lib/firefox-X.Y, which isnt the case anymore since 59.. should fix
langpacks detection, and presence of the 'languages' section in
about:addons.
Noticed by and hints from semarie@, thanks!
See https://www.mozilla.org/en-US/firefox/61.0/releasenotes/
Fixes https://www.mozilla.org/en-US/security/advisories/mfsa2018-15/
- build against bundled hunspell (#1460600), build against system
hunspell is unsupported
- build depend on python3 in addition to python2. sigh.
- improve pledge messages to show the process id, and put the debugging
ones behind MOZ_SANDBOX_LOGGING env var being set
- workaround content process 'proc' pledge violations by faking a
session dbus if one isnt running, see #1466593. idea from semarie@
- backport patch from #1467882 that improves sndio volume handling, from
ratchov@
See https://www.mozilla.org/en-US/firefox/60.0.1/releasenotes/
After numerous reports of pledge aborts when saving files (while for
some reason i'm not experiencing it) add 'getpw' to main process
promises. Also add 'mcast', because sometimes a setsockopt() seems to be
called with IP_MULTICAST_TTL.
Improve README:
- drop the now deprecated section about plugins
- improve section about debugging with pledge info
- add a section advising users to make sure a session dbus instance is
running when starting their X session, otherwise for some reason the
content process might try to spawn one via glib, and this is forbidden
by pledge. You don't want the content process to be able to spawn
processes, right ?
See https://www.mozilla.org/en-US/firefox/60.0/releasenotes/
Fixes https://www.mozilla.org/en-US/security/advisories/mfsa2018-11/
- Add initial/wip pledge() support, with distinct subsets for main &
content processes. The promises are runtime-configurable for now via
about:config knobs to ease debugging/testing. They're printed on stderr
when applied by the sandboxing codepaths (cf
patch-toolkit_xre_nsAppRunner_cpp and patch-dom_ipc_ContentChild_cpp).
- Add a bunch of patches (patch-widget_nsShmImage_cpp,
patch-xpcom_base_nsDebugImpl_cpp, patch-mozglue_misc_TimeStamp_posix_cpp and
patch-xpcom_base_nsMemoryReporterManager_cpp) to neuter non-critical
codepaths that calls pledge-forbidden syscalls.
- All this pledge() stuff being currently discussed upstream in
https://bugzilla.mozilla.org/show_bug.cgi?id=1457092 and done at p2k18.
Been running with it since then, and i'm fairly confident the pledge
subsets i come up with are now enough for most usages.
If you encounter crashes due to pledge, look into your kernel log, and
try to figure out what missing pledge is needed or what firefox codepath
hits it.
So far i know 'getpw' might be needed when uploading files but i havent
hit it, and 'proc' might be needed by the content process when there's
no dbus daemon running, but they're not needed in the 'common case', and
too broad.
- While here, tweak defaults to disable the pocket extension, and try to
disable the activity-stream/sponsored content that is being shown by
default on the new tab page in new profiles. Stop the madness, plz.
been replaced by intl.locale.requested, though it *should* use the OS
locale (which one ? LANG in the env? *shrug*) - see #1414390 for the
gory details.
Tested to work fine with fr langpack in 60.0b3.
See https://www.mozilla.org/en-US/firefox/59.0/releasenotes/
Fixes https://www.mozilla.org/en-US/security/advisories/mfsa2018-06/
- Selfhost the source tarball temporarly until bug #1432591 is fixed
- add show-commit convenience target
- use bundled cairo, system cairo is broken and the option to build
against a it is being removed in #1432751
- remove version from the install dir (per #445128)
- in the README, remove now useless section about e10s (it's enabled by
default) and replace it by a section explaining how to enable GL
compositing and WebRender.
Note that backporting it to 6.2 might not be possible. Currently hacking
various options.
See https://www.mozilla.org/en-US/firefox/57.0/releasenotes/
Fixes MFSA2017-24, see https://www.mozilla.org/en-US/security/advisories/mfsa2017-24/
- Legacy extensions are now unsupported and will stop working - you've
been warned, deal with it
- a separate single content process is now enabled by default
- remove gettext MODULE (reminded by naddy@)
- build stylo css engine (for that, add patches from #1401093 and #1341234)
- remove debugger.js patch, merged upstream (#1400197)
- build webrender, it's not enabled by default at runtime yet, but one
can test it by setting MOZ_WEBRENDER=1 in the env; See
https://wiki.mozilla.org/Platform/GFX/Quantum_Render for details.
