Update firefox and firefox-gtk1 to 2.0.0.13. Security fixes in this version: MFSA 2008-19 XUL popup spoofing variant (cross-tab popups) MFSA 2008-18 Java socket connection to any local port via LiveConnect MFSA 2008-17 Privacy issue with SSL Client Authentication MFSA 2008-16 HTTP Referrer spoofing with malformed URLs MFSA 2008-15 Crashes with evidence of memory corruption (rv:1.8.1.13) MFSA 2008-14 JavaScript privilege escalation and arbitrary code execution For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.13/releasenotes/diff -r1.54 -r1.55 pkgsrc/www/firefox/Makefile-firefox.common
(ghen)
@@ -1,17 +1,17 @@ | @@ -1,17 +1,17 @@ | |||
1 | # $NetBSD: Makefile-firefox.common,v 1.54 2008/02/08 11:28:30 ghen Exp $ | 1 | # $NetBSD: Makefile-firefox.common,v 1.55 2008/03/30 13:32:22 ghen Exp $ | |
2 | 2 | |||
3 | MOZILLA_BIN= firefox-bin | 3 | MOZILLA_BIN= firefox-bin | |
4 | MOZ_VER= 2.0.0.12 | 4 | MOZ_VER= 2.0.0.13 | |
5 | EXTRACT_SUFX= .tar.bz2 | 5 | EXTRACT_SUFX= .tar.bz2 | |
6 | 6 | |||
7 | DISTNAME= firefox-${MOZ_VER}-source | 7 | DISTNAME= firefox-${MOZ_VER}-source | |
8 | 8 | |||
9 | MASTER_SITES= ${MASTER_SITE_MOZILLA:=firefox/releases/${MOZ_VER}/source/} | 9 | MASTER_SITES= ${MASTER_SITE_MOZILLA:=firefox/releases/${MOZ_VER}/source/} | |
10 | 10 | |||
11 | HOMEPAGE= http://www.mozilla.com/en-US/firefox/ | 11 | HOMEPAGE= http://www.mozilla.com/en-US/firefox/ | |
12 | 12 | |||
13 | PKG_DESTDIR_SUPPORT= user-destdir | 13 | PKG_DESTDIR_SUPPORT= user-destdir | |
14 | 14 | |||
15 | DISTINFO_FILE= ${.CURDIR}/../../www/firefox/distinfo | 15 | DISTINFO_FILE= ${.CURDIR}/../../www/firefox/distinfo | |
16 | PATCHDIR= ${.CURDIR}/../../www/firefox/patches | 16 | PATCHDIR= ${.CURDIR}/../../www/firefox/patches | |
17 | 17 |
@@ -1,18 +1,18 @@ | @@ -1,18 +1,18 @@ | |||
1 | $NetBSD: distinfo,v 1.74 2008/02/08 11:28:30 ghen Exp $ | 1 | $NetBSD: distinfo,v 1.75 2008/03/30 13:32:22 ghen Exp $ | |
2 | 2 | |||
3 | SHA1 (firefox-2.0.0.12-source.tar.bz2) = 766f3e945145d9e4d36d5eb3e551b5eb44a1d862 | 3 | SHA1 (firefox-2.0.0.13-source.tar.bz2) = 45e804fe96119af6ce1ca39da07b107eaf3a1d54 | |
4 | RMD160 (firefox-2.0.0.12-source.tar.bz2) = 05c022317ebd065d1953e4b3706c7b125c573a46 | 4 | RMD160 (firefox-2.0.0.13-source.tar.bz2) = 3452d5bffd14e8e230c400191c78c431305bd2b2 | |
5 | Size (firefox-2.0.0.12-source.tar.bz2) = 37442741 bytes | 5 | Size (firefox-2.0.0.13-source.tar.bz2) = 37520701 bytes | |
6 | SHA1 (patch-aa) = 5095449d4e979085fc5791b9d0251076b9c969c3 | 6 | SHA1 (patch-aa) = 5095449d4e979085fc5791b9d0251076b9c969c3 | |
