Sun Jan 13 17:44:59 2013 UTC ()
Apply patch submitted by Ryo ONODERA in ticket #4010:
Update "firefox" and "xulrunner" package to version 17.0.2. This fixes
the following security vulnerabilities:
- MFSA 2013-20 Mis-issued TURKTRUST certificates
- MFSA 2013-19 Use-after-free in Javascript Proxy objects
- MFSA 2013-18 Use-after-free in Vibrate
- MFSA 2013-17 Use-after-free in ListenerManager
- MFSA 2013-16 Use-after-free in serializeToStream
- MFSA 2013-15 Privilege escalation through plugin objects
- MFSA 2013-14 Chrome Object Wrapper (COW) bypass through changing prototype
- MFSA 2013-13 Memory corruption in XBL with XML bindings containing SVG
- MFSA 2013-12 Buffer overflow in Javascript string concatenation
- MFSA 2013-11 Address space layout leaked in XBL objects
- MFSA 2013-10 Event manipulation in plugin handler to bypass same-origin
  policy
- MFSA 2013-09 Compartment mismatch with quickstubs returned values
- MFSA 2013-08 AutoWrapperChanger fails to keep objects alive during
  garbage collection
- MFSA 2013-07 Crash due to handling of SSL on threads
- MFSA 2013-05 Use-after-free when displaying table with many columns and
  column groups
- MFSA 2013-04 URL spoofing in addressbar during page loads
- MFSA 2013-03 Buffer Overflow in Canvas
- MFSA 2013-02 Use-after-free and buffer overflow issues found using
  Address Sanitizer
- MFSA 2013-01 Miscellaneous memory safety hazards (rv:18.0/
  rv:10.0.12 / rv:17.0.2)
- MFSA 2012-98 Firefox installer DLL hijacking


(tron)
diff -r1.39 -r1.39.2.1 pkgsrc/devel/xulrunner/dist.mk
diff -r1.87 -r1.87.2.1 pkgsrc/devel/xulrunner/distinfo
diff -r1.1 -r1.1.4.1 pkgsrc/devel/xulrunner/patches/patch-ipc_chromium_src_base_debug__util__posix.cc
cvs diff -r1.39 -r1.39.2.1 pkgsrc/devel/xulrunner/Attic/dist.mk (expand / switch to unified diff)

--- pkgsrc/devel/xulrunner/Attic/dist.mk 2012/12/05 11:47:14 1.39
+++ pkgsrc/devel/xulrunner/Attic/dist.mk 2013/01/13 17:44:58 1.39.2.1
@@ -1,17 +1,19 @@ @@ -1,17 +1,19 @@
1# $NetBSD: dist.mk,v 1.39 2012/12/05 11:47:14 ryoon Exp $ 1# $NetBSD: dist.mk,v 1.39.2.1 2013/01/13 17:44:58 tron Exp $
2# 2#
3# used by devel/xulrunner/Makefile 3# used by devel/xulrunner/Makefile
4# used by www/firefox/Makefile 4# used by www/firefox/Makefile
5 5
6DISTNAME= firefox-${FIREFOX_VER}.source 6DISTNAME= firefox-${FIREFOX_VER}.source
7FIREFOX_VER= ${MOZ_BRANCH}${MOZ_BRANCH_MINOR} 7FIREFOX_VER= ${MOZ_BRANCH}${MOZ_BRANCH_MINOR}
8MOZ_BRANCH= 17.0.1 8MOZ_BRANCH= 17.0.2
9MOZ_BRANCH_MINOR= esr 9MOZ_BRANCH_MINOR= esr
