Subject: CVS commit: [pkgsrc-2017Q4] pkgsrc/www
From: S.P.Zeidler
Date: 2018-03-21 21:49:56
Message id: 20180321204956.7965EFB40@cvs.NetBSD.org

Log Message:
Pullup ticket #5726 - requested by maya
www/seamonkey-l10n: security patch
www/seamonkey: security patch

Revisions pulled up:
- www/seamonkey-l10n/Makefile                                   1.42
- www/seamonkey-l10n/distinfo                                   1.40
- www/seamonkey/Makefile                                        1.170,1.172-1.173
- www/seamonkey/PLIST                                           1.60
- www/seamonkey/distinfo                                        1.148-1.150
- www/seamonkey/patches/patch-CVE-2018-5146                     1.1
- www/seamonkey/patches/patch-CVE-2018-5147                     1.1

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   ryoon
   Date:           Sat Mar  3 22:14:41 UTC 2018

   Modified Files:
           pkgsrc/www/seamonkey: Makefile PLIST distinfo

   Log Message:
   Update to 2.49.2

   Changelog:
   * Based on Firefox 52.6 and Thunderbird 52.6

   To generate a diff of this commit:
   cvs rdiff -u -r1.169 -r1.170 pkgsrc/www/seamonkey/Makefile
   cvs rdiff -u -r1.59 -r1.60 pkgsrc/www/seamonkey/PLIST
   cvs rdiff -u -r1.147 -r1.148 pkgsrc/www/seamonkey/distinfo

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   ryoon
   Date:           Sat Mar  3 22:15:36 UTC 2018

   Modified Files:
           pkgsrc/www/seamonkey-l10n: Makefile distinfo

   Log Message:
   Update to 2.49.2

   Sync with www/seamonkey-2.49.2

   To generate a diff of this commit:
   cvs rdiff -u -r1.41 -r1.42 pkgsrc/www/seamonkey-l10n/Makefile
   cvs rdiff -u -r1.39 -r1.40 pkgsrc/www/seamonkey-l10n/distinfo

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   maya
   Date:           Fri Mar 16 23:25:56 UTC 2018

   Modified Files:
           pkgsrc/www/seamonkey: Makefile distinfo
   Added Files:
           pkgsrc/www/seamonkey/patches: patch-CVE-2018-5146

   Log Message:
   seamonkey: apply patch from firefox52 to fix CVE-2018-5146
   remote code execution via ogg files.

   Note firefox52 nor this patches tremor, so the vulnerability still exists
   for ARM (which uses tremor rather than vorbis).

   Blind commit. I don't have the resources to build so many firefoxes.
   However it is based off firefox52.

   PKGREVISION++

   To generate a diff of this commit:
   cvs rdiff -u -r1.171 -r1.172 pkgsrc/www/seamonkey/Makefile
   cvs rdiff -u -r1.148 -r1.149 pkgsrc/www/seamonkey/distinfo
   cvs rdiff -u -r0 -r1.1 pkgsrc/www/seamonkey/patches/patch-CVE-2018-5146

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   maya
   Date:           Sat Mar 17 00:06:17 UTC 2018

   Modified Files:
           pkgsrc/www/seamonkey: Makefile distinfo
   Added Files:
           pkgsrc/www/seamonkey/patches: patch-CVE-2018-5147

   Log Message:
   seamonkey: also provide patch for tremor (i.e. relevant for ARM) vulnerability

   Also backported upstream after the release:
   https://hg.mozilla.org/releases/mozilla-esr52/rev/5cd5586a2f48

   PKGREVISION++

   To generate a diff of this commit:
   cvs rdiff -u -r1.172 -r1.173 pkgsrc/www/seamonkey/Makefile
   cvs rdiff -u -r1.149 -r1.150 pkgsrc/www/seamonkey/distinfo
   cvs rdiff -u -r0 -r1.1 pkgsrc/www/seamonkey/patches/patch-CVE-2018-5147

Files:
RevisionActionfile
1.167.2.1modifypkgsrc/www/seamonkey/Makefile
1.59.2.1modifypkgsrc/www/seamonkey/PLIST
1.147.2.1modifypkgsrc/www/seamonkey/distinfo
1.41.2.1modifypkgsrc/www/seamonkey-l10n/Makefile
1.39.2.1modifypkgsrc/www/seamonkey-l10n/distinfo
1.1.2.2addpkgsrc/www/seamonkey/patches/patch-CVE-2018-5146
1.1.2.2addpkgsrc/www/seamonkey/patches/patch-CVE-2018-5147