See https://www.mozilla.org/en-US/firefox/66.0/releasenotes/
Fixes https://www.mozilla.org/security/advisories/mfsa2019-07/
Note that per
http://www.erahm.org/2019/03/13/doubling-the-number-of-content-processes-in-firefox/
the default number of content processes is now 8, change it via
dom.ipc.processCount in about:config if this is too much for your
resources.
Disable debug symbols on amd64 too, this allows to build with rust >=
1.32 with 4gb memory...
See https://www.mozilla.org/en-US/firefox/65.0/releasenotes/
Fixes https://www.mozilla.org/en-US/security/advisories/mfsa2019-01/
* link against systemwide icu4c now that it's been updated
* add 'video' to main process pledge: note that by default on OpenBSD
only root can access the video device, so this changes nothing.
* document how to enable audio recording and changing video/webcam
device ownership for proper WebRTC usage.
beware if you try building this: in -current, rust fails to build any
mozilla since the devel/llvm update, but this is known and being worked on.
See https://www.mozilla.org/en-US/firefox/63.0.1/releasenotes/
- fix build with cbindgen 0.6.7
- really disable media autoplay by default, the knob changed (cf #1470082)
- use about:blank as default homepage/new tab page in new profiles.
Rationale: some parts of Activity Stream (the new Firefox Home) are nice
(ie searchbox, highlights, topsites from browsing history, etc) but
'snippets' is invasive (them being broken is a driver for this version,
cf #1503047, where comments are.. worrying), as is 'Recommended by
pocket' content shown to some countries (DE, CA, US..) - sadly, those
two sections cant easily be disabled (cf #1504279) on about:newtab, so
use the about:blank big hammer for privacy. Existing profiles still
using the default 'Firefox Home' are advised to visit
about:preferences#home and uncheck 'snippets' and 'pages saved to
pocket'... and read https://www.mozilla.org/en-US/privacy/firefox/.
While here add a section in pkg/README advising users using NIS or with
profiles on NFS to add getpw to the content process pledge, as it's
apparently needed in those conditions.
lib/firefox-X.Y, which isnt the case anymore since 59.. should fix
langpacks detection, and presence of the 'languages' section in
about:addons.
Noticed by and hints from semarie@, thanks!
See https://www.mozilla.org/en-US/firefox/61.0/releasenotes/
Fixes https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/
- build against bundled hunspell (#1460600), build against system
hunspell is unsupported
- build depend on python3 in addition to python2. sigh.
- improve pledge messages to show the process id, and put the debugging
ones behind MOZ_SANDBOX_LOGGING env var being set
- workaround content process 'proc' pledge violations by faking a
session dbus if one isnt running, see #1466593. idea from semarie@
- backport patch from #1467882 that improves sndio volume handling, from
ratchov@
See https://www.mozilla.org/en-US/firefox/60.0.1/releasenotes/
After numerous reports of pledge aborts when saving files (while for
some reason i'm not experiencing it) add 'getpw' to main process
promises. Also add 'mcast', because sometimes a setsockopt() seems to be
called with IP_MULTICAST_TTL.
Improve README:
- drop the now deprecated section about plugins
- improve section about debugging with pledge info
- add a section advising users to make sure a session dbus instance is
running when starting their X session, otherwise for some reason the
content process might try to spawn one via glib, and this is forbidden
by pledge. You don't want the content process to be able to spawn
processes, right ?
See https://www.mozilla.org/en-US/firefox/60.0/releasenotes/
Fixes https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/
- Add initial/wip pledge() support, with distinct subsets for main &
content processes. The promises are runtime-configurable for now via
about:config knobs to ease debugging/testing. They're printed on stderr
when applied by the sandboxing codepaths (cf
patch-toolkit_xre_nsAppRunner_cpp and patch-dom_ipc_ContentChild_cpp).
- Add a bunch of patches (patch-widget_nsShmImage_cpp,
patch-xpcom_base_nsDebugImpl_cpp, patch-mozglue_misc_TimeStamp_posix_cpp and
patch-xpcom_base_nsMemoryReporterManager_cpp) to neuter non-critical
codepaths that calls pledge-forbidden syscalls.
- All this pledge() stuff being currently discussed upstream in
https://bugzilla.mozilla.org/show_bug.cgi?id=1457092 and done at p2k18.
Been running with it since then, and i'm fairly confident the pledge
subsets i come up with are now enough for most usages.
If you encounter crashes due to pledge, look into your kernel log, and
try to figure out what missing pledge is needed or what firefox codepath
hits it.
So far i know 'getpw' might be needed when uploading files but i havent
hit it, and 'proc' might be needed by the content process when there's
no dbus daemon running, but they're not needed in the 'common case', and
too broad.
- While here, tweak defaults to disable the pocket extension, and try to
disable the activity-stream/sponsored content that is being shown by
default on the new tab page in new profiles. Stop the madness, plz.
been replaced by intl.locale.requested, though it *should* use the OS
locale (which one ? LANG in the env? *shrug*) - see #1414390 for the
gory details.
Tested to work fine with fr langpack in 60.0b3.
See https://www.mozilla.org/en-US/firefox/59.0/releasenotes/
Fixes https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
- Selfhost the source tarball temporarly until bug #1432591 is fixed
- add show-commit convenience target
- use bundled cairo, system cairo is broken and the option to build
against a it is being removed in #1432751
- remove version from the install dir (per #445128)
- in the README, remove now useless section about e10s (it's enabled by
default) and replace it by a section explaining how to enable GL
compositing and WebRender.
Note that backporting it to 6.2 might not be possible. Currently hacking
various options.
