The NetBSD Project

CVS log for pkgsrc/www/firefox/Attic/Makefile-firefox.common

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / www / firefox

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.67, Tue Sep 22 13:17:28 2009 UTC (13 years, 4 months ago) by tnn
Branch: MAIN
CVS Tags: pkgsrc-2013Q2-base, pkgsrc-2013Q2, pkgsrc-2012Q4-base, pkgsrc-2012Q4, pkgsrc-2011Q4-base, pkgsrc-2011Q4, pkgsrc-2011Q2-base, pkgsrc-2011Q2, pkgsrc-2009Q4-base, pkgsrc-2009Q4, HEAD
Changes since 1.66: +1 -1 lines
FILE REMOVED

Send firefox3 on it's way to the happy hunting ground.

Revision 1.66 / (download) - annotate - [select for diffs], Wed Aug 5 02:49:19 2009 UTC (13 years, 6 months ago) by tnn
Branch: MAIN
Changes since 1.65: +2 -2 lines
Diff to previous 1.65 (colored)

fix comment

Revision 1.65 / (download) - annotate - [select for diffs], Wed Aug 5 02:48:55 2009 UTC (13 years, 6 months ago) by tnn
Branch: MAIN
Changes since 1.64: +3 -2 lines
Diff to previous 1.64 (colored)

resurrect file still needed by www/firefox3

Revision 1.64, Wed Aug 5 01:27:31 2009 UTC (13 years, 6 months ago) by tnn
Branch: MAIN
Changes since 1.63: +1 -1 lines
FILE REMOVED

Remove firefox 2.x. Firefox 3.5 branch will be imported in this location.
(I opted for removing and re-importing instead of a plain update due to
 extensive patch rototil)

We may encounter minor turbulence as dependent packages are sorted out.
Thank you for flying pkgsrc-current.

Revision 1.63 / (download) - annotate - [select for diffs], Wed Mar 18 00:08:39 2009 UTC (13 years, 10 months ago) by abs
Branch: MAIN
CVS Tags: pkgsrc-2009Q2-base, pkgsrc-2009Q2, pkgsrc-2009Q1-base, pkgsrc-2009Q1
Changes since 1.62: +9 -18 lines
Diff to previous 1.62 (colored)

Unify all the mozilla projects into using a single Makefile.common and
INSTALL, and put it in seamonkey.
Ensure all build with USE_DESTDIR.
Bump PKGREVISIONs

Revision 1.62 / (download) - annotate - [select for diffs], Wed Dec 17 17:05:52 2008 UTC (14 years, 1 month ago) by ghen
Branch: MAIN
CVS Tags: pkgsrc-2008Q4-base, pkgsrc-2008Q4
Changes since 1.61: +2 -2 lines
Diff to previous 1.61 (colored)

Update firefox, firefox-bin and firefox-gtk1 to 2.0.0.19.

Security fixes in this version:

MFSA 2008-69 XSS vulnerabilities in SessionStore
MFSA 2008-68 XSS and JavaScript privilege escalation
MFSA 2008-67 Escaped null characters ignored by CSS parser
MFSA 2008-66 Errors parsing URLs with leading whitespace and control characters
MFSA 2008-65 Cross-domain data theft via script redirect error message
MFSA 2008-64 XMLHttpRequest 302 response disclosure
MFSA 2008-62 Additional XSS attack vectors in feed preview
MFSA 2008-61 Information stealing via loadBindingDocument
MFSA 2008-60 Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19)

For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.19/releasenotes/

Revision 1.60.2.1 / (download) - annotate - [select for diffs], Fri Nov 14 12:32:59 2008 UTC (14 years, 2 months ago) by tron
Branch: pkgsrc-2008Q3
Changes since 1.60: +2 -2 lines
Diff to previous 1.60 (colored) next main 1.61 (colored)

Pullup ticket #2589 - requested by ghen
firefox: security update
firefox-bin: security update
firefox-gtk1: security update

Revisions pulled up:
- www/firefox-bin/Makefile		1.46
- www/firefox-bin/distinfo		1.46
- www/firefox/Makefile-firefox.common	1.61
- www/firefox/distinfo			1.83
---
Module Name:	pkgsrc
Committed By:	ghen
Date:		Thu Nov 13 10:11:45 UTC 2008

Modified Files:
	pkgsrc/www/firefox: Makefile-firefox.common distinfo
	pkgsrc/www/firefox-bin: Makefile distinfo

Log Message:
Update firefox, firefox-bin and firefox-gtk1 to 2.0.0.18.

Security fixes in this version:

MFSA 2008-58 Parsing error in E4X default namespace
MFSA 2008-57 -moz-binding property bypasses security checks on codebase principals
MFSA 2008-56 nsXMLHttpRequest::NotifyEventListeners() same-origin violation
MFSA 2008-55 Crash and remote code execution in nsFrameManager
MFSA 2008-54 Buffer overflow in http-index-format parser
MFSA 2008-53 XSS and JavaScript privilege escalation via session restore
MFSA 2008-52 Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18)
MFSA 2008-50 Crash and remote code execution via __proto__ tampering
MFSA 2008-49 Arbitrary code execution via Flash Player dynamic module unloading
MFSA 2008-48 Image stealing via canvas and HTTP redirect
MFSA 2008-47 Information stealing via local shortcut files

For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.18/releasenotes/

Revision 1.61 / (download) - annotate - [select for diffs], Thu Nov 13 10:11:45 2008 UTC (14 years, 2 months ago) by ghen
Branch: MAIN
Changes since 1.60: +2 -2 lines
Diff to previous 1.60 (colored)

Update firefox, firefox-bin and firefox-gtk1 to 2.0.0.18.

Security fixes in this version:

MFSA 2008-58 Parsing error in E4X default namespace
MFSA 2008-57 -moz-binding property bypasses security checks on codebase principals
MFSA 2008-56 nsXMLHttpRequest::NotifyEventListeners() same-origin violation
MFSA 2008-55 Crash and remote code execution in nsFrameManager
MFSA 2008-54 Buffer overflow in http-index-format parser
MFSA 2008-53 XSS and JavaScript privilege escalation via session restore
MFSA 2008-52 Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18)
MFSA 2008-50 Crash and remote code execution via __proto__ tampering
MFSA 2008-49 Arbitrary code execution via Flash Player dynamic module unloading
MFSA 2008-48 Image stealing via canvas and HTTP redirect
MFSA 2008-47 Information stealing via local shortcut files

For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.18/releasenotes/

Revision 1.58.4.2 / (download) - annotate - [select for diffs], Fri Sep 26 19:52:40 2008 UTC (14 years, 4 months ago) by tron
Branch: pkgsrc-2008Q2
Changes since 1.58.4.1: +2 -2 lines
Diff to previous 1.58.4.1 (colored) to branchpoint 1.58 (colored) next main 1.59 (colored)

Pullup ticket #2534 - requested by ghen
firefox: security update
firefox-bin:  security update
firefox-gtk1: security update

www/firefox-bin/Makefile			1.45
www/firefox-bin/distinfo			1.45
www/firefox-gtk1/Makefile			1.20-1.21
www/firefox-gtk1/PLIST				1.16
www/firefox/Makefile				1.47-1.48
www/firefox/Makefile-firefox.common		1.60
www/firefox/PLIST				1.31
www/firefox/distinfo				1.81-1.82
www/firefox/patches/patch-ee			1.1
www/firefox/patches/patch-ef			1.1
www/firefox/patches/patch-eg			1.1
---
Module Name:    pkgsrc
Committed By:   martin
Date:           Mon Aug 11 10:09:21 UTC 2008

Modified Files:
        pkgsrc/www/firefox: Makefile distinfo
        pkgsrc/www/firefox-gtk1: Makefile
Added Files:
        pkgsrc/www/firefox/patches: patch-ee patch-ef patch-eg

Log Message:
Add "unicode" processing alignment patch from mozilla's bugzilla to make
firefox work again on archs requiring strict alignement.
Bump pkgrevision.
---
Module Name:	pkgsrc
Committed By:	ghen
Date:		Wed Sep 24 14:34:36 UTC 2008

Modified Files:
	pkgsrc/www/firefox: Makefile Makefile-firefox.common PLIST distinfo
	pkgsrc/www/firefox-bin: Makefile distinfo
	pkgsrc/www/firefox-gtk1: Makefile PLIST

Log Message:
Update firefox, firefox-bin and firefox-gtk1 to 2.0.0.17.
(ok during freeze agc@)

Security fixes in this version:

MFSA 2008-45 XBM image uninitialized memory reading
MFSA 2008-44 resource: traversal vulnerabilities
MFSA 2008-43 BOM characters stripped from JavaScript before execution
MFSA 2008-42 Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.1=
7)
MFSA 2008-41 Privilege escalation via XPCnativeWrapper pollution
MFSA 2008-40 Forced mouse drag
MFSA 2008-39 Privilege escalation using feed preview page and XSS flaw
MFSA 2008-38 nsXMLDocument::OnChannelRedirect() same-origin violation
MFSA 2008-37 UTF-8 URL stack buffer overflow

For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.17/releasenotes/

Revision 1.60 / (download) - annotate - [select for diffs], Wed Sep 24 14:34:36 2008 UTC (14 years, 4 months ago) by ghen
Branch: MAIN
CVS Tags: pkgsrc-2008Q3-base
Branch point for: pkgsrc-2008Q3
Changes since 1.59: +2 -2 lines
Diff to previous 1.59 (colored)

Update firefox, firefox-bin and firefox-gtk1 to 2.0.0.17.
(ok during freeze agc@)

Security fixes in this version:

MFSA 2008-45 XBM image uninitialized memory reading
MFSA 2008-44 resource: traversal vulnerabilities
MFSA 2008-43 BOM characters stripped from JavaScript before execution
MFSA 2008-42 Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17)
MFSA 2008-41 Privilege escalation via XPCnativeWrapper pollution
MFSA 2008-40 Forced mouse drag
MFSA 2008-39 Privilege escalation using feed preview page and XSS flaw
MFSA 2008-38 nsXMLDocument::OnChannelRedirect() same-origin violation
MFSA 2008-37 UTF-8 URL stack buffer overflow

For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.17/releasenotes/

Revision 1.58.4.1 / (download) - annotate - [select for diffs], Fri Jul 18 09:13:30 2008 UTC (14 years, 6 months ago) by rtr
Branch: pkgsrc-2008Q2
Changes since 1.58: +2 -2 lines
Diff to previous 1.58 (colored)

pullup ticket 2449 requested by ghen
firefox, firefox-bin: update for security fixes

revisions pulled up:
pkgsrc/www/firefox/Makefile-firefox.common	1.59
pkgsrc/www/firefox/PLIST			1.30
pkgsrc/www/firefox/distinfo			1.80
pkgsrc/www/firefox-bin/Makefile			1.44
pkgsrc/www/firefox-bin/distinfo			1.44

   Module Name:	pkgsrc
   Committed By:	ghen
   Date:		Wed Jul 16 09:52:56 UTC 2008

   Modified Files:
   	pkgsrc/www/firefox: Makefile-firefox.common PLIST distinfo
   	pkgsrc/www/firefox-bin: Makefile distinfo

   Log Message:
   Update firefox, firefox-bin and firefox-gtk1 to 2.0.0.16.

   Security fixes in this version:

   MFSA 2008-35 Command-line URLs launch multiple tabs when Firefox not running
   MFSA 2008-34 Remote code execution by overflowing CSS reference counter

   For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.16/releasenotes/

Revision 1.59 / (download) - annotate - [select for diffs], Wed Jul 16 09:52:56 2008 UTC (14 years, 6 months ago) by ghen
Branch: MAIN
CVS Tags: cube-native-xorg-base, cube-native-xorg
Changes since 1.58: +2 -2 lines
Diff to previous 1.58 (colored)

Update firefox, firefox-bin and firefox-gtk1 to 2.0.0.16.

Security fixes in this version:

MFSA 2008-35 Command-line URLs launch multiple tabs when Firefox not running
MFSA 2008-34 Remote code execution by overflowing CSS reference counter

For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.16/releasenotes/

Revision 1.55.2.2 / (download) - annotate - [select for diffs], Wed Jul 2 13:13:59 2008 UTC (14 years, 7 months ago) by tron
Branch: pkgsrc-2008Q1
Changes since 1.55.2.1: +2 -2 lines
Diff to previous 1.55.2.1 (colored) to branchpoint 1.55 (colored) next main 1.56 (colored)

Pullup ticket #2441 - requested by ghen
Security update for firefox, firefox-bin and firefox-gtk1

Revisions pulled up:
- www/firefox-bin/Makefile		1.43
- www/firefox-bin/distinfo		1.43
- www/firefox/Makefile-firefox.common	1.58
- www/firefox/PLIST			1.29
- www/firefox/distinfo			1.78
- www/firefox/patches/patch-af		1.6
- www/firefox/patches/patch-ap		1.9
- www/firefox/patches/patch-de		1.2
---
    Module Name:	pkgsrc
    Committed By:	ghen
    Date:		Wed Jul  2 09:03:35 UTC 2008

    Modified Files:
    	pkgsrc/www/firefox: Makefile-firefox.common PLIST distinfo
    	pkgsrc/www/firefox-bin: Makefile distinfo
    	pkgsrc/www/firefox/patches: patch-af patch-ap patch-de

    Log Message:
    Update firefox, firefox-bin and firefox-gtk1 to 2.0.0.15.

    Part of patch-af has been fixed upstream.

    Security fixes in this version:

    MFSA 2008-33 Crash and remote code execution in block reflow
    MFSA 2008-32 Remote site run as local file via Windows URL shortcut
    MFSA 2008-31 Peer-trusted certs can use alt names to spoof
    MFSA 2008-30 File location URL in directory listings not escaped properly
    MFSA 2008-29 Faulty .properties file results in uninitialized memory being used
    MFSA 2008-28 Arbitrary socket connections with Java LiveConnect on Mac OS X
    MFSA 2008-27 Arbitrary file upload via originalTarget and DOM Range
    MFSA 2008-25 Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript()
    MFSA 2008-24 Chrome script loading from fastload file
    MFSA 2008-23 Signed JAR tampering
    MFSA 2008-22 XSS through JavaScript same-origin violation
    MFSA 2008-21 Crashes with evidence of memory corruption (rv:1.8.1.15)

    For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.15/releasenotes/

Revision 1.58 / (download) - annotate - [select for diffs], Wed Jul 2 09:03:35 2008 UTC (14 years, 7 months ago) by ghen
Branch: MAIN
CVS Tags: pkgsrc-2008Q2-base, cwrapper
Branch point for: pkgsrc-2008Q2
Changes since 1.57: +2 -2 lines
Diff to previous 1.57 (colored)

Update firefox, firefox-bin and firefox-gtk1 to 2.0.0.15.

Part of patch-af has been fixed upstream.

Security fixes in this version:

MFSA 2008-33 Crash and remote code execution in block reflow
MFSA 2008-32 Remote site run as local file via Windows URL shortcut
MFSA 2008-31 Peer-trusted certs can use alt names to spoof
MFSA 2008-30 File location URL in directory listings not escaped properly
MFSA 2008-29 Faulty .properties file results in uninitialized memory being used
MFSA 2008-28 Arbitrary socket connections with Java LiveConnect on Mac OS X
MFSA 2008-27 Arbitrary file upload via originalTarget and DOM Range
MFSA 2008-25 Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript()
MFSA 2008-24 Chrome script loading from fastload file
MFSA 2008-23 Signed JAR tampering
MFSA 2008-22 XSS through JavaScript same-origin violation
MFSA 2008-21 Crashes with evidence of memory corruption (rv:1.8.1.15)

For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.15/releasenotes/

Revision 1.57 / (download) - annotate - [select for diffs], Mon May 19 10:43:02 2008 UTC (14 years, 8 months ago) by tnn
Branch: MAIN
Changes since 1.56: +2 -1 lines
Diff to previous 1.56 (colored)

Fix assorted pkglint complaints and warns.

Revision 1.55.2.1 / (download) - annotate - [select for diffs], Mon Apr 21 00:39:03 2008 UTC (14 years, 9 months ago) by rtr
Branch: pkgsrc-2008Q1
Changes since 1.55: +2 -2 lines
Diff to previous 1.55 (colored)

pullup ticket #2343 - requested by ghen
update to latest firefox

Revisions pulled up:
- pkgsrc/www/firefox/Makefile-firefox.common	1.56
- pkgsrc/www/firefox/distinfo			1.76
- pkgsrc/www/firefox-bin/Makefile		1.42
- pkgsrc/www/firefox-bin/distinfo		1.42

   Module Name:	pkgsrc
   Committed By:	ghen
   Date:		Thu Apr 17 07:39:20 UTC 2008

   Modified Files:
   	pkgsrc/www/firefox: Makefile-firefox.common distinfo
   	pkgsrc/www/firefox-bin: Makefile distinfo

   Log Message:
   Update firefox, firefox-bin and firefox-gtk1 to 2.0.0.14.

   Security fixes in this version:

   MFSA 2008-20 Crash in JavaScript garbage collector

   For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.14/releasenotes/

Revision 1.56 / (download) - annotate - [select for diffs], Thu Apr 17 07:39:20 2008 UTC (14 years, 9 months ago) by ghen
Branch: MAIN
Changes since 1.55: +2 -2 lines
Diff to previous 1.55 (colored)

Update firefox, firefox-bin and firefox-gtk1 to 2.0.0.14.

Security fixes in this version:

MFSA 2008-20 Crash in JavaScript garbage collector

For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.14/releasenotes/

Revision 1.55 / (download) - annotate - [select for diffs], Sun Mar 30 13:32:22 2008 UTC (14 years, 10 months ago) by ghen
Branch: MAIN
CVS Tags: pkgsrc-2008Q1-base
Branch point for: pkgsrc-2008Q1
Changes since 1.54: +2 -2 lines
Diff to previous 1.54 (colored)

Update firefox and firefox-gtk1 to 2.0.0.13.

Security fixes in this version:

MFSA 2008-19 XUL popup spoofing variant (cross-tab popups)
MFSA 2008-18 Java socket connection to any local port via LiveConnect
MFSA 2008-17 Privacy issue with SSL Client Authentication
MFSA 2008-16 HTTP Referrer spoofing with malformed URLs
MFSA 2008-15 Crashes with evidence of memory corruption (rv:1.8.1.13)
MFSA 2008-14 JavaScript privilege escalation and arbitrary code execution

For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.13/releasenotes/

Revision 1.54 / (download) - annotate - [select for diffs], Fri Feb 8 11:28:30 2008 UTC (14 years, 11 months ago) by ghen
Branch: MAIN
Changes since 1.53: +2 -2 lines
Diff to previous 1.53 (colored)

Update firefox, firefox-bin and firefox-gtk1 to 2.0.0.12.

Security fixes in this version:

MFSA 2008-11 Web forgery overwrite with div overlay
MFSA 2008-10 URL token stealing via stylesheet redirect
MFSA 2008-09 Mishandling of locally-saved plain text files
MFSA 2008-08 File action dialog tampering
MFSA 2008-06 Web browsing history and forward navigation stealing
MFSA 2008-05 Directory traversal via chrome: URI
MFSA 2008-04 Stored password corruption
MFSA 2008-03 Privilege escalation, XSS, Remote Code Execution
MFSA 2008-02 Multiple file input focus stealing vulnerabilities
MFSA 2008-01 Crashes with evidence of memory corruption (rv:1.8.1.12)

For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.12/releasenotes/

Revision 1.53 / (download) - annotate - [select for diffs], Sat Dec 22 07:22:10 2007 UTC (15 years, 1 month ago) by obache
Branch: MAIN
CVS Tags: pkgsrc-2007Q4-base, pkgsrc-2007Q4
Changes since 1.52: +2 -5 lines
Diff to previous 1.52 (colored)

Change MOZILLA master sites difinitions, related to PR 37379.

There are three types Mozilla mirrors.
(http://www.mozilla.org/mirroring.html)
 * mozilla-current
        contains only the current version of Firefox and Thunderbird
 * mozilla-release
        contains Firefox, Thunderbird, and Sunbird releases
 * mozilla-all
        complete archive

Define following variables for mozilla master sites:
        MASTER_SITE_MOZILLA_ALL = mozilla-all
        MASTER_SITE_MOZILLA     = mozilla-release
and change some packages to use appropriate variable.

Update contents of MASTER_SITE_MOZILLA with master and primary mirrors
taken from http://www.mozilla.org/mirrors.html and add some sample definitions.

Revision 1.52 / (download) - annotate - [select for diffs], Sat Dec 1 21:43:23 2007 UTC (15 years, 2 months ago) by ghen
Branch: MAIN
Changes since 1.51: +2 -2 lines
Diff to previous 1.51 (colored)

Update firefox, firefox-bin and firefox-gtk1 to 2.0.0.11.

This update fixes a bug introduced by the 2.0.0.10 update in the <canvas>
feature that affected some web pages and extensions.

For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.11/releasenotes/

Revision 1.51 / (download) - annotate - [select for diffs], Wed Nov 28 01:36:09 2007 UTC (15 years, 2 months ago) by ghen
Branch: MAIN
Changes since 1.50: +2 -2 lines
Diff to previous 1.50 (colored)

Update firefox, firefox-bin and firefox-gtk1 to 2.0.0.10.

Security fixes in this version:

MFSA 2007-39 Referer-spoofing via window.location race condition
MFSA 2007-38 Memory corruption vulnerabilities (rv:1.8.1.10)
MFSA 2007-37 jar: URI scheme XSS hazard

For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.10/releasenotes/

Revision 1.50 / (download) - annotate - [select for diffs], Fri Nov 2 21:46:38 2007 UTC (15 years, 3 months ago) by ghen
Branch: MAIN
Changes since 1.49: +2 -2 lines
Diff to previous 1.49 (colored)

Update firefox, firefox-bin and firefox-gtk1 to 2.0.0.9.

Fixes a number of regressions introduced in 2.0.0.8:

* Bug 400406 - Firefox will ignore the clear CSS property when used beneath a
  box that is using the float property. There is a temporary workaround JS/CSS
  code available for web developers with affected layouts.
* Bug 400467 - Windows Vista users will get Java not found or Java not working
  errors when trying to load Java applets after updating. To fix this, users
  can right-click the Firefox icon and Run as administrator, then browse to a
  page with a Java applet  doing this once will fix the problem and permanently
  restore Java functionality.
* Bug 396695 - Add-ons are disabled after updating. Users can fix this problem
  by opening their profile folder and removing three files (extensions.rdf,
  extensions.ini and extensions.cache)
* Bug 400421 - Removing a single area element from an image map will cause the
  entire map to disappear. There is no workaround available at this time.
* Bug 400735 - Some Windows users may experience crashes at startup. There is
  no workaround available at this time.

For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.9/releasenotes/

Revision 1.48.2.1 / (download) - annotate - [select for diffs], Mon Oct 22 23:18:57 2007 UTC (15 years, 3 months ago) by salo
Branch: pkgsrc-2007Q3
Changes since 1.48: +2 -2 lines
Diff to previous 1.48 (colored) next main 1.49 (colored)

Pullup ticket 2203 - requested by ghen
security update for firefox

Revisions pulled up:
- pkgsrc/www/firefox/Makefile-firefox.common		1.49
- pkgsrc/www/firefox/distinfo				1.70
- pkgsrc/www/firefox/patches/patch-ac			1.10
- pkgsrc/www/firefox-bin/Makefile			1.35
- pkgsrc/www/firefox-bin/distinfo			1.33, 1.34, 1.35

   Module Name:		pkgsrc
   Committed By:	ghen
   Date:		Fri Oct 19 08:59:56 UTC 2007

   Modified Files:
   	pkgsrc/www/firefox: Makefile-firefox.common distinfo
   	pkgsrc/www/firefox-bin: Makefile distinfo
   	pkgsrc/www/firefox/patches: patch-ac

   Log Message:
   Update firefox, firefox-bin and firefox-gtk1 to 2.0.0.8.

   Security fixes in this version:

   MFSA 2007-36 URIs with invalid %-encoding mishandled by Windows
   MFSA 2007-35 XPCNativeWrapper pollution using Script object
   MFSA 2007-34 Possible file stealing through sftp protocol
   MFSA 2007-33 XUL pages can hide the window titlebar
   MFSA 2007-32 File input focus stealing vulnerability
   MFSA 2007-31 Browser digest authentication request splitting
   MFSA 2007-30 onUnload Tailgating
   MFSA 2007-29 Crashes with evidence of memory corruption (rv:1.8.1.8)

   For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.8/releasenotes/
---
   Module Name:		pkgsrc
   Committed By:	ghen
   Date:		Fri Oct 19 19:47:43 UTC 2007

   Modified Files:
   	pkgsrc/www/firefox-bin: distinfo

   Log Message:
   Add distinfo entries for Solaris {8,10}/{i386,sparc} as well.
   Noted by dmcmahill.
---
   Module Name:		pkgsrc
   Committed By:	ghen
   Date:		Sat Oct 20 10:42:37 UTC 2007

   Modified Files:
   	pkgsrc/www/firefox-bin: distinfo

   Log Message:
   Remove empty lines to get rid of warnings in weekly pkgsrc checks on babylon5.
   Suggested by veego.

Revision 1.49 / (download) - annotate - [select for diffs], Fri Oct 19 08:59:55 2007 UTC (15 years, 3 months ago) by ghen
Branch: MAIN
Changes since 1.48: +2 -2 lines
Diff to previous 1.48 (colored)

Update firefox, firefox-bin and firefox-gtk1 to 2.0.0.8.

Security fixes in this version:

MFSA 2007-36 URIs with invalid %-encoding mishandled by Windows
MFSA 2007-35 XPCNativeWrapper pollution using Script object
MFSA 2007-34 Possible file stealing through sftp protocol
MFSA 2007-33 XUL pages can hide the window titlebar
MFSA 2007-32 File input focus stealing vulnerability
MFSA 2007-31 Browser digest authentication request splitting
MFSA 2007-30 onUnload Tailgating
MFSA 2007-29 Crashes with evidence of memory corruption (rv:1.8.1.8)

For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.8/releasenotes/

Revision 1.48 / (download) - annotate - [select for diffs], Thu Sep 20 07:17:31 2007 UTC (15 years, 4 months ago) by ghen
Branch: MAIN
CVS Tags: pkgsrc-2007Q3-base
Branch point for: pkgsrc-2007Q3
Changes since 1.47: +3 -3 lines
Diff to previous 1.47 (colored)

Update firefox, firefox-bin and firefox-gtk1 to 2.0.0.7.

This version only fixes a Windows-specific security issue, but update
nevertheless so we start the freeze with the latest available version.
(People will start asking about this update anyway?)

For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.7/releasenotes/

Revision 1.45.2.1 / (download) - annotate - [select for diffs], Thu Aug 2 22:42:51 2007 UTC (15 years, 6 months ago) by salo
Branch: pkgsrc-2007Q2
Changes since 1.45: +2 -2 lines
Diff to previous 1.45 (colored) next main 1.46 (colored)

Pullup ticket 2154 - requested by ghen
security update for firefox

Revisions pulled up:
- pkgsrc/www/firefox/Makefile-firefox.common		1.46, 1.47
- pkgsrc/www/firefox/PLIST				1.28
- pkgsrc/www/firefox/distinfo				1.67, 1.68
- pkgsrc/www/firefox/patches/patch-cn			1.5
- pkgsrc/www/firefox-gtk1/PLIST				1.15
- pkgsrc/www/firefox-bin/Makefile			1.30, 1.32
- pkgsrc/www/firefox-bin/distinfo			1.27, 1.29
- pkgsrc/www/firefox15-bin/DESCR			1.3
- pkgsrc/www/firefox15-gtk1/DESCR			1.3
- pkgsrc/www/firefox15/DESCR				1.3

   Module Name:		pkgsrc
   Committed By:	xtraeme
   Date:		Thu Jul 19 18:20:59 UTC 2007

   Modified Files:
   	pkgsrc/www/firefox-bin: Makefile distinfo

   Log Message:
   Update to 2.0.0.5:

   MFSA 2007-25 XPCNativeWrapper pollution
   MFSA 2007-24 Unauthorized access to wyciwyg:// documents
   MFSA 2007-23 Remote code execution by launching Firefox from
   		Internet Explorer
   MFSA 2007-22 File type confusion due to %00 in name
   MFSA 2007-21 Privilege escalation using an event handler attached to an
   		element not in the document
   MFSA 2007-20 Frame spoofing while window is loading
   MFSA 2007-19 XSS using addEventListener and setTimeout
   MFSA 2007-18 Crashes with evidence of memory corruption
---
   Module Name:		pkgsrc
   Committed By:	ghen
   Date:		Thu Jul 26 08:43:51 UTC 2007

   Modified Files:
   	pkgsrc/www/firefox: Makefile-firefox.common PLIST distinfo
   	pkgsrc/www/firefox-gtk1: PLIST
   	pkgsrc/www/firefox/patches: patch-cn

   Log Message:
   Update firefox, firefox-bin and firefox-gtk1 to 2.0.0.5.

