Content-Transfer-Encoding: 7bit
Content-Type: multipart/mixed; boundary="_----------=_1608211470272230"
MIME-Version: 1.0
Date: Thu, 17 Dec 2020 13:24:30 +0000
From: "Nia Alarie" <nia@netbsd.org>
Subject: CVS commit: pkgsrc/www/firefox78
To: pkgsrc-changes@NetBSD.org
Reply-To: nia@netbsd.org
Message-Id: <20201217132430.BACE1FA9D@cvs.NetBSD.org>
Sender: pkgsrc-changes-owner@NetBSD.org
Precedence: bulk

This is a multi-part message in MIME format.

--_----------=_1608211470272230
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"

Module Name:	pkgsrc
Committed By:	nia
Date:		Thu Dec 17 13:24:30 UTC 2020

Modified Files:
	pkgsrc/www/firefox78: Makefile distinfo

Log Message:
firefox78: Update to 78.6.0

Security Vulnerabilities fixed in Firefox ESR 78.6

#CVE-2020-16042: Operations on a BigInt could have caused uninitialized
memory to be exposed

#CVE-2020-26971: Heap buffer overflow in WebGL

#CVE-2020-26973: CSS Sanitizer performed incorrect sanitization

#CVE-2020-26974: Incorrect cast of StyleGenericFlexBasis resulted in a heap
use-after-free

#CVE-2020-26978: Internal network hosts could have been probed by a
malicious webpage

#CVE-2020-35111: The proxy.onRequest API did not catch view-source URLs

#CVE-2020-35112: Opening an extension-less download may have inadvertently
launched an executable instead

#CVE-2020-35113: Memory safety bugs fixed in Firefox 84 and Firefox ESR 78.6


To generate a diff of this commit:
cvs rdiff -u -r1.13 -r1.14 pkgsrc/www/firefox78/Makefile
cvs rdiff -u -r1.6 -r1.7 pkgsrc/www/firefox78/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


--_----------=_1608211470272230
Content-Disposition: inline
Content-Length: 1946
Content-Transfer-Encoding: binary
Content-Type: text/x-diff; charset=us-ascii

Modified files:

Index: pkgsrc/www/firefox78/Makefile
diff -u pkgsrc/www/firefox78/Makefile:1.13 pkgsrc/www/firefox78/Makefile:1.14
--- pkgsrc/www/firefox78/Makefile:1.13	Wed Nov 18 12:33:45 2020
+++ pkgsrc/www/firefox78/Makefile	Thu Dec 17 13:24:30 2020
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.13 2020/11/18 12:33:45 nia Exp $
+# $NetBSD: Makefile,v 1.14 2020/12/17 13:24:30 nia Exp $
 
 FIREFOX_VER=		${MOZ_BRANCH}${MOZ_BRANCH_MINOR}
-MOZ_BRANCH=		78.5
+MOZ_BRANCH=		78.6
 MOZ_BRANCH_MINOR=	.0esr
 
 DISTNAME=	firefox-${FIREFOX_VER}.source

Index: pkgsrc/www/firefox78/distinfo
diff -u pkgsrc/www/firefox78/distinfo:1.6 pkgsrc/www/firefox78/distinfo:1.7
--- pkgsrc/www/firefox78/distinfo:1.6	Wed Nov 18 12:33:45 2020
+++ pkgsrc/www/firefox78/distinfo	Thu Dec 17 13:24:30 2020
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.6 2020/11/18 12:33:45 nia Exp $
+$NetBSD: distinfo,v 1.7 2020/12/17 13:24:30 nia Exp $
 
-SHA1 (firefox-78.5.0esr.source.tar.xz) = ae46913563ffe92efa7cdaacb818435a4c3d4492
-RMD160 (firefox-78.5.0esr.source.tar.xz) = 53bf565b08f8c743f22e5f61fca8fd98da062a6c
-SHA512 (firefox-78.5.0esr.source.tar.xz) = 0d16013342b6e8d67adb5c111177ea4796db4fb593da8aa254d0d95bdf33fad798c2dbb235d44db4177c32dd2d7b3ac26b938b476342753ee8d6c83d968d0281
-Size (firefox-78.5.0esr.source.tar.xz) = 333995288 bytes
+SHA1 (firefox-78.6.0esr.source.tar.xz) = 4dc4e41ae749e1d189ac8f45d0b804a18b8d38c3
+RMD160 (firefox-78.6.0esr.source.tar.xz) = 55970d3df407955f191b47ecae83d6597adbbc5b
+SHA512 (firefox-78.6.0esr.source.tar.xz) = a1e2d6af0020784d00ed3cb4d778c136685e7c2f6ae536cc270fbd331d51d483d17dff9acd7ad8e6b3b231b9df894c146092889357b23715814a080c6f08d11a
+Size (firefox-78.6.0esr.source.tar.xz) = 338098664 bytes
 SHA1 (patch-aa) = 11060461fdaca5661e89651b8ded4a59d2abc4d7
 SHA1 (patch-browser_app_profile_firefox.js) = 89cea0a66457c96ad0b94aaa524aa5942ad781d0
 SHA1 (patch-build_moz.configure_rust.configure) = ee9e207e67709f3c9455b4d22f5f254890e99ca8


--_----------=_1608211470272230--