Thu Sep 24 04:31:07 2020 UTC ()
firefox78: Update to 78.3.0

Security Vulnerabilities fixed in Firefox ESR 78.3

    #CVE-2020-15677: Download origin spoofing via redirect

    #CVE-2020-15676: XSS when pasting attacker-controlled data into a
    contenteditable element

    #CVE-2020-15678: When recursing through layers while scrolling, an iterator
    may have become invalid, resulting in a potential use-after-free scenario

    #CVE-2020-15673: Memory safety bugs fixed in Firefox 81 and Firefox ESR 78.3


(nia)
diff -r1.5 -r1.6 pkgsrc/www/firefox78/Makefile
diff -r1.2 -r1.3 pkgsrc/www/firefox78/distinfo
cvs diff -r1.5 -r1.6 pkgsrc/www/firefox78/Attic/Makefile (expand / switch to unified diff)

--- pkgsrc/www/firefox78/Attic/Makefile 2020/08/31 18:12:33 1.5
+++ pkgsrc/www/firefox78/Attic/Makefile 2020/09/24 04:31:07 1.6
@@ -1,22 +1,21 @@ @@ -1,22 +1,21 @@
1# $NetBSD: Makefile,v 1.5 2020/08/31 18:12:33 wiz Exp $ 1# $NetBSD: Makefile,v 1.6 2020/09/24 04:31:07 nia Exp $
2 2
3FIREFOX_VER= ${MOZ_BRANCH}${MOZ_BRANCH_MINOR} 3FIREFOX_VER= ${MOZ_BRANCH}${MOZ_BRANCH_MINOR}
4MOZ_BRANCH= 78.2 4MOZ_BRANCH= 78.3
5MOZ_BRANCH_MINOR= .0esr 5MOZ_BRANCH_MINOR= .0esr
6 6
7DISTNAME= firefox-${FIREFOX_VER}.source 7DISTNAME= firefox-${FIREFOX_VER}.source
8PKGNAME= ${DISTNAME:S/.source//:S/b/beta/:S/esr//:S/firefox-/firefox78-/} 8PKGNAME= ${DISTNAME:S/.source//:S/b/beta/:S/esr//:S/firefox-/firefox78-/}
9PKGREVISION= 1 
10CATEGORIES= www 9CATEGORIES= www
11MASTER_SITES+= ${MASTER_SITE_MOZILLA:=firefox/releases/${FIREFOX_VER}/source/} 10MASTER_SITES+= ${MASTER_SITE_MOZILLA:=firefox/releases/${FIREFOX_VER}/source/}
12EXTRACT_SUFX= .tar.xz 11EXTRACT_SUFX= .tar.xz
13 12
14MAINTAINER= ryoon@NetBSD.org 13MAINTAINER= ryoon@NetBSD.org
15HOMEPAGE= https://www.mozilla.org/en-US/firefox/ 14HOMEPAGE= https://www.mozilla.org/en-US/firefox/
16COMMENT= Web browser with support for extensions (version ${FIREFOX_VER:tu:C/\\.[[:digit:]\.]*//}) 15COMMENT= Web browser with support for extensions (version ${FIREFOX_VER:tu:C/\\.[[:digit:]\.]*//})
17LICENSE= mpl-1.1 16LICENSE= mpl-1.1
18 17
19UNLIMIT_RESOURCES+= datasize virtualsize 18UNLIMIT_RESOURCES+= datasize virtualsize
20 19
21WRKSRC= ${WRKDIR}/firefox-${FIREFOX_VER:S/esr//} 20WRKSRC= ${WRKDIR}/firefox-${FIREFOX_VER:S/esr//}
22 21
cvs diff -r1.2 -r1.3 pkgsrc/www/firefox78/Attic/distinfo (expand / switch to unified diff)

