[pkgsrc/trunk]: pkgsrc/mail Update thunderbird and thunderbird-gtk1 to 2.0.0.16.

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/mail Update thunderbird and thunderbird-gtk1 to 2.0.0.16.
From: ghen <ghen%pkgsrc.org@localhost>
Date: Thu, 14 Oct 2021 06:29:48 +0000
details:   https://anonhg.NetBSD.org/pkgsrc/rev/a219fd1c7aa9
branches:  trunk
changeset: 546122:a219fd1c7aa9
user:      ghen <ghen%pkgsrc.org@localhost>
date:      Fri Aug 22 09:42:15 2008 +0000

description:
Update thunderbird and thunderbird-gtk1 to 2.0.0.16.

Security fixes in this version:

MFSA 2008-34 Remote code execution by overflowing CSS reference counter
MFSA 2008-33 Crash and remote code execution in block reflow
MFSA 2008-31 Peer-trusted certs can use alt names to spoof
MFSA 2008-29 Faulty .properties file results in uninitialized memory being used
MFSA 2008-26 Buffer length checks in MIME processing
MFSA 2008-25 Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript()
MFSA 2008-24 Chrome script loading from fastload file
MFSA 2008-21 Crashes with evidence of memory corruption

For more info, see http://www.mozilla.com/en-US/thunderbird/2.0.0.16/releasenotes/

diffstat:

 mail/thunderbird-gtk1/PLIST                  |   3 ++-
 mail/thunderbird/Makefile-thunderbird.common |   4 ++--
 mail/thunderbird/PLIST                       |   3 ++-
 mail/thunderbird/distinfo                    |  14 +++++++-------
 mail/thunderbird/patches/patch-af            |  17 ++---------------
 mail/thunderbird/patches/patch-ap            |   6 +++---
 mail/thunderbird/patches/patch-dw            |  10 +++++-----
 7 files changed, 23 insertions(+), 34 deletions(-)

diffs (158 lines):

diff -r 15f7fa61e9f9 -r a219fd1c7aa9 mail/thunderbird-gtk1/PLIST
--- a/mail/thunderbird-gtk1/PLIST       Fri Aug 22 07:46:08 2008 +0000
+++ b/mail/thunderbird-gtk1/PLIST       Fri Aug 22 09:42:15 2008 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.13 2007/07/26 12:29:37 ghen Exp $
+@comment $NetBSD: PLIST,v 1.14 2008/08/22 09:42:15 ghen Exp $
 bin/${MOZILLA}
 @comment begin PROGRAMS
 lib/${MOZILLA}/${MOZILLA_BIN}
@@ -2102,6 +2102,7 @@
 include/${MOZILLA}/pipnss/nsITokenPasswordDialogs.h
 include/${MOZILLA}/pipnss/nsIUserCertPicker.h
 include/${MOZILLA}/pipnss/nsIX509Cert.h
+include/${MOZILLA}/pipnss/nsIX509Cert18Branch.h
 include/${MOZILLA}/pipnss/nsIX509Cert3.h
 include/${MOZILLA}/pipnss/nsIX509CertDB.h
 include/${MOZILLA}/pipnss/nsIX509CertDB2.h
diff -r 15f7fa61e9f9 -r a219fd1c7aa9 mail/thunderbird/Makefile-thunderbird.common
--- a/mail/thunderbird/Makefile-thunderbird.common      Fri Aug 22 07:46:08 2008 +0000
+++ b/mail/thunderbird/Makefile-thunderbird.common      Fri Aug 22 09:42:15 2008 +0000
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile-thunderbird.common,v 1.35 2008/05/20 11:51:55 ghen Exp $
+# $NetBSD: Makefile-thunderbird.common,v 1.36 2008/08/22 09:42:15 ghen Exp $
 # used by mail/thunderbird/Makefile
 # used by mail/thunderbird-gtk1/Makefile
 
