Path to this page:
Next | Query returned 2 messages, browsing 1 to 10 | previous
CVS Commit History:
2009-12-20 20:41:08 by S.P.Zeidler | Files touched by this commit (4) | |
Log message:
Pullup ticket 2953 - requested by tnn
security update
Revisions pulled up:
- pkgsrc/devel/xulrunner/Makefile by patch
- pkgsrc/devel/xulrunner/distinfo by patch
- pkgsrc/devel/xulrunner/mozilla-common.mk by patch
- pkgsrc/www/firefox/Makefile by patch
-------------------------------------------------------------------------
firefox-3.5.6 & xulrunner-1.9.1.6 fix the following vulnerabilities:
MFSA 2009-71 GeckoActiveXObject exception messages can be used to
enumerate installed COM objects
MFSA 2009-70 Privilege escalation via chrome window.opener
MFSA 2009-69 Location bar spoofing vulnerabilities
MFSA 2009-68 NTLM reflection vulnerability
MFSA 2009-67 Integer overflow, crash in libtheora video library
MFSA 2009-66 Memory safety fixes in liboggplay media library
MFSA 2009-65 Crashes with evidence of memory corruption
|
2009-10-28 19:13:24 by Matthias Scheler | Files touched by this commit (28) | |
Log message:
Pullup ticket #2923 - requested by tnn
xulrunner: security update
firefox: security update
Revisions pulled up:
- devel/xulrunner/Makefile 1.24-1.25
- devel/xulrunner/PLIST 1.17-1.18
- devel/xulrunner/distinfo 1.13-1.14
- devel/xulrunner/mozilla-common.mk 1.2
- devel/xulrunner/patches/patch-aa 1.2
- devel/xulrunner/patches/patch-aq 1.3
- devel/xulrunner/patches/patch-ay 1.1
- devel/xulrunner/patches/patch-mf 1.2
- devel/xulrunner/patches/patch-mn 1.2
- devel/xulrunner/patches/patch-nb delete
- devel/xulrunner/patches/patch-nc delete
- devel/xulrunner/patches/patch-pd 1.2
- devel/xulrunner/patches/patch-ra 1.1
- devel/xulrunner/patches/patch-rb 1.1
- devel/xulrunner/patches/patch-rc 1.1
- www/firefox/Makefile 1.60-1.61
- www/firefox/PLIST 1.39
- www/firefox/distinfo delete
- www/firefox/patches/patch-aa delete
- www/firefox/patches/patch-ao delete
- www/firefox/patches/patch-ma delete
- www/firefox/patches/patch-mi delete
- www/firefox/patches/patch-mk delete
- www/firefox/patches/patch-mm delete
- www/firefox/patches/patch-ra delete
- www/firefox/patches/patch-rb delete
- www/firefox/patches/patch-rc delete
---
Module Name: pkgsrc
Committed By: tnn
Date: Sun Oct 11 10:49:57 UTC 2009
Modified Files:
pkgsrc/devel/xulrunner: Makefile PLIST distinfo
pkgsrc/devel/xulrunner/patches: patch-aa
pkgsrc/www/firefox: Makefile
Added Files:
pkgsrc/devel/xulrunner/patches: patch-ay patch-ra patch-rb
patch-rc Removed Files:
pkgsrc/www/firefox: distinfo
pkgsrc/www/firefox/patches: patch-aa patch-ao patch-ma patch-mi
patch-mk patch-mm patch-ra patch-rb patch-rc
Log message:
- allow firefox and xulrunner to share some infrastructure
- install headers for plugin and liveconnect (needed by openjdk7-icedtea-plugin)
- bump revision for both packages
---
Module Name: pkgsrc
Committed By: tnn
Date: Wed Oct 28 11:36:36 UTC 2009
Modified Files:
pkgsrc/devel/xulrunner: Makefile PLIST distinfo
mozilla-common.mk pkgsrc/devel/xulrunner/patches: patch-aq patch-mf
patch-mn patch-pd pkgsrc/www/firefox: Makefile PLIST
Removed Files:
pkgsrc/devel/xulrunner/patches: patch-nb patch-nc
Log message:
Security and bugfix update of firefox (to 3.5.4) and xulrunner (to
1.9.1.4) Also fix broken DESTDIR support.
Fixes the following security issues:
MFSA 2009-64 Crashes with evidence of memory corruption (rv:1.9.1.4/
1.9.0.15) MFSA 2009-63 Upgrade media libraries to fix memory safety bugs
MFSA 2009-62 Download filename spoofing with RTL override
MFSA 2009-61 Cross-origin data theft through document.getSelection()
MFSA 2009-59 Heap buffer overflow in string to number conversion
MFSA 2009-57 Chrome privilege escalation in XPCVariant::VariantDataToJS
() MFSA 2009-56 Heap buffer overflow in GIF color map parser
MFSA 2009-55 Crash in proxy auto-configuration regexp parsing
MFSA 2009-54 Crash with recursive web-worker calls
MFSA 2009-53 Local downloaded file tampering
MFSA 2009-52 Form history vulnerable to stealing
|
Next | Query returned 2 messages, browsing 1 to 10 | previous