Next | Query returned 41 messages, browsing 11 to 20 | Previous

History of commit frequency

CVS Commit History:


   2023-09-10 16:42:29 by Nia Alarie | Files touched by this commit (8)
Log message:
firefox102: Update to 102.15.0

Add some fixes from www/firefox, thanks a lot tnn@.

Security Vulnerabilities fixed in Firefox ESR 102.15

    #CVE-2023-4573: Memory corruption in IPC CanvasTranslator

    #CVE-2023-4574: Memory corruption in IPC ColorPickerShownCallback

    #CVE-2023-4575: Memory corruption in IPC FilePickerShownCallback

    #CVE-2023-4576: Integer Overflow in RecordedSourceSurfaceCreation

    #CVE-2023-4581: XLL file extensions were downloadable without warnings

    #CVE-2023-4584: Memory safety bugs fixed in Firefox 117, Firefox ESR 102.15,
    Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2
   2023-08-14 07:25:36 by Thomas Klausner | Files touched by this commit (1247)
Log message:
*: recursive bump for Python 3.11 as new default
   2023-08-08 17:46:58 by Nia Alarie | Files touched by this commit (4)
Log message:
firefox102: Update to 102.14.0

Security Vulnerabilities fixed in Firefox ESR 102.14

    #CVE-2023-4045: Offscreen Canvas could have bypassed cross-origin
    restrictions

    #CVE-2023-4046: Incorrect value used during WASM compilation

    #CVE-2023-4047: Potential permissions request bypass via clickjacking

    #CVE-2023-4048: Crash in DOMParser due to out-of-memory conditions

    #CVE-2023-4049: Fix potential race conditions when releasing platform
    objects

    #CVE-2023-4050: Stack buffer overflow in StorageManager

    #CVE-2023-4054: Lack of warning when opening appref-ms files

    #CVE-2023-4055: Cookie jar overflow caused unexpected cookie jar state

    #CVE-2023-4056: Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1,
    Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14
   2023-07-26 17:52:05 by Ryo ONODERA | Files touched by this commit (2)
Log message:
firefox102: Enable WebRTC X11 desktop capture

Fix PR pkg/56955.
Bump PKGREVISION.
   2023-07-22 11:00:00 by Nia Alarie | Files touched by this commit (1)
Log message:
firefox102: Enable alsa backend by default on Linux
   2023-07-07 22:47:53 by Nia Alarie | Files touched by this commit (4) | Package updated
Log message:
firefox102: update to 102.13.0

Security Vulnerabilities fixed in Firefox ESR 102.13

    #CVE-2023-37201: Use-after-free in WebRTC certificate generation

    #CVE-2023-37202: Potential use-after-free from compartment mismatch in
    SpiderMonkey

    #CVE-2023-37207: Fullscreen notification obscured

    #CVE-2023-37208: Lack of warning when opening Diagcab files

    #CVE-2023-37211: Memory safety bugs fixed in Firefox 115, Firefox ESR
    102.13, and Thunderbird 102.13
   2023-06-25 18:07:08 by Nia Alarie | Files touched by this commit (4) | Package updated
Log message:
firefox102: update to 102.12

Security Vulnerabilities fixed in Firefox ESR 102.12

    #CVE-2023-34414: Click-jacking certificate exceptions through rendering lag

    #CVE-2023-34416: Memory safety bugs fixed in Firefox 114 and Firefox ESR
    102.12
   2023-06-06 14:42:56 by Taylor R Campbell | Files touched by this commit (1319)
Log message:
Mass-change BUILD_DEPENDS to TOOL_DEPENDS outside mk/.

Almost all uses, if not all of them, are wrong, according to the
semantics of BUILD_DEPENDS (packages built for target available for
use _by_ tools at build-time) and TOOL_DEPEPNDS (packages built for
host available for use _as_ tools at build-time).

No change to BUILD_DEPENDS as used correctly inside buildlink3.

As proposed on tech-pkg:
https://mail-index.netbsd.org/tech-pkg/2023/06/03/msg027632.html
   2023-05-14 21:50:11 by Nia Alarie | Files touched by this commit (4) | Package updated
Log message:
firefox102: update to 102.11

Security Vulnerabilities fixed in Firefox ESR 102.11

    #CVE-2023-32205: Browser prompts could have been obscured by popups

    #CVE-2023-32206: Crash in RLBox Expat driver

    #CVE-2023-32207: Potential permissions request bypass via clickjacking

    #CVE-2023-32211: Content process crash due to invalid wasm code

    #CVE-2023-32212: Potential spoof due to obscured address bar

    #CVE-2023-32213: Potential memory corruption in FileReader::DoReadData()

    #CVE-2023-32214: Potential DoS via exposed protocol handlers
   2023-05-06 21:09:54 by Ryo ONODERA | Files touched by this commit (687)
Log message:
*: Recursive revbump from audio/libopus 1.4

Next | Query returned 41 messages, browsing 11 to 20 | Previous