10MASTER_SITES= ${MASTER_SITE_MOZILLA_ESR:=firefox/releases/${FIREFOX_VER}/source/} \ 10MASTER_SITES= ${MASTER_SITE_MOZILLA_ESR:=firefox/releases/${FIREFOX_VER}/source/} \
11 ${MASTER_SITE_MOZILLA_ALL:=firefox/releases/${FIREFOX_VER}/source/} 11 ${MASTER_SITE_MOZILLA_ALL:=firefox/releases/${FIREFOX_VER}/source/}
12EXTRACT_SUFX= .tar.bz2 12EXTRACT_SUFX= .tar.bz2
13 13
14DISTINFO_FILE= ${.CURDIR}/../../devel/xulrunner/distinfo 14DISTINFO_FILE= ${.CURDIR}/../../devel/xulrunner/distinfo
15PATCHDIR= ${.CURDIR}/../../devel/xulrunner/patches 15PATCHDIR= ${.CURDIR}/../../devel/xulrunner/patches
16 16
 17DIST_SUBDIR= firefox17.0.2esr
 18
17WRKSRC= ${WRKDIR}/mozilla-esr17 19WRKSRC= ${WRKDIR}/mozilla-esr17
cvs diff -r1.87 -r1.87.2.1 pkgsrc/devel/xulrunner/Attic/distinfo (expand / switch to unified diff)

--- pkgsrc/devel/xulrunner/Attic/distinfo 2013/01/02 02:31:04 1.87
+++ pkgsrc/devel/xulrunner/Attic/distinfo 2013/01/13 17:44:58 1.87.2.1
@@ -1,18 +1,18 @@ @@ -1,18 +1,18 @@
1$NetBSD: distinfo,v 1.87 2013/01/02 02:31:04 ryoon Exp $ 1$NetBSD: distinfo,v 1.87.2.1 2013/01/13 17:44:58 tron Exp $
2 2
3SHA1 (firefox-17.0.1esr.source.tar.bz2) = 06373c132ca07a6e2dbb5fe1a2552519ba91ee37 3SHA1 (firefox17.0.2esr/firefox-17.0.2esr.source.tar.bz2) = 0344c4a14119c10e9ca92b1df13a3df7a0f7b0ec
4RMD160 (firefox-17.0.1esr.source.tar.bz2) = a85fc33defda9c514f46623672d61358397e58f1 4RMD160 (firefox17.0.2esr/firefox-17.0.2esr.source.tar.bz2) = a1a95552eb5a41547bbde8211d65f6d2bab92e81
5Size (firefox-17.0.1esr.source.tar.bz2) = 90861856 bytes 5Size (firefox17.0.2esr/firefox-17.0.2esr.source.tar.bz2) = 90828234 bytes
6SHA1 (patch-aa) = 736eff19f8a9a69adc9a23834c1edf69d4d94ce5 6SHA1 (patch-aa) = 736eff19f8a9a69adc9a23834c1edf69d4d94ce5
7SHA1 (patch-ab) = b0d7975a291c63e07773e13b023f71e88c883128 7SHA1 (patch-ab) = b0d7975a291c63e07773e13b023f71e88c883128
8SHA1 (patch-ac) = 18640ddf00b7da9276fd67d95bd6f1b191a99d4f 8SHA1 (patch-ac) = 18640ddf00b7da9276fd67d95bd6f1b191a99d4f
9SHA1 (patch-ad) = cf84430cb1d9c22caf6beaa89288f90577ae6352 9SHA1 (patch-ad) = cf84430cb1d9c22caf6beaa89288f90577ae6352
10SHA1 (patch-ae) = 2d1ffba3f41564d672d05968ff09b188c904fd73 10SHA1 (patch-ae) = 2d1ffba3f41564d672d05968ff09b188c904fd73
11SHA1 (patch-af) = 3dc276155f456a66ce0db9d1a0427d8f11cb74aa 11SHA1 (patch-af) = 3dc276155f456a66ce0db9d1a0427d8f11cb74aa
12SHA1 (patch-ag) = c236c83c7b6a64c19c01010d19cad0120250047c 12SHA1 (patch-ag) = c236c83c7b6a64c19c01010d19cad0120250047c
13SHA1 (patch-ai) = ec2a8bce48ec8a27066667d367cf1bac4874462b 13SHA1 (patch-ai) = ec2a8bce48ec8a27066667d367cf1bac4874462b