   Security fixes in this version:

   MFSA 2007-25 XPCNativeWrapper pollution
   MFSA 2007-24 Unauthorized access to wyciwyg:// documents
   MFSA 2007-23 Remote code execution by launching Firefox from Internet
                Explorer
   MFSA 2007-22 File type confusion due to %00 in name
   MFSA 2007-21 Privilege escalation using an event handler attached to an
                element not in the document
   MFSA 2007-20 Frame spoofing while window is loading
   MFSA 2007-19 XSS using addEventListener and setTimeout
   MFSA 2007-18 Crashes with evidence of memory corruption

   For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.5/releasenotes/
---
   Module Name:		pkgsrc
   Committed By:	ghen
   Date:		Tue Jul 31 10:06:48 UTC 2007

   Modified Files:
   	pkgsrc/www/firefox: Makefile-firefox.common distinfo
   	pkgsrc/www/firefox-bin: Makefile distinfo

   Log Message:
   Update firefox, firefox-bin and firefox-gtk1 to 2.0.0.6.

   Security fixes in this version:

   MFSA 2007-27 Unescaped URIs passed to external programs
   MFSA 2007-26 Privilege escalation through chrome-loaded about:blank windows

   For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.6/releasenotes/
---
   Module Name:		pkgsrc
   Committed By:	ghen
   Date:		Thu Jul 26 08:47:36 UTC 2007

   Modified Files:
   	pkgsrc/www/firefox15: DESCR
   	pkgsrc/www/firefox15-bin: DESCR
   	pkgsrc/www/firefox15-gtk1: DESCR

   Log Message:
   Firefox 1.5.0.x has been EOL'd.

Revision 1.47 / (download) - annotate - [select for diffs], Tue Jul 31 10:06:47 2007 UTC (15 years, 6 months ago) by ghen
Branch: MAIN
Changes since 1.46: +2 -2 lines
Diff to previous 1.46 (colored)

Update firefox, firefox-bin and firefox-gtk1 to 2.0.0.6.

Security fixes in this version:

MFSA 2007-27 Unescaped URIs passed to external programs
MFSA 2007-26 Privilege escalation through chrome-loaded about:blank windows

For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.6/releasenotes/

Revision 1.46 / (download) - annotate - [select for diffs], Thu Jul 26 08:43:49 2007 UTC (15 years, 6 months ago) by ghen
Branch: MAIN
Changes since 1.45: +2 -2 lines
Diff to previous 1.45 (colored)

Update firefox, firefox-bin and firefox-gtk1 to 2.0.0.5.

Security fixes in this version:

MFSA 2007-25 XPCNativeWrapper pollution
MFSA 2007-24 Unauthorized access to wyciwyg:// documents
MFSA 2007-23 Remote code execution by launching Firefox from Internet Explorer
MFSA 2007-22 File type confusion due to %00 in name
MFSA 2007-21 Privilege escalation using an event handler attached to an element not in the document
MFSA 2007-20 Frame spoofing while window is loading
MFSA 2007-19 XSS using addEventListener and setTimeout
MFSA 2007-18 Crashes with evidence of memory corruption

For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.5/releasenotes/

Revision 1.45 / (download) - annotate - [select for diffs], Sat Jun 16 01:14:48 2007 UTC (15 years, 7 months ago) by dmcmahill
Branch: MAIN
CVS Tags: pkgsrc-2007Q2-base
Branch point for: pkgsrc-2007Q2
Changes since 1.44: +1 -2 lines
Diff to previous 1.44 (colored)

Use a package option to control the --enable-single-profile option for
mozilla browsers.  This is now useful again to those of use who require
multiple profiles.

Revision 1.42.2.1 / (download) - annotate - [select for diffs], Wed Jun 13 21:32:46 2007 UTC (15 years, 7 months ago) by salo
Branch: pkgsrc-2007Q1
Changes since 1.42: +2 -2 lines
Diff to previous 1.42 (colored) next main 1.43 (colored)

Pullup ticket 2106 - requested by ghen
security updates for firefox

Updated via patch provided by the submitter, packages in HEAD were renamed.

   Module Name:		pkgsrc
   Committed By:	ghen
   Date:		Thu May 31 07:26:46 UTC 2007

   Modified Files:
   	pkgsrc/www/firefox15: DESCR Makefile-firefox.common distinfo
   	pkgsrc/www/firefox15-bin: DESCR Makefile distinfo
   	pkgsrc/www/firefox15-gtk1: DESCR
   	pkgsrc/www/firefox15/patches: patch-cn

   Log Message:
   Update firefox15, firefox15-bin and firefox15-gtk1 to 1.5.0.12.

   Security fixes in this version:

   MFSA 2007-17 XUL Popup Spoofing
   MFSA 2007-16 XSS using addEventListener
   MFSA 2007-14 Path Abuse in Cookies
   MFSA 2007-13 Persistent Autocomplete Denial of Service
   MFSA 2007-12 Crashes with evidence of memory corruption

   For more info, see http://www.mozilla.com/en-US/firefox/releases/1.5.0.12.html

   Note: Firefox 1.5.0.x will be maintained with security and stability updates
   until June 2007. All users are strongly encouraged to upgrade to Firefox 2.
---
   Module Name:		pkgsrc
   Committed By:	ghen
   Date:		Thu May 31 07:25:10 UTC 2007

   Modified Files:
   	pkgsrc/www/firefox: Makefile Makefile-firefox.common PLIST distinfo
   	pkgsrc/www/firefox-bin: Makefile distinfo
   	pkgsrc/www/firefox-gtk1: Makefile PLIST
   	pkgsrc/www/firefox/patches: patch-cn

   Log Message:
   Update firefox, firefox-bin and firefox-gtk1 to 2.0.0.4.

   Security fixes in this version:

   MFSA 2007-17 XUL Popup Spoofing
   MFSA 2007-16 XSS using addEventListener
   MFSA 2007-14 Path Abuse in Cookies
   MFSA 2007-13 Persistent Autocomplete Denial of Service
   MFSA 2007-12 Crashes with evidence of memory corruption

   For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.4/releasenotes/

Revision 1.44 / (download) - annotate - [select for diffs], Thu May 31 07:25:07 2007 UTC (15 years, 8 months ago) by ghen
Branch: MAIN
Changes since 1.43: +2 -2 lines
Diff to previous 1.43 (colored)

Update firefox, firefox-bin and firefox-gtk1 to 2.0.0.4.

Security fixes in this version:

MFSA 2007-17 XUL Popup Spoofing
MFSA 2007-16 XSS using addEventListener
MFSA 2007-14 Path Abuse in Cookies
MFSA 2007-13 Persistent Autocomplete Denial of Service
MFSA 2007-12 Crashes with evidence of memory corruption

For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.4/releasenotes/

Revision 1.43 / (download) - annotate - [select for diffs], Sat May 12 13:53:07 2007 UTC (15 years, 8 months ago) by ghen
Branch: MAIN
Changes since 1.42: +12 -4 lines
Diff to previous 1.42 (colored)

Update to Firefox 2.0.0.3 (nb1), from www/firefox2* (see there for history
and change notes).  Firefox 1.5.0.x will be maintained in www/firefox15*,
as discussed on tech-pkg.

Revision 1.39.2.2 / (download) - annotate - [select for diffs], Sat Mar 24 18:54:16 2007 UTC (15 years, 10 months ago) by salo
Branch: pkgsrc-2006Q4
Changes since 1.39.2.1: +2 -2 lines
Diff to previous 1.39.2.1 (colored) to branchpoint 1.39 (colored) next main 1.40 (colored)

Pullup ticket 2058 - requested by ghen
security update for firefox

Revisions pulled up:
- pkgsrc/www/firefox/DESCR				1.2
- pkgsrc/www/firefox/Makefile-firefox.common		1.42
- pkgsrc/www/firefox/distinfo				1.64
- pkgsrc/www/firefox-bin/Makefile			1.27
- pkgsrc/www/firefox-bin/distinfo			1.24
- pkgsrc/www/firefox-gtk1/DESCR				1.3

   Module Name:		pkgsrc
   Committed By:	ghen
   Date:		Wed Mar 21 13:33:05 UTC 2007

   Modified Files:
   	pkgsrc/www/firefox: DESCR Makefile-firefox.common distinfo
   	pkgsrc/www/firefox-bin: Makefile distinfo
   	pkgsrc/www/firefox-gtk1: DESCR

   Log Message:
   Update firefox, firefox-bin and firefox-gtk1 to 1.5.0.11.
   Fixed in this version:

   * Security update: MFSA 2007-11 (FTP PASV port-scanning) has been fixed.
   * Website Compatibility: Fixed various web compatibility regressions.

   For more info, see http://www.mozilla.com/en-US/firefox/releases/1.5.0.11.html

Revision 1.42 / (download) - annotate - [select for diffs], Wed Mar 21 13:33:04 2007 UTC (15 years, 10 months ago) by ghen
Branch: MAIN
CVS Tags: pkgsrc-2007Q1-base
Branch point for: pkgsrc-2007Q1
Changes since 1.41: +2 -2 lines
Diff to previous 1.41 (colored)

Update firefox, firefox-bin and firefox-gtk1 to 1.5.0.11. Fixed in this version:

* Security update: MFSA 2007-11 (FTP PASV port-scanning) has been fixed.
* Website Compatibility: Fixed various web compatibility regressions.

For more info, see http://www.mozilla.com/en-US/firefox/releases/1.5.0.11.html

Revision 1.39.2.1 / (download) - annotate - [select for diffs], Fri Mar 2 20:17:00 2007 UTC (15 years, 11 months ago) by salo
Branch: pkgsrc-2006Q4
Changes since 1.39: +2 -2 lines
Diff to previous 1.39 (colored)

Pullup ticket 2036 - requested by ghen
security update for firefox

Revisions pulled up:
- pkgsrc/www/firefox/Makefile-firefox.common			1.41
- pkgsrc/www/firefox/PLIST					1.24
- pkgsrc/www/firefox/distinfo					1.62
- pkgsrc/www/firefox/patches/patch-ap				1.7
- pkgsrc/www/firefox/patches/patch-ax				1.5
- pkgsrc/www/firefox-gtk1/PLIST					1.11
- pkgsrc/www/firefox-bin/Makefile				1.26
- pkgsrc/www/firefox-bin/distinfo				1.23
- pkgsrc/www/firefox2/Makefile-firefox.common			1.5
- pkgsrc/www/firefox2/PLIST					1.4
- pkgsrc/www/firefox2/distinfo					1.8
- pkgsrc/www/firefox2-bin/Makefile				1.5
- pkgsrc/www/firefox2-bin/distinfo				1.3
- pkgsrc/www/firefox2-gtk1/PLIST				1.3

   Module Name:		pkgsrc
   Committed By:	ghen
   Date:		Sat Feb 24 17:26:43 UTC 2007

   Modified Files:
   	pkgsrc/www/firefox2: Makefile-firefox.common PLIST distinfo
   	pkgsrc/www/firefox2-bin: Makefile distinfo
   	pkgsrc/www/firefox2-gtk1: PLIST

   Log Message:
   Update firefox2, firefox2-bin and firefox2-gtk1 to 2.0.0.2.
   Fixed in this version:

   MFSA 2007-07 Embedded nulls in location.hostname confuse same-domain checks
   MFSA 2007-06 Mozilla Network Security Services (NSS) SSLv2 buffer overflow
   MFSA 2007-05 XSS and local file access by opening blocked popups
   MFSA 2007-04 Spoofing using custom cursor and CSS3 hotspot
   MFSA 2007-03 Information disclosure through cache collisions
   MFSA 2007-02 Improvements to help protect against Cross-Site Scripting attacks
   MFSA 2007-01 Crashes with evidence of memory corruption (rv:1.8.0.10/1.8.1.2)

   For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.2/releasenotes/
---
   Module Name:		pkgsrc
   Committed By:	ghen
   Date:		Sun Feb 25 00:43:24 UTC 2007

   Modified Files:
   	pkgsrc/www/firefox: Makefile Makefile-firefox.common PLIST distinfo
   	pkgsrc/www/firefox-bin: Makefile distinfo
   	pkgsrc/www/firefox-gtk1: PLIST
   	pkgsrc/www/firefox/patches: patch-ap patch-ax
   Removed Files:
   	pkgsrc/www/firefox/patches: patch-ed

   Log Message:
   Update firefox, firefox-bin and firefox-gtk1 to 1.5.0.10.
   Fixed in this version:

   Fixed in Firefox 1.5.0.10
   MFSA 2007-07 Embedded nulls in location.hostname confuse same-domain checks
   MFSA 2007-06 Mozilla Network Security Services (NSS) SSLv2 buffer overflow
   MFSA 2007-05 XSS and local file access by opening blocked popups
   MFSA 2007-04 Spoofing using custom cursor and CSS3 hotspot
   MFSA 2007-03 Information disclosure through cache collisions
   MFSA 2007-02 Improvements to help protect against Cross-Site Scripting attacks
   MFSA 2007-01 Crashes with evidence of memory corruption (rv:1.8.0.10/1.8.1.2)

   For more info, see http://www.mozilla.com/en-US/firefox/releases/1.5.0.10.html

Revision 1.41 / (download) - annotate - [select for diffs], Sun Feb 25 00:43:23 2007 UTC (15 years, 11 months ago) by ghen
Branch: MAIN
Changes since 1.40: +2 -2 lines
Diff to previous 1.40 (colored)

Update firefox, firefox-bin and firefox-gtk1 to 1.5.0.10. Fixed in this version:

Fixed in Firefox 1.5.0.10
MFSA 2007-07 Embedded nulls in location.hostname confuse same-domain checks
MFSA 2007-06 Mozilla Network Security Services (NSS) SSLv2 buffer overflow
MFSA 2007-05 XSS and local file access by opening blocked popups
MFSA 2007-04 Spoofing using custom cursor and CSS3 hotspot
MFSA 2007-03 Information disclosure through cache collisions
MFSA 2007-02 Improvements to help protect against Cross-Site Scripting attacks
MFSA 2007-01 Crashes with evidence of memory corruption (rv:1.8.0.10/1.8.1.2)

For more info, see http://www.mozilla.com/en-US/firefox/releases/1.5.0.10.html

Revision 1.40 / (download) - annotate - [select for diffs], Thu Feb 22 19:30:06 2007 UTC (15 years, 11 months ago) by wiz
Branch: MAIN
Changes since 1.39: +2 -2 lines
Diff to previous 1.39 (colored)

pkglint USE_LANGUAGES cleanup. Patch from Sergey Svishchev.

