Subject: CVS commit: [pkgsrc-2005Q1] pkgsrc/www/firefox-gtk2-bin
To: None <pkgsrc-changes@NetBSD.org>
From: Lubomir Sedlacik <salo@netbsd.org>
List: pkgsrc-changes
Date: 04/16/2005 14:10:22
Module Name: pkgsrc
Committed By: salo
Date: Sat Apr 16 14:10:21 UTC 2005
Modified Files:
pkgsrc/www/firefox-gtk2-bin [pkgsrc-2005Q1]: Makefile distinfo
Log Message:
Pullup ticket 446 - requested by Matthias Scheler
security fix for firefox-gtk2-bin
Revisions pulled up:
- pkgsrc/www/firefox-gtk2-bin/Makefile 1.9
- pkgsrc/www/firefox-gtk2-bin/distinfo 1.10
Module Name: pkgsrc
Committed By: tron
Date: Sat Apr 16 12:47:22 UTC 2005
Modified Files:
pkgsrc/www/firefox-gtk2-bin: Makefile distinfo
Log Message:
Update "firefox-gtk2-bin" package to version 1.0.3. The new version fixes
the following security issues:
MFSA 2005-33 Javascript "lambda" replace exposes memory contents
MFSA 2005-34 javascript: PLUGINSPAGE code execution
MFSA 2005-35 Showing blocked javascript: popup uses wrong privilege context
MFSA 2005-36 Cross-site scripting through global scope pollution
MFSA 2005-37 Code execution through javascript: favicons
MFSA 2005-38 Search plugin cross-site scripting
MFSA 2005-39 Arbitrary code execution from Firefox sidebar panel II
MFSA 2005-40 Missing Install object instance checks
MFSA 2005-41 Privilege escalation via DOM property overrides
To generate a diff of this commit:
cvs rdiff -r1.6.2.2 -r1.6.2.3 pkgsrc/www/firefox-gtk2-bin/Makefile
cvs rdiff -r1.7.2.2 -r1.7.2.3 pkgsrc/www/firefox-gtk2-bin/distinfo
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.