7 | SHA1 (patch-ab) = 19069a4e572744eccb04e9906e16dad28d2dac01 | 7 | SHA1 (patch-ab) = 19069a4e572744eccb04e9906e16dad28d2dac01 | |
8 | SHA1 (patch-ac) = 96bee96d365d6a95d14031f4f1df9584b94d570b | 8 | SHA1 (patch-ac) = 96bee96d365d6a95d14031f4f1df9584b94d570b | |
9 | SHA1 (patch-ad) = 20f2184a7e5e98b065e884c67e4c17fc52019a79 | 9 | SHA1 (patch-ad) = 20f2184a7e5e98b065e884c67e4c17fc52019a79 | |
10 | SHA1 (patch-ae) = fea251aabc772c3d4ad3044c8295af45cc9cab2d | 10 | SHA1 (patch-ae) = fea251aabc772c3d4ad3044c8295af45cc9cab2d | |
11 | SHA1 (patch-af) = 01e10664fbf20dffa53ecb94be24a421c39b838b | 11 | SHA1 (patch-af) = 01e10664fbf20dffa53ecb94be24a421c39b838b | |
12 | SHA1 (patch-ag) = 1266333a482483f786d5f00e92e641e282266442 | 12 | SHA1 (patch-ag) = 1266333a482483f786d5f00e92e641e282266442 | |
13 | SHA1 (patch-ah) = c737519c8ab8a66993d4892a6efac73e2da979f5 | 13 | SHA1 (patch-ah) = c737519c8ab8a66993d4892a6efac73e2da979f5 | |
14 | SHA1 (patch-ai) = 58d7d87295cfbcaeba3e6a27457e15533d4b8e78 | 14 | SHA1 (patch-ai) = 58d7d87295cfbcaeba3e6a27457e15533d4b8e78 | |
15 | SHA1 (patch-aj) = 84a5e3630c7dd9532bbb20e7444ff9582631ea24 | 15 | SHA1 (patch-aj) = 84a5e3630c7dd9532bbb20e7444ff9582631ea24 | |
16 | SHA1 (patch-ak) = aa54e2c4d2f1c0d40bbbfcd6e3e55b44c3c549ff | 16 | SHA1 (patch-ak) = aa54e2c4d2f1c0d40bbbfcd6e3e55b44c3c549ff | |
17 | SHA1 (patch-al) = e5fc425630a5363807bf1cc2c648d5eb31d0e40e | 17 | SHA1 (patch-al) = e5fc425630a5363807bf1cc2c648d5eb31d0e40e | |
18 | SHA1 (patch-an) = 8b855be2d22422fcbf9293717ee45a8115e15bff | 18 | SHA1 (patch-an) = 8b855be2d22422fcbf9293717ee45a8115e15bff | |
@@ -33,27 +33,27 @@ SHA1 (patch-bv) = ef06a6a774c9d4da7b3fbf | @@ -33,27 +33,27 @@ SHA1 (patch-bv) = ef06a6a774c9d4da7b3fbf | |||
33 | SHA1 (patch-bx) = 7d524d6d46593ba54f12a75c57822518feee84d0 | 33 | SHA1 (patch-bx) = 7d524d6d46593ba54f12a75c57822518feee84d0 | |
34 | SHA1 (patch-by) = a6eeccfee4e7e3620be41b315c357575c8bd0635 | 34 | SHA1 (patch-by) = a6eeccfee4e7e3620be41b315c357575c8bd0635 | |
35 | SHA1 (patch-bz) = 7f939c1717b2df473217da9cf703a37e459731c7 | 35 | SHA1 (patch-bz) = 7f939c1717b2df473217da9cf703a37e459731c7 | |
36 | SHA1 (patch-ca) = 264d83ff1fc38d5f754b62507615aff6c353dd26 | 36 | SHA1 (patch-ca) = 264d83ff1fc38d5f754b62507615aff6c353dd26 | |
37 | SHA1 (patch-cb) = 0929baadba9271ee8960a01997c2ded445fe39a2 | 37 | SHA1 (patch-cb) = 0929baadba9271ee8960a01997c2ded445fe39a2 | |
