Need help improving the security of Mozilla packages

To: tech-pkg%netbsd.org@localhost
Subject: Need help improving the security of Mozilla packages
From: nia <nia%NetBSD.org@localhost>
Date: Wed, 11 Nov 2020 22:37:45 +0000

Hi,

There's patches in pkgsrc that make Firefox PaX-MPROTECT safe on NetBSD
for three versions now, www/firefox, www/firefox78, and www/firefox52.
There is also a patch for lang/mozjs68.

The following packages still need to be fixed. Building and testing all
of them will take me a long time alone:

- lang/mozjs60
- mail/thunderbird52 (based on www/firefox52)
- mail/thunderbird68 (based on www/firefox68)
- mail/thunderbird (based on www/firefox78)
- security/tor-browser (based on www/firefox78)
- www/cliqz
- www/seamonkey

If you want to help, it should be easy to copy the patches from
the most appropriate Firefox version into these packages. You need
the following:

- patch-js_src_vm_ArrayBufferObject.cpp
- patch-js_src_jit_ProcessExecutableMemory.cpp

After the patches are applied, you should be able to remove
NOT_PAX_MPROTECT_SAFE from the package, and bump the revision.

Thanks! (this message is BCCed to the maintainers of said packages)

Follow-Ups:
- Re: Need help improving the security of Mozilla packages
  - From: nia

Prev by Date: Re: New BLAS/LAPACK system
Next by Date: Re: Need help improving the security of Mozilla packages
Previous by Thread: Firefox pkg broken: gcc vs. clang confusion
Next by Thread: Re: Need help improving the security of Mozilla packages
Indexes:

Home | Main Index | Thread Index | Old Index