[pkgsrc/trunk]: pkgsrc/www/firefox45 Update to 45.8.0

[ryoon <ryoon%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/11404c97f2ea
branches:  trunk
changeset: 360165:11404c97f2ea
user:      ryoon <ryoon%pkgsrc.org@localhost>
date:      Sun Mar 26 03:53:34 2017 +0000

description:
Update to 45.8.0

Changelog:
 #CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP
 #CVE-2017-5401: Memory Corruption when handling ErrorResult
 #CVE-2017-5402: Use-after-free working with events in FontFace objects
 #CVE-2017-5404: Use-after-free working with ranges in selections
 #CVE-2017-5407: Pixel and history stealing via floating-point timing side channel with SVG filters
 #CVE-2017-5410: Memory corruption during JavaScript garbage collection incremental sweeping
 #CVE-2017-5409: File deletion via callback parameter in Mozilla Windows Updater and Maintenance Service
 #CVE-2017-5408: Cross-origin reading of video captions in violation of CORS
 #CVE-2017-5405: FTP response codes can cause use of uninitialized values for ports
 #CVE-2017-5398: Memory safety bugs fixed in Firefox 52 and Firefox ESR 45.8

diffstat:

 www/firefox45/Makefile                                                       |   4 +-
 www/firefox45/distinfo                                                       |  12 +++++-----
 www/firefox45/mozilla-common.mk                                              |   4 +-
 www/firefox45/patches/patch-ipc_chromium_src_base_message__pump__libevent.cc |  10 +++-----
 4 files changed, 14 insertions(+), 16 deletions(-)

diffs (85 lines):

diff -r dd1b41b3b2cb -r 11404c97f2ea www/firefox45/Makefile
--- a/www/firefox45/Makefile    Sun Mar 26 00:48:44 2017 +0000
+++ b/www/firefox45/Makefile    Sun Mar 26 03:53:34 2017 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.21 2017/02/12 06:26:08 ryoon Exp $
+# $NetBSD: Makefile,v 1.22 2017/03/26 03:53:34 ryoon Exp $
 
 MOZILLA_PKG_NAME=      firefox45
 FIREFOX_VER=   ${MOZ_BRANCH}${MOZ_BRANCH_MINOR}
-MOZ_BRANCH=    45.7
+MOZ_BRANCH=    45.8
 MOZ_BRANCH_MINOR=      .0esr
 
 DISTNAME=      firefox-${FIREFOX_VER}.source
diff -r dd1b41b3b2cb -r 11404c97f2ea www/firefox45/distinfo
--- a/www/firefox45/distinfo    Sun Mar 26 00:48:44 2017 +0000
+++ b/www/firefox45/distinfo    Sun Mar 26 03:53:34 2017 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.12 2017/02/08 07:32:01 maya Exp $
+$NetBSD: distinfo,v 1.13 2017/03/26 03:53:34 ryoon Exp $
 