Revision 1.37.2.2 / (download) - annotate - [select for diffs], Thu Dec 21 04:19:37 2006 UTC (16 years, 1 month ago) by salo
Branch: pkgsrc-2006Q3
Changes since 1.37.2.1: +2 -2 lines
Diff to previous 1.37.2.1 (colored) to branchpoint 1.37 (colored) next main 1.38 (colored)

Pullup ticket 1964 - requested by ghen
security update for firefox

Revisions pulled up:
- pkgsrc/www/firefox/Makefile-firefox.common		1.39
- pkgsrc/www/firefox/distinfo				1.59
- pkgsrc/www/firefox-bin/Makefile			1.25
- pkgsrc/www/firefox-bin/distinfo			1.22

   Module Name:		pkgsrc
   Committed By:	ghen
   Date:		Wed Dec 20 11:01:26 UTC 2006

   Modified Files:
   	pkgsrc/www/firefox: Makefile-firefox.common distinfo
   	pkgsrc/www/firefox-bin: Makefile distinfo

   Log Message:
   Update firefox, firefox-bin and firefox-gtk1 to 1.5.0.9. Fixed in this
   version:

   MFSA 2006-75 RSS Feed-preview referrer leak
   MFSA 2006-73 Mozilla SVG Processing Remote Code Execution
   MFSA 2006-72 XSS by setting img.src to javascript: URI
   MFSA 2006-71 LiveConnect crash finalizing JS objects
   MFSA 2006-70 Privilege escallation using watch point
   MFSA 2006-68 Crashes with evidence of memory corruption (rv:1.8.0.9/1.8.1.1)

   For more info, see http://www.mozilla.com/en-US/firefox/releases/1.5.0.9.html

Revision 1.39 / (download) - annotate - [select for diffs], Wed Dec 20 11:01:26 2006 UTC (16 years, 1 month ago) by ghen
Branch: MAIN
CVS Tags: pkgsrc-2006Q4-base
Branch point for: pkgsrc-2006Q4
Changes since 1.38: +2 -2 lines
Diff to previous 1.38 (colored)

Update firefox, firefox-bin and firefox-gtk1 to 1.5.0.9. Fixed in this version:

MFSA 2006-75 RSS Feed-preview referrer leak
MFSA 2006-73 Mozilla SVG Processing Remote Code Execution
MFSA 2006-72 XSS by setting img.src to javascript: URI
MFSA 2006-71 LiveConnect crash finalizing JS objects
MFSA 2006-70 Privilege escallation using watch point
MFSA 2006-68 Crashes with evidence of memory corruption (rv:1.8.0.9/1.8.1.1)

For more info, see http://www.mozilla.com/en-US/firefox/releases/1.5.0.9.html

Revision 1.37.2.1 / (download) - annotate - [select for diffs], Thu Nov 9 07:28:46 2006 UTC (16 years, 2 months ago) by salo
Branch: pkgsrc-2006Q3
Changes since 1.37: +2 -2 lines
Diff to previous 1.37 (colored)

Pullup ticket 1905 - requested by ghen
security update for firefox

Revisions pulled up:
- pkgsrc/www/firefox/Makefile				1.37, 1.38, 1.39
- pkgsrc/www/firefox/Makefile-firefox.common		1.38
- pkgsrc/www/firefox/distinfo				1.56, 1.57, 1.58
- pkgsrc/www/firefox/patches/patch-ai			1.5
- pkgsrc/www/firefox/patches/patch-at			1.1
- pkgsrc/www/firefox-gtk1/Makefile			1.14, 1.15
- pkgsrc/www/firefox-bin/Makefile			1.23
- pkgsrc/www/firefox-bin/distinfo			1.21

   Module Name:		pkgsrc
   Committed By:	markd
   Date:		Thu Oct 19 10:25:17 UTC 2006

   Modified Files:
   	pkgsrc/www/firefox: Makefile distinfo
   	pkgsrc/www/firefox/patches: patch-ai

   Log Message:
   Fix crash after printing caused by trying to destroy the same charset
   structure multiple times.  Bump PKGREVISION.
---
   Module Name:		pkgsrc
   Committed By:	markd
   Date:		Mon Oct 23 10:49:35 UTC 2006

   Modified Files:
   	pkgsrc/www/firefox: Makefile distinfo
   	pkgsrc/www/firefox-gtk1: Makefile
   Added Files:
   	pkgsrc/www/firefox/patches: patch-at

   Log Message:
   thunderbird's ldap doesn't work talking to an ipv4 ldap server if
   talking to ipv4 addresses using ipv6 addresses isn't allowed, which is
   the default on NetBSD.  Patch to use a v4 socket when talking to an ipv4
   ldap server.  Fixes my PR 33511.
   seamonkey/firefox/sunbird have the same code so make the same patch.
   OKed ghen.  Bump PKGREVISION.
---
   Module Name:		pkgsrc
   Committed By:	ghen
   Date:		Wed Nov  8 09:50:15 UTC 2006

   Modified Files:
   	pkgsrc/www/firefox: Makefile Makefile-firefox.common distinfo
   	pkgsrc/www/firefox-bin: Makefile distinfo
   	pkgsrc/www/firefox-gtk1: Makefile

   Log Message:
   Update firefox, firefox-bin and firefox-gtk1 to 1.5.0.8. Fixed in this
   version:

   MFSA 2006-67 Running Script can be recompiled
   MFSA 2006-66 RSA signature forgery (variant)
   MFSA 2006-65 Crashes with evidence of memory corruption (rv:1.8.0.8)

   For more info, see
   http://www.mozilla.com/en-US/firefox/releases/1.5.0.8.html

Revision 1.38 / (download) - annotate - [select for diffs], Wed Nov 8 09:50:15 2006 UTC (16 years, 2 months ago) by ghen
Branch: MAIN
Changes since 1.37: +2 -2 lines
Diff to previous 1.37 (colored)

Update firefox, firefox-bin and firefox-gtk1 to 1.5.0.8. Fixed in this version:

MFSA 2006-67 Running Script can be recompiled
MFSA 2006-66 RSA signature forgery (variant)
MFSA 2006-65 Crashes with evidence of memory corruption (rv:1.8.0.8)

For more info, see http://www.mozilla.com/en-US/firefox/releases/1.5.0.8.html

Revision 1.34.2.2 / (download) - annotate - [select for diffs], Sat Sep 16 18:00:09 2006 UTC (16 years, 4 months ago) by salo
Branch: pkgsrc-2006Q2
Changes since 1.34.2.1: +2 -3 lines
Diff to previous 1.34.2.1 (colored) to branchpoint 1.34 (colored) next main 1.35 (colored)

Pullup ticket 1826 - requested by ghen
security update for firefox

Revisions pulled up:
- pkgsrc/www/firefox/Makefile-firefox.common		1.36, 1.37
- pkgsrc/www/firefox/distinfo				1.53, 1.54
- pkgsrc/www/firefox-bin/Makefile			1.20, 1.21
- pkgsrc/www/firefox-bin/Makefile.Linux.i386		1.7
- pkgsrc/www/firefox-bin/distinfo			1.19, 1.20

   Module Name:		pkgsrc
   Committed By:	tron
   Date:		Thu Aug  3 08:31:28 UTC 2006

   Modified Files:
   	pkgsrc/www/firefox-bin: Makefile Makefile.Linux.i386 distinfo

   Log Message:
   Update "firefox-bin" package to version 1.5.0.6. Changes since 1.5.0.5:
   - Fixed an issue with playing Windows Media content
---
   Module Name:		pkgsrc
   Committed By:	ghen
   Date:		Thu Aug  3 09:37:35 UTC 2006

   Modified Files:
   	pkgsrc/www/firefox: Makefile-firefox.common distinfo

   Log Message:
   Update www/firefox* to Firefox 1.5.0.6.  Just one change:

   - Fixed an issue with playing Windows Media content
---
   Module Name:		pkgsrc
   Committed By:	ghen
   Date:		Fri Sep 15 09:24:30 UTC 2006

   Modified Files:
   	pkgsrc/www/firefox-bin: Makefile distinfo

   Log Message:
   Update firefox-bin to 1.5.0.7.  Source package update will follow later.

   Fixed in Firefox 1.5.0.7:
   MFSA 2006-64 Crashes with evidence of memory corruption (rv:1.8.0.7)
   MFSA 2006-62 Popup-blocker cross-site scripting (XSS)
   MFSA 2006-61 Frame spoofing using document.open()
   MFSA 2006-60 RSA Signature Forgery
   MFSA 2006-59 Concurrency-related vulnerability
   MFSA 2006-58 Auto-Update compromise through DNS and SSL spoofing
   MFSA 2006-57 JavaScript Regular Expression Heap Corruption

   For more info, see http://www.mozilla.com/firefox/releases/1.5.0.7.html
---
   Module Name:		pkgsrc
   Committed By:	ghen
   Date:		Fri Sep 15 13:53:08 UTC 2006

   Modified Files:
   	pkgsrc/www/firefox: Makefile-firefox.common distinfo

   Log Message:
   Update firefox and firefox-gtk1 to 1.5.0.7.  Fixed in this version:

   MFSA 2006-64 Crashes with evidence of memory corruption (rv:1.8.0.7)
   MFSA 2006-62 Popup-blocker cross-site scripting (XSS)
   MFSA 2006-61 Frame spoofing using document.open()
   MFSA 2006-60 RSA Signature Forgery
   MFSA 2006-59 Concurrency-related vulnerability
   MFSA 2006-58 Auto-Update compromise through DNS and SSL spoofing
   MFSA 2006-57 JavaScript Regular Expression Heap Corruption

   For more info, see http://www.mozilla.com/firefox/releases/1.5.0.7.html

Revision 1.37 / (download) - annotate - [select for diffs], Fri Sep 15 13:53:08 2006 UTC (16 years, 4 months ago) by ghen
Branch: MAIN
CVS Tags: pkgsrc-2006Q3-base
Branch point for: pkgsrc-2006Q3
Changes since 1.36: +2 -2 lines
Diff to previous 1.36 (colored)

Update firefox and firefox-gtk1 to 1.5.0.7.  Fixed in this version:

MFSA 2006-64 Crashes with evidence of memory corruption (rv:1.8.0.7)
MFSA 2006-62 Popup-blocker cross-site scripting (XSS)
MFSA 2006-61 Frame spoofing using document.open()
MFSA 2006-60 RSA Signature Forgery
MFSA 2006-59 Concurrency-related vulnerability
MFSA 2006-58 Auto-Update compromise through DNS and SSL spoofing
MFSA 2006-57 JavaScript Regular Expression Heap Corruption

For more info, see http://www.mozilla.com/firefox/releases/1.5.0.7.html

Revision 1.36 / (download) - annotate - [select for diffs], Thu Aug 3 09:37:35 2006 UTC (16 years, 6 months ago) by ghen
Branch: MAIN
Changes since 1.35: +2 -3 lines
Diff to previous 1.35 (colored)

Update www/firefox* to Firefox 1.5.0.6 and www/seamonkey* to Seamonkey 1.0.4.
Just one change:

- Fixed an issue with playing Windows Media content

Revision 1.34.2.1 / (download) - annotate - [select for diffs], Sun Jul 30 11:40:44 2006 UTC (16 years, 6 months ago) by salo
Branch: pkgsrc-2006Q2
Changes since 1.34: +2 -2 lines
Diff to previous 1.34 (colored)

Pullup ticket 1759 - requested by uebayasi
security update for firefox

Revisions pulled up:
- pkgsrc/www/firefox/Makefile-firefox.common		1.35
- pkgsrc/www/firefox/distinfo				1.51, 1.52
- pkgsrc/www/firefox/patches/patch-cn			1.2

   Module Name:		pkgsrc
   Committed By:	perry
   Date:		Fri Jul 28 14:22:29 UTC 2006

   Modified Files:
   	pkgsrc/www/firefox: Makefile-firefox.common distinfo

   Log Message:
   Update package to 1.5.0.5 in response to CERT warnings of severe
   security problems with 1.5.0.4. No functional changes at all in the
   package -- this is purely a security update.

   See CERT advisory TA06-208A (last revised July 27) for details.
---
   Module Name:		pkgsrc
   Committed By:	uebayasi
   Date:		Fri Jul 28 17:40:50 UTC 2006

   Modified Files:
   	pkgsrc/www/firefox: distinfo
   	pkgsrc/www/firefox/patches: patch-cn

   Log Message:
   Fix build.

   (Don't bump because this must have never been built since 1.5.0.5 update.)

Revision 1.35 / (download) - annotate - [select for diffs], Fri Jul 28 14:22:29 2006 UTC (16 years, 6 months ago) by perry
Branch: MAIN
Changes since 1.34: +2 -2 lines
Diff to previous 1.34 (colored)

Update package to 1.5.0.5 in response to CERT warnings of severe
security problems with 1.5.0.4. No functional changes at all in the
package -- this is purely a security update.

See CERT advisory TA06-208A (last revised July 27) for details.

Revision 1.34 / (download) - annotate - [select for diffs], Thu Jun 15 22:13:59 2006 UTC (16 years, 7 months ago) by jlam
Branch: MAIN
CVS Tags: pkgsrc-2006Q2-base
Branch point for: pkgsrc-2006Q2
Changes since 1.33: +2 -2 lines
Diff to previous 1.33 (colored)

Pluralize INSTALL_TEMPLATE and DEINSTALL_TEMPLATE variable names as per
the pkglint warning:

    As {INSTALL,DEINSTALL}_TEMPLATE is modified using "+=", its name
    should indicate plural.

This does make the variables a bit more suggestive of the fact that they
hold lists of values.

Revision 1.28.2.2 / (download) - annotate - [select for diffs], Sun Jun 4 00:54:05 2006 UTC (16 years, 8 months ago) by salo
Branch: pkgsrc-2006Q1
Changes since 1.28.2.1: +2 -2 lines
Diff to previous 1.28.2.1 (colored) to branchpoint 1.28 (colored) next main 1.29 (colored)

Pullup ticket 1682 - requested by ghen
security update for firefox and thunderbird

Revisions pulled up:
- pkgsrc/www/firefox/Makefile				1.35
- pkgsrc/www/firefox/Makefile-firefox.common		1.30, 1.33
- pkgsrc/www/firefox/distinfo				1.49, 1.50
- pkgsrc/www/firefox-gtk1/Makefile			1.13
- pkgsrc/www/firefox/patches/patch-fa			removed
- pkgsrc/www/firefox/patches/patch-fb			removed
- pkgsrc/mail/thunderbird/Makefile-thunderbird.common	1.15
- pkgsrc/mail/thunderbird/PLIST				1.14
- pkgsrc/mail/thunderbird/distinfo			1.23
- pkgsrc/mail/thunderbird-gtk1/PLIST			1.5

   Module Name:		pkgsrc
   Committed By:	ghen
   Date:		Thu May  4 05:16:13 UTC 2006

   Modified Files:
   	pkgsrc/www/firefox: Makefile Makefile-firefox.common distinfo
   	pkgsrc/www/firefox-gtk1: Makefile
   Removed Files:
   	pkgsrc/www/firefox/patches: patch-fa patch-fb

   Log Message:
   Update Firefox to 1.5.0.3, which is identical to our 1.5.0.2nb2 (except
   for the advertized version), so there's no reason to upgrade. :-)

   Fixes a denial of service vulnerability (MFSA 2006-30).
---
   Module Name:		pkgsrc
   Committed By:	ghen
   Date:		Sat Jun  3 08:04:36 UTC 2006

   Modified Files:
   	pkgsrc/mail/thunderbird: Makefile-thunderbird.common PLIST distinfo
   	pkgsrc/mail/thunderbird-gtk1: PLIST
   	pkgsrc/www/firefox: Makefile-firefox.common distinfo

   Log Message:
   Update www/firefox and www/firefox-gtk to 1.5.0.4, mail/thunderbird and
   mail/thunderbird-gtk1 to 1.5.0.4 (salo has already updated
   www/firefox-bin).  Note that thunderbird skipped one release number
   (again) to stay on par with firefox.

