Subject: CVS commit: pkgsrc
To: None <pkgsrc-changes@NetBSD.org>
From: Geert Hendrickx <ghen@netbsd.org>
List: pkgsrc-changes
Date: 06/03/2006 08:04:36
Module Name: pkgsrc
Committed By: ghen
Date: Sat Jun 3 08:04:36 UTC 2006
Modified Files:
pkgsrc/mail/thunderbird: Makefile-thunderbird.common PLIST distinfo
pkgsrc/mail/thunderbird-gtk1: PLIST
pkgsrc/www/firefox: Makefile-firefox.common distinfo
pkgsrc/www/seamonkey: Makefile Makefile.common PLIST distinfo
pkgsrc/www/seamonkey-bin: Makefile distinfo
pkgsrc/www/seamonkey-gtk1: Makefile PLIST
Log Message:
Update www/firefox and www/firefox-gtk to 1.5.0.4, mail/thunderbird and
mail/thunderbird-gtk1 to 1.5.0.4, and www/seamonkey, www/seamonkey-gtk1
and www/seamonkey-bin to 1.0.2 (salo has already updated www/firefox-bin).
Note that thunderbird skipped one release number (again) to stay on par
with firefox.
These updates provide:
* improvements to product stability,
* several important security fixes (see below).
Fixed in Firefox 1.5.0.4:
MFSA 2006-43 Privilege escalation using addSelectionListener
MFSA 2006-42 Web site XSS using BOM on UTF-8 pages
MFSA 2006-41 File stealing by changing input type (variant)
MFSA 2006-39 "View Image" local resource linking (Windows)
MFSA 2006-38 Buffer overflow in crypto.signText()
MFSA 2006-37 Remote compromise via content-defined setter on object prototypes
MFSA 2006-36 PLUGINSPAGE privileged JavaScript execution 2
MFSA 2006-35 Privilege escalation through XUL persist
MFSA 2006-34 XSS viewing javascript: frames or images from context menu
MFSA 2006-33 HTTP response smuggling
MFSA 2006-32 Fixes for crashes with potential memory corruption
MFSA 2006-31 EvalInSandbox escape (Proxy Autoconfig, Greasemonkey)
Fixed in Thunderbird 1.5.0.4:
MFSA 2006-42 Web site XSS using BOM on UTF-8 pages
MFSA 2006-40 Double-free on malformed VCard
MFSA 2006-38 Buffer overflow in crypto.signText()
MFSA 2006-37 Remote compromise via content-defined setter on object prototypes
MFSA 2006-35 Privilege escalation through XUL persist
MFSA 2006-33 HTTP response smuggling
MFSA 2006-32 Fixes for crashes with potential memory corruption
MFSA 2006-31 EvalInSandbox escape (Proxy Autoconfig, Greasemonkey)
Fixed in SeaMonkey 1.0.2:
MFSA 2006-43 Privilege escalation using addSelectionListener
MFSA 2006-42 Web site XSS using BOM on UTF-8 pages
MFSA 2006-41 File stealing by changing input type (variant)
MFSA 2006-40 Double-free on malformed VCard
MFSA 2006-39 "View Image" local resource linking (Windows)
MFSA 2006-38 Buffer overflow in crypto.signText()
MFSA 2006-37 Remote compromise via content-defined setter on object prototypes
MFSA 2006-35 Privilege escalation through XUL persist
MFSA 2006-34 XSS viewing javascript: frames or images from context menu
MFSA 2006-33 HTTP response smuggling
MFSA 2006-32 Fixes for crashes with potential memory corruption
MFSA 2006-31 EvalInSandbox escape (Proxy Autoconfig, Greasemonkey)
To generate a diff of this commit:
cvs rdiff -r1.14 -r1.15 pkgsrc/mail/thunderbird/Makefile-thunderbird.common
cvs rdiff -r1.13 -r1.14 pkgsrc/mail/thunderbird/PLIST
cvs rdiff -r1.22 -r1.23 pkgsrc/mail/thunderbird/distinfo
cvs rdiff -r1.4 -r1.5 pkgsrc/mail/thunderbird-gtk1/PLIST
cvs rdiff -r1.32 -r1.33 pkgsrc/www/firefox/Makefile-firefox.common
cvs rdiff -r1.49 -r1.50 pkgsrc/www/firefox/distinfo
cvs rdiff -r1.4 -r1.5 pkgsrc/www/seamonkey/Makefile
cvs rdiff -r1.2 -r1.3 pkgsrc/www/seamonkey/Makefile.common \
pkgsrc/www/seamonkey/distinfo
cvs rdiff -r1.1.1.1 -r1.2 pkgsrc/www/seamonkey/PLIST
cvs rdiff -r1.2 -r1.3 pkgsrc/www/seamonkey-bin/Makefile \
pkgsrc/www/seamonkey-bin/distinfo
cvs rdiff -r1.3 -r1.4 pkgsrc/www/seamonkey-gtk1/Makefile
cvs rdiff -r1.1.1.1 -r1.2 pkgsrc/www/seamonkey-gtk1/PLIST
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.