14SHA1 (patch-aj) = 25008e1761306f90a31b4e2bff4dc52b2d8167de 14SHA1 (patch-aj) = 25008e1761306f90a31b4e2bff4dc52b2d8167de
15SHA1 (patch-ak) = 7cebf3e58ad14598fbe98c3d730c8a548c0bda1e 15SHA1 (patch-ak) = 7cebf3e58ad14598fbe98c3d730c8a548c0bda1e
16SHA1 (patch-al) = 140f77112c463df90fe0dcd4173c5d6945395d4f 16SHA1 (patch-al) = 140f77112c463df90fe0dcd4173c5d6945395d4f
17SHA1 (patch-am) = edf385051147a8d255a6c0737f574fa353b53d38 17SHA1 (patch-am) = edf385051147a8d255a6c0737f574fa353b53d38
18SHA1 (patch-an) = a6e6072403a9d3295ec861275abd4587a8bca97d 18SHA1 (patch-an) = a6e6072403a9d3295ec861275abd4587a8bca97d
@@ -33,27 +33,27 @@ SHA1 (patch-bi) = 6ae67da19d32bc3e7fc09a @@ -33,27 +33,27 @@ SHA1 (patch-bi) = 6ae67da19d32bc3e7fc09a
33SHA1 (patch-build_autoconf_nss.m4) = b4da991ed606fcadcb6582b4c7213e1c83ee811f 33SHA1 (patch-build_autoconf_nss.m4) = b4da991ed606fcadcb6582b4c7213e1c83ee811f
34SHA1 (patch-config_baseconfig.mk) = 8fc7a064bda66c91488e27e7d49e615e49540c7d 34SHA1 (patch-config_baseconfig.mk) = 8fc7a064bda66c91488e27e7d49e615e49540c7d
35SHA1 (patch-config_system-headers) = d7d4b5ba0677cbb92dc2ca70cd387b7d88b79f63 35SHA1 (patch-config_system-headers) = d7d4b5ba0677cbb92dc2ca70cd387b7d88b79f63
36SHA1 (patch-content_media_nsAudioStream.cpp) = 75c9fc45d464ee332271142c3e29b826b6254d49 36SHA1 (patch-content_media_nsAudioStream.cpp) = 75c9fc45d464ee332271142c3e29b826b6254d49
37SHA1 (patch-dom_plugins_ipc_PluginModuleChild.cpp) = 66d023227b46582d30961cfac15506b9f29c23de 37SHA1 (patch-dom_plugins_ipc_PluginModuleChild.cpp) = 66d023227b46582d30961cfac15506b9f29c23de
38SHA1 (patch-dom_plugins_ipc_PluginModuleChild.h) = cba2ea71973b3717b29052e131eb278cec972ebd 38SHA1 (patch-dom_plugins_ipc_PluginModuleChild.h) = cba2ea71973b3717b29052e131eb278cec972ebd
39SHA1 (patch-gfx_skia_src_sfnt_SkOTTable__head.h) = a50b21dc02ee5ae2b053ba574b592679350396ad 39SHA1 (patch-gfx_skia_src_sfnt_SkOTTable__head.h) = a50b21dc02ee5ae2b053ba574b592679350396ad
40SHA1 (patch-gfx_skia_src_sfnt_SkOTTable__name.h) = a13668dbb5f1b6099b1701291f28b2b272b35353 40SHA1 (patch-gfx_skia_src_sfnt_SkOTTable__name.h) = a13668dbb5f1b6099b1701291f28b2b272b35353
41SHA1 (patch-gfx_skia_src_sfnt_SkSFNTHeader.h) = c3f6c6d11201c0fae4e3978a370f48eefbc09370 41SHA1 (patch-gfx_skia_src_sfnt_SkSFNTHeader.h) = c3f6c6d11201c0fae4e3978a370f48eefbc09370
42SHA1 (patch-gfx_thebes_gfxPlatform.cpp) = 775c13ca6a77b3f39f23e15fbbcf4b1cae4e9478 42SHA1 (patch-gfx_thebes_gfxPlatform.cpp) = 775c13ca6a77b3f39f23e15fbbcf4b1cae4e9478
