Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.netbsd.org", Issuer "Postmaster NetBSD.org" (verified OK)) by mollari.NetBSD.org (Postfix) with ESMTPS id E42F77A302 for ; Sun, 18 Dec 2016 01:31:01 +0000 (UTC) Received: by mail.netbsd.org (Postfix, from userid 605) id 97377855E4; Sun, 18 Dec 2016 01:31:01 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 256A3855DC for ; Sun, 18 Dec 2016 01:31:01 +0000 (UTC) X-Virus-Scanned: amavisd-new at netbsd.org Received: from mail.netbsd.org ([IPv6:::1]) by localhost (mail.netbsd.org [IPv6:::1]) (amavisd-new, port 10025) with ESMTP id 053PV656X1vj for ; Sun, 18 Dec 2016 01:31:00 +0000 (UTC) Received: from cvs.NetBSD.org (unknown [IPv6:2001:470:a085:999:28c:faff:fe03:5984]) by mail.netbsd.org (Postfix) with ESMTP id 8CD09855C5 for ; Sun, 18 Dec 2016 01:31:00 +0000 (UTC) Received: by cvs.NetBSD.org (Postfix, from userid 500) id 8A945FBA6; Sun, 18 Dec 2016 01:31:00 +0000 (UTC) Content-Transfer-Encoding: 7bit Content-Type: multipart/mixed; boundary="_----------=_148202466027820" MIME-Version: 1.0 Date: Sun, 18 Dec 2016 01:31:00 +0000 From: "Ryo ONODERA" Subject: CVS commit: pkgsrc/www/firefox To: pkgsrc-changes@NetBSD.org Reply-To: ryoon@netbsd.org X-Mailer: log_accum Message-Id: <20161218013100.8A945FBA6@cvs.NetBSD.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: pkgsrc-changes.NetBSD.org Precedence: bulk This is a multi-part message in MIME format. --_----------=_148202466027820 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Module Name: pkgsrc Committed By: ryoon Date: Sun Dec 18 01:31:00 UTC 2016 Modified Files: pkgsrc/www/firefox: Makefile PLIST distinfo Log Message: Update to 50.1.0 Changelog: #CVE-2016-9894: Buffer overflow in SkiaGL #CVE-2016-9899: Use-after-free while manipulating DOM events and audio elements #CVE-2016-9895: CSP bypass using marquee tag #CVE-2016-9896: Use-after-free with WebVR #CVE-2016-9897: Memory corruption in libGLES #CVE-2016-9898: Use-after-free in Editor while manipulating DOM subtrees #CVE-2016-9900: Restricted external resources can be loaded by SVG images through data URLs #CVE-2016-9904: Cross-origin information leak in shared atoms #CVE-2016-9901: Data from Pocket server improperly sanitized before execution #CVE-2016-9902: Pocket extension does not validate the origin of events #CVE-2016-9903: XSS injection vulnerability in add-ons SDK #CVE-2016-9080: Memory safety bugs fixed in Firefox 50.1 #CVE-2016-9893: Memory safety bugs fixed in Firefox 50.1 and Firefox ESR 45.6 To generate a diff of this commit: cvs rdiff -u -r1.274 -r1.275 pkgsrc/www/firefox/Makefile cvs rdiff -u -r1.113 -r1.114 pkgsrc/www/firefox/PLIST cvs rdiff -u -r1.264 -r1.265 pkgsrc/www/firefox/distinfo Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. --_----------=_148202466027820 Content-Disposition: inline Content-Length: 2974 Content-Transfer-Encoding: binary Content-Type: text/x-diff; charset=us-ascii Modified files: Index: pkgsrc/www/firefox/Makefile diff -u pkgsrc/www/firefox/Makefile:1.274 pkgsrc/www/firefox/Makefile:1.275 --- pkgsrc/www/firefox/Makefile:1.274 Fri Dec 9 11:51:09 2016 +++ pkgsrc/www/firefox/Makefile Sun Dec 18 01:31:00 2016 @@ -1,12 +1,11 @@ -# $NetBSD: Makefile,v 1.274 2016/12/09 11:51:09 martin Exp $ +# $NetBSD: Makefile,v 1.275 2016/12/18 01:31:00 ryoon Exp $ FIREFOX_VER= ${MOZ_BRANCH}${MOZ_BRANCH_MINOR} -MOZ_BRANCH= 50.0 -MOZ_BRANCH_MINOR= .2 +MOZ_BRANCH= 50.1 +MOZ_BRANCH_MINOR= .0 DISTNAME= firefox-${FIREFOX_VER}.source PKGNAME= firefox-${MOZ_BRANCH}${MOZ_BRANCH_MINOR:S/b/beta/:S/esr//} -PKGREVISION= 3 CATEGORIES= www MASTER_SITES+= ${MASTER_SITE_MOZILLA:=firefox/releases/${FIREFOX_VER}/source/} MASTER_SITES+= ${MASTER_SITE_MOZILLA_ALL:=firefox/releases/${FIREFOX_VER}/source/} Index: pkgsrc/www/firefox/PLIST diff -u pkgsrc/www/firefox/PLIST:1.113 pkgsrc/www/firefox/PLIST:1.114 --- pkgsrc/www/firefox/PLIST:1.113 Tue Dec 6 08:14:22 2016 +++ pkgsrc/www/firefox/PLIST Sun Dec 18 01:31:00 2016 @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.113 2016/12/06 08:14:22 martin Exp $ +@comment $NetBSD: PLIST,v 1.114 2016/12/18 01:31:00 ryoon Exp $ bin/firefox lib/firefox/application.ini lib/firefox/browser/blocklist.xml @@ -3283,6 +3283,7 @@ lib/firefox/components/ConsoleAPIStorage lib/firefox/components/ContactManager.js lib/firefox/components/ContentProcessSingleton.js lib/firefox/components/DownloadLegacy.js +lib/firefox/components/EditorUtils.js lib/firefox/components/FeedProcessor.js lib/firefox/components/FormAutofillContentService.js lib/firefox/components/FormAutofillStartup.js Index: pkgsrc/www/firefox/distinfo diff -u pkgsrc/www/firefox/distinfo:1.264 pkgsrc/www/firefox/distinfo:1.265 --- pkgsrc/www/firefox/distinfo:1.264 Fri Dec 9 11:51:09 2016 +++ pkgsrc/www/firefox/distinfo Sun Dec 18 01:31:00 2016 @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.264 2016/12/09 11:51:09 martin Exp $ +$NetBSD: distinfo,v 1.265 2016/12/18 01:31:00 ryoon Exp $ -SHA1 (firefox-50.0.2.source.tar.xz) = 083b9a803b25064b2d7d43e289797a9f2a2e9e5d -RMD160 (firefox-50.0.2.source.tar.xz) = 67395703c955b3285237b66317df13229aeec479 -SHA512 (firefox-50.0.2.source.tar.xz) = cfcc3e5a703e4d3284e3b3dcb34e5f77825e5a98b49a75bf22f8ac431c0429e6cd21c4e1f5e046fe82899cb4d2bc5b7a432b306c4af35034d83a9f351393f7fd -Size (firefox-50.0.2.source.tar.xz) = 195625752 bytes +SHA1 (firefox-50.1.0.source.tar.xz) = 6024dc49a566ed6296ad6cd707a199d41f090176 +RMD160 (firefox-50.1.0.source.tar.xz) = 8931f3ad4e8a2543b8cfc1c191289b5897e081de +SHA512 (firefox-50.1.0.source.tar.xz) = 370d2e9b8c4b1b59c3394659c3a7f0f79e6a911ccd9f32095b50b3a22d087132b1f7cb87b734f7497c4381b1df6df80d120b4b87c13eecc425cc66f56acccba5 +Size (firefox-50.1.0.source.tar.xz) = 195823768 bytes SHA1 (patch-aa) = 272331d89f966ea83c4ee3a49b1933b9ce31672b SHA1 (patch-ao) = 1564bc503670dc07ec8b9b43927f0c5879f3a44d SHA1 (patch-as) = bebba8483c1881198066f4022a0da8f95398f38f --_----------=_148202466027820--