166 Commits

Author SHA1 Message Date
landry
62e45043f8 Bugfix update to firefox 53.0.3.
See https://www.mozilla.org/en-US/firefox/53.0.3/releasenotes/
2017-05-19 21:54:35 +00:00
landry
2c1e82544a Bugfix update to firefox 53.0.2.
See https://www.mozilla.org/en-US/firefox/53.0.2/releasenotes/
Fixes MFSA2017-14, but that only affects Windows.
2017-05-06 07:15:58 +00:00
landry
47ce2cfc1e Update to firefox 53.0.
See https://www.mozilla.org/en-US/firefox/53.0/releasenotes/ and
https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/.

- Now depends on rust and cargo to build.
- Remove patch-browser_installer_Makefile_in, sdk was removed in #1333826
- Ship a small distribution.ini to show package source in about dialog
- Add a blurb from Michael Reed about installing ffmpeg package to play
HTML5 audio/video.

Tested by several
2017-04-20 06:12:58 +00:00
landry
406e32b92f Bugfix update to firefox 52.0.2.
See https://www.mozilla.org/en-US/firefox/52.0.2/releasenotes/
2017-03-28 20:07:27 +00:00
landry
3ae1b1aac0 Update to firefox 52.0.1.
Fixes MFSA 2017-08/CVE-2017-5428, see
https://www.mozilla.org/en-US/security/advisories/mfsa2017-08/

While here, add a patch from semarie@ (tested by and ok danj@) to tweak
a last-minute change in the jit engine memory allocator that happened to
fix a security issue in 52 branch (bug #1334933/CVE-2017-5400) - see
https://hg.mozilla.org/releases/mozilla-esr52/rev/6b35bbf96b67.

Sadly, this change resulted in a browser crashing at startup
on OpenBSD with the default limits, because the jit engine tried to
allocate 1Gb (previously 640Mb in #1334933, then 1Gb because of
#1337561, see
https://hg.mozilla.org/releases/mozilla-esr52/rev/65bb26d07408) and hit
the default datasize ulimit of 768Mb. The patch makes it allocate 128Mb
instead (as it's done on 32bit architectures), while a better (?) fix
might be devised in bug #1347139.

Generally speaking, if you see firefox crashing with ENOMEM errors,
raise the datasize limit for your login class, write your own wrapper
script to temporarly raise the limit when starting firefox, or stop
using the modern web. Websites are ginormous, deal with it.
2017-03-20 19:35:15 +00:00
landry
c3b7032780 Update mozilla-firefox to 52.0.
See https://www.mozilla.org/en-US/firefox/52.0/releasenotes/

Remove patch for #1335827, merged upstream.

Note that this release removes support for NPAPI plugins (java, etc..) -
users relying on those should migrate to firefox-esr, where NPAPI
plugins will be supported for the lifetime of 52esr branch.

Tested by several, thanks!
2017-03-07 15:31:38 +00:00
landry
265f93dca6 Update to firefox 51.0.
See https://www.mozilla.org/en-US/firefox/51.0/releasenotes/ and MFSA
2017-01 (https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/)

Remove patch-netwerk_protocol_http_Http2Session_cpp (#1290037)
2017-01-24 21:33:09 +00:00
landry
4fd3b0ca6d Bugfix update to firefox 50.1.0.
See https://www.mozilla.org/en-US/firefox/50.1.0/releasenotes/ and
https://www.mozilla.org/en-US/security/advisories/mfsa2016-94/.
2016-12-14 13:30:34 +00:00
landry
330fd22779 Fix botched distinfo 2016-11-30 21:47:05 +00:00
landry
afa19413b2 Security update to firefox 50.0.2.
See https://www.mozilla.org/en-US/firefox/50.0.2/releasenotes/ and
https://www.mozilla.org/en-US/security/advisories/mfsa2016-92/ (link not
up yet). A javascript exploit for windows was found in the wild, and the
vulnerability could technically be exploited on other platforms..
2016-11-30 21:38:53 +00:00
landry
e8b8f9adbd Bugfix update to firefox 50.0.1.
See https://www.mozilla.org/en-US/firefox/50.0.1/releasenotes/ and
https://www.mozilla.org/en-US/security/advisories/mfsa2016-91/
2016-11-29 08:11:34 +00:00
landry
cd2a046617 Update to firefox 50.0.
See https://www.mozilla.org/en-US/firefox/50.0/releasenotes/
and https://www.mozilla.org/en-US/security/advisories/mfsa2016-89/

