diff --git a/community/firefox-esr/APKBUILD b/community/firefox-esr/APKBUILD
index 3b4cba2144a48b2acc8b895257e97b3d1b50dec7..b3235a0c7621e080c718aa48579b91785756f145 100644
--- a/community/firefox-esr/APKBUILD
+++ b/community/firefox-esr/APKBUILD
@@ -5,7 +5,7 @@ pkgname=firefox-esr
 pkgver=78.3.1
 # Date of release, YY-MM-DD for metainfo file (see package())
 _releasedate=2020-10-01
-pkgrel=0
+pkgrel=1
 pkgdesc="Firefox web browser - Extended Support Release"
 url="https://www.mozilla.org/en-US/firefox/organizations/"
 # Limited on:
@@ -75,6 +75,7 @@ source="https://ftp.mozilla.org/pub/firefox/releases/${pkgver}esr/source/firefox
 	disable-neon-in-aom.patch
 	sandbox-fork.patch
 	sandbox-sched_setscheduler.patch
+	sandbox-tiocswinsz.patch
 	"
 
 subpackages="$pkgname-npapi"
@@ -413,4 +414,5 @@ f3b7c3e804ce04731012a46cb9e9a6b0769e3772aef9c0a4a8c7520b030fdf6cd703d5e9ff49275f
 bb75b2abda86e455d81571052a2cfec5a9d858ffa91c50a7217b4b6c02cbfc0400e9114a27bd54ce78d7d3a44e9b03927cf0317654d98c0f39d26c63c9670117  remove-faulty-libvpx-check.patch
 f963fcdba7307a0b1712dfb95ceba4ab49f449f60e550bb69d15d50272e6df9add90862251ee561e4ea5fd171a2703552ffa7aade92996f5f0b3e577f1544a6d  disable-neon-in-aom.patch
 4911ddb41bef8d9f6d6200159cde465627e940fe1c09099be55769d21a5a52a3f737e1bf803daa96126c035b091aea880fbc5d2e6cf5da96ddd17322461a72d6  sandbox-fork.patch
-db26757b2ebf9f567962e32294b4ae48b3a5d0378a7589dfe650fe3a179ff58befbab5082981c68e1c25fb9e56b2db1e4e510d4bca17c3e3aedbf9a2f21806eb  sandbox-sched_setscheduler.patch"
+db26757b2ebf9f567962e32294b4ae48b3a5d0378a7589dfe650fe3a179ff58befbab5082981c68e1c25fb9e56b2db1e4e510d4bca17c3e3aedbf9a2f21806eb  sandbox-sched_setscheduler.patch
+f19104d5b4c38165375835b5e586d9008bdfa69dc07ef39b48080f5103c682a989aaa3aa0200d9410b27c6f164404e3d54973547897cad098f703b21c26476d4  sandbox-tiocswinsz.patch"
diff --git a/community/firefox-esr/sandbox-tiocswinsz.patch b/community/firefox-esr/sandbox-tiocswinsz.patch
new file mode 100644
index 0000000000000000000000000000000000000000..282a94c4e715bbd05edc411e5491ee66f2f48aa3
--- /dev/null
+++ b/community/firefox-esr/sandbox-tiocswinsz.patch
@@ -0,0 +1,19 @@
+musl >= 1.2.2 uses ioctl with TIOCSWINSZ internally. The ioctl
+systemcall with this option must be added to the firefox sandbox
+systemcall whitelist.
+
+See: https://git.musl-libc.org/cgit/musl/commit/?id=4d5786544bb52c62fc1ae84d91684ef2268afa05
+
+diff -upr firefox-82.0.orig/security/sandbox/linux/SandboxFilter.cpp firefox-82.0/security/sandbox/linux/SandboxFilter.cpp
+--- firefox-82.0.orig/security/sandbox/linux/SandboxFilter.cpp	2020-10-31 12:35:45.815282945 +0100
++++ firefox-82.0/security/sandbox/linux/SandboxFilter.cpp	2020-10-31 12:53:16.596449933 +0100
+@@ -1619,6 +1619,9 @@ class SocketProcessSandboxPolicy final :
+             // ffmpeg, and anything else that calls isatty(), will be told
+             // that nothing is a typewriter:
+             .ElseIf(request == TCGETS, Error(ENOTTY))
++            // musl uses TIOCSWINSZ internally.
++            // See https://git.musl-libc.org/cgit/musl/commit/?id=4d5786544bb52c62fc1ae84d91684ef2268afa05
++            .ElseIf(request == TIOCSWINSZ, Allow())
+             // Allow anything that isn't a tty ioctl, for now; bug 1302711
+             // will cover changing this to a default-deny policy.
+             .ElseIf(shifted_type != kTtyIoctls, Allow())