firefox 3.6,1 www =392

Web browser based on the browser portion of Mozilla
Maintained by: gecko@FreeBSD.org
Port Added: 11 Feb 2004 07:17:08
Also Listed In: ipv6

---

---

Mozilla Firefox is a free and open source web browser descended from the
Mozilla Application Suite.It is small, fast and easy to use, and offers many
advanced features:

 o Popup Blocking
 o Tabbed Browsing
 o Live Bookmarks (ie. RSS)
 o Extensions
 o Themes
 o FastFind
 o Improved Security

WWW: http://www.mozilla.com/firefox

CVSWeb : Sources : Main Web Site : Distfiles Availability : PortsMon

---

Required To Build: devel/nspr, archivers/zip, devel/gmake, x11/printproto, x11/libSM, x11-toolkits/libXt, x11/libXi, x11/libXext, x11/libX11, x11/libXinerama, x11/libICE, x11/xproto, lang/perl5.8, devel/autoconf213, textproc/intltool, devel/pkg-config, devel/desktop-file-utils
Required To Run: archivers/zip, x11/libSM, x11-toolkits/libXt, x11/libXi, x11/libXext, x11/libX11, x11/libXinerama, x11/libICE, x11/xproto, devel/pkg-config, devel/desktop-file-utils, devel/gio-fam-backend
Required Libraries: graphics/cairo, devel/nspr, devel/dbus-glib, devel/libnotify, converters/libiconv, accessibility/atk, devel/glib20, x11-toolkits/gtk20, devel/libIDL, x11-toolkits/pango

---

To install the port: cd /usr/ports/www/firefox/ && make install clean
To add the package: pkg_add -r firefox

---

Configuration Options

===> The following configuration options are available for firefox-3.6,1:
     DBUS=on (default) "Enable D-BUS support"
     NEWTAB=on (default) "Open external links in a new tab"
     SMB=off (default) "Enable smb:// URI support using gnomevfs"
     DEBUG=off (default) "Build a debugging image"
     LOGGING=off (default) "Enable additional log messages"
     OPTIMIZED_CFLAGS=off (default) "Enable some additional optimizations"
===> Use 'make config' to modify these settings

---

Master Sites:

http://ftp.mozilla.org/pub/mozilla.org/firefox/releases/3.6/source/

http://mirror3.mirrors.tds.net/pub/mozilla.org/firefox/releases/3.6/source/

http://mozilla.isc.org/pub/mozilla.org/firefox/releases/3.6/source/

http://releases.mozilla.org/pub/mozilla.org/firefox/releases/3.6/source/

http://kyoto-mz-dl.sinet.ad.jp/pub/mozilla.org/firefox/releases/3.6/source/

http://jp-nii01.mozilla.org/pub/mozilla.org/firefox/releases/3.6/source/

http://jp-nii02.mozilla.org/pub/mozilla.org/firefox/releases/3.6/source/

http://mozilla.mtk.nao.ac.jp/pub/mozilla.org/firefox/releases/3.6/source/

http://mirror.internode.on.net/pub/mozilla/firefox/releases/3.6/source/

http://ftp.acc.umu.se/pub/mozilla.org/firefox/releases/3.6/source/

http://mozilla.c3sl.ufpr.br/releases/firefox/releases/3.6/source/

http://www.gtlib.cc.gatech.edu/pub/mozilla.org/firefox/releases/3.6/source/

ftp://ftp.mozilla.org/pub/mozilla.org/firefox/releases/3.6/source/

ftp://ftp.fh-wolfenbuettel.de/pub/www/mozilla/firefox/releases/3.6/source/

ftp://ftp.informatik.rwth-aachen.de/pub/mirror/ftp.mozilla.org/pub/firefox/releases/3.6/source/