   These updates provide:
   * improvements to product stability,
   * several important security fixes (see below).

   Fixed in Firefox 1.5.0.4:
   MFSA 2006-43 Privilege escalation using addSelectionListener
   MFSA 2006-42 Web site XSS using BOM on UTF-8 pages
   MFSA 2006-41 File stealing by changing input type (variant)
   MFSA 2006-39 "View Image" local resource linking (Windows)
   MFSA 2006-38 Buffer overflow in crypto.signText()
   MFSA 2006-37 Remote compromise via content-defined setter on object
                prototypes
   MFSA 2006-36 PLUGINSPAGE privileged JavaScript execution 2
   MFSA 2006-35 Privilege escalation through XUL persist
   MFSA 2006-34 XSS viewing javascript: frames or images from context menu
   MFSA 2006-33 HTTP response smuggling
   MFSA 2006-32 Fixes for crashes with potential memory corruption
   MFSA 2006-31 EvalInSandbox escape (Proxy Autoconfig, Greasemonkey)

   Fixed in Thunderbird 1.5.0.4:
   MFSA 2006-42 Web site XSS using BOM on UTF-8 pages
   MFSA 2006-40 Double-free on malformed VCard
   MFSA 2006-38 Buffer overflow in crypto.signText()
   MFSA 2006-37 Remote compromise via content-defined setter on object
                prototypes
   MFSA 2006-35 Privilege escalation through XUL persist
   MFSA 2006-33 HTTP response smuggling
   MFSA 2006-32 Fixes for crashes with potential memory corruption
   MFSA 2006-31 EvalInSandbox escape (Proxy Autoconfig, Greasemonkey)

Revision 1.33 / (download) - annotate - [select for diffs], Sat Jun 3 08:04:36 2006 UTC (16 years, 8 months ago) by ghen
Branch: MAIN
Changes since 1.32: +2 -2 lines
Diff to previous 1.32 (colored)

Update www/firefox and www/firefox-gtk to 1.5.0.4, mail/thunderbird and
mail/thunderbird-gtk1 to 1.5.0.4, and www/seamonkey, www/seamonkey-gtk1
and www/seamonkey-bin to 1.0.2 (salo has already updated www/firefox-bin).
Note that thunderbird skipped one release number (again) to stay on par
with firefox.

These updates provide:
* improvements to product stability,
* several important security fixes (see below).

Fixed in Firefox 1.5.0.4:
MFSA 2006-43 Privilege escalation using addSelectionListener
MFSA 2006-42 Web site XSS using BOM on UTF-8 pages
MFSA 2006-41 File stealing by changing input type (variant)
MFSA 2006-39 "View Image" local resource linking (Windows)
MFSA 2006-38 Buffer overflow in crypto.signText()
MFSA 2006-37 Remote compromise via content-defined setter on object prototypes
MFSA 2006-36 PLUGINSPAGE privileged JavaScript execution 2
MFSA 2006-35 Privilege escalation through XUL persist
MFSA 2006-34 XSS viewing javascript: frames or images from context menu
MFSA 2006-33 HTTP response smuggling
MFSA 2006-32 Fixes for crashes with potential memory corruption
MFSA 2006-31 EvalInSandbox escape (Proxy Autoconfig, Greasemonkey)

Fixed in Thunderbird 1.5.0.4:
MFSA 2006-42 Web site XSS using BOM on UTF-8 pages
MFSA 2006-40 Double-free on malformed VCard
MFSA 2006-38 Buffer overflow in crypto.signText()
MFSA 2006-37 Remote compromise via content-defined setter on object prototypes
MFSA 2006-35 Privilege escalation through XUL persist
MFSA 2006-33 HTTP response smuggling
MFSA 2006-32 Fixes for crashes with potential memory corruption
MFSA 2006-31 EvalInSandbox escape (Proxy Autoconfig, Greasemonkey)

Fixed in SeaMonkey 1.0.2:
MFSA 2006-43 Privilege escalation using addSelectionListener
MFSA 2006-42 Web site XSS using BOM on UTF-8 pages
MFSA 2006-41 File stealing by changing input type (variant)
MFSA 2006-40 Double-free on malformed VCard
MFSA 2006-39 "View Image" local resource linking (Windows)
MFSA 2006-38 Buffer overflow in crypto.signText()
MFSA 2006-37 Remote compromise via content-defined setter on object prototypes
MFSA 2006-35 Privilege escalation through XUL persist
MFSA 2006-34 XSS viewing javascript: frames or images from context menu
MFSA 2006-33 HTTP response smuggling
MFSA 2006-32 Fixes for crashes with potential memory corruption
MFSA 2006-31 EvalInSandbox escape (Proxy Autoconfig, Greasemonkey)

Revision 1.32 / (download) - annotate - [select for diffs], Sat Jun 3 07:57:31 2006 UTC (16 years, 8 months ago) by ghen
Branch: MAIN
Changes since 1.31: +1 -2 lines
Diff to previous 1.31 (colored)

Remove MESSAGE, as this seems to be no longer true for 1.5+ releases.

Revision 1.31 / (download) - annotate - [select for diffs], Sun May 21 23:18:35 2006 UTC (16 years, 8 months ago) by jlam
Branch: MAIN
Changes since 1.30: +2 -2 lines
Diff to previous 1.30 (colored)

Set MESSAGE_SRC instead of MESSAGE so that we can take advantage of
MESSAGE_SUBST properly.  No package should be setting MESSAGE anyway.

Revision 1.30 / (download) - annotate - [select for diffs], Thu May 4 05:16:13 2006 UTC (16 years, 9 months ago) by ghen
Branch: MAIN
Changes since 1.29: +2 -2 lines
Diff to previous 1.29 (colored)

Update Firefox to 1.5.0.3, which is identical to our 1.5.0.2nb2 (except for the
advertized version), so there's no reason to upgrade. :-)

Fixes a denial of service vulnerability (MFSA 2006-30).

Revision 1.28.2.1 / (download) - annotate - [select for diffs], Sat Apr 15 23:32:58 2006 UTC (16 years, 9 months ago) by salo
Branch: pkgsrc-2006Q1
Changes since 1.28: +2 -2 lines
Diff to previous 1.28 (colored)

Pullup ticket 1378 - requested by ghen
security update for firefox

Revisions pulled up:
- pkgsrc/www/firefox/Makefile				1.32
- pkgsrc/www/firefox/Makefile-firefox.common		1.29
- pkgsrc/www/firefox/distinfo				1.46, 1.47
- pkgsrc/www/firefox/patches/patch-ab			1.6
- pkgsrc/www/firefox/patches/patch-ac			1.8
- pkgsrc/www/firefox/patches/patch-bu			removed
- pkgsrc/www/firefox/patches/patch-bv			removed
- pkgsrc/www/firefox-gtk1/Makefile			1.10

   Module Name:		pkgsrc
   Committed By:	taya
   Date:		Thu Apr 13 14:47:50 UTC 2006

   Modified Files:
   	pkgsrc/www/firefox: distinfo
   	pkgsrc/www/firefox/patches: patch-ac
   Removed Files:
   	pkgsrc/www/firefox/patches: patch-bu patch-bv

   Log Message:
   use xpcom code for linux instead of our original.
   fix PR/33181.
---
   Module Name:		pkgsrc
   Committed By:	ghen
   Date:		Sat Apr 15 14:20:31 UTC 2006

   Modified Files:
   	pkgsrc/www/firefox: Makefile Makefile-firefox.common distinfo
   	pkgsrc/www/firefox-gtk1: Makefile
   	pkgsrc/www/firefox/patches: patch-ab

   Log Message:
   Update to Firefox 1.5.0.2.

   Firefox 1.5.0.2 offers improved stability, and several security fixes:

   MFSA 2006-29 Spoofing with translucent windows
   MFSA 2006-28 Security check of js_ValueToFunctionObject() can be circumvented
   MFSA 2006-25 Privilege escalation through Print Preview
   MFSA 2006-24 Privilege escalation using crypto.generateCRMFRequest
   MFSA 2006-23 File stealing by changing input type
   MFSA 2006-22 CSS Letter-Spacing Heap Overflow Vulnerability
   MFSA 2006-20 Crashes with evidence of memory corruption (rv:1.8.0.2)

   For a detailed ChangeLog, see:
   http://www.squarefree.com/burningedge/releases/1.5.0.2.html

Revision 1.29 / (download) - annotate - [select for diffs], Sat Apr 15 14:20:31 2006 UTC (16 years, 9 months ago) by ghen
Branch: MAIN
Changes since 1.28: +2 -2 lines
Diff to previous 1.28 (colored)

Update to Firefox 1.5.0.2.

Firefox 1.5.0.2 offers improved stability, and several security fixes:

MFSA 2006-29 Spoofing with translucent windows (pkgsrc vulnid. 1818)
MFSA 2006-28 Security check of js_ValueToFunctionObject() can be circumvented (vulnid. 1819)
MFSA 2006-25 Privilege escalation through Print Preview (vulnid. 1820)
MFSA 2006-24 Privilege escalation using crypto.generateCRMFRequest (vulnid. 1821)
MFSA 2006-23 File stealing by changing input type (vulnid. 1822)
MFSA 2006-22 CSS Letter-Spacing Heap Overflow Vulnerability (vulnid. 1823)
MFSA 2006-20 Crashes with evidence of memory corruption (rv:1.8.0.2) (vulnid. 1824)

For a detailed ChangeLog, see:
http://www.squarefree.com/burningedge/releases/1.5.0.2.html

Revision 1.28 / (download) - annotate - [select for diffs], Tue Mar 14 01:14:34 2006 UTC (16 years, 10 months ago) by jlam
Branch: MAIN
CVS Tags: pkgsrc-2006Q1-base
Branch point for: pkgsrc-2006Q1
Changes since 1.27: +2 -2 lines
Diff to previous 1.27 (colored)

Modify the pkginstall framework so that it manages all aspects of
INSTALL/DEINSTALL script creation within pkgsrc.

If an INSTALL or DEINSTALL script is found in the package directory,
it is automatically used as a template for the pkginstall-generated
scripts.  If instead, they should be used simply as the full scripts,
then the package Makefile should set INSTALL_SRC or DEINSTALL_SRC
explicitly, e.g.:

	INSTALL_SRC=	${PKGDIR}/INSTALL
	DEINSTALL_SRC=	# emtpy

As part of the restructuring of the pkginstall framework internals,
we now *always* generate temporary INSTALL or DEINSTALL scripts.  By
comparing these temporary scripts with minimal INSTALL/DEINSTALL
scripts formed from only the base templates, we determine whether or
not the INSTALL/DEINSTALL scripts are actually needed by the package
(see the generate-install-scripts target in bsd.pkginstall.mk).

In addition, more variables in the framework have been made private.
The *_EXTRA_TMPL variables have been renamed to *_TEMPLATE, which are
more sensible names given the very few exported variables in this
framework.  The only public variables relating to the templates are:

	INSTALL_SRC		INSTALL_TEMPLATE
	DEINSTALL_SRC		DEINSTALL_TEMPLATE
				HEADER_TEMPLATE

The packages in pkgsrc have been modified to reflect the changes in
the pkginstall framework.

Revision 1.25.2.1 / (download) - annotate - [select for diffs], Thu Feb 9 10:32:29 2006 UTC (16 years, 11 months ago) by salo
Branch: pkgsrc-2005Q4
Changes since 1.25: +2 -2 lines
Diff to previous 1.25 (colored) next main 1.26 (colored)

Pullup ticket 1102 - requested by Geert Hendrickx
security update for firefox and thunderbird

Updated via patch from the submitter, includes these changes:

   Module Name:		pkgsrc
   Committed By:	joerg
   Date:		Fri Dec 30 21:35:58 UTC 2005

   Modified Files:
   	pkgsrc/mail/thunderbird/patches: patch-ab patch-ac patch-aq patch-ba
   	    patch-bo patch-bs
   Added Files:
   	pkgsrc/mail/thunderbird/patches: patch-ar patch-da patch-db patch-dc
   	    patch-de patch-df patch-dg patch-dh patch-dj patch-dk patch-dl
   	    patch-dm patch-do patch-ds patch-dt

   Log Message:
   Add DragonFly build support, partly based on the patches from
   www/firefox.
---
   Module Name:		pkgsrc
   Committed By:	joerg
   Date:		Wed Jan  4 08:55:08 UTC 2006

   Modified Files:
   	pkgsrc/mail/thunderbird: distinfo

   Log Message:
   Also commit distinfo. Reminded by wiz@.
---
   Module Name:	pkgsrc
   Committed By:	ghen
   Date:		Sun Feb  5 14:49:05 UTC 2006

   Modified Files:
   	pkgsrc/mail/thunderbird: Makefile Makefile-thunderbird.common PLIST
   	    distinfo
   	pkgsrc/mail/thunderbird-gtk1: Makefile PLIST
   	pkgsrc/mail/thunderbird/patches: patch-aa patch-ab patch-ac patch-af
   	    patch-ag patch-ai patch-aj patch-al patch-ap patch-aq patch-aw
   	    patch-ax patch-bb patch-bo patch-bq patch-br patch-db patch-de
   	    patch-df
   Removed Files:
   	pkgsrc/mail/thunderbird-gtk1: MESSAGE
   	pkgsrc/mail/thunderbird/patches: patch-bt patch-bw patch-cc patch-ce
   	    patch-cf

   Log Message:
   Update to Thunderbird 1.5.

