Commit Graph

810 Commits

Author SHA1 Message Date
Andreas Rammhold
aab1f2dfe2
firefox: 72.0 -> 72.0.1 2020-01-08 23:39:26 +01:00
Andreas Rammhold
40018e5987
firefox: 71.0 -> 72.0 2020-01-08 17:06:35 +01:00
Andreas Rammhold
2ad59bdf8c firefox-esr-68: 68.3.0esr -> 68.4.0esr 2020-01-08 14:48:30 +01:00
Andreas Rammhold
6d8208e373 firefox: prepare for firefox 72 2020-01-08 14:48:30 +01:00
Maximilian Bosch
5ed6a9c70d
firefox: fix for structured attrs 2019-12-31 00:59:00 +01:00
Robin Gloster
ab0cfd9e03
treewide: NIX_*_COMPILE -> string 2019-12-31 00:10:18 +01:00
Franz Pletz
77b6c3cd06
Merge remote-tracking branch 'origin/master' into gcc-9 2019-12-26 14:17:36 +01:00
Franz Pletz
a1e4ee6d4f
firefox: fix indexedDB for 71.0
Adapted original patch[0] to also fix dom localstorage.

[0]: https://bugzilla.mozilla.org/show_bug.cgi?id=1601707#c6
2019-12-07 19:28:47 +01:00
Andreas Rammhold
1993a8bb45
firefox-esr-68: 68.2.0esr -> 68.3.0esr 2019-12-03 14:52:06 +01:00
Andreas Rammhold
8eb6c64404 firefox: 70.0.1 -> 71.0 2019-12-03 11:38:30 +01:00
Frederik Rietdijk
06a054e6eb Merge master into staging-next 2019-11-25 21:51:57 +01:00
John Ericson
d34d84a61d firefox-wrapper: Get rid of name argument
Only pname + version is supported now. (Both are still optional,
however.)
2019-11-24 17:27:45 +00:00
John Ericson
d0d5136cce Merge remote-tracking branch 'upstream/master' into wrapper-pname-support 2019-11-24 17:25:07 +00:00
John Ericson
9b090ccbca treewide: Get rid of most parseDrvName without breaking compat
That is because this commit should be merged to both master and
release-19.09.
2019-11-24 17:22:28 +00:00
adisbladis
c9d8624ccd
treewide: Get rid of libGLU_combined 2019-11-18 20:10:43 +00:00
Will Dietz
c4e9dd4e57 firefox: add option to use fx_cast_bridge 2019-11-16 01:37:14 -06:00
Franz Pletz
5ba6f78efa
firefox-esr-68: fix build with gcc9 2019-11-04 19:17:55 +01:00
taku0
0bc5d7fcfe firefox: 70.0 -> 70.0.1 2019-10-31 21:25:52 +09:00
Frederik Rietdijk
a85e58ac13 Merge master into staging-next 2019-10-23 09:38:37 +02:00
taku0
20dae73330 firefox-esr: 68.1.0esr -> 68.2.0esr 2019-10-22 13:49:56 +09:00
Andreas Rammhold
1b2b4768f6 firefox: 69.0.2 -> 70.0 2019-10-21 21:58:37 +02:00
taku0
6d974eb7ce firefox: 69.0.1 -> 69.0.2 2019-10-05 18:44:22 +09:00
Joachim F
fb5f43a486
Merge pull request #69335 from oxij/pkgs/tor-browser-856
firefoxPackages.tor-browser: 8.5.4 -> 8.5.6
2019-09-24 04:57:16 +00:00
Jan Malakhovski
54c8da0787 firefoxPackages.tor-browser: 8.5.4 -> 8.5.6 2019-09-24 01:54:11 +00:00
Jörg Thalheim
8fc3fe400c
Firefox bin 69.0.1 (#69099)
Firefox bin 69.0.1
2019-09-21 08:28:57 +01:00
Matthew Bauer
abbb9ea848 firefox: mark broken on darwin
this has been broken for a while, best to not make hydra keep building it.
2019-09-20 23:20:32 -04:00
taku0
a4edff0fec firefox: 69.0 -> 69.0.1 2019-09-19 21:50:43 +09:00
Will Dietz
a209776db9
firefox-60-esr: 60.8.0esr -> 60.9.0esr 2019-09-13 22:32:33 -05:00
Vladimír Čunát
41ce0c2a53
Merge #67924: firefox: 68.0.2 -> 69.0 2019-09-07 09:36:47 +02:00
Andreas Rammhold
6dce809b32
firefox-esr: 68.0.2esr -> 68.1.0esr 2019-09-04 11:03:32 +02:00
Andreas Rammhold
87e261843c
firefox/wrapper: Set new style override for legacy profiles & allow downgrades
While Firefox 68 started messing with our profiles and required new
profiles on binary location changes Firefox 69 now verifies that we
aren't downgrading to an older Firefox even of the same version. If you
switch between two channel versions and/or between nixpkgs releases
Firefox will refuse to start and demand a fresh profile. Disabling the
downgrade protection works around that issue.
2019-09-04 02:14:53 +02:00
Andreas Rammhold
77fc386344
firefox: 68.0.2 -> 69.0 2019-09-02 20:58:57 +02:00
Andreas Rammhold
f3d3377477 firefox: support building firefox 69 2019-09-02 16:13:19 +02:00
volth
08f68313a4 treewide: remove redundant rec 2019-08-28 11:07:32 +00:00
Vladimír Čunát
bc238b8df5
firefoxPackages: fix builds based on ESR 60
Attributes: firefox-esr-60, tor-browser(-8-5), icecat
Thanks to Symphorien: #67426
2019-08-25 14:54:46 +02:00
worldofpeace
0552f4dc73
Merge pull request #67214 from stefano-m/master
adoptopenjdk-icedtea-web: rename from icedtea_web
2019-08-23 16:43:52 -04:00
Stefano Mazzucco
a6d234e9e9 adoptopenjdk-icedtea-web: rename from icedtea_web
This is a follow up of https://github.com/NixOS/nixpkgs/pull/66422

- rename icedtea_web to adoptopenjdk-icedtea-web to reflect the new governance
- add icedtea_web and icedtea8_web to aliases.nix for backwards compatibility
- update the attribute name where icedtea_web is used
2019-08-23 21:12:59 +01:00
Robin Gloster
f4fc845e5b
Merge remote-tracking branch 'upstream/master' into openssl-1.1 2019-08-21 14:25:13 +02:00
Robin Gloster
86e1839847
esteidfirefoxplugin: remove
id.ee has removed it and doesn't build with openssl 1.1, there seems to
be a new plugin available
2019-08-21 00:05:18 +02:00
Alex Branham
5ca29a98b2
firefox-esr: 68.0.1esr -> 68.0.2esr 2019-08-16 12:08:51 -05:00
Alex Branham
75ae4a318a
firefox: 68.0.1 -> 68.0.2 2019-08-16 12:08:51 -05:00
taku0
71116cd9d5 firefox-esr: 68.0esr -> 68.0.1esr 2019-07-24 16:19:05 +09:00
taku0
9c7aa99db2 firefox: 68.0 -> 68.0.1 2019-07-24 16:18:08 +09:00
Vladimír Čunát
538c8aebd8
firefox-esr-60: 60.7.2esr -> 60.8.0esr 2019-07-15 13:36:21 +02:00
taku0
75d4e64fad
firefox-esr: 60.7.2esr -> 68.0esr 2019-07-14 22:51:14 +02:00
taku0
0c436f8ca1
firefox: 67.0.4 -> 68.0 2019-07-14 22:46:03 +02:00
SLNOS
279a001062 firefoxPackages.tor-browser: 8.5.2 -> 8.5.4 2019-07-10 08:34:54 +00:00
Robert Helgesson
06d8666a60
firefox: allow overriding config of wrapped package
By moving the `cfg` variable into the wrapper arguments we are able to
override it for an already wrapped package. For example, with this
change one can have