http://ring.nict.go.jp/archives/net/www/mozilla/firefox/releases/3.6/source/

http://ring.k-opti.com/archives/net/www/mozilla/firefox/releases/3.6/source/

http://ring.riken.jp/archives/net/www/mozilla/firefox/releases/3.6/source/

ftp://ftp.kaist.ac.kr/pub/mozilla/firefox/releases/3.6/source/

ftp://mozilla.mirror.pacific.net.au/mozilla/firefox/releases/3.6/source/

ftp://ftp.chg.ru/pub/WWW/mozilla/firefox/releases/3.6/source/

http://ftp.twaren.net/Unix/Mozilla/firefox/releases/3.6/source/

http://ftp.isu.edu.tw/pub/Mozilla/firefox/releases/3.6/source/

http://ftp.ntu.edu.tw/pub/mozilla/firefox/releases/3.6/source/

ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/

• 2010-02-07

  Affects: users of www/firefox

  Author: beat@FreeBSD.org

  Reason: 
    The www/firefox port has been updated to 3.6. From now on www/firefox
    will contain the most recent version of Firefox. Older but still supported
    releases will be available in www/firefox3 or www/firefox35.
   
    In order to update to Firefox 3.6 please delete your older installed
    version of Firefox first and install www/firefox afterwards. Please make
    sure all your addons are compatible with Firefox 3.6 and backup your
    $HOME/.mozilla directory prior to the first launch of Firefox 3.6.
   
    The Java plugin will not work with Firefox 3.6. If you need Java in your
    browser, please use www/firefox35 instead.
  
  



• 2004-10-12

  Affects: users of www/firefox

  Author: freebsd-gnome@FreeBSD.org

  Reason: 
    After upgrading to firefox-1.0.1.p, certain things such as extension/theme
    [de]installation, and "Find On Page" may no longer work. You may also
    notice an infinite loop when starting Firefox. If this happens, backup
    ~/.mozilla/firefox/*/bookmarks.html, and remove ~/.mozilla/firefox.
    Afterward, Firefox should start up. You can then restore the bookmarks.html
    file to the new ~/.mozilla/firefox/*.default directory.
  
  



• 2004-06-15

  Affects: users of www/firefox

  Author: gnome@FreeBSD.org

  Reason: 
    The firefox-0.9 update has a special requirement before you can run it.
    You must first run firefox as root before running it as another user.
    The best way to do this is to su - to root or log
    in as root (i.e. do not su -m to root). After becoming root, simply run
    ``firefox''. You can then quit the browser, then run it as any other
    user. If you do not run firefox as root first, the browser window will
    not appear.
  
  

• port moved here from www/linux-netscape-navigator on 2008-02-13
  REASON: Abandoned by AOL
  
  
• port moved here from www/firefox10 on 2006-09-02
  REASON: Security vulnerabilities
  
  
• port moved here from www/mozilla-firebird on 2004-02-11
  REASON: Project changed names
  

- Update to 3.6

What's new in Firefox 3.6:

  * Support for the HTML5 File API
  * A change to how third-party software integrates with Firefox to
    increase stability.
  * The ability to run scripts asynchronously to speed up page load times.
  * A mechanism to prevent incompatible software from crashing Firefox.
  * Users can now change their browser's appearance with a single click,
    with built in support for Personas.
  * Firefox 3.6 will alert users about out of date plugins to keep them
    safe.
  * Open, native video can now be displayed full screen, and supports
    poster frames.
  * Support for the WOFF font format.
  * Improved JavaScript performance, overall browser responsiveness and
    startup time.
  * Support for new CSS, DOM and HTML5 web technologies.

Thanks to:      Andreas Tobler, Florian Smeets, nox@, miwi@ and all testers

- update to jpeg-8

- Remove obsolete inclusion of www/mozilla/Makefile.common

Approved by:    portmgr (miwi)
Exp-run by:     miwi

- Mark it now FORBIDDEN too many security issues.

With hat:       secteam
Security:      
http://www.vuxml.org/freebsd/922d2398-9e2d-11de-a998-0030843d3802.html

- bump all port that indirectly depends on libjpeg and have not yet been bumped
or updated
Requested by:   edwin

- S/gnome@/gecko@

Reported by:    kvm via #bsdports

- Backport patches to fix the following security vulnerabilities:
  CVE-2009-1834
  CVE-2009-1835
  CVE-2009-1836
  CVE-2009-1838
  CVE-2009-1841

Obtained from:  Mozilla Bugzilla
Security:      
http://www.vuxml.org/freebsd/da185955-5738-11de-b857-000f20797ede.html
With hat:       Gecko gang

- Give Maintainership up to the Gecko Gang (gecko@)

Backport patches to fix the following security vulnerabilities:

        CVE-2009-1312
        CVE-2009-0652
        CVE-2009-1302
        CVE-2009-1303

Obtained from:  Mozilla Bugzilla
Security:      
http://www.vuxml.org/freebsd/3b18e237-2f15-11de-9672-0030843d3802.html

Take maintainership. The first of two steps is to take all
Gecko Stuff from the Gnome team. I'd like to say thanks a lot for
all the work in the past years.