--- pkgsrc/www/firefox78/Attic/distinfo 2020/08/29 15:56:43 1.2
+++ pkgsrc/www/firefox78/Attic/distinfo 2020/09/24 04:31:07 1.3
@@ -1,19 +1,19 @@ @@ -1,19 +1,19 @@
1$NetBSD: distinfo,v 1.2 2020/08/29 15:56:43 nia Exp $ 1$NetBSD: distinfo,v 1.3 2020/09/24 04:31:07 nia Exp $
2 2
3SHA1 (firefox-78.2.0esr.source.tar.xz) = be371c42648f5581cbde2446f4de861d26104758 3SHA1 (firefox-78.3.0esr.source.tar.xz) = f2e0607bf57105e8741c0f941bcacee8a75d672a
4RMD160 (firefox-78.2.0esr.source.tar.xz) = 59095816729c680fdfdfdce99d515066e7ad56ce 4RMD160 (firefox-78.3.0esr.source.tar.xz) = d311378c9535ee5d53a13e94fd9a38b1b181de3a
5SHA512 (firefox-78.2.0esr.source.tar.xz) = 38f91a24634ce5d0c10340c9ac762071f8488f4bd7649bff9ed9cb1cbecda23e207b593118d38488810540e63be39d9c1c45c3b9a6acb477b6b2edf636e56d5b 5SHA512 (firefox-78.3.0esr.source.tar.xz) = 89e12797429d99760b294e302d803432f533b7c2c10f1fcd3781b89b27ec9698173d4fbf1bfe7506186602daf6666c09152407ce5668fb5b7391e38b5566f2f2
6Size (firefox-78.2.0esr.source.tar.xz) = 331996944 bytes 6Size (firefox-78.3.0esr.source.tar.xz) = 331073228 bytes
7SHA1 (patch-aa) = 11060461fdaca5661e89651b8ded4a59d2abc4d7 7SHA1 (patch-aa) = 11060461fdaca5661e89651b8ded4a59d2abc4d7
8SHA1 (patch-browser_app_profile_firefox.js) = 89cea0a66457c96ad0b94aaa524aa5942ad781d0 8SHA1 (patch-browser_app_profile_firefox.js) = 89cea0a66457c96ad0b94aaa524aa5942ad781d0
9SHA1 (patch-build_moz.configure_rust.configure) = ee9e207e67709f3c9455b4d22f5f254890e99ca8 9SHA1 (patch-build_moz.configure_rust.configure) = ee9e207e67709f3c9455b4d22f5f254890e99ca8
10SHA1 (patch-config_gcc-stl-wrapper.template.h) = 781a063fa6ab345face53fd88404ead11ab335b2 10SHA1 (patch-config_gcc-stl-wrapper.template.h) = 781a063fa6ab345face53fd88404ead11ab335b2
11SHA1 (patch-config_makefiles_rust.mk) = 8637cd3f56774648fd586c7ad8dd49e269b9eb2a 11SHA1 (patch-config_makefiles_rust.mk) = 8637cd3f56774648fd586c7ad8dd49e269b9eb2a
12SHA1 (patch-configure.in) = b40651b008dcecc49664660ac376df2bd7c2c6be 12SHA1 (patch-configure.in) = b40651b008dcecc49664660ac376df2bd7c2c6be
13SHA1 (patch-dom_base_nsAttrName.h) = ac7ba441a3b27df2855cf2673eea36b1cb44ad49 13SHA1 (patch-dom_base_nsAttrName.h) = ac7ba441a3b27df2855cf2673eea36b1cb44ad49
14SHA1 (patch-dom_media_CubebUtils.cpp) = 226821d961039ae5c9c50d8615757b73c6bcd80a 14SHA1 (patch-dom_media_CubebUtils.cpp) = 226821d961039ae5c9c50d8615757b73c6bcd80a
15SHA1 (patch-gfx_angle_checkout_src_common_third__party_smhasher_src_PMurHash.cpp) = e458c9c8dc66edc69c1874734af28a77fc5e3993 15SHA1 (patch-gfx_angle_checkout_src_common_third__party_smhasher_src_PMurHash.cpp) = e458c9c8dc66edc69c1874734af28a77fc5e3993
16SHA1 (patch-gfx_angle_checkout_src_compiler_translator_InfoSink.h) = 2f73c76c48852613e0c55c1680fcc2a9eb3cf4ef 16SHA1 (patch-gfx_angle_checkout_src_compiler_translator_InfoSink.h) = 2f73c76c48852613e0c55c1680fcc2a9eb3cf4ef
17SHA1 (patch-gfx_cairo_cairo_src_cairo-type1-subset.c) = 89a9d934ef76706c552c0b81e6cbc0f45b1ffd2c 17SHA1 (patch-gfx_cairo_cairo_src_cairo-type1-subset.c) = 89a9d934ef76706c552c0b81e6cbc0f45b1ffd2c
18SHA1 (patch-gfx_skia_skia_src_core_SkCpu.cpp) = 36218819254f3681b9c717d652ea78c9f20d49ad 18SHA1 (patch-gfx_skia_skia_src_core_SkCpu.cpp) = 36218819254f3681b9c717d652ea78c9f20d49ad
19SHA1 (patch-gfx_thebes_gfxPlatform.cpp) = f6f8996f0818a1b890698c7cc5054d49cb1e8924 19SHA1 (patch-gfx_thebes_gfxPlatform.cpp) = f6f8996f0818a1b890698c7cc5054d49cb1e8924