Sat Sep 11 16:10:03 2010 UTC ()
Pullup ticket 3218 - requested by tnn
security update

Revisions pulled up:
- pkgsrc/www/seamonkey/Makefile			1.39
- pkgsrc/www/seamonkey/distinfo			1.55
- pkgsrc/www/seamonkey/patches/patch-ap		1.8
- pkgsrc/www/seamonkey/patches/patch-mm		1.2

-------------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   tnn
   Date:           Thu Sep  9 11:12:27 UTC 2010

   Modified Files:
           pkgsrc/www/seamonkey: Makefile distinfo
           pkgsrc/www/seamonkey/patches: patch-ap patch-mm

   Log Message:
   Update to seamonkey-2.0.7.

   * Message-ID searches on Google Groups work again
   * Add-ons preferences button for Lightning should work now
   * Security fixes:
   MFSA 2010-63 Information leak via XMLHttpRequest statusText
   MFSA 2010-62 Copy-and-paste or drag-and-drop into designMode document allows XSS
   MFSA 2010-61 UTF-7 XSS by overriding document charset using <object> type
                attribute
   MFSA 2010-60 XSS using SJOW scripted function
   MFSA 2010-58 Crash on Mac using fuzzed font in data: URL
   MFSA 2010-57 Crash and remote code execution in normalizeDocument
   MFSA 2010-56 Dangling pointer vulnerability in nsTreeContentView
   MFSA 2010-55 XUL tree removal crash and remote code execution
   MFSA 2010-54 Dangling pointer vulnerability in nsTreeSelection
   MFSA 2010-53 Heap buffer overflow in nsTextFrameUtils::TransformText
   MFSA 2010-52 Windows XP DLL loading vulnerability
   MFSA 2010-51 Dangling pointer vulnerability using DOM plugin array
   MFSA 2010-50 Frameset integer overflow vulnerability
   MFSA 2010-49 Miscellaneous memory safety hazards (rv:1.9.2.9/ 1.9.1.12)

   To generate a diff of this commit:
   cvs rdiff -u -r1.38 -r1.39 pkgsrc/www/seamonkey/Makefile
   cvs rdiff -u -r1.54 -r1.55 pkgsrc/www/seamonkey/distinfo
   cvs rdiff -u -r1.7 -r1.8 pkgsrc/www/seamonkey/patches/patch-ap
   cvs rdiff -u -r1.1 -r1.2 pkgsrc/www/seamonkey/patches/patch-mm


(spz)
diff -r1.37.2.1 -r1.37.2.2 pkgsrc/www/seamonkey/Makefile
diff -r1.50.2.1 -r1.50.2.2 pkgsrc/www/seamonkey/distinfo
diff -r1.7 -r1.7.4.1 pkgsrc/www/seamonkey/patches/patch-ap
diff -r1.1 -r1.1.4.1 pkgsrc/www/seamonkey/patches/patch-mm
cvs diff -r1.37.2.1 -r1.37.2.2 pkgsrc/www/seamonkey/Makefile (expand / switch to unified diff)