Switch back to build against systemwide sqlite3 coming from the
ports-tree. Remove the build goo for macppc|sparc64|alpha, it's unlikely
this will ever come back...
2016-11-15 22:01:15 +00:00
landry
001e0f0a3a Update to firefox 49.0.2.
See https://www.mozilla.org/en-US/firefox/49.0.2/releasenotes/ and
https://www.mozilla.org/en-US/security/advisories/mfsa2016-87/
Fixes MFSA-2016-87:
- CVE-2016-5287 / bugzil.la/1309823
- CVE-2016-5288 / bugzil.la/1310183 (bug information private)

prodded by naddy@
2016-10-24 09:33:08 +00:00
naddy
439514e8c8 Update to firefox 49.0.1. 2016-09-24 20:07:33 +00:00
landry
04c35def2c Update to firefox 49.0.1.
See https://www.mozilla.org/en-US/firefox/49.0/releasenotes/ (.1 is for
a windows-only fix) - not that 'loop' (ex-firefox hello) was removed
from the browser.
- Fixes MFSA 2016-85
- Remove media/ffvpx/config.h patch, merged upstream/fixed differently in
bug #1239550
- Set media.autoplay.enabled to false by default, i'm usually wary of
  changing upstream defaults, but this one is unfuriating with "the
modern web and all this funky video ads".. this one got support from
many.
- Add a blurb to README explaining how to enable/test e10s/multi-process
  support.
2016-09-24 14:46:45 +00:00
landry
ae308be950 Update to firefox 48.0.
- See https://www.mozilla.org/en-US/firefox/48.0/releasenotes/
- Fixes MFSA 2016-62->84
- See
  https://blog.mozilla.org/blog/2016/08/02/exciting-improvements-in-firefox-for-desktop-and-android/
for user-facing changes
- Switch CONFIGURE_STYLE to simple as it's really not a gnu script
  anymore..
- Remove gtk 3.20 jumbo patch, most gtk3 issues are either fixed or
  being worked on, and the patch isnt maintainable
- Remove patch-gfx_skia_moz_build, it isn't needed anymore on i386, and
  SSE2 will soon be a hard runtime requirement anyway
- Remove patch-media_libcubeb_src_cubeb_sndio_c, merged upstream (#1153151 & #1153179)
- Remove
  patch-toolkit_components_protobuf_src_google_protobuf_stubs_atomicops_h,
merged upstream (#1192556)
- Note that WebRT was removed
2016-08-02 17:50:03 +00:00
landry
2f601aefb0 Minor bugfix update to firefox 47.0.1.
- See https://www.mozilla.org/en-US/firefox/47.0.1/releasenotes/
- Fixes #1278605 & #1277522
2016-07-10 10:04:44 +00:00
landry
578eed963c Update to firefox 47.0.
- See https://www.mozilla.org/en-US/firefox/47.0/releasenotes/
- Fixes MFSA 2016-49->61
2016-06-08 19:25:42 +00:00
landry
4008f2e62d Bugfix update to firefox 46.0.1.
- See https://www.mozilla.org/en-US/firefox/46.0.1/releasenotes/
2016-05-05 06:53:19 +00:00
landry
a200e676eb Revert the revert. I made you a Makefile but CVS ated it. 2016-04-28 17:44:20 +00:00
ajacoutot
ea00dc6a28 Revert that as well. 2016-04-28 16:52:59 +00:00
ajacoutot
3bb4301cd0 Revert, there's no en-US directory and this breaks sqlports. 2016-04-28 16:51:40 +00:00
landry
953f8b84d1 Readd en-US that was left behind (#1267847) 2016-04-28 11:46:41 +00:00
landry
5b44fef16d Update firefox-i18n to 46.0.
en-US langpack was removed, but ach (Acholi), an (Aragonese), as
(Assamese), az (Azerbaijani), dsb (Lower Sorbian), ff (Pulaar-Fulfulde),
hsb (Upper Sorbian), km (Khmer), lij (Ligurian), ms (Malay) and xh
(Xhosa) were added.
2016-04-27 14:07:59 +00:00
landry
371742de62 Bugfix update to firefox 45.0.1.
See https://www.mozilla.org/en-US/firefox/45.0.1/releasenotes/
2016-03-19 13:37:37 +00:00
landry
d746088a84 Update to firefox 45.0.
- See https://www.mozilla.org/en-US/firefox/45.0/releasenotes/
- Fixes MFSA 2016-16->38
- libmozgnome was removed upstream
- gtk3 is still not enabled by default upstream
- Remove dependency on gstreamer1, ffmpeg/libavcodec is opened on the fly
if available, as tested by naddy@

