Navigation:
Browse pkgsrc
(this page) 2009-06-14 12:59:44 by S.P.Zeidler | Files touched by this commit (3) |  |
Log message:
Pullup ticket 2796 - requested by tron
Security update
Revisions pulled up:
- pkgsrc/www/firefox3/Makefile 1.33
- pkgsrc/www/firefox3/PLIST 1.9
- pkgsrc/www/firefox3/distinfo 1.25
Module Name: pkgsrc
Committed By: tron
Date: Fri Jun 12 10:08:28 UTC 2009
Modified Files:
pkgsrc/www/firefox3: Makefile PLIST distinfo
Log message:
Update "firefox3" package to version 3.0.11. Changes since version \
3.0.10:
- Fixed several security issues:
MFSA 2009-32 JavaScript chrome privilege escalation
MFSA 2009-31 XUL scripts bypass content-policy checks
MFSA 2009-30 Incorrect principal set for file: resources loaded via
location bar
MFSA 2009-29 Arbitrary code execution using event listeners attached
to an element whose owner document is null
MFSA 2009-28 Race condition while accessing the private data of a
NPObject JS wrapper class object
MFSA 2009-27 SSL tampering via non-200 responses to proxy
CONNECT requests
MFSA 2009-26 Arbitrary domain cookie access by local file: resources
MFSA 2009-25 URL spoofing with invalid unicode characters
MFSA 2009-24 Crashes with evidence of memory corruption (rv:1.9.0.11)
- Fixed several stability issues.
- Several issues were reported with the internal database, SQLite, which
have now been fixed by upgrading to a newer version.
- Fixed an issue where, in some specific cases, the bookmarks database
would become corrupt. (bug 464486)
To generate a diff of this commit:
cvs rdiff -u -r1.32 -r1.33 pkgsrc/www/firefox3/Makefile
cvs rdiff -u -r1.8 -r1.9 pkgsrc/www/firefox3/PLIST
cvs rdiff -u -r1.24 -r1.25 pkgsrc/www/firefox3/distinfo
|
| 2009-04-28 12:47:59 by Matthias Scheler | Files touched by this commit (2) | |
Log message: Pullup ticket #2750 - requested by tnn firefox3: security update Revisions pulled up: - www/firefox3/Makefile 1.31 - www/firefox3/distinfo 1.24 --- Module Name: pkgsrc Committed By: tnn Date: Tue Apr 28 09:14:25 UTC 2009 Modified Files: pkgsrc/www/firefox3: Makefile distinfo Log message: Update to Firefox 3.0.10. Fixes a botched security fix from 3.0.9 which may result in crashes if certain addons are installed. (mfsa2009-23) |
| 2009-04-23 00:08:43 by Matthias Scheler | Files touched by this commit (2) | |
Log message:
Pullup ticket #2746 - requested by tnn
firefox3: security update
Revisions pulled up:
- www/firefox3/Makefile 1.30
- www/firefox3/distinfo 1.23
---
Module Name: pkgsrc
Committed By: tnn
Date: Wed Apr 22 18:15:05 UTC 2009
Modified Files:
pkgsrc/www/firefox3: Makefile distinfo
Log message:
Update to firefox3-3.0.9.
- Fixed several security issues:
MFSA 2009-22 Firefox allows Refresh header to redirect to javascript: URIs
MFSA 2009-21 POST data sent to wrong site when saving web page with
embedded frame
MFSA 2009-20 Malicious search plugins can inject code into arbitrary sites
MFSA 2009-19 Same-origin violations in XMLHttpRequest and
XPCNativeWrapper.toString
MFSA 2009-18 XSS hazard using third-party stylesheets and XBL bindings
MFSA 2009-17 Same-origin violations when Adobe Flash loaded via
view-source: scheme
MFSA 2009-16 jar: scheme ignores the content-disposition: header
on the inner URI
MFSA 2009-15 URL spoofing with box drawing character
MFSA 2009-14 Crashes with evidence of memory corruption (rv:1.9.0.9)
- Fixed several stability issues.
- Many users experienced an issue where a corrupt local database caused
Firefox to "lose" its stored cookies. (bug 470578)
- Fixed an issue where, starting with Firefox 3.0.7, inline image
attachments on popular webmail services (like AOL and AIM) would not
display. (bug 482659)
- Large forms would sometimes take a long time to submit. (bug 426991)
- In certain cases, new windows would not have proper focus. (bug 446568)
|
New packages: