CVS commit: pkgsrc/www/firefox

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/www/firefox
From: "Ryo ONODERA" <ryoon%netbsd.org@localhost>
Date: Thu, 6 Feb 2025 03:11:29 +0000

Module Name:    pkgsrc
Committed By:   ryoon
Date:           Thu Feb  6 03:11:29 UTC 2025

Modified Files:
        pkgsrc/www/firefox: Makefile distinfo mozilla-common.mk
        pkgsrc/www/firefox/files: node-wrapper.sh
Removed Files:
        pkgsrc/www/firefox/patches: patch-gfx_wr_swgl_build.rs
            patch-third__party_rust_quinn-udp_src_unix.rs

Log Message:
www/firefox: Update to 135.0

Changelog:
135.0:
New

  * Firefox Translations now supports more languages than ever! Pages in
    Simplified Chinese, Japanese, and Korean can now be translated and Russian
    is now available as a target language for translating into.

  * The credit card autofill feature is now being gradually rolled out to all
    users globally.

    This feature is part of a progressive roll out.

  * AI Chatbot access is now being gradually rolled out to all users. To use
    this optional feature, choose AI Chatbot from the sidebar or from Firefox
    Labs. Then, complete the provider selection to see the chat interface
    become available on the sidebar.

    This feature is part of a progressive roll out.

  * Firefox now enforces certificate transparency, requiring web servers to
    provide sufficient proof that their certificates were publicly disclosed
    before they will be trusted. This only affects servers using certificates
    issued by a certificate authority in Mozilla's Root CA Program.

  * Additionally, the CRLite certificate revocation checking mechanism is also
    being gradually rolled out, substantially improving the performance of
    these checks.

    This feature is part of a progressive roll out.

  * Firefox now includes safeguards to prevent sites from abusing the history
    API by generating excessive history entries, which can make navigating with
    the back and forward buttons difficult by cluttering the history. This
    intervention ensures that such entries, unless interacted with by the user,
    are skipped when using the back and forward buttons.

  * Users on macOS and Linux are now given the option to close only the current
    tab if the Quit keyboard shortcut is used while multiple tabs are open in
    the window.

Fixed

  * Made improvements to the Translations feature which will reduce the
    likelihood that models will invent new, made-up words under some
    circumstances.

  * Various security fixes.

Changed

  * The refreshed New Tab layout previously rolled out in Firefox 134 to users
    in the United States is now being made available in all countries where
    Stories are available. It features a repositioned logo to prioritize Web
    Search, Shortcuts, and Recommended Stories at the top. The update also
    includes changes to the card UI for recommended stories and allows users
    with larger screens to see up to four columns for better use of space.
    Screenshot of the updated New Tab page

    This feature is part of a progressive roll out.

  * The "Do Not Track" checkbox has been removed from preferences. If you
    wish to ask websites to respect your privacy, you can use the "Tell
    websites not to sell or share my data" setting instead. This option is
    built on top of the Global Privacy Control (GPC).

  * The "Copy Without Site Tracking" menu item was renamed to "Copy Clean Link"
    to help clarify expectations around what the feature does. "Copy Clean
    Link" is a list based approach to remove known tracking parameters from
    links. This option can also now be used on plain text links.

  * Linux binaries are now provided in XZ format, replacing the previous BZ2
    format, offering faster unpacking and smaller file sizes.