    pkgs.firefox-devedition-bin.override {
      cfg.enableBrowserpass = true;
    }

which would otherwise be difficult to accomplish for packages having a
complicated wrapped definition in `all-packages.nix`.
2019-07-09 00:56:24 +02:00
Vladimír Čunát
df1d27ac31
firefox: fix highly parallel make by upstream patch 2019-07-01 14:37:30 +02:00
SLNOS
2cec4ca4f4 firefoxPackages.tor-browser: 8.5.0 -> 8.5.2 2019-06-21 17:52:26 +00:00
Alyssa Ross
2e8da9d6ec
firefox-esr: 60.7.1esr -> 60.7.2esr
CVE-2019-11708
2019-06-20 19:21:59 +00:00
Alyssa Ross
5f69dc425c
firefox: 67.0.3 -> 67.0.4
CVE-2019-11708
2019-06-20 19:21:56 +00:00
Alyssa Ross
0ca0284580
firefox: 67.0.2 -> 67.0.3
CVE-2019-11707
2019-06-18 20:26:43 +00:00
Alyssa Ross
087c619572
firefox-esr: 60.7.0esr -> 60.7.1esr
CVE-2019-11707
2019-06-18 19:42:55 +00:00
volth
f3282c8d1e treewide: remove unused variables (#63177)
* treewide: remove unused variables

* making ofborg happy
2019-06-16 19:59:05 +00:00
Will Dietz
762f89d157
firefox: 67.0.1 -> 67.0.2 2019-06-11 23:45:56 -05:00
Andreas Rammhold
03128836bb
firefox: 67.0 -> 67.0.1 2019-06-08 18:06:48 +02:00
Will Dietz
88dc069219
tor-browser-bundle: 8.5 -> 8.5.1, security fix!
I think the source variant needs special handling, sorry.
2019-06-06 22:50:21 -05:00
talyz
ae2778c9e3 firefox-wayland: Add missing dependency libglvnd (libEGL)
Firefox running in wayland mode is unable to find and load
libEGL.so (and says so on stdout). This puts it in "basic"
mode (unaccelerated graphics) and disables WebGL. Fix this by adding
libglvnd to the LD_LIBRARY_PATH.
2019-06-05 14:49:55 +02:00
SLNOS
c4962cd506 firefoxPackages.tor-browser: 8.0.9 -> 8.5.0
Actually, more like -> 8.5.0.1 as this version is made against the
branch with the pending fixup patch applied.
2019-05-30 12:31:59 +00:00
Timo Kaufmann
53b08beea6
tridactyl-native: init at 1.14.9 (#61703) 2019-05-28 13:14:06 +02:00
Andreas Rammhold
082ed38cb1
firefox-wrapper: stop creating new profiles when the binary path changes
With a recent change to firefox (that landed in 67) a new profile is
created whenever the install location changes. Since our install
location (the binary path) always changes when we do a new build it is
rather annoying.

Setting the environment variable `SNAP_NAME` to `firefox` is supposed to
workaround the issue.

