Fixes MFSA 2017-08/CVE-2017-5428, see
https://www.mozilla.org/en-US/security/advisories/mfsa2017-08/
While here, add a patch from semarie@ (tested by and ok danj@) to tweak
a last-minute change in the jit engine memory allocator that happened to
fix a security issue in 52 branch (bug #1334933/CVE-2017-5400) - see
https://hg.mozilla.org/releases/mozilla-esr52/rev/6b35bbf96b67.
Sadly, this change resulted in a browser crashing at startup
on OpenBSD with the default limits, because the jit engine tried to
allocate 1Gb (previously 640Mb in #1334933, then 1Gb because of
#1337561, see
https://hg.mozilla.org/releases/mozilla-esr52/rev/65bb26d07408) and hit
the default datasize ulimit of 768Mb. The patch makes it allocate 128Mb
instead (as it's done on 32bit architectures), while a better (?) fix
might be devised in bug #1347139.
Generally speaking, if you see firefox crashing with ENOMEM errors,
raise the datasize limit for your login class, write your own wrapper
script to temporarly raise the limit when starting firefox, or stop
using the modern web. Websites are ginormous, deal with it.
See https://www.mozilla.org/en-US/firefox/52.0/releasenotes/
Remove patch for #1335827, merged upstream.
Note that this release removes support for NPAPI plugins (java, etc..) -
users relying on those should migrate to firefox-esr, where NPAPI
plugins will be supported for the lifetime of 52esr branch.
Tested by several, thanks!
See https://www.mozilla.org/en-US/firefox/50.0/releasenotes/
and https://www.mozilla.org/en-US/security/advisories/mfsa2016-89/
Switch back to build against systemwide sqlite3 coming from the
ports-tree. Remove the build goo for macppc|sparc64|alpha, it's unlikely
this will ever come back...
See https://www.mozilla.org/en-US/firefox/49.0/releasenotes/ (.1 is for
a windows-only fix) - not that 'loop' (ex-firefox hello) was removed
from the browser.
- Fixes MFSA 2016-85
- Remove media/ffvpx/config.h patch, merged upstream/fixed differently in
bug #1239550
- Set media.autoplay.enabled to false by default, i'm usually wary of
changing upstream defaults, but this one is unfuriating with "the
modern web and all this funky video ads".. this one got support from
many.
- Add a blurb to README explaining how to enable/test e10s/multi-process
support.
- See https://www.mozilla.org/en-US/firefox/48.0/releasenotes/
- Fixes MFSA 2016-62->84
- See
https://blog.mozilla.org/blog/2016/08/02/exciting-improvements-in-firefox-for-desktop-and-android/
for user-facing changes
- Switch CONFIGURE_STYLE to simple as it's really not a gnu script
anymore..
- Remove gtk 3.20 jumbo patch, most gtk3 issues are either fixed or
being worked on, and the patch isnt maintainable
- Remove patch-gfx_skia_moz_build, it isn't needed anymore on i386, and
SSE2 will soon be a hard runtime requirement anyway
- Remove patch-media_libcubeb_src_cubeb_sndio_c, merged upstream (#1153151 & #1153179)
- Remove
patch-toolkit_components_protobuf_src_google_protobuf_stubs_atomicops_h,
merged upstream (#1192556)
- Note that WebRT was removed
en-US langpack was removed, but ach (Acholi), an (Aragonese), as
(Assamese), az (Azerbaijani), dsb (Lower Sorbian), ff (Pulaar-Fulfulde),
hsb (Upper Sorbian), km (Khmer), lij (Ligurian), ms (Malay) and xh
(Xhosa) were added.
- See https://www.mozilla.org/en-US/firefox/45.0/releasenotes/
- Fixes MFSA 2016-16->38
- libmozgnome was removed upstream
- gtk3 is still not enabled by default upstream
- Remove dependency on gstreamer1, ffmpeg/libavcodec is opened on the fly
if available, as tested by naddy@
Sidenote: no, i havent looked at i386/llvm breakage yet. i386 is the new vax.
* See https://www.mozilla.org/en-US/firefox/44.0/releasenotes/
* Fixes MFSA 2016-01 -> 12
* Fix CONFIGURE_STYLE, no need for autohell?
* Use bundled libevent
* Remove useless MOZILLA_AUTOCONF_DIRS
Note that starting with fx 45, gstreamer will be deprecated in favor of
ffmpeg. If it works, haven't tested it yet...
Tested by/discussed with naddy@
The last reliable gecko builds on macppc were done with:
OpenBSD 5.8-current (GENERIC.MP) #761: Mon Aug 31 08:01:30 MDT 2015
(mpi@ says SecurePLT was commited beginning of Sep, so .. related?)
Thunderbird and firefox-esr strangely built on sparc64 (by accident?) in
may and june (when it was gecko 31) but other than that firefox itself
never built in 2015.
Anybody is welcome to look into this, just add you beloved arch to
ONLY_FOR_ARCHS in mozilla.port.mk.
While here, also amend ONLY_FOR_ARCHS in langpacks ports, no point in
packaging them if you don't have the corresponding package.
Avoids wasting hours during bulks, only keep xulrunner building on
powerpc and sparc64.
See https://www.mozilla.org/en-US/firefox/43.0.2/releasenotes/
No binary change for us since this is only to force updates for poor
windows users, because microsoft now requires SHA256 certs. But ppl
wont complain that OpenBSD doesn't ship the latest and greatest!
- See https://www.mozilla.org/en-US/firefox/41.0/releasenotes/
- Fixes MFSA 2015-96->114
- Add patch to workaround build failure on 32-bits (#1192556)
- Note that powerpc still fails due to the same issue but a
hack^Wworkaround hasnt been found yet.
Firefox 42 will probably default to build with Gtk3.
- See https://www.mozilla.org/en-US/firefox/35.0.1/releasenotes/
- while here, demote gstreamer1-plugins-good from RUN_DEPENDS to a
simple note in the README. It seems having a fully working
out-of-the-box multimedia experience is not worth the attack surface
this brings via all its dependencies.
Note: this doesnt change anything for existing installs, if
gstreamer1-plugins-good/libav is found at runtime firefox will still use
it to play html audio/video. If you dont want that behaviour, have a
look in about:config for the various media.*.enabled keys. Or use lynx.
prodded by tedu@