diff options
| author | tron <tron@pkgsrc.org> | 2008-09-26 19:52:40 +0000 |
|---|---|---|
| committer | tron <tron@pkgsrc.org> | 2008-09-26 19:52:40 +0000 |
| commit | 3afd37eea1f72be0745ee931705d34beb27a243c (patch) | |
| tree | 558ab3542a29ab2c4be25936afa9cfec00d60b6d | |
| parent | ea907d45b9362e41a0b0ce0c92b8f8d20cea10b2 (diff) | |
| download | pkgsrc-3afd37eea1f72be0745ee931705d34beb27a243c.tar.gz | |
Pullup ticket #2534 - requested by ghen
firefox: security update
firefox-bin: security update
firefox-gtk1: security update
www/firefox-bin/Makefile 1.45
www/firefox-bin/distinfo 1.45
www/firefox-gtk1/Makefile 1.20-1.21
www/firefox-gtk1/PLIST 1.16
www/firefox/Makefile 1.47-1.48
www/firefox/Makefile-firefox.common 1.60
www/firefox/PLIST 1.31
www/firefox/distinfo 1.81-1.82
www/firefox/patches/patch-ee 1.1
www/firefox/patches/patch-ef 1.1
www/firefox/patches/patch-eg 1.1
---
Module Name: pkgsrc
Committed By: martin
Date: Mon Aug 11 10:09:21 UTC 2008
Modified Files:
pkgsrc/www/firefox: Makefile distinfo
pkgsrc/www/firefox-gtk1: Makefile
Added Files:
pkgsrc/www/firefox/patches: patch-ee patch-ef patch-eg
Log Message:
Add "unicode" processing alignment patch from mozilla's bugzilla to make
firefox work again on archs requiring strict alignement.
Bump pkgrevision.
---
Module Name: pkgsrc
Committed By: ghen
Date: Wed Sep 24 14:34:36 UTC 2008
Modified Files:
pkgsrc/www/firefox: Makefile Makefile-firefox.common PLIST distinfo
pkgsrc/www/firefox-bin: Makefile distinfo
pkgsrc/www/firefox-gtk1: Makefile PLIST
Log Message:
Update firefox, firefox-bin and firefox-gtk1 to 2.0.0.17.
(ok during freeze agc@)
Security fixes in this version:
MFSA 2008-45 XBM image uninitialized memory reading
MFSA 2008-44 resource: traversal vulnerabilities
MFSA 2008-43 BOM characters stripped from JavaScript before execution
MFSA 2008-42 Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.1=
7)
MFSA 2008-41 Privilege escalation via XPCnativeWrapper pollution
MFSA 2008-40 Forced mouse drag
MFSA 2008-39 Privilege escalation using feed preview page and XSS flaw
MFSA 2008-38 nsXMLDocument::OnChannelRedirect() same-origin violation
MFSA 2008-37 UTF-8 URL stack buffer overflow
For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.17/releasenotes/
| -rw-r--r-- | www/firefox-bin/Makefile | 4 | ||||
| -rw-r--r-- | www/firefox-bin/distinfo | 8 | ||||
| -rw-r--r-- | www/firefox-gtk1/PLIST | 3 | ||||
| -rw-r--r-- | www/firefox/Makefile-firefox.common | 4 | ||||
| -rw-r--r-- | www/firefox/PLIST | 3 | ||||
| -rw-r--r-- | www/firefox/distinfo | 11 | ||||
| -rwxr-xr-x | www/firefox/patches/patch-ee | 37 | ||||
| -rwxr-xr-x | www/firefox/patches/patch-ef | 37 | ||||
| -rwxr-xr-x | www/firefox/patches/patch-eg | 99 |
9 files changed, 192 insertions, 14 deletions