38 | SHA1 (patch-cd) = f07c2fafd4427b4a429f8f01f0c321eb802cfaec | 38 | SHA1 (patch-cd) = f07c2fafd4427b4a429f8f01f0c321eb802cfaec | |
39 | SHA1 (patch-cg) = 867f8642eacc0b46999eefc4c3566e340939fd68 | 39 | SHA1 (patch-cg) = 867f8642eacc0b46999eefc4c3566e340939fd68 | |
40 | SHA1 (patch-ch) = a5220e0a20269271656cfa954f3b1005807f7cd3 | 40 | SHA1 (patch-ch) = a5220e0a20269271656cfa954f3b1005807f7cd3 | |
41 | SHA1 (patch-ci) = 2c9817c7431840928cdc7bfc2e033b0050ad04b4 | 41 | SHA1 (patch-ci) = 2c9817c7431840928cdc7bfc2e033b0050ad04b4 | |
42 | SHA1 (patch-cj) = 3ae48c9a906f47cf32706a1d2b3b6b44918e99f4 | 42 | SHA1 (patch-cj) = 3ae48c9a906f47cf32706a1d2b3b6b44918e99f4 | |
43 | SHA1 (patch-ck) = 18e6c412399c8b5b89941d818cf2589711f35472 | 43 | SHA1 (patch-ck) = 18e6c412399c8b5b89941d818cf2589711f35472 | |
44 | SHA1 (patch-cl) = a08ba37aa7ac7806123aa21b6ff8055c6ded6449 | 44 | SHA1 (patch-cl) = a08ba37aa7ac7806123aa21b6ff8055c6ded6449 | |
45 | SHA1 (patch-cm) = 7da6e9da803407b25bf4b707562777e8429a37a4 | 45 | SHA1 (patch-cm) = 7da6e9da803407b25bf4b707562777e8429a37a4 | |
46 | SHA1 (patch-cn) = dbee403dbe19cb48eff2079f92c8e6a7a94534c4 | 46 | SHA1 (patch-cn) = 76f757bcc3f88d8516531546a8532aec4605ef00 | |
47 | SHA1 (patch-da) = 356e37429832ffd296fa79b9aa7ef20c05d851e0 | 47 | SHA1 (patch-da) = 356e37429832ffd296fa79b9aa7ef20c05d851e0 | |
48 | SHA1 (patch-db) = f10187cf9de4466e49a967b79875eb01c5afd69f | 48 | SHA1 (patch-db) = f10187cf9de4466e49a967b79875eb01c5afd69f | |
49 | SHA1 (patch-dc) = ba7b06f04460d4966e115a9ffdeafc1ebf555972 | 49 | SHA1 (patch-dc) = ba7b06f04460d4966e115a9ffdeafc1ebf555972 | |
50 | SHA1 (patch-dd) = de9d705fdc3cb9879a19d58dfd170d104ca379f7 | 50 | SHA1 (patch-dd) = de9d705fdc3cb9879a19d58dfd170d104ca379f7 | |
51 | SHA1 (patch-de) = 1d845fd60ecd85554fa82f6c5f3cc7edc7d377a5 | 51 | SHA1 (patch-de) = 1d845fd60ecd85554fa82f6c5f3cc7edc7d377a5 | |
52 | SHA1 (patch-df) = 17912d183f754ab6661d2be8092e6a07d142632b | 52 | SHA1 (patch-df) = 17912d183f754ab6661d2be8092e6a07d142632b | |
53 | SHA1 (patch-dh) = 7592a6238acd5ef6e802d32103c897acb576825a | 53 | SHA1 (patch-dh) = 7592a6238acd5ef6e802d32103c897acb576825a | |
54 | SHA1 (patch-dj) = 70360dffb20dd1029866d2e81899d003c9e17473 | 54 | SHA1 (patch-dj) = 70360dffb20dd1029866d2e81899d003c9e17473 | |
55 | SHA1 (patch-dk) = 183fa0d6a9040f53d9988fcc8868bdf83229803b | 55 | SHA1 (patch-dk) = 183fa0d6a9040f53d9988fcc8868bdf83229803b | |
56 | SHA1 (patch-dl) = cba07cba5717a75c89f007aba36295dccc1c25ab | 56 | SHA1 (patch-dl) = cba07cba5717a75c89f007aba36295dccc1c25ab | |
