CVS commit: [pkgsrc-2008Q1] pkgsrc/www

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: [pkgsrc-2008Q1] pkgsrc/www
From: Matthias Scheler <tron%netbsd.org@localhost>
Date: Wed, 2 Jul 2008 13:13:59 +0000 (UTC)

Module Name:    pkgsrc
Committed By:   tron
Date:           Wed Jul  2 13:13:59 UTC 2008

Modified Files:
        pkgsrc/www/firefox [pkgsrc-2008Q1]: Makefile-firefox.common PLIST
            distinfo
        pkgsrc/www/firefox-bin [pkgsrc-2008Q1]: Makefile distinfo
        pkgsrc/www/firefox/patches [pkgsrc-2008Q1]: patch-af patch-ap patch-de

Log Message:
Pullup ticket #2441 - requested by ghen
Security update for firefox, firefox-bin and firefox-gtk1

Revisions pulled up:
- www/firefox-bin/Makefile              1.43
- www/firefox-bin/distinfo              1.43
- www/firefox/Makefile-firefox.common   1.58
- www/firefox/PLIST                     1.29
- www/firefox/distinfo                  1.78
- www/firefox/patches/patch-af          1.6
- www/firefox/patches/patch-ap          1.9
- www/firefox/patches/patch-de          1.2
---
    Module Name:        pkgsrc
    Committed By:       ghen
    Date:               Wed Jul  2 09:03:35 UTC 2008

    Modified Files:
        pkgsrc/www/firefox: Makefile-firefox.common PLIST distinfo
        pkgsrc/www/firefox-bin: Makefile distinfo
        pkgsrc/www/firefox/patches: patch-af patch-ap patch-de

    Log Message:
    Update firefox, firefox-bin and firefox-gtk1 to 2.0.0.15.

    Part of patch-af has been fixed upstream.

    Security fixes in this version:

    MFSA 2008-33 Crash and remote code execution in block reflow
    MFSA 2008-32 Remote site run as local file via Windows URL shortcut
    MFSA 2008-31 Peer-trusted certs can use alt names to spoof
    MFSA 2008-30 File location URL in directory listings not escaped properly
    MFSA 2008-29 Faulty .properties file results in uninitialized memory being 
used
    MFSA 2008-28 Arbitrary socket connections with Java LiveConnect on Mac OS X
    MFSA 2008-27 Arbitrary file upload via originalTarget and DOM Range
    MFSA 2008-25 Arbitrary code execution in 
mozIJSSubScriptLoader.loadSubScript()
    MFSA 2008-24 Chrome script loading from fastload file
    MFSA 2008-23 Signed JAR tampering
    MFSA 2008-22 XSS through JavaScript same-origin violation
    MFSA 2008-21 Crashes with evidence of memory corruption (rv:1.8.1.15)

    For more info, see 
http://www.mozilla.com/en-US/firefox/2.0.0.15/releasenotes/


To generate a diff of this commit:
cvs rdiff -r1.55.2.1 -r1.55.2.2 pkgsrc/www/firefox/Makefile-firefox.common
cvs rdiff -r1.28 -r1.28.6.1 pkgsrc/www/firefox/PLIST
cvs rdiff -r1.75.2.1 -r1.75.2.2 pkgsrc/www/firefox/distinfo
cvs rdiff -r1.41.2.1 -r1.41.2.2 pkgsrc/www/firefox-bin/Makefile \
    pkgsrc/www/firefox-bin/distinfo
cvs rdiff -r1.5 -r1.5.8.1 pkgsrc/www/firefox/patches/patch-af
cvs rdiff -r1.8 -r1.8.8.1 pkgsrc/www/firefox/patches/patch-ap
cvs rdiff -r1.1 -r1.1.8.1 pkgsrc/www/firefox/patches/patch-de

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/devel
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/devel
Indexes:

Home | Main Index | Thread Index | Old Index