Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.netbsd.org", Issuer "Postmaster NetBSD.org" (verified OK)) by mollari.NetBSD.org (Postfix) with ESMTPS id 4DEB07A0F3 for ; Sat, 12 Mar 2016 03:47:22 +0000 (UTC) Received: by mail.netbsd.org (Postfix, from userid 605) id B037B85E6F; Sat, 12 Mar 2016 03:47:21 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 3FB2385E47 for ; Sat, 12 Mar 2016 03:47:21 +0000 (UTC) X-Virus-Scanned: amavisd-new at netbsd.org Received: from mail.netbsd.org ([IPv6:::1]) by localhost (mail.netbsd.org [IPv6:::1]) (amavisd-new, port 10025) with ESMTP id 28dJU4Nv9NMI for ; Sat, 12 Mar 2016 03:47:20 +0000 (UTC) Received: from cvs.NetBSD.org (ivanova.netbsd.org [199.233.217.197]) by mail.netbsd.org (Postfix) with ESMTP id A25C184CFD for ; Sat, 12 Mar 2016 03:47:20 +0000 (UTC) Received: by cvs.NetBSD.org (Postfix, from userid 500) id 9D37CFBB7; Sat, 12 Mar 2016 03:47:20 +0000 (UTC) Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" MIME-Version: 1.0 Date: Sat, 12 Mar 2016 03:47:20 +0000 From: "Ryo ONODERA" Subject: CVS commit: pkgsrc/www/firefox38 To: pkgsrc-changes@NetBSD.org Reply-To: ryoon@netbsd.org X-Mailer: log_accum Message-Id: <20160312034720.9D37CFBB7@cvs.NetBSD.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: pkgsrc-changes.NetBSD.org Precedence: bulk Module Name: pkgsrc Committed By: ryoon Date: Sat Mar 12 03:47:20 UTC 2016 Modified Files: pkgsrc/www/firefox38: Makefile distinfo Removed Files: pkgsrc/www/firefox38/patches: patch-gfx_graphite2_moz-gr-update.sh Log Message: Update to 38.7.0 Changelog: Fixed in Firefox ESR 38.7 2016-37 Font vulnerabilities in the Graphite 2 library 2016-35 Buffer overflow during ASN.1 decoding in NSS 2016-34 Out-of-bounds read in HTML parser following a failed allocation 2016-31 Memory corruption with malicious NPAPI plugin 2016-28 Addressbar spoofing though history navigation and Location protocol property 2016-27 Use-after-free during XML transformations 2016-25 Use-after-free when using multiple WebRTC data channels 2016-24 Use-after-free in SetBody 2016-23 Use-after-free in HTML5 string parser 2016-21 Displayed page address can be overridden 2016-20 Memory leak in libstagefright when deleting an array during MP4 processing 2016-17 Local file overwriting and potential privilege escalation through CSP reports 2016-16 Miscellaneous memory safety hazards (rv:45.0 / rv:38.7) 2015-136 Same-origin policy violation using performance.getEntries and history navigation 2015-81 Use-after-free in MediaStream playback To generate a diff of this commit: cvs rdiff -u -r1.15 -r1.16 pkgsrc/www/firefox38/Makefile cvs rdiff -u -r1.14 -r1.15 pkgsrc/www/firefox38/distinfo cvs rdiff -u -r1.1 -r0 \ pkgsrc/www/firefox38/patches/patch-gfx_graphite2_moz-gr-update.sh Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.