Subject: CVS commit: [pkgsrc-2010Q3] pkgsrc/www/seamonkey
From: Matthias Scheler
Date: 2010-12-12 21:25:24
Message id: 20101212202524.53296175DD@cvs.netbsd.org

Log Message:
Pullup ticket #3303 - requested by tnn
www/seamonkey: security update

Revisions pulled up:
- www/seamonkey/Makefile			1.42-1.43,1.45 via patch
- www/seamonkey/distinfo			1.57-1.58
---
Module Name:    pkgsrc
Committed By:   tnn
Date:           Sat Nov 13 10:54:49 UTC 2010

Modified Files:
        pkgsrc/www/seamonkey: Makefile distinfo

Log Message:
Update to seamonkey-2.0.10.
Fixes MFSA 2010-73 Heap buffer overflow mixing document.write and DOM insertion
---
Module Name:    pkgsrc
Committed By:   tnn
Date:           Sat Nov 13 11:54:44 UTC 2010

Modified Files:
        pkgsrc/devel/xulrunner: Makefile PLIST mozilla-common.mk
        pkgsrc/mail/thunderbird: Makefile
        pkgsrc/www/firefox: Makefile
        pkgsrc/www/seamonkey: Makefile

Log Message:
Reluctantly switch over to bundled cairo and pixman for mozilla packages,
like other distros have recently done. Bump package revisions.

Background:
The cairo-1.10 update caused multiple regressions in firefox, such as
flickering gif animations and crashes.
Mozilla doesn't seem interested in fixing it on the stable branches:
  https://bugzilla.mozilla.org/show_bug.cgi?id=610107
Other references:
  https://bugzilla.redhat.com/show_bug.cgi?id=628331
  http://bugs.gentoo.org/show_bug.cgi?id=337813
  https://bugzilla.mozilla.org/show_bug.cgi?id=597174
---
odule Name:	pkgsrc
Committed By:	tnn
Date:		Sun Dec 12 00:07:23 UTC 2010

Modified Files:
	pkgsrc/www/seamonkey: Makefile distinfo

Log Message:
Update to seamonkey-2.0.11.

MFSA 2010-84 XSS hazard in multiple character encodings
MFSA 2010-83 Location bar SSL spoofing using network error page
MFSA 2010-82 Incomplete fix for CVE-2010-0179
MFSA 2010-81 Integer overflow vulnerability in NewIdArray
MFSA 2010-80 Use-after-free error with nsDOMAttribute MutationObserver
MFSA 2010-79 Java security bypass from LiveConnect loaded via data: URL
meta refresh
MFSA 2010-78 Add support for OTS font sanitizer
MFSA 2010-77 Crash and remote code execution using HTML tags inside a
XUL tree MFSA 2010-76 Chrome privilege escalation with window.open and
<isindex> element MFSA 2010-75 Buffer overflow while line breaking
after document.write with long string
MFSA 2010-74 Miscellaneous memory safety hazards (rv:1.9.2.13/ 1.9.1.16)

Also:
Fixes for a number of non-security-relevant crashes, increasing the
stability of the whole platform and the Mail & Newsgroups part of
SeaMonkey

Files:
RevisionActionfile
1.40.2.2modifypkgsrc/www/seamonkey/Makefile
1.55.2.2modifypkgsrc/www/seamonkey/distinfo