pkgsrc

kpriv/pkgsrc

Fork 0

Commit graph

Author	SHA1	Message	Date
ghen	343a9aec48	Update www/firefox and www/firefox-gtk to 1.5.0.4, mail/thunderbird and mail/thunderbird-gtk1 to 1.5.0.4, and www/seamonkey, www/seamonkey-gtk1 and www/seamonkey-bin to 1.0.2 (salo has already updated www/firefox-bin). Note that thunderbird skipped one release number (again) to stay on par with firefox. These updates provide: * improvements to product stability, * several important security fixes (see below). Fixed in Firefox 1.5.0.4: MFSA 2006-43 Privilege escalation using addSelectionListener MFSA 2006-42 Web site XSS using BOM on UTF-8 pages MFSA 2006-41 File stealing by changing input type (variant) MFSA 2006-39 "View Image" local resource linking (Windows) MFSA 2006-38 Buffer overflow in crypto.signText() MFSA 2006-37 Remote compromise via content-defined setter on object prototypes MFSA 2006-36 PLUGINSPAGE privileged JavaScript execution 2 MFSA 2006-35 Privilege escalation through XUL persist MFSA 2006-34 XSS viewing javascript: frames or images from context menu MFSA 2006-33 HTTP response smuggling MFSA 2006-32 Fixes for crashes with potential memory corruption MFSA 2006-31 EvalInSandbox escape (Proxy Autoconfig, Greasemonkey) Fixed in Thunderbird 1.5.0.4: MFSA 2006-42 Web site XSS using BOM on UTF-8 pages MFSA 2006-40 Double-free on malformed VCard MFSA 2006-38 Buffer overflow in crypto.signText() MFSA 2006-37 Remote compromise via content-defined setter on object prototypes MFSA 2006-35 Privilege escalation through XUL persist MFSA 2006-33 HTTP response smuggling MFSA 2006-32 Fixes for crashes with potential memory corruption MFSA 2006-31 EvalInSandbox escape (Proxy Autoconfig, Greasemonkey) Fixed in SeaMonkey 1.0.2: MFSA 2006-43 Privilege escalation using addSelectionListener MFSA 2006-42 Web site XSS using BOM on UTF-8 pages MFSA 2006-41 File stealing by changing input type (variant) MFSA 2006-40 Double-free on malformed VCard MFSA 2006-39 "View Image" local resource linking (Windows) MFSA 2006-38 Buffer overflow in crypto.signText() MFSA 2006-37 Remote compromise via content-defined setter on object prototypes MFSA 2006-35 Privilege escalation through XUL persist MFSA 2006-34 XSS viewing javascript: frames or images from context menu MFSA 2006-33 HTTP response smuggling MFSA 2006-32 Fixes for crashes with potential memory corruption MFSA 2006-31 EvalInSandbox escape (Proxy Autoconfig, Greasemonkey)	2006-06-03 08:04:36 +00:00
ghen	1e320db38d	Import Mozilla Seamonkey 1.0 from pkgsrc-wip (gtk2 version). Seamonkey is the community-driven continuation of the Mozilla Suite, which is no longer maintained by Mozilla.	2006-03-30 19:15:38 +00:00

Author

SHA1

Message

Date

ghen

343a9aec48

Update www/firefox and www/firefox-gtk to 1.5.0.4, mail/thunderbird and

mail/thunderbird-gtk1 to 1.5.0.4, and www/seamonkey, www/seamonkey-gtk1
and www/seamonkey-bin to 1.0.2 (salo has already updated www/firefox-bin).
Note that thunderbird skipped one release number (again) to stay on par
with firefox.

These updates provide:
* improvements to product stability,
* several important security fixes (see below).

Fixed in Firefox 1.5.0.4:
MFSA 2006-43 Privilege escalation using addSelectionListener
MFSA 2006-42 Web site XSS using BOM on UTF-8 pages
MFSA 2006-41 File stealing by changing input type (variant)
MFSA 2006-39 "View Image" local resource linking (Windows)
MFSA 2006-38 Buffer overflow in crypto.signText()
MFSA 2006-37 Remote compromise via content-defined setter on object prototypes
MFSA 2006-36 PLUGINSPAGE privileged JavaScript execution 2
MFSA 2006-35 Privilege escalation through XUL persist
MFSA 2006-34 XSS viewing javascript: frames or images from context menu
MFSA 2006-33 HTTP response smuggling
MFSA 2006-32 Fixes for crashes with potential memory corruption
MFSA 2006-31 EvalInSandbox escape (Proxy Autoconfig, Greasemonkey)

Fixed in Thunderbird 1.5.0.4:
MFSA 2006-42 Web site XSS using BOM on UTF-8 pages
MFSA 2006-40 Double-free on malformed VCard
MFSA 2006-38 Buffer overflow in crypto.signText()
MFSA 2006-37 Remote compromise via content-defined setter on object prototypes
MFSA 2006-35 Privilege escalation through XUL persist
MFSA 2006-33 HTTP response smuggling
MFSA 2006-32 Fixes for crashes with potential memory corruption
MFSA 2006-31 EvalInSandbox escape (Proxy Autoconfig, Greasemonkey)

Fixed in SeaMonkey 1.0.2:
MFSA 2006-43 Privilege escalation using addSelectionListener
MFSA 2006-42 Web site XSS using BOM on UTF-8 pages
MFSA 2006-41 File stealing by changing input type (variant)
MFSA 2006-40 Double-free on malformed VCard
MFSA 2006-39 "View Image" local resource linking (Windows)
MFSA 2006-38 Buffer overflow in crypto.signText()
MFSA 2006-37 Remote compromise via content-defined setter on object prototypes
MFSA 2006-35 Privilege escalation through XUL persist
MFSA 2006-34 XSS viewing javascript: frames or images from context menu
MFSA 2006-33 HTTP response smuggling
MFSA 2006-32 Fixes for crashes with potential memory corruption
MFSA 2006-31 EvalInSandbox escape (Proxy Autoconfig, Greasemonkey)

2006-06-03 08:04:36 +00:00

ghen

1e320db38d

Import Mozilla Seamonkey 1.0 from pkgsrc-wip (gtk2 version). Seamonkey is

the community-driven continuation of the Mozilla Suite, which is no longer
maintained by Mozilla.

2006-03-30 19:15:38 +00:00

2 commits