related to #58923

Woarkound taken from 1ff8b6c3d8

cc @rail
2019-05-24 00:17:40 +02:00
Andreas Rammhold
e57d93af0c
firefox-esr-60: 60.6.3esr -> 60.7.0esr 2019-05-21 07:57:14 +02:00
Andreas Rammhold
f353c0e958
firefox: 66.0.5 -> 67.0 2019-05-20 19:09:17 +02:00
Andreas Rammhold
7f65d06c4f firefox: prepare for firefox 67.0 release
Firefox now requires `llvm-objdump` during the build phase. The aarch64
patches do no longer apply. So far I am guessing that they have been
merged. We should verify that.
2019-05-20 18:29:25 +02:00
Andreas Rammhold
f29d398c69 firefox-esr-60: 60.6.2esr -> 60.6.3esr 2019-05-08 17:54:13 +02:00
Andreas Rammhold
bc3d79f633 firefox: 66.0.4 -> 66.0.5 2019-05-08 11:39:39 +02:00
SLNOS
8b4d53168a firefoxPackages.tor-browser: 8.0.8 -> 8.0.9 2019-05-08 03:45:38 +00:00
Renaud
2fb1b3156f
Merge pull request #60932 from c0bw3b/patches-cleanup
[treewide] delete (some) unused patches
2019-05-07 23:34:04 +02:00
Frederik Rietdijk
0196d8f11c Merge master into staging-next 2019-05-07 09:00:06 +02:00
taku0
07458c2f38 firefox-esr: 60.6.1esr -> 60.6.2esr 2019-05-06 13:35:25 +09:00
Eelco Dolstra
1f6ddfc7e0 firefox: 66.0.3 -> 66.0.4 2019-05-05 23:57:54 +02:00
c0bw3b
9cb260d091 [treewide] delete unused patches 2019-05-04 19:52:24 +02:00
Matthew Bauer
0fe315c9b6 treewide: remove old patches for macOS
These shouldn’t be needed now that we are on macOS 10.12.
2019-04-26 21:54:32 -04:00
taku0
3412a2cfcc firefox: 66.0.2 -> 66.0.3 2019-04-13 10:49:24 +09:00
Andreas Rammhold
4b00df4305
Merge pull request #58630 from volth/patch-312
firefox-esr-52: fix build
2019-04-09 13:08:58 +00:00
Andrew Childs
c6ef39927c firefox: fix aarch64 build 2019-04-07 02:31:27 +09:00
Andrew Childs
5a8ddeea73 firefox: re-enable webrtc on aarch64 (64+); fix comment 2019-04-07 02:31:22 +09:00
Vladimír Čunát
1c4b324c8d
firefoxPackages: fix builds by a patch from Arch 2019-04-06 13:07:35 +02:00
volth
1c290ea724
firefox-esr-52: use gcc6 2019-04-01 06:36:02 +00:00
volth
edbb386dc6
firefox-esr-52: needs libXdamage headers 2019-03-31 20:55:05 +00:00
volth
3551068153
firefox-esr-52: fix build 2019-03-31 18:55:39 +00:00
Andreas Rammhold
c8186ad7b3
firefox: 66.0.1 -> 66.0.2 2019-03-29 10:41:00 +01:00
SLNOS
ec4a7a02ca firefoxPackages.tor-browser: carry over more configureFlags from upstream
These are taken from `tor-browser-build.git` repository.
2019-03-24 18:40:37 +00:00
SLNOS
6ed479de0c firefoxPackages.tor-browser: 8.0.6 -> 8.0.8 2019-03-24 18:40:34 +00:00
Andreas Rammhold
3e7b029ab7
firefox-esr-60: 60.6.0esr -> 60.6.1esr 2019-03-23 01:43:39 +01:00
Andreas Rammhold
e716a952cd
firefox: 66.0 -> 66.0.1 2019-03-23 01:43:20 +01:00
Andreas Rammhold
94d9400b4d
firefox-esr-60: 60.5.2esr -> 60.6.0.esr 2019-03-18 17:27:29 +01:00
Andreas Rammhold
dafe9c3cb0
firefox: 65.0.2 -> 66.0 2019-03-18 17:18:44 +01:00
Andreas Rammhold
d64d42f12d
firefox: support building firefox 66 (and 60.6+) 2019-03-18 17:18:42 +01:00
Jan Tojnar
a92a1ae908
firefox-esr-52: remove updateScript
This is dead package so let’s remove the updateScript which does not evaluate anyway.
2019-03-17 17:39:20 +01:00
Jan Tojnar
20ab640aa2
Merge pull request #56730 from jtojnar/sublime3-updatescript
sublime3: add updateScript
2019-03-06 00:13:44 +01:00
Jan Tojnar
0105058698
common-updater-scripts: Add file and system flags
You can now optionally invoke update-source-versions with:

