pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/www/firefox52 firefox52: update to 52.7.3



details:   https://anonhg.NetBSD.org/pkgsrc/rev/c45977efaa09
branches:  trunk
changeset: 378036:c45977efaa09
user:      maya <maya%pkgsrc.org@localhost>
date:      Mon Mar 26 23:33:24 2018 +0000

description:
firefox52: update to 52.7.3

CVE-2018-5148: Use-after-free in compositor
A use-after-free vulnerability can occur in the compositor during certain
graphics operations when a raw pointer is used instead of a reference
counted one. This results in a potentially exploitable crash.

diffstat:

 www/firefox52/Makefile                    |   5 +-
 www/firefox52/distinfo                    |  11 +--
 www/firefox52/patches/patch-CVE-2018-5147 |  79 -------------------------------
 3 files changed, 7 insertions(+), 88 deletions(-)

diffs (120 lines):

diff -r 710fcd9954c1 -r c45977efaa09 www/firefox52/Makefile
--- a/www/firefox52/Makefile    Mon Mar 26 22:56:07 2018 +0000
+++ b/www/firefox52/Makefile    Mon Mar 26 23:33:24 2018 +0000
@@ -1,12 +1,11 @@
-# $NetBSD: Makefile,v 1.19 2018/03/17 00:23:15 maya Exp $
+# $NetBSD: Makefile,v 1.20 2018/03/26 23:33:24 maya Exp $
 
 FIREFOX_VER=           ${MOZ_BRANCH}${MOZ_BRANCH_MINOR}
 MOZ_BRANCH=            52.7
-MOZ_BRANCH_MINOR=      .2esr
+MOZ_BRANCH_MINOR=      .3esr
 
 DISTNAME=      firefox-${FIREFOX_VER}.source
 PKGNAME=       firefox52-${MOZ_BRANCH}${MOZ_BRANCH_MINOR:S/b/beta/:S/esr//}
-PKGREVISION=   1
 CATEGORIES=    www
 MASTER_SITES+= ${MASTER_SITE_MOZILLA:=firefox/releases/${FIREFOX_VER}/source/}
 MASTER_SITES+= ${MASTER_SITE_MOZILLA_ALL:=firefox/releases/${FIREFOX_VER}/source/}
diff -r 710fcd9954c1 -r c45977efaa09 www/firefox52/distinfo
--- a/www/firefox52/distinfo    Mon Mar 26 22:56:07 2018 +0000
+++ b/www/firefox52/distinfo    Mon Mar 26 23:33:24 2018 +0000
@@ -1,10 +1,9 @@
-$NetBSD: distinfo,v 1.12 2018/03/17 00:23:15 maya Exp $
+$NetBSD: distinfo,v 1.13 2018/03/26 23:33:24 maya Exp $
 
