pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/pkgsrc-2019Q4]: pkgsrc/www/firefox68 Pullup ticket #6134 - requested ...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/ff6c4abd2fec
branches:  pkgsrc-2019Q4
changeset: 411902:ff6c4abd2fec
user:      bsiegert <bsiegert%pkgsrc.org@localhost>
date:      Sun Feb 23 11:50:10 2020 +0000

description:
Pullup ticket #6134 - requested by nia
www/firefox68: security fix

Revisions pulled up:
- www/firefox68/Makefile                                        1.12
- www/firefox68/PLIST                                           1.4
- www/firefox68/distinfo                                        1.10

---
   Module Name: pkgsrc
   Committed By:        nia
   Date:                Sat Feb 15 12:48:22 UTC 2020

   Modified Files:
        pkgsrc/www/firefox68: Makefile PLIST distinfo

   Log Message:
   firefox68: Update to 68.5.0

   Security Vulnerabilities fixed in Firefox ESR68.5

   # CVE-2020-6796: Missing bounds check on shared memory read in the parent process
   # CVE-2020-6797: Extensions granted downloads.open permission could open arbitrary applications on Mac OSX
   # CVE-2020-6798: Incorrect parsing of template tag could result in JavaScript injection
   # CVE-2020-6799: Arbitrary code execution when opening pdf links from other applications, when Firefox is configured as default pdf reader
        Note: This issue only affects Windows operating systems and when Firefox is configured as the default handler for non-default filetypes. Other operating systems are unaffected.
   # CVE-2020-6800: Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5

diffstat:

 www/firefox68/Makefile |   6 +++---
 www/firefox68/PLIST    |  19 +++++++++++++------
 www/firefox68/distinfo |  10 +++++-----
 3 files changed, 21 insertions(+), 14 deletions(-)

diffs (103 lines):

diff -r 754984b9b345 -r ff6c4abd2fec www/firefox68/Makefile
--- a/www/firefox68/Makefile    Sat Feb 22 19:45:30 2020 +0000
+++ b/www/firefox68/Makefile    Sun Feb 23 11:50:10 2020 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.5.4.1 2020/01/10 13:56:19 bsiegert Exp $
+# $NetBSD: Makefile,v 1.5.4.2 2020/02/23 11:50:10 bsiegert Exp $
 
 FIREFOX_VER=           ${MOZ_BRANCH}${MOZ_BRANCH_MINOR}
-MOZ_BRANCH=            68.4
-MOZ_BRANCH_MINOR=      .1esr
+MOZ_BRANCH=            68.5
+MOZ_BRANCH_MINOR=      .0esr
 