* --system flag changing the host platform, to be passed dirrectly to Nix commands.
  This is useful for binary packages which have different sources for each platform.
* --file flag allowing to change the file to be modified. This is useful for packages
  that offer multiple variants, listed in a different file than the derivation itself;
  e.g. packages.nix of Sublime Text 3.
* --version-key, which is now a keyword flag instead of a positional argument.
2019-03-02 23:03:04 +01:00
taku0
692a763f60 firefox-esr: 60.5.1esr -> 60.5.2esr 2019-03-01 22:57:53 +09:00
taku0
d59a40c3b0 firefox: 65.0.1 -> 65.0.2 2019-03-01 22:53:35 +09:00
Frederik Rietdijk
2fcb11a244 Merge staging-next into master 2019-03-01 09:06:20 +01:00
Jörg Thalheim
dadc7eb329
treewide: use runtimeShell instead of stdenv.shell whenever possible
Whenever we create scripts that are installed to $out, we must use runtimeShell
in order to get the shell that can be executed on the machine we create the
package for. This is relevant for cross-compiling. The only use case for
stdenv.shell are scripts that are executed as part of the build system.
Usages in checkPhase are borderline however to decrease the likelyhood
of people copying the wrong examples, I decided to use runtimeShell as well.
2019-02-26 14:10:49 +00:00
Frederik Rietdijk
fd48a94b62 Merge staging-next into staging 2019-02-16 09:30:46 +01:00
Joachim F
e9d97c223e
Merge pull request #55738 from oxij/pkgs/tor-browser-update
firefoxPackages.tor-browser: 8.0.5 -> 8.0.6
2019-02-14 19:00:57 +00:00
Andreas Rammhold
826611bef9 firefox: add andir (myself) as maintainer
I have been working on this for some time now so it probably makes
sense...
2019-02-14 11:28:34 +01:00
Andreas Rammhold
2f4c7f3f92 firefox-esr-60: 60.5.0esr -> 60.5.1esr
Release notes: https://www.mozilla.org/en-US/firefox/60.5.1/releasenotes/
2019-02-14 11:28:34 +01:00
Andreas Rammhold
aa2acd0123 firefox: 65.0 -> 65.0.1
Release notes: https://www.mozilla.org/en-US/firefox/65.0.1/releasenotes/
2019-02-14 11:28:34 +01:00
Jan Tojnar
606ceda352
gnome3: stop using aliases 2019-02-14 02:31:15 +01:00
SLNOS
9e65251afe firefoxPackages.tor-browser: 8.0.5 -> 8.0.6 2019-02-13 23:00:48 +00:00
Andreas Rammhold
7eaef48e5a
wrapFirefox: support GDK_BACKEND=wayland
The firefox wrapper now supports setting the GDK_BACKEND to wayland
which is useful in cases where firefox would be started from within an
X-Application inside of wayland. GTK/GDK would otherwise default to the
X11 backend in those situations.

The intention is that people that are using wayland primarily pull in
the new `firefox-wayland` top-level attribute into their environments
instead of just `firefox`. Firefox will then always be started with the
correct rendering backend.
2019-02-03 12:13:02 +01:00
Andreas Rammhold
d7731c3142
firefoxPackages: enable support for wayland
This adds support for building firefox with the gtk wayland backend. It
should work on all the flavors that use >=gtk3. Using the wayland
still allows using the X11 backend.
2019-02-03 11:36:25 +01:00
Jan Malakhovski
26f6fabcfe firefoxPackages: move nixpkgsPatches into common.nix 2019-01-31 17:02:52 +00:00
Jan Malakhovski
e11586f69f firefoxPackages.tor-browser: fix meta 2019-01-31 17:02:52 +00:00
Jan Malakhovski
afd0929f6c firefoxPackages: add a comments explaining the purpose of older versions 2019-01-31 17:02:52 +00:00
SLNOS
86a0112d59 firefoxPackages.tor-browser: 8.0.4 -> 8.0.5 2019-01-31 17:02:51 +00:00
SLNOS
7d9812e158 firefoxPackages.tor-browser: 8.0.3 -> 8.0.4 2019-01-31 17:02:51 +00:00
SLNOS
ff6cc1ac0e firefoxPackages.icecat: init at 60.3.0, 52.6.0
It works, but this state is far from ideal: GNU guys update generated source
tarballs very infrequently. Ideally, src needs to be generated by running
makeicecat over firefox src. Will do later.
2019-01-31 17:02:45 +00:00
Andreas Rammhold
10024f2ad1
firefoxPackages.firefox-esr-60: 60.4.0esr -> 60.5.0esr 2019-01-30 01:25:51 +01:00
Andreas Rammhold
cb7f7364a4 firefox: 64.0.2 -> 65.0
There have been some more changes to the source tree which broke the
buildconfig patch. This commit adds another patch that can be used for
the future versions. Once all the flavors are based off a new(ish)
firefox release we can remove the old patch.
2019-01-29 20:30:42 +01:00
Andreas Rammhold
08ba4f13c9 firefoxPackages: support building with firefox 65
Firefox >=65 will depend on icu >=63. All the older firefox versions
(and derived packages) seem to work fine with this change.

