Sun Jun 5 06:09:37 2022 UTC ()
Pullup ticket #6635 - requested by nia
www/firefox91: security update

Revisions pulled up:
- www/firefox91/Makefile                                        1.18
- www/firefox91/distinfo                                        1.13
- www/firefox91/patches/patch-browser_app_profile_firefox.js    1.2

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Mon May 16 21:16:00 UTC 2022

   Modified Files:
   	pkgsrc/www/firefox91: Makefile distinfo
   	pkgsrc/www/firefox91/patches: patch-browser_app_profile_firefox.js

   Log Message:
   firefox91: update to 91.9.0

   Security Vulnerabilities fixed in Firefox ESR 91.9

       #CVE-2022-29914: Fullscreen notification bypass using popups

       #CVE-2022-29909: Bypassing permission prompt in nested browsing contexts

       #CVE-2022-29916: Leaking browser history with CSS variables

       #CVE-2022-29911: iframe Sandbox bypass

       #CVE-2022-29912: Reader mode bypassed SameSite cookies

       #CVE-2022-29917: Memory safety bugs fixed in Firefox 100 and Firefox ESR
       91.9

   To generate a diff of this commit:
   cvs rdiff -u -r1.17 -r1.18 pkgsrc/www/firefox91/Makefile
   cvs rdiff -u -r1.12 -r1.13 pkgsrc/www/firefox91/distinfo
   cvs rdiff -u -r1.1 -r1.2 \
       pkgsrc/www/firefox91/patches/patch-browser_app_profile_firefox.js


(spz)
diff -r1.15.2.1 -r1.15.2.2 pkgsrc/www/firefox91/Makefile
diff -r1.11.2.1 -r1.11.2.2 pkgsrc/www/firefox91/distinfo
diff -r1.1 -r1.1.6.1 pkgsrc/www/firefox91/patches/patch-browser_app_profile_firefox.js
cvs diff -r1.15.2.1 -r1.15.2.2 pkgsrc/www/firefox91/Makefile (expand / switch to unified diff)

--- pkgsrc/www/firefox91/Makefile 2022/04/13 07:16:37 1.15.2.1
+++ pkgsrc/www/firefox91/Makefile 2022/06/05 06:09:37 1.15.2.2
@@ -1,17 +1,17 @@ @@ -1,17 +1,17 @@
1# $NetBSD: Makefile,v 1.15.2.1 2022/04/13 07:16:37 bsiegert Exp $ 1# $NetBSD: Makefile,v 1.15.2.2 2022/06/05 06:09:37 spz Exp $
2 2
3FIREFOX_VER= ${MOZ_BRANCH}${MOZ_BRANCH_MINOR} 3FIREFOX_VER= ${MOZ_BRANCH}${MOZ_BRANCH_MINOR}
4MOZ_BRANCH= 91.8 4MOZ_BRANCH= 91.9
5MOZ_BRANCH_MINOR= .0esr 5MOZ_BRANCH_MINOR= .0esr
6 6
7DISTNAME= firefox-${FIREFOX_VER}.source 7DISTNAME= firefox-${FIREFOX_VER}.source
8PKGNAME= ${DISTNAME:S/.source//:S/b/beta/:S/esr//:S/firefox-/firefox91-/} 8PKGNAME= ${DISTNAME:S/.source//:S/b/beta/:S/esr//:S/firefox-/firefox91-/}
9CATEGORIES= www 9CATEGORIES= www
10MASTER_SITES+= ${MASTER_SITE_MOZILLA:=firefox/releases/${FIREFOX_VER}/source/} 10MASTER_SITES+= ${MASTER_SITE_MOZILLA:=firefox/releases/${FIREFOX_VER}/source/}
11EXTRACT_SUFX= .tar.xz 11EXTRACT_SUFX= .tar.xz
12 12
13DISTFILES= ${DEFAULT_DISTFILES} nodejs-output-91.0.tgz 13DISTFILES= ${DEFAULT_DISTFILES} nodejs-output-91.0.tgz
14SITES.nodejs-output-91.0.tgz= ${MASTER_SITE_LOCAL} 14SITES.nodejs-output-91.0.tgz= ${MASTER_SITE_LOCAL}
15 15
16MAINTAINER= ryoon@NetBSD.org 16MAINTAINER= ryoon@NetBSD.org
17HOMEPAGE= https://www.mozilla.org/en-US/firefox/ 17HOMEPAGE= https://www.mozilla.org/en-US/firefox/
cvs diff -r1.11.2.1 -r1.11.2.2 pkgsrc/www/firefox91/distinfo (expand / switch to unified diff)