57 | SHA1 (patch-dm) = eb86aee54fd213eb64a89e5bc2754971db9648f4 | 57 | SHA1 (patch-dm) = eb86aee54fd213eb64a89e5bc2754971db9648f4 | |
58 | SHA1 (patch-do) = bdb018e157dcb5ef706b69184d8b739cfd32d8c3 | 58 | SHA1 (patch-do) = bdb018e157dcb5ef706b69184d8b739cfd32d8c3 | |
59 | SHA1 (patch-dr) = 377b1d83079ada4d819b6702c1010cdd900575fc | 59 | SHA1 (patch-dr) = 377b1d83079ada4d819b6702c1010cdd900575fc |
@@ -1,94 +1,103 @@ | @@ -1,94 +1,103 @@ | |||
1 | $NetBSD: patch-cn,v 1.5 2007/07/26 08:43:50 ghen Exp $ | 1 | $NetBSD: patch-cn,v 1.6 2008/03/30 13:32:22 ghen Exp $ | |
2 | 2 | |||
3 | --- extensions/transformiix/source/xpath/XFormsFunctionCall.cpp.orig 2007-06-24 02:00:32.000000000 +0200 | 3 | --- extensions/transformiix/source/xpath/XFormsFunctionCall.cpp.orig 2008-03-05 07:57:26.000000000 +0100 | |
4 | +++ extensions/transformiix/source/xpath/XFormsFunctionCall.cpp | 4 | +++ extensions/transformiix/source/xpath/XFormsFunctionCall.cpp | |
5 | @@ -104,7 +104,7 @@ XFormsFunctionCall::evaluate(txIEvalCont | 5 | @@ -108,7 +108,7 @@ XFormsFunctionCall::evaluate(txIEvalCont | |
6 | res = (res/i); | 6 | res = (res/i); | |
7 | } | 7 | } | |
8 | else { | 8 | else { | |
9 | - res = Double::NaN; | 9 | - res = Double::NaN; | |
10 | + res = Double::NaN(); | 10 | + res = Double::NaN(); | |
11 | } | 11 | } | |
12 | return aContext->recycler()->getNumberResult(res, aResult); | 12 | return aContext->recycler()->getNumberResult(res, aResult); | |
13 | } | 13 | } | |
14 | @@ -159,7 +159,7 @@ XFormsFunctionCall::evaluate(txIEvalCont | 14 | @@ -163,7 +163,7 @@ XFormsFunctionCall::evaluate(txIEvalCont | |
15 | NS_ENSURE_SUCCESS(rv, rv); | 15 | NS_ENSURE_SUCCESS(rv, rv); | |
16 | 16 | |||
17 | PRInt32 result = 0; | 17 | PRInt32 result = 0; | |
18 | - double res = Double::NaN; | 18 | - double res = Double::NaN; | |
19 | + double res = Double::NaN(); | 19 | + double res = Double::NaN(); | |
20 | nsresult rv = xformsService->GetDaysFromDateTime(date, &result); | 20 | nsresult rv = xformsService->GetDaysFromDateTime(date, &result); | |
21 | if (NS_SUCCEEDED(rv)) { | 21 | if (NS_SUCCEEDED(rv)) { | |
22 | res = result; | 22 | res = result; | |
23 | @@ -211,7 +211,7 @@ XFormsFunctionCall::evaluate(txIEvalCont | 23 | @@ -215,7 +215,7 @@ XFormsFunctionCall::evaluate(txIEvalCont | |
24 | NS_ENSURE_SUCCESS(rv, rv); | 24 | NS_ENSURE_SUCCESS(rv, rv); | |
25 | 25 | |||
26 | PRInt32 index = 0; | 26 | PRInt32 index = 0; | |
27 | - double res = Double::NaN; | 27 | - double res = Double::NaN; | |
