Subject: CVS commit: [pkgsrc-2010Q3] pkgsrc/devel/xulrunner
From: Matthias Scheler
Date: 2010-12-14 11:44:05
Message id: 20101214104405.65079175DD@cvs.netbsd.org

Log Message:
Pullup ticket #3301 - requested by tnn
devel/xulrunner: security update
www/firefox: security update

Revisions pulled up:
- devel/xulrunner/Makefile			1.43,1.45
- devel/xulrunner/PLIST				1.25-1.26
- devel/xulrunner/dist.mk			1.17
- devel/xulrunner/distinfo			1.39
- devel/xulrunner/mozilla-common.mk		1.17-1.18
- devel/xulrunner/patches/patch-pe		delete
- www/firefox/Makefile				1.78,1.80
---
Module Name:	pkgsrc
Committed By:	joerg
Date:		Wed Nov  3 01:22:36 UTC 2010

Modified Files:
	pkgsrc/devel/xulrunner: mozilla-common.mk

Log Message:
Requires sqlite3 3.7.1 now. Reported by cegger.
---
Module Name:	pkgsrc
Committed By:	tnn
Date:		Sat Nov 13 11:54:44 UTC 2010

Modified Files:
	pkgsrc/devel/xulrunner: Makefile PLIST mozilla-common.mk
	pkgsrc/mail/thunderbird: Makefile
	pkgsrc/www/firefox: Makefile
	pkgsrc/www/seamonkey: Makefile

Log Message:
Reluctantly switch over to bundled cairo and pixman for mozilla
packages, like other distros have recently done. Bump package revisions.

Background:
The cairo-1.10 update caused multiple regressions in firefox, such as
flickering gif animations and crashes.
Mozilla doesn't seem interested in fixing it on the stable branches:
  https://bugzilla.mozilla.org/show_bug.cgi?id=610107
Other references:
  https://bugzilla.redhat.com/show_bug.cgi?id=628331
  http://bugs.gentoo.org/show_bug.cgi?id=337813
  https://bugzilla.mozilla.org/show_bug.cgi?id=597174

This workaround is guaranteed to cause other problems in the long run;
so we should attempt to switch back when we move to the mozilla-2.0
branch.
---
odule Name:	pkgsrc
Committed By:	tnn
Date:		Sat Dec 11 14:46:29 UTC 2010

Modified Files:
	pkgsrc/devel/xulrunner: Makefile PLIST dist.mk distinfo
	pkgsrc/www/firefox: Makefile
Removed Files:
	pkgsrc/devel/xulrunner/patches: patch-pe

Log Message:
Update to firefox-3.6.13.

MFSA 2010-84 XSS hazard in multiple character encodings
MFSA 2010-83 Location bar SSL spoofing using network error page
MFSA 2010-82 Incomplete fix for CVE-2010-0179
MFSA 2010-81 Integer overflow vulnerability in NewIdArray
MFSA 2010-80 Use-after-free error with nsDOMAttribute MutationObserver
MFSA 2010-79 Java security bypass from LiveConnect loaded via data: URL
             meta refresh
MFSA 2010-78 Add support for OTS font sanitizer
MFSA 2010-77 Crash and remote code execution using HTML tags inside a XUL tree
MFSA 2010-76 Chrome privilege escalation with window.open and <isindex> element
MFSA 2010-75 Buffer overflow while line breaking after document.write with
             long string
MFSA 2010-74 Miscellaneous memory safety hazards (rv:1.9.2.13/ 1.9.1.16)

Files:
RevisionActionfile
1.24.2.1modifypkgsrc/devel/xulrunner/PLIST
1.14.2.3modifypkgsrc/devel/xulrunner/dist.mk
1.36.2.3modifypkgsrc/devel/xulrunner/distinfo
1.16.2.1modifypkgsrc/devel/xulrunner/mozilla-common.mk
1.2removepkgsrc/devel/xulrunner/patches/patch-pe