Changes between Version 131 and Version 132 of firefox
- Timestamp:
- 09/06/2022 09:31:51 PM (19 months ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
firefox
v131 v132 69 69 Note that point releases of the current stable versions are not specifically monitored, if you use the current stable version you should check for updates and their release note and any security fixes. 70 70 71 == Dependencies for 103.0 series (latest upstream stable) == 71 It looks as if firefox-103 updated the profile. 72 73 == Dependencies for 104.0 series (latest upstream stable) == 74 75 if you are using the 104.0 series, 104.0.1 and 104.0.2 have fixes for audio-video issues. 72 76 73 77 cbindgen >= 0.24.3 and therefore the sed needed for 102 is not wanted. 74 78 75 nss >= 3.80.079 The shipped libvpx has been updated to v1.12.0 76 80 77 It looks as if 103 is updating the profile details. 81 libwebp should be updated to >= 1.2.3 82 83 nss >= 3.81.0 84 85 nspr >= 4.34.1 (in practice, it ships 4.34.1 but only tests for >= 4.34 if using the system nspr) 86 87 The minimum version of node-js has now been updated to v12.22.1, unfortunately that fell out of support in April of this year, v14, v16 and (not yet LTS) v18 have had vulnerability fixes since then. 78 88 79 89 80 = =Sandboxing ==90 = Sandboxing == 81 91 82 92 From firefox-95 on, the build system wants to use "wasi-sysroot" to sandbox some of the shipped libraries (by converting to wasm and then back to sandboxed C). That will require, amongst other things, llvm built for WebAssembly (that is default, but BLFS does not enable it), wasi-libc [https://github.com/WebAssembly/wasi-libc], some other supporting packages, and using clang instead of gcc. If you want to do that, look at what Arch is doing. … … 84 94 For the moment, g++ can be used if you pass --without-wasm-sandboxed-libraries. 85 95 86 == Dependencies for 10 4.0beta==96 == Dependencies for 105.0beta (not yet tested) == 87 97 88 The shipped libvpx has been updated to v1.12.0 98 libwebp should be updated to >= 1.2.4 89 99 90 nss >= 3.8 1100 nss >= 3.82 91 101 92 The minimum version of node-js has now been updated to v12.22.1, unfortunately that fell out of support in April of this year, v14, v16 and (not yet LTS) v18 have had vulnerability fixes since then.102 rustc needs to be >= 1.61.0. 93 103 94 104 The early betas for 92.0 and 93.0 needed static libstdc++.a to link logalloc-replay (that specifies -static-libstdc++). In later betas that was not compiled. While using a static system lib (outside of rust) is annoying, the expected lifetime of a firefox beta is short and this requirement can be remembered if a vulnerability in libstdc++ is ever disclosed. I assume this requirement will continue for early betas (those where EARLY_BETA_OR_EARLIER is defined in build/defines.sh).