-SHA1 (firefox-45.7.0esr.source.tar.xz) = d995e19d45fe7fbb404f2bbba87f0eb1d6da3b2b
-RMD160 (firefox-45.7.0esr.source.tar.xz) = 2731601efc07ad538e292d9bfb0de3532fc052dd
-SHA512 (firefox-45.7.0esr.source.tar.xz) = 6424101b6958191ce654d0619950dfbf98d4aa6bdd979306a2df8d6d30d3fecf1ab44638061a2b4fb1af85fe972f5ff49400e8eeda30cdcb9087c4b110b97a7d
-Size (firefox-45.7.0esr.source.tar.xz) = 184131284 bytes
+SHA1 (firefox-45.8.0esr.source.tar.xz) = 7b1eb51634f9127ecf5855b487948851b9cc3323
+RMD160 (firefox-45.8.0esr.source.tar.xz) = 5040a829dd9f83e7c120249a8b8ebecb8bc8ed54
+SHA512 (firefox-45.8.0esr.source.tar.xz) = f7b5e0c659b2e824cee7f3784e2d72c562915af91c7e316ec1519305755d2126d91b74c47f96c8b4fc7377710f295545c58b2f989c65c268fc23677ef8cf5c85
+Size (firefox-45.8.0esr.source.tar.xz) = 185229628 bytes
 SHA1 (patch-aa) = c97ef4b107ea917c2a10d1a1fdaf524d794612a0
 SHA1 (patch-ao) = f4244b8e3d89743cb97395913e8916f7121c172e
 SHA1 (patch-as) = d5d7f8250a9cd462f25d529c2a79c59a1bba9db2
@@ -47,7 +47,7 @@
 SHA1 (patch-ipc_chromium_src_base_atomicops.h) = 24b63a6e51d9ab27f2788ee02f2ffa7e1c36f29a
 SHA1 (patch-ipc_chromium_src_base_file__util__posix.cc) = 70772ab2a474b7d3d15cf401c636ca843cfe2034
 SHA1 (patch-ipc_chromium_src_base_message__loop.cc) = 16158489773bbcba35e224d30bebace0c93599ae
-SHA1 (patch-ipc_chromium_src_base_message__pump__libevent.cc) = 2c5ce6290760e0435365dac788d283f9bb78acd9
+SHA1 (patch-ipc_chromium_src_base_message__pump__libevent.cc) = 8c3d2604df0e05d259e3c2b5d39fb2855ffdf449
 SHA1 (patch-ipc_chromium_src_base_platform__thread.h) = e6d7ac39a8b2a1b232638f7671e8530acfed0b97
 SHA1 (patch-ipc_chromium_src_base_platform__thread__posix.cc) = 6c98bbecde21b8571c71477f351488d9a3da45f3
 SHA1 (patch-ipc_chromium_src_base_process__util.h) = 4b24c3467866a601d68bb83f44e5fd38fb27188d
diff -r dd1b41b3b2cb -r 11404c97f2ea www/firefox45/mozilla-common.mk
--- a/www/firefox45/mozilla-common.mk   Sun Mar 26 00:48:44 2017 +0000
+++ b/www/firefox45/mozilla-common.mk   Sun Mar 26 03:53:34 2017 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: mozilla-common.mk,v 1.5 2017/01/01 14:44:03 wiz Exp $
+# $NetBSD: mozilla-common.mk,v 1.6 2017/03/26 03:53:34 ryoon Exp $
 #
 # common Makefile fragment for mozilla packages based on gecko 2.0.
 #
@@ -180,7 +180,7 @@
 # problem is stealthy in a networked environment, and obvious in an
 # offline environment.
 #
-BUILD_DEPENDS+=        ${PYPKGPREFIX}-sqlite2-[0-9]*:../../databases/py-sqlite2
+#BUILD_DEPENDS+=       ${PYPKGPREFIX}-sqlite2-[0-9]*:../../databases/py-sqlite2
 
 # Makefiles sometimes call "rm -f" without more arguments. Kludge around ...
 .PHONY: create-rm-wrapper
diff -r dd1b41b3b2cb -r 11404c97f2ea www/firefox45/patches/patch-ipc_chromium_src_base_message__pump__libevent.cc
--- a/www/firefox45/patches/patch-ipc_chromium_src_base_message__pump__libevent.cc      Sun Mar 26 00:48:44 2017 +0000
+++ b/www/firefox45/patches/patch-ipc_chromium_src_base_message__pump__libevent.cc      Sun Mar 26 03:53:34 2017 +0000
@@ -1,18 +1,16 @@
-$NetBSD: patch-ipc_chromium_src_base_message__pump__libevent.cc,v 1.1 2016/04/27 16:36:50 ryoon Exp $
+$NetBSD: patch-ipc_chromium_src_base_message__pump__libevent.cc,v 1.2 2017/03/26 03:53:34 ryoon Exp $
 
-Allow older libevent
-
---- ipc/chromium/src/base/message_pump_libevent.cc.orig        2016-01-23 23:23:38.000000000 +0000
+--- ipc/chromium/src/base/message_pump_libevent.cc.orig        2017-02-24 16:14:48.000000000 +0000
 +++ ipc/chromium/src/base/message_pump_libevent.cc
 @@ -20,6 +20,7 @@
  
  // This macro checks that the _EVENT_SIZEOF_* constants defined in
  // ipc/chromiume/src/third_party/<platform>/event2/event-config.h are correct.
 +#if 0
+ #if defined(_EVENT_SIZEOF_SHORT)
  #define CHECK_EVENT_SIZEOF(TYPE, type) \
      static_assert(_EVENT_SIZEOF_##TYPE == sizeof(type), \
-     "bad _EVENT_SIZEOF_"#TYPE);
-@@ -30,6 +31,7 @@ CHECK_EVENT_SIZEOF(PTHREAD_T, pthread_t)
+@@ -38,6 +39,7 @@ CHECK_EVENT_SIZEOF(PTHREAD_T, pthread_t)
  CHECK_EVENT_SIZEOF(SHORT,     short);
  CHECK_EVENT_SIZEOF(SIZE_T,    size_t);
  CHECK_EVENT_SIZEOF(VOID_P,    void*);