pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/www/firefox
Module Name: pkgsrc
Committed By: ryoon
Date: Sat May 30 17:06:10 UTC 2026
Modified Files:
pkgsrc/www/firefox: Makefile distinfo
pkgsrc/www/firefox/files: node-wrapper.sh
pkgsrc/www/firefox/patches: patch-config_gcc-stl-wrapper.template.h
patch-ipc_glue_ForkServer.cpp patch-js_src_intgemm_moz.build
patch-python_sites_build.txt patch-python_sites_mach.txt
Removed Files:
pkgsrc/www/firefox/patches: patch-modules_fdlibm_src_math__private.h
Log Message:
www/firefox: Update to 151.0.2
* Broken builds on NetBSD 9. I should revisit later.
* Fix WebRTC Webcam support under NetBSD.
Changelog:
151.0.2:
Fixed
* Fixed an issue on macOS where smart cards and security keys could fail to load certificates automatically. (
Bug 2041208)
* Fixed an issue where adding another tab to an existing Split View could unexpectedly close it. (Bug 2039795)
* Fixed an issue where Split View would close instead of switching tabs when using the "Switch to Tab" option
from the address bar. (Bug 2039787)
* Fixed a crash on Windows that occurred when using the Sogou input method to type Simplified Chinese. (Bug
2039203)
* Fixed an issue where Firefox stopped caching new content once the disk cache was full, causing pages and
resources to be re-downloaded from the network on every visit. (Bug 2031577)
* Fixed an issue where some websites could render incorrectly or fail to load when they used JavaScript to
insert WebKit-specific style rules. (Bug 2040693)
* Fixed an issue where clicking and selecting text in some input fields and text areas did not work on pages
that styled them with certain CSS rules. (Bug 2039504)
* Fixed an issue where the up and down buttons on number input fields could overlap and hide the value when
sites sized the field to fit its contents. (Bug 2039315)
* Fixed an issue where sorting strings that include numbers could produce an incorrect order on some websites
and web applications. (Bug 2027078)
* Fixed an issue where dropdown menus would not open for <select> elements created inside an iframe and then
moved into the parent page. (Bug 2041720)
151.0.1:
Fixed
* Fixed a crash experienced by users with Intel Raptor Lake CPUs. (Bug 1950764)
* Fixed an issue on Windows where some websites using WebSerial to flash device firmware could fail
unexpectedly. (Bug 2040754)
151.0:
New
* Firefox Home (New Tab) has a fresh, new look and feel. The layout and design will enable upcoming features,
from widgets to shortcuts improvements, launching between 151 and 152. Included are some new and exciting
Wallpapers, such as the one below. Use the pencil icon in the lower right to check them out.
* Private Browsing Mode now allows you to instantly clear all data from your current session without closing
the entire window. When you select the End Private Session button (the fire icon) to the right of the URL
bar, Firefox will ask you to confirm to clear your session. Once confirmed, it will wipe all of your private
browsing data and open a fresh new Private Browsing Mode session for you.
* Firefox now strengthens protection against fingerprinting in Standard Enhanced Tracking Protection, making
it harder for websites to track you across sites by limiting the amount of information revealed about your
device and browser. This reduces the number of users uniquely identifiable by common fingerprinting
techniques by an average of ~14%, and by ~49% on macOS.
* You can now merge multiple PDFs directly in Firefox PDF. Combine separate PDF files into a single document
without ever leaving Firefox or relying on third-party tools.
* The Translations page (about:translations) is now accessible through the More Tools section of the
Application Menu.
* Local Firefox profile backups are now available on Linux in addition to Windows, and you can restore them
across platforms.
* On macOS, URLs copied from iOS devices using Apple’s Universal Clipboard now paste correctly in Firefox.
* On macOS, dropdown menus on web pages now use the native macOS menu style, matching the look and behavior of
the rest of the system.
* Address Autofill is enabled for users in the Netherlands.
* Firefox’s built-in VPN now lets you choose your browsing location, giving you more control over how and
where your traffic appears online. You can select from available countries or use Recommended to
automatically choose the best connection for your network.
Fixed
* Fixed incorrect screen resolution reporting to websites in multi-monitor setups.