Resurrect www/mozilla/Makefile.common rev. 1.30 and associated changes,
which got lost with the switch to bsd.gecko.mk:
Work around the miscompilation/mislinkage problem of the sCanonicalVTable
hacks in the XPCOM string code on sparc64 by omitting the code in question
and bump PORTREVISIONs accordingly.

Approved by:    marcus

Merge patches from Firefox Bugzilla to fix CVE-2009-1169.

grep for 'pthread:' in the compiler's spec file to avoid matching
random references of 'pthread'. On powerpc the mfwrap production
mentions "pthread_create", which matched the RE.

Ok'd by: marcus (thanks!)

Backport patches to fix the following security vulnerabilities:

CVE-2009-0776
CVE-2009-0775
CVE-2009-0772

Obtained from:  Mozilla Bugzilla

Back-port some more patches to fix CVE-2009-0352.

Obtained from:  Mozilla Bugzilla
Reported by:    simon

Forced commit to note these patches were obtained from Mozilla Bugzilla.

Backport patches for the following security bugs:

CVE-2009-0355
CVE-2009-0356
CVE-2009-0357

This allows Firefox 2 to be unforbidden for the time being.

- Fix portaudit conflict with www/firefox and www/firefox3
- Mark www/firefox and www/linux-firefox FORBIDDEN

Discussion by:  simon/stas
With hat:       secteam

Add a new framework for browser plugins, USE_WEBPLUGINS. It is for which foo
plugins support one of web browsers and can take care of plist (depend on how
you use it) at the same time. I have written a complete document and even show
how it works in the www/firefox/Makefile.webplugins so be sure to read in
there. If there is anything that isn't clear in the document, please feel free
to ask and I will try my best to improvement it.

FYI: GNOME 2.24 depends on this, so it's coming.

BTW: It's based on www/linux-mplayer-plugin/Makefile.npapi with heavy modified.

Approved by:    portmgr

- Remove conditional checks for FreeBSD 5.x and older

Approved by:    pav

- Update to 2.0.0.20

Approved by:    marcus
Security:      
http://www.vuxml.org/freebsd/29f5bfc5-ce04-11dd-a721-0030843d3802.html

Update to 2.0.0.19, and add libgnomeui support.

PR:             129728
Submitted by:   "Dima Panov" <fluffy@fluffy.khv.ru>

- Update to 2.0.0.18

Security:      
https://developer.mozilla.org/devnews/index.php/2008/11/12/firefox-20018-and-304-security-updates-now-available-for-download/

- Update to 2.0.0.17

Approved by:    portmgr (pav)
Security:      
http://www.vuxml.org/freebsd/2273879e-8a2f-11dd-a6fe-0030843d3802.html

- Remove USE_GCC where it can be satisfied with base compiler on following
  FreeBSD versions: 5.3 and up, 6.x, 7.x, 8-CURRENT

Update to 2.0.0.16.  See
http://en-us.www.mozilla.com/en-US/firefox/2.0.0.16/releasenotes/ for a list
of changes in this release.

Bump portrevision due to upgrade of devel/gettext.

The affected ports are the ones with gettext as a run-dependency
according to ports/INDEX-7 (5007 of them) and the ones with USE_GETTEXT
in Makefile (29 of them).