Also the system path environment patch will fail to apply since there
was a trivial whitespace change in the source file. By adding `-l` to
patch we can avoid having to track two patches that do basically the
same. Having patchFlags per file without resorting to pre-/postPatch
would be nicer but there doesn't seem to be a facility for that right
now.
2019-01-29 20:30:42 +01:00
Vladimír Čunát
bde8efe792
Merge branch 'master' into staging-next
A couple thousand rebuilds have accumulated on master.
2019-01-12 12:19:34 +01:00
taku0
08f779a9c3 firefox: 64.0 -> 64.0.2 2019-01-10 20:16:21 +09:00
Lengyel Balazs
f4a53ff3bc treewide/xorg: replace *proto with xorgproto 2019-01-04 14:38:57 +01:00
Jörg Thalheim
1b146a8c6f
treewide: remove paxutils from stdenv
More then one year ago we removed grsecurity kernels from nixpkgs:
https://github.com/NixOS/nixpkgs/pull/25277

This removes now also paxutils from stdenv.
2018-12-22 12:55:05 +01:00
Andreas Rammhold
ccd160023c
firefox: 63.0.3 -> 64.0
See #51863.
2018-12-12 11:27:23 +01:00
Andreas Rammhold
d16d0b3762
firefox-esr-60: 60.3.0esr -> 60.4.0esr
See #51863.
2018-12-12 00:25:57 +01:00
Andreas Rammhold
783dc61f68
firefox: updated common.nix to support ffx64
See #51863.
2018-12-12 00:25:33 +01:00
Jan Tojnar
59a94b57f0
update.nix: Run update scripts in parallel
To make updating large attribute sets faster, the update scripts
are now run in parallel.

Please note the following changes in semantics:

- The string passed to updateScript needs to be a path to an executable file.
- The updateScript can also be a list: the tail elements will then be passed
  to the head as command line arguments.
2018-12-01 19:17:13 +01:00
Michael Raskin
355aa4e9ca
Merge pull request #50484 from taku0/firefox-bin-63.0.3
firefox, firefox-bin: 63.0.1 -> 63.0.3
2018-11-17 16:54:35 +00:00
Andreas Rammhold
b4f2c7ba8b
Merge pull request #50373 from pbogdan/ff-no-gs
firefoxen: remove unused gstreamer dependencies
2018-11-16 16:25:23 +01:00
taku0
917309fa62 firefox: 63.0.1 -> 63.0.3 2018-11-16 23:14:14 +09:00
taku0
4bb9af228e common-updater, firefox: fix updater for firefox 2018-11-16 23:04:54 +09:00
Piotr Bogdan
3e7b6b5bfa firefoxen: remove unused gstreamer dependencies
Firefox and, by extension, Tor browser don't support gstreamer any more, this
removes what are effectively unused dependencies.