--- pkgsrc/www/seamonkey/Makefile 2010/07/22 14:31:30 1.37.2.1
+++ pkgsrc/www/seamonkey/Makefile 2010/09/11 16:10:03 1.37.2.2
@@ -1,19 +1,19 @@ @@ -1,19 +1,19 @@
1# $NetBSD: Makefile,v 1.37.2.1 2010/07/22 14:31:30 tron Exp $ 1# $NetBSD: Makefile,v 1.37.2.2 2010/09/11 16:10:03 spz Exp $
2# 2#
3 3
4DISTNAME= seamonkey-${SM_VER}.source 4DISTNAME= seamonkey-${SM_VER}.source
5PKGNAME= seamonkey-${SM_VER} 5PKGNAME= seamonkey-${SM_VER}
6SM_VER= 2.0.6 6SM_VER= 2.0.7
7CATEGORIES= www 7CATEGORIES= www
8MASTER_SITES= ${MASTER_SITE_MOZILLA:=seamonkey/releases/${SM_VER}/source/} 8MASTER_SITES= ${MASTER_SITE_MOZILLA:=seamonkey/releases/${SM_VER}/source/}
9EXTRACT_SUFX= .tar.bz2 9EXTRACT_SUFX= .tar.bz2
10 10
11MAINTAINER= tnn@NetBSD.org 11MAINTAINER= tnn@NetBSD.org
12HOMEPAGE= http://www.mozilla.org/projects/seamonkey/ 12HOMEPAGE= http://www.mozilla.org/projects/seamonkey/
13COMMENT= Full featured gecko-based browser 13COMMENT= Full featured gecko-based browser
14 14
15WRKSRC= ${WRKDIR}/comm-1.9.1 15WRKSRC= ${WRKDIR}/comm-1.9.1
16MOZILLA_DIR= mozilla/ 16MOZILLA_DIR= mozilla/
17 17
18CONFIG_GUESS_OVERRIDE+= directory/c-sdk/config/autoconf/config.guess 18CONFIG_GUESS_OVERRIDE+= directory/c-sdk/config/autoconf/config.guess
19CONFIG_SUB_OVERRIDE+= directory/c-sdk/config/autoconf/config.sub 19CONFIG_SUB_OVERRIDE+= directory/c-sdk/config/autoconf/config.sub
cvs diff -r1.50.2.1 -r1.50.2.2 pkgsrc/www/seamonkey/distinfo (expand / switch to unified diff)

