Pullup ticket #6134 - requested by nia

www/firefox68: security fix Revisions pulled up: - www/firefox68/Makefile 1.12 - www/firefox68/PLIST 1.4 - www/firefox68/distinfo 1.10 --- Module Name: pkgsrc Committed By: nia Date: Sat Feb 15 12:48:22 UTC 2020 Modified Files: pkgsrc/www/firefox68: Makefile PLIST distinfo Log Message: firefox68: Update to 68.5.0 Security Vulnerabilities fixed in Firefox ESR68.5 # CVE-2020-6796: Missing bounds check on shared memory read in the parent process # CVE-2020-6797: Extensions granted downloads.open permission could open arbitrary applications on Mac OSX # CVE-2020-6798: Incorrect parsing of template tag could result in JavaScript injection # CVE-2020-6799: Arbitrary code execution when opening pdf links from other applications, when Firefox is configured as default pdf reader Note: This issue only affects Windows operating systems and when Firefox is configured as the default handler for non-default filetypes. Other operating systems are unaffected. # CVE-2020-6800: Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5
author: bsiegert <bsiegert@pkgsrc.org> 2020-02-23 11:50:10 +0000
committer: bsiegert <bsiegert@pkgsrc.org> 2020-02-23 11:50:10 +0000
commit: ec965cd4cdd39732c9610018eb784d7a5d6a5f0c (patch)
tree: 359b6bf6c6de7bac3b196211a5b2a4104ca95a7d
parent: f1a18027c11e011f798d133817177dc2fc365110 (diff)
download: pkgsrc-ec965cd4cdd39732c9610018eb784d7a5d6a5f0c.tar.gz
3 files changed, 21 insertions, 14 deletions
diff --git a/www/firefox68/Makefile b/www/firefox68/Makefile
index aadfee8fb79..05b85ed4d3c 100644
--- a/www/firefox68/Makefile
+++ b/www/firefox68/Makefile
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.5.4.1 2020/01/10 13:56:19 bsiegert Exp $
+# $NetBSD: Makefile,v 1.5.4.2 2020/02/23 11:50:10 bsiegert Exp $
 
 FIREFOX_VER=		${MOZ_BRANCH}${MOZ_BRANCH_MINOR}
-MOZ_BRANCH=		68.4
-MOZ_BRANCH_MINOR=	.1esr
+MOZ_BRANCH=		68.5
+MOZ_BRANCH_MINOR=	.0esr
 
 DISTNAME=	firefox-${FIREFOX_VER}.source
 PKGNAME=	${DISTNAME:S/.source//:S/b/beta/:S/esr//:S/firefox-/firefox68-/}
diff --git a/www/firefox68/PLIST b/www/firefox68/PLIST
index e4b6b56b872..0c143a3d932 100644
--- a/www/firefox68/PLIST
+++ b/www/firefox68/PLIST
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.3 2019/12/08 20:09:41 nia Exp $
+@comment $NetBSD: PLIST,v 1.3.4.1 2020/02/23 11:50:10 bsiegert Exp $
 bin/firefox68
 lib/firefox68/actors/AudioPlaybackChild.jsm
 lib/firefox68/actors/AutoplayChild.jsm
@@ -4240,16 +4240,19 @@ lib/firefox68/browser/features/webcompat@mozilla.org/about-compat/aboutPage.js
 lib/firefox68/browser/features/webcompat@mozilla.org/about-compat/aboutPage.json
 lib/firefox68/browser/features/webcompat@mozilla.org/about-compat/aboutPageProcessScript.js
 lib/firefox68/browser/features/webcompat@mozilla.org/data/injections.js
+lib/firefox68/browser/features/webcompat@mozilla.org/data/picture_in_picture_overrides.js
 lib/firefox68/browser/features/webcompat@mozilla.org/data/ua_overrides.js
 lib/firefox68/browser/features/webcompat@mozilla.org/experiment-apis/aboutConfigPrefs.js
 lib/firefox68/browser/features/webcompat@mozilla.org/experiment-apis/aboutConfigPrefs.json