Security fixes:
Mozilla Foundation Security Advisory 2025-07
#CVE-2025-1009: Use-after-free in XSLT
#CVE-2025-1010: Use-after-free in Custom Highlight
#CVE-2025-1018: Fullscreen notification is not displayed when fullscreen is
 re-requested
#CVE-2025-1011: A bug in WebAssembly code generation could result in a crash
#CVE-2025-1012: Use-after-free during concurrent delazification
#CVE-2025-1019: Fullscreen notification not properly displayed
#CVE-2025-1013: Potential opening of private browsing tabs in normal browsing
 windows
#CVE-2025-1014: Certificate length was not properly checked
#CVE-2025-1016: Memory safety bugs fixed in Firefox 135, Thunderbird 135,
 Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 115.20, and Thunderbird
 128.7
#CVE-2025-1017: Memory safety bugs fixed in Firefox 135, Thunderbird 135,
 Firefox ESR 128.7, and Thunderbird 128.7
#CVE-2025-1020: Memory safety bugs fixed in Firefox 135 and Thunderbird 135


To generate a diff of this commit:
cvs rdiff -u -r1.624 -r1.625 pkgsrc/www/firefox/Makefile
cvs rdiff -u -r1.551 -r1.552 pkgsrc/www/firefox/distinfo
cvs rdiff -u -r1.293 -r1.294 pkgsrc/www/firefox/mozilla-common.mk
cvs rdiff -u -r1.25 -r1.26 pkgsrc/www/firefox/files/node-wrapper.sh
cvs rdiff -u -r1.3 -r0 pkgsrc/www/firefox/patches/patch-gfx_wr_swgl_build.rs
cvs rdiff -u -r1.1 -r0 \
    pkgsrc/www/firefox/patches/patch-third__party_rust_quinn-udp_src_unix.rs

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/www/firefox/Makefile
diff -u pkgsrc/www/firefox/Makefile:1.624 pkgsrc/www/firefox/Makefile:1.625
--- pkgsrc/www/firefox/Makefile:1.624   Thu Jan 23 14:28:52 2025
+++ pkgsrc/www/firefox/Makefile Thu Feb  6 03:11:29 2025
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.624 2025/01/23 14:28:52 ryoon Exp $
+# $NetBSD: Makefile,v 1.625 2025/02/06 03:11:29 ryoon Exp $
 
 FIREFOX_VER=           ${MOZ_BRANCH}${MOZ_BRANCH_MINOR}
-MOZ_BRANCH=            134.0
-MOZ_BRANCH_MINOR=      .2
+MOZ_BRANCH=            135.0
+MOZ_BRANCH_MINOR=      
 
 DISTNAME=      firefox-${FIREFOX_VER}.source
 PKGNAME=       ${DISTNAME:S/.source//:S/b/beta/:S/esr//}
@@ -11,7 +11,7 @@ MASTER_SITES+=        ${MASTER_SITE_MOZILLA:=fi
 MASTER_SITES+= ${MASTER_SITE_MOZILLA_ALL:=firefox/releases/${FIREFOX_VER}/source/}
 EXTRACT_SUFX=  .tar.xz
 
-NODEJSKIT=             nodejs-output-134.0.tgz
+NODEJSKIT=             nodejs-output-135.0.tgz
 DISTFILES=             ${DEFAULT_DISTFILES} ${NODEJSKIT}
 SITES.${NODEJSKIT}=    ${MASTER_SITE_LOCAL}
 

Index: pkgsrc/www/firefox/distinfo
diff -u pkgsrc/www/firefox/distinfo:1.551 pkgsrc/www/firefox/distinfo:1.552
--- pkgsrc/www/firefox/distinfo:1.551   Thu Jan 23 14:28:52 2025
+++ pkgsrc/www/firefox/distinfo Thu Feb  6 03:11:29 2025
@@ -1,11 +1,11 @@
-$NetBSD: distinfo,v 1.551 2025/01/23 14:28:52 ryoon Exp $
+$NetBSD: distinfo,v 1.552 2025/02/06 03:11:29 ryoon Exp $
 
