Wed Aug 5 11:16:33 2009 UTC ()
Pullup ticket #2849 - requested by tnn
firefox3: security update

Revisions pulled up:
- www/firefox3/Makefile				1.35
- www/firefox3/PLIST				1.11
- www/firefox3/distinfo				1.27
- www/firefox3/patches/patch-dk			1.3
---
Module Name:	pkgsrc
Committed By:	tnn
Date:		Tue Aug  4 21:28:42 UTC 2009

Modified Files:
	pkgsrc/www/firefox3: Makefile PLIST distinfo
	pkgsrc/www/firefox3/patches: patch-dk

Log Message:
Update to firefox3-3.0.13. Fixes the following advisories:
MFSA 2009-44 Location bar and SSL indicator spoofing via window.open()
on invalid URL
MFSA 2009-43 Heap overflow in certificate regexp parsing
MFSA 2009-42 Compromise of SSL-protected communication


(tron)
diff -r1.33.2.1 -r1.33.2.2 pkgsrc/www/firefox3/Makefile
diff -r1.10 -r1.10.2.1 pkgsrc/www/firefox3/PLIST
diff -r1.25.2.1 -r1.25.2.2 pkgsrc/www/firefox3/distinfo
diff -r1.2 -r1.2.8.1 pkgsrc/www/firefox3/patches/patch-dk
cvs diff -r1.33.2.1 -r1.33.2.2 pkgsrc/www/firefox3/Attic/Makefile (expand / switch to unified diff)

--- pkgsrc/www/firefox3/Attic/Makefile 2009/07/28 19:23:00 1.33.2.1
+++ pkgsrc/www/firefox3/Attic/Makefile 2009/08/05 11:16:33 1.33.2.2
@@ -1,34 +1,34 @@ @@ -1,34 +1,34 @@
1# $NetBSD: Makefile,v 1.33.2.1 2009/07/28 19:23:00 tron Exp $ 1# $NetBSD: Makefile,v 1.33.2.2 2009/08/05 11:16:33 tron Exp $
2 2
3MOZILLA= firefox3 # allow coexisting with firefox2 3MOZILLA= firefox3 # allow coexisting with firefox2
4COMMENT= Web browser with support for extensions 4COMMENT= Web browser with support for extensions
5 5
6MOZILLA_USE_GTK2= # yes 6MOZILLA_USE_GTK2= # yes
7MOZILLA_USE_XFT= YES 7MOZILLA_USE_XFT= YES
8 8
9INSTALLATION_DIRS= lib/pkgconfig share/applications share/pixmaps 9INSTALLATION_DIRS= lib/pkgconfig share/applications share/pixmaps
10 10
11CHECK_PORTABILITY_SKIP= security/nss/tests/libpkix/libpkix.sh 11CHECK_PORTABILITY_SKIP= security/nss/tests/libpkix/libpkix.sh
12 12
13BUILDLINK_API_DEPENDS.cairo+= cairo>=1.6.4 13BUILDLINK_API_DEPENDS.cairo+= cairo>=1.6.4
14 14
15# Pull in standard firefox build framework, and override some things below. 15# Pull in standard firefox build framework, and override some things below.
16# This include must appear first, to ensure that USE_LANGUAGES is set 16# This include must appear first, to ensure that USE_LANGUAGES is set
17# correctly before mk/compiler.mk may be loaded. 17# correctly before mk/compiler.mk may be loaded.