   What's new:
       * Automated update to streamline product upgrades. Notification of an
         update is more prominent, and updates to Thunderbird may now be half
         a megabyte or smaller. Updating extensions has also improved.
       * Sort address autocomplete results by how often you send e-mail
         to each recipient.
       * Spell check as you type.
       * Saved Search Folders can now search across multiple accounts.
       * Built in phishing detector to help protect users against email scams.
       * Podcasting and other RSS Improvements.
       * Deleting attachments from messages.
       * Integration with server side spam filtering.
       * Reply and forward actions for message filters.
       * Kerberos Authentication.
       * Auto save as draft for mail composition.
       * Message aging.
       * Filters for Global Inbox.
       * Improvements to product usability including redesigned options
         interface, and SMTP server management.
       * Many security enhancements.
   For a more detailed list of changes, see
   http://weblogs.mozillazine.org/rumblingedge/archives/2006/01/1-5.html

   Ok with wiz.
---
   Module Name:		pkgsrc
   Committed By:	ghen
   Date:		Sun Feb  5 14:43:59 UTC 2006

   Modified Files:
   	pkgsrc/www/mozilla: Makefile.common

   Log Message:
   Set CATEGORIES ?=www (instead of =) such that thunderbird (and later
   sunbird) can override it.  Ok for wiz.
---
   odule Name:		pkgsrc
   Committed By:	ghen
   Date:		Sun Feb  5 14:46:31 UTC 2006

   Modified Files:
   	pkgsrc/www/firefox: Makefile Makefile-firefox.common PLIST distinfo
   	pkgsrc/www/firefox-gtk1: Makefile PLIST
   Added Files:
   	pkgsrc/www/firefox/patches: patch-dw patch-dx
   Removed Files:
   	pkgsrc/www/firefox/patches: patch-bugzilla-319004

   Log Message:
   Update to Firefox 1.5.0.1, a bug fix release for Firefox 1.5.

   What's new:
   * Improved stability.
   * Improved support for Mac OS X.
   * International Domain Name support for Iceland (.is) is now enabled.
   * Fixes for several memory leaks.
   * Several security enhancements.

   For a more detailed list changes, see
   http://www.squarefree.com/burningedge/releases/1.5.0.1.html

   Ok with wiz.

Revision 1.27 / (download) - annotate - [select for diffs], Mon Feb 6 00:37:54 2006 UTC (16 years, 11 months ago) by ghen
Branch: MAIN
Changes since 1.26: +15 -16 lines
Diff to previous 1.26 (colored)

Reindent + fix some pkglint warnings.

Revision 1.26 / (download) - annotate - [select for diffs], Sun Feb 5 14:46:31 2006 UTC (16 years, 11 months ago) by ghen
Branch: MAIN
Changes since 1.25: +2 -2 lines
Diff to previous 1.25 (colored)

Update to Firefox 1.5.0.1, a bug fix release for Firefox 1.5.

What's new:
* Improved stability.
* Improved support for Mac OS X.
* International Domain Name support for Iceland (.is) is now enabled.
* Fixes for several memory leaks.
* Several security enhancements.

For a more detailed list changes, see http://www.squarefree.com/burningedge/releases/1.5.0.1.html

Ok with wiz.

Revision 1.25 / (download) - annotate - [select for diffs], Fri Dec 23 00:29:57 2005 UTC (17 years, 1 month ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2005Q4-base
Branch point for: pkgsrc-2005Q4
Changes since 1.24: +2 -1 lines
Diff to previous 1.24 (colored)

Disable usage of symbol visibility, Firefox is definitely not there yet.
Since the build with DragonFly's system gcc was successful before, but
segilled on startup, a revision bump is necessary.

Revision 1.24 / (download) - annotate - [select for diffs], Sat Dec 10 13:47:22 2005 UTC (17 years, 1 month ago) by taya
Branch: MAIN
Changes since 1.23: +9 -15 lines
Diff to previous 1.23 (colored)


Update firefox & firefox-gtk1 to 1.5
Including fix for long title & history file problem.
http://www.mozilla.org/security/history-title.html
https://bugzilla.mozilla.org/show_bug.cgi?id=319004


What's New in Firefox 1.5

Firefox 1.5 is the next version of our award-winning Web browser.

Here's what's new in Firefox 1.5:

* Automated update to streamline product upgrades. Notification of an
update is more prominent, and updates to Firefox may now be half a
megabyte or smaller. Updating extensions has also improved.
* Faster browser navigation with improvements to back and forward
button performance.
* Drag and drop reordering for browser tabs.
* Improvements to popup blocking.
* Clear Private Data feature provides an easy way to quickly remove
personal data through a menu item or keyboard shortcut.
* Answers.com is added to the search engine list.
* Improvements to product usability including descriptive error pages,
redesigned options menu, RSS discovery, and "Safe Mode" experience.
* Better accessibility including support for DHTML accessibility and
assistive technologies such as the Window-Eyes 5.5 beta screen reader
for Microsoft Windows. Screen readers read aloud all available
information in applications and documents or show the information on a
Braille display, enabling blind and visually impaired users to use
equivalent software functionality as their sighted peers.
* Report a broken Web site wizard to report Web sites that are not
working in Firefox.
* Better support for Mac OS X (10.2 and greater) including profile
migration from Safari and Mac Internet Explorer.
* New support for Web Standards including SVG, CSS 2 and CSS 3, and
JavaScript 1.6.
* Many security enhancements.

The Burning Edge has more detailed lists of new features and notable bug fixes.
http://www.squarefree.com/burningedge/releases/1.5-comprehensive.html

Revision 1.23 / (download) - annotate - [select for diffs], Mon Dec 5 23:55:22 2005 UTC (17 years, 2 months ago) by rillig
Branch: MAIN
Changes since 1.22: +2 -2 lines
Diff to previous 1.22 (colored)

Ran "pkglint --autofix", which corrected some of the quoting issues in
CONFIGURE_ARGS.

Revision 1.22 / (download) - annotate - [select for diffs], Thu Sep 22 14:14:04 2005 UTC (17 years, 4 months ago) by jlam
Branch: MAIN
CVS Tags: pkgsrc-2005Q3-base, pkgsrc-2005Q3
Changes since 1.21: +2 -2 lines
Diff to previous 1.21 (colored)

Update www/firefox and www/firefox-gtk1 to version 1.0.7.  Changes from
version 1.0.6 include:

     * Fix for a potential buffer overflow vulnerability when loading a
       hostname with all soft-hyphens
     * Fix to prevent URLs passed from external programs from being
       parsed by the shell (Linux only)
     * Fix to prevent a crash when loading a Proxy Auto-Config (PAC)
       script that uses an "eval" statement
     * Fix to restore InstallTrigger.getVersion() for Extension authors
     * Other stability and security fixes

Approved by taya.

Revision 1.21 / (download) - annotate - [select for diffs], Sat Sep 17 02:35:19 2005 UTC (17 years, 4 months ago) by jlam
Branch: MAIN
Changes since 1.20: +5 -8 lines
Diff to previous 1.20 (colored)

For the native firefox and mozilla packages, move the module/extension
registration out of the installation step and into the INSTALL script.
Also, remove the registration commands from the PLIST as well.  Putting
them into the INSTALL script allows for the same commands to be run
in the same way, so that there are fewer differences between installing
from source and installing from a binary package.  Also, this makes
these packages pass CHECK_FILES=yes.  Bump the PKGREVISION of firefox,
firefox-gtk1, mozilla, and mozilla-gtk2.

Also, include bsd.pkg.mk from the package Makefiles, not from within
Makefile.common.  This is a style issue and allows for appending to
variables originally defined in Makefile.common from the package
Makefile.

Revision 1.18.2.1 / (download) - annotate - [select for diffs], Thu Jul 21 02:49:04 2005 UTC (17 years, 6 months ago) by snj
Branch: pkgsrc-2005Q2
Changes since 1.18: +2 -2 lines
Diff to previous 1.18 (colored) next main 1.19 (colored)

Pullup ticket 613 - requested by Shin'ichiro TAYA
security update for firefox and firefox-gtk1

Revisions pulled up:
- pkgsrc/www/firefox/Makefile-firefox.common	1.19, 1.20
- pkgsrc/www/firefox/PLIST			1.16
- pkgsrc/www/firefox/distinfo			1.34, 1.35
- pkgsrc/www/firefox-gtk1/PLIST			1.5
- pkgsrc/www/firefox/buildlink3.mk		1.6
- pkgsrc/www/firefox-gtk1/buildlink3.mk		1.5

    Module Name:  pkgsrc
    Committed By: taya
    Date:         Thu Jul 14 16:38:42 UTC 2005

    Modified Files:
          pkgsrc/www/firefox: Makefile-firefox.common PLIST distinfo
          pkgsrc/www/firefox-gtk1: PLIST

    Log Message:
    Update firefox & firefox-gtk1 to 1.0.5.

    Firefox 1.0.5 is a security update.
    Fixed vulnerabilities are:

    2005-56  Code execution through shared function objects
    MFSA 2005-55 XHTML node spoofing
    MFSA 2005-54 Javascript prompt origin spoofing
    MFSA 2005-53 Standalone applications can run arbitrary code through the
                 browser
    MFSA 2005-52 Same origin violation: frame calling top.focus()
    MFSA 2005-51 The return of frame-injection spoofing
    MFSA 2005-50 Possibly exploitable crash in InstallVersion.compareTo()
    MFSA 2005-49 Script injection from Firefox sidebar panel using data:
    MFSA 2005-48 Same-origin violation with InstallTrigger callback
    MFSA 2005-47 Code execution via "Set as Wallpaper"
    MFSA 2005-46 XBL scripts ran even when Javascript disabled
    MFSA 2005-45 Content-generated event vulnerabilities
----
    Module Name:  pkgsrc
    Committed By: taya
    Date:         Wed Jul 20 23:33:30 UTC 2005

    Modified Files:
         pkgsrc/www/firefox: Makefile-firefox.common buildlink3.mk distinfo
         pkgsrc/www/firefox-gtk1: buildlink3.mk

    Log Message:
    update firefox & firefox-gtk1 to 1.0.6

    Firefox 1.0.6 is a stability update. We recommend that users upgrade
    to this latest version.

    Here's what's new in Firefox 1.0.6:

         * Restore API compatibility for extensions and web applications
         that did not work in Firefox 1.0.5.

Revision 1.20 / (download) - annotate - [select for diffs], Wed Jul 20 23:33:30 2005 UTC (17 years, 6 months ago) by taya
Branch: MAIN
Changes since 1.19: +2 -2 lines
Diff to previous 1.19 (colored)


update firefox & firefox-gtk1 to 1.0.6

Firefox 1.0.6 is a stability update. We recommend that users upgrade
to this latest version.

Here's what's new in Firefox 1.0.6:

	* Restore API compatibility for extensions and web applications
	that did not work in Firefox 1.0.5.

Revision 1.19 / (download) - annotate - [select for diffs], Thu Jul 14 16:38:41 2005 UTC (17 years, 6 months ago) by taya
Branch: MAIN
Changes since 1.18: +2 -2 lines
Diff to previous 1.18 (colored)


Update firefox & firefox-gtk1 to 1.0.5.

Firefox 1.0.5 is a security update.
Fixed vulnerabilities are:

2005-56  Code execution through shared function objects
MFSA 2005-55 XHTML node spoofing
MFSA 2005-54 Javascript prompt origin spoofing
MFSA 2005-53 Standalone applications can run arbitrary code through the browser
MFSA 2005-52 Same origin violation: frame calling top.focus()
MFSA 2005-51 The return of frame-injection spoofing
MFSA 2005-50 Possibly exploitable crash in InstallVersion.compareTo()
MFSA 2005-49 Script injection from Firefox sidebar panel using data:
MFSA 2005-48 Same-origin violation with InstallTrigger callback
MFSA 2005-47 Code execution via "Set as Wallpaper"
MFSA 2005-46 XBL scripts ran even when Javascript disabled
MFSA 2005-45 Content-generated event vulnerabilities

Revision 1.11.2.4 / (download) - annotate - [select for diffs], Mon May 16 15:07:13 2005 UTC (17 years, 8 months ago) by salo
Branch: pkgsrc-2005Q1
Changes since 1.11.2.3: +6 -3 lines
Diff to previous 1.11.2.3 (colored) to branchpoint 1.11 (colored) next main 1.12 (colored)

Pullup ticket 504 - requested by Shin'ichiro TAYA
security update for firefox

Revisions pulled up:
- pkgsrc/www/firefox/Makefile			1.15
- pkgsrc/www/firefox/Makefile-firefox.common	1.14, 1.16-1.18
- pkgsrc/www/firefox/PLIST			1.13-1.15
- pkgsrc/www/firefox/buildlink3.mk		1.5
- pkgsrc/www/firefox/distinfo			1.29
- pkgsrc/www/firefox-gtk1/PLIST			1.3-1.4
- pkgsrc/www/firefox-gtk1/buildlink3.mk		1.4

   Module Name:		pkgsrc
   Committed By:	taya
   Date:		Wed Apr 13 13:34:26 UTC 2005

   Modified Files:
   	pkgsrc/www/firefox: Makefile-firefox.common PLIST
   	pkgsrc/www/firefox-gtk1: PLIST

   Log Message:
   change extensions list as same as Linux official build.
   bump PKGREVISION.
   fix PR pkg/29595
---
   Module Name:		pkgsrc
   Committed By:	wiz
   Date:		Fri Apr 15 12:42:27 UTC 2005

   Modified Files:
   	pkgsrc/www/firefox: PLIST

   Log Message:
   Add two @exec ${MKDIR} lines for empty directories which have @dirrm
   lines, to fix binary packages.
---
   Module Name:		pkgsrc
   Committed By:	wiz
   Date:		Fri Apr 15 12:44:30 UTC 2005

   Modified Files:
   	pkgsrc/www/firefox-gtk1: PLIST

   Log Message:
   Add an @exec ${MKDIR} line for an empty directory which has a @dirrm
   line, to fix binary packages.
---
   Module Name:		pkgsrc
   Committed By:	taya
   Date:		Sun Apr 24 14:00:12 UTC 2005

   Modified Files:
   	pkgsrc/www/firefox: Makefile-firefox.common

   Log Message:
   concatinate extensions with separator ',' and set to MOZILLA_EXTENSIONS,
   instead of using ':ts' modifier.
   becase make of NetBSD-1.6.x doesn't have it.
   suggested by Jeremy C. Reed.
---
   Module Name:		pkgsrc
   Committed By:	reed
   Date:		Mon Apr 25 19:26:10 UTC 2005

   Modified Files:
   	pkgsrc/www/firefox: Makefile-firefox.common

   Log Message:
   Make sure build is without gssapi support. (Okayed by maintainer,
   taya ... well really he said "I don't object your idea.")

   This fixes a build bug when heimdal is detected but not buildlinked.
   It is a known mozilla bug:
    https://bugzilla.mozilla.org/show_bug.cgi?id=245467

   I didn't put this in the mozilla/Makefile.common, because didn't test
   that yet.

   This issue probably only happens when using /usr as the LOCALBASE,
   which is not really supported and maybe I am the only one to hit this
   with pkgsrc.