 lib/firefox68/browser/features/webcompat@mozilla.org/experiment-apis/experiments.js
 lib/firefox68/browser/features/webcompat@mozilla.org/experiment-apis/experiments.json
+lib/firefox68/browser/features/webcompat@mozilla.org/experiment-apis/pictureInPicture.js
+lib/firefox68/browser/features/webcompat@mozilla.org/experiment-apis/pictureInPicture.json
 lib/firefox68/browser/features/webcompat@mozilla.org/experiment-apis/sharedPreferences.js
 lib/firefox68/browser/features/webcompat@mozilla.org/experiment-apis/sharedPreferences.json
+lib/firefox68/browser/features/webcompat@mozilla.org/experiment-apis/systemManufacturer.js
+lib/firefox68/browser/features/webcompat@mozilla.org/experiment-apis/systemManufacturer.json
 lib/firefox68/browser/features/webcompat@mozilla.org/injections/css/bug0000000-testbed-css-injection.css
-lib/firefox68/browser/features/webcompat@mozilla.org/injections/css/bug1305028-gaming.youtube.com-webkit-scrollbar.css
-lib/firefox68/browser/features/webcompat@mozilla.org/injections/css/bug1432935-breitbart.com-webkit-scrollbar.css
 lib/firefox68/browser/features/webcompat@mozilla.org/injections/css/bug1432935-discordapp.com-webkit-scorllbar-white-line.css
 lib/firefox68/browser/features/webcompat@mozilla.org/injections/css/bug1518781-twitch.tv-webkit-scrollbar.css
 lib/firefox68/browser/features/webcompat@mozilla.org/injections/css/bug1526977-sreedharscce.in-login-fix.css
@@ -4265,20 +4268,24 @@ lib/firefox68/browser/features/webcompat@mozilla.org/injections/css/bug1575011-h
 lib/firefox68/browser/features/webcompat@mozilla.org/injections/css/bug1575017-dunkindonuts.com-flex-basis.css
 lib/firefox68/browser/features/webcompat@mozilla.org/injections/css/bug1577270-binance.com-calc-height-fix.css
 lib/firefox68/browser/features/webcompat@mozilla.org/injections/css/bug1577297-kitkat.com.au-slider-width-fix.css
+lib/firefox68/browser/features/webcompat@mozilla.org/injections/css/bug1605611-maps.google.com-directions-time.css
+lib/firefox68/browser/features/webcompat@mozilla.org/injections/css/bug1609991-cracked.com-flex-basis-fix.css
+lib/firefox68/browser/features/webcompat@mozilla.org/injections/css/bug1610016-gaana.com-input-position-fix.css
 lib/firefox68/browser/features/webcompat@mozilla.org/injections/js/bug0000000-testbed-js-injection.js
 lib/firefox68/browser/features/webcompat@mozilla.org/injections/js/bug1452707-window.controllers-shim-ib.absa.co.za.js
 lib/firefox68/browser/features/webcompat@mozilla.org/injections/js/bug1457335-histography.io-ua-change.js
 lib/firefox68/browser/features/webcompat@mozilla.org/injections/js/bug1472075-bankofamerica.com-ua-change.js
-lib/firefox68/browser/features/webcompat@mozilla.org/injections/js/bug1472081-election.gov.np-window.sidebar-shim.js
-lib/firefox68/browser/features/webcompat@mozilla.org/injections/js/bug1482066-portalminasnet.com-window.sidebar-shim.js
 lib/firefox68/browser/features/webcompat@mozilla.org/injections/js/bug1570856-medium.com-menu-isTier1.js
 lib/firefox68/browser/features/webcompat@mozilla.org/injections/js/bug1577245-salesforce-communities-hide-unsupported.js
 lib/firefox68/browser/features/webcompat@mozilla.org/injections/js/bug1579159-m.tailieu.vn-pdfjs-worker-disable.js
