| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
make it deal properly at least on 64 bit archs (natural alignment seems
to fit for all substructures for 32bit archs)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Firefox 3.5 is based on the Gecko 1.9.1 rendering platform.
Firefox 3.5 offers many changes over the previous version, supporting new web
technologies, improving performance and ease of use.
Some of the notable features are:
* Support for the HTML5 <video> and <audio> elements
* Improved tools for controlling your private data
* Better web application performance using the new TraceMonkey JavaScript engine
* The ability to share your location with websites using Location Aware Browsing
* Support for native JSON, and web worker threads.
* Improvements to the Gecko layout engine, including speculative parsing for
faster content rendering.
* Support for new web technologies such as: downloadable fonts, CSS media
queries, new transformations and properties, JavaScript query selectors,
HTML5 local storage and offline application storage, <canvas> text,
ICC profiles, and SVG transforms.
|
|
(I opted for removing and re-importing instead of a plain update due to
extensive patch rototil)
We may encounter minor turbulence as dependent packages are sorted out.
Thank you for flying pkgsrc-current.
|
|
|
|
|
|
|
|
This changes the buildlink3.mk files to use an include guard for the
recursive include. The use of BUILDLINK_DEPTH, BUILDLINK_DEPENDS,
BUILDLINK_PACKAGES and BUILDLINK_ORDER is handled by a single new
variable BUILDLINK_TREE. Each buildlink3.mk file adds a pair of
enter/exit marker, which can be used to reconstruct the tree and
to determine first level includes. Avoiding := for large variables
(BUILDLINK_ORDER) speeds up parse time as += has linear complexity.
The include guard reduces system time by avoiding reading files over and
over again. For complex packages this reduces both %user and %sys time to
half of the former time.
|
|
INSTALL, and put it in seamonkey.
Ensure all build with USE_DESTDIR.
Bump PKGREVISIONs
|
|
|
|
Security fixes in this version:
MFSA 2008-69 XSS vulnerabilities in SessionStore
MFSA 2008-68 XSS and JavaScript privilege escalation
MFSA 2008-67 Escaped null characters ignored by CSS parser
MFSA 2008-66 Errors parsing URLs with leading whitespace and control characters
MFSA 2008-65 Cross-domain data theft via script redirect error message
MFSA 2008-64 XMLHttpRequest 302 response disclosure
MFSA 2008-62 Additional XSS attack vectors in feed preview
MFSA 2008-61 Information stealing via loadBindingDocument
MFSA 2008-60 Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19)
For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.19/releasenotes/
|
|
Security fixes in this version:
MFSA 2008-58 Parsing error in E4X default namespace
MFSA 2008-57 -moz-binding property bypasses security checks on codebase principals
MFSA 2008-56 nsXMLHttpRequest::NotifyEventListeners() same-origin violation
MFSA 2008-55 Crash and remote code execution in nsFrameManager
MFSA 2008-54 Buffer overflow in http-index-format parser
MFSA 2008-53 XSS and JavaScript privilege escalation via session restore
MFSA 2008-52 Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18)
MFSA 2008-50 Crash and remote code execution via __proto__ tampering
MFSA 2008-49 Arbitrary code execution via Flash Player dynamic module unloading
MFSA 2008-48 Image stealing via canvas and HTTP redirect
MFSA 2008-47 Information stealing via local shortcut files
For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.18/releasenotes/
|
|
(ok during freeze agc@)
Security fixes in this version:
MFSA 2008-45 XBM image uninitialized memory reading
MFSA 2008-44 resource: traversal vulnerabilities
MFSA 2008-43 BOM characters stripped from JavaScript before execution
MFSA 2008-42 Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17)
MFSA 2008-41 Privilege escalation via XPCnativeWrapper pollution
MFSA 2008-40 Forced mouse drag
MFSA 2008-39 Privilege escalation using feed preview page and XSS flaw
MFSA 2008-38 nsXMLDocument::OnChannelRedirect() same-origin violation
MFSA 2008-37 UTF-8 URL stack buffer overflow
For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.17/releasenotes/
|
|
firefox work again on archs requiring strict alignement.
Bump pkgrevision.
|
|
Security fixes in this version:
MFSA 2008-35 Command-line URLs launch multiple tabs when Firefox not running
MFSA 2008-34 Remote code execution by overflowing CSS reference counter
For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.16/releasenotes/
|
|
|
|
Part of patch-af has been fixed upstream.
Security fixes in this version:
MFSA 2008-33 Crash and remote code execution in block reflow
MFSA 2008-32 Remote site run as local file via Windows URL shortcut
MFSA 2008-31 Peer-trusted certs can use alt names to spoof
MFSA 2008-30 File location URL in directory listings not escaped properly
MFSA 2008-29 Faulty .properties file results in uninitialized memory being used
MFSA 2008-28 Arbitrary socket connections with Java LiveConnect on Mac OS X
MFSA 2008-27 Arbitrary file upload via originalTarget and DOM Range
MFSA 2008-25 Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript()
MFSA 2008-24 Chrome script loading from fastload file
MFSA 2008-23 Signed JAR tampering
MFSA 2008-22 XSS through JavaScript same-origin violation
MFSA 2008-21 Crashes with evidence of memory corruption (rv:1.8.1.15)
For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.15/releasenotes/
|
|
|
|
|
|
Security fixes in this version:
MFSA 2008-20 Crash in JavaScript garbage collector
For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.14/releasenotes/
|
|
Security fixes in this version:
MFSA 2008-19 XUL popup spoofing variant (cross-tab popups)
MFSA 2008-18 Java socket connection to any local port via LiveConnect
MFSA 2008-17 Privacy issue with SSL Client Authentication
MFSA 2008-16 HTTP Referrer spoofing with malformed URLs
MFSA 2008-15 Crashes with evidence of memory corruption (rv:1.8.1.13)
MFSA 2008-14 JavaScript privilege escalation and arbitrary code execution
For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.13/releasenotes/
|
|
Security fixes in this version:
MFSA 2008-11 Web forgery overwrite with div overlay
MFSA 2008-10 URL token stealing via stylesheet redirect
MFSA 2008-09 Mishandling of locally-saved plain text files
MFSA 2008-08 File action dialog tampering
MFSA 2008-06 Web browsing history and forward navigation stealing
MFSA 2008-05 Directory traversal via chrome: URI
MFSA 2008-04 Stored password corruption
MFSA 2008-03 Privilege escalation, XSS, Remote Code Execution
MFSA 2008-02 Multiple file input focus stealing vulnerabilities
MFSA 2008-01 Crashes with evidence of memory corruption (rv:1.8.1.12)
For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.12/releasenotes/
|
|
|
|
There are three types Mozilla mirrors.