- backport patch from ratchov@ (#1221580) enabling full-duplex audio in
cubeb, for a working audio webrtc experience ! Try it...
Tested by many, thanks!
See https://www.mozilla.org/en-US/firefox/55.0.1/releasenotes/
* Fix a regression the tab restoration process (bug 1388160)
* Fix a problem causing What's new pages not to be displayed (bug 1386224)
* Fix a rendering issue with some PKCS#11 libraries (bug 1388370)
* Disable the predictor prefetch (bug 1388160)
-stable commit awaiting packages...
Fixes MFSA 2017-08/CVE-2017-5428, see
https://www.mozilla.org/en-US/security/advisories/mfsa2017-08/
While here, add a patch from semarie@ (tested by and ok danj@) to tweak
a last-minute change in the jit engine memory allocator that happened to
fix a security issue in 52 branch (bug #1334933/CVE-2017-5400) - see
https://hg.mozilla.org/releases/mozilla-esr52/rev/6b35bbf96b67.
Sadly, this change resulted in a browser crashing at startup
on OpenBSD with the default limits, because the jit engine tried to
allocate 1Gb (previously 640Mb in #1334933, then 1Gb because of
#1337561, see
https://hg.mozilla.org/releases/mozilla-esr52/rev/65bb26d07408) and hit
the default datasize ulimit of 768Mb. The patch makes it allocate 128Mb
instead (as it's done on 32bit architectures), while a better (?) fix
might be devised in bug #1347139.
Generally speaking, if you see firefox crashing with ENOMEM errors,
raise the datasize limit for your login class, write your own wrapper
script to temporarly raise the limit when starting firefox, or stop
using the modern web. Websites are ginormous, deal with it.
See https://www.mozilla.org/en-US/firefox/52.0/releasenotes/
Remove patch for #1335827, merged upstream.
Note that this release removes support for NPAPI plugins (java, etc..) -
users relying on those should migrate to firefox-esr, where NPAPI
plugins will be supported for the lifetime of 52esr branch.
Tested by several, thanks!
See https://www.mozilla.org/en-US/firefox/50.0/releasenotes/
and https://www.mozilla.org/en-US/security/advisories/mfsa2016-89/
Switch back to build against systemwide sqlite3 coming from the
ports-tree. Remove the build goo for macppc|sparc64|alpha, it's unlikely
this will ever come back...
See https://www.mozilla.org/en-US/firefox/49.0/releasenotes/ (.1 is for
a windows-only fix) - not that 'loop' (ex-firefox hello) was removed
from the browser.
- Fixes MFSA 2016-85
- Remove media/ffvpx/config.h patch, merged upstream/fixed differently in
bug #1239550
- Set media.autoplay.enabled to false by default, i'm usually wary of
changing upstream defaults, but this one is unfuriating with "the
modern web and all this funky video ads".. this one got support from
many.
- Add a blurb to README explaining how to enable/test e10s/multi-process
support.
- See https://www.mozilla.org/en-US/firefox/48.0/releasenotes/
- Fixes MFSA 2016-62->84
- See
https://blog.mozilla.org/blog/2016/08/02/exciting-improvements-in-firefox-for-desktop-and-android/
for user-facing changes
- Switch CONFIGURE_STYLE to simple as it's really not a gnu script
anymore..
- Remove gtk 3.20 jumbo patch, most gtk3 issues are either fixed or
being worked on, and the patch isnt maintainable
- Remove patch-gfx_skia_moz_build, it isn't needed anymore on i386, and
SSE2 will soon be a hard runtime requirement anyway
- Remove patch-media_libcubeb_src_cubeb_sndio_c, merged upstream (#1153151 & #1153179)
- Remove
patch-toolkit_components_protobuf_src_google_protobuf_stubs_atomicops_h,
merged upstream (#1192556)
- Note that WebRT was removed