diff --git a/www/firefox-bin/Makefile b/www/firefox-bin/Makefile index 85cb8e65153..5d7e081c06a 100644 --- a/www/firefox-bin/Makefile +++ b/www/firefox-bin/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.43.4.1 2008/07/18 09:13:31 rtr Exp $ +# $NetBSD: Makefile,v 1.43.4.2 2008/09/26 19:52:40 tron Exp $ MOZILLA= firefox -MOZ_VER= 2.0.0.16 +MOZ_VER= 2.0.0.17 MOZ_DISTVER= ${MOZ_VER} HOMEPAGE= http://www.mozilla.com/en-US/firefox/ diff --git a/www/firefox-bin/distinfo b/www/firefox-bin/distinfo index d74ccd69b0a..55e38714a2b 100644 --- a/www/firefox-bin/distinfo +++ b/www/firefox-bin/distinfo @@ -1,5 +1,5 @@ -$NetBSD: distinfo,v 1.43.4.1 2008/07/18 09:13:31 rtr Exp $ +$NetBSD: distinfo,v 1.43.4.2 2008/09/26 19:52:40 tron Exp $ -SHA1 (firefox/releases/2.0.0.16/linux-i686/en-US/firefox-2.0.0.16.tar.gz) = 42f3ed96648f9fd7ce9c12a297cb068eff502cf5 -RMD160 (firefox/releases/2.0.0.16/linux-i686/en-US/firefox-2.0.0.16.tar.gz) = 3d7889dfd738c5d9ae9581621252195655976620 -Size (firefox/releases/2.0.0.16/linux-i686/en-US/firefox-2.0.0.16.tar.gz) = 9702136 bytes +SHA1 (firefox/releases/2.0.0.17/linux-i686/en-US/firefox-2.0.0.17.tar.gz) = af4e78f5b0e7d2bde96811dab16b3fca52c85a20 +RMD160 (firefox/releases/2.0.0.17/linux-i686/en-US/firefox-2.0.0.17.tar.gz) = a6d1e5ddb1a64e67bb1a0878464402fa54c52650 +Size (firefox/releases/2.0.0.17/linux-i686/en-US/firefox-2.0.0.17.tar.gz) = 9704284 bytes diff --git a/www/firefox-gtk1/PLIST b/www/firefox-gtk1/PLIST index e35c7cb5955..2517bf66a9f 100644 --- a/www/firefox-gtk1/PLIST +++ b/www/firefox-gtk1/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.15 2007/07/26 08:43:50 ghen Exp $ +@comment $NetBSD: PLIST,v 1.15.10.1 2008/09/26 19:52:40 tron Exp $ bin/${MOZILLA} @comment begin PROGRAMS lib/${MOZILLA}/${MOZILLA_BIN} @@ -1829,6 +1829,7 @@ include/${MOZILLA}/pipnss/nsITokenDialogs.h include/${MOZILLA}/pipnss/nsITokenPasswordDialogs.h include/${MOZILLA}/pipnss/nsIUserCertPicker.h include/${MOZILLA}/pipnss/nsIX509Cert.h +include/${MOZILLA}/pipnss/nsIX509Cert18Branch.h include/${MOZILLA}/pipnss/nsIX509Cert3.h include/${MOZILLA}/pipnss/nsIX509CertDB.h include/${MOZILLA}/pipnss/nsIX509CertDB2.h diff --git a/www/firefox/Makefile-firefox.common b/www/firefox/Makefile-firefox.common index 82415bbff23..e77e51ce5eb 100644 --- a/www/firefox/Makefile-firefox.common +++ b/www/firefox/Makefile-firefox.common @@ -1,8 +1,8 @@ -# $NetBSD: Makefile-firefox.common,v 1.58.4.1 2008/07/18 09:13:30 rtr Exp $ +# $NetBSD: Makefile-firefox.common,v 1.58.4.2 2008/09/26 19:52:40 tron Exp $ # used by www/firefox/Makefile MOZILLA_BIN= firefox-bin -MOZ_VER= 2.0.0.16 +MOZ_VER= 2.0.0.17 EXTRACT_SUFX= .tar.bz2 DISTNAME= firefox-${MOZ_VER}-source diff --git a/www/firefox/PLIST b/www/firefox/PLIST index 731b3d0e507..1a0e3cd6ff2 