kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
100091 commits 166 branches 0 tags 1.5 GiB
Commit graph

9 commits

Author SHA1 Message Date
ghen
cb97dc4347 Add some additional headers introduced with ff1504/tb1504/sm102. Not worth 
bumping PKGREVISION for.
 2006-06-07 15:23:21 +00:00
ghen
343a9aec48 Update www/firefox and www/firefox-gtk to 1.5.0.4, mail/thunderbird and 
mail/thunderbird-gtk1 to 1.5.0.4, and www/seamonkey, www/seamonkey-gtk1
and www/seamonkey-bin to 1.0.2 (salo has already updated www/firefox-bin).
Note that thunderbird skipped one release number (again) to stay on par
with firefox.

These updates provide:
* improvements to product stability,
* several important security fixes (see below).

Fixed in Firefox 1.5.0.4:
MFSA 2006-43 Privilege escalation using addSelectionListener
MFSA 2006-42 Web site XSS using BOM on UTF-8 pages
MFSA 2006-41 File stealing by changing input type (variant)
MFSA 2006-39 "View Image" local resource linking (Windows)
MFSA 2006-38 Buffer overflow in crypto.signText()
MFSA 2006-37 Remote compromise via content-defined setter on object prototypes
MFSA 2006-36 PLUGINSPAGE privileged JavaScript execution 2
MFSA 2006-35 Privilege escalation through XUL persist
MFSA 2006-34 XSS viewing javascript: frames or images from context menu
MFSA 2006-33 HTTP response smuggling
MFSA 2006-32 Fixes for crashes with potential memory corruption
MFSA 2006-31 EvalInSandbox escape (Proxy Autoconfig, Greasemonkey)

Fixed in Thunderbird 1.5.0.4:
MFSA 2006-42 Web site XSS using BOM on UTF-8 pages
MFSA 2006-40 Double-free on malformed VCard
MFSA 2006-38 Buffer overflow in crypto.signText()
MFSA 2006-37 Remote compromise via content-defined setter on object prototypes
MFSA 2006-35 Privilege escalation through XUL persist
MFSA 2006-33 HTTP response smuggling
MFSA 2006-32 Fixes for crashes with potential memory corruption
MFSA 2006-31 EvalInSandbox escape (Proxy Autoconfig, Greasemonkey)

Fixed in SeaMonkey 1.0.2:
MFSA 2006-43 Privilege escalation using addSelectionListener
MFSA 2006-42 Web site XSS using BOM on UTF-8 pages
MFSA 2006-41 File stealing by changing input type (variant)
MFSA 2006-40 Double-free on malformed VCard
MFSA 2006-39 "View Image" local resource linking (Windows)
MFSA 2006-38 Buffer overflow in crypto.signText()
MFSA 2006-37 Remote compromise via content-defined setter on object prototypes
MFSA 2006-35 Privilege escalation through XUL persist
MFSA 2006-34 XSS viewing javascript: frames or images from context menu
MFSA 2006-33 HTTP response smuggling
MFSA 2006-32 Fixes for crashes with potential memory corruption
MFSA 2006-31 EvalInSandbox escape (Proxy Autoconfig, Greasemonkey)
 2006-06-03 08:04:36 +00:00
wiz
375b5e4933 More PKGREVISION bumps for png-1.2.9nb2 update. 2006-04-17 14:52:10 +00:00
wiz
02f8f7c52d Bump BUILDLINK_ABI_DEPENDS.png and PKGREVISION for png-1.2.9nb2 update. 2006-04-17 13:45:57 +00:00
ghen
39472be442 Update the Seamonkey packages to 1.0.1. 
Seamonkey 1.0.1 offers improved stability, and several security fixes:

MFSA 2006-29 Spoofing with translucent windows (pkgsrc vulnid. 1818)
MFSA 2006-28 Security check of js_ValueToFunctionObject() can be circumvented (vulnid. 1819)
MFSA 2006-26 Mail Multiple Information Disclosure
MFSA 2006-25 Privilege escalation through Print Preview (vulnid. 1820)
MFSA 2006-24 Privilege escalation using crypto.generateCRMFRequest (vulnid. 1821)
MFSA 2006-23 File stealing by changing input type (vulnid. 1822)
MFSA 2006-22 CSS Letter-Spacing Heap Overflow Vulnerability (vulnid. 1823)
MFSA 2006-20 Crashes with evidence of memory corruption (rv:1.8.0.2) (vulnid. 1824)

For a detailed ChangeLog, see:
http://www.mozilla.org/projects/seamonkey/releases/seamonkey1.0.1/changelog.html
 2006-04-15 08:36:04 +00:00
rillig
96fc47c14f Aligned the last line of the buildlink3.mk files with the first line, so 
that they look nicer.
 2006-04-12 10:26:59 +00:00
reed
d2b5c9797e Change BUILDLINK_DEPENDS.pkg to BUILDLINK_API_DEPENDS.pkg. 
I misssed this in my huge commit earlier.

Also remove the redundant BUILDLINK_ABI_DEPENDS because had same
dependency.
 2006-04-06 18:26:38 +00:00
ghen
52c66b2788 Import Mozilla Seamonkey 1.0 from pkgsrc-wip (gtk1 version). Seamonkey is 
the community-driven continuation of the Mozilla Suite, which is no longer
maintained by Mozilla.
 2006-03-30 19:17:16 +00:00
ghen
54a9d573f3 Import Mozilla Seamonkey 1.0 from pkgsrc-wip (gtk1 version). Seamonkey is 
the community-driven continuation of the Mozilla Suite, which is no longer
maintained by Mozilla.
 2006-03-30 19:16:24 +00:00