   Maybe later someone can consider adding a build option for GSSAPI,
   but I don't know anything about it in regards to a web browser myself.
---
   Module Name:		pkgsrc
   Committed By:	taya
   Date:		Sat May 14 15:27:10 UTC 2005

   Modified Files:
   	pkgsrc/www/firefox: Makefile Makefile-firefox.common PLIST
   	    buildlink3.mk distinfo
   	pkgsrc/www/firefox-gtk1: buildlink3.mk

   Log Message:
   Update firefox & firefox-gtk1 to 1.0.4.

   This is a security fix release.
   Fixed vulnerabilities are follows:

   MFSA 2005-44  Privilege escalation via non-DOM property overrides
   MFSA 2005-43 "Wrapped" javascript: urls bypass security checks
   MFSA 2005-42 Code execution via javascript: IconURL

Revision 1.18 / (download) - annotate - [select for diffs], Sat May 14 15:27:10 2005 UTC (17 years, 8 months ago) by taya
Branch: MAIN
CVS Tags: pkgsrc-2005Q2-base
Branch point for: pkgsrc-2005Q2
Changes since 1.17: +2 -2 lines
Diff to previous 1.17 (colored)


Update firefox & firefox-gtk1 to 1.0.4.

This is a security fix release.
Fixed vulnerabilities are follows:

MFSA 2005-44  Privilege escalation via non-DOM property overrides
MFSA 2005-43 "Wrapped" javascript: urls bypass security checks
MFSA 2005-42 Code execution via javascript: IconURL

Revision 1.17 / (download) - annotate - [select for diffs], Mon Apr 25 19:26:10 2005 UTC (17 years, 9 months ago) by reed
Branch: MAIN
Changes since 1.16: +2 -1 lines
Diff to previous 1.16 (colored)

Make sure build is without gssapi support. (Okayed by maintainer,
taya ... well really he said "I don't object your idea.")

This fixes a build bug when heimdal is detected but not buildlinked.
It is a known mozilla bug:
 https://bugzilla.mozilla.org/show_bug.cgi?id=245467

I didn't put this in the mozilla/Makefile.common, because didn't test that
yet.

This issue probably only happens when using /usr as the LOCALBASE,
which is not really supported and maybe I am the only one to hit this
with pkgsrc.

Maybe later someone can consider adding a build option for GSSAPI,
but I don't know anything about it in regards to a web browser myself.

Revision 1.16 / (download) - annotate - [select for diffs], Sun Apr 24 14:00:12 2005 UTC (17 years, 9 months ago) by taya
Branch: MAIN
Changes since 1.15: +3 -12 lines
Diff to previous 1.15 (colored)


concatinate extensions with separator ',' and set to MOZILLA_EXTENSIONS,
instead of using ':ts' modifier.
becase make of NetBSD-1.6.x doesn't have it.
suggested by Jeremy C. Reed.

Revision 1.11.2.3 / (download) - annotate - [select for diffs], Fri Apr 22 06:48:12 2005 UTC (17 years, 9 months ago) by snj
Branch: pkgsrc-2005Q1
Changes since 1.11.2.2: +2 -3 lines
Diff to previous 1.11.2.2 (colored) to branchpoint 1.11 (colored)

Pullup ticket 459 - requested by Shin'ichiro TAYA
security fix for firefox and firefox-gtk1

Revisions pulled up:
- pkgsrc/www/firefox/Makefile-firefox.common		1.15
- pkgsrc/www/firefox/distinfo				1.28
- pkgsrc/www/firefox/patches/patch-bugzilla28868	removed

    Module Name:    pkgsrc
    Committed By:   taya
    Date:           Sun Apr 17 02:19:39 UTC 2005

    Modified Files:
            pkgsrc/www/firefox: Makefile-firefox.common distinfo
    Removed Files:
            pkgsrc/www/firefox/patches: patch-bugzilla288688

    Log Message:
    Update firefox & firefox-gtk1 to 1.0.3.

    This is a security fix release.
    Fixed vulnerabilities are follows:

    MFSA 2005-33  Javascript "lambda" replace exposes memory contents
    MFSA 2005-34 javascript: PLUGINSPAGE code execution
    MFSA 2005-35 Showing blocked javascript: popup uses wrong privilege context
    MFSA 2005-36 Cross-site scripting through global scope pollution
    MFSA 2005-37 Code execution through javascript: favicons
    MFSA 2005-38 Search plugin cross-site scripting
    MFSA 2005-39 Arbitrary code execution from Firefox sidebar panel II
    MFSA 2005-40 Missing Install object instance checks
    MFSA 2005-41 Privilege escalation via DOM property overrides

Revision 1.15 / (download) - annotate - [select for diffs], Sun Apr 17 02:19:39 2005 UTC (17 years, 9 months ago) by taya
Branch: MAIN
Changes since 1.14: +2 -3 lines
Diff to previous 1.14 (colored)


Update firefox & firefox-gtk1 to 1.0.3.

This is a security fix release.
Fixed vulnerabilities are follows:

MFSA 2005-33  Javascript "lambda" replace exposes memory contents
MFSA 2005-34 javascript: PLUGINSPAGE code execution
MFSA 2005-35 Showing blocked javascript: popup uses wrong privilege context
MFSA 2005-36 Cross-site scripting through global scope pollution
MFSA 2005-37 Code execution through javascript: favicons
MFSA 2005-38 Search plugin cross-site scripting
MFSA 2005-39 Arbitrary code execution from Firefox sidebar panel II
MFSA 2005-40 Missing Install object instance checks
MFSA 2005-41 Privilege escalation via DOM property overrides

Revision 1.14 / (download) - annotate - [select for diffs], Wed Apr 13 13:34:26 2005 UTC (17 years, 9 months ago) by taya
Branch: MAIN
Changes since 1.13: +14 -3 lines
Diff to previous 1.13 (colored)


change extensions list as same as Linux official build.
bump PKGREVISION.
fix PR pkg/29595

Revision 1.11.2.2 / (download) - annotate - [select for diffs], Thu Apr 7 18:36:27 2005 UTC (17 years, 9 months ago) by salo
Branch: pkgsrc-2005Q1
Changes since 1.11.2.1: +2 -1 lines
Diff to previous 1.11.2.1 (colored) to branchpoint 1.11 (colored)

Pullup ticket 432 - requested by Shin'ichiro TAYA
security fix for firefox

Revisions pulled up:
- pkgsrc/www/firefox/Makefile-firefox.common		1.13
- pkgsrc/www/firefox/distinfo				1.27
- pkgsrc/www/firefox/patches/patch-bugzilla288688	1.1

   Module Name:		pkgsrc
   Committed By:	taya
   Date:		Wed Apr  6 16:00:53 UTC 2005

   Modified Files:
   	pkgsrc/www/firefox: Makefile-firefox.common distinfo
   Added Files:
   	pkgsrc/www/firefox/patches: patch-bugzilla288688

   Log Message:
   Add security fix to firefox & firefox-gtk1.
   fixes "Mozilla Firefox JavaScript Engine Information Disclosure
   Vulnerability"
   See following pages for detail.

   http://secunia.com/advisories/14820/
   https://bugzilla.mozilla.org/show_bug.cgi?id=288688

   Bump PKGREVISION.

Revision 1.13 / (download) - annotate - [select for diffs], Wed Apr 6 16:00:53 2005 UTC (17 years, 10 months ago) by taya
Branch: MAIN
Changes since 1.12: +2 -1 lines
Diff to previous 1.12 (colored)


Add security fix to firefox & firefox-gtk1.
fixes "Mozilla Firefox JavaScript Engine Information Disclosure Vulnerability"
See following pages for detail.

http://secunia.com/advisories/14820/
https://bugzilla.mozilla.org/show_bug.cgi?id=288688

Bump PKGREVISION.

Revision 1.11.2.1 / (download) - annotate - [select for diffs], Fri Mar 25 08:29:00 2005 UTC (17 years, 10 months ago) by salo
Branch: pkgsrc-2005Q1
Changes since 1.11: +2 -2 lines
Diff to previous 1.11 (colored)

Pullup ticket 385 - requested by Shin'ichiro TAYA
security fix for firefox

Revisions pulled up:
- pkgsrc/www/firefox/Makefile-firefox.common	1.12
- pkgsrc/www/firefox/buildlink3.mk		1.3-1.4
- pkgsrc/www/firefox/distinfo			1.26
- pkgsrc/www/firefox-gtk1/buildlink3.mk		1.2-1.3

   Module Name:    pkgsrc
   Committed By:   taya
   Date:           Thu Mar 24 15:36:53 UTC 2005

   Modified Files:
           pkgsrc/www/firefox: Makefile-firefox.common buildlink3.mk distinfo
           pkgsrc/www/firefox-gtk1: buildlink3.mk

   Log Message:
   Update firefox & firefox-gtk1 to 1.0.2

   Firefox 1.0.2 is a security and stability update.
   Followings bugs are fixed in this release.

   MFSA 2005-32  Drag and drop loading of privileged XUL
   MFSA 2005-31 Arbitrary code execution from Firefox sidebar panel
   MFSA 2005-30 GIF heap overflow parsing Netscape extension 2
---
   Module Name:    pkgsrc
   Committed By:   salo
   Date:           Fri Mar 25 08:23:46 UTC 2005

   Modified Files:
           pkgsrc/www/firefox: buildlink3.mk
           pkgsrc/www/firefox-gtk1: buildlink3.mk

   Log Message:
   Bump BUILDLINK_RECOMMENDED, not BUIDLINK_DEPENDS for security fixes.

Revision 1.12 / (download) - annotate - [select for diffs], Thu Mar 24 15:36:53 2005 UTC (17 years, 10 months ago) by taya
Branch: MAIN
Changes since 1.11: +2 -2 lines
Diff to previous 1.11 (colored)


Update firefox & firefox-gtk1 to 1.0.2

Firefox 1.0.2 is a security and stability update.
Followings bugs are fixed in this release.

MFSA 2005-32  Drag and drop loading of privileged XUL
MFSA 2005-31 Arbitrary code execution from Firefox sidebar panel
MFSA 2005-30 GIF heap overflow parsing Netscape extension 2

Revision 1.10.2.1 / (download) - annotate - [select for diffs], Wed Mar 9 19:16:39 2005 UTC (17 years, 10 months ago) by salo
Branch: pkgsrc-2004Q4
Changes since 1.10: +2 -3 lines
Diff to previous 1.10 (colored) next main 1.11 (colored)

Pullup ticket 339 - requested by Shin'ichiro TAYA
security fix for firefox

Patch supplied by submitter, equals to:

   Module Name:		pkgsrc
   Committed By:	taya
   Date:		Sun Feb 27 13:20:43 UTC 2005

   Log Message:
   Update firefox to 1.0.1.

   Changes from release notes:

   * Improved stability
   * International Domain Names are now displayed as punycode.
     (To show International Domain Names in Unicode, set the
     "network.IDN_show_punycode" preference to false.)
   * Several security fixes.
   MFSA 2005-29  Internationalized Domain Name (IDN) homograph spoofing
   MFSA 2005-28 Unsafe /tmp/plugtmp directory exploitable to erase user's files
   MFSA 2005-27 Plugins can be used to load privileged content
   MFSA 2005-26 Cross-site scripting by dropping javascript: link on tab
   MFSA 2005-25 Image drag and drop executable spoofing
   MFSA 2005-24 HTTP auth prompt tab spoofing
   MFSA 2005-23 Download dialog source spoofing
   MFSA 2005-22 Download dialog spoofing using Content-Disposition header
   MFSA 2005-21 Overwrite arbitrary files downloading .lnk twice
   MFSA 2005-20 XSLT can include stylesheets from arbitrary hosts
   MFSA 2005-19 Autocomplete data leak
   MFSA 2005-18 Memory overwrite in string library
   MFSA 2005-17 Install source spoofing with user:pass@host
   MFSA 2005-16 Spoofing download and security dialogs with overlapping windows
   MFSA 2005-15 Heap overflow possible in UTF8 to Unicode conversion
   MFSA 2005-14 SSL "secure site" indicator spoofing
   MFSA 2005-13 Window Injection Spoofing

Revision 1.11 / (download) - annotate - [select for diffs], Sun Feb 27 13:20:43 2005 UTC (17 years, 11 months ago) by taya
Branch: MAIN
CVS Tags: pkgsrc-2005Q1-base
Branch point for: pkgsrc-2005Q1
Changes since 1.10: +2 -3 lines
Diff to previous 1.10 (colored)


Update firefox to 1.0.1.
And switched to use gtk2.

Changes from release notes:

*  Improved stability
* International Domain Names are now displayed as punycode.
(To show International Domain Names in Unicode, set the
"network.IDN_show_punycode" preference to false.)
* Several security fixes.
MFSA 2005-29  Internationalized Domain Name (IDN) homograph spoofing
MFSA 2005-28 Unsafe /tmp/plugtmp directory exploitable to erase user's files
MFSA 2005-27 Plugins can be used to load privileged content
MFSA 2005-26 Cross-site scripting by dropping javascript: link on tab
MFSA 2005-25 Image drag and drop executable spoofing
MFSA 2005-24 HTTP auth prompt tab spoofing
MFSA 2005-23 Download dialog source spoofing
MFSA 2005-22 Download dialog spoofing using Content-Disposition header
MFSA 2005-21 Overwrite arbitrary files downloading .lnk twice
MFSA 2005-20 XSLT can include stylesheets from arbitrary hosts
MFSA 2005-19 Autocomplete data leak
MFSA 2005-18 Memory overwrite in string library
MFSA 2005-17 Install source spoofing with user:pass@host
MFSA 2005-16 Spoofing download and security dialogs with overlapping windows
MFSA 2005-15 Heap overflow possible in UTF8 to Unicode conversion
MFSA 2005-14 SSL "secure site" indicator spoofing
MFSA 2005-13 Window Injection Spoofing

Revision 1.10 / (download) - annotate - [select for diffs], Fri Dec 3 16:45:54 2004 UTC (18 years, 2 months ago) by taya
Branch: MAIN
CVS Tags: pkgsrc-2004Q4-base
Branch point for: pkgsrc-2004Q4
Changes since 1.9: +7 -2 lines
Diff to previous 1.9 (colored)


generate extension directory & related stuff at install time.
fix PR pkg/28396
bump PKGREVISION

Revision 1.3.2.2 / (download) - annotate - [select for diffs], Tue Nov 30 23:29:15 2004 UTC (18 years, 2 months ago) by salo
Branch: pkgsrc-2004Q3
Changes since 1.3.2.1: +9 -8 lines
Diff to previous 1.3.2.1 (colored) to branchpoint 1.3 (colored) next main 1.4 (colored)

Pullup ticket 139 - requested by Thomas Klausner
security fixes for mozilla and firefox

        Module Name:    pkgsrc
        Committed By:   grant
        Date:           Mon Oct  4 11:52:09 UTC 2004

        Modified Files:
                pkgsrc/www/mozilla: distinfo

        Log Message:
        bring across a patch in Firefox for using thread-safe resolver
        library functions on NetBSD >=2.0F.
---
        Module Name:    pkgsrc
        Committed By:   grant
        Date:           Mon Oct  4 11:52:45 UTC 2004

        Modified Files:
                pkgsrc/www/mozilla/patches: patch-br

        Log Message:
        bring across a patch in Firefox for using thread-safe resolver
        library functions on NetBSD >=2.0F.
---
        Module Name:    pkgsrc
        Committed By:   sekiya
        Date:           Mon Oct 25 13:02:15 UTC 2004

        Modified Files:
                pkgsrc/www/mozilla: Makefile.common distinfo
                pkgsrc/www/mozilla/patches: patch-bt

        Log Message:
        Force gcc34 and use the right varargs macro for amd64.  Mozilla
        (and its derivatives) now appears to work properly on amd64.