--- pkgsrc/www/firefox91/distinfo 2022/04/13 07:16:37 1.11.2.1
+++ pkgsrc/www/firefox91/distinfo 2022/06/05 06:09:37 1.11.2.2
@@ -1,23 +1,23 @@ @@ -1,23 +1,23 @@
1$NetBSD: distinfo,v 1.11.2.1 2022/04/13 07:16:37 bsiegert Exp $ 1$NetBSD: distinfo,v 1.11.2.2 2022/06/05 06:09:37 spz Exp $
2 2
3BLAKE2s (firefox-91.8.0esr.source.tar.xz) = 7d5e0d909d4a7e71e011dfe2c08802bb12aeb5fc5a807a57a30b9430e87c8de6 3BLAKE2s (firefox-91.9.0esr.source.tar.xz) = 36fec9568a45386572e6383d942a091718db5bca2aad13a1bc4448beb45995f1
4SHA512 (firefox-91.8.0esr.source.tar.xz) = edea2c7d4d3d0322091b20b623019ef041090d9f89f33c8e3140f66a54624261f278257393db70d2038154de8ee02da0bee6ecf85c281f3558338da71fc173c3 4SHA512 (firefox-91.9.0esr.source.tar.xz) = fd69d489429052013d2c1b8b766a47920ecee62f0688505758f593b27ae66d6343b9107163749406251aedebdf836147e4d562415a811b04d7ab2ae31e32f133
5Size (firefox-91.8.0esr.source.tar.xz) = 380325092 bytes 5Size (firefox-91.9.0esr.source.tar.xz) = 384516460 bytes
6BLAKE2s (nodejs-output-91.0.tgz) = 5007b8d20d6264a4cd573b465643cff83c2adc75ad7dd9fba97ff5fcae787c9f 6BLAKE2s (nodejs-output-91.0.tgz) = 5007b8d20d6264a4cd573b465643cff83c2adc75ad7dd9fba97ff5fcae787c9f
7SHA512 (nodejs-output-91.0.tgz) = 3a457101a4aaa5ae955b77c41ba6b0d98eb5dd0ae9d6d8cc77c0c7bc0e844238a9c0d86cd1838ffb6a37ad8851f871c21e4ca1bb59d11e58fc42c5fec88c298c 7SHA512 (nodejs-output-91.0.tgz) = 3a457101a4aaa5ae955b77c41ba6b0d98eb5dd0ae9d6d8cc77c0c7bc0e844238a9c0d86cd1838ffb6a37ad8851f871c21e4ca1bb59d11e58fc42c5fec88c298c
8Size (nodejs-output-91.0.tgz) = 201061 bytes 8Size (nodejs-output-91.0.tgz) = 201061 bytes
9SHA1 (patch-aa) = 15b8567cee2af9853f6949c80345ffcb1fd3852a 9SHA1 (patch-aa) = 15b8567cee2af9853f6949c80345ffcb1fd3852a
10SHA1 (patch-browser_app_profile_firefox.js) = 89cea0a66457c96ad0b94aaa524aa5942ad781d0 10SHA1 (patch-browser_app_profile_firefox.js) = 7f6b4361fe62ccc2d1c092a5ace97ea2085727bf
11SHA1 (patch-build_moz.configure_rust.configure) = 25ddfacd29cebbc6db005dbe61a2a7446d480678 11SHA1 (patch-build_moz.configure_rust.configure) = 25ddfacd29cebbc6db005dbe61a2a7446d480678
12SHA1 (patch-config_gcc-stl-wrapper.template.h) = 9d88c7b1ccfdd3c6bd2dcd9530a36ad4a501d97a 12SHA1 (patch-config_gcc-stl-wrapper.template.h) = 9d88c7b1ccfdd3c6bd2dcd9530a36ad4a501d97a
13SHA1 (patch-config_makefiles_rust.mk) = 72d7e9ecee3ccf7ef5f741aac8e35509b41ab7b8 13SHA1 (patch-config_makefiles_rust.mk) = 72d7e9ecee3ccf7ef5f741aac8e35509b41ab7b8
14SHA1 (patch-dom_base_nsAttrName.h) = ac7ba441a3b27df2855cf2673eea36b1cb44ad49 14SHA1 (patch-dom_base_nsAttrName.h) = ac7ba441a3b27df2855cf2673eea36b1cb44ad49
15SHA1 (patch-gfx_angle_checkout_src_common_third__party_smhasher_src_PMurHash.cpp) = e458c9c8dc66edc69c1874734af28a77fc5e3993 15SHA1 (patch-gfx_angle_checkout_src_common_third__party_smhasher_src_PMurHash.cpp) = e458c9c8dc66edc69c1874734af28a77fc5e3993
16SHA1 (patch-gfx_angle_checkout_src_compiler_translator_InfoSink.h) = 2db2859ff7dbd01c24f6bd038bb3c9ba69821115 16SHA1 (patch-gfx_angle_checkout_src_compiler_translator_InfoSink.h) = 2db2859ff7dbd01c24f6bd038bb3c9ba69821115
17SHA1 (patch-gfx_cairo_cairo_src_cairo-type1-subset.c) = 89a9d934ef76706c552c0b81e6cbc0f45b1ffd2c 17SHA1 (patch-gfx_cairo_cairo_src_cairo-type1-subset.c) = 89a9d934ef76706c552c0b81e6cbc0f45b1ffd2c
18SHA1 (patch-gfx_skia_skia_src_core_SkCpu.cpp) = 36218819254f3681b9c717d652ea78c9f20d49ad 18SHA1 (patch-gfx_skia_skia_src_core_SkCpu.cpp) = 36218819254f3681b9c717d652ea78c9f20d49ad
19SHA1 (patch-gfx_thebes_gfxPlatform.cpp) = f6f8996f0818a1b890698c7cc5054d49cb1e8924 19SHA1 (patch-gfx_thebes_gfxPlatform.cpp) = f6f8996f0818a1b890698c7cc5054d49cb1e8924
20SHA1 (patch-gfx_wr_swgl_build.rs) = df6ebfaabb4d27994e59a9d0eaf12c7cf08415fb 20SHA1 (patch-gfx_wr_swgl_build.rs) = df6ebfaabb4d27994e59a9d0eaf12c7cf08415fb
21SHA1 (patch-ipc_chromium_src_base_message__pump__libevent.cc) = 4a6606da590cfb8d855bde58b9c6f90e98d0870c 21SHA1 (patch-ipc_chromium_src_base_message__pump__libevent.cc) = 4a6606da590cfb8d855bde58b9c6f90e98d0870c
22SHA1 (patch-ipc_chromium_src_base_platform__thread__posix.cc) = 35d20981d33ccdb1d8ffb8039e48798777f11658 22SHA1 (patch-ipc_chromium_src_base_platform__thread__posix.cc) = 35d20981d33ccdb1d8ffb8039e48798777f11658
23SHA1 (patch-ipc_glue_GeckoChildProcessHost.cpp) = 260c29bacd8bf265951b7a412f850bf2b292c836 23SHA1 (patch-ipc_glue_GeckoChildProcessHost.cpp) = 260c29bacd8bf265951b7a412f850bf2b292c836
cvs diff -r1.1 -r1.1.6.1 pkgsrc/www/firefox91/patches/patch-browser_app_profile_firefox.js (expand / switch to unified diff)

