Navigation:
Browse pkgsrc
(this page)
New packages:Log Message:
Pullup ticket #2441 - requested by ghen
Security update for firefox, firefox-bin and firefox-gtk1
Revisions pulled up:
- www/firefox-bin/Makefile 1.43
- www/firefox-bin/distinfo 1.43
- www/firefox/Makefile-firefox.common 1.58
- www/firefox/PLIST 1.29
- www/firefox/distinfo 1.78
- www/firefox/patches/patch-af 1.6
- www/firefox/patches/patch-ap 1.9
- www/firefox/patches/patch-de 1.2
---
Module Name: pkgsrc
Committed By: ghen
Date: Wed Jul 2 09:03:35 UTC 2008
Modified Files:
pkgsrc/www/firefox: Makefile-firefox.common PLIST distinfo
pkgsrc/www/firefox-bin: Makefile distinfo
pkgsrc/www/firefox/patches: patch-af patch-ap patch-de
Log Message:
Update firefox, firefox-bin and firefox-gtk1 to 2.0.0.15.
Part of patch-af has been fixed upstream.
Security fixes in this version:
MFSA 2008-33 Crash and remote code execution in block reflow
MFSA 2008-32 Remote site run as local file via Windows URL shortcut
MFSA 2008-31 Peer-trusted certs can use alt names to spoof
MFSA 2008-30 File location URL in directory listings not escaped properly
MFSA 2008-29 Faulty .properties file results in uninitialized memory being used
MFSA 2008-28 Arbitrary socket connections with Java LiveConnect on Mac OS X
MFSA 2008-27 Arbitrary file upload via originalTarget and DOM Range
MFSA 2008-25 Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript()
MFSA 2008-24 Chrome script loading from fastload file
MFSA 2008-23 Signed JAR tampering
MFSA 2008-22 XSS through JavaScript same-origin violation
MFSA 2008-21 Crashes with evidence of memory corruption (rv:1.8.1.15)
For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.15/releasenotes/