        Patches from Nicholas Joly.
---
        Module Name:    pkgsrc
        Committed By:   jmmv
        Date:           Mon Oct 25 18:06:26 UTC 2004

        Modified Files:
                pkgsrc/www/mozilla: Makefile Makefile.common PLIST
                pkgsrc/www/mozilla-gtk2: Makefile PLIST
                pkgsrc/www/mozilla/files: moz-install

        Log Message:
        Modify mozilla and mozilla-gtk2 to install several additional headers.
        More specifically, this lets Mozilla NSS be used by other programs.

        Also make the pkgconfig substitutions happen at post-build time, so
        that the right rpaths are added to the mozilla-nspr.pc file (which is
        filled in during the build).

        Bump PKGREVISION to 1 for both packages.  Ok'ed by taya@, the
        maintainer.
---
        Module Name:    pkgsrc
        Committed By:   wiz
        Date:           Fri Nov 12 02:11:22 UTC 2004

        Modified Files:
                pkgsrc/www/mozilla: Makefile distinfo
                pkgsrc/www/mozilla-gtk2: Makefile
        Added Files:
                pkgsrc/www/mozilla/patches: patch-bj

        Log Message:
        Update mozilla and mozilla-gtk2 to 1.7.3nb2 with a security fix
        from mozilla CVS.
---
        Module Name:    pkgsrc
        Committed By:   kristerw
        Date:           Mon Nov  1 18:07:24 UTC 2004

        Modified Files:
                pkgsrc/www/firefox: distinfo
                pkgsrc/www/firefox/patches: patch-bt

        Log Message:
        Use __va_copy instead of va_copy for NetBSD.  This is needed on gcc
        3.4 since the build use -ansi that in turn makes gcc 3.4 modify its
        predefined symbols in such a way that va_copy is not defined.
---
        Module Name:    pkgsrc
        Committed By:   xtraeme
        Date:           Tue Nov  9 20:10:14 UTC 2004

        Modified Files:
                pkgsrc/www/firefox: Makefile-firefox.common PLIST distinfo
                pkgsrc/www/firefox-gtk2: PLIST

        Log Message:
        Update firefox and firefox-gtk2 to 1.0.

        This is a bugfix release, to fix the problems reported in Preview
        Releases, etc.
---
        Module Name:    pkgsrc
        Committed By:   taya
        Date:           Wed Nov 10 14:38:45 UTC 2004

        Modified Files:
                pkgsrc/www/firefox: Makefile-firefox.common PLIST

        Log Message:
        - correct path of mirror site
        - add some missing files to PLIST
---
        Module Name:    pkgsrc
        Committed By:   taya
        Date:           Wed Nov 10 14:40:24 UTC 2004

        Modified Files:
                pkgsrc/www/firefox-gtk2: PLIST

        Log Message:
        add some missing files to PLIST
---
        Module Name:    pkgsrc
        Committed By:   taya
        Date:           Sat Nov 13 07:03:08 UTC 2004

        Modified Files:
                pkgsrc/www/firefox: Makefile-firefox.common PLIST

        Log Message:
        remove typeahead extension that confilicts with buildin typeahead
        component.
        fix pkg/28164.
        bump PKGREVISION
---
        Module Name:    pkgsrc
        Committed By:   taya
        Date:           Sat Nov 13 08:57:54 UTC 2004

        Modified Files:
                pkgsrc/www/firefox-gtk2: PLIST

        Log Message:
        remove typeahead extension

Revision 1.9 / (download) - annotate - [select for diffs], Sat Nov 13 07:03:08 2004 UTC (18 years, 2 months ago) by taya
Branch: MAIN
Changes since 1.8: +3 -2 lines
Diff to previous 1.8 (colored)


remove typeahead extension that confilicts with buildin typeahead component.
fix pkg/28164.
bump PKGREVISION

Revision 1.8 / (download) - annotate - [select for diffs], Wed Nov 10 14:38:45 2004 UTC (18 years, 2 months ago) by taya
Branch: MAIN
Changes since 1.7: +4 -4 lines
Diff to previous 1.7 (colored)


- correct path of mirror site
- add some missing files to PLIST

Revision 1.7 / (download) - annotate - [select for diffs], Tue Nov 9 20:10:14 2004 UTC (18 years, 2 months ago) by xtraeme
Branch: MAIN
Changes since 1.6: +5 -5 lines
Diff to previous 1.6 (colored)

Update firefox and firefox-gtk2 to 1.0.

This is a bugfix release, to fix the problems reported in Preview
Releases, etc.

Revision 1.3.2.1 / (download) - annotate - [select for diffs], Tue Oct 26 11:09:16 2004 UTC (18 years, 3 months ago) by agc
Branch: pkgsrc-2004Q3
Changes since 1.3: +5 -4 lines
Diff to previous 1.3 (colored)

Security Pullup - requested by Grant Beattie
security fix for firefox

Includes the following modifications:

	Module Name:    pkgsrc
	Committed By:   grant
	Date:           Mon Oct  4 09:11:30 UTC 2004

	Modified Files:
		pkgsrc/www/firefox: Makefile-firefox.common distinfo

	Log Message:
	update to Firefox 0.10.1, bugfix for a security issue:

		http://www.mozilla.org/press/mozilla-2004-10-01-02.html


	To generate a diff of this commit:
	cvs rdiff -r1.3 -r1.4 pkgsrc/www/firefox/Makefile-firefox.common
	cvs rdiff -r1.16 -r1.17 pkgsrc/www/firefox/distinfo
---
	Module Name:    pkgsrc
	Committed By:   grant
	Date:           Mon Oct  4 09:15:29 UTC 2004

	Modified Files:
		pkgsrc/www/firefox: distinfo
		pkgsrc/www/firefox/patches: patch-br

	Log Message:
	commit a patch for using thread-safe resolver library functions on
	NetBSD >=2.0F - I've been running with it for months on -current
	without any problems.


	To generate a diff of this commit:
	cvs rdiff -r1.17 -r1.18 pkgsrc/www/firefox/distinfo
	cvs rdiff -r1.2 -r1.3 pkgsrc/www/firefox/patches/patch-br
---
	Module Name:    pkgsrc
	Committed By:   reed
	Date:           Sat Oct 16 20:08:48 UTC 2004

	Modified Files:
		pkgsrc/www/firefox: Makefile-firefox.common

	Log Message:
	Use cp(1)'s -RL instead of -r, because coreutils's
	cp -r copies symlinks as symlinks (which caused
	files to be missing in install).

	Hopefully, this is portable. I tested under NetBSD and with coreutils.
	And I brought this up on tech-pkg in July.


	To generate a diff of this commit:
	cvs rdiff -r1.4 -r1.5 pkgsrc/www/firefox/Makefile-firefox.common

---
	Module Name:    pkgsrc
	Committed By:   reed
	Date:           Tue Oct 19 21:01:47 UTC 2004

	Modified Files:
		pkgsrc/www/firefox: Makefile-firefox.common

	Log Message:
	Instead of non-portable cp -RL, use pax with -Lrw
	to copy the extensions files.

	On Solaris, cp doesn't know -L. (Reported by R. Quinn.)
	Using pax was suggested by grant@.


	To generate a diff of this commit:
	cvs rdiff -r1.5 -r1.6 pkgsrc/www/firefox/Makefile-firefox.common
---
	Module Name:    pkgsrc
	Committed By:   xtraeme
	Date:           Thu Oct 21 00:55:36 UTC 2004

	Modified Files:
		pkgsrc/www/firefox: distinfo
	Added Files:
		pkgsrc/www/firefox/patches: patch-cd

	Log Message:
	Only include <stdbool.h> if !defined(_cplusplus) in nptypes.h.

	Fixes build on NetBSD/macppc and maybe others, tested by Peter Bex
	on 2-0/macppc and i386/-current/2-0 by me, closes PR pkg/27033.


	To generate a diff of this commit:
	cvs rdiff -r1.18 -r1.19 pkgsrc/www/firefox/distinfo
	cvs rdiff -r0 -r1.1 pkgsrc/www/firefox/patches/patch-cd
---
	Module Name:    pkgsrc
	Committed By:   grant
	Date:           Sun Oct 24 05:41:25 UTC 2004

	Modified Files:
		pkgsrc/www/firefox: distinfo
	Added Files:
		pkgsrc/www/firefox/patches: patch-ce patch-cf

	Log Message:
	apply patch from mozilla CVS to fix bug id #260337 (installer missing
	libnsl on Solaris), as well as another sh(1) portability fix.

		https://bugzilla.mozilla.org/show_bug.cgi?id=260337

	no PKGREVISION bump because this didn't build on Solaris without
	libnsl.


	To generate a diff of this commit:
	cvs rdiff -r1.19 -r1.20 pkgsrc/www/firefox/distinfo
	cvs rdiff -r0 -r1.1 pkgsrc/www/firefox/patches/patch-ce \
	    pkgsrc/www/firefox/patches/patch-cf

Revision 1.6 / (download) - annotate - [select for diffs], Tue Oct 19 21:01:47 2004 UTC (18 years, 3 months ago) by reed
Branch: MAIN
Changes since 1.5: +3 -3 lines
Diff to previous 1.5 (colored)

Instead of non-portable cp -RL, use pax with -Lrw
to copy the extensions files.

On Solaris, cp doesn't know -L. (Reported by R. Quinn.)
Using pax was suggested by grant@.

Revision 1.5 / (download) - annotate - [select for diffs], Sat Oct 16 20:08:48 2004 UTC (18 years, 3 months ago) by reed
Branch: MAIN
Changes since 1.4: +2 -2 lines
Diff to previous 1.4 (colored)

Use cp(1)'s -RL instead of -r, because coreutils's
cp -r copies symlinks as symlinks (which caused
files to be missing in install).

Hopefully, this is portable. I tested under NetBSD and with coreutils.
And I brought this up on tech-pkg in July.

Revision 1.4 / (download) - annotate - [select for diffs], Mon Oct 4 09:11:30 2004 UTC (18 years, 4 months ago) by grant
Branch: MAIN
Changes since 1.3: +3 -2 lines
Diff to previous 1.3 (colored)

update to Firefox 0.10.1, bugfix for a security issue:

	http://www.mozilla.org/press/mozilla-2004-10-01-02.html

Revision 1.3 / (download) - annotate - [select for diffs], Mon Sep 20 08:03:42 2004 UTC (18 years, 4 months ago) by taya
Branch: MAIN
CVS Tags: pkgsrc-2004Q3-base
Branch point for: pkgsrc-2004Q3
Changes since 1.2: +5 -3 lines
Diff to previous 1.2 (colored)


Update firefox & firefox-gtk2 to 0.10 (a.k.a. 1.0PR)

from Release Notes:

---
Firefox is a fast, full-featured browser that makes browsing more
efficient than ever before. More information about Firefox is
available.

Firefox Preview Release (henceforth refered to as PR) is a Technology
Preview. While this software works well enough to be relied upon as
your primary browser in most cases, we make no guarantees of its
performance or stability. It is a pre-release product and should not
be relied upon for mission-critical tasks. See the License Agreement
for more information.

These release notes cover what's new, download and installation
instructions, known issues and frequently asked questions for the
Firefox PR release. Please read these notes and the bug filing
instructions before reporting any bugs to Bugzilla.

We want to hear your feedback about Firefox. Please join us in the
Firefox forums, hosted by MozillaZine.


What's New

Here's what's new in this release of Firefox:

* Live Bookmarks
      You can now subscribe to and read RSS feeds in your
Bookmarks. When you visit a page that advertises a RSS feed by using a
<link> tag, a RSS icon will appear in the status bar. Click it to view
a list of feeds the page is offering. Click one to subscribe - this
adds a Bookmark Folder that contains all the recent posts from the
feed.

* Improved Find
      Find is easier and more powerful now with our new Find
toolbar. The Find toolbar (which shows at the bottom of the browser
window) automatically highlights text in the page as you type and has
a useful highlight feature.

* Managing Annoyances and Protecting Security
      You can now open blocked popups, and the Extension install
system now blocks all attempts to install software from sites other
than update.mozilla.org. Users can add other sites to a list that
allows them to offer software, but software is never automatically
installed. In addition to these steps, several other measures have
been taken to prevent phishing attacks and to highlight when a page is
being viewed over a secure connection.

* Better Bookmarks
      Numerous improvements to bookmarks including more reliable
presentation of Site icons, and a split pane view in the Bookmarks
window.

* Strong Encryption For Passwords Available
      Passwords saved with the Password Manager can now be more easily
encrypted with strong encryption by creating a "Master Password". If
you create a Master Password, you are prompted once per session to
enter the Master Password so that Password Manager can automatically
fill in site logins. A useful feature for people who share computers
with others and want improved security.

* Improved Compatibility for IE users
      Undetectable document.all support for site compatibility and
improved compatibility for keyboard accelerators further smooth the
transition for IE users

* Better System Integration for GNOME users
      You can now configure Firefox as your Default Browser on GNOME,
and Firefox will adhere to your GNOME settings for edit field key
bindings, etc.

* And a horde of other bug fixes...

See The Burning Edge's Bigger Picture for more details.

-----

Several security holes have been fixed. See the page bellow for
detail.

http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3

Revision 1.2 / (download) - annotate - [select for diffs], Tue Sep 7 06:03:55 2004 UTC (18 years, 4 months ago) by xtraeme
Branch: MAIN
Changes since 1.1: +3 -2 lines
Diff to previous 1.1 (colored)

pkglint MESSAGE, we'll use the same MESSAGE file for firefox and
firefox-gtk2.

Revision 1.1 / (download) - annotate - [select for diffs], Tue Aug 10 14:28:14 2004 UTC (18 years, 5 months ago) by taya
Branch: MAIN


forgot to add at privous commit

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>