# Contributor: William Pitcock # Maintainer: Natanael Copa pkgname=firefox-esr pkgver=52.9.0 _pkgver=$pkgver _xulver=$pkgver pkgrel=0 pkgdesc="Firefox web browser - Extended Support Release" url="https://www.mozilla.org/en-US/firefox/organizations/faq/" arch="all" license="GPL LGPL MPL" depends="" depends_dev=" alsa-lib-dev bzip2-dev dbus-glib-dev gconf-dev gtk+2.0-dev gtk+3.0-dev hunspell-dev icu-dev libevent-dev libidl-dev libjpeg-turbo-dev libnotify-dev libogg-dev libtheora-dev libvorbis-dev libvpx-dev libxt-dev libxcomposite-dev mesa-dev nspr-dev nss-dev sqlite-dev startup-notification-dev wireless-tools-dev " makedepends="$depends_dev autoconf2.13 automake bsd-compat-headers libtool nss-static paxmark python2 sed yasm zip " install="" subpackages="$pkgname-dev" source="https://ftp.mozilla.org/pub/firefox/releases/${pkgver}esr/source/firefox-${pkgver}esr.source.tar.xz stab.h 0002-Use-C99-math-isfinite.patch fix-fortify-inline.patch disable-hunspell_hooks.patch fix-seccomp-bpf.patch fix-toolkit.patch fix-tools.patch mallinfo.patch musl-pthread-setname.patch fix-fortify-system-wrappers.patch fix-arm-atomics-grsec.patch fix-arm-version-detect.patch mozilla-build-arm.patch disable-moz-stackwalk.patch missing-header-s390x.patch discard-x86-precision-musl.patch firefox.desktop firefox-safe.desktop" builddir="${srcdir}/firefox-${pkgver}esr"/objdir _mozappdir=/usr/lib/firefox-${pkgver} _mozappdirdev=/usr/lib/firefox-devel-${pkgver} # help our shared-object scanner to find the libs ldpath="$_mozappdir" # secfixes: # 52.6.0-r0: # - CVE-2018-5089 # - CVE-2018-5091 # - CVE-2018-5095 # - CVE-2018-5096 # - CVE-2018-5097 # - CVE-2018-5098 # - CVE-2018-5099 # - CVE-2018-5102 # - CVE-2018-5103 # - CVE-2018-5104 # - CVE-2018-5117 # 52.5.2-r0: # - CVE-2017-7843 # - CVE-2017-7843 prepare() { local i mkdir -p "$builddir" cd "$builddir"/.. for i in $source; do case $i in *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;; esac done cp "$srcdir"/stab.h toolkit/crashreporter/google-breakpad/src/ } build() { cd "$builddir" export SHELL=/bin/sh export BUILD_OFFICIAL=1 export MOZILLA_OFFICIAL=1 export USE_SHORT_LIBNAME=1 # gcc 6 export CXXFLAGS="-fno-delete-null-pointer-checks -fno-schedule-insns2" # set rpath so linker finds the libs export LDFLAGS="$LDFLAGS -Wl,-rpath,${_mozappdir}" local extra_flags="" [ "$CARCH" = "s390x" ] && extra_flags="--disable-startupcache" ../configure \ --prefix=/usr \ \ --disable-crashreporter \ --disable-elf-hack \ --disable-install-strip \ --disable-jemalloc \ --disable-profiling \ --disable-pulseaudio \ --disable-strip \ --disable-tests \ --disable-updater \ \ --enable-alsa \ --enable-default-toolkit=cairo-gtk3 \ --enable-gio \ --enable-gold=no \ --enable-official-branding \ --enable-optimize="$CFLAGS" \ --enable-pie \ --enable-startup-notification \ --enable-system-ffi \ --enable-system-hunspell \ --enable-system-sqlite \ \ --with-pthreads \ --with-system-bz2 \ --with-system-icu \ --with-system-jpeg \ --with-system-libevent \ --with-system-libvpx \ --with-system-nspr \ --with-system-nss \ --with-system-pixman \ --with-system-png \ --with-system-zlib \ $extra_flags make || return 1 # paxmark outside fakeroot paxmark -msp dist/bin/xpcshell || return 1 } package() { cd "$builddir" # only used for startupcache creation. local paxflags="-msp" paxmark "$paxflags" dist/bin/xpcshell || return 1 make install \ DESTDIR="$pkgdir" \ MOZ_MAKE_FLAGS="$MAKEOPTS" \ || return 1 install -m755 -d ${pkgdir}/usr/share/applications install -m755 -d ${pkgdir}/usr/share/pixmaps local png for png in ../browser/branding/official/default*.png; do local i=${_png%.png} i=${i##*/default} install -D -m644 "$png" "$pkgdir"/usr/share/icons/hicolor/${i}x${i}/apps/firefox.png || return 1 done install -m644 "$builddir"/../browser/branding/official/default48.png \ ${pkgdir}/usr/share/pixmaps/firefox.png || return 1 install -m644 ${srcdir}/firefox.desktop ${pkgdir}/usr/share/applications/firefox.desktop install -m644 ${srcdir}/firefox-safe.desktop ${pkgdir}/usr/share/applications/firefox-safe.desktop # firefox currently does not work with mprotect. disable it for now local paxflags="-mp" [ "$CARCH" = "x86" ] && paxflags="-msp" paxmark "$paxflags" "$pkgdir"/$_mozappdir/firefox || return 1 paxmark "$paxflags" "$pkgdir"/$_mozappdir/plugin-container || return 1 # xulrunner stub launcher has changed to using a symlink overlay... # go figure ln -sf /usr/lib/xulrunner-${_xulver} ${pkgdir}/$_mozappdir/xulrunner # launcher as symlink is broken from firefox-7.0 rm "$pkgdir"/usr/bin/firefox || return 1 libgl=$(scanelf -qF '#F%S' /usr/lib/libGL.so) cat > "$pkgdir"/usr/bin/firefox << __EOF__ #!/bin/sh exec $_mozappdir/firefox "\$@" __EOF__ chmod 755 "$pkgdir"/usr/bin/firefox # install our vendor prefs install -d "$pkgdir"/$_mozappdir/browser/defaults/preferences cat >> "$pkgdir"/$_mozappdir/browser/defaults/preferences/firefox-branding.js <<- EOF // Use LANG environment variable to choose locale pref("intl.locale.matchOS", true); // Disable default browser checking. pref("browser.shell.checkDefaultBrowser", false); // Don't disable our bundled extensions in the application directory pref("extensions.autoDisableScopes", 11); pref("extensions.shownSelectionUI", true); EOF # remove copied, huge, libraries rm -f "$pkgdir"/${_mozappdirdev}/sdk/lib/libmozjs.so rm -f "$pkgdir"/${_mozappdirdev}/sdk/lib/libmozalloc.so rm -f "$pkgdir"/${_mozappdirdev}/sdk/lib/libxul.so } dev() { mkdir -p "$subpkgdir"/${_mozappdirdev%/*} mv "$pkgdir"/${_mozappdirdev} "$subpkgdir"/${_mozappdirdev%/*} \ || return 1 default_dev } sha512sums="bfca42668ca78a12a9fb56368f4aae5334b1f7a71966fbba4c32b9c5e6597aac79a6e340ac3966779d2d5563eb47c054ab33cc40bfb7306172138ccbd3adb2b9 