Now
pkgsrc-2012Q4 commitmail json YAML
pkgsrc/devel/xulrunner/dist.mk@1.39.2.1
/
diff
pkgsrc/devel/xulrunner/distinfo@1.87.2.1 / diff
pkgsrc/devel/xulrunner/patches/patch-ipc_chromium_src_base_debug__util__posix.cc@1.1.4.1 / diff
pkgsrc/devel/xulrunner/distinfo@1.87.2.1 / diff
pkgsrc/devel/xulrunner/patches/patch-ipc_chromium_src_base_debug__util__posix.cc@1.1.4.1 / diff
Apply patch submitted by Ryo ONODERA in ticket #4010:
Update "firefox" and "xulrunner" package to version 17.0.2. This fixes
the following security vulnerabilities:
- MFSA 2013-20 Mis-issued TURKTRUST certificates
- MFSA 2013-19 Use-after-free in Javascript Proxy objects
- MFSA 2013-18 Use-after-free in Vibrate
- MFSA 2013-17 Use-after-free in ListenerManager
- MFSA 2013-16 Use-after-free in serializeToStream
- MFSA 2013-15 Privilege escalation through plugin objects
- MFSA 2013-14 Chrome Object Wrapper (COW) bypass through changing prototype
- MFSA 2013-13 Memory corruption in XBL with XML bindings containing SVG
- MFSA 2013-12 Buffer overflow in Javascript string concatenation
- MFSA 2013-11 Address space layout leaked in XBL objects
- MFSA 2013-10 Event manipulation in plugin handler to bypass same-origin
policy
- MFSA 2013-09 Compartment mismatch with quickstubs returned values
- MFSA 2013-08 AutoWrapperChanger fails to keep objects alive during
garbage collection
- MFSA 2013-07 Crash due to handling of SSL on threads
- MFSA 2013-05 Use-after-free when displaying table with many columns and
column groups
- MFSA 2013-04 URL spoofing in addressbar during page loads
- MFSA 2013-03 Buffer Overflow in Canvas
- MFSA 2013-02 Use-after-free and buffer overflow issues found using
Address Sanitizer
- MFSA 2013-01 Miscellaneous memory safety hazards (rv:18.0/
rv:10.0.12 / rv:17.0.2)
- MFSA 2012-98 Firefox installer DLL hijacking
Update "firefox" and "xulrunner" package to version 17.0.2. This fixes
the following security vulnerabilities:
- MFSA 2013-20 Mis-issued TURKTRUST certificates
- MFSA 2013-19 Use-after-free in Javascript Proxy objects
- MFSA 2013-18 Use-after-free in Vibrate
- MFSA 2013-17 Use-after-free in ListenerManager
- MFSA 2013-16 Use-after-free in serializeToStream
- MFSA 2013-15 Privilege escalation through plugin objects
- MFSA 2013-14 Chrome Object Wrapper (COW) bypass through changing prototype
- MFSA 2013-13 Memory corruption in XBL with XML bindings containing SVG
- MFSA 2013-12 Buffer overflow in Javascript string concatenation
- MFSA 2013-11 Address space layout leaked in XBL objects
- MFSA 2013-10 Event manipulation in plugin handler to bypass same-origin
policy
- MFSA 2013-09 Compartment mismatch with quickstubs returned values
- MFSA 2013-08 AutoWrapperChanger fails to keep objects alive during
garbage collection
- MFSA 2013-07 Crash due to handling of SSL on threads
- MFSA 2013-05 Use-after-free when displaying table with many columns and
column groups
- MFSA 2013-04 URL spoofing in addressbar during page loads
- MFSA 2013-03 Buffer Overflow in Canvas
- MFSA 2013-02 Use-after-free and buffer overflow issues found using
Address Sanitizer
- MFSA 2013-01 Miscellaneous memory safety hazards (rv:18.0/
rv:10.0.12 / rv:17.0.2)
- MFSA 2012-98 Firefox installer DLL hijacking