--- pkgsrc/www/seamonkey/distinfo 2010/07/22 14:31:30 1.50.2.1
+++ pkgsrc/www/seamonkey/distinfo 2010/09/11 16:10:03 1.50.2.2
@@ -1,62 +1,62 @@ @@ -1,62 +1,62 @@
1$NetBSD: distinfo,v 1.50.2.1 2010/07/22 14:31:30 tron Exp $ 1$NetBSD: distinfo,v 1.50.2.2 2010/09/11 16:10:03 spz Exp $
2 2
3SHA1 (seamonkey-2.0.6.source.tar.bz2) = 96e8ef2cc737458b55290c13f5bf1a8d3684fb30 3SHA1 (seamonkey-2.0.7.source.tar.bz2) = ec03e359accdd40d0183ee1bef623aeaf7d04b81
4RMD160 (seamonkey-2.0.6.source.tar.bz2) = 70c64fec2d67c432b14083fe19ed3340b9ddf000 4RMD160 (seamonkey-2.0.7.source.tar.bz2) = 6f3fd9ea0352718631fd11c568f869f626782e56
5Size (seamonkey-2.0.6.source.tar.bz2) = 61478578 bytes 5Size (seamonkey-2.0.7.source.tar.bz2) = 61496455 bytes
6SHA1 (patch-aa) = 0d46562e73fce3fc1bf590ac93a28b2202a8e214 6SHA1 (patch-aa) = 0d46562e73fce3fc1bf590ac93a28b2202a8e214
7SHA1 (patch-aa-toplevel) = 458051a1b3318b49124192c6e97cb9ed0d92dead 7SHA1 (patch-aa-toplevel) = 458051a1b3318b49124192c6e97cb9ed0d92dead
8SHA1 (patch-ab) = c7a6961362b131f0a39f65355562b115fae3be85 8SHA1 (patch-ab) = c7a6961362b131f0a39f65355562b115fae3be85
9SHA1 (patch-ac) = e181323e153ee061b7f3644b599294a4c4a3e3e8 9SHA1 (patch-ac) = e181323e153ee061b7f3644b599294a4c4a3e3e8
10SHA1 (patch-ad) = f49147e2fa28400986b659ec50918e3835db0105 10SHA1 (patch-ad) = f49147e2fa28400986b659ec50918e3835db0105
11SHA1 (patch-ae) = cf4cb737fc29ef7ac6ffe1b3bc504743441e4828 11SHA1 (patch-ae) = cf4cb737fc29ef7ac6ffe1b3bc504743441e4828
12SHA1 (patch-af) = 16cae98e043dedeb6331212fd15ce914196fe8c7 12SHA1 (patch-af) = 16cae98e043dedeb6331212fd15ce914196fe8c7
13SHA1 (patch-ag) = 7f8c3ac1bec475dd2b6fd6e10e5304ab9c112a67 13SHA1 (patch-ag) = 7f8c3ac1bec475dd2b6fd6e10e5304ab9c112a67
14SHA1 (patch-ah) = 10c80ec60801295b037b4a45fbad8937922da235 14SHA1 (patch-ah) = 10c80ec60801295b037b4a45fbad8937922da235
15SHA1 (patch-ai) = 4d701ece9a2aaa0b640c189745fa7e731617fb7c 15SHA1 (patch-ai) = 4d701ece9a2aaa0b640c189745fa7e731617fb7c
16SHA1 (patch-aj) = 89d390f7eeeb52256265955610b3cad4b62c5aa7 16SHA1 (patch-aj) = 89d390f7eeeb52256265955610b3cad4b62c5aa7
17SHA1 (patch-ak) = dca377e3cb733a48c3aa071a74bba8d2535ee161 17SHA1 (patch-ak) = dca377e3cb733a48c3aa071a74bba8d2535ee161
18SHA1 (patch-al) = 893eb0c096f61b52a6299eff1e5ab520014fbda4 18SHA1 (patch-al) = 893eb0c096f61b52a6299eff1e5ab520014fbda4
19SHA1 (patch-am) = 81bcda476a7b54050ed1ae87bd47cf9de8f19919 19SHA1 (patch-am) = 81bcda476a7b54050ed1ae87bd47cf9de8f19919
20SHA1 (patch-an) = e30362e1a07c6c8e96dc81d134517685c3f19ca9 20SHA1 (patch-an) = e30362e1a07c6c8e96dc81d134517685c3f19ca9
21SHA1 (patch-ao) = 6307d82a2eb65131908b0d4d05da7433b6cf38d1 21SHA1 (patch-ao) = 6307d82a2eb65131908b0d4d05da7433b6cf38d1
22SHA1 (patch-ap) = 78d9944ba37b3d90d0ab9e91fc831949e54ef2ad 22SHA1 (patch-ap) = 3397db3184919afa73767c8c68c6c75c4a0ba33a
23SHA1 (patch-aq) = ac5cd0e83f0c166fae6b033ad960d7820bb7add6 23SHA1 (patch-aq) = ac5cd0e83f0c166fae6b033ad960d7820bb7add6
24SHA1 (patch-ar) = dab688f86340bccb80db5531f4e36cb8f50254e4 24SHA1 (patch-ar) = dab688f86340bccb80db5531f4e36cb8f50254e4
25SHA1 (patch-as) = 7e283a79231909ab5fb60740b5e36c8c0744e025 25SHA1 (patch-as) = 7e283a79231909ab5fb60740b5e36c8c0744e025
26SHA1 (patch-at) = 569a874251a1920fa916d448c108910348cd75dc 26SHA1 (patch-at) = 569a874251a1920fa916d448c108910348cd75dc
27SHA1 (patch-au) = d381e6c0d6a791c2d72754f847df0e2210265fd8 27SHA1 (patch-au) = d381e6c0d6a791c2d72754f847df0e2210265fd8
28SHA1 (patch-av) = 2cb2e3d5b94f7b83117eb752d4410638daa6ae73 28SHA1 (patch-av) = 2cb2e3d5b94f7b83117eb752d4410638daa6ae73
29SHA1 (patch-aw) = 55d2769dfb6d0c65bd2072c1a7c82cfef0fd5404 29SHA1 (patch-aw) = 55d2769dfb6d0c65bd2072c1a7c82cfef0fd5404
30SHA1 (patch-ax) = 1dbdcd2e9a791a686fd42452ccf486d14cdf2a57 30SHA1 (patch-ax) = 1dbdcd2e9a791a686fd42452ccf486d14cdf2a57
31SHA1 (patch-ay) = 5aaeb992cab024fb2b6035ddee239a8534b23aee 31SHA1 (patch-ay) = 5aaeb992cab024fb2b6035ddee239a8534b23aee
32SHA1 (patch-az) = 0e04c1c740ad3f1462a6cda4a3832378acefb600 32SHA1 (patch-az) = 0e04c1c740ad3f1462a6cda4a3832378acefb600
