./devel/xulrunner, XML User Interface Language runtime environment

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: pkgsrc-2012Q4, Version: 17.0.2, Package name: xulrunner-17.0.2, Maintainer: tnn

XULRunner is a runtime environment for applications using the
XML User Interface Language, XUL. It is the successor of the "Gecko"
runtime environment.


Required to run:
[devel/libffi] [devel/nss] [devel/nspr] [multimedia/libvpx] [databases/sqlite3] [x11/gtk2] [net/libIDL] [graphics/MesaLib] [graphics/cairo] [graphics/jpeg] [textproc/hunspell]

Required to build:
[archivers/zip] [devel/gmake] [devel/pkg-config] [devel/autoconf213] [lang/python27] [lang/perl5] [pkgtools/x11-links] [databases/py-sqlite2] [x11/fixesproto4] [x11/inputproto] [x11/randrproto] [x11/compositeproto] [x11/renderproto] [x11/xextproto] [x11/xcb-proto] [x11/xproto]

Master sites: (Expand)


Version history: (Expand)


CVS history: (Expand)


   2013-01-13 18:44:59 by Matthias Scheler | Files touched by this commit (3)
Log message:
Apply patch submitted by Ryo ONODERA in ticket #4010:
Update "firefox" and "xulrunner" package to version 17.0.2. \ 
This fixes
the following security vulnerabilities:
- MFSA 2013-20 Mis-issued TURKTRUST certificates
- MFSA 2013-19 Use-after-free in Javascript Proxy objects
- MFSA 2013-18 Use-after-free in Vibrate
- MFSA 2013-17 Use-after-free in ListenerManager
- MFSA 2013-16 Use-after-free in serializeToStream
- MFSA 2013-15 Privilege escalation through plugin objects
- MFSA 2013-14 Chrome Object Wrapper (COW) bypass through changing prototype
- MFSA 2013-13 Memory corruption in XBL with XML bindings containing SVG
- MFSA 2013-12 Buffer overflow in Javascript string concatenation
- MFSA 2013-11 Address space layout leaked in XBL objects
- MFSA 2013-10 Event manipulation in plugin handler to bypass same-origin
  policy
- MFSA 2013-09 Compartment mismatch with quickstubs returned values
- MFSA 2013-08 AutoWrapperChanger fails to keep objects alive during
  garbage collection
- MFSA 2013-07 Crash due to handling of SSL on threads
- MFSA 2013-05 Use-after-free when displaying table with many columns and
  column groups
- MFSA 2013-04 URL spoofing in addressbar during page loads
- MFSA 2013-03 Buffer Overflow in Canvas
- MFSA 2013-02 Use-after-free and buffer overflow issues found using
  Address Sanitizer
- MFSA 2013-01 Miscellaneous memory safety hazards (rv:18.0/
  rv:10.0.12 / rv:17.0.2)
- MFSA 2012-98 Firefox installer DLL hijacking