18.include "../../www/firefox/Makefile-firefox.common" 18.include "../../www/firefox/Makefile-firefox.common"
19 19
20MAINTAINER= tnn@NetBSD.org 20MAINTAINER= tnn@NetBSD.org
21MOZ_VER= 3.0.12 21MOZ_VER= 3.0.13
22 22
23XPTCFILES:= ${XPTCFILES:C,^,../../firefox3/files/,} 23XPTCFILES:= ${XPTCFILES:C,^,../../firefox3/files/,}
24DESCR_SRC= ${.CURDIR}/../../www/firefox/DESCR 24DESCR_SRC= ${.CURDIR}/../../www/firefox/DESCR
25 25
26DISTINFO_FILE= ${.CURDIR}/../../www/firefox3/distinfo 26DISTINFO_FILE= ${.CURDIR}/../../www/firefox3/distinfo
27PATCHDIR= ${.CURDIR}/../../www/firefox3/patches 27PATCHDIR= ${.CURDIR}/../../www/firefox3/patches
28 28
29.PHONY: copy-pkgconfig 29.PHONY: copy-pkgconfig
30post-extract: copy-pkgconfig 30post-extract: copy-pkgconfig
31copy-pkgconfig: 31copy-pkgconfig:
32 cp ${.CURDIR}/../../www/firefox3/files/*.pc ${WRKSRC:Q}/build/unix 32 cp ${.CURDIR}/../../www/firefox3/files/*.pc ${WRKSRC:Q}/build/unix
33 33
34SUBST_CLASSES+= fix-pc 34SUBST_CLASSES+= fix-pc
cvs diff -r1.10 -r1.10.2.1 pkgsrc/www/firefox3/Attic/PLIST (expand / switch to unified diff)

--- pkgsrc/www/firefox3/Attic/PLIST 2009/06/14 22:00:21 1.10
+++ pkgsrc/www/firefox3/Attic/PLIST 2009/08/05 11:16:33 1.10.2.1
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1@comment $NetBSD: PLIST,v 1.10 2009/06/14 22:00:21 joerg Exp $ 1@comment $NetBSD: PLIST,v 1.10.2.1 2009/08/05 11:16:33 tron Exp $
2bin/${MOZILLA} 2bin/${MOZILLA}
3@comment begin PROGRAMS 3@comment begin PROGRAMS
4lib/${MOZILLA}/${MOZILLA_BIN} 4lib/${MOZILLA}/${MOZILLA_BIN}
5lib/${MOZILLA}/mangle 5lib/${MOZILLA}/mangle
6lib/${MOZILLA}/mozilla-xremote-client 6lib/${MOZILLA}/mozilla-xremote-client
7lib/${MOZILLA}/nsinstall 7lib/${MOZILLA}/nsinstall
8lib/${MOZILLA}/regxpcom 8lib/${MOZILLA}/regxpcom
9lib/${MOZILLA}/shlibsign 9lib/${MOZILLA}/shlibsign
10lib/${MOZILLA}/xpcshell 10lib/${MOZILLA}/xpcshell
11@comment lib/${MOZILLA}/xpicleanup 11@comment lib/${MOZILLA}/xpicleanup
12lib/${MOZILLA}/xpidl 12lib/${MOZILLA}/xpidl
13lib/${MOZILLA}/xpt_dump 13lib/${MOZILLA}/xpt_dump
14lib/${MOZILLA}/xpt_link 14lib/${MOZILLA}/xpt_link
@@ -618,27 +618,26 @@ include/${MOZILLA}/secmod.h @@ -618,27 +618,26 @@ include/${MOZILLA}/secmod.h
618include/${MOZILLA}/secmodt.h 618include/${MOZILLA}/secmodt.h
619include/${MOZILLA}/secoid.h 619include/${MOZILLA}/secoid.h
620include/${MOZILLA}/secoidt.h 620include/${MOZILLA}/secoidt.h
621include/${MOZILLA}/secpkcs5.h 621include/${MOZILLA}/secpkcs5.h
622include/${MOZILLA}/secpkcs7.h 622include/${MOZILLA}/secpkcs7.h
623include/${MOZILLA}/secport.h 623include/${MOZILLA}/secport.h
