CVS commit: pkgsrc

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc
From: Tobias Nygren <tnn%netbsd.org@localhost>
Date: Wed, 28 Oct 2009 11:36:36 +0000

Module Name:    pkgsrc
Committed By:   tnn
Date:           Wed Oct 28 11:36:36 UTC 2009

Modified Files:
        pkgsrc/devel/xulrunner: Makefile PLIST distinfo mozilla-common.mk
        pkgsrc/devel/xulrunner/patches: patch-aq patch-mf patch-mn patch-pd
        pkgsrc/www/firefox: Makefile PLIST
Removed Files:
        pkgsrc/devel/xulrunner/patches: patch-nb patch-nc

Log Message:
Security and bugfix update of firefox (to 3.5.4) and xulrunner (to 1.9.1.4)
Also fix broken DESTDIR support.

Fixes the following security issues:
MFSA 2009-64 Crashes with evidence of memory corruption (rv:1.9.1.4/ 1.9.0.15)
MFSA 2009-63 Upgrade media libraries to fix memory safety bugs
MFSA 2009-62 Download filename spoofing with RTL override
MFSA 2009-61 Cross-origin data theft through document.getSelection()
MFSA 2009-59 Heap buffer overflow in string to number conversion
MFSA 2009-57 Chrome privilege escalation in XPCVariant::VariantDataToJS()
MFSA 2009-56 Heap buffer overflow in GIF color map parser
MFSA 2009-55 Crash in proxy auto-configuration regexp parsing
MFSA 2009-54 Crash with recursive web-worker calls
MFSA 2009-53 Local downloaded file tampering
MFSA 2009-52 Form history vulnerable to stealing


To generate a diff of this commit:
cvs rdiff -u -r1.24 -r1.25 pkgsrc/devel/xulrunner/Makefile
cvs rdiff -u -r1.17 -r1.18 pkgsrc/devel/xulrunner/PLIST
cvs rdiff -u -r1.13 -r1.14 pkgsrc/devel/xulrunner/distinfo
cvs rdiff -u -r1.1 -r1.2 pkgsrc/devel/xulrunner/mozilla-common.mk
cvs rdiff -u -r1.2 -r1.3 pkgsrc/devel/xulrunner/patches/patch-aq
cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/devel/xulrunner/patches/patch-mf \
    pkgsrc/devel/xulrunner/patches/patch-mn \
    pkgsrc/devel/xulrunner/patches/patch-pd
cvs rdiff -u -r1.1 -r0 pkgsrc/devel/xulrunner/patches/patch-nb \
    pkgsrc/devel/xulrunner/patches/patch-nc
cvs rdiff -u -r1.60 -r1.61 pkgsrc/www/firefox/Makefile
cvs rdiff -u -r1.38 -r1.39 pkgsrc/www/firefox/PLIST

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/net/wireshark
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/net/wireshark
Indexes:

Home | Main Index | Thread Index | Old Index