Subject: CVS commit: pkgsrc/www/firefox
From: Ryo ONODERA
Date: 2016-12-18 02:31:00
Message id: 20161218013100.8A945FBA6@cvs.NetBSD.org
Log Message:
Update to 50.1.0

Changelog:
 #CVE-2016-9894: Buffer overflow in SkiaGL
 #CVE-2016-9899: Use-after-free while manipulating DOM events and audio elements
 #CVE-2016-9895: CSP bypass using marquee tag
 #CVE-2016-9896: Use-after-free with WebVR
 #CVE-2016-9897: Memory corruption in libGLES
 #CVE-2016-9898: Use-after-free in Editor while manipulating DOM subtrees
 #CVE-2016-9900: Restricted external resources can be loaded by SVG images \ 
through data URLs
 #CVE-2016-9904: Cross-origin information leak in shared atoms
 #CVE-2016-9901: Data from Pocket server improperly sanitized before execution
 #CVE-2016-9902: Pocket extension does not validate the origin of events
 #CVE-2016-9903: XSS injection vulnerability in add-ons SDK
 #CVE-2016-9080: Memory safety bugs fixed in Firefox 50.1
 #CVE-2016-9893: Memory safety bugs fixed in Firefox 50.1 and Firefox ESR 45.6
Files:
RevisionActionfile
1.275modifypkgsrc/www/firefox/Makefile
1.114modifypkgsrc/www/firefox/PLIST
1.265modifypkgsrc/www/firefox/distinfo