Path to this page:
Subject: CVS commit: [pkgsrc-2010Q3] pkgsrc/devel/xulrunner
From: Matthias Scheler
Date: 2010-12-14 11:44:05
Message id: 20101214104405.65079175DD@cvs.netbsd.org
Log Message:
Pullup ticket #3301 - requested by tnn
devel/xulrunner: security update
www/firefox: security update
Revisions pulled up:
- devel/xulrunner/Makefile 1.43,1.45
- devel/xulrunner/PLIST 1.25-1.26
- devel/xulrunner/dist.mk 1.17
- devel/xulrunner/distinfo 1.39
- devel/xulrunner/mozilla-common.mk 1.17-1.18
- devel/xulrunner/patches/patch-pe delete
- www/firefox/Makefile 1.78,1.80
---
Module Name: pkgsrc
Committed By: joerg
Date: Wed Nov 3 01:22:36 UTC 2010
Modified Files:
pkgsrc/devel/xulrunner: mozilla-common.mk
Log Message:
Requires sqlite3 3.7.1 now. Reported by cegger.
---
Module Name: pkgsrc
Committed By: tnn
Date: Sat Nov 13 11:54:44 UTC 2010
Modified Files:
pkgsrc/devel/xulrunner: Makefile PLIST mozilla-common.mk
pkgsrc/mail/thunderbird: Makefile
pkgsrc/www/firefox: Makefile
pkgsrc/www/seamonkey: Makefile
Log Message:
Reluctantly switch over to bundled cairo and pixman for mozilla
packages, like other distros have recently done. Bump package revisions.
Background:
The cairo-1.10 update caused multiple regressions in firefox, such as
flickering gif animations and crashes.
Mozilla doesn't seem interested in fixing it on the stable branches:
https://bugzilla.mozilla.org/show_bug.cgi?id=610107
Other references:
https://bugzilla.redhat.com/show_bug.cgi?id=628331
http://bugs.gentoo.org/show_bug.cgi?id=337813
https://bugzilla.mozilla.org/show_bug.cgi?id=597174
This workaround is guaranteed to cause other problems in the long run;
so we should attempt to switch back when we move to the mozilla-2.0
branch.
---
odule Name: pkgsrc
Committed By: tnn
Date: Sat Dec 11 14:46:29 UTC 2010
Modified Files:
pkgsrc/devel/xulrunner: Makefile PLIST dist.mk distinfo
pkgsrc/www/firefox: Makefile
Removed Files:
pkgsrc/devel/xulrunner/patches: patch-pe
Log Message:
Update to firefox-3.6.13.
MFSA 2010-84 XSS hazard in multiple character encodings
MFSA 2010-83 Location bar SSL spoofing using network error page
MFSA 2010-82 Incomplete fix for CVE-2010-0179
MFSA 2010-81 Integer overflow vulnerability in NewIdArray
MFSA 2010-80 Use-after-free error with nsDOMAttribute MutationObserver
MFSA 2010-79 Java security bypass from LiveConnect loaded via data: URL
meta refresh
MFSA 2010-78 Add support for OTS font sanitizer
MFSA 2010-77 Crash and remote code execution using HTML tags inside a XUL tree
MFSA 2010-76 Chrome privilege escalation with window.open and <isindex> element
MFSA 2010-75 Buffer overflow while line breaking after document.write with
long string
MFSA 2010-74 Miscellaneous memory safety hazards (rv:1.9.2.13/ 1.9.1.16)
Files: