| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
|
|
automatically detects whether we want the pkginstall machinery to be
used by the package Makefile.
|
|
example MAKE_ENV+=FOO=${BAR} is changed to MAKE_ENV+=FOO=${BAR:Q}. Some
other changes are outlined in
http://mail-index.netbsd.org/tech-pkg/2005/12/02/0034.html
|
|
|
|
- Fix for a potential buffer overflow vulnerability when loading a hostname
with all soft-hyphens
- Fix to prevent URLs passed from external programs from being parsed by the
shell
- Fix to prevent a crash when loading a Proxy Auto-Config (PAC) script that
uses an "eval" statement
- Fix to restore InstallTrigger.getVersion() for Extension authors
- Fix a crash in mail when stopping a search and then searching again
- Other stability and security fixes
|
|
packages depend on that package anyway.
|
|
issuses were fixed in this release:
MFSA 2005-56 Code execution through shared function objects
MFSA 2005-55 XHTML node spoofing
MFSA 2005-54 Javascript prompt origin spoofing
MFSA 2005-52 Same origin violation: frame calling top.focus()
MFSA 2005-51 The return of frame-injection spoofing
MFSA 2005-50 Possibly exploitable crash in InstallVersion.compareTo()
MFSA 2005-48 Same-origin violation with InstallTrigger callback
MFSA 2005-46 XBL scripts ran even when Javascript disabled
MFSA 2005-45 Content-generated event vulnerabilities
Support for Solaris SPARC and x86 is not available due to lack of a
precompiled binary at this point of time.
|
|
|
|
issuses were fixed in this release:
MFSA 2005-44 Privilege escalation via non-DOM property overrides
MFSA 2005-43 "Wrapped" javascript: urls bypass security checks
MFSA 2005-42 Code execution via javascript: IconURL
Support for Solaