| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
of the shlib major bump.
PKGREVISION++ for the dependencies.
|
|
automatically detects whether we want the pkginstall machinery to be
used by the package Makefile.
|
|
packages needing them, e.g., epiphany). Bump PKGREVISION to 2.
|
|
Since the build with DragonFly's system gcc was successful before, but
segilled on startup, a revision bump is necessary.
|
|
|
|
regen.
|
|
Including fix for long title & history file problem.
http://www.mozilla.org/security/history-title.html
https://bugzilla.mozilla.org/show_bug.cgi?id=319004
What's New in Firefox 1.5
Firefox 1.5 is the next version of our award-winning Web browser.
Here's what's new in Firefox 1.5:
* Automated update to streamline product upgrades. Notification of an
update is more prominent, and updates to Firefox may now be half a
megabyte or smaller. Updating extensions has also improved.
* Faster browser navigation with improvements to back and forward
button performance.
* Drag and drop reordering for browser tabs.
* Improvements to popup blocking.
* Clear Private Data feature provides an easy way to quickly remove
personal data through a menu item or keyboard shortcut.
* Answers.com is added to the search engine list.
* Improvements to product usability including descriptive error pages,
redesigned options menu, RSS discovery, and "Safe Mode" experience.
* Better accessibility including support for DHTML accessibility and
assistive technologies such as the Window-Eyes 5.5 beta screen reader
for Microsoft Windows. Screen readers read aloud all available
information in applications and documents or show the information on a
Braille display, enabling blind and visually impaired users to use
equivalent software functionality as their sighted peers.
* Report a broken Web site wizard to report Web sites that are not
working in Firefox.
* Better support for Mac OS X (10.2 and greater) including profile
migration from Safari and Mac Internet Explorer.
* New support for Web Standards including SVG, CSS 2 and CSS 3, and
JavaScript 1.6.
* Many security enhancements.
The Burning Edge has more detailed lists of new features and notable bug fixes.
http://www.squarefree.com/burningedge/releases/1.5-comprehensive.html
|
|
"pkglint --autofix" change.
|
|
CONFIGURE_ARGS.
|
|
example MAKE_ENV+=FOO=${BAR} is changed to MAKE_ENV+=FOO=${BAR:Q}. Some
other changes are outlined in
http://mail-index.netbsd.org/tech-pkg/2005/12/02/0034.html
|
|
|
|
version 1.0.6 include:
* Fix for a potential buffer overflow vulnerability when loading a
hostname with all soft-hyphens
* Fix to prevent URLs passed from external programs from being
parsed by the shell (Linux only)
* Fix to prevent a crash when loading a Proxy Auto-Config (PAC)
script that uses an "eval" statement
* Fix to restore InstallTrigger.getVersion() for Extension authors
* Other stability and security fixes
Approved by taya.
|
|
registration out of the installation step and into the INSTALL script.
Also, remove the registration commands from the PLIST as well. Putting
them into the INSTALL script allows for the same commands to be run
in the same way, so that there are fewer differences between installing
from source and installing from a binary package. Also, this makes
these packages pass CHECK_FILES=yes. Bump the PKGREVISION of firefox,
firefox-gtk1, mozilla, and mozilla-gtk2.
Also, include bsd.pkg.mk from the package Makefiles, not from within
Makefile.common. This is a style issue and allows for appending to
variables originally defined in Makefile.common from the package
Makefile.
|
|
NetBSD the thread safe resolver is only available on __NetBSD_Version__
>= 299000900. Fixes runtime usage on NetBSD 2.1. New Versions:
- firefox-1.0.6nb2
- firefox-gtk1-1.0.6nb2
- mozilla-1.7.11nb1
- mozilla-gtk2-1.7.11nb1
- thunderbird-1.0.6nb1
- thunderbird-gtk1-1.0.6nb1
|
|
|
|
a powerpc architecture (e.g. NetBSD-mapcppc). This cures display glitches
(e.g. text appearing at the wrong location). Bump package revision
because of this change.
|
|
|
|
Firefox 1.0.6 is a stability update. We recommend that users upgrade
to this latest version.
Here's what's new in Firefox 1.0.6:
* Restore API compatibility for extensions and web applications
that did not work in Firefox 1.0.5.
|
|
Firefox 1.0.5 is a security update.
Fixed vulnerabilities are:
2005-56 Code execution through shared function objects
MFSA 2005-55 XHTML node spoofing
MFSA 2005-54 Javascript prompt origin spoofing
MFSA 2005-53 Standalone applications can run arbitrary code through the browser
MFSA 2005-52 Same origin violation: frame calling top.focus()
MFSA 2005-51 The return of frame-injection spoofing
MFSA 2005-50 Possibly exploitable crash in InstallVersion.compareTo()
MFSA 2005-49 Script injection from Firefox sidebar panel using data:
MFSA 2005-48 Same-origin violation with InstallTrigger callback
MFSA 2005-47 Code execution via "Set as Wallpaper"
MFSA 2005-46 XBL scripts ran even when Javascript disabled
MFSA 2005-45 Content-generated event vulnerabilities
|
|
older C environments as well.
|
|
broke the package for NetBSD 1.6.
|
|
state was completely broken.
|
|
an underscore.
|
|
by macros from math.h to avoid alignement problems described in
PR pkg/30106.