https://bugzilla.mozilla.org/show_bug.cgi?id=1234092 "Remove gstreamer support"
2018-11-14 22:29:48 +00:00
Andreas Rammhold
66e16843b3
firefox: apply patch for newer rust-cbindgen
rust-cbindgen did apply some breaking changes which requires the added
patch in order to compile until a firefox version with the fix gets
released. Firefox 63.0.3 is supposed to carry the required patches. This
should only be required for a short term.
2018-11-14 20:51:19 +01:00
Michael Raskin
108de151f8 firefox: 63.0 -> 63.0.1; firefox-esr: 60.2.2esr -> 60.3.0esr 2018-11-08 20:23:33 +03:00
Michael Raskin
adf41ed942
Merge pull request #49864 from oxij/pkgs/tiny-things
trivial: tiny cleanups and fixes
2018-11-08 06:28:10 +00:00
Jan Malakhovski
d2d80e6d30 firefox: disable pulseaudio support on non-Linux by default 2018-11-08 05:20:18 +00:00
Andreas Rammhold
551ef1ac41 firefox: provide clang configure flags on i686
With the upgrade to firefox 62 clang flags are now required on i686.

(cherry picked from commit acf4a4eff3)
2018-11-07 19:44:01 +01:00
Andreas Rammhold
c8d45086d1
firefox-esr-60: drop skia patch on aarch64 2018-11-07 16:47:24 +01:00
Matthew Harm Bekkema
9973a266ab firefox-esr-60: 60.2.2 -> 60.3.0 [critical security fixes]
This update bumps the package to the latest stable version containing a
few security fixes:

- CVE-2018-12392: Crash with nested event loops
  When manipulating user events in nested loops while opening a document
  through script, it is possible to trigger a potentially exploitable
  crash due to poor event handling.

- CVE-2018-12393: Integer overflow during Unicode conversion while loading JavaScript
  A potential vulnerability was found in 32-bit builds where an integer
  overflow during the conversion of scripts to an internal UTF-16
  representation could result in allocating a buffer too small for the
  conversion. This leads to a possible out-of-bounds write.
  Note: 64-bit builds are not vulnerable to this issue.

- CVE-2018-12395: WebExtension bypass of domain restrictions through header rewriting
  By rewriting the Host request headers using the webRequest API, a
  WebExtension can bypass domain restrictions through domain fronting.
  This would allow access to domains that share a host that are
  otherwise restricted.

- CVE-2018-12396: WebExtension content scripts can execute in disallowed contexts
  A vulnerability where a WebExtension can run content scripts in
  disallowed contexts following navigation or other events. This allows
  for potential privilege escalation by the WebExtension on sites where
  content scripts should not be run.

- CVE-2018-12397: Missing warning prompt when WebExtension requests local file access
  A WebExtension can request access to local files without the warning
  prompt stating that the extension will "Access your data for all
  websites" being displayed to the user. This allows extensions to run
  content scripts in local pages without permission warnings when a
  local file is opened.

- CVE-2018-12389: Memory safety bugs fixed in Firefox ESR 60.3
  Mozilla developers and community members Daniel Veditz and Philipp
  reported memory safety bugs present in Firefox ESR 60.2. Some of these
  bugs showed evidence of memory corruption and we presume that with
  enough effort that some of these could be exploited to run arbitrary
  code.

- CVE-2018-12390: Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3
  Mozilla developers and community members Christian Holler, Bob Owen,
  Boris Zbarsky, Calixte Denizet, Jason Kratzer, Jed Davis, Taegeon Lee,
  Philipp, Ronald Crane, Raul Gurzau, Gary Kwong, Tyson Smith, Raymond
  Forbes, and Bogdan Tara reported memory safety bugs present in Firefox
  62 and Firefox ESR 60.2. Some of these bugs showed evidence of memory
  corruption and we presume that with enough effort that some of these
  could be exploited to run arbitrary code.

