firefox-64.0

[ken@…]

Source is now available, release notes will probably be tomorrow or Wednesday.

Requires nss-3.40.1.

Builds ok with clang from both llvm-7 and llvm-6, but (not surprisingly) older toolchains appear to be faster.

[ken@…]

This also builds with clang-5.0 (on an 8.2 system), but the build is a lot slower doing that.

On my haswell i7, with the sibling cores disabled to leave only 4 cores,

svn from around the end of October, with some updates, llvm-7, 24 SBU

8.3, llvm-6.0.1, 20 SBU

8.2, llvm-5.0.1, 33 SBU

I will also note that the build is now bigger. On my ryzen 3 with 4 cores but only 8GB RAM, in firefox-63 I had found that using -j6 was marginally faster. With 64, that swaps badly and even the default -j4 swaps a little.

With the patch for system graphite2 and system harfbuzz, my 8GB/4-core machines do not swap if nothing else is open.

[ken@…]

On another 8.2 system, I discovered that the version of llvm when we released was 4.0.1, and that is not good enough for rustc-1.29.2 : it apparently builds ok, but panics early in the install when it finds out that llvm is not >= 5.0. So there, I have upgraded llvm to 6.0.1.

Summary of versions which seem to be ok (I always update sqlite, nspr, nss as well as the certificates) :

libvpx-1.7.0

libpng-1.6.35

graphite2-1.3.12 for the patch

harfbuzz-1.9.0 or later for the patch

libssh2-1.8.0

rustc-1.29.x

(llvm-5.0.1 or later, for building rustc)

libnotify-0.7.7

cbindgen-0.6.6

c-ares-1.14.0

node-js 9.11.2 or later

ffmpeg-3.3.3 or later

All available versions of alsa or pulseaudio appear to work.

[ken@…]

Release notes now available ​https://www.mozilla.org/en-US/firefox/64.0/releasenotes/.

In particular, TLS certificates issued by Symantec are no-longer trusted.

The usual set of CVE fixes are listed at ​https://www.mozilla.org/en-US/security/advisories/mfsa2018-29/

[ken@…]

r20799