33SHA1 (patch-ba) = fd28f3b24848e7221078ef692eef7ccae8625987 33SHA1 (patch-ba) = fd28f3b24848e7221078ef692eef7ccae8625987
34SHA1 (patch-bb) = 70d1d1fed2f611fa0185ca5736dae26c8cbc2f12 34SHA1 (patch-bb) = 70d1d1fed2f611fa0185ca5736dae26c8cbc2f12
35SHA1 (patch-directory_c-sdk_configure.in) = 4d8d8c1425ca26036d8f5179f954dbea2203de36 35SHA1 (patch-directory_c-sdk_configure.in) = 4d8d8c1425ca26036d8f5179f954dbea2203de36
36SHA1 (patch-directory_c-sdk_ldap_include_portable.h) = 0e1c188af241289ce0a9fc252a063a69f3d504a4 36SHA1 (patch-directory_c-sdk_ldap_include_portable.h) = 0e1c188af241289ce0a9fc252a063a69f3d504a4
37SHA1 (patch-directory_c-sdk_ldap_libraries_libldap_Makefile.in) = 6e9788e5e9575fc0813f5f0e178cc2f5659ea781 37SHA1 (patch-directory_c-sdk_ldap_libraries_libldap_Makefile.in) = 6e9788e5e9575fc0813f5f0e178cc2f5659ea781
38SHA1 (patch-ma) = 9b9bc5e5ced5831aa14e1549ed2ddf0b9c2ce986 38SHA1 (patch-ma) = 9b9bc5e5ced5831aa14e1549ed2ddf0b9c2ce986
39SHA1 (patch-ma-toplevel) = 460326a0551fecd13ca188cff907c89cce359c31 39SHA1 (patch-ma-toplevel) = 460326a0551fecd13ca188cff907c89cce359c31
40SHA1 (patch-mb) = 8bdd47c4e57ae63c971766286ce8626d3341c92e 40SHA1 (patch-mb) = 8bdd47c4e57ae63c971766286ce8626d3341c92e
41SHA1 (patch-md) = 932c2b0237c9690da06533f0abfeabddf32d8f3e 41SHA1 (patch-md) = 932c2b0237c9690da06533f0abfeabddf32d8f3e
42SHA1 (patch-me) = b7b853887b08fc55b45dbd19cd5a4a24f6c5224d 42SHA1 (patch-me) = b7b853887b08fc55b45dbd19cd5a4a24f6c5224d
43SHA1 (patch-mf) = bc693a247f306f414f54bf515eeb8f36841a46b8 43SHA1 (patch-mf) = bc693a247f306f414f54bf515eeb8f36841a46b8
44SHA1 (patch-mg) = f33a92539ebe171b7bbbd83a54ad9ac2fdca249a 44SHA1 (patch-mg) = f33a92539ebe171b7bbbd83a54ad9ac2fdca249a
45SHA1 (patch-mi) = c49e917409c0542e69f57fe5571a16b6c2e4aa9a 45SHA1 (patch-mi) = c49e917409c0542e69f57fe5571a16b6c2e4aa9a
46SHA1 (patch-mj) = 9b28802eb665a7a77e879ec44e9da52e2e79ec8b 46SHA1 (patch-mj) = 9b28802eb665a7a77e879ec44e9da52e2e79ec8b
47SHA1 (patch-mk) = 3c25934e0c7b9277d96a5635b961e1fb6682ab7b 47SHA1 (patch-mk) = 3c25934e0c7b9277d96a5635b961e1fb6682ab7b
48SHA1 (patch-ml) = ef7d87fff48f298f4c1ed037439eaf8c7c574f68 48SHA1 (patch-ml) = ef7d87fff48f298f4c1ed037439eaf8c7c574f68
49SHA1 (patch-mm) = 04d9105ab0fb520690b58230e90bf6217b439df7 49SHA1 (patch-mm) = 1ef13fbf0872484778cb8edfff769214ea9a39a4
50SHA1 (patch-mn) = beb92ccc59f909f0d4f5f5bb62ad834b55fc94ce 50SHA1 (patch-mn) = beb92ccc59f909f0d4f5f5bb62ad834b55fc94ce
51SHA1 (patch-mp) = 24bac4975548f0a058c2770865706fedb27aa0e6 51SHA1 (patch-mp) = 24bac4975548f0a058c2770865706fedb27aa0e6
52SHA1 (patch-na) = b7c0feed9546ca1168c696bf7ea6bbc8ea4564c4 52SHA1 (patch-na) = b7c0feed9546ca1168c696bf7ea6bbc8ea4564c4
53SHA1 (patch-nd) = 007b8d1310990253e86dab579397b02ced42cb71 53SHA1 (patch-nd) = 007b8d1310990253e86dab579397b02ced42cb71
54SHA1 (patch-pa) = ee713ec24b453aaf3f1964e8100b26ecae3bf6a4 54SHA1 (patch-pa) = ee713ec24b453aaf3f1964e8100b26ecae3bf6a4
55SHA1 (patch-pb) = fede79d8fec147b4f79edbdf571474365a6dba25 55SHA1 (patch-pb) = fede79d8fec147b4f79edbdf571474365a6dba25
56SHA1 (patch-pc) = 5a74b0476c0be0bf4e0c22fbe78b6dbe63beae08 56SHA1 (patch-pc) = 5a74b0476c0be0bf4e0c22fbe78b6dbe63beae08
57SHA1 (patch-pd) = b2e18e7b09123576d07ae052b2f2599217d6f3ce 57SHA1 (patch-pd) = b2e18e7b09123576d07ae052b2f2599217d6f3ce
58SHA1 (patch-pe) = 218275a25df933ed548395f4338a5cb2f045d4a6 58SHA1 (patch-pe) = 218275a25df933ed548395f4338a5cb2f045d4a6
59SHA1 (patch-pf) = 88c39f735087fa285f3f75bfdaa6dc571da67eb9 59SHA1 (patch-pf) = 88c39f735087fa285f3f75bfdaa6dc571da67eb9
60SHA1 (patch-pg) = 5268f7e7b22f89f55db44537c32bf5ac73630168 60SHA1 (patch-pg) = 5268f7e7b22f89f55db44537c32bf5ac73630168
61SHA1 (patch-ra) = 70d5130250a4ac6825112e64006b233f4b802e9c 61SHA1 (patch-ra) = 70d5130250a4ac6825112e64006b233f4b802e9c
62SHA1 (patch-rc) = 7e6a38bd3eabe500bcf3c47be7f4bd5768f24c39 62SHA1 (patch-rc) = 7e6a38bd3eabe500bcf3c47be7f4bd5768f24c39
cvs diff -r1.7 -r1.7.4.1 pkgsrc/www/seamonkey/patches/Attic/patch-ap (expand / switch to unified diff)

