Subject: CVS commit: [pkgsrc-2010Q2] pkgsrc/devel/xulrunner
From: Matthias Scheler
Date: 2010-07-22 15:23:33
Message id: 20100722132334.5E352175DD@cvs.netbsd.org

Log Message:
Pullup ticket #3177 - requested by tnn
devel/xulrunner: security update
www/firefox: security update

Revisions pulled up:
- devel/xulrunner/PLIST				1.23
- devel/xulrunner/dist.mk			1.12
- devel/xulrunner/distinfo			1.34
- devel/xulrunner/patches/patch-bc		delete
- devel/xulrunner/patches/patch-mp		1.4
---
Module Name:	pkgsrc
Committed By:	tnn
Date:		Wed Jul 21 16:55:34 UTC 2010

Modified Files:
	pkgsrc/devel/xulrunner: PLIST dist.mk distinfo
	pkgsrc/devel/xulrunner/patches: patch-mp
Removed Files:
	pkgsrc/devel/xulrunner/patches: patch-bc

Log Message:
firefox-3.6.7 / xulrunner-1.9.2.7 security update.

MFSA 2010-47 Cross-origin data leakage from script filename in error
messages MFSA 2010-46 Cross-domain data theft using CSS
MFSA 2010-45 Multiple location bar spoofing vulnerabilities
MFSA 2010-44 Characters mapped to U+FFFD in 8 bit encodings cause
subsequent character to vanish
MFSA 2010-43 Same-origin bypass using canvas context
MFSA 2010-42 Cross-origin data disclosure via Web Workers and
importScripts MFSA 2010-41 Remote code execution using malformed PNG
image MFSA 2010-40 nsTreeSelection dangling pointer remote code
execution MFSA 2010-39 nsCSSValue::Array index integer overflow
MFSA 2010-38 Arbitrary code execution using SJOW and fast native
function MFSA 2010-37 Plugin parameter EnsureCachedAttrParamArrays
remote code execution MFSA 2010-36 Use-after-free error in NodeIterator
MFSA 2010-35 DOM attribute cloning remote code execution vulnerability
MFSA 2010-34 Miscellaneous memory safety hazards (rv:1.9.2.7/ 1.9.1.11)

Files:
RevisionActionfile
1.22.2.1modifypkgsrc/devel/xulrunner/PLIST
1.11.2.1modifypkgsrc/devel/xulrunner/dist.mk
1.33.2.1modifypkgsrc/devel/xulrunner/distinfo
1.3.6.1modifypkgsrc/devel/xulrunner/patches/patch-mp
1.1removepkgsrc/devel/xulrunner/patches/patch-bc