-BLAKE2s (firefox-134.0.2.source.tar.xz) = 1887d9c0a72b8add58e7d5c4949718b2a817e32e29ef43362ea9de4202ed9072
-SHA512 (firefox-134.0.2.source.tar.xz) = 74d631ecbdb5607cfcc4de408947b3b129e36b3d1daa501827aebc81f48c878f9bade875875c466c07c651f26b5388ff2d2d2087e66e0613d8914abaa7ddf5ae
-Size (firefox-134.0.2.source.tar.xz) = 589962348 bytes
-BLAKE2s (nodejs-output-134.0.tgz) = 1d900a20f884e28a27c0c06e69a1e18f15b54091f7ef6428bd80516402a7a317
-SHA512 (nodejs-output-134.0.tgz) = 90f4b184bf7505bd490d9be399e21f3e077f760eab1e2e4591359da9131fa6b78751984aa492bd4b192b251f02e2bad650e50425edef88b8208a03d6bc021496
-Size (nodejs-output-134.0.tgz) = 248692 bytes
+BLAKE2s (firefox-135.0.source.tar.xz) = 36dbfed572cc141e205d39c153c9e7e49281e57951c8c276e3aa157d7bff88d2
+SHA512 (firefox-135.0.source.tar.xz) = 7d283bcefe1e328901f15a88f5ff3da566bb0495ce5b9e3895e7a156020126a5743b6bffd69d94d9eb812e1868195ae92db162d29a5d98ee118fdb238469c089
+Size (firefox-135.0.source.tar.xz) = 613526736 bytes
+BLAKE2s (nodejs-output-135.0.tgz) = 26886f878dfa807508af768ced79c944b47fe491a83c63d1cd1570f4347bc360
+SHA512 (nodejs-output-135.0.tgz) = 293ce8b0bc818470e30c327794aae9c21df4ee9dbaddcc07be507799def22b8a3c8dc3fb7c7bb2d41338855c7b48dc2edbfa110bc1c438a7d48d0f96bf1c994e
+Size (nodejs-output-135.0.tgz) = 251502 bytes
 SHA1 (patch-browser_app_profile_firefox.js) = bc719edef37d18655ba79b030270438ee166fdaf
 SHA1 (patch-build_moz.configure_init.configure) = 65deb3c233df0aab81eb1fca05d708e5a4ed169a
 SHA1 (patch-build_moz.configure_rust.configure) = 25ddfacd29cebbc6db005dbe61a2a7446d480678
@@ -15,7 +15,6 @@ SHA1 (patch-dom_base_nsAttrName.h) = ac7
 SHA1 (patch-dom_webtransport_api_WebTransportDatagramDuplexStream.cpp) = b93b4c6367bd2fb3d1868ab7d97ca56c100be414
 SHA1 (patch-gfx_angle_checkout_src_common_third__party_smhasher_src_PMurHash.cpp) = e458c9c8dc66edc69c1874734af28a77fc5e3993
 SHA1 (patch-gfx_angle_checkout_src_compiler_translator_InfoSink.h) = b2adce9e65662283a11b6dcff40e95523e940045
-SHA1 (patch-gfx_wr_swgl_build.rs) = df6ebfaabb4d27994e59a9d0eaf12c7cf08415fb
 SHA1 (patch-ipc_chromium_src_base_message__pump__libevent.cc) = 298642a3527804115b398fb7904a3596962932e3
 SHA1 (patch-ipc_chromium_src_base_platform__thread__posix.cc) = 753bb4e90758f5b42a51bbc073b328de673988cf
 SHA1 (patch-ipc_glue_GeckoChildProcessHost.cpp) = 63fbee04321f7ade20db4ccc1a1218b848344ce1
@@ -38,7 +37,6 @@ SHA1 (patch-third__party_libwebrtc_modul
 SHA1 (patch-third__party_libwebrtc_rtc__base_physical__socket__server.cc) = 6909c4da9e7b3785252e5bce9be0ff47ebb87e01
 SHA1 (patch-third__party_libwebrtc_system__wrappers_source_cpu__features__linux.cc) = b90e22b50879f7adcc1da3a993f52c0701b720f8
 SHA1 (patch-third__party_python_dlmanager_check.py) = 69054522d8ced8cb47e65e5a8b1a87ed5ce6708e
-SHA1 (patch-third__party_rust_quinn-udp_src_unix.rs) = 1c59c052dbf8169e8527bf3fd9d34a9533d2e62f
 SHA1 (patch-third__party_sqlite3_ext_moz.build) = 2df374daa1c974b52db602613508e4fc965a7bcd
 SHA1 (patch-third__party_sqlite3_src_moz.build) = b26856a4b87aa12211575d9982f62dc899474b52
 SHA1 (patch-third__party_wasm2c_src_prebuilt_wasm2c__source__includes.cc) = 99d0db944f0c2d0c623460991efd423d9127c988