28 | + double res = Double::NaN(); | 28 | + double res = Double::NaN(); | |
29 | rv = xformsService->GetRepeatIndexById(mNode, indexId, &index); | 29 | rv = xformsService->GetRepeatIndexById(mNode, indexId, &index); | |
30 | NS_ENSURE_SUCCESS(rv, rv); | 30 | NS_ENSURE_SUCCESS(rv, rv); | |
31 | 31 | |||
32 | @@ -344,7 +344,7 @@ XFormsFunctionCall::evaluate(txIEvalCont | 32 | @@ -348,7 +348,7 @@ XFormsFunctionCall::evaluate(txIEvalCont | |
33 | getter_AddRefs(nodes)); | 33 | getter_AddRefs(nodes)); | |
34 | NS_ENSURE_SUCCESS(rv, rv); | 34 | NS_ENSURE_SUCCESS(rv, rv); | |
35 | 35 | |||
36 | - double res = Double::NaN; | 36 | - double res = Double::NaN; | |
37 | + double res = Double::NaN(); | 37 | + double res = Double::NaN(); | |
38 | PRInt32 i; | 38 | PRInt32 i; | |
39 | for (i = 0; i < nodes->size(); ++i) { | 39 | for (i = 0; i < nodes->size(); ++i) { | |
40 | double test; | 40 | double test; | |
41 | @@ -352,7 +352,7 @@ XFormsFunctionCall::evaluate(txIEvalCont | 41 | @@ -356,7 +356,7 @@ XFormsFunctionCall::evaluate(txIEvalCont | |
42 | txXPathNodeUtils::appendNodeValue(nodes->get(i), resultStr); | 42 | txXPathNodeUtils::appendNodeValue(nodes->get(i), resultStr); | |
43 | test = Double::toDouble(resultStr); | 43 | test = Double::toDouble(resultStr); | |
44 | if (Double::isNaN(test)) { | 44 | if (Double::isNaN(test)) { | |
45 | - res = Double::NaN; | 45 | - res = Double::NaN; | |
46 | + res = Double::NaN(); | 46 | + res = Double::NaN(); | |
47 | break; | 47 | break; | |
48 | } | 48 | } | |
49 | if (test > res || i == 0) { | 49 | if (test > res || i == 0) { | |
50 | @@ -372,7 +372,7 @@ XFormsFunctionCall::evaluate(txIEvalCont | 50 | @@ -376,7 +376,7 @@ XFormsFunctionCall::evaluate(txIEvalCont | |
51 | getter_AddRefs(nodes)); | 51 | getter_AddRefs(nodes)); | |
52 | NS_ENSURE_SUCCESS(rv, rv); | 52 | NS_ENSURE_SUCCESS(rv, rv); | |
53 | 53 | |||
54 | - double res = Double::NaN; | 54 | - double res = Double::NaN; | |
55 | + double res = Double::NaN(); | 55 | + double res = Double::NaN(); | |
56 | PRInt32 i; | 56 | PRInt32 i; | |
57 | for (i = 0; i < nodes->size(); ++i) { | 57 | for (i = 0; i < nodes->size(); ++i) { | |
58 | double test; | 58 | double test; | |
59 | @@ -380,7 +380,7 @@ XFormsFunctionCall::evaluate(txIEvalCont | 59 | @@ -384,7 +384,7 @@ XFormsFunctionCall::evaluate(txIEvalCont | |
60 | txXPathNodeUtils::appendNodeValue(nodes->get(i), resultStr); | 60 | txXPathNodeUtils::appendNodeValue(nodes->get(i), resultStr); | |
61 | test = Double::toDouble(resultStr); | 61 | test = Double::toDouble(resultStr); | |
