Subject: CVS commit: [pkgsrc-2018Q1] pkgsrc/www/firefox52
From: S.P.Zeidler
Date: 2018-06-17 22:22:18
Message id: 20180617202218.D4DBAFBEC@cvs.NetBSD.org
Log Message:
Pullup ticket #5767 - requested by bsiegert
www/firefox52: security update

Revisions pulled up:
- www/firefox52/Makefile                                        1.23
- www/firefox52/distinfo                                        1.14

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   ryoon
   Date:           Fri Jun  1 19:43:40 UTC 2018

   Modified Files:
           pkgsrc/www/firefox52: Makefile distinfo

   Log Message:
   Update to 52.8.0

   Changelog:
       Various security fixes

       Various stability and regression fixes

       Performance improvements to the Safe Browsing service to avoid
         slowdowns while updating site classification data

   Security fixes:
   #CVE-2018-5183: Backport critical security fixes in Skia
   #CVE-2018-5154: Use-after-free with SVG animations and clip paths
   #CVE-2018-5155: Use-after-free with SVG animations and text paths
   #CVE-2018-5157: Same-origin bypass of PDF Viewer to view protected PDF files
   #CVE-2018-5158: Malicious PDF can inject JavaScript into PDF Viewer
   #CVE-2018-5159: Integer overflow and out-of-bounds write in Skia
   #CVE-2018-5168: Lightweight themes can be installed without user interaction
   #CVE-2018-5174: Windows Defender SmartScreen UI runs with less secure behavior
    for downloaded files in Windows 10 April 2018 Update
   #CVE-2018-5178: Buffer overflow during UTF-8 to Unicode string conversion
    through legacy extension
   #CVE-2018-5150: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8

   To generate a diff of this commit:
   cvs rdiff -u -r1.22 -r1.23 pkgsrc/www/firefox52/Makefile
   cvs rdiff -u -r1.13 -r1.14 pkgsrc/www/firefox52/distinfo
Files:
RevisionActionfile
1.20.2.1modifypkgsrc/www/firefox52/Makefile
1.13.2.1modifypkgsrc/www/firefox52/distinfo