When I took over as maintainer for Firefox, it depended on the
mozilla-specific xulrunner, nss and nspr libraries. Xulrunner was
initially built from a xulrunner-secific tarball but mozilla soon began
to neglect it and iirc, Tilman started to use the firefox-tarball for
xulrunner to keep it updated.
Since no other package depended on xulrunner I removed it since
there was no point for a external library that only one port used.
With the release of Firefox 6.0.1, the vulnerable component was nss and
mozilla only released an updated firefox-tarball with the fix. So
keeping the crux port patched, I removed the use of the external
libraries nspr and nss and used the builtin libs for the port.
Simple and easier to maintain.
So as long as you dont use any other ports (thunderbird, chromium) that require nss/nspr you can
now safely uninstall these.
CRUX mailing list