PR:             ports/124340
Submitted by:   edwin@
Approved by:    portmgr (pav)

-Update to 2.0.0.14.
-Mask FP_X_DNML not only on i386, but also on amd64. [1]

Security:       http://www.mozilla.org/security/announce/2008/mfsa2008-20.html
Obtained from:  delphij's committed on thunderbird. [1]

- Remove unneeded dependency from gtk12/gtk20 [1]
- Remove USE_XLIB/USE_X_PREFIX/USE_XPM in favor of USE_XORG
- Remove X11BASE support in favor of LOCALBASE or PREFIX
- Use USE_LDCONFIG instead of INSTALLS_SHLIB
- Remove unneeded USE_GCC 3.4+

Thanks to all Helpers:
        Dmitry Marakasov, Chess Griffin, beech@, dinoex, rafan, gahr,
        ehaupt, nox, itetcu, flz, pav

PR:             116263
Tested on:      pointyhat
Approved by:    portmgr (pav)

- Update to 2.0.0.13

Approved by:    ahze (gnome)
Security:      
http://www.vuxml.org/freebsd/12b336c6-fe36-11dc-b09c-001c2514716c.html

- Add "--with-default-mozilla-five-home=${PREFIX}/lib/${MOZILLA}" to fix other
  applications in the runtime. Some applications required to have set
  MOZILLA_FIVE_HOME or/and LD_LIBRARY_PATH to make it works in the runtime. Now,
  it's no longer need to set these variables, which this flag takes care of it.
  The MOZILLA_FIVE_HOME still works with this flag if someone need to use
  different one. I have learned about this flag from RPM, Debian, Gentoo ebuild
  and other packages.
- Bump the PORTREVISION.

Have been tested in MC CVS since Dec.

Update to 2.0.0.12.  This is a security and stability release.  See
http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.12
for a list of patched vulnerabilities.

PR:             120455
Security:      
http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.12
Submitted by:   beech

Work around the miscompilation/mislinkage problem of the sCanonicalVTable
hacks in the XPCOM string code on sparc64 by omitting the code in question
and bump PORTREVISIONs accordingly.

Approved by:    marcus

Fix the pkg-message never display.

PR:             ports/119394
Submitted by:   naddy

Update to 2.0.0.11.

Fix a regression on firefox 2.0.0.10, as described in Mozilla bug 405584,
affecting canvas rendering.

Obtained from:  https://bugzilla.mozilla.org/attachment.cgi?id=284556
Approved by:    portmgr (marcus)

Update to 2.0.0.10, this is a security update for CVE-2007-5959.

Approved by:    portmgr (marcus)

- Update to 2.0.0.9

Approved by:    portsmgr (marcus)

Update to 2.0.0.8

* Workaround a bug which can cause applications embedding Gecko to crash
  on exit [1]

* Use the correct size for a JavaScript object on 64-bit platforms which
  will help get the Java plug-in working on those platforms [2]

Test by:        mezz [1]
Submitted by:   jkim [2]
Obtained from:  Firefox trunk [2]

Set USE_PERL5/WANT_PERL as appropriate, for ports that either depend on
perl unconditonally, or conditionally.  To be able to conditionalize the
inclusion of bsd.perl.mk, they now need to be defined before the inclusion
of bsd.port.pre.mk.

Hat:            portmgr

Remove always-false/true conditions based on OSVERSION 500000

Update to 2.0.0.7

Release Notes:  http://www.mozilla.com/en-US/firefox/2.0.0.7/releasenotes/

Remove support for antique perl.

Hat:    portmgr

Update to 2.0.0.6

Update to 2.0.0.5

Update to 2.0.0.4

- Welcome X.org 7.2 \o/.
- Set X11BASE to ${LOCALBASE} for recent ${OSVERSION}.
- Bump PORTREVISION for ports intalling files in ${X11BASE}.

- Update to 2.0.0.3

Update to 2.0.0.2 to fix some security vulnerabilities.  See
http://vuxml.FreeBSD.org/12bd6ecf-c430-11db-95c5-000c6ec775d9.html for
more details.

Fix the gtk2 dnd implementation broken, see more details in the bugzilla. This
patch[1] was created by Matthias Clasen <mclasen@redhat.com>. This bug was
started to reproduce with least 2.10.7 version of gtk2.

PR:             ports/107689
Reported by:    a few users
Bugzilla:       https://bugzilla.mozilla.org/show_bug.cgi?id=355248
                https://bugzilla.mozilla.org/show_bug.cgi?id=367203 [1]
                http://bugzilla.gnome.org/show_bug.cgi?id=394525

Mark IGNORE if ${ARCH} == "sparc64" && ${OSVERSION} < 601101
since it doesn't run.