+lib/firefox68/browser/features/webcompat@mozilla.org/injections/js/bug1605611-maps.google.com-directions-time.js
+lib/firefox68/browser/features/webcompat@mozilla.org/injections/js/bug1610358-pcloud.com-appVersion-change.js
 lib/firefox68/browser/features/webcompat@mozilla.org/lib/about_compat_broker.js
 lib/firefox68/browser/features/webcompat@mozilla.org/lib/custom_functions.js
 lib/firefox68/browser/features/webcompat@mozilla.org/lib/google.js
 lib/firefox68/browser/features/webcompat@mozilla.org/lib/injections.js
 lib/firefox68/browser/features/webcompat@mozilla.org/lib/module_shim.js
+lib/firefox68/browser/features/webcompat@mozilla.org/lib/picture_in_picture_overrides.js
 lib/firefox68/browser/features/webcompat@mozilla.org/lib/ua_overrides.js
 lib/firefox68/browser/features/webcompat@mozilla.org/manifest.json
 lib/firefox68/browser/features/webcompat@mozilla.org/run.js
@@ -5425,10 +5432,10 @@ lib/firefox68/modules/GMPExtractorWorker.js
 lib/firefox68/modules/GMPInstallManager.jsm
 lib/firefox68/modules/GMPUtils.jsm
 lib/firefox68/modules/Geometry.jsm
-lib/firefox68/modules/HiddenFrame.jsm
 lib/firefox68/modules/HTMLMenuBuilder.jsm
 lib/firefox68/modules/HealthPing.jsm
 lib/firefox68/modules/HelperAppDlg.jsm
+lib/firefox68/modules/HiddenFrame.jsm
 lib/firefox68/modules/History.jsm
 lib/firefox68/modules/Http.jsm
 lib/firefox68/modules/HybridContentTelemetry.jsm
diff --git a/www/firefox68/distinfo b/www/firefox68/distinfo
index 481b690c1f1..bc2cc70f6c8 100644
--- a/www/firefox68/distinfo
+++ b/www/firefox68/distinfo
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.5.4.1 2020/01/10 13:56:19 bsiegert Exp $
+$NetBSD: distinfo,v 1.5.4.2 2020/02/23 11:50:10 bsiegert Exp $
 
-SHA1 (firefox-68.4.1esr.source.tar.xz) = f11c0ecc0f17435149a2bce83f490bbd329e276d
-RMD160 (firefox-68.4.1esr.source.tar.xz) = 78098317b75b079a475a0bcb8a5f012178c1a643
-SHA512 (firefox-68.4.1esr.source.tar.xz) = 8dd85096f1223b2ab396cc3b89a9f1b113f01ce8919af08a278d077cc4380c108a66b6379c75d85311aa3c54a7804f4d51f718b309fe107ff7c44aca7e4386ed
-Size (firefox-68.4.1esr.source.tar.xz) = 318559576 bytes
+SHA1 (firefox-68.5.0esr.source.tar.xz) = 5e74dc0335b09819b24285d23e7746ca70af1dae
+RMD160 (firefox-68.5.0esr.source.tar.xz) = 34b2446b42e98de3e9f5798466bd4f49375dd44a
+SHA512 (firefox-68.5.0esr.source.tar.xz) = 0acf4ecd47bccf062ab330231e36355f5d84e66ab411f653ae3160583613840925bb473c0f7dfa4b15311a543940293c4633516851c9466c4b0133c9271710d3
+Size (firefox-68.5.0esr.source.tar.xz) = 314176068 bytes
 SHA1 (patch-aa) = 1f292aae7d37bd480ba834324b737bfebee52503
 SHA1 (patch-browser_app_profile_firefox.js) = 076cc2892547bac07fe907533f4e821f13f5738e
 SHA1 (patch-build_moz.configure_old.configure) = 05963b12fd908d90e3378b30cff7e48291b8a447
author	bsiegert <bsiegert@pkgsrc.org>	2020-02-23 11:50:10 +0000
committer	bsiegert <bsiegert@pkgsrc.org>	2020-02-23 11:50:10 +0000
commit	ec965cd4cdd39732c9610018eb784d7a5d6a5f0c (patch)
tree	359b6bf6c6de7bac3b196211a5b2a4104ca95a7d
parent	f1a18027c11e011f798d133817177dc2fc365110 (diff)
download	pkgsrc-ec965cd4cdd39732c9610018eb784d7a5d6a5f0c.tar.gz