Sidenote: no, i havent looked at i386/llvm breakage yet. i386 is the new vax.
2016-03-14 20:48:43 +00:00
landry
06c1ee6894 Security update to firefox 44.0.2.
See https://www.mozilla.org/en-US/firefox/44.0.2/releasenotes/
Fixes MFSA2016-13.
ok sthen@ naddy@
2016-02-13 07:39:25 +00:00
landry
fb6b19f61e Bugfix update to firefox 44.0.1.
See https://www.mozilla.org/en-US/firefox/44.0.1/releasenotes/

ok sthen@ naddy@
2016-02-09 09:21:27 +00:00
landry
e1a94c177a Update to firefox-44.0.
* See https://www.mozilla.org/en-US/firefox/44.0/releasenotes/
* Fixes MFSA 2016-01 -> 12
* Fix CONFIGURE_STYLE, no need for autohell?
* Use bundled libevent
* Remove useless MOZILLA_AUTOCONF_DIRS

Note that starting with fx 45, gstreamer will be deprecated in favor of
ffmpeg. If it works, haven't tested it yet...
Tested by/discussed with naddy@
2016-01-27 18:12:43 +00:00
landry
a2e34bf9b4 Face reality, various mozillas only build on amd64 or i386.
The last reliable gecko builds on macppc were done with:
OpenBSD 5.8-current (GENERIC.MP) #761: Mon Aug 31 08:01:30 MDT 2015
(mpi@ says SecurePLT was commited beginning of Sep, so .. related?)

Thunderbird and firefox-esr strangely built on sparc64 (by accident?) in
may and june (when it was gecko 31) but other than that firefox itself
never built in 2015.

Anybody is welcome to look into this, just add you beloved arch to
ONLY_FOR_ARCHS in mozilla.port.mk.

While here, also amend ONLY_FOR_ARCHS in langpacks ports, no point in
packaging them if you don't have the corresponding package.

Avoids wasting hours during bulks, only keep xulrunner building on
powerpc and sparc64.
2016-01-22 10:28:58 +00:00
landry
f73e21a6af Minor update to firefox 43.0.4.
See https://www.mozilla.org/en-US/firefox/43.0.4/releasenotes/
2016-01-07 09:24:20 +00:00
jasper
e1297b2db5 aja pointed out this should be "ignore:1" 2016-01-07 08:51:04 +00:00
jasper
84fb87eca0 ignore these for they are unversioned distfiles 2016-01-01 21:40:56 +00:00
landry
20ead4715a Update to firefox 43.0.2.
See https://www.mozilla.org/en-US/firefox/43.0.2/releasenotes/
No binary change for us since this is only to force updates for poor
windows users, because microsoft now requires SHA256 certs. But ppl
wont complain that OpenBSD doesn't ship the latest and greatest!
2015-12-23 17:41:35 +00:00
landry
024442da04 Update to firefox 43.0.
See https://www.mozilla.org/en-US/firefox/43.0/releasenotes/
Fixes MFSA 2015-134 -> 149

- Remove merged patch about freetype paths/versions
- Remove outdated mention of 'disable anti-aliasing', from matthieu@

Tested (among others) by benoit@, mmcc@ and naddy@
2015-12-16 10:12:14 +00:00
landry
ef0705914d Update to firefox 42.0.
- See https://www.mozilla.org/en-US/firefox/42.0/releasenotes/
- Fixes MFSA-2015-116 -> 133
- Tested by several, thanks!
2015-11-04 07:35:51 +00:00
landry
1d2fd16e2b Security update to firefox 41.0.2.
Fixes MFSA 2015-115 / CVE-2015-7184 (Cross-origin restriction bypass using Fetch)
https://www.mozilla.org/en-US/security/advisories/mfsa2015-115/
2015-10-16 12:04:40 +00:00
landry
9bd6c134da Bugfix update to firefox 41.0.1.
- See https://www.mozilla.org/en-US/firefox/41.0.1/releasenotes/
- Mostly windows-only bugfixes but a bookmark handling regression might
affect us (see #1206376)
2015-10-05 08:48:14 +00:00
landry
6a0b4abc1b Update to firefox 41.0.
- See https://www.mozilla.org/en-US/firefox/41.0/releasenotes/
- Fixes MFSA 2015-96->114
- Add patch to workaround build failure on 32-bits (#1192556)
- Note that powerpc still fails due to the same issue but a
 hack^Wworkaround hasnt been found yet.