The ipv6 is supported in these ports, so add ipv6 category.

PR:             ports/107057 and ports/107056
Submitted by:   Janos Mohacsi <janos.mohacsi@bsd.hu>

Update to 2.0.0.1

Release notes:  http://www.mozilla.com/en-US/firefox/2.0.0.1/releasenotes/

Fix our gross -lpthread hack to work with GCC 4.1.

Reported by:    pointyhat via kris

Fix a double-free while performing print operations which could trigger a
segmentation fault if malloc debugging was enabled.

Reported by:    dougb

Fix a problem with PTHREAD_LIB-safeness.

Submitted by:   nork

Restore firefox to 2.0 after slipping the RELEASE_6_2_0 tag.

Temporarily roll firefox back to 1.5.0.8 so that we can tag this security
fix release for 6.2.

Approved by:    secteam
                portmgr

Fix build on 5.x since only 6.1+ has fedisableexcept()

Reported by:    Clint Olsen <clint@0lsen.net>

- Remove bogus warning about being "bleeding edge" meant for firefox-devel

Remove LATEST_LINK since we have moved from firefox-devel -> firefox

- No longer disable pthreads in sqlite3 [2]
- Remove LIBS= from Makefile to fix "open with application" function. [2] [5]
- Fix component registration for some users. [1] [2] [3]
- Bump PORTREVISION [4]

Obtained from:  https://bugzilla.mozilla.org/show_bug.cgi?id=351181 [1]
Submitted by:   marcus [2]
                aspar Chilingarov <nm@web.am> [3]
                ahze [4] (I had to submit something)
Reported by:    philip and many others [5]

- Update to 2.0

Release notes:  http://www.mozilla.com/en-US/firefox/2.0/releasenotes/

Special thanks to marcus and many others for helping test and fixing
bugs!

Presenting GNOME 2.16.1 for FreeBSD.  This release represents a massive
amount of work by the FreeBSD GNOME Team and our testers.

On top of the usual GNOME update, we have taken this opportunity to move
GNOME from X11BASE to LOCALBASE.  This means roughly 600 ports NOT part of
the GNOME Desktop also need to be changed.  The bulk of the move was carried
out by ahze, mezz, and pav, but it would not have been possible without
cooperation from the FreeBSD KDE team who worked with us to make sure
GNOME and KDE can still coexist happily.  We would also like to send a
shout out to kris and pointyhat for putting up with multiple test runs
until we got something that was solid.

Back to GNOME 2.16.  This release brings a huge amount of new functionality
to FreeBSD.  The standard release notes can be read at
http://www.gnome.org/start/2.16/ .  But on top of what you will read there,

Add a tiny hunk to allow firefox to use our system libz instead of
building its own. Some years ago there was a security problem with
zlib-1.2.2 and firefox' configure checks the system's zlib.h to be
1.2.3 or higher.

FreeBSD patched the hole without bumping the version number, which
caused Firefox (and, likely, other Mozilla stuff) to build their own
versions instead (and install their headers).

Maintainers were repeatedly notified -- most recently about a month
ago: <200608091216.00510@aldan>, <200601251926.39246.mi+mx@aldan.algebra.com>.

Approved by:    maintainer timeout

- Update to 1.5.0.7

- Update to 1.5.0.6

- Update to 1.5.0.5

- Welcome back sparc64 on kern.osreldate>=601101

- Update to 1.5.0.4

- Update to 1.5.0.3

Security:       http://www.mozilla.org/security/announce/2006/mfsa2006-30.html

Use sane fonts by default.

- Mark IGNORE on sparc64

- Mark IGNORE on sparc64 since it core dumps at startup

- Update to 1.5.0.2

Release notes:  http://www.mozilla.com/firefox/releases/1.5.0.2.html

- Convert all gecko pkg-[de]install scripts into a generic
  pkg-[de]install script
- Always use pkg-install to create missing dir's [1]

Requested by:   marcus [1]

Fix a problem where Firefox creates its ~/.mozilla directory using stack
garbage.

