Navigation:
Browse pkgsrc
(this page)
devel xulrunne..
CVSweb ] [ 
Homepage ] [ 
RSS ] [ 
Required by ] [ 
Add to tracker ] 2009-12-20 20:41:08 by S.P.Zeidler | Files touched by this commit (4) |  |
Log message:
Pullup ticket 2953 - requested by tnn
security update
Revisions pulled up:
- pkgsrc/devel/xulrunner/Makefile by patch
- pkgsrc/devel/xulrunner/distinfo by patch
- pkgsrc/devel/xulrunner/mozilla-common.mk by patch
- pkgsrc/www/firefox/Makefile by patch
-------------------------------------------------------------------------
firefox-3.5.6 & xulrunner-1.9.1.6 fix the following vulnerabilities:
MFSA 2009-71 GeckoActiveXObject exception messages can be used to
enumerate installed COM objects
MFSA 2009-70 Privilege escalation via chrome window.opener
MFSA 2009-69 Location bar spoofing vulnerabilities
MFSA 2009-68 NTLM reflection vulnerability
MFSA 2009-67 Integer overflow, crash in libtheora video library
MFSA 2009-66 Memory safety fixes in liboggplay media library
MFSA 2009-65 Crashes with evidence of memory corruption
|
| 2009-10-28 19:13:24 by Matthias Scheler | Files touched by this commit (28) | |
Log message: Pullup ticket #2923 - requested by tnn xulrunner: security update firefox: security update Revisions pulled up: - devel/xulrunner/Makefile 1.24-1.25 - devel/xulrunner/PLIST 1.17-1.18 - devel/xulrunner/distinfo 1.13-1.14 - devel/xulrunner/mozilla-common.mk 1.2 - devel/xulrunner/patches/patch-aa 1.2 - devel/xulrunner/patches/patch-aq 1.3 - devel/xulrunner/patches/patch-ay 1.1 - devel/xulrunner/patches/patch-mf 1.2 - devel/xulrunner/patches/patch-mn 1.2 - devel/xulrunner/patches/patch-nb delete - devel/xulrunner/patches/patch-nc delete - devel/xulrunner/patches/patch-pd 1.2 - devel/xulrunner/patches/patch-ra 1.1 - devel/xulrunner/patches/patch-rb 1.1 - devel/xulrunner/patches/patch-rc 1.1 - www/firefox/Makefile 1.60-1.61 - www/firefox/PLIST 1.39 - www/firefox/distinfo delete - www/firefox/patches/patch-aa delete - www/firefox/patches/patch-ao delete - www/firefox/patches/patch-ma delete - www/firefox/patches/patch-mi delete - www/firefox/patches/patch-mk delete - www/firefox/patches/patch-mm delete - www/firefox/patches/patch-ra delete - www/firefox/patches/patch-rb delete - www/firefox/patches/patch-rc delete --- Module Name: pkgsrc Committed By: tnn Date: Sun Oct 11 10:49:57 UTC 2009 Modified Files: pkgsrc/devel/xulrunner: Makefile PLIST distinfo pkgsrc/devel/xulrunner/patches: patch-aa pkgsrc/www/firefox: Makefile Added Files: pkgsrc/devel/xulrunner/patches: patch-ay patch-ra patch-rb patch-rc Removed Files: pkgsrc/www/firefox: distinfo pkgsrc/www/firefox/patches: patch-aa patch-ao patch-ma patch-mi patch-mk patch-mm patch-ra patch-rb patch-rc Log message: - allow firefox and xulrunner to share some infrastructure - install headers for plugin and liveconnect (needed by openjdk7-icedtea-plugin) - bump revision for both packages --- Module Name: pkgsrc Committed By: tnn Date: Wed Oct 28 11:36:36 UTC 2009 Modified Files: pkgsrc/devel/xulrunner: Makefile PLIST distinfo mozilla-common.mk pkgsrc/devel/xulrunner/patches: patch-aq patch-mf patch-mn patch-pd pkgsrc/www/firefox: Makefile PLIST Removed Files: pkgsrc/devel/xulrunner/patches: patch-nb patch-nc Log message: Security and bugfix update of firefox (to 3.5.4) and xulrunner (to 1.9.1.4) Also fix broken DESTDIR support. Fixes the following security issues: MFSA 2009-64 Crashes with evidence of memory corruption (rv:1.9.1.4/ 1.9.0.15) MFSA 2009-63 Upgrade media libraries to fix memory safety bugs MFSA 2009-62 Download filename spoofing with RTL override MFSA 2009-61 Cross-origin data theft through document.getSelection() MFSA 2009-59 Heap buffer overflow in string to number conversion MFSA 2009-57 Chrome privilege escalation in XPCVariant::VariantDataToJS () MFSA 2009-56 Heap buffer overflow in GIF color map parser MFSA 2009-55 Crash in proxy auto-configuration regexp parsing MFSA 2009-54 Crash with recursive web-worker calls MFSA 2009-53 Local downloaded file tampering MFSA 2009-52 Form history vulnerable to stealing |
New packages: