compatibility tooltip in the Developer Tools Inspector. An icon is now
displayed next to properties that could lead to web compatibility issues.
When hovered, the tooltip indicates which browsers are not supported and
displays a link to the MDN page for the property so the user can learn more
about it.
Screenshot showing CSS compatibility icon for a property shown in the
Inspector
* console.clear() no longer clears the Console output if the "Enable
persistent logs" option is enabled.
Web Platform
* Support for improved CSS nesting is now enabled by default.
* Firefox now supports RTCRtpScriptTransform.
* ReadableStream.from is now supported, allowing creation of a ReadableStream
from an (async) iterable.
* Firefox now supports the math-style and math-depth CSS properties and the
font-size: math value.
Security fixes:
#CVE-2023-4573: Memory corruption in IPC CanvasTranslator
#CVE-2023-4574: Memory corruption in IPC ColorPickerShownCallback
#CVE-2023-4575: Memory corruption in IPC FilePickerShownCallback
#CVE-2023-4576: Integer Overflow in RecordedSourceSurfaceCreation
#CVE-2023-4577: Memory corruption in JIT UpdateRegExpStatics
#CVE-2023-4578: Error reporting methods in SpiderMonkey could have triggered an
Out of Memory Exception
#CVE-2023-4579: Persisted search terms were formatted as URLs
#CVE-2023-4580: Push notifications saved to disk unencrypted
#CVE-2023-4581: XLL file extensions were downloadable without warnings
#CVE-2023-4582: Buffer Overflow in WebGL glGetProgramiv
#CVE-2023-4583: Browsing Context potentially not cleared when closing Private
Window
#CVE-2023-4584: Memory safety bugs fixed in Firefox 117, Firefox ESR 102.15,
Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2
#CVE-2023-4585: Memory safety bugs fixed in Firefox 117, Firefox ESR 115.2, and
Thunderbird 115.2