Pullup ticket #2441 - requested by ghen

Security update for firefox, firefox-bin and firefox-gtk1

Revisions pulled up:
- www/firefox-bin/Makefile		1.43
- www/firefox-bin/distinfo		1.43
- www/firefox/Makefile-firefox.common	1.58
- www/firefox/PLIST			1.29
- www/firefox/distinfo			1.78
- www/firefox/patches/patch-af		1.6
- www/firefox/patches/patch-ap		1.9
- www/firefox/patches/patch-de		1.2
---
    Module Name:	pkgsrc
    Committed By:	ghen
    Date:		Wed Jul  2 09:03:35 UTC 2008

    Modified Files:
    	pkgsrc/www/firefox: Makefile-firefox.common PLIST distinfo
    	pkgsrc/www/firefox-bin: Makefile distinfo
    	pkgsrc/www/firefox/patches: patch-af patch-ap patch-de

    Log Message:
    Update firefox, firefox-bin and firefox-gtk1 to 2.0.0.15.

    Part of patch-af has been fixed upstream.

    Security fixes in this version:

    MFSA 2008-33 Crash and remote code execution in block reflow
    MFSA 2008-32 Remote site run as local file via Windows URL shortcut
    MFSA 2008-31 Peer-trusted certs can use alt names to spoof
    MFSA 2008-30 File location URL in directory listings not escaped properly
    MFSA 2008-29 Faulty .properties file results in uninitialized memory being used
    MFSA 2008-28 Arbitrary socket connections with Java LiveConnect on Mac OS X
    MFSA 2008-27 Arbitrary file upload via originalTarget and DOM Range
    MFSA 2008-25 Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript()
    MFSA 2008-24 Chrome script loading from fastload file
    MFSA 2008-23 Signed JAR tampering
    MFSA 2008-22 XSS through JavaScript same-origin violation
    MFSA 2008-21 Crashes with evidence of memory corruption (rv:1.8.1.15)

    For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.15/releasenotes/

8 files changed, 28 insertions, 41 deletions

diff --git a/www/firefox-bin/Makefile b/www/firefox-bin/Makefile
index deeaee07177..386408e00ce 100644
--- a/www/firefox-bin/Makefile
+++ b/www/firefox-bin/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.41.2.1 2008/04/21 00:39:03 rtr Exp $
+# $NetBSD: Makefile,v 1.41.2.2 2008/07/02 13:13:59 tron Exp $
 
 MOZILLA=		firefox
-MOZ_VER=		2.0.0.14
+MOZ_VER=		2.0.0.15
 MOZ_DISTVER=		${MOZ_VER}
 
 HOMEPAGE=		http://www.mozilla.com/en-US/firefox/
diff --git a/www/firefox-bin/distinfo b/www/firefox-bin/distinfo
index cbcc09e8495..8674c02baa3 100644
--- a/www/firefox-bin/distinfo
+++ b/www/firefox-bin/distinfo
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.41.2.1 2008/04/21 00:39:03 rtr Exp $
+$NetBSD: distinfo,v 1.41.2.2 2008/07/02 13:13:59 tron Exp $
 
-SHA1 (firefox/releases/2.0.0.14/linux-i686/en-US/firefox-2.0.0.14.tar.gz) = 65612e6e5d5064cf295e5db2733e05cd50e7add6
-RMD160 (firefox/releases/2.0.0.14/linux-i686/en-US/firefox-2.0.0.14.tar.gz) = 89f1feb546e1e784f55897328ba30460c8f0ccc3
-Size (firefox/releases/2.0.0.14/linux-i686/en-US/firefox-2.0.0.14.tar.gz) = 9694145 bytes
+SHA1 (firefox/releases/2.0.0.15/linux-i686/en-US/firefox-2.0.0.15.tar.gz) = 272750c0c93aaa2059c50f37672b521f9c0537a1
+RMD160 (firefox/releases/2.0.0.15/linux-i686/en-US/firefox-2.0.0.15.tar.gz) = 176fa16171ab4be2d5ee7019c964cd2473e19e81
+Size (firefox/releases/2.0.0.15/linux-i686/en-US/firefox-2.0.0.15.tar.gz) = 9699465 bytes
diff --git a/www/firefox/Makefile-firefox.common b/www/firefox/Makefile-firefox.common
index 07147f00c50..25dcb8369d6 100644
--- a/www/firefox/Makefile-firefox.common
+++ b/www/firefox/Makefile-firefox.common
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile-firefox.common,v 1.55.2.1 2008/04/21 00:39:03 rtr Exp $
+# $NetBSD: Makefile-firefox.common,v 1.55.2.2 2008/07/02 13:13:59 tron Exp $
 
 MOZILLA_BIN=		firefox-bin
-MOZ_VER=		2.0.0.14
+MOZ_VER=		2.0.0.15
 EXTRACT_SUFX=		.tar.bz2
 
 DISTNAME=		firefox-${MOZ_VER}-source
diff --git a/www/firefox/PLIST b/www/firefox/PLIST
index 172eba4a3dd..c81bec8e070 100644
--- a/www/firefox/PLIST
+++ b/www/firefox/PLIST
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.28 2007/07/26 08:43:50 ghen Exp $
+@comment $NetBSD: PLIST,v 1.28.6.1 2008/07/02 13:13:59 tron Exp $
 bin/${MOZILLA}
 @comment begin PROGRAMS
 lib/${MOZILLA}/${MOZILLA_BIN}
@@ -1844,6 +1844,7 @@ include/${MOZILLA}/pipnss/nsITokenDialogs.h
 include/${MOZILLA}/pipnss/nsITokenPasswordDialogs.h
 include/${MOZILLA}/pipnss/nsIUserCertPicker.h
 include/${MOZILLA}/pipnss/nsIX509Cert.h
+include/${MOZILLA}/pipnss/nsIX509Cert18Branch.h
 include/${MOZILLA}/pipnss/nsIX509Cert3.h
 include/${MOZILLA}/pipnss/nsIX509CertDB.h
 include/${MOZILLA}/pipnss/nsIX509CertDB2.h
diff --git a/www/firefox/distinfo b/www/firefox/distinfo
index 6858da4aff3..b2f8bc90a13 100644
--- a/www/firefox/distinfo
+++ b/www/firefox/distinfo
@@ -1,14 +1,14 @@
-$NetBSD: distinfo,v 1.75.2.1 2008/04/21 00:39:03 rtr Exp $
+$NetBSD: distinfo,v 1.75.2.2 2008/07/02 13:13:59 tron Exp $
 
-SHA1 (firefox-2.0.0.14-source.tar.bz2) = de263675a137a8e2b25757c4d292e7a3e2434f74
-RMD160 (firefox-2.0.0.14-source.tar.bz2) = 31eec3454946cfb1c57bd71f32c2a41982276006
-Size (firefox-2.0.0.14-source.tar.bz2) = 37510819 bytes
+SHA1 (firefox-2.0.0.15-source.tar.bz2) = 22d5b0c9c59f5d0cf805d0ab9a117f3ae93400c9
+RMD160 (firefox-2.0.0.15-source.tar.bz2) = 188613b50752e52f6993dce24137b7311f385ef6
+Size (firefox-2.0.0.15-source.tar.bz2) = 40279750 bytes
 SHA1 (patch-aa) = 5095449d4e979085fc5791b9d0251076b9c969c3
 SHA1 (patch-ab) = 19069a4e572744eccb04e9906e16dad28d2dac01
 SHA1 (patch-ac) = 96bee96d365d6a95d14031f4f1df9584b94d570b
 SHA1 (patch-ad) = 20f2184a7e5e98b065e884c67e4c17fc52019a79
 SHA1 (patch-ae) = fea251aabc772c3d4ad3044c8295af45cc9cab2d
-SHA1 (patch-af) = 01e10664fbf20dffa53ecb94be24a421c39b838b
+SHA1 (patch-af) = 2500e35f74eab9ec16df7303fe8d1c2bff0a655b
 SHA1 (patch-ag) = 1266333a482483f786d5f00e92e641e282266442
 SHA1 (patch-ah) = c737519c8ab8a66993d4892a6efac73e2da979f5
 SHA1 (patch-ai) = 58d7d87295cfbcaeba3e6a27457e15533d4b8e78
@@ -17,7 +17,7 @@ SHA1 (patch-ak) = aa54e2c4d2f1c0d40bbbfcd6e3e55b44c3c549ff
 SHA1 (patch-al) = e5fc425630a5363807bf1cc2c648d5eb31d0e40e
 SHA1 (patch-an) = 8b855be2d22422fcbf9293717ee45a8115e15bff
 SHA1 (patch-ao) = f7221f4135c8bb5adc154f523cef7ff0ef42e602
-SHA1 (patch-ap) = 58b4867336c73c3908e508501025bdbd8e2e8b30
+SHA1 (patch-ap) = 9ca3715eaef7d86933621665f81cc19a79059ed0
 SHA1 (patch-aq) = 59c1c9922413fd50e1b0573158ad56439a79debf
 SHA1 (patch-aw) = 9d4388a7bd89b7ca884b9e7eb4855e3afb8e8c3a
 SHA1 (patch-ax) = 1518e5bb0ee162d7c4135a6cfb8112da83a38855
@@ -48,7 +48,7 @@ SHA1 (patch-da) = 356e37429832ffd296fa79b9aa7ef20c05d851e0
 SHA1 (patch-db) = f10187cf9de4466e49a967b79875eb01c5afd69f
 SHA1 (patch-dc) = ba7b06f04460d4966e115a9ffdeafc1ebf555972
 SHA1 (patch-dd) = de9d705fdc3cb9879a19d58dfd170d104ca379f7
-SHA1 (patch-de) = 1d845fd60ecd85554fa82f6c5f3cc7edc7d377a5
+SHA1 (patch-de) = 6ef560d688b3b67450b9582c95d9239ab4749f61
 SHA1 (patch-df) = 17912d183f754ab6661d2be8092e6a07d142632b
 SHA1 (patch-dh) = 7592a6238acd5ef6e802d32103c897acb576825a
 SHA1 (patch-dj) = 70360dffb20dd1029866d2e81899d003c9e17473
diff --git a/www/firefox/patches/patch-af b/www/firefox/patches/patch-af
index 45c413de66d..06873bc156c 100644
--- a/www/firefox/patches/patch-af
+++ b/www/firefox/patches/patch-af
@@ -1,8 +1,7 @@
-$NetBSD: patch-af,v 1.5 2007/05/12 13:53:07 ghen Exp $
+$NetBSD: patch-af,v 1.5.8.1 2008/07/02 13:13:59 tron Exp $
 