 DISTNAME=      firefox-${FIREFOX_VER}.source
 PKGNAME=       ${DISTNAME:S/.source//:S/b/beta/:S/esr//:S/firefox-/firefox68-/}
diff -r 754984b9b345 -r ff6c4abd2fec www/firefox68/PLIST
--- a/www/firefox68/PLIST       Sat Feb 22 19:45:30 2020 +0000
+++ b/www/firefox68/PLIST       Sun Feb 23 11:50:10 2020 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.3 2019/12/08 20:09:41 nia Exp $
+@comment $NetBSD: PLIST,v 1.3.4.1 2020/02/23 11:50:10 bsiegert Exp $
 bin/firefox68
 lib/firefox68/actors/AudioPlaybackChild.jsm
 lib/firefox68/actors/AutoplayChild.jsm
@@ -4240,16 +4240,19 @@
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/about-compat/aboutPage.json
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/about-compat/aboutPageProcessScript.js
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/data/injections.js
+lib/firefox68/browser/features/webcompat%mozilla.org@localhost/data/picture_in_picture_overrides.js
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/data/ua_overrides.js
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/experiment-apis/aboutConfigPrefs.js
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/experiment-apis/aboutConfigPrefs.json
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/experiment-apis/experiments.js
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/experiment-apis/experiments.json
+lib/firefox68/browser/features/webcompat%mozilla.org@localhost/experiment-apis/pictureInPicture.js
+lib/firefox68/browser/features/webcompat%mozilla.org@localhost/experiment-apis/pictureInPicture.json
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/experiment-apis/sharedPreferences.js
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/experiment-apis/sharedPreferences.json
+lib/firefox68/browser/features/webcompat%mozilla.org@localhost/experiment-apis/systemManufacturer.js
+lib/firefox68/browser/features/webcompat%mozilla.org@localhost/experiment-apis/systemManufacturer.json
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug0000000-testbed-css-injection.css
-lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug1305028-gaming.youtube.com-webkit-scrollbar.css
-lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug1432935-breitbart.com-webkit-scrollbar.css
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug1432935-discordapp.com-webkit-scorllbar-white-line.css
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug1518781-twitch.tv-webkit-scrollbar.css
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug1526977-sreedharscce.in-login-fix.css
@@ -4265,20 +4268,24 @@
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug1575017-dunkindonuts.com-flex-basis.css
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug1577270-binance.com-calc-height-fix.css
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug1577297-kitkat.com.au-slider-width-fix.css
+lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug1605611-maps.google.com-directions-time.css
+lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug1609991-cracked.com-flex-basis-fix.css
+lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug1610016-gaana.com-input-position-fix.css
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/js/bug0000000-testbed-js-injection.js
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/js/bug1452707-window.controllers-shim-ib.absa.co.za.js
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/js/bug1457335-histography.io-ua-change.js
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/js/bug1472075-bankofamerica.com-ua-change.js
-lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/js/bug1472081-election.gov.np-window.sidebar-shim.js
-lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/js/bug1482066-portalminasnet.com-window.sidebar-shim.js
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/js/bug1570856-medium.com-menu-isTier1.js
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/js/bug1577245-salesforce-communities-hide-unsupported.js
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/js/bug1579159-m.tailieu.vn-pdfjs-worker-disable.js
+lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/js/bug1605611-maps.google.com-directions-time.js
+lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/js/bug1610358-pcloud.com-appVersion-change.js
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/lib/about_compat_broker.js
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/lib/custom_functions.js
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/lib/google.js
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/lib/injections.js
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/lib/module_shim.js
+lib/firefox68/browser/features/webcompat%mozilla.org@localhost/lib/picture_in_picture_overrides.js
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/lib/ua_overrides.js
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/manifest.json
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/run.js
@@ -5425,10 +5432,10 @@
 lib/firefox68/modules/GMPInstallManager.jsm
 lib/firefox68/modules/GMPUtils.jsm
 lib/firefox68/modules/Geometry.jsm
-lib/firefox68/modules/HiddenFrame.jsm
 lib/firefox68/modules/HTMLMenuBuilder.jsm
 lib/firefox68/modules/HealthPing.jsm
 lib/firefox68/modules/HelperAppDlg.jsm
+lib/firefox68/modules/HiddenFrame.jsm
 lib/firefox68/modules/History.jsm
 lib/firefox68/modules/Http.jsm
 lib/firefox68/modules/HybridContentTelemetry.jsm
diff -r 754984b9b345 -r ff6c4abd2fec www/firefox68/distinfo
--- a/www/firefox68/distinfo    Sat Feb 22 19:45:30 2020 +0000
+++ b/www/firefox68/distinfo    Sun Feb 23 11:50:10 2020 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.5.4.1 2020/01/10 13:56:19 bsiegert Exp $
+$NetBSD: distinfo,v 1.5.4.2 2020/02/23 11:50:10 bsiegert Exp $
 
-SHA1 (firefox-68.4.1esr.source.tar.xz) = f11c0ecc0f17435149a2bce83f490bbd329e276d
-RMD160 (firefox-68.4.1esr.source.tar.xz) = 78098317b75b079a475a0bcb8a5f012178c1a643
-SHA512 (firefox-68.4.1esr.source.tar.xz) = 8dd85096f1223b2ab396cc3b89a9f1b113f01ce8919af08a278d077cc4380c108a66b6379c75d85311aa3c54a7804f4d51f718b309fe107ff7c44aca7e4386ed
-Size (firefox-68.4.1esr.source.tar.xz) = 318559576 bytes
+SHA1 (firefox-68.5.0esr.source.tar.xz) = 5e74dc0335b09819b24285d23e7746ca70af1dae
+RMD160 (firefox-68.5.0esr.source.tar.xz) = 34b2446b42e98de3e9f5798466bd4f49375dd44a
+SHA512 (firefox-68.5.0esr.source.tar.xz) = 0acf4ecd47bccf062ab330231e36355f5d84e66ab411f653ae3160583613840925bb473c0f7dfa4b15311a543940293c4633516851c9466c4b0133c9271710d3
+Size (firefox-68.5.0esr.source.tar.xz) = 314176068 bytes
 SHA1 (patch-aa) = 1f292aae7d37bd480ba834324b737bfebee52503
 SHA1 (patch-browser_app_profile_firefox.js) = 076cc2892547bac07fe907533f4e821f13f5738e
 SHA1 (patch-build_moz.configure_old.configure) = 05963b12fd908d90e3378b30cff7e48291b8a447



Home | Main Index | Thread Index | Old Index