---
- branch: MAIN
  date: Wed Jul 21 16:55:34 UTC 2010
  files:
  - new: '1.23'
    old: '1.22'
    path: pkgsrc/devel/xulrunner/PLIST
    pathrev: pkgsrc/devel/xulrunner/PLIST@1.23
    type: modified
  - new: '1.12'
    old: '1.11'
    path: pkgsrc/devel/xulrunner/dist.mk
    pathrev: pkgsrc/devel/xulrunner/dist.mk@1.12
    type: modified
  - new: '1.34'
    old: '1.33'
    path: pkgsrc/devel/xulrunner/distinfo
    pathrev: pkgsrc/devel/xulrunner/distinfo@1.34
    type: modified
  - new: '0'
    old: '1.1'
    path: pkgsrc/devel/xulrunner/patches/patch-bc
    pathrev: pkgsrc/devel/xulrunner/patches/patch-bc@0
    type: deleted
  - new: '1.4'
    old: '1.3'
    path: pkgsrc/devel/xulrunner/patches/patch-mp
    pathrev: pkgsrc/devel/xulrunner/patches/patch-mp@1.4
    type: modified
  id: 20100721T165534Z.357c833da27cdc43dcf08331357477a7670ed700
  log: |
    firefox-3.6.7 / xulrunner-1.9.2.7 security update.

    MFSA 2010-47 Cross-origin data leakage from script filename in error messages
    MFSA 2010-46 Cross-domain data theft using CSS
    MFSA 2010-45 Multiple location bar spoofing vulnerabilities
    MFSA 2010-44 Characters mapped to U+FFFD in 8 bit encodings cause subsequent
                 character to vanish
    MFSA 2010-43 Same-origin bypass using canvas context
    MFSA 2010-42 Cross-origin data disclosure via Web Workers and importScripts
    MFSA 2010-41 Remote code execution using malformed PNG image
    MFSA 2010-40 nsTreeSelection dangling pointer remote code execution
    MFSA 2010-39 nsCSSValue::Array index integer overflow
    MFSA 2010-38 Arbitrary code execution using SJOW and fast native function
    MFSA 2010-37 Plugin parameter EnsureCachedAttrParamArrays remote code execution
    MFSA 2010-36 Use-after-free error in NodeIterator
    MFSA 2010-35 DOM attribute cloning remote code execution vulnerability
    MFSA 2010-34 Miscellaneous memory safety hazards (rv:1.9.2.7/ 1.9.1.11)
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/devel/xulrunner'
  unixtime: '1279731334'
  user: tnn