The NetBSD Project

CVS log for pkgsrc/lang/spidermonkey52/distinfo

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / lang / spidermonkey52

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.4.4.1 / (download) - annotate - [select for diffs], Sun Oct 7 11:32:05 2018 UTC (6 months, 2 weeks ago) by spz
Branch: pkgsrc-2018Q3
Changes since 1.4: +2 -1 lines
Diff to previous 1.4 (colored) next main 1.5 (colored)

Pullup ticket #5839 - requested by maya
lang/spidermonkey52: security update
www/firefox-l10n: security update
www/firefox: security update

Revisions pulled up:
- lang/spidermonkey52/Makefile                                  1.10
- lang/spidermonkey52/distinfo                                  1.5
- lang/spidermonkey52/patches/patch-CVE-2018-12387              1.1
- www/firefox-l10n/Makefile                                     1.133
- www/firefox-l10n/distinfo                                     1.123
- www/firefox/Makefile                                          1.344
- www/firefox/distinfo                                          1.326

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   maya
   Date:           Wed Oct  3 17:30:30 UTC 2018

   Modified Files:
           pkgsrc/www/firefox: Makefile distinfo

   Log Message:
   firefox: update to 62.0.3

   Fixed hangs on macOS Mojave (10.14) when various dialog windows (upload, download, print, etc) are activated (bug 1489785)
   Fixed playback of some encrypted video streams on macOS (bug 1491940)

   Unvisited bookmarks can once again be autofilled in the address bar (bug 1488879)
   WebGL rendering issues (bug 1489099)
   Updates from unpacked language packs no longer break the browser (bug 1488934)
   Fix fallback on startup when a language pack is missing (bug 1492459)
   Profile refresh from the Windows stub installer restarts the browser (bug 1491999)
   Properly restore window size and position when restarting on Windows (bugs 1489214 and 1489852)
   Avoid crash when sharing a profile with newer (as yet unreleased) versions of Firefox (bug 1490585)
   Do not undo removal of search engines when using a language pack (bug 1489820)
   Fixed rendering of some web sites (bug 1421885)
   Restored compatibility with some sites using deprecated TLS settings (bug 1487517)
   Fix screen share on MacOS when using multiple monitors (bug 1487419)

   CVE-2018-12386: Type confusion in JavaScript
   CVE-2018-12387:
   CVE-2018-12385: Crash in TransportSecurityInfo due to cached data


   To generate a diff of this commit:
   cvs rdiff -u -r1.343 -r1.344 pkgsrc/www/firefox/Makefile
   cvs rdiff -u -r1.325 -r1.326 pkgsrc/www/firefox/distinfo

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   maya
   Date:           Wed Oct  3 17:31:07 UTC 2018

   Modified Files:
           pkgsrc/www/firefox-l10n: Makefile distinfo

   Log Message:
   firefox-l10n: catch up to www/firefox update.


   To generate a diff of this commit:
   cvs rdiff -u -r1.132 -r1.133 pkgsrc/www/firefox-l10n/Makefile
   cvs rdiff -u -r1.122 -r1.123 pkgsrc/www/firefox-l10n/distinfo

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   maya
   Date:           Wed Oct  3 18:58:23 UTC 2018

   Modified Files:
           pkgsrc/lang/spidermonkey52: Makefile distinfo
   Added Files:
           pkgsrc/lang/spidermonkey52/patches: patch-CVE-2018-12387

   Log Message:
   spidermonkey52: backport patch for CVE-2018-12387

   Don't inline push with more than 1 argument

   A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory
   address to the calling function which can be used as part of an exploit inside the sandboxed content process.

   Bump PKGREVISION


   To generate a diff of this commit:
   cvs rdiff -u -r1.9 -r1.10 pkgsrc/lang/spidermonkey52/Makefile
   cvs rdiff -u -r1.4 -r1.5 pkgsrc/lang/spidermonkey52/distinfo
   cvs rdiff -u -r0 -r1.1 \
       pkgsrc/lang/spidermonkey52/patches/patch-CVE-2018-12387

Revision 1.5 / (download) - annotate - [select for diffs], Wed Oct 3 18:58:22 2018 UTC (6 months, 2 weeks ago) by maya
Branch: MAIN
CVS Tags: pkgsrc-2019Q1-base, pkgsrc-2019Q1, pkgsrc-2018Q4-base, pkgsrc-2018Q4, HEAD
Changes since 1.4: +2 -1 lines
Diff to previous 1.4 (colored)

spidermonkey52: backport patch for CVE-2018-12387

Don't inline push with more than 1 argument

A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as part of an exploit inside the sandboxed content process.

Bump PKGREVISION

Revision 1.4 / (download) - annotate - [select for diffs], Sat May 19 12:38:28 2018 UTC (11 months ago) by youri
Branch: MAIN
CVS Tags: pkgsrc-2018Q3-base, pkgsrc-2018Q2-base, pkgsrc-2018Q2
Branch point for: pkgsrc-2018Q3
Changes since 1.3: +2 -2 lines
Diff to previous 1.3 (colored)

Cleanup patches.

Revision 1.3 / (download) - annotate - [select for diffs], Wed May 16 11:36:36 2018 UTC (11 months, 1 week ago) by youri
Branch: MAIN
Changes since 1.2: +4 -1 lines
Diff to previous 1.2 (colored)

- Fix for polkit and gjs
- Remove the huge static lib
- attempt to not break other platforms..

Revision 1.2 / (download) - annotate - [select for diffs], Fri May 11 19:18:35 2018 UTC (11 months, 1 week ago) by jperkin
Branch: MAIN
Changes since 1.1: +12 -1 lines
Diff to previous 1.1 (colored)

spidermonkey52: Add support for SunOS.

Works well enough to only produce 7 minor failures out of 6679
regression tests.

Revision 1.1 / (download) - annotate - [select for diffs], Sun Apr 29 05:11:00 2018 UTC (11 months, 3 weeks ago) by wiz
Branch: MAIN

lang/spidermonkey52: import spidermonkey52-52.7.4

SpiderMonkey is the code-name for the Mozilla's C implementation of JavaScript.
This package contains SpiderMonkey 52.

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>