--- pkgsrc/www/firefox91/patches/patch-browser_app_profile_firefox.js 2021/09/08 22:19:50 1.1
+++ pkgsrc/www/firefox91/patches/patch-browser_app_profile_firefox.js 2022/06/05 06:09:37 1.1.6.1
@@ -1,17 +1,28 @@ @@ -1,17 +1,28 @@
1$NetBSD: patch-browser_app_profile_firefox.js,v 1.1 2021/09/08 22:19:50 nia Exp $ 1$NetBSD: patch-browser_app_profile_firefox.js,v 1.1.6.1 2022/06/05 06:09:37 spz Exp $
2 2
3--- browser/app/profile/firefox.js.orig 2019-07-06 01:48:29.000000000 +0000 3This patch modifies default Firefox settings - see the comments above
 4each one.
 5
 6--- browser/app/profile/firefox.js.orig 2022-04-28 23:01:46.000000000 +0000
4+++ browser/app/profile/firefox.js 7+++ browser/app/profile/firefox.js
5@@ -1851,6 +1851,12 @@ pref("fission.frontend.simulate-messages 8@@ -2205,6 +2205,20 @@ pref("fission.frontend.simulate-messages
6 pref("toolkit.coverage.enabled", false); 9 pref("toolkit.coverage.enabled", false);
7 pref("toolkit.coverage.endpoint.base", "https://coverage.mozilla.org"); 10 pref("toolkit.coverage.endpoint.base", "https://coverage.mozilla.org");
8  11
9+// Select UI locale from LANG/LC_MESSAGE environmental variables 12+// Select UI locale from LANG/LC_MESSAGE environmental variables
10+pref("intl.locale.requested", ""); 13+pref("intl.locale.requested", "");
11+ 14+
12+// Enable system addons, for example langpacks from www/firefox-l10n 15+// Enable system addons, for example langpacks from www/firefox-l10n
13+pref("extensions.autoDisableScopes", 11); 16+pref("extensions.autoDisableScopes", 11);
14+ 17+
 18+// Firefox includes a complex mechanism for "blacklisting" GPUs that
 19+// appears to fail on a NetBSD system where the only available OpenGL
 20+// implementations are all from Mesa. WebRender was supposed to be
 21+// enabled by default from Firefox 91 onwards and appears to greatly
 22+// improve performance even with acceleration disabled at the kernel
 23+// level.
 24+pref("gfx.webrender.all", true);
 25+
15 // Discovery prefs 26 // Discovery prefs
16 pref("browser.discovery.enabled", true); 27 pref("browser.discovery.enabled", true);
17 pref("browser.discovery.containers.enabled", true); 28 pref("browser.discovery.containers.enabled", true);