-diff -ruN ../Orig/mozilla/security/nss/lib/freebl/unix_rand.c ./security/nss/lib/freebl/unix_rand.c
---- ../Orig/mozilla/security/nss/lib/freebl/unix_rand.c	2005-10-11 08:22:50.000000000 +0900
-+++ ./security/nss/lib/freebl/unix_rand.c	2005-12-04 19:04:32.000000000 +0900
+--- security/nss/lib/freebl/unix_rand.c.orig	2007-07-26 01:18:55.000000000 +0200
++++ security/nss/lib/freebl/unix_rand.c
 @@ -35,6 +35,7 @@
   * ***** END LICENSE BLOCK ***** */
  
@@ -11,16 +10,3 @@ diff -ruN ../Orig/mozilla/security/nss/lib/freebl/unix_rand.c ./security/nss/lib
  #include <string.h>
  #include <signal.h>
  #include <unistd.h>
-@@ -694,7 +695,11 @@
- 	/* dup write-side of pipe to stderr and stdout */
- 	if (p[1] != 1) dup2(p[1], 1);
- 	if (p[1] != 2) dup2(p[1], 2);
--	close(0);
-+	fd = open("/dev/null", O_RDONLY);
-+	if (fd != 0) {
-+	    dup2(fd, 0);
-+	    close(fd);
-+	}
-         {
-             int ndesc = getdtablesize();
-             for (fd = PR_MIN(65536, ndesc); --fd > 2; close(fd));
diff --git a/www/firefox/patches/patch-ap b/www/firefox/patches/patch-ap
index d16f8ab7de5..24b26e80b98 100644
--- a/www/firefox/patches/patch-ap
+++ b/www/firefox/patches/patch-ap
@@ -1,6 +1,6 @@
-$NetBSD: patch-ap,v 1.8 2007/05/12 13:53:08 ghen Exp $
+$NetBSD: patch-ap,v 1.8.8.1 2008/07/02 13:13:59 tron Exp $
 
---- security/coreconf/command.mk.orig	2006-03-29 22:26:44.000000000 +0200
+--- security/coreconf/command.mk.orig	2007-05-09 03:38:16.000000000 +0200
 +++ security/coreconf/command.mk
 @@ -45,7 +45,7 @@ ASFLAGS      += $(CFLAGS)
  CCF           = $(CC) $(CFLAGS)
@@ -9,5 +9,5 @@ $NetBSD: patch-ap,v 1.8 2007/05/12 13:53:08 ghen Exp $
 -CFLAGS        = $(OPTIMIZER) $(OS_CFLAGS) $(XP_DEFINE) $(DEFINES) $(INCLUDES) \
 +CFLAGS        = $(OS_CFLAGS) $(XP_DEFINE) $(DEFINES) $(INCLUDES) \
  		$(XCFLAGS)
+ PERL          = perl
  RANLIB        = echo
- TAR           = /bin/tar
diff --git a/www/firefox/patches/patch-de b/www/firefox/patches/patch-de
index fbc3726a830..d287b537864 100644
--- a/www/firefox/patches/patch-de
+++ b/www/firefox/patches/patch-de
@@ -1,13 +1,13 @@
-$NetBSD: patch-de,v 1.1 2007/05/12 13:53:10 ghen Exp $
+$NetBSD: patch-de,v 1.1.8.1 2008/07/02 13:13:59 tron Exp $
 
---- security/nss/lib/freebl/Makefile.orig	2006-12-06 18:01:13.000000000 +0000
+--- security/nss/lib/freebl/Makefile.orig	2007-11-14 23:47:33.000000000 +0100
 +++ security/nss/lib/freebl/Makefile
-@@ -192,7 +192,7 @@ endif
+@@ -194,7 +194,7 @@ endif
  # to bind the blapi function references in FREEBLVector vector
  # (ldvector.c) to the blapi functions defined in the freebl
  # shared libraries.
--ifeq (,$(filter-out BSD_OS FreeBSD Linux NetBSD, $(OS_TARGET)))
-+ifeq (,$(filter-out BSD_OS DragonFly FreeBSD Linux NetBSD, $(OS_TARGET)))
+-ifeq (,$(filter-out BSD_OS FreeBSD Linux NetBSD OpenBSD, $(OS_TARGET)))
++ifeq (,$(filter-out BSD_OS DragonFly FreeBSD Linux NetBSD OpenBSD, $(OS_TARGET)))
      MKSHLIB += -Wl,-Bsymbolic
  endif