Subject: CVS commit: pkgsrc/www/firefox
To: None <pkgsrc-changes@NetBSD.org>
From: Shin'ichiro TAYA <taya@netbsd.org>
List: pkgsrc-changes
Date: 02/27/2005 13:20:43
Module Name: pkgsrc
Committed By: taya
Date: Sun Feb 27 13:20:43 UTC 2005
Modified Files:
pkgsrc/www/firefox: Makefile Makefile-firefox.common PLIST
buildlink3.mk distinfo
Log Message:
Update firefox to 1.0.1.
And switched to use gtk2.
Changes from release notes:
* Improved stability
* International Domain Names are now displayed as punycode.
(To show International Domain Names in Unicode, set the
"network.IDN_show_punycode" preference to false.)
* Several security fixes.
MFSA 2005-29 Internationalized Domain Name (IDN) homograph spoofing
MFSA 2005-28 Unsafe /tmp/plugtmp directory exploitable to erase user's files
MFSA 2005-27 Plugins can be used to load privileged content
MFSA 2005-26 Cross-site scripting by dropping javascript: link on tab
MFSA 2005-25 Image drag and drop executable spoofing
MFSA 2005-24 HTTP auth prompt tab spoofing
MFSA 2005-23 Download dialog source spoofing
MFSA 2005-22 Download dialog spoofing using Content-Disposition header
MFSA 2005-21 Overwrite arbitrary files downloading .lnk twice
MFSA 2005-20 XSLT can include stylesheets from arbitrary hosts
MFSA 2005-19 Autocomplete data leak
MFSA 2005-18 Memory overwrite in string library
MFSA 2005-17 Install source spoofing with user:pass@host
MFSA 2005-16 Spoofing download and security dialogs with overlapping windows
MFSA 2005-15 Heap overflow possible in UTF8 to Unicode conversion
MFSA 2005-14 SSL "secure site" indicator spoofing
MFSA 2005-13 Window Injection Spoofing
To generate a diff of this commit:
cvs rdiff -r1.11 -r1.12 pkgsrc/www/firefox/Makefile pkgsrc/www/firefox/PLIST
cvs rdiff -r1.10 -r1.11 pkgsrc/www/firefox/Makefile-firefox.common
cvs rdiff -r1.1 -r1.2 pkgsrc/www/firefox/buildlink3.mk
cvs rdiff -r1.24 -r1.25 pkgsrc/www/firefox/distinfo
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.