Path to this page:
Next | Query returned 1 messages, browsing 1 to 10 | previous
CVS Commit History:
2017-06-13 21:11:21 by Benny Siegert | Files touched by this commit (5) |
Log message:
Pullup ticket #5476 - requested by khorben
www/firefox45: security fix
Revisions pulled up:
- www/firefox45-l10n/Makefile 1.10
- www/firefox45-l10n/distinfo 1.11
- www/firefox45/Makefile 1.25-1.27
- www/firefox45/distinfo 1.14
- www/firefox45/mozilla-common.mk 1.7
---
Module Name: pkgsrc
Committed By: ryoon
Date: Wed May 10 14:13:26 UTC 2017
Modified Files:
pkgsrc/www/firefox45: Makefile distinfo
Log message:
Update to 45.9.0
Changelog:
Security fixes:
#CVE-2017-5433: Use-after-free in SMIL animation functions
#CVE-2017-5435: Use-after-free during transaction processing in the editor
#CVE-2017-5436: Out-of-bounds write with malicious font in Graphite 2
#CVE-2017-5461: Out-of-bounds write in Base64 encoding in NSS
#CVE-2017-5459: Buffer overflow in WebGL
#CVE-2017-5434: Use-after-free during focus handling
#CVE-2017-5432: Use-after-free in text input selection
#CVE-2017-5460: Use-after-free in frame selection
#CVE-2017-5438: Use-after-free in nsAutoPtr during XSLT processing
#CVE-2017-5439: Use-after-free in nsTArray Length() during XSLT processing
#CVE-2017-5440: Use-after-free in txExecutionState destructor during
XSLT processing
#CVE-2017-5441: Use-after-free with selection during scroll events
#CVE-2017-5442: Use-after-free during style changes
#CVE-2017-5464: Memory corruption with accessibility and DOM manipulation
#CVE-2017-5443: Out-of-bounds write during BinHex decoding
#CVE-2017-5444: Buffer overflow while parsing
application/http-index-format content
#CVE-2017-5446: Out-of-bounds read when HTTP/2 DATA frames are sent
with incorrect data
#CVE-2017-5447: Out-of-bounds read during glyph processing
#CVE-2017-5465: Out-of-bounds read in ConvolvePixel
#CVE-2017-5448: Out-of-bounds write in ClearKeyDecryptor
#CVE-2016-10196: Vulnerabilities in Libevent library
#CVE-2017-5469: Potential Buffer overflow in flex-generated code
#CVE-2017-5445: Uninitialized values used while parsing
application/http-index-format content
#CVE-2017-5462: DRBG flaw in NSS
#CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR
45.9, and Firefox ESR 52.1
---
Module Name: pkgsrc
Committed By: ryoon
Date: Wed May 10 14:14:41 UTC 2017
Modified Files:
pkgsrc/www/firefox45-l10n: Makefile distinfo
Log message:
Update to 45.9.0
* Sync with firefox45-45.9.0
---
Module Name: pkgsrc
Committed By: khorben
Date: Fri May 12 20:21:27 UTC 2017
Modified Files:
pkgsrc/www/firefox45: Makefile
Log message:
Register more binaries as not safe for PaX mprotect
This also reflects the current situation in www/firefox.
Bumps PKGREVISION.
---
Module Name: pkgsrc
Committed By: khorben
Date: Sat May 13 02:34:30 UTC 2017
Modified Files:
pkgsrc/www/firefox45: Makefile mozilla-common.mk
Log message:
Add dependency to multimedia/ffmpeg3
This fixes audio and H.264 support. From ryoon@ originally, on 46.0nb1 at
the time.
"commit" maya@
|
Next | Query returned 1 messages, browsing 1 to 10 | previous