firefox-52.9.0esr.source.tar.xz 0b3f1e4b9fdc868e4738b5c81fd6c6128ce8885b260affcb9a65ff9d164d7232626ce1291aaea70132b3e3124f5e13fef4d39326b8e7173e362a823722a85127 stab.h 7e123144bc2b1efed149dfb41b255c447d43ea93a63ebe114d01945e6a6d69edc2f2a3c36980a93279106c1842355851b8b6c1d96679ee6be7b9b30513e0b1a8 0002-Use-C99-math-isfinite.patch 09bc32cf9ee81b9cc6bb58ddbc66e6cc5c344badff8de3435cde5848e5a451e0172153231db85c2385ff05b5d9c20760cb18e4138dfc99060a9e960de2befbd5 fix-fortify-inline.patch 0fcc647af53a3ce21c2bc36e5631eb0935e7243ebb3ab59b5719542cc54a6ac023a4a857b43b75756efb9ed80c0aecaa94dc5679a3b3792f82e87bf2c1af82e1 disable-hunspell_hooks.patch 70863b985427b9653ce5e28d6064f078fb6d4ccf43dd1b68e72f97f44868fc0ce063161c39a4e77a0a1a207b7365d5dc7a7ca5e68c726825eba814f2b93e2f5d fix-seccomp-bpf.patch a2925045154f4fd34e5fc056656f4f9da100341529e5d4104d249154db0c7863384083f421ce6e47e0f20566a8b20787fa35444c7933c03cd03f96f06dcd4532 fix-toolkit.patch 7d7531a0dbb1b3c2f4cbf155168e750f274dbf19cd767d6395d479ef1626a651e714b41e353465d9d58239dc15256d83eeb1bf06c6adf47c521a0db5ee88bb50 fix-tools.patch bdcd1b402d2ec94957ba5d08cbad7b1a7f59c251c311be9095208491a05abb05a956c79f27908e1f26b54a3679387b2f33a51e945b650671ad85c0a2d59a5a29 mallinfo.patch 3f535b1e4e9a5a0506ef6f6d9427a84fae1efa3c8e8d6b25b21046d2d04c132bde1a7a98e415067e5c542f699d89249b8cc3d925e0be4e96db498037429691ef musl-pthread-setname.patch 2a967e4619fd89a046bd40be7fdcef646fcb1eba5e47afc96aa1d59c25bcc8747cb07baee6c11f3b803db0981aced181534b806778e4d21e74958f5f4d74c784 fix-fortify-system-wrappers.patch ed0d344c66fc8e1cc83a11e9858b32c42e841cbeedd9eb9438811e9fcc3593dc824a8336d00058d55836cedc970aeadd6a82c6dcd7bc0fb746e564d8b478cc6c fix-arm-atomics-grsec.patch 015e1ff6dbf920033982b5df95d869a0b7bf56c6964e45e50649ddf46d1ce09563458e45240c3ecb92808662b1300b67507f7af272ba184835d91068a9e7d5b0 fix-arm-version-detect.patch e61664bc93eadce5016a06a4d0684b34a05074f1815e88ef2613380d7b369c6fd305fb34f83b5eb18b9e3138273ea8ddcfdcb1084fdcaa922a1e5b30146a3b18 mozilla-build-arm.patch 4797d2d89ac63a57abb826b8ea9f751314ce66946194033deb9d78c2ff377b88106fd2c7bc5034dc13ad03dd5085b1893c3ccae1a9e63fde35655bb0921f7188 disable-moz-stackwalk.patch 6beba471b6a7fc229a9c105d58137f80cec07219e52bb9a666c787b37ca88635d6ec2eba651eccb5096429c2965709c9475c89839c255c3545f8c96c5d40f403 missing-header-s390x.patch fc3fd5a3ad4b83feb9dbe9ecc91d5ae51ce5cd13af481b79910e1e13a79ac6c9b77cf025c14516327391a55172bc13a6f02d9bc7a51eef08fcbbcaaa37845818 discard-x86-precision-musl.patch f3b7c3e804ce04731012a46cb9e9a6b0769e3772aef9c0a4a8c7520b030fdf6cd703d5e9ff49275f14b7d738fe82a0a4fde3bc3219dff7225d5db0e274987454 firefox.desktop 5dcb6288d0444a8a471d669bbaf61cdb1433663eff38b72ee5e980843f5fc07d0d60c91627a2c1159215d0ad77ae3f115dcc5fdfe87e64ca704b641aceaa44ed firefox-safe.desktop"