(http://www.mozilla.org/mirroring.html)
* mozilla-current
contains only the current version of Firefox and Thunderbird
* mozilla-release
contains Firefox, Thunderbird, and Sunbird releases
* mozilla-all
complete archive
Define following variables for mozilla master sites:
MASTER_SITE_MOZILLA_ALL = mozilla-all
MASTER_SITE_MOZILLA = mozilla-release
and change some packages to use appropriate variable.
Update contents of MASTER_SITE_MOZILLA with master and primary mirrors
taken from http://www.mozilla.org/mirrors.html and add some sample definitions.
|
|
This update fixes a bug introduced by the 2.0.0.10 update in the <canvas>
feature that affected some web pages and extensions.
For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.11/releasenotes/
|
|
Security fixes in this version:
MFSA 2007-39 Referer-spoofing via window.location race condition
MFSA 2007-38 Memory corruption vulnerabilities (rv:1.8.1.10)
MFSA 2007-37 jar: URI scheme XSS hazard
For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.10/releasenotes/
|
|
Fixes a number of regressions introduced in 2.0.0.8:
* Bug 400406 - Firefox will ignore the clear CSS property when used beneath a
box that is using the float property. There is a temporary workaround JS/CSS
code available for web developers with affected layouts.
* Bug 400467 - Windows Vista users will get Java not found or Java not working
errors when trying to load Java applets after updating. To fix this, users
can right-click the Firefox icon and Run as administrator, then browse to a
page with a Java applet doing this once will fix the problem and permanently
restore Java functionality.
* Bug 396695 - Add-ons are disabled after updating. Users can fix this problem
by opening their profile folder and removing three files (extensions.rdf,
extensions.ini and extensions.cache)
* Bug 400421 - Removing a single area element from an image map will cause the
entire map to disappear. There is no workaround available at this time.
* Bug 400735 - Some Windows users may experience crashes at startup. There is
no workaround available at this time.
For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.9/releasenotes/
|
|
Security fixes in this version:
MFSA 2007-36 URIs with invalid %-encoding mishandled by Windows
MFSA 2007-35 XPCNativeWrapper pollution using Script object
MFSA 2007-34 Possible file stealing through sftp protocol
MFSA 2007-33 XUL pages can hide the window titlebar
MFSA 2007-32 File input focus stealing vulnerability
MFSA 2007-31 Browser digest authentication request splitting
MFSA 2007-30 onUnload Tailgating
MFSA 2007-29 Crashes with evidence of memory corruption (rv:1.8.1.8)
For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.8/releasenotes/
|
|
This version only fixes a Windows-specific security issue, but update
nevertheless so we start the freeze with the latest available version.
(People will start asking about this update anyway?)
For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.7/releasenotes/
|
|
|
|
|
|
Security fixes in this version:
MFSA 2007-27 Unescaped URIs passed to external programs
MFSA 2007-26 Privilege escalation through chrome-loaded about:blank windows
For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.6/releasenotes/
|
|
Security fixes in this version:
MFSA 2007-25 XPCNativeWrapper pollution
MFSA 2007-24 Unauthorized access to wyciwyg:// documents
MFSA 2007-23 Remote code execution by launching Firefox from Internet Explorer
MFSA 2007-22 File type confusion due to %00 in name
MFSA 2007-21 Privilege escalation using an event handler attached to an element not in the document
MFSA 2007-20 Frame spoofing while window is loading
MFSA 2007-19 XSS using addEventListener and setTimeout
MFSA 2007-18 Crashes with evidence of memory corruption
For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.5/releasenotes/
|
|
PR/31481.
|
|
|
|
mozilla browsers. This is now useful again to those of use who require
multiple profiles.
|
|
|
|
|
|
Security fixes in this version:
MFSA 2007-17 XUL Popup Spoofing
MFSA 2007-16 XSS using addEventListener
MFSA 2007-14 Path Abuse in Cookies
MFSA 2007-13 Persistent Autocomplete Denial of Service
MFSA 2007-12 Crashes with evidence of memory corruption
For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.4/releasenotes/
|
|
and change notes). Firefox 1.5.0.x will be maintained in www/firefox15*,
as discussed on tech-pkg.
|
|
|
|
firefox and seamonkey to make user profiles writable. Bump PKGREVISION for
firefox2(-gtk1) and seamonkey(-gtk1). Fixes PR#35596.
|
|
* Security update: MFSA 2007-11 (FTP PASV port-scanning) has been fixed.
* Website Compatibility: Fixed various web compatibility regressions.
For more info, see http://www.mozilla.com/en-US/firefox/releases/1.5.0.11.html
|
|
|