43SHA1 (patch-ipc_chromium_Makefile.in) = c2d339b32050e772dea05790d61f291d9a52e06f 43SHA1 (patch-ipc_chromium_Makefile.in) = c2d339b32050e772dea05790d61f291d9a52e06f
44SHA1 (patch-ipc_chromium_chromium-config.mk) = 24b1fe7cc7f3f14dd8a79f8eedf6f3638c304020 44SHA1 (patch-ipc_chromium_chromium-config.mk) = 24b1fe7cc7f3f14dd8a79f8eedf6f3638c304020
45SHA1 (patch-ipc_chromium_src_base_base__paths.h) = 0b8e231055cde854f31b9aa44392692a53d806f0 45SHA1 (patch-ipc_chromium_src_base_base__paths.h) = 0b8e231055cde854f31b9aa44392692a53d806f0
46SHA1 (patch-ipc_chromium_src_base_debug__util__posix.cc) = 46bf793870b4fbc2c8594186eea6bd3c7db885e9 46SHA1 (patch-ipc_chromium_src_base_debug__util__posix.cc) = 639e8cecaf237921314283b9bf08fa4bfd85c91e
47SHA1 (patch-ipc_chromium_src_base_dir__reader__bsd.h) = 767160e3099d7bd4eb58dc24ed207417acdf098a 47SHA1 (patch-ipc_chromium_src_base_dir__reader__bsd.h) = 767160e3099d7bd4eb58dc24ed207417acdf098a
48SHA1 (patch-ipc_chromium_src_base_dir__reader__posix.h) = d6dd15f644de3fa755f8c9be9190eb4092295091 48SHA1 (patch-ipc_chromium_src_base_dir__reader__posix.h) = d6dd15f644de3fa755f8c9be9190eb4092295091
49SHA1 (patch-ipc_chromium_src_base_file__util__posix.cc) = 96a5a0d4b61ec69b80db3c9ff212d7a7a3d506f6 49SHA1 (patch-ipc_chromium_src_base_file__util__posix.cc) = 96a5a0d4b61ec69b80db3c9ff212d7a7a3d506f6
50SHA1 (patch-ipc_chromium_src_base_message__loop.cc) = c53a8962a197a3160087ad31e1a55f647a8d8fc8 50SHA1 (patch-ipc_chromium_src_base_message__loop.cc) = c53a8962a197a3160087ad31e1a55f647a8d8fc8
51SHA1 (patch-ipc_chromium_src_base_platform__thread.h) = 1f6eb9d0da16b415df6c2ced4e507d1cbf7dfdae 51SHA1 (patch-ipc_chromium_src_base_platform__thread.h) = 1f6eb9d0da16b415df6c2ced4e507d1cbf7dfdae
52SHA1 (patch-ipc_chromium_src_base_platform__thread__posix.cc) = e4560021d85abf96182b8e0c0a5a52e1213fdb31 52SHA1 (patch-ipc_chromium_src_base_platform__thread__posix.cc) = e4560021d85abf96182b8e0c0a5a52e1213fdb31
53SHA1 (patch-ipc_chromium_src_base_process__util.h) = f0e705d9e7951d12225ad132f462527651d3b1be 53SHA1 (patch-ipc_chromium_src_base_process__util.h) = f0e705d9e7951d12225ad132f462527651d3b1be
54SHA1 (patch-ipc_chromium_src_base_process__util__bsd.cc) = c3e578b78234bee0b48b20affcb057497d94f3bf 54SHA1 (patch-ipc_chromium_src_base_process__util__bsd.cc) = c3e578b78234bee0b48b20affcb057497d94f3bf
55SHA1 (patch-ipc_chromium_src_base_process__util__posix.cc) = 4644a4a2f37fae689b5997eda1c9b548372fa252 55SHA1 (patch-ipc_chromium_src_base_process__util__posix.cc) = 4644a4a2f37fae689b5997eda1c9b548372fa252
