Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11]) by www.NetBSD.org (Postfix) with ESMTP id 999B363B8B6 for ; Wed, 28 Oct 2009 11:36:38 +0000 (UTC) Received: by mail.netbsd.org (Postfix, from userid 0) id 1D2C863B126; Wed, 28 Oct 2009 11:36:38 +0000 (UTC) Received: from cvs.netbsd.org (cvs.NetBSD.org [IPv6:2001:4f8:3:7:2e0:81ff:fe30:95bd]) by mail.netbsd.org (Postfix) with ESMTP id A203563B11F for ; Wed, 28 Oct 2009 11:36:36 +0000 (UTC) Received: by cvs.netbsd.org (Postfix, from userid 500) id 8D79B175DA; Wed, 28 Oct 2009 11:36:36 +0000 (UTC) MIME-Version: 1.0 Content-Disposition: inline Content-Transfer-Encoding: binary Content-Type: text/plain Date: Wed, 28 Oct 2009 11:36:36 +0000 From: Tobias Nygren Subject: CVS commit: pkgsrc To: pkgsrc-changes@NetBSD.org Reply-To: tnn@netbsd.org X-Mailer: log_accum Message-Id: <20091028113636.8D79B175DA@cvs.netbsd.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: pkgsrc-changes.NetBSD.org Precedence: list Module Name: pkgsrc Committed By: tnn Date: Wed Oct 28 11:36:36 UTC 2009 Modified Files: pkgsrc/devel/xulrunner: Makefile PLIST distinfo mozilla-common.mk pkgsrc/devel/xulrunner/patches: patch-aq patch-mf patch-mn patch-pd pkgsrc/www/firefox: Makefile PLIST Removed Files: pkgsrc/devel/xulrunner/patches: patch-nb patch-nc Log Message: Security and bugfix update of firefox (to 3.5.4) and xulrunner (to 1.9.1.4) Also fix broken DESTDIR support. Fixes the following security issues: MFSA 2009-64 Crashes with evidence of memory corruption (rv:1.9.1.4/ 1.9.0.15) MFSA 2009-63 Upgrade media libraries to fix memory safety bugs MFSA 2009-62 Download filename spoofing with RTL override MFSA 2009-61 Cross-origin data theft through document.getSelection() MFSA 2009-59 Heap buffer overflow in string to number conversion MFSA 2009-57 Chrome privilege escalation in XPCVariant::VariantDataToJS() MFSA 2009-56 Heap buffer overflow in GIF color map parser MFSA 2009-55 Crash in proxy auto-configuration regexp parsing MFSA 2009-54 Crash with recursive web-worker calls MFSA 2009-53 Local downloaded file tampering MFSA 2009-52 Form history vulnerable to stealing To generate a diff of this commit: cvs rdiff -u -r1.24 -r1.25 pkgsrc/devel/xulrunner/Makefile cvs rdiff -u -r1.17 -r1.18 pkgsrc/devel/xulrunner/PLIST cvs rdiff -u -r1.13 -r1.14 pkgsrc/devel/xulrunner/distinfo cvs rdiff -u -r1.1 -r1.2 pkgsrc/devel/xulrunner/mozilla-common.mk cvs rdiff -u -r1.2 -r1.3 pkgsrc/devel/xulrunner/patches/patch-aq cvs rdiff -u -r1.1.1.1 -r1.2 pkgsrc/devel/xulrunner/patches/patch-mf \ pkgsrc/devel/xulrunner/patches/patch-mn \ pkgsrc/devel/xulrunner/patches/patch-pd cvs rdiff -u -r1.1 -r0 pkgsrc/devel/xulrunner/patches/patch-nb \ pkgsrc/devel/xulrunner/patches/patch-nc cvs rdiff -u -r1.60 -r1.61 pkgsrc/www/firefox/Makefile cvs rdiff -u -r1.38 -r1.39 pkgsrc/www/firefox/PLIST Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.