100644 --- a/www/firefox/PLIST +++ b/www/firefox/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.29.4.1 2008/07/18 09:13:31 rtr Exp $ +@comment $NetBSD: PLIST,v 1.29.4.2 2008/09/26 19:52:40 tron Exp $ bin/${MOZILLA} @comment begin PROGRAMS lib/${MOZILLA}/${MOZILLA_BIN} @@ -117,6 +117,7 @@ lib/${MOZILLA}/chrome/comm.manifest lib/${MOZILLA}/chrome/en-US.jar lib/${MOZILLA}/chrome/en-US.manifest lib/${MOZILLA}/chrome/icons/default/default.xpm +lib/${MOZILLA}/chrome/installed-chrome.txt lib/${MOZILLA}/chrome/pippki.jar lib/${MOZILLA}/chrome/pippki.manifest lib/${MOZILLA}/chrome/reporter.jar diff --git a/www/firefox/distinfo b/www/firefox/distinfo index daf514302e3..165ce12d07c 100644 --- a/www/firefox/distinfo +++ b/www/firefox/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.79.4.1 2008/07/18 09:13:31 rtr Exp $ +$NetBSD: distinfo,v 1.79.4.2 2008/09/26 19:52:40 tron Exp $ -SHA1 (firefox-2.0.0.16-source.tar.bz2) = ae1d451ce85a5515b37d73d2c4b7cb1377206d86 -RMD160 (firefox-2.0.0.16-source.tar.bz2) = 485c5d7c3c3fc9c462ee348802742905d3becfdf -Size (firefox-2.0.0.16-source.tar.bz2) = 40235443 bytes +SHA1 (firefox-2.0.0.17-source.tar.bz2) = ba95d9f64f2307b109dbce25d7a17af7e68298ed +RMD160 (firefox-2.0.0.17-source.tar.bz2) = 2ddbca9a9ce52ff541b86af7b6dad6e2af8c2956 +Size (firefox-2.0.0.17-source.tar.bz2) = 40293395 bytes SHA1 (patch-aa) = 5095449d4e979085fc5791b9d0251076b9c969c3 SHA1 (patch-ab) = 19069a4e572744eccb04e9906e16dad28d2dac01 SHA1 (patch-ac) = 96bee96d365d6a95d14031f4f1df9584b94d570b @@ -68,3 +68,6 @@ SHA1 (patch-ea) = 14e31d17c2493e468cd01f99abfc996853a11032 SHA1 (patch-eb) = dc9232b10075d17f7ed742e7be8ea036db2f0241 SHA1 (patch-ec) = 8235af6634306b2a5725754cd5a32285b311b714 SHA1 (patch-ed) = ae922f591b871a1f427c4c32d76a2c25701382d4 +SHA1 (patch-ee) = 02a9320b2f9e8d9cdb3837b74b7aa51080946d73 +SHA1 (patch-ef) = d9ac38cca1105931db34927930984cc35c3cd833 +SHA1 (patch-eg) = 82a92c2982c5a19df866323a2522703a166ba24e diff --git a/www/firefox/patches/patch-ee b/www/firefox/patches/patch-ee new file mode 100755 index 00000000000..92967dce9ec --- /dev/null +++ b/www/firefox/patches/patch-ee @@ -0,0 +1,37 @@ +$NetBSD: patch-ee,v 1.1.4.2 2008/09/26 19:52:40 tron Exp $ + +This is align.patch from https://bugzilla.mozilla.org/show_bug.cgi?id=161826 +(https://bugzilla.mozilla.org/attachment.cgi?id=294965) + +It is needed to make firefox work on CPUs requiring strict alignment. + +(Part 1 of 3 [patch-ee .. patch-eg]) + +Index: intl/unicharutil/util/nsUnicharUtils.cpp +=================================================================== +RCS file: /cvsroot/mozilla/intl/unicharutil/util/nsUnicharUtils.cpp,v +retrieving revision 1.27.8.1 +diff -u -b -B -u -8 -p -r1.27.8.1 nsUnicharUtils.cpp +--- intl/unicharutil/util/nsUnicharUtils.cpp 