624include/${MOZILLA}/shsign.h 624include/${MOZILLA}/shsign.h
625include/${MOZILLA}/smime.h 625include/${MOZILLA}/smime.h
626include/${MOZILLA}/ssl.h 626include/${MOZILLA}/ssl.h
627include/${MOZILLA}/sslerr.h 627include/${MOZILLA}/sslerr.h
628include/${MOZILLA}/sslproto.h 628include/${MOZILLA}/sslproto.h
629include/${MOZILLA}/sslt.h 629include/${MOZILLA}/sslt.h
630include/${MOZILLA}/utilrename.h 630include/${MOZILLA}/utilrename.h
631include/${MOZILLA}/watcomfx.h 
632include/${MOZILLA}/xpcom-config.h 631include/${MOZILLA}/xpcom-config.h
633@comment end INCLUDE-SDK 632@comment end INCLUDE-SDK
634@comment begin INCLUDE 633@comment begin INCLUDE
635include/${MOZILLA}/mozilla-config.h 634include/${MOZILLA}/mozilla-config.h
636include/${MOZILLA}/nsStaticComponents.h 635include/${MOZILLA}/nsStaticComponents.h
637include/${MOZILLA}/nspr/private/pprio.h 636include/${MOZILLA}/nspr/private/pprio.h
638include/${MOZILLA}/nspr/private/pprthred.h 637include/${MOZILLA}/nspr/private/pprthred.h
639include/${MOZILLA}/nspr/private/prpriv.h 638include/${MOZILLA}/nspr/private/prpriv.h
640include/${MOZILLA}/nspr/prcpucfg.h 639include/${MOZILLA}/nspr/prcpucfg.h
641include/${MOZILLA}/nspr/obsolete/pralarm.h 640include/${MOZILLA}/nspr/obsolete/pralarm.h
642include/${MOZILLA}/nspr/obsolete/probslet.h 641include/${MOZILLA}/nspr/obsolete/probslet.h
643include/${MOZILLA}/nspr/obsolete/protypes.h 642include/${MOZILLA}/nspr/obsolete/protypes.h
644include/${MOZILLA}/nspr/obsolete/prsem.h 643include/${MOZILLA}/nspr/obsolete/prsem.h
@@ -2540,27 +2539,26 @@ include/${MOZILLA}/nss/secasn1.h @@ -2540,27 +2539,26 @@ include/${MOZILLA}/nss/secasn1.h
2540include/${MOZILLA}/nss/secasn1t.h 2539include/${MOZILLA}/nss/secasn1t.h
2541include/${MOZILLA}/nss/seccomon.h 2540include/${MOZILLA}/nss/seccomon.h
2542include/${MOZILLA}/nss/secder.h 2541include/${MOZILLA}/nss/secder.h
2543include/${MOZILLA}/nss/secdert.h 2542include/${MOZILLA}/nss/secdert.h
2544include/${MOZILLA}/nss/secdig.h 2543include/${MOZILLA}/nss/secdig.h
2545include/${MOZILLA}/nss/secdigt.h 2544include/${MOZILLA}/nss/secdigt.h
2546include/${MOZILLA}/nss/secitem.h 2545include/${MOZILLA}/nss/secitem.h
2547include/${MOZILLA}/nss/secoid.h 2546include/${MOZILLA}/nss/secoid.h
2548include/${MOZILLA}/nss/secoidt.h 2547include/${MOZILLA}/nss/secoidt.h
2549include/${MOZILLA}/nss/secport.h 2548include/${MOZILLA}/nss/secport.h
2550include/${MOZILLA}/nss/secerr.h 2549include/${MOZILLA}/nss/secerr.h
2551include/${MOZILLA}/nss/cryptohi.h 2550include/${MOZILLA}/nss/cryptohi.h
2552include/${MOZILLA}/nss/utilrename.h 2551include/${MOZILLA}/nss/utilrename.h