PR:             92899
Submitted by:   truckman

- Remove forgotten patch

- Update to 1.5.0.1

Firefox may hang for some users for a few seconds at a time eating up all
of the CPU.  This is triggered by a bug in Gecko/GTK+ interaction.  This
patch corrects the problem.  See
https://bugzilla.mozilla.org/show_bug.cgi?id=305970 for more details.

PR:             92467
Obtained from:  https://bugzilla.mozilla.org/show_bug.cgi?id=305970

Only enable SVG support on 6.X and higher since it's still causing GCC
errors with GCC 3.4.2.

- Add a patch to fix history DoS vulnerability

Obtained from:  https://bugzilla.mozilla.org/show_bug.cgi?id=319004

- Add support for GECKO_PLIST_PRE_FILES and GECKO_PLIST_PRE_DIRS to
  add files or directories to plist.
- *Really* remove share/idl if empty in firefox

- Move .include "${.CURDIR}/../mozilla/Makefile.common" to the bottom so
  svg works for some people.

Pointyhat to:   me

- Disable svg support on 5.3 and lower to fix build with a gcc bug.

Reported by:    many
Tested by:      mark@mkproductions.org

Fix all those ports to find libnssckbi.so in the correct place to allow those
SSL certificates work again. Somehow, this patch was lost in the big change,
so bring it back. Bump PORTREVISION on all of those ports.

PR:             ports/89796
Reported by:    Christoph Moench-Tegeder <cmt@burggraben.net>

- Bump PORTREVISION

Spotted by:     pav

- Reenable svg support, this must've sliped with all the massive changes.

PR:             89764
Submitted by:   Roland Smith <rsmith@xs4all.nl>

- Fix desktop entry, there's no FF_SUFX anymore

- Update WWW

- Update firefox to 1.5
- Add Makefile.common
  o A new build/install system for gecko ports, Makefile.common
    includes many generic routines and common tasks.
  o Fix ld-run-path in all gecko's by using -Wl,-rpath,${moz_libdir}
    thus removing the need to have a startup script for ports that
    depend on gecko. [2]
  o Use system libm, nss, nspr in all gecko ports

- Add bsd.gecko.mk
  o This is the predecessor to WITH_MOZILLA=[mozilla|firefox|...]
    with a more robust way of detecting a gecko a end user wishs to
    use.
  o bsd.gecko.mk abstracts the selection of gecko-based backends. It
    allows users and porters to support any available gecko backend

- Add SHA256 checksums

- Add support for new lib/browser_linux_plugins

Bump PORTREVISION to chase the glib20 shared library update.

Partially revert the previous commit.  Firefox can only build with specific
extensions (in particular typeaheadfind breaks Find [go figure]).  It is
safer to use a specific list of extensions with Firefox 1.0.x.  It looks
like they've made this better in 1.5, and set a reasonable default list of
extensions.

Basically, we're back to the previous 1.0.7_1,1 set of extensions with the
addition of negotiateauth.

Reported by:    many

* Add support of ports-installed Kerberos [1]
* Enable all default extensions [2]

PR:             86961 [2]
Submitted by:   David W. Hankins <David_Hankins@isc.org> [1]

- Fix the sed for libesd and kill the major version of library
  (libesd.so.2 -> libesd.so). [1]
- Update Java plugins by remove old and correct Java 1.5 plugin path. [2]
- Bump the PORTREVISION.

PR:             ports/86430 [1]
Submitted by:   Mark Hobden <markhobden@gmail.com> [1]
                glewis [2]

Update to 1.0.7.  See
http://www.mozilla.org/products/firefox/releases/1.0.7.html#new for the list
of fixes in this release.

Security:       Fixes
http://vuxml.FreeBSD.org/2e28cefb-2aee-11da-a263-0001020eed82.html among other
things

- Patch a security vulnerability (DoS, remote execution) in IDN
  (internationalized domain names) subsystem, also known as "hyphen domain
  name bug"

Submitted by:   Marcus Grando
Obtained from:  Mozilla Project CVS,
               
https://bugzilla.mozilla.org/show_bug.cgi?query_format=specific&order=relevance+desc&bug_status=__open__&id=307259
Security:       CAN-2005-2871
                http://secunia.com/advisories/16764/

5 vulnerabilities affecting 16 ports have been reported in the past 14 days

^* - modified, not new

All vulnerabilities