56SHA1 (patch-ipc_chromium_src_base_ref__counted.h) = 89d6be3faaed51c7ed2e49ee8698d730916ce12f 56SHA1 (patch-ipc_chromium_src_base_ref__counted.h) = 89d6be3faaed51c7ed2e49ee8698d730916ce12f
57SHA1 (patch-ipc_chromium_src_base_sys__info__posix.cc) = ce9b899f181d8339110d3a9a151bff9ab734df42 57SHA1 (patch-ipc_chromium_src_base_sys__info__posix.cc) = ce9b899f181d8339110d3a9a151bff9ab734df42
58SHA1 (patch-ipc_chromium_src_base_thread__collision__warner.h) = 232c10f763875930fb7de39555629f4c4fc15f35 58SHA1 (patch-ipc_chromium_src_base_thread__collision__warner.h) = 232c10f763875930fb7de39555629f4c4fc15f35
59SHA1 (patch-ipc_chromium_src_base_time__posix.cc) = 986f4a648d812c67248bd5e2c7b96963f2aa1a03 59SHA1 (patch-ipc_chromium_src_base_time__posix.cc) = 986f4a648d812c67248bd5e2c7b96963f2aa1a03
cvs diff -r1.1 -r1.1.4.1 pkgsrc/devel/xulrunner/patches/Attic/patch-ipc_chromium_src_base_debug__util__posix.cc (expand / switch to unified diff)

--- pkgsrc/devel/xulrunner/patches/Attic/patch-ipc_chromium_src_base_debug__util__posix.cc 2012/08/29 03:01:19 1.1
+++ pkgsrc/devel/xulrunner/patches/Attic/patch-ipc_chromium_src_base_debug__util__posix.cc 2013/01/13 17:44:58 1.1.4.1
@@ -1,18 +1,18 @@ @@ -1,18 +1,18 @@
1$NetBSD: patch-ipc_chromium_src_base_debug__util__posix.cc,v 1.1 2012/08/29 03:01:19 ryoon Exp $ 1$NetBSD: patch-ipc_chromium_src_base_debug__util__posix.cc,v 1.1.4.1 2013/01/13 17:44:58 tron Exp $
2 2
3# Reported upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=753046 3# Reported upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=753046
4 4
5--- ipc/chromium/src/base/debug_util_posix.cc.orig 2012-08-24 22:55:37.000000000 +0000 5--- ipc/chromium/src/base/debug_util_posix.cc.orig 2013-01-07 20:52:27.000000000 +0000
6+++ ipc/chromium/src/base/debug_util_posix.cc 6+++ ipc/chromium/src/base/debug_util_posix.cc
7@@ -5,7 +5,7 @@ 7@@ -5,7 +5,7 @@
8 #include "build/build_config.h" 8 #include "build/build_config.h"
9 #include "base/debug_util.h" 9 #include "base/debug_util.h"
10  10
11-#define MOZ_HAVE_EXECINFO_H (!defined(ANDROID) && !defined(__OpenBSD__)) 11-#define MOZ_HAVE_EXECINFO_H (!defined(ANDROID) && !defined(__OpenBSD__))
12+#define MOZ_HAVE_EXECINFO_H (defined(OS_LINUX) && !defined(ANDROID)) 12+#define MOZ_HAVE_EXECINFO_H (defined(OS_LINUX) && !defined(ANDROID))
13  13
14 #include <errno.h> 14 #include <errno.h>
15 #include <fcntl.h> 15 #include <fcntl.h>
16@@ -17,9 +17,16 @@ 16@@ -17,9 +17,16 @@
17 #include <unistd.h> 17 #include <unistd.h>
18 #if MOZ_HAVE_EXECINFO_H 18 #if MOZ_HAVE_EXECINFO_H