 MOZILLA_BIN=           thunderbird-bin
-MOZ_VER=               2.0.0.14
+MOZ_VER=               2.0.0.16
 EXTRACT_SUFX=          .tar.bz2
 DISTNAME=              thunderbird-${MOZ_VER}-source
 CATEGORIES=            mail
diff -r 15f7fa61e9f9 -r a219fd1c7aa9 mail/thunderbird/PLIST
--- a/mail/thunderbird/PLIST    Fri Aug 22 07:46:08 2008 +0000
+++ b/mail/thunderbird/PLIST    Fri Aug 22 09:42:15 2008 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.23 2007/07/26 12:29:34 ghen Exp $
+@comment $NetBSD: PLIST,v 1.24 2008/08/22 09:42:15 ghen Exp $
 bin/${MOZILLA}
 @comment begin PROGRAMS
 lib/${MOZILLA}/${MOZILLA_BIN}
@@ -2111,6 +2111,7 @@
 include/${MOZILLA}/pipnss/nsITokenPasswordDialogs.h
 include/${MOZILLA}/pipnss/nsIUserCertPicker.h
 include/${MOZILLA}/pipnss/nsIX509Cert.h
+include/${MOZILLA}/pipnss/nsIX509Cert18Branch.h
 include/${MOZILLA}/pipnss/nsIX509Cert3.h
 include/${MOZILLA}/pipnss/nsIX509CertDB.h
 include/${MOZILLA}/pipnss/nsIX509CertDB2.h
diff -r 15f7fa61e9f9 -r a219fd1c7aa9 mail/thunderbird/distinfo
--- a/mail/thunderbird/distinfo Fri Aug 22 07:46:08 2008 +0000
+++ b/mail/thunderbird/distinfo Fri Aug 22 09:42:15 2008 +0000
@@ -1,14 +1,14 @@
-$NetBSD: distinfo,v 1.45 2008/05/20 11:51:55 ghen Exp $
+$NetBSD: distinfo,v 1.46 2008/08/22 09:42:15 ghen Exp $
 
-SHA1 (thunderbird-2.0.0.14-source.tar.bz2) = 5f30f6e54895e67d96304cdbce15e69aee4d3230
-RMD160 (thunderbird-2.0.0.14-source.tar.bz2) = b7a61bfe9b3b06fc26051e97e7ca4da0b7ab64a4
-Size (thunderbird-2.0.0.14-source.tar.bz2) = 37473129 bytes
+SHA1 (thunderbird-2.0.0.16-source.tar.bz2) = 30092e38d621c30af02653d3bf246d98d2533853
+RMD160 (thunderbird-2.0.0.16-source.tar.bz2) = 6100058cca8d75e108a11b09d03b85d705ca48c2
+Size (thunderbird-2.0.0.16-source.tar.bz2) = 40418085 bytes
 SHA1 (patch-aa) = ff3586c00ff8d3fa6a1bda639116778169ad4466
 SHA1 (patch-ab) = 1dda9cc5822761da53133e987e30c133894baad7
 SHA1 (patch-ac) = 24da4ecce48d22a3752276cae132845b4b474c2a
 SHA1 (patch-ad) = 19afc8dfaf9f14439d747e42ee2f64a9c1a9dc3d
 SHA1 (patch-ae) = 364b91f0bf51e49bb140e13dfb775a89ea38bb28
-SHA1 (patch-af) = 1306065f359a4acc2c2c4a0865d8401baacb7a15
+SHA1 (patch-af) = 2500e35f74eab9ec16df7303fe8d1c2bff0a655b
 SHA1 (patch-ag) = bc08dcb0f7acc4eace112c28241a31b0b6a492e3
 SHA1 (patch-ah) = 4cd8e37475af19bcfe4530f910990f86c89ed916
 SHA1 (patch-ai) = 189aa46f116e424c23368e1c7fbc6c56dd389954
@@ -17,7 +17,7 @@
 SHA1 (patch-al) = 46e7986f0c803701ce9eec38620cf22a2a96ba86
 SHA1 (patch-an) = 47bb24afbb0def95d30d466700c1983f18a14641
 SHA1 (patch-ao) = 4162763cc7af61deb1795f85fdbd96e3ef930d4d
-SHA1 (patch-ap) = 791b30d5b2468a94b356205b22f1dcef0e51fc68
+SHA1 (patch-ap) = 9ca3715eaef7d86933621665f81cc19a79059ed0
 SHA1 (patch-aq) = e8389d53e0d490b3cc1078f646749abfe54225ff
 SHA1 (patch-ar) = ce81dd6b747ba882434cb23343c5e89aac70ea81
 SHA1 (patch-as) = 56effdf9aa488fa2b3c8abcb4b7273841a4b59c1
@@ -51,5 +51,5 @@
 SHA1 (patch-do) = bdb018e157dcb5ef706b69184d8b739cfd32d8c3
 SHA1 (patch-ds) = 1e2e371b9ff7ab9049a947d8e0a63483a1fd244e
 SHA1 (patch-dt) = 9eef43663de12721ecc38124d5bd4a90a825eefc
-SHA1 (patch-dw) = eb4acb8c6c59ef3c73a7ba7e6d6956e325de9d85
+SHA1 (patch-dw) = 6ef560d688b3b67450b9582c95d9239ab4749f61
 SHA1 (patch-dx) = ab7606171564b6879effc3b37d9eadc6565cb74b
diff -r 15f7fa61e9f9 -r a219fd1c7aa9 mail/thunderbird/patches/patch-af
--- a/mail/thunderbird/patches/patch-af Fri Aug 22 07:46:08 2008 +0000
+++ b/mail/thunderbird/patches/patch-af Fri Aug 22 09:42:15 2008 +0000
@@ -1,6 +1,6 @@
-$NetBSD: patch-af,v 1.4 2006/02/05 14:49:05 ghen Exp $
+$NetBSD: patch-af,v 1.5 2008/08/22 09:42:15 ghen Exp $
 
