kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
pkgsrc/www/firefox
History
ghen 343a9aec48 Update www/firefox and www/firefox-gtk to 1.5.0.4, mail/thunderbird and 
mail/thunderbird-gtk1 to 1.5.0.4, and www/seamonkey, www/seamonkey-gtk1
and www/seamonkey-bin to 1.0.2 (salo has already updated www/firefox-bin).
Note that thunderbird skipped one release number (again) to stay on par
with firefox.

These updates provide:
* improvements to product stability,
* several important security fixes (see below).

Fixed in Firefox 1.5.0.4:
MFSA 2006-43 Privilege escalation using addSelectionListener
MFSA 2006-42 Web site XSS using BOM on UTF-8 pages
MFSA 2006-41 File stealing by changing input type (variant)
MFSA 2006-39 "View Image" local resource linking (Windows)
MFSA 2006-38 Buffer overflow in crypto.signText()
MFSA 2006-37 Remote compromise via content-defined setter on object prototypes
MFSA 2006-36 PLUGINSPAGE privileged JavaScript execution 2
MFSA 2006-35 Privilege escalation through XUL persist
MFSA 2006-34 XSS viewing javascript: frames or images from context menu
MFSA 2006-33 HTTP response smuggling
MFSA 2006-32 Fixes for crashes with potential memory corruption
MFSA 2006-31 EvalInSandbox escape (Proxy Autoconfig, Greasemonkey)

Fixed in Thunderbird 1.5.0.4:
MFSA 2006-42 Web site XSS using BOM on UTF-8 pages
MFSA 2006-40 Double-free on malformed VCard
MFSA 2006-38 Buffer overflow in crypto.signText()
MFSA 2006-37 Remote compromise via content-defined setter on object prototypes
MFSA 2006-35 Privilege escalation through XUL persist
MFSA 2006-33 HTTP response smuggling
MFSA 2006-32 Fixes for crashes with potential memory corruption
MFSA 2006-31 EvalInSandbox escape (Proxy Autoconfig, Greasemonkey)

Fixed in SeaMonkey 1.0.2:
MFSA 2006-43 Privilege escalation using addSelectionListener
MFSA 2006-42 Web site XSS using BOM on UTF-8 pages
MFSA 2006-41 File stealing by changing input type (variant)
MFSA 2006-40 Double-free on malformed VCard
MFSA 2006-39 "View Image" local resource linking (Windows)
MFSA 2006-38 Buffer overflow in crypto.signText()
MFSA 2006-37 Remote compromise via content-defined setter on object prototypes
MFSA 2006-35 Privilege escalation through XUL persist
MFSA 2006-34 XSS viewing javascript: frames or images from context menu
MFSA 2006-33 HTTP response smuggling
MFSA 2006-32 Fixes for crashes with potential memory corruption
MFSA 2006-31 EvalInSandbox escape (Proxy Autoconfig, Greasemonkey)
2006-06-03 08:04:36 +00:00
..
patches Update Firefox to 1.5.0.3, which is identical to our 1.5.0.2nb2 (except for the 2006-05-04 05:16:13 +00:00
buildlink3.mk Over 1200 files touched but no revisions bumped :) 2006-04-06 06:21:32 +00:00
DESCR
distinfo Update www/firefox and www/firefox-gtk to 1.5.0.4, mail/thunderbird and 2006-06-03 08:04:36 +00:00
hacks.mk Fixed pkglint warnings. The warnings are mostly quoting issues, for 2005-12-05 20:49:47 +00:00
INSTALL For the native firefox and mozilla packages, move the module/extension 2005-09-17 02:35:19 +00:00
Makefile Update Firefox to 1.5.0.3, which is identical to our 1.5.0.2nb2 (except for the 2006-05-04 05:16:13 +00:00
Makefile-firefox.common Update www/firefox and www/firefox-gtk to 1.5.0.4, mail/thunderbird and 2006-06-03 08:04:36 +00:00
Makefile.common Modify the pkginstall framework so that it manages all aspects of 2006-03-14 01:14:26 +00:00
PLIST Update to Firefox 1.5.0.1, a bug fix release for Firefox 1.5. 2006-02-05 14:46:31 +00:00