2553include/${MOZILLA}/nss/watcomfx.h 
2554include/${MOZILLA}/nss/blapit.h 2552include/${MOZILLA}/nss/blapit.h
2555include/${MOZILLA}/nss/shsign.h 2553include/${MOZILLA}/nss/shsign.h
2556include/${MOZILLA}/nss/ecl-exp.h 2554include/${MOZILLA}/nss/ecl-exp.h
2557include/${MOZILLA}/nss/pkcs11.h 2555include/${MOZILLA}/nss/pkcs11.h
2558include/${MOZILLA}/nss/pkcs11f.h 2556include/${MOZILLA}/nss/pkcs11f.h
2559include/${MOZILLA}/nss/pkcs11p.h 2557include/${MOZILLA}/nss/pkcs11p.h
2560include/${MOZILLA}/nss/pkcs11t.h 2558include/${MOZILLA}/nss/pkcs11t.h
2561include/${MOZILLA}/nss/pkcs11n.h 2559include/${MOZILLA}/nss/pkcs11n.h
2562include/${MOZILLA}/nss/pkcs11u.h 2560include/${MOZILLA}/nss/pkcs11u.h
2563include/${MOZILLA}/nss/nssbaset.h 2561include/${MOZILLA}/nss/nssbaset.h
2564include/${MOZILLA}/nss/nssbase.h 2562include/${MOZILLA}/nss/nssbase.h
2565include/${MOZILLA}/nss/cert.h 2563include/${MOZILLA}/nss/cert.h
2566include/${MOZILLA}/nss/certt.h 2564include/${MOZILLA}/nss/certt.h
cvs diff -r1.25.2.1 -r1.25.2.2 pkgsrc/www/firefox3/Attic/distinfo (expand / switch to unified diff)

--- pkgsrc/www/firefox3/Attic/distinfo 2009/07/28 19:23:00 1.25.2.1
+++ pkgsrc/www/firefox3/Attic/distinfo 2009/08/05 11:16:33 1.25.2.2
@@ -1,43 +1,43 @@ @@ -1,43 +1,43 @@
1$NetBSD: distinfo,v 1.25.2.1 2009/07/28 19:23:00 tron Exp $ 1$NetBSD: distinfo,v 1.25.2.2 2009/08/05 11:16:33 tron Exp $
2 2
3SHA1 (firefox-3.0.12-source.tar.bz2) = 0feeebe3ce71dccbf9973509cdb51dd08124f14c 3SHA1 (firefox-3.0.13-source.tar.bz2) = 28adda0a6f31442ccf6a9faae73ad7286f330148
4RMD160 (firefox-3.0.12-source.tar.bz2) = 06ec980e680359067fcedbab363b96d087606d88 4RMD160 (firefox-3.0.13-source.tar.bz2) = 5f750249c5ab81c09d1a75fa92657e77388b4e09
5Size (firefox-3.0.12-source.tar.bz2) = 37238703 bytes 5Size (firefox-3.0.13-source.tar.bz2) = 37318606 bytes
6SHA1 (patch-aa) = f995b5e53fa11ecb659ab2dd10551db1c71cc5f3 6SHA1 (patch-aa) = f995b5e53fa11ecb659ab2dd10551db1c71cc5f3
7SHA1 (patch-ab) = 4a1704e96b74c76adca615fdf2c9069ca17e9d70 7SHA1 (patch-ab) = 4a1704e96b74c76adca615fdf2c9069ca17e9d70
8SHA1 (patch-ac) = af80f061bdd918a61197c9c499e7d1f5b7d10ebd 8SHA1 (patch-ac) = af80f061bdd918a61197c9c499e7d1f5b7d10ebd
9SHA1 (patch-ad) = 20f2184a7e5e98b065e884c67e4c17fc52019a79 9SHA1 (patch-ad) = 20f2184a7e5e98b065e884c67e4c17fc52019a79
10SHA1 (patch-ae) = fea251aabc772c3d4ad3044c8295af45cc9cab2d 10SHA1 (patch-ae) = fea251aabc772c3d4ad3044c8295af45cc9cab2d
11SHA1 (patch-ap) = 552694ac2d6ca713aec98ec394f1215c048c2392 11SHA1 (patch-ap) = 552694ac2d6ca713aec98ec394f1215c048c2392
