Subject: CVS commit: [pkgsrc-2005Q2] pkgsrc/www/firefox-bin
To: None <pkgsrc-changes@NetBSD.org>
From: Soren Jacobsen <snj@netbsd.org>
List: pkgsrc-changes
Date: 07/14/2005 21:35:46
Module Name:	pkgsrc
Committed By:	snj
Date:		Thu Jul 14 21:35:46 UTC 2005

Modified Files:
	pkgsrc/www/firefox-bin [pkgsrc-2005Q2]: Makefile distinfo

Log Message:
Pullup ticket 598 - requested by Matthias Scheler
security update for firefox-bin

Revisions pulled up:
- pkgsrc/www/firefox-bin/Makefile	1.8
- pkgsrc/www/firefox-bin/distinfo	1.10

    Module Name:    pkgsrc
    Committed By:   tron
    Date:           Wed Jul 13 07:18:53 UTC 2005

    Modified Files:
            pkgsrc/www/firefox-bin: Makefile distinfo

    Log Message:
    Update "firefox-bin"package to version 1.0.5. Besides improved stability
    this release fixes the following security issues:
    MFSA 2005-56 Code execution through shared function objects
    MFSA 2005-55 XHTML node spoofing
    MFSA 2005-54 Javascript prompt origin spoofing
    MFSA 2005-53 Standalone applications can run arbitrary code through the
        browser
    MFSA 2005-52 Same origin violation: frame calling top.focus()
    MFSA 2005-51 The return of frame-injection spoofing
    MFSA 2005-50 Possibly exploitable crash in InstallVersion.compareTo()
    MFSA 2005-49 Script injection from Firefox sidebar panel using data:
    MFSA 2005-48 Same-origin violation with InstallTrigger callback
    MFSA 2005-47 Code execution via "Set as Wallpaper"
    MFSA 2005-46 XBL scripts ran even when Javascript disabled
    MFSA 2005-45 Content-generated event vulnerabilities


To generate a diff of this commit:
cvs rdiff -r1.7 -r1.7.2.1 pkgsrc/www/firefox-bin/Makefile
cvs rdiff -r1.9 -r1.9.2.1 pkgsrc/www/firefox-bin/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.