-SHA1 (firefox-52.7.2esr.source.tar.xz) = 7895d445ee7fa7f51ce253483250c7915e74a45e
-RMD160 (firefox-52.7.2esr.source.tar.xz) = d8c6c6a7ee0dfe55bd87467aca5709ea82a0050a
-SHA512 (firefox-52.7.2esr.source.tar.xz) = e275fd10fd32a0dc237135af3395e3a1ae501844632c973ff3b9bca1456702ee36dbee99fc57300598403c924c0db63bd62a199845c8f4a2e29db5d1e5973395
-Size (firefox-52.7.2esr.source.tar.xz) = 212673520 bytes
-SHA1 (patch-CVE-2018-5147) = 04e45d580fde5a44dec4f2e4d617d5302bd3fa44
+SHA1 (firefox-52.7.3esr.source.tar.xz) = 554190b6cbaab895ced8061abfd9ac6c955950f4
+RMD160 (firefox-52.7.3esr.source.tar.xz) = 0b687edea6b60fb3ad4cb5dc02655abc8b8fa94c
+SHA512 (firefox-52.7.3esr.source.tar.xz) = fc5530d8ff5b7f6cd8d9f677d65dee3c1489401c9c9b88258f2e59c7796975cfb7f0b8ccfdf80ae92a6644f51f70de8733c334e4673cad9b8813cca33ae3e1c3
+Size (firefox-52.7.3esr.source.tar.xz) = 213945524 bytes
 SHA1 (patch-aa) = c1084caa275e57b716c3499301f7fc3f99ef5026
 SHA1 (patch-ao) = 8b7125ef3b193fca4d03386142887b2f8d5015c5
 SHA1 (patch-as) = 632ebd35287f8f97d18721d39a0514d4cdbb12cc
diff -r 710fcd9954c1 -r c45977efaa09 www/firefox52/patches/patch-CVE-2018-5147
--- a/www/firefox52/patches/patch-CVE-2018-5147 Mon Mar 26 22:56:07 2018 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,79 +0,0 @@
-$NetBSD: patch-CVE-2018-5147,v 1.1 2018/03/17 00:23:15 maya Exp $
-
-CVE-2018-5147: Prevent out-of-bounds write in codebook decoding.
-
-Codebooks that are not an exact divisor of the partition size are now
-truncated to fit within the partition.
-
---- media/libtremor/lib/tremor_codebook.c.orig 2017-04-11 02:13:12.000000000 +0000
-+++ media/libtremor/lib/tremor_codebook.c
-@@ -258,7 +258,7 @@ long vorbis_book_decodevs_add(codebook *
-       t[i] = book->valuelist+entry[i]*book->dim;
-       }
-       for(i=0,o=0;i<book->dim;i++,o+=step)
--      for (j=0;j<step;j++)
-+      for (j=0;o+j<n && j<step;j++)
-         a[o+j]+=t[j][i]>>shift;
-     }else{
-       for (i = 0; i < step; i++) {
-@@ -267,7 +267,7 @@ long vorbis_book_decodevs_add(codebook *
-       t[i] = book->valuelist+entry[i]*book->dim;
-       }
-       for(i=0,o=0;i<book->dim;i++,o+=step)
--      for (j=0;j<step;j++)
-+      for (j=0;o+j<n && j<step;j++)
-         a[o+j]+=t[j][i]<<-shift;
-     }
-   }
-@@ -287,7 +287,7 @@ long vorbis_book_decodev_add(codebook *b
-       entry = decode_packed_entry_number(book,b);
-       if(entry==-1)return(-1);
-       t     = book->valuelist+entry*book->dim;
--      for (j=0;j<book->dim;)
-+      for (j=0;i<n && j<book->dim;)
-         a[i++]+=t[j++]>>shift;
-       }
-     }else{
-@@ -295,7 +295,7 @@ long vorbis_book_decodev_add(codebook *b
-       entry = decode_packed_entry_number(book,b);
-       if(entry==-1)return(-1);
-       t     = book->valuelist+entry*book->dim;
--      for (j=0;j<book->dim;)
-+      for (j=0;i<n && j<book->dim;)
-         a[i++]+=t[j++]<<-shift;
-       }
-     }
-@@ -352,15 +352,15 @@ long vorbis_book_decodevv_add(codebook *
-     long i,j,entry;
-     int chptr=0;
-     int shift=point-book->binarypoint;
--    
-+    int m=offset+n;
-     if(shift>=0){
-       
--      for(i=offset;i<offset+n;){
-+      for(i=offset;i<m;){
-       entry = decode_packed_entry_number(book,b);
-       if(entry==-1)return(-1);
-       {
-         const ogg_int32_t *t = book->valuelist+entry*book->dim;
--        for (j=0;j<book->dim;j++){
-+        for (j=0;i<m && j<book->dim;j++){
-           a[chptr++][i]+=t[j]>>shift;
-           if(chptr==ch){
-             chptr=0;
-@@ -371,12 +371,12 @@ long vorbis_book_decodevv_add(codebook *
-       }
-     }else{
-       
--      for(i=offset;i<offset+n;){
-+      for(i=offset;i<m;){
-       entry = decode_packed_entry_number(book,b);
-       if(entry==-1)return(-1);
-       {
-         const ogg_int32_t *t = book->valuelist+entry*book->dim;
--        for (j=0;j<book->dim;j++){
-+        for (j=0;i<m && j<book->dim;j++){
-           a[chptr++][i]+=t[j]<<-shift;
-           if(chptr==ch){
-             chptr=0;



Home | Main Index | Thread Index | Old Index