* Fixed an issue on macOS where maximized Firefox windows could reopen on the wrong monitor after relaunching
in multi-monitor setups.
* Improved color management for copied and pasted images on macOS.
* Various security fixes.
Security fixes:
Mozilla Foundation Security Advisory 2026-46
#CVE-2026-8945: Sandbox escape in Firefox and Firefox Focus for Android
#CVE-2026-8946: Incorrect boundary conditions in the Audio/Video: Web Codecs component
#CVE-2026-8947: Use-after-free in the DOM: Bindings (WebIDL) component
#CVE-2026-8948: Same-origin policy bypass in the DOM: Networking component
#CVE-2026-8949: Integer overflow in the Widget: Win32 component
#CVE-2026-8950: Same-origin policy bypass in the Networking: HTTP component
#CVE-2026-8951: Spoofing issue in the Toolbar component in Firefox for Android
#CVE-2026-8952: Privilege escalation in the Application Update component
#CVE-2026-8953: Sandbox escape due to use-after-free in the Disability Access APIs component
#CVE-2026-8954: Incorrect boundary conditions, integer overflow in the Audio/Video component
#CVE-2026-8955: Privilege escalation in the DOM: Workers component
#CVE-2026-8956: Integer overflow in the Networking: JAR component
#CVE-2026-8957: Privilege escalation in the Enterprise Policies component
#CVE-2026-8958: Information disclosure, sandbox escape in the Security: Process Sandboxing component
#CVE-2026-8959: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component
#CVE-2026-8960: Spoofing issue in WebExtensions
#CVE-2026-8961: Spoofing issue in the Form Autofill component
#CVE-2026-8962: Mitigation bypass in the DOM: Security component
#CVE-2026-8963: Spoofing issue in the Web Speech component
#CVE-2026-8964: Spoofing issue in the Popup Blocker component
#CVE-2026-8965: Information disclosure in the DOM: Security component
#CVE-2026-8966: Information disclosure in the IP Protection component
#CVE-2026-8967: Information disclosure in the Graphics: WebGPU component
#CVE-2026-8968: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component
#CVE-2026-8969: Mitigation bypass in the DOM: Security component
#CVE-2026-8970: Privilege escalation in the Security component
#CVE-2026-8971: Same-origin policy bypass in the Networking: JAR component
#CVE-2026-8972: Privilege escalation in the WebRTC: Audio/Video component
#CVE-2026-8973: Memory safety bugs fixed in Firefox 151
#CVE-2026-8974: Memory safety bugs fixed in Firefox ESR 140.11 and Firefox 151
#CVE-2026-8975: Memory safety bugs fixed in Firefox ESR 115.36, Firefox ESR 140.11 and Firefox 151
To generate a diff of this commit:
cvs rdiff -u -r1.661 -r1.662 pkgsrc/www/firefox/Makefile
cvs rdiff -u -r1.581 -r1.582 pkgsrc/www/firefox/distinfo
cvs rdiff -u -r1.38 -r1.39 pkgsrc/www/firefox/files/node-wrapper.sh
cvs rdiff -u -r1.5 -r1.6 \
pkgsrc/www/firefox/patches/patch-config_gcc-stl-wrapper.template.h
cvs rdiff -u -r1.1 -r1.2 \
pkgsrc/www/firefox/patches/patch-ipc_glue_ForkServer.cpp \
pkgsrc/www/firefox/patches/patch-js_src_intgemm_moz.build \
pkgsrc/www/firefox/patches/patch-python_sites_build.txt \
pkgsrc/www/firefox/patches/patch-python_sites_mach.txt
cvs rdiff -u -r1.3 -r0 \
pkgsrc/www/firefox/patches/patch-modules_fdlibm_src_math__private.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/www/firefox/Makefile
diff -u pkgsrc/www/firefox/Makefile:1.661 pkgsrc/www/firefox/Makefile:1.662
--- pkgsrc/www/firefox/Makefile:1.661 Mon May 18 16:07:04 2026
+++ pkgsrc/www/firefox/Makefile Sat May 30 17:06:09 2026
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.661 2026/05/18 16:07:04 ryoon Exp $
+# $NetBSD: Makefile,v 1.662 2026/05/30 17:06:09 ryoon Exp $
FIREFOX_VER= ${MOZ_BRANCH}${MOZ_BRANCH_MINOR}
-MOZ_BRANCH= 150.0
-MOZ_BRANCH_MINOR= .3
+MOZ_BRANCH= 151.0
+MOZ_BRANCH_MINOR= .2
DISTNAME= firefox-${FIREFOX_VER}.source
PKGNAME= ${DISTNAME:S/.source//:S/b/beta/:S/esr//}
@@ -11,7 +11,7 @@ MASTER_SITES+= ${MASTER_SITE_MOZILLA:=fi
MASTER_SITES+= ${MASTER_SITE_MOZILLA_ALL:=firefox/releases/${FIREFOX_VER}/source/}
EXTRACT_SUFX= .tar.xz
-NODEJSKIT= nodejs-output-150.0.3.tgz
+NODEJSKIT= nodejs-output-151.0.2.tgz
DISTFILES= ${DEFAULT_DISTFILES} ${NODEJSKIT}
SITES.${NODEJSKIT}= ${MASTER_SITE_LOCAL}
Index: pkgsrc/www/firefox/distinfo
diff -u pkgsrc/www/firefox/distinfo:1.581 pkgsrc/www/firefox/distinfo:1.582
--- pkgsrc/www/firefox/distinfo:1.581 Mon May 18 16:07:04 2026
+++ pkgsrc/www/firefox/distinfo Sat May 30 17:06:09 2026
@@ -1,11 +1,11 @@
-$NetBSD: distinfo,v 1.581 2026/05/18 16:07:04 ryoon Exp $
+$NetBSD: distinfo,v 1.582 2026/05/30 17:06:09 ryoon Exp $
-BLAKE2s (firefox-150.0.3.source.tar.xz) = 2659a96c77521ab1a9d651b1088f55e646b4dd60b8f288f0b6f6da600f4ad0cd
-SHA512 (firefox-150.0.3.source.tar.xz) = 8452da61200f8ee66790d3fff230ca84b2ac9291af2b57e018486c50f938c53c6fb4943fe6cfe1e99b9783466fb00bf707fa006293753ac698618fc1e3b70a4a
-Size (firefox-150.0.3.source.tar.xz) = 709676888 bytes
-BLAKE2s (nodejs-output-150.0.3.tgz) = 3e0e5acaf50c536f28d95cbaa4c62bcbeab7803d4bf95a9a01b2567e8e2c15ab
-SHA512 (nodejs-output-150.0.3.tgz) = f6d10ccf84953cd85b85cb92f1cd57de6de3e100220e9239540dd809299ac5e9d309c8502cf05e0758cf2793bc1da23ebeb297c5787bbfcf242652d6e7292d10
-Size (nodejs-output-150.0.3.tgz) = 247807 bytes
+BLAKE2s (firefox-151.0.2.source.tar.xz) = f222da7bbef5f86e1b21395c46f39a3f6c05cc2d9ca19c1280738dd6e7b59ff8
+SHA512 (firefox-151.0.2.source.tar.xz) = 87308953ed354a2799a9a45be40033bf9ff8d80fa220f034aacfbd6e754716901d4164c37fa56032c659b259116603e0ba2b566c1f3651ab9cc0835d502cd739
+Size (firefox-151.0.2.source.tar.xz) = 784076112 bytes
+BLAKE2s (nodejs-output-151.0.2.tgz) = 3fcfc5072cb31b2e5fbdbd78178700ee6eac110e2a1070e29dec5ce62ce851b4
+SHA512 (nodejs-output-151.0.2.tgz) = 49bcb42140037e512ecf15889bcca4cd59f67f3bebacdf781b52afd6a2f87770baf340052f786aed80146ba649a8409d6cf5d61963867577099b3c3cb3fa0847
+Size (nodejs-output-151.0.2.tgz) = 248196 bytes
SHA1 (patch-browser_app_profile_firefox.js) = 1eaa674c0aa8279e2f9dc2eda582650a08156d65
SHA1 (patch-build_gn__processor.py) = 078f773104bf4c1b30584564aefe365db6ba6daf
SHA1 (patch-build_moz.configure_init.configure) = 65deb3c233df0aab81eb1fca05d708e5a4ed169a
@@ -35,12 +35,11 @@ SHA1 (patch-js_src_vm_TypedArrayObject-i
SHA1 (patch-media_ffvpx_libavutil_arm_bswap.h) = d0bdc30d23447bd56185eb9dc5c86de591f9cc02
SHA1 (patch-media_libpng_pngpriv.h) = ee952a703ee08e8ff2269c7178e55e00b12faa29
SHA1 (patch-memory_build_mozjemalloc__types.h) = af87ef935653cb845a6b702af2f5645a6ada27db
-SHA1 (patch-modules_fdlibm_src_math__private.h) = e20b6c23011d7123cbbd64a500eb8ce8c426620e
SHA1 (patch-netwerk_protocol_http_nsHttpHandler.cpp) = 67493b4635041d21ff9fbfda80b3197fed542a26
SHA1 (patch-nsprpub_pr_src_pthreads_ptsynch.c) = 753fd4d62088c870aefe7c4b739286259848446e
SHA1 (patch-python_mozbuild_mozbuild_backend_recursivemake.py) = 5be4183d9075f5a3a3c6b3e0338473af185fb50e
SHA1 (patch-python_sites_build.txt) = f60f28480179edb47c8dcf84e3247aa6704c2610
-SHA1 (patch-python_sites_mach.txt) = 4892a2d492b8faf243594e19104ec38c0890ca47
+SHA1 (patch-python_sites_mach.txt) = a4950e1b5ad66231b723eef8f9e7ecce9127d9d3
SHA1 (patch-third__party_abseil-cpp_absl_debugging_internal_elf__mem__image.cc) = b1067a6804470f7e365f347683b7d505853fd799
SHA1 (patch-third__party_abseil-cpp_absl_debugging_internal_vdso__support.cc) = f9c44d0d6fd952296f23c24f56053958b30d8e5c
SHA1 (patch-third__party_js_cfworker_build.sh) = 46cdf97b99cf01080f290ae8d9a33b5f869fc3e4
Index: pkgsrc/www/firefox/files/node-wrapper.sh
diff -u pkgsrc/www/firefox/files/node-wrapper.sh:1.38 pkgsrc/www/firefox/files/node-wrapper.sh:1.39
--- pkgsrc/www/firefox/files/node-wrapper.sh:1.38 Mon May 18 16:07:04 2026
+++ pkgsrc/www/firefox/files/node-wrapper.sh Sat May 30 17:06:09 2026
@@ -1,6 +1,6 @@
#! /bin/sh
-VERS=v26.1.0
+VERS=v26.2.0
if [ "$1" = "-v" ] || [ "$1" = "--version" ]; then
printf "${VERS}\n"
Index: pkgsrc/www/firefox/patches/patch-config_gcc-stl-wrapper.template.h
diff -u pkgsrc/www/firefox/patches/patch-config_gcc-stl-wrapper.template.h:1.5 pkgsrc/www/firefox/patches/patch-config_gcc-stl-wrapper.template.h:1.6
--- pkgsrc/www/firefox/patches/patch-config_gcc-stl-wrapper.template.h:1.5 Mon May 18 16:07:04 2026
+++ pkgsrc/www/firefox/patches/patch-config_gcc-stl-wrapper.template.h Sat May 30 17:06:09 2026
@@ -1,4 +1,4 @@
-$NetBSD: patch-config_gcc-stl-wrapper.template.h,v 1.5 2026/05/18 16:07:04 ryoon Exp $
+$NetBSD: patch-config_gcc-stl-wrapper.template.h,v 1.6 2026/05/30 17:06:09 ryoon Exp $
--- config/gcc-stl-wrapper.template.h.orig 2026-04-15 13:12:19.000000000 +0000
+++ config/gcc-stl-wrapper.template.h
Index: pkgsrc/www/firefox/patches/patch-ipc_glue_ForkServer.cpp
diff -u pkgsrc/www/firefox/patches/patch-ipc_glue_ForkServer.cpp:1.1 pkgsrc/www/firefox/patches/patch-ipc_glue_ForkServer.cpp:1.2
--- pkgsrc/www/firefox/patches/patch-ipc_glue_ForkServer.cpp:1.1 Mon May 18 16:07:04 2026
+++ pkgsrc/www/firefox/patches/patch-ipc_glue_ForkServer.cpp Sat May 30 17:06:09 2026
@@ -1,4 +1,4 @@
-$NetBSD: patch-ipc_glue_ForkServer.cpp,v 1.1 2026/05/18 16:07:04 ryoon Exp $
+$NetBSD: patch-ipc_glue_ForkServer.cpp,v 1.2 2026/05/30 17:06:09 ryoon Exp $
* Fix build for signal(3).
Index: pkgsrc/www/firefox/patches/patch-js_src_intgemm_moz.build
diff -u pkgsrc/www/firefox/patches/patch-js_src_intgemm_moz.build:1.1 pkgsrc/www/firefox/patches/patch-js_src_intgemm_moz.build:1.2
--- pkgsrc/www/firefox/patches/patch-js_src_intgemm_moz.build:1.1 Mon May 18 16:07:04 2026
+++ pkgsrc/www/firefox/patches/patch-js_src_intgemm_moz.build Sat May 30 17:06:09 2026
@@ -1,4 +1,4 @@
-$NetBSD: patch-js_src_intgemm_moz.build,v 1.1 2026/05/18 16:07:04 ryoon Exp $
+$NetBSD: patch-js_src_intgemm_moz.build,v 1.2 2026/05/30 17:06:09 ryoon Exp $
* Disable AVX512.
Index: pkgsrc/www/firefox/patches/patch-python_sites_build.txt
diff -u pkgsrc/www/firefox/patches/patch-python_sites_build.txt:1.1 pkgsrc/www/firefox/patches/patch-python_sites_build.txt:1.2
--- pkgsrc/www/firefox/patches/patch-python_sites_build.txt:1.1 Mon May 18 16:07:04 2026
+++ pkgsrc/www/firefox/patches/patch-python_sites_build.txt Sat May 30 17:06:09 2026
@@ -1,4 +1,4 @@
-$NetBSD: patch-python_sites_build.txt,v 1.1 2026/05/18 16:07:04 ryoon Exp $
+$NetBSD: patch-python_sites_build.txt,v 1.2 2026/05/30 17:06:09 ryoon Exp $
* We are offline, so do not try to download from pypi.
No need to wait a timeout.
Index: pkgsrc/www/firefox/patches/patch-python_sites_mach.txt
diff -u pkgsrc/www/firefox/patches/patch-python_sites_mach.txt:1.1 pkgsrc/www/firefox/patches/patch-python_sites_mach.txt:1.2
--- pkgsrc/www/firefox/patches/patch-python_sites_mach.txt:1.1 Mon May 18 16:07:04 2026
+++ pkgsrc/www/firefox/patches/patch-python_sites_mach.txt Sat May 30 17:06:09 2026
@@ -1,18 +1,18 @@
-$NetBSD: patch-python_sites_mach.txt,v 1.1 2026/05/18 16:07:04 ryoon Exp $
+$NetBSD: patch-python_sites_mach.txt,v 1.2 2026/05/30 17:06:09 ryoon Exp $
* We are offline, so do not try to download from pypi.
No need to wait a timeout.
* Use pyyaml from vendored unconditionally.
---- python/sites/mach.txt.orig 2026-04-20 11:41:50.793315548 +0000
+--- python/sites/mach.txt.orig 2026-05-13 13:12:50.000000000 +0000
+++ python/sites/mach.txt
@@ -58,15 +58,16 @@ pth:xpcom/idl-parser
pth:xpcom/idl-parser
# glean-sdk may not be installable if a wheel isn't available
# and it has to be built from source.
--pypi-optional:glean-sdk==67.1.0:telemetry will not be collected
+-pypi-optional:glean-sdk==67.2.0:telemetry will not be collected
-pypi-optional:orjson>=3.10:json operations will be slower in various tools
-+#pypi-optional:glean-sdk==67.1.0:telemetry will not be collected
++#pypi-optional:glean-sdk==67.2.0:telemetry will not be collected
+#pypi-optional:orjson>=3.10:json operations will be slower in various tools
# Mach gracefully handles the case where `psutil` is unavailable.
# We aren't (yet) able to pin packages in automation, so we have to
Home |
Main Index |
Thread Index |
Old Index