Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66]) by www.NetBSD.org (Postfix) with ESMTP id 1970663DD3F for ; Sat, 13 Oct 2012 10:16:27 +0000 (UTC) Received: by mail.netbsd.org (Postfix, from userid 605) id E2B1714A1AA; Sat, 13 Oct 2012 10:16:26 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id B872B14A195 for ; Sat, 13 Oct 2012 10:16:24 +0000 (UTC) X-Virus-Scanned: amavisd-new at NetBSD.org Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.NetBSD.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id D9nFauGPpD6K for ; Sat, 13 Oct 2012 10:16:24 +0000 (UTC) Received: from cvs.netbsd.org (cvs.NetBSD.org [IPv6:2001:4f8:3:7:2e0:81ff:fe30:95bd]) by mail.netbsd.org (Postfix) with ESMTP id 1D4D314A177 for ; Sat, 13 Oct 2012 10:16:23 +0000 (UTC) Received: by cvs.netbsd.org (Postfix, from userid 500) id C0CEA175DD; Sat, 13 Oct 2012 10:16:23 +0000 (UTC) MIME-Version: 1.0 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Date: Sat, 13 Oct 2012 10:16:23 +0000 From: "Ryo ONODERA" Subject: CVS commit: pkgsrc To: pkgsrc-changes@NetBSD.org Reply-To: ryoon@netbsd.org X-Mailer: log_accum Message-Id: <20121013101623.C0CEA175DD@cvs.netbsd.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: pkgsrc-changes.NetBSD.org Precedence: bulk Module Name: pkgsrc Committed By: ryoon Date: Sat Oct 13 10:16:23 UTC 2012 Modified Files: pkgsrc/devel/xulrunner10: Makefile dist.mk distinfo pkgsrc/www/firefox10: Makefile Log Message: Update to 10.0.9 Changelog: Fixed in Firefox ESR 10.0.9 MFSA 2012-89 defaultValue security checks not applied Fixed in Firefox ESR 10.0.8 MFSA 2012-87 Use-after-free in the IME State Manager MFSA 2012-86 Heap memory corruption issues found using Address Sanitizer MFSA 2012-85 Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer MFSA 2012-84 Spoofing and script injection through location.hash MFSA 2012-83 Chrome Object Wrapper (COW) does not disallow acces to privileged functions or properties MFSA 2012-82 top object and location property accessible by plugins MFSA 2012-81 GetProperty function can bypass security checks MFSA 2012-79 DOS and crash with full screen and history navigation MFSA 2012-77 Some DOMWindowUtils methods bypass security checks MFSA 2012-74 Miscellaneous memory safety hazards (rv:16.0/ rv:10.0.8) MFSA 2012-59 Location object can be shadowed using Object.defineProperty To generate a diff of this commit: cvs rdiff -u -r1.8 -r1.9 pkgsrc/devel/xulrunner10/Makefile cvs rdiff -u -r1.7 -r1.8 pkgsrc/devel/xulrunner10/dist.mk cvs rdiff -u -r1.5 -r1.6 pkgsrc/devel/xulrunner10/distinfo cvs rdiff -u -r1.9 -r1.10 pkgsrc/www/firefox10/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.