Source: https://www.mozilla.org/en-US/security/advisories/mfsa2018-27/
2018-11-03 22:51:36 +11:00
Joachim F
3272b9a2e9
Merge pull request #49173 from oxij/pkgs/update-tor-browser-again
firefoxPackages.tor-browser: 8.0.2 -> 8.0.3
2018-10-29 09:54:17 +00:00
SLNOS
87d0fe0049 firefoxPackages.tor-browser: 8.0.2 -> 8.0.3 2018-10-26 18:02:05 +00:00
Andreas Rammhold
277da59e47
firefox: 62.0.3 -> 63.0 2018-10-23 10:15:46 +02:00
SLNOS
0e3df42d64 firefoxPackages.tor-browser-8-0: apply a fix from bugzilla 2018-10-21 19:18:28 +00:00
SLNOS
bd7c0c8a6c firefoxPackages.tor-browser: 7.5.6 -> 8.0.2
Mostly usable now.
2018-10-19 16:46:55 +00:00
SLNOS
b21b9bbd6c firefoxPackages: indent 2018-10-19 16:46:41 +00:00
SLNOS
5ec27f3033 firefoxPackages: cleanup
Misc cleanups, but mainly this:

Before:
- `version` could mean either Firefox or TorBrowser version,
- `configureFlags` was hacky.

Now:
- `ffversion` is Firefox version, `tbversion` is TorBrowser version,
- `configureFlags` is much less hacky.
2018-10-19 16:46:28 +00:00
Andreas Rammhold
246d2848ff
firefox-esr-60: 60.2.1 -> 60.2.2 [critical security fixes]
This update bumps the package to the latest stable version containing a
few security fixes:

- CVE-2018-12386: Type confusion in JavaScript
  A vulnerability in register allocation in JavaScript can lead to type
  confusion, allowing for an arbitrary read and write. This leads to
  remote code execution inside the sandboxed content process when
  triggered.

- CVE-2018-12387
  A vulnerability where the JavaScript JIT compiler inlines
  Array.prototype.push with multiple arguments that results in the stack
  pointer being off by 8 bytes after a bailout. This leaks a memory
  address to the calling function which can be used as part of an
  exploit inside the sandboxed content process.

Source: https://www.mozilla.org/en-US/security/advisories/mfsa2018-24/
2018-10-03 09:51:13 +02:00
Andreas Rammhold
e7785f1148
firefox: 62.0.2 -> 62.0.3 [critical security fixes]
This update bumps the package to the latest stable version containing a
few security fixes:

- CVE-2018-12386: Type confusion in JavaScript
  A vulnerability in register allocation in JavaScript can lead to type
  confusion, allowing for an arbitrary read and write. This leads to
  remote code execution inside the sandboxed content process when
  triggered.

- CVE-2018-12387
  A vulnerability where the JavaScript JIT compiler inlines
  Array.prototype.push with multiple arguments that results in the stack
  pointer being off by 8 bytes after a bailout. This leaks a memory
  address to the calling function which can be used as part of an
  exploit inside the sandboxed content process.

Source: https://www.mozilla.org/en-US/security/advisories/mfsa2018-24/
2018-10-03 09:51:13 +02:00
Pavol Rusnak
62b15996a7
mozilla-plugins/trezor: remove applications/networking/browsers/mozilla-plugins/trezor
trezor-mozilla-plugin is no longer maintained software

package pkgs/servers/trezord should be used instead
2018-09-29 12:24:43 +02:00
taku0
e5778a9991 firefox-esr: 60.2.0esr -> 60.2.1esr 2018-09-24 09:13:03 +09:00
taku0
da9823672f firefox: 61.0.2 -> 62.0.2 2018-09-22 03:13:50 +09:00
taku0
0a3f07077b firefox-esr: 60.1.0esr -> 60.2.0esr, mark 52.9.0esr insecure 2018-09-07 08:14:48 +09:00
taku0
26cbfe1035 firefox: 61.0.2 -> 62.0 2018-09-04 21:16:46 +09:00
John Ericson
2c2f1e37d4 reewide: Purge all uses stdenv.system and top-level system
It is deprecated and will be removed after 18.09.
2018-08-30 17:20:32 -04:00