--- pkgsrc/www/seamonkey/patches/Attic/patch-ap 2010/03/16 10:59:10 1.7
+++ pkgsrc/www/seamonkey/patches/Attic/patch-ap 2010/09/11 16:10:03 1.7.4.1
@@ -1,13 +1,13 @@ @@ -1,13 +1,13 @@
1$NetBSD: patch-ap,v 1.7 2010/03/16 10:59:10 tnn Exp $ 1$NetBSD: patch-ap,v 1.7.4.1 2010/09/11 16:10:03 spz Exp $
2 2
3--- mozilla/media/liboggz/include/oggz/oggz_off_t_generated.h.orig 2009-08-24 17:52:50.000000000 +0200 3--- mozilla/media/liboggz/include/oggz/oggz_off_t_generated.h.orig 2010-08-24 21:32:05.000000000 +0000
4+++ mozilla/media/liboggz/include/oggz/oggz_off_t_generated.h 4+++ mozilla/media/liboggz/include/oggz/oggz_off_t_generated.h
5@@ -59,7 +59,7 @@ 5@@ -59,7 +59,7 @@
6  6
7 #include <sys/types.h> 7 #include <sys/types.h>
8  8
9-#if defined(__APPLE__) || defined(SOLARIS) || defined(OS2) 9-#if defined(__APPLE__) || defined(SOLARIS) || defined(OS2) || defined (_AIX)
10+#if defined(__APPLE__) || defined(SOLARIS) || defined(OS2) || defined(__NetBSD__) || defined(__DragonFly__) || defined(__FreeBSD__) 10+#if defined(__APPLE__) || defined(SOLARIS) || defined(OS2) || defined (_AIX) || defined(__NetBSD__) || defined(__DragonFly__) || defined(__FreeBSD__)
11 typedef off_t oggz_off_t; 11 typedef off_t oggz_off_t;
12 #else 12 #else
13 typedef loff_t oggz_off_t; 13 typedef loff_t oggz_off_t;
cvs diff -r1.1 -r1.1.4.1 pkgsrc/www/seamonkey/patches/Attic/patch-mm (expand / switch to unified diff)