@@ -29,29 +29,54 @@ $NetBSD: patch-ipc_chromium_src_base_deb @@ -29,29 +29,54 @@ $NetBSD: patch-ipc_chromium_src_base_deb
29+ 29+
30 #include "base/basictypes.h" 30 #include "base/basictypes.h"
31 #include "base/eintr_wrapper.h" 31 #include "base/eintr_wrapper.h"
32 #include "base/logging.h" 32 #include "base/logging.h"
33@@ -32,7 +39,7 @@ bool DebugUtil::SpawnDebuggerOnProcess(u 33@@ -32,7 +39,7 @@ bool DebugUtil::SpawnDebuggerOnProcess(u
34 return false; 34 return false;
35 } 35 }
36  36
37-#if defined(OS_MACOSX) 37-#if defined(OS_MACOSX)
38+#if defined(OS_MACOSX) || defined(OS_BSD) 38+#if defined(OS_MACOSX) || defined(OS_BSD)
39  39
40 // Based on Apple's recommended method as described in 40 // Based on Apple's recommended method as described in
41 // http://developer.apple.com/qa/qa2004/qa1361.html 41 // http://developer.apple.com/qa/qa2004/qa1361.html
42@@ -71,7 +78,15 @@ bool DebugUtil::BeingDebugged() { 42@@ -51,14 +58,22 @@ bool DebugUtil::BeingDebugged() {
 43 // we're looking for information about a specific process ID.
 44 int mib[] = {
 45 CTL_KERN,
 46+#if defined(OS_NETBSD)
 47+ KERN_PROC2,
 48+#else
 49 KERN_PROC,
 50+#endif
 51 KERN_PROC_PID,
 52 getpid()
 53 };
 54
 55 // Caution: struct kinfo_proc is marked __APPLE_API_UNSTABLE. The source and
 56 // binary interfaces may change.
 57+#if defined(OS_NETBSD)
 58+ struct kinfo_proc2 info;
 59+#else
 60 struct kinfo_proc info;
 61+#endif
 62 size_t info_size = sizeof(info);
 63
 64 int sysctl_result = sysctl(mib, arraysize(mib), &info, &info_size, NULL, 0);
 65@@ -71,7 +86,17 @@ bool DebugUtil::BeingDebugged() {
43  66
44 // This process is being debugged if the P_TRACED flag is set. 67 // This process is being debugged if the P_TRACED flag is set.
45 is_set = true; 68 is_set = true;
46+#if defined(OS_DRAGONFLY) 69+#if defined(OS_DRAGONFLY)
47+ being_debugged = (info.kp_flags & P_TRACED) != 0; 70+ being_debugged = (info.kp_flags & P_TRACED) != 0;
48+#elif defined(OS_FREEBSD) 71+#elif defined(OS_FREEBSD)
49+ being_debugged = (info.ki_flag & P_TRACED) != 0; 72+ being_debugged = (info.ki_flag & P_TRACED) != 0;
50+#elif defined(OS_OPENBSD) 73+#elif defined(OS_OPENBSD)
51+ being_debugged = (info.p_flag & P_TRACED) != 0; 74+ being_debugged = (info.p_flag & P_TRACED) != 0;
 75+#elif defined(OS_NETBSD)
 76+ being_debugged = (info.p_flag & P_TRACED) != 0;
52+#else 77+#else
53 being_debugged = (info.kp_proc.p_flag & P_TRACED) != 0; 78 being_debugged = (info.kp_proc.p_flag & P_TRACED) != 0;
54+#endif 79+#endif
55 return being_debugged; 80 return being_debugged;
56 } 81 }
57  82