MFSA 2006-76 XSS using outer window's Function object
MFSA 2006-75 RSS Feed-preview referrer leak
MFSA 2006-73 Mozilla SVG Processing Remote Code Execution
MFSA 2006-72 XSS by setting img.src to javascript: URI
MFSA 2006-71 LiveConnect crash finalizing JS objects
MFSA 2006-70 Privilege escallation using watch point
MFSA 2006-68 Crashes with evidence of memory corruption (rv:1.8.0.9/1.8.1.1)
For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.1/releasenotes/
- Added ability to read/write MIE trailers in JPEG and TIFF images
- Added Nikon ImageAuthentication tag (thanks Jeffrey Friedl)
- API Changes:
- GetFileType() may now also be used to return a file description
MFSA 2006-74 Mail header processing heap overflows
MFSA 2006-73 Mozilla SVG Processing Remote Code Execution
MFSA 2006-72 XSS by setting img.src to javascript: URI
MFSA 2006-71 LiveConnect crash finalizing JS objects
MFSA 2006-70 Privilege escallation using watch point
MFSA 2006-68 Crashes with evidence of memory corruption (rv:1.8.0.9/1.8.1.1)
For more info, see http://www.mozilla.org/projects/seamonkey/releases/seamonkey1.0.7/README.html
MFSA 2006-74 Mail header processing heap overflows
MFSA 2006-73 Mozilla SVG Processing Remote Code Execution
MFSA 2006-72 XSS by setting img.src to javascript: URI
MFSA 2006-71 LiveConnect crash finalizing JS objects
MFSA 2006-70 Privilege escallation using watch point
MFSA 2006-68 Crashes with evidence of memory corruption (rv:1.8.0.9/1.8.1.1)
For more info, see http://www.mozilla.com/en-US/thunderbird/releases/1.5.0.9.html
MFSA 2006-75 RSS Feed-preview referrer leak
MFSA 2006-73 Mozilla SVG Processing Remote Code Execution
MFSA 2006-72 XSS by setting img.src to javascript: URI
MFSA 2006-71 LiveConnect crash finalizing JS objects
MFSA 2006-70 Privilege escallation using watch point
MFSA 2006-68 Crashes with evidence of memory corruption (rv:1.8.0.9/1.8.1.1)
For more info, see http://www.mozilla.com/en-US/firefox/releases/1.5.0.9.html
Don't add ${X11BASE}/bin to PATH, don't include mk/x11.buildlink3.mk
when USE_X11BASE is set and don't use BUILDLINK_X11_DIR and related
magic.
OKed by wiz@
Changes:
This release of Opera introduces Fraud Protection.
Changes Since Opera 9.02
User interface
* Fixed handling of access keys on Web pages with frames.
* Mail, messaging, and newsfeeds
* Fixed an instability connected with delayed entry of the Master password.
* Deleting of newsfeeds in the panel now both unsubscribes and deletes.
Display and scripting
* Improved performance for elements with both :focus and :hover.
* Fixed an issue with opacity on links that have images nested within them.
Security
* New Fraud Protection feature (a phishing filter).
* Changed Wand data to a new format. The upgrade to this new format
is not reversible.
Miscellaneous
* Multiple stability issues solved, including crashes on Gmail and Google Maps.
* Changed the Mozilla User Agent string to include Firefox identification.
* Improved handling of Web site logins on slow connections.
* Cancellation of torrent downloads now functions as expected.
UNIX-specific changes
* Fixed smooth scrolling.
* Flash 9 beta support for Linux.
* Implemented support for Linux plug-ins on FreeBSD.
* When masking as Internet Explorer, the platform is masked as Windows XP.
* Fixed an issue where floating point numbers were treated as integers
on some Linux systems.
This are the default rules used by imake. Platforms other than
DragonFly, FreeBSD, Linux and NetBSD will most likely want some work
here.
OK for import during freeze: agc@ and wiz@
0.8.4:
A long overdue release, which adds support for .ABC and .MID files,
as well as security patch [CVE-2006-4192], and a few small cleanups.
0.8:
This new release contains endianess fixes, and changes that other
projects (which make use of this library) have deemed necessary
for the libraries use. Due to the long time since the previous
release, there may have been more contributers than is listed.
This package fails in bulk builds up to at least NetBSD-3.1;
but I can build it on 4.99.6. Assume curses in NetBSD-2* and NetBSD-3*
are not good enough. Feel free to make the selection more specific.
2.16.4 Stuff:
- Fix for a recently reported security issue that has ID
CVE-2006-6105. This fixes a problem where a user can
enter strings like "%08x" into the gdmchooser "Add"j
host button and print out memory. (Brian Cameron)
- Fix for TryExec check in gdmsession to make sure that any
arguments are not passed to g_find_program_in_path since
this causes the function to say it is not executable.
(Brian Cameron)
- Translation updates (Runa Bhattacharjee, Josep Puigdemont
i Casamaj\303\263, Laurent Dhima, I. Felix, David Lodge,
Ani Peter, Rajesh Ranjan, Clytie Siddall, Vincent van
Adrighem)
2.16.3 Stuff:
- Now support altfile[n] propery to cater for alternative
image file definition. (Erwann Chenede)
- Fix custom lists so that focus does not ever leave the
username/password entry field. (Brian Cameron)
- Update to make casting more clear in PAM logic. This fixes a
bug where the Kerberos PAM module was sending multiple error
messages and GDM was not processing them properly.
(Brian Cameron)
- Add X_EXTRA_LIBS and X_LIBS to utils/Makefile when building
gdm-dmx-reconnect-proxy to fix bug #368808. (Brian Cameron)
- Translation updates (Djihed Afifi, Wouter Bolsterlee, Luca
Ferretti, Pema Geyleg, Priit Laes, Duarte Loreto, Christophe
Merlet, Jovan Naumovski, Daniel Nylander, Ankit Patel, Ignacio
Casal Quinteiro, Satoru SATOH, Francisco Javier F. Serrador,
Alexander Shopov, Ilkka Tuohela)
2.16.2 Stuff:
- Now support for "combo" style lists, and id values of "session"
and "language" are supported for displaying the session/language
lists as drop-down combos. (Brian Cameron). For example:
<item type="list" id="language" combo="true">
<pos x="25" y="10" height="40" width="300"/>
</item>
<item type="list" id="session" combo="true">
<pos x="50" y="10" height="40" width="300"/>
</item>
- Now OK/Start Again buttons are sensitive/insensitive in a more
sensible way for both gdmlogin and gdmgreeter (if GTK style buttons
are used in gdmgreeter). (Brian Cameron)
- Face Browser widget and background rectangle (for gdmgreeter)
is not shown if there are no users to display. (Brian Cameron)
- Help button now enabled in gdmphotosetup. (Matthias Clasen)
- Fix so that if timed user script returns an invalid user that
timed login is not turned on. (Andrew)
- Fix bug that was causing %t to be expanded improperly when
used in the timed login label. (Brian Cameron)
- Set authdir to NULL after freeing to avoid accessing an invalid
pointer. Fixes bug #359831. (Amnon Aaronsohn)
- Leaks fixed. (Kjartan Maraas)
- Translation updates (Abel Cheung, Priit Laes, Daniel Nylander)