12SHA1 (patch-ax) = cbfe7a6392d5d2fefff123679ba1c056b1cc0aa9 12SHA1 (patch-ax) = cbfe7a6392d5d2fefff123679ba1c056b1cc0aa9
13SHA1 (patch-ba) = ea087c405bb8cda70f3320e9b3948528f7a82b0c 13SHA1 (patch-ba) = ea087c405bb8cda70f3320e9b3948528f7a82b0c
14SHA1 (patch-bb) = c0e244974f79179520ad2a9ad85f6b08be0c45e9 14SHA1 (patch-bb) = c0e244974f79179520ad2a9ad85f6b08be0c45e9
15SHA1 (patch-bm) = a0a69ca516e8a569d5e61293d5610b236192bf85 15SHA1 (patch-bm) = a0a69ca516e8a569d5e61293d5610b236192bf85
16SHA1 (patch-bo) = 546149e3d80a9e2b0d1bddf32e7ea12fb76d613f 16SHA1 (patch-bo) = 546149e3d80a9e2b0d1bddf32e7ea12fb76d613f
17SHA1 (patch-bq) = 2b29436d138fea4e1941d537be1a636969db9a77 17SHA1 (patch-bq) = 2b29436d138fea4e1941d537be1a636969db9a77
18SHA1 (patch-br) = 66940666497e82bfb39dcc9381ecd85942ab222c 18SHA1 (patch-br) = 66940666497e82bfb39dcc9381ecd85942ab222c
19SHA1 (patch-bs) = 79cb84a5ed67780e124e7c595ee4ae6ffc7617a6 19SHA1 (patch-bs) = 79cb84a5ed67780e124e7c595ee4ae6ffc7617a6
20SHA1 (patch-bu) = 0714f658001c363f4abbfb248ac77c4862e3ccf9 20SHA1 (patch-bu) = 0714f658001c363f4abbfb248ac77c4862e3ccf9
21SHA1 (patch-bv) = ef06a6a774c9d4da7b3fbf6f4e274ab042926e49 21SHA1 (patch-bv) = ef06a6a774c9d4da7b3fbf6f4e274ab042926e49
22SHA1 (patch-bx) = 498f1c06acc670ba6dc9095ba2ce0d14ccad600c 22SHA1 (patch-bx) = 498f1c06acc670ba6dc9095ba2ce0d14ccad600c
23SHA1 (patch-bz) = f2f6cf120133b23d1d3f182bce90b1b2fbf81142 23SHA1 (patch-bz) = f2f6cf120133b23d1d3f182bce90b1b2fbf81142
24SHA1 (patch-ca) = 7ff10fca5e11433b3016612417c6852db8607eb1 24SHA1 (patch-ca) = 7ff10fca5e11433b3016612417c6852db8607eb1
25SHA1 (patch-cb) = d046b6eb23a96f75d339e7b7afbf0316f121d4d5 25SHA1 (patch-cb) = d046b6eb23a96f75d339e7b7afbf0316f121d4d5
26SHA1 (patch-de) = 18e481c3e69fe95b1af87bc800d93f47388fb60a 26SHA1 (patch-de) = 18e481c3e69fe95b1af87bc800d93f47388fb60a
27SHA1 (patch-df) = 17912d183f754ab6661d2be8092e6a07d142632b 27SHA1 (patch-df) = 17912d183f754ab6661d2be8092e6a07d142632b
28SHA1 (patch-dh) = 7592a6238acd5ef6e802d32103c897acb576825a 28SHA1 (patch-dh) = 7592a6238acd5ef6e802d32103c897acb576825a
29SHA1 (patch-dj) = 70360dffb20dd1029866d2e81899d003c9e17473 29SHA1 (patch-dj) = 70360dffb20dd1029866d2e81899d003c9e17473
30SHA1 (patch-dk) = 0d676fbaf581fe3f513481010745278df6bf77ae 30SHA1 (patch-dk) = 1a8f3a9330397c183766cc71a4c0b4fb6c295460
31SHA1 (patch-dl) = cba07cba5717a75c89f007aba36295dccc1c25ab 31SHA1 (patch-dl) = cba07cba5717a75c89f007aba36295dccc1c25ab
32SHA1 (patch-do) = bdb018e157dcb5ef706b69184d8b739cfd32d8c3 32SHA1 (patch-do) = bdb018e157dcb5ef706b69184d8b739cfd32d8c3
33SHA1 (patch-dr) = 377b1d83079ada4d819b6702c1010cdd900575fc 33SHA1 (patch-dr) = 377b1d83079ada4d819b6702c1010cdd900575fc
34SHA1 (patch-ds) = 1e2e371b9ff7ab9049a947d8e0a63483a1fd244e 34SHA1 (patch-ds) = 1e2e371b9ff7ab9049a947d8e0a63483a1fd244e
35SHA1 (patch-du) = c6e66bb420ce9ea988f89b57d1c20a247704cfcf 35SHA1 (patch-du) = c6e66bb420ce9ea988f89b57d1c20a247704cfcf
36SHA1 (patch-dv) = a380d261d4c2771a672d2b0f4f1f23821e3e5266 36SHA1 (patch-dv) = a380d261d4c2771a672d2b0f4f1f23821e3e5266
37SHA1 (patch-ea) = 30fee4794317da23a358f183718dae75501f5121 37SHA1 (patch-ea) = 30fee4794317da23a358f183718dae75501f5121
38SHA1 (patch-eb) = 176f71af302b1067c301e9cffa2d13a5837e45fe 38SHA1 (patch-eb) = 176f71af302b1067c301e9cffa2d13a5837e45fe
39SHA1 (patch-ed) = 3c6281a75373843c5767fc1213d8cc67dc549e03 39SHA1 (patch-ed) = 3c6281a75373843c5767fc1213d8cc67dc549e03
40SHA1 (patch-ee) = d5aeca91305ed2e1f522b2c0ed4bb17f7f8b881b 40SHA1 (patch-ee) = d5aeca91305ed2e1f522b2c0ed4bb17f7f8b881b
41SHA1 (patch-eh) = 60aca7f94ee04c957386014f7d4df9e3c8ac8ff1 41SHA1 (patch-eh) = 60aca7f94ee04c957386014f7d4df9e3c8ac8ff1
42SHA1 (patch-ei) = 4484d57e19e39ef86760716d5886ebf2a3e69f63 42SHA1 (patch-ei) = 4484d57e19e39ef86760716d5886ebf2a3e69f63
43SHA1 (patch-ej) = 9b9c708483399fa89c6bf5bdc15e79b31793c89d 43SHA1 (patch-ej) = 9b9c708483399fa89c6bf5bdc15e79b31793c89d
cvs diff -r1.2 -r1.2.8.1 pkgsrc/www/firefox3/patches/Attic/patch-dk (expand / switch to unified diff)

--- pkgsrc/www/firefox3/patches/Attic/patch-dk 2008/09/24 11:40:24 1.2
+++ pkgsrc/www/firefox3/patches/Attic/patch-dk 2009/08/05 11:16:33 1.2.8.1
@@ -1,13 +1,13 @@ @@ -1,13 +1,13 @@
1$NetBSD: patch-dk,v 1.2 2008/09/24 11:40:24 tnn Exp $ 1$NetBSD: patch-dk,v 1.2.8.1 2009/08/05 11:16:33 tron Exp $
2 2
3--- security/coreconf/config.mk.orig 2008-05-10 01:55:54.000000000 +0200 3--- security/coreconf/config.mk.orig 2009-07-31 04:17:31.000000000 +0200
4+++ security/coreconf/config.mk 4+++ security/coreconf/config.mk
5@@ -63,7 +63,7 @@ endif 5@@ -63,7 +63,7 @@ endif
6 ####################################################################### 6 #######################################################################
7  7
8 TARGET_OSES = FreeBSD BSD_OS NetBSD OpenUNIX OS2 QNX Darwin BeOS OpenBSD \ 8 TARGET_OSES = FreeBSD BSD_OS NetBSD OpenUNIX OS2 QNX Darwin BeOS OpenBSD \
9- OpenVMS AIX RISCOS 9- OpenVMS AIX RISCOS WINNT WIN95 WINCE
10+ OpenVMS AIX RISCOS DragonFly 10+ OpenVMS AIX RISCOS WINNT WIN95 WINCE DragonFly
11  11
12 ifeq (,$(filter-out $(TARGET_OSES),$(OS_TARGET))) 12 ifeq (,$(filter-out $(TARGET_OSES),$(OS_TARGET)))
13 include $(CORE_DEPTH)/coreconf/$(OS_TARGET).mk 13 include $(CORE_DEPTH)/coreconf/$(OS_TARGET).mk