---- security/nss/lib/freebl/unix_rand.c.orig   2006-02-02 13:19:58.000000000 +0100
+--- security/nss/lib/freebl/unix_rand.c.orig   2007-07-26 01:18:55.000000000 +0200
 +++ security/nss/lib/freebl/unix_rand.c
 @@ -35,6 +35,7 @@
   * ***** END LICENSE BLOCK ***** */
@@ -10,16 +10,3 @@
  #include <string.h>
  #include <signal.h>
  #include <unistd.h>
-@@ -694,7 +695,11 @@ safe_popen(char *cmd)
-       /* dup write-side of pipe to stderr and stdout */
-       if (p[1] != 1) dup2(p[1], 1);
-       if (p[1] != 2) dup2(p[1], 2);
--      close(0);
-+      fd = open("/dev/null", O_RDONLY);
-+      if (fd != 0) {
-+          dup2(fd, 0);
-+          close(fd);
-+      }
-         {
-             int ndesc = getdtablesize();
-             for (fd = PR_MIN(65536, ndesc); --fd > 2; close(fd));
diff -r 15f7fa61e9f9 -r a219fd1c7aa9 mail/thunderbird/patches/patch-ap
--- a/mail/thunderbird/patches/patch-ap Fri Aug 22 07:46:08 2008 +0000
+++ b/mail/thunderbird/patches/patch-ap Fri Aug 22 09:42:15 2008 +0000
@@ -1,6 +1,6 @@
-$NetBSD: patch-ap,v 1.4 2007/03/02 14:12:25 ghen Exp $
+$NetBSD: patch-ap,v 1.5 2008/08/22 09:42:15 ghen Exp $
 
---- security/coreconf/command.mk.orig  2005-10-11 01:46:12.000000000 +0200
+--- security/coreconf/command.mk.orig  2007-05-09 03:38:16.000000000 +0200
 +++ security/coreconf/command.mk
 @@ -45,7 +45,7 @@ ASFLAGS      += $(CFLAGS)
  CCF           = $(CC) $(CFLAGS)
@@ -9,5 +9,5 @@
 -CFLAGS        = $(OPTIMIZER) $(OS_CFLAGS) $(XP_DEFINE) $(DEFINES) $(INCLUDES) \
 +CFLAGS        = $(OS_CFLAGS) $(XP_DEFINE) $(DEFINES) $(INCLUDES) \
                $(XCFLAGS)
+ PERL          = perl
  RANLIB        = echo
- TAR           = /bin/tar
diff -r 15f7fa61e9f9 -r a219fd1c7aa9 mail/thunderbird/patches/patch-dw
--- a/mail/thunderbird/patches/patch-dw Fri Aug 22 07:46:08 2008 +0000
+++ b/mail/thunderbird/patches/patch-dw Fri Aug 22 09:42:15 2008 +0000
@@ -1,13 +1,13 @@
-$NetBSD: patch-dw,v 1.1 2007/03/07 22:02:26 joerg Exp $
+$NetBSD: patch-dw,v 1.2 2008/08/22 09:42:15 ghen Exp $
 
---- security/nss/lib/freebl/Makefile.orig      2007-03-07 20:19:17.000000000 +0000
+--- security/nss/lib/freebl/Makefile.orig      2007-11-14 23:47:33.000000000 +0100
 +++ security/nss/lib/freebl/Makefile
-@@ -192,7 +192,7 @@ endif
+@@ -194,7 +194,7 @@ endif
  # to bind the blapi function references in FREEBLVector vector
  # (ldvector.c) to the blapi functions defined in the freebl
  # shared libraries.
--ifeq (,$(filter-out BSD_OS FreeBSD Linux NetBSD, $(OS_TARGET)))
-+ifeq (,$(filter-out BSD_OS FreeBSD Linux NetBSD DragonFly, $(OS_TARGET)))
+-ifeq (,$(filter-out BSD_OS FreeBSD Linux NetBSD OpenBSD, $(OS_TARGET)))
++ifeq (,$(filter-out BSD_OS DragonFly FreeBSD Linux NetBSD OpenBSD, $(OS_TARGET)))
      MKSHLIB += -Wl,-Bsymbolic
  endif
Prev by Date: [pkgsrc/trunk]: pkgsrc/chat/xchat Update "xchat" package to version 2.8.6pl1 ...
Next by Date: [pkgsrc/trunk]: pkgsrc/doc Remove conflict of www/surfraw with lang/sr.
Previous by Thread: [pkgsrc/trunk]: pkgsrc/chat/xchat Update "xchat" package to version 2.8.6pl1 ...
Next by Thread: [pkgsrc/trunk]: pkgsrc/doc Remove conflict of www/surfraw with lang/sr.
Indexes:
Home | Main Index | Thread Index | Old Index