62 | if (Double::isNaN(test)) { | 62 | if (Double::isNaN(test)) { | |
63 | - res = Double::NaN; | 63 | - res = Double::NaN; | |
64 | + res = Double::NaN(); | 64 | + res = Double::NaN(); | |
65 | break; | 65 | break; | |
66 | } | 66 | } | |
67 | if ((test < res) || (i==0)) { | 67 | if ((test < res) || (i==0)) { | |
68 | @@ -403,7 +403,7 @@ XFormsFunctionCall::evaluate(txIEvalCont | 68 | @@ -407,7 +407,7 @@ XFormsFunctionCall::evaluate(txIEvalCont | |
69 | NS_ENSURE_SUCCESS(rv, rv); | 69 | NS_ENSURE_SUCCESS(rv, rv); | |
70 | 70 | |||
71 | PRInt32 result = 0; | 71 | PRInt32 result = 0; | |
72 | - double res = Double::NaN; | 72 | - double res = Double::NaN; | |
73 | + double res = Double::NaN(); | 73 | + double res = Double::NaN(); | |
74 | nsresult rv = xformsService->GetMonths(duration, &result); | 74 | nsresult rv = xformsService->GetMonths(duration, &result); | |
75 | if (NS_SUCCEEDED(rv)) { | 75 | if (NS_SUCCEEDED(rv)) { | |
76 | res = result; | 76 | res = result; | |
77 | @@ -479,7 +479,7 @@ XFormsFunctionCall::evaluate(txIEvalCont | 77 | @@ -527,7 +527,7 @@ XFormsFunctionCall::evaluate(txIEvalCont | |
78 | // up the chain | 78 | // up the chain | |
79 | return rv; | 79 | return rv; | |
80 | } | 80 | } | |
81 | - res = Double::NaN; | 81 | - res = Double::NaN; | |
82 | + res = Double::NaN(); | 82 | + res = Double::NaN(); | |
83 | } | 83 | } | |
84 | 84 | |||
85 | return aContext->recycler()->getNumberResult(res, aResult); | 85 | return aContext->recycler()->getNumberResult(res, aResult); | |
86 | @@ -504,7 +504,7 @@ XFormsFunctionCall::evaluate(txIEvalCont | 86 | @@ -552,7 +552,7 @@ XFormsFunctionCall::evaluate(txIEvalCont | |
87 | // up the chain | 87 | // up the chain | |
88 | return rv; | 88 | return rv; | |
89 | } | 89 | } | |
90 | - res = Double::NaN; | 90 | - res = Double::NaN; | |
91 | + res = Double::NaN(); | 91 | + res = Double::NaN(); | |
92 | } | 92 | } | |
93 | 93 | |||
94 | return aContext->recycler()->getNumberResult(res, aResult); | 94 | return aContext->recycler()->getNumberResult(res, aResult); | |
95 | @@ -634,7 +634,7 @@ XFormsFunctionCall::evaluate(txIEvalCont | |||
96 | // If the result is too large (ERANGE), we consider the result to be kNaN. | |||
97 | result = pow(base, exponent); | |||
98 | if (errno == EDOM || errno == ERANGE) { | |||
99 | - result = Double::NaN; | |||
100 | + result = Double::NaN(); | |||
101 | } | |||
102 | ||||
103 | return aContext->recycler()->getNumberResult(result, aResult); |