the static and tests options. PLIST is handled accordingly for the static
option, which switches between static and dynamically linked libraries.
Handle buildlink3.mk appropriately for static build. Comment patch.
From ChangeLog:
from ucommon 6.0.4 to 6.0.5
- additional constructors to pass pre-allocated memory
from ucommon 6.0.3 to 6.0.4
- fix for address list comparison issue
* Fix build on DragonFly 3.4.1 and 3.5-DEVELOPMENT.
Use newer bootstrap binary for DragonFly.
* DragonFly 3.5 switches to FreeBSD style math.h.
Add conditional.
I have no idea about build on very recent DragonFly 3.5.
* On NetBSD WebRTC support is disabled, because libxul.so has some errors
in link stage. WebRTC support should be tested on non-NetBSD platforms.
* It seems that OSS sound support is not working properly on NetBSD.
Changelog:
NEW
WebRTC is now enabled by default!
NEW
Windows: Firefox now follows display scaling options to render text larger on high-res displays
NEW
Mac OS X: Download progress in Dock application icon
NEW
HTML5 audio/video playback rate can now be changed
NEW
Social services management implemented in Add-ons Manager
NEW
asm.js optimizations (OdinMonkey) enabled for major performance improvements
CHANGED
Improved WebGL rendering performance through asynchronous canvas updates
CHANGED
Plain text files displayed within Firefox will now word-wrap
CHANGED
For user security, the |Components| object is no longer accessible from web content
CHANGED
Pointer Lock API can now be used outside of fullscreen
DEVELOPER
CSS3 Flexbox implemented and enabled by default
DEVELOPER
New Web Notifications API implemented
DEVELOPER
Added clipboardData API for JavaScript access to a user's clipboard
DEVELOPER
New built-in font inspector
HTML5
New HTML5 <data> and <time> elements
FIXED
Various security fixes
FIXED
Scrolling using some high-resolution-scroll aware touchpads feels slow (829952)
Fixed in Firefox 22
MFSA 2013-62 Inaccessible updater can lead to local privilege escalation
MFSA 2013-61 Homograph domain spoofing in .com, .net and .name
MFSA 2013-60 getUserMedia permission dialog incorrectly displays location
MFSA 2013-59 XrayWrappers can be bypassed to run user defined methods in a privileged context
MFSA 2013-58 X-Frame-Options ignored when using server push with multi-part responses
MFSA 2013-57 Sandbox restrictions not applied to nested frame elements
MFSA 2013-56 PreserveWrapper has inconsistent behavior
MFSA 2013-55 SVG filters can lead to information disclosure
MFSA 2013-54 Data in the body of XHR HEAD requests leads to CSRF attacks
MFSA 2013-53 Execution of unmapped memory through onreadystatechange event
MFSA 2013-52 Arbitrary code execution within Profiler
MFSA 2013-51 Privileged content access and execution via XBL
MFSA 2013-50 Memory corruption found using Address Sanitizer
MFSA 2013-49 Miscellaneous memory safety hazards (rv:22.0 / rv:17.0.7)
https://bitbucket.org/arakiken/mlterm/commits/c8814173cb051b32ce1d1b440b4033bd0
bba567d#chg-xwindow/fb/x_display.c
> fb/x_display.c: get_ps2_kcode() is added to convert usb keycode
> to ps2 keycode for iBus on NetBSD/OpenBSD framebuffer.
This makes ibus inputmethod usable with USB keyboard on mlterm-fb.
Bump PKGREVISION.
Version 0.11
~~~~~~~~~~~~
Released on 2013-06-13.
* Add Python 3.3 support (requires Flask >= 0.10 and Werkzeug >= 0.9)
* Drop Python 2.5 support
* Fix `#30 <https://github.com/SimonSapin/Frozen-Flask/issues/30>`_:
:func:`relative_url_for` with a query string or URL fragment.
Fixed issues:
* Server-Side Request Forgery (SSRF) via the HTTP API. CVE-2013-2199.
* Privilege Escalation: Contributors can publish posts, and users can reassign authorship. CVE-2013-2200.
* Cross-Site Scripting (XSS) in SWFUpload. CVE-2013-2205.
* Denial of Service (DoS) via Post Password Cookies. CVE-2013-2173.
* Content Spoofing via Flash Applet in TinyMCE Media Plugin. CVE-2013-2204.
* Cross-Site Scripting (XSS) when Uploading Media. CVE-2013-2201.
* Full Path Disclosure (FPD) during File Upload. CVE-2013-2203.
* Cross-Site Scripting (XSS) (Low Severity) when Editing Media. CVE-2013-2201.
* Cross-Site Scripting (XSS) (Low Severity) when Installing/Updating Plugins/Themes. CVE-2013-2201.
* XML External Entity Injection (XXE) via oEmbed. CVE-2013-2202.