Index: pkgsrc/www/firefox/mozilla-common.mk
diff -u pkgsrc/www/firefox/mozilla-common.mk:1.293 pkgsrc/www/firefox/mozilla-common.mk:1.294
--- pkgsrc/www/firefox/mozilla-common.mk:1.293  Fri Jan 17 17:24:23 2025
+++ pkgsrc/www/firefox/mozilla-common.mk        Thu Feb  6 03:11:29 2025
@@ -1,4 +1,4 @@
-# $NetBSD: mozilla-common.mk,v 1.293 2025/01/17 17:24:23 gutteridge Exp $
+# $NetBSD: mozilla-common.mk,v 1.294 2025/02/06 03:11:29 ryoon Exp $
 #
 # common Makefile fragment for mozilla packages based on gecko 2.0.
 #
@@ -41,19 +41,19 @@ TOOL_DEPENDS+=              yasm>=1.1:../../devel/ya
 CFLAGS+=               -msse2
 .endif
 
-CKSUM_CRATES+= third_party/rust/quinn-udp
-
-CKSUMS+=       b8e595499055115d15bfb95259c0c585934adf55f61e365bcc9fc47ab8fa9cdd
-CKSUMS+=       7be04be65b1606fd2560d572ba5a6238a645075555085d5e9cef15d10b0b8024
-
-SUBST_CLASSES+=                cksum
-SUBST_STAGE.cksum=     pre-configure
-.for crate in ${CKSUM_CRATES}
-SUBST_FILES.cksum+=    ${crate}/.cargo-checksum.json
-.endfor
-.for from to in ${CKSUMS}
-SUBST_SED.cksum+=      -e 's,${from},${to},g'
-.endfor
+#CKSUM_CRATES+=        third_party/rust/quinn-udp
+#
+#CKSUMS+=      b8e595499055115d15bfb95259c0c585934adf55f61e365bcc9fc47ab8fa9cdd
+#CKSUMS+=      7be04be65b1606fd2560d572ba5a6238a645075555085d5e9cef15d10b0b8024
+#
+#SUBST_CLASSES+=               cksum
+#SUBST_STAGE.cksum=    pre-configure
+#.for crate in ${CKSUM_CRATES}
+#SUBST_FILES.cksum+=   ${crate}/.cargo-checksum.json
+#.endfor
+#.for from to in ${CKSUMS}
+#SUBST_SED.cksum+=     -e 's,${from},${to},g'
+#.endfor
 
 # This is to work around build failures where an upstream configuration script
 # is confused by having more than one approximate match to MACHINE_GNU_PLATFORM

Index: pkgsrc/www/firefox/files/node-wrapper.sh
diff -u pkgsrc/www/firefox/files/node-wrapper.sh:1.25 pkgsrc/www/firefox/files/node-wrapper.sh:1.26
--- pkgsrc/www/firefox/files/node-wrapper.sh:1.25       Tue Jan 14 13:36:15 2025
+++ pkgsrc/www/firefox/files/node-wrapper.sh    Thu Feb  6 03:11:29 2025
@@ -1,6 +1,6 @@
 #! /bin/sh
 
-VERS=v23.6.0
+VERS=v23.7.0
 
 if [ "$1" = "-v" ] || [ "$1" = "--version" ]; then
        printf "${VERS}\n"

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index