--- pkgsrc/www/seamonkey/patches/Attic/patch-mm 2010/03/16 10:59:10 1.1
+++ pkgsrc/www/seamonkey/patches/Attic/patch-mm 2010/09/11 16:10:03 1.1.4.1
@@ -1,23 +1,30 @@ @@ -1,23 +1,30 @@
1$NetBSD: patch-mm,v 1.1 2010/03/16 10:59:10 tnn Exp $ 1$NetBSD: patch-mm,v 1.1.4.1 2010/09/11 16:10:03 spz Exp $
2 2
3Don't link with -lCstd on Solaris when using GCC. From Tim Zingelman. 3Don't link with -lCstd on Solaris when using GCC. From Tim Zingelman.
4part of PR pkg/39085 4part of PR pkg/39085
5 5
6--- mozilla/toolkit/library/Makefile.in.orig 2009-12-02 05:28:58.000000000 +0100 6--- mozilla/toolkit/library/Makefile.in.orig 2010-08-24 21:32:11.000000000 +0000
7+++ mozilla/toolkit/library/Makefile.in 7+++ mozilla/toolkit/library/Makefile.in
8@@ -252,7 +252,14 @@ EXTRA_DSO_LDOPTS += -lbe -ltracker 8@@ -253,7 +253,10 @@ EXTRA_DSO_LDOPTS += -lbe -ltracker
9 endif 9 endif
10  10
11 ifeq ($(OS_ARCH),SunOS) 11 ifeq ($(OS_ARCH),SunOS)
12-EXTRA_DSO_LDOPTS += -lelf -ldemangle -lCstd 12-EXTRA_DSO_LDOPTS += -lelf -ldemangle -lCstd
13+EXTRA_DSO_LDOPTS += -lelf -ldemangle 13+EXTRA_DSO_LDOPTS += -lelf -ldemangle
14+ifndef GNU_CC 14+ifndef GNU_CC
15+EXTRA_DSO_LDOPTS += -lCstd 15+EXTRA_DSO_LDOPTS += -lCstd
16+endif 16+endif
17+endif 
18+ 
19+ifeq ($(OS_ARCH),NetBSD) 
20+EXTRA_DSO_LDOPTS += -lossaudio 
21 endif 17 endif
22  18
 19 ifeq ($(OS_ARCH),AIX)
 20@@ -262,6 +265,10 @@ EXTRA_DSO_LDOPTS += -bbigtoc
 21 endif
 22 endif
 23
 24+ifeq ($(OS_ARCH),NetBSD)
 25+EXTRA_DSO_LDOPTS += -lossaudio
 26+endif
 27+
23 ifeq ($(OS_ARCH),WINNT) 28 ifeq ($(OS_ARCH),WINNT)
 29 EXTRA_DSO_LDOPTS += $(call EXPAND_LIBNAME,shell32 ole32 uuid version winspool comdlg32 imm32 winmm wsock32 msimg32)
 30 ifneq (,$(MOZ_DEBUG)$(NS_TRACE_MALLOC))