[pkgsrc/pkgsrc-2020Q1]: pkgsrc/www/firefox68 Pullup ticket #6190 - requested ...

To: source-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/pkgsrc-2020Q1]: pkgsrc/www/firefox68 Pullup ticket #6190 - requested ...
From: bsiegert <bsiegert%pkgsrc.org@localhost>
Date: Wed, 13 May 2020 15:05:52 +0000
details:   https://anonhg.NetBSD.org/pkgsrc/rev/8510fabf6431
branches:  pkgsrc-2020Q1
changeset: 431456:8510fabf6431
user:      bsiegert <bsiegert%pkgsrc.org@localhost>
date:      Wed May 13 13:40:16 2020 +0000

description:
Pullup ticket #6190 - requested by nia
www/firefox68: security fix

Revisions pulled up:
- www/firefox68/Makefile                                        1.20
- www/firefox68/PLIST                                           1.6
- www/firefox68/distinfo                                        1.15

---
   Module Name: pkgsrc
   Committed By:        nia
   Date:                Sat May  9 13:08:01 UTC 2020

   Modified Files:
        pkgsrc/www/firefox68: Makefile PLIST distinfo

   Log Message:
   firefox68: Update to 68.8.0

   Security Vulnerabilities fixed in Firefox ESR 68.8

       #CVE-2020-12387: Use-after-free during worker shutdown

       #CVE-2020-12388: Sandbox escape with improperly guarded Access Tokens

       #CVE-2020-12389: Sandbox escape with improperly separated process types

       #CVE-2020-6831: Buffer overflow in SCTP chunk input validation

       #CVE-2020-12392: Arbitrary local file access with 'Copy as cURL'

       #CVE-2020-12393: Devtools' 'Copy as cURL' feature did not fully escape
       website-controlled data, potentially leading to command injection

       #CVE-2020-12395: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8

diffstat:

 www/firefox68/Makefile |   4 ++--
 www/firefox68/PLIST    |  15 ++++++---------
 www/firefox68/distinfo |  10 +++++-----
 3 files changed, 13 insertions(+), 16 deletions(-)

diffs (84 lines):

diff -r ae6434b663d7 -r 8510fabf6431 www/firefox68/Makefile
--- a/www/firefox68/Makefile    Sun May 10 13:29:55 2020 +0000
+++ b/www/firefox68/Makefile    Wed May 13 13:40:16 2020 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.15.2.2 2020/04/11 12:39:25 bsiegert Exp $
+# $NetBSD: Makefile,v 1.15.2.3 2020/05/13 13:40:16 bsiegert Exp $
 
 FIREFOX_VER=           ${MOZ_BRANCH}${MOZ_BRANCH_MINOR}
-MOZ_BRANCH=            68.7
+MOZ_BRANCH=            68.8
 MOZ_BRANCH_MINOR=      .0esr
 
 DISTNAME=      firefox-${FIREFOX_VER}.source
diff -r ae6434b663d7 -r 8510fabf6431 www/firefox68/PLIST
--- a/www/firefox68/PLIST       Sun May 10 13:29:55 2020 +0000
+++ b/www/firefox68/PLIST       Wed May 13 13:40:16 2020 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.5 2020/03/12 19:39:35 nia Exp $
+@comment $NetBSD: PLIST,v 1.5.2.1 2020/05/13 13:40:16 bsiegert Exp $
 bin/firefox68
 lib/firefox68/actors/AudioPlaybackChild.jsm
 lib/firefox68/actors/AutoplayChild.jsm
@@ -4253,38 +4253,35 @@
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/experiment-apis/systemManufacturer.js
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/experiment-apis/systemManufacturer.json
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug0000000-testbed-css-injection.css
-lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug1432935-discordapp.com-webkit-scorllbar-white-line.css
-lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug1518781-twitch.tv-webkit-scrollbar.css
-lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug1526977-sreedharscce.in-login-fix.css
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug1561371-mail.google.com-allow-horizontal-scrolling.css
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug1567610-dns.google.com-moz-fit-content.css
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug1568256-zertifikate.commerzbank.de-flex.css
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug1568908-console.cloud.google.com-scrollbar-fix.css
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug1570119-teamcoco.com-scrollbar-width.css
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug1570328-developer-apple.com-transform-scale.css
-lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug1574973-patch.com-dropdown-menu-fix.css
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug1575000-apply.lloydsbank.co.uk-radio-buttons-fix.css
-lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug1575011-holiday-weather.com-scrolling-fix.css
-lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug1575017-dunkindonuts.com-flex-basis.css
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug1577270-binance.com-calc-height-fix.css
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug1577297-kitkat.com.au-slider-width-fix.css
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug1605611-maps.google.com-directions-time.css
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug1609991-cracked.com-flex-basis-fix.css
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug1610016-gaana.com-input-position-fix.css
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug1610344-directv.com.co-hide-unsupported-message.css
+lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug1631960-websube.ckbogazici.com.tr-table-row-fix.css
+lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/css/bug1632019-everyman.co-gallery-width-fix.css
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/js/bug0000000-testbed-js-injection.js
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/js/bug1452707-window.controllers-shim-ib.absa.co.za.js
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/js/bug1457335-histography.io-ua-change.js
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/js/bug1472075-bankofamerica.com-ua-change.js
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/js/bug1570856-medium.com-menu-isTier1.js
-lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/js/bug1577245-salesforce-communities-hide-unsupported.js
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/js/bug1579159-m.tailieu.vn-pdfjs-worker-disable.js
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/js/bug1605611-maps.google.com-directions-time.js
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/js/bug1610358-pcloud.com-appVersion-change.js
+lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/js/bug1623375-salesforce-communities-hide-unsupported.js
+lib/firefox68/browser/features/webcompat%mozilla.org@localhost/injections/js/bug1625224-sixt-neuwagen.de-window-netscape-shim.js
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/lib/about_compat_broker.js
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/lib/custom_functions.js
-lib/firefox68/browser/features/webcompat%mozilla.org@localhost/lib/google.js
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/lib/injections.js
+lib/firefox68/browser/features/webcompat%mozilla.org@localhost/lib/intervention_helpers.js
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/lib/module_shim.js
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/lib/picture_in_picture_overrides.js
 lib/firefox68/browser/features/webcompat%mozilla.org@localhost/lib/ua_overrides.js
diff -r ae6434b663d7 -r 8510fabf6431 www/firefox68/distinfo
--- a/www/firefox68/distinfo    Sun May 10 13:29:55 2020 +0000
+++ b/www/firefox68/distinfo    Wed May 13 13:40:16 2020 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.11.2.2 2020/04/11 12:39:25 bsiegert Exp $
+$NetBSD: distinfo,v 1.11.2.3 2020/05/13 13:40:16 bsiegert Exp $
 
-SHA1 (firefox-68.7.0esr.source.tar.xz) = 27a2728ac1fff2134f2aae2e411f2266c19db1c2
-RMD160 (firefox-68.7.0esr.source.tar.xz) = 2f50d2dc66db24fb628820bdb9b181448c51d561
-SHA512 (firefox-68.7.0esr.source.tar.xz) = a3ddcf8ffe5f568b30b1fc9ddcaa5cebe600bf11ce353c09507d5466f999022d45a0dee9a08f53f37b10202a2e2ce4c180743cd6a2ca38dfea1c3e4487b18593
-Size (firefox-68.7.0esr.source.tar.xz) = 312235932 bytes
+SHA1 (firefox-68.8.0esr.source.tar.xz) = 291cb48dcbf50030a38a66eca40d9cfcaff9784d
+RMD160 (firefox-68.8.0esr.source.tar.xz) = d275572b5a35dff01b271285880dff2222f24038
+SHA512 (firefox-68.8.0esr.source.tar.xz) = 139a63dc85ae76a50da6be9a31425f97144e6c7e4a65b0f3009a84eb5c8c9566f6bb331e26590f8aecd5045c4d730ab4e848cf7220f3444a31147b5533c742b3
+Size (firefox-68.8.0esr.source.tar.xz) = 312602308 bytes
 SHA1 (patch-aa) = 9f7200c411cd2217a80ec10a276c8877bc6b845c
 SHA1 (patch-browser_app_profile_firefox.js) = 076cc2892547bac07fe907533f4e821f13f5738e
 SHA1 (patch-dom_base_nsAttrName.h) = ac7ba441a3b27df2855cf2673eea36b1cb44ad49
Prev by Date: [pkgsrc/trunk]: pkgsrc/audio/sndfile-tools sndfile-tools: Update PLIST
Next by Date: [pkgsrc/pkgsrc-2020Q1]: pkgsrc/net/youtube-dl Pullup ticket #6192 - requested...
Previous by Thread: [pkgsrc/trunk]: pkgsrc/audio/sndfile-tools sndfile-tools: Update PLIST
Next by Thread: [pkgsrc/pkgsrc-2020Q1]: pkgsrc/net/youtube-dl Pullup ticket #6192 - requested...
Indexes:
Home | Main Index | Thread Index | Old Index