diff options
author | tnn <tnn@pkgsrc.org> | 2011-09-05 11:05:21 +0000 |
---|---|---|
committer | tnn <tnn@pkgsrc.org> | 2011-09-05 11:05:21 +0000 |
commit | 456f4abfd3a0d7f14646538f9b8306c9ce5dbf85 (patch) | |
tree | e70ef3a2b3229edbc15fd8a239129761234c5b4f /devel/xulrunner192/patches | |
parent | 7ef03684955cce272020c4b7528364da77dfa950 (diff) | |
download | pkgsrc-456f4abfd3a0d7f14646538f9b8306c9ce5dbf85.tar.gz |
Update legacy firefox36 package to 3.6.21.
Fixes some security issues:
MFSA 2011-34 Protection against fraudulent DigiNotar certificates
MFSA 2011-30 Security issues addressed in Firefox 3.6.20
MFSA 2011-24 Cookie isolation error
MFSA 2011-23 Multiple dangling pointer vulnerabilities
MFSA 2011-22 Integer overflow and arbitrary code execution in Array.reduceRight()
MFSA 2011-21 Memory corruption due to multipart/x-mixed-replace images
MFSA 2011-20 Use-after-free vulnerability when viewing XUL document with script disabled
MFSA 2011-19 Miscellaneous memory safety hazards (rv:3.0/1.9.2.18)
Diffstat (limited to 'devel/xulrunner192/patches')
-rw-r--r-- | devel/xulrunner192/patches/patch-nd | 37 |
1 files changed, 0 insertions, 37 deletions
diff --git a/devel/xulrunner192/patches/patch-nd b/devel/xulrunner192/patches/patch-nd deleted file mode 100644 index 43ef0bd6687..00000000000 --- a/devel/xulrunner192/patches/patch-nd +++ /dev/null @@ -1,37 +0,0 @@ -$NetBSD: patch-nd,v 1.1.1.1 2011/04/19 11:16:08 tnn Exp $ - -# reported upstream as -# https://bugzilla.mozilla.org/show_bug.cgi?id=514002 - ---- gfx/qcms/iccread.c.orig 2009-07-30 17:30:16.000000000 +0200 -+++ gfx/qcms/iccread.c 2009-09-01 21:29:29.000000000 +0200 -@@ -23,6 +23,7 @@ - #include <math.h> - #include <assert.h> - #include <stdlib.h> -+#include <string.h> - #include "qcmsint.h" - - //XXX: use a better typename -@@ -84,7 +85,9 @@ static uint32_t read_u32(struct mem_sour - invalid_source(mem, "Invalid offset"); - return 0; - } else { -- return be32_to_cpu(*(__be32*)(mem->buf + offset)); -+ uint32_t v; -+ memcpy(&v, mem->buf + offset, 4); -+ return be32_to_cpu(v); - } - } - -@@ -94,7 +97,9 @@ static uint16_t read_u16(struct mem_sour - invalid_source(mem, "Invalid offset"); - return 0; - } else { -- return be16_to_cpu(*(__be16*)(mem->buf + offset)); -+ uint16_t v; -+ memcpy(&v, mem->buf + offset, 2); -+ return be16_to_cpu(v); - } - } - |