(Same as ../mozilla/patches/patch-cd)
|
|
This is a security fix release.
Fixed vulnerabilities are follows:
MFSA 2005-44 Privilege escalation via non-DOM property overrides
MFSA 2005-43 "Wrapped" javascript: urls bypass security checks
MFSA 2005-42 Code execution via javascript: IconURL
|
|
taya ... well really he said "I don't object your idea.")
This fixes a build bug when heimdal is detected but not buildlinked.
It is a known mozilla bug:
https://bugzilla.mozilla.org/show_bug.cgi?id=245467
I didn't put this in the mozilla/Makefile.common, because didn't test that
yet.
This issue probably only happens when using /usr as the LOCALBASE,
which is not really supported and maybe I am the only one to hit this
with pkgsrc.
Maybe later someone can consider adding a build option for GSSAPI,
but I don't know anything about it in regards to a web browser myself.
|
|
instead of using ':ts' modifier.
becase make of NetBSD-1.6.x doesn't have it.
suggested by Jeremy C. Reed.
|
|
This is a security fix release.
Fixed vulnerabilities are follows:
MFSA 2005-33 Javascript "lambda" replace exposes memory contents
MFSA 2005-34 javascript: PLUGINSPAGE code execution
MFSA 2005-35 Showing blocked javascript: popup uses wrong privilege context
MFSA 2005-36 Cross-site scripting through global scope pollution
MFSA 2005-37 Code execution through javascript: favicons
MFSA 2005-38 Search plugin cross-site scripting
MFSA 2005-39 Arbitrary code execution from Firefox sidebar panel II
MFSA 2005-40 Missing Install object instance checks
MFSA 2005-41 Privilege escalation via DOM property overrides
|
|
to fix binary packages.
|
|
bump PKGREVISION.
fix PR pkg/29595
|
|
fixes "Mozilla Firefox JavaScript Engine Information Disclosure Vulnerability"
See following pages for detail.
http://secunia.com/advisories/14820/
https://bugzilla.mozilla.org/show_bug.cgi?id=288688
Bump PKGREVISION.
|
|
mozilla/Makefile.common, rather than adding it into each Makefile
(also fixes thunderbird-gtk2).
|
|
and some extension tried to be built which fails because not buildlink'd
|
|
|
|
Firefox 1.0.2 is a security and stability update.
Followings bugs are fixed in this release.
MFSA 2005-32 Drag and drop loading of privileged XUL
MFSA 2005-31 Arbitrary code execution from Firefox sidebar panel
MFSA 2005-30 GIF heap overflow parsing Netscape extension 2
|
|
And switched to use gtk2.
Changes from release notes:
* Improved stability
* International Domain Names are now displayed as punycode.
(To show International Domain Names in Unicode, set the
"network.IDN_show_punycode" preference to false.)
* Several security fixes.
MFSA 2005-29 Internationalized Domain Name (IDN) homograph spoofing
MFSA 2005-28 Unsafe /tmp/plugtmp directory exploitable to erase user's files
MFSA 2005-27 Plugins can be used to load privileged content
MFSA 2005-26 Cross-site scripting by dropping javascript: link on tab
MFSA 2005-25 Image drag and drop executable spoofing
MFSA 2005-24 HTTP auth prompt tab spoofing
MFSA 2005-23 Download dialog source spoofing
MFSA 2005-22 Download dialog spoofing using Content-Disposition header
MFSA 2005-21 Overwrite arbitrary files downloading .lnk twice
MFSA 2005-20 XSLT can include stylesheets from arbitrary hosts
MFSA 2005-19 Autocomplete data leak
MFSA 2005-18 Memory overwrite in string library
MFSA 2005-17 Install source spoofing with user:pass@host
MFSA 2005-16 Spoofing download and security dialogs with overlapping windows
MFSA 2005-15 Heap overflow possible in UTF8 to Unicode conversion
MFSA 2005-14 SSL "secure site" indicator spoofing
MFSA 2005-13 Window Injection Spoofing
|
|
|
|
define HAVE_SOCKLEN_T
|
|
fix PR pkg/28396
bump PKGREVISION
|
|
|
|
fix pkg/28164.
bump PKGREVISION
|
|
- add some missing files to PLIST
|
|
This is a bugfix release, to fix the problems reported in Preview
Releases, etc.
|
|
since the build use -ansi that in turn makes gcc 3.4 modify its pre-
defined symbols in such a way that va_copy is not defined.
|
|
libnsl on Solaris), as well as another sh(1) portability fix.
https://bugzilla.mozilla.org/show_bug.cgi?id=260337
no PKGREVISION bump because this didn't build on Solaris without
libnsl.
|
|
Fixes build on NetBSD/macppc and maybe others, tested by Peter Bex
on 2-0/macppc and i386/-current/2-0 by me, closes PR pkg/27033.
|
|
to copy the extensions files.
On Solaris, cp doesn't know -L. (Reported by R. Quinn.)
Using pax was suggested by grant@.
|
|
cp -r copies symlinks as symlinks (which caused
files to be missing in install).
Hopefully, this is portable. I tested under NetBSD and with coreutils.
And I brought this up on tech-pkg in July.
|
|
NetBSD >=2.0F - I've been running with it for months on -current
without any problems.
|
|
http://www.mozilla.org/press/mozilla-2004-10-01-02.html
|