22 Jun 2006 19:13:00 -0000 1.27.8.1 ++++ intl/unicharutil/util/nsUnicharUtils.cpp 31 Dec 2007 16:07:40 -0000 +@@ -343,8 +343,20 @@ ToUpperCase(PRUnichar aChar) + if (aChar < 256) + result = toupper(char(aChar)); + else + result = aChar; + } + return result; + } + ++void ++SetUnichar(void *ptr, PRUnichar aChar) ++{ ++#if NEED_STRICT_ALIGNMENT ++ *((char *) ptr) = *((char *) &aChar); ++ *((char *) ptr + 1) = *((char *) &aChar + 1); ++#else ++ *((PRUnichar *) ptr) = aChar; ++#endif ++} ++ ++ diff --git a/www/firefox/patches/patch-ef b/www/firefox/patches/patch-ef new file mode 100755 index 00000000000..cfb169a7701 --- /dev/null +++ b/www/firefox/patches/patch-ef @@ -0,0 +1,37 @@ +$NetBSD: patch-ef,v 1.1.4.2 2008/09/26 19:52:40 tron Exp $ + +This is align.patch from https://bugzilla.mozilla.org/show_bug.cgi?id=161826 +(https://bugzilla.mozilla.org/attachment.cgi?id=294965) + +It is needed to make firefox work on CPUs requiring strict alignment. + +(Part 2 of 3 [patch-ee .. patch-eg]) + +Index: intl/unicharutil/util/nsUnicharUtils.h +=================================================================== +RCS file: /cvsroot/mozilla/intl/unicharutil/util/nsUnicharUtils.h,v +retrieving revision 1.19 +diff -u -b -B -u -8 -p -r1.19 nsUnicharUtils.h +--- intl/unicharutil/util/nsUnicharUtils.h 24 Feb 2005 15:50:57 -0000 1.19 ++++ intl/unicharutil/util/nsUnicharUtils.h 31 Dec 2007 16:07:40 -0000 +@@ -77,16 +77,20 @@ inline PRBool CaseInsensitiveFindInReada + aHay.BeginReading(searchBegin), + aHay.EndReading(searchEnd), + nsCaseInsensitiveStringComparator()); + } + + PRUnichar ToUpperCase(PRUnichar); + PRUnichar ToLowerCase(PRUnichar); + ++#define NEED_STRICT_ALIGNMENT defined(__sparc__) || defined(__alpha__) || defined(__mips__) ++ ++void SetUnichar(void *, PRUnichar); ++ + inline PRBool IsUpperCase(PRUnichar c) { + return ToLowerCase(c) != c; + } + + inline PRBool IsLowerCase(PRUnichar c) { + return ToUpperCase(c) != c; + } + diff --git a/www/firefox/patches/patch-eg b/www/firefox/patches/patch-eg new file mode 100755 index 00000000000..91902640436 --- /dev/null +++ b/www/firefox/patches/patch-eg @@ -0,0 +1,99 @@ +$NetBSD: patch-eg,v 1.1.4.2 2008/09/26 19:52:40 tron Exp $ + +This is align.patch from https://bugzilla.mozilla.org/show_bug.cgi?id=161826 +(https://bugzilla.mozilla.org/attachment.cgi?id=294965) + +It is needed to make firefox work on CPUs requiring strict alignment. + +(Part 3 of 3 [patch-ee .. patch-eg]) + +Index: layout/generic/nsTextFrame.cpp +=================================================================== +RCS file: /cvsroot/mozilla/layout/generic/Attic/nsTextFrame.cpp,v +retrieving revision 1.513.4.17 +diff -u -b -B -u -8 -p -r1.513.4.17 nsTextFrame.cpp +--- layout/generic/nsTextFrame.cpp 19 Sep 2007 01:45:40 -0000 1.513.4.17 ++++ layout/generic/nsTextFrame.cpp 31 Dec 2007 16:07:41 -0000 +@@ -5118,28 +5118,37 @@ struct TextRun { + mSegments[mNumSegments].mIsWhitespace = aIsWhitespace; + mTotalContentLen += aContentLen; + mSegments[mNumSegments].mContentLen = PRUint32(mTotalContentLen); + mNumSegments++; + } + }; + + // Transforms characters in place from ascii to Unicode +-static void ++static PRUnichar * + TransformTextToUnicode(char* aText, PRInt32 aNumChars) + { + // Go backwards over the characters and convert them. + unsigned char* cp1 = (unsigned char*)aText + aNumChars - 1; +- PRUnichar* cp2 = (PRUnichar*)aText + (aNumChars - 1); ++ PRUnichar* cp2; ++ PRUnichar* ret; + +- while (aNumChars-- > 0) { +- // XXX: If you crash here then you may see the issue described +- // in http://bugzilla.mozilla.org/show_bug.cgi?id=36146#c44 +- *cp2-- = PRUnichar(*cp1--); +- } ++ if ((unsigned long) aText & 0x1) ++ cp2 = ((PRUnichar*)(aText + 1)); ++ else ++ cp2 = (PRUnichar*)aText; ++ ++ ret = cp2; ++ ++ cp2 += (aNumChars - 1); ++ ++ while (aNumChars-- > 0) ++ SetUnichar(cp2--, PRUnichar(*cp1--)); ++ ++ return ret; + } + + PRUint32 + nsTextFrame::EstimateNumChars(PRUint32 aAvailableWidth, + PRUint32 aAverageCharWidth) + { + // Estimate the number of characters that will fit. Use 105% of the available + // width divided by the average character width. +@@ -5697,17 +5706,17 @@ nsTextFrame::MeasureText(nsPresContext* + PRUnichar* pWordBuf = lastWordPtr; + PRUint32 wordBufLen = aTx.GetWordBufferLength() - + (lastWordPtr - aTx.GetWordBuffer()); + + if (aTx.TransformedTextIsAscii()) { + // The text transform buffer contains ascii characters, so + // transform it to Unicode + NS_ASSERTION(wordBufLen >= PRUint32(lastWordLen), "no room to transform in place"); +- TransformTextToUnicode((char*)lastWordPtr, lastWordLen); ++ pWordBuf = TransformTextToUnicode((char*)lastWordPtr, lastWordLen); + } + + // Look ahead in the text-run and compute the final word + // width, taking into account any style changes and stopping + // at the first breakable point. + if (!aTextData.mMeasureText || (lastWordDimensions.width == -1)) { + // We either didn't measure any text or we measured multiple words + // at once so either way we don't know lastWordDimensions. We'll have to +@@ -6227,17 +6236,17 @@ nsTextFrame::TrimTrailingWhiteSpace(nsPr + + static void + RevertSpacesToNBSP(PRUnichar* aBuffer, PRInt32 aWordLen) + { + PRUnichar* end = aBuffer + aWordLen; + for (; aBuffer < end; aBuffer++) { + PRUnichar ch = *aBuffer; + if (ch == ' ') { +- *aBuffer = CH_NBSP; ++ SetUnichar(aBuffer, CH_NBSP); + } + } + } + + nsTextDimensions + nsTextFrame::ComputeTotalWordDimensions(nsPresContext* aPresContext, + nsILineBreaker* aLineBreaker, + nsLineLayout& aLineLayout, |