Log Message:
Pullup ticket #5655 - requested by khorben
www/firefox52: security fix
www/firefox52-l10n: update

Revisions pulled up:
- www/firefox52-l10n/Makefile                                   1.7
- www/firefox52-l10n/distinfo                                   1.7
- www/firefox52/Makefile                                        1.11
- www/firefox52/distinfo                                        1.9

---
   Module Name:	pkgsrc
   Committed By:	ryoon
   Date:		Fri Nov 17 00:19:01 UTC 2017

   Modified Files:
   	pkgsrc/www/firefox52: Makefile distinfo

   Log Message:
   Update to 52.5.0

   Changelog:
   Security fixes:
   #CVE-2017-7828: Use-after-free of PressShell while restyling layout

   Reporter
       Nils
   Impact
       critical

   Description

   A use-after-free vulnerability can occur when flushing and resizing
   layout because the PressShell object has been freed while still
   in use. This results in a potentially exploitable crash during
   these operations.

   References

       Bug 1406750
       Bug 1412252

   #CVE-2017-7830: Cross-origin URL information leak through Resource
   Timing API

   Reporter
       Jun Kokatsu
   Impact
       high

   Description

   The Resource Timing API incorrectly revealed navigations in cross-origin
   iframes. This is a same-origin policy violation and could allow for
   data theft of URLs loaded by users.

   References

       Memory safety bugs fixed in Firefox 57

   #CVE-2017-7826: Memory safety bugs fixed in Firefox 57 and Firefox ESR 52.5

   Reporter
       Mozilla developers and community
   Impact
       critical

   Description

   Mozilla developers and community members Christian Holler, David
   Keeler, Jon Coppeard, Julien Cristau, Jan de Mooij, Jason Kratzer,
   Philipp, Nicholas Nethercote, Oriol Brufau, André Bargull, Bob Clary,
   Jet Villegas, Randell Jesup, Tyson Smith, Gary Kwong, and Ryan VanderMeulen
   reported memory safety bugs present in Firefox 56 and Firefox ESR 52.4.
   Some of these bugs showed evidence of memory corruption and we presume
   that with enough effort that some of these could be exploited to
   run arbitrary code.

   References

       Memory safety bugs fixed in Firefox 57 and Firefox ESR 52.5

---
   Module Name:	pkgsrc
   Committed By:	ryoon
   Date:		Fri Nov 17 00:53:53 UTC 2017

   Modified Files:
   	pkgsrc/www/firefox52-l10n: Makefile distinfo

   Log Message:
   Update to 52.5.0

   * Sync with www/firefox52-52.5.0