Firefox 42 will probably default to build with Gtk3.
2015-09-24 20:21:15 +00:00
landry
6e59517c08 Remove the now defunct ftp://ftp.mozilla.org from MASTER_SITES.
Default to https://ftp.mozilla.org/ and use http://releases.mozilla.org/
as a fallback like the other mozilla ports.
2015-09-19 13:09:38 +00:00
landry
af204e202b Update to firefox 40.0.3.
- See https://www.mozilla.org/en-US/firefox/40.0.3/releasenotes/
- Fixes MFSA-2015-94 & 95
2015-08-31 20:08:40 +00:00
landry
f333eefdf4 Update to firefox{,-i18n} 40.0.
- See https://www.mozilla.org/en-US/firefox/40.0/releasenotes/
- Fixes MFSA-2015-79->92
2015-08-11 21:14:53 +00:00
landry
8d952d2276 SECURITY update to firefox 39.0.3 & firefox-esr 38.1.1.
Fixes MFSA2015-78, see
https://blog.mozilla.org/security/2015/08/06/firefox-exploit-found-in-the-wild/
and https://www.mozilla.org/en-US/security/advisories/mfsa2015-78/

ok naddy@ sthen@
2015-08-07 13:39:36 +00:00
landry
36e9854114 Update to firefix{,-i18n} 39.0.
- See https://www.mozilla.org/en-US/firefox/39.0/releasenotes/
- Fixes MFSA 2015-59 -> 71
2015-07-05 20:03:36 +00:00
landry
2f22773992 Update to firefox 38.0.1.
- See https://www.mozilla.org/en-US/firefox/38.0.1/releasenotes/ and
  https://www.mozilla.org/en-US/firefox/38.0/releasenotes/
- Fixes MFSA 2015-46->58
2015-05-16 07:22:14 +00:00
landry
cca9415f44 Bugfix update to firefox 37.0.1.
- See https://www.mozilla.org/en-US/firefox/37.0.1/releasenotes/
- Fixes MFSA 2015-43 & 44
2015-04-03 22:59:16 +00:00
landry
26b8310541 Update to firefox 37.0.
- See https://www.mozilla.org/en-US/firefox/37.0/releasenotes/
- Fixes MFSA 2015-30 -> 42
2015-04-02 18:17:50 +00:00
landry
dec565ab69 Security update to firefox 36.0.4.
- See https://www.mozilla.org/en-US/firefox/36.0.4/releasenotes/
- Fixes MFSA 2015-28/29 (Pwn2Own)
- While here, backport commit from ratchov@ in #1144087 fixing audio
  glitches in the sndio backend when playing youtube videos
2015-03-23 21:02:03 +00:00
landry
b3b0cd52a5 Update to firefox-36.0.1.
- See https://www.mozilla.org/en-US/firefox/36.0.1/releasenotes/
- Fixes MFSA 2015-11->27
- widget code moved, move nsPrintSettingsImpl.cpp patch around
- remove patch-xpcom_reflect_xptcall_md_unix_moz_build, merged in #971897
2015-03-16 19:53:54 +00:00
landry
bec1448cbc Update to firefox 35.0.1.
- See https://www.mozilla.org/en-US/firefox/35.0.1/releasenotes/
- while here, demote gstreamer1-plugins-good from RUN_DEPENDS to a
  simple note in the README. It seems having a fully working
out-of-the-box multimedia experience is not worth the attack surface
this brings via all its dependencies.

Note: this doesnt change anything for existing installs, if
gstreamer1-plugins-good/libav is found at runtime firefox will still use
it to play html audio/video. If you dont want that behaviour, have a
look in about:config for the various media.*.enabled keys. Or use lynx.

prodded by tedu@
2015-01-28 17:45:02 +00:00