Subject: CVS commit: pkgsrc/www/firefox45
From: Ryo ONODERA
Date: 2017-03-26 05:53:34
Message id: 20170326035334.DD7DAFBE4@cvs.NetBSD.org
Log Message:
Update to 45.8.0

Changelog:
 #CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP
 #CVE-2017-5401: Memory Corruption when handling ErrorResult
 #CVE-2017-5402: Use-after-free working with events in FontFace objects
 #CVE-2017-5404: Use-after-free working with ranges in selections
 #CVE-2017-5407: Pixel and history stealing via floating-point timing side \ 
channel with SVG filters
 #CVE-2017-5410: Memory corruption during JavaScript garbage collection \ 
incremental sweeping
 #CVE-2017-5409: File deletion via callback parameter in Mozilla Windows Updater \ 
and Maintenance Service
 #CVE-2017-5408: Cross-origin reading of video captions in violation of CORS
 #CVE-2017-5405: FTP response codes can cause use of uninitialized values for ports
 #CVE-2017-5398: Memory safety bugs fixed in Firefox 52 and Firefox ESR 45.8
Files:
RevisionActionfile
1.22modifypkgsrc/www/firefox45/Makefile
1.13modifypkgsrc/www/firefox45/distinfo
1.6modifypkgsrc/www/firefox45/mozilla-common.mk
1.2modifypkgsrc/www/firefox45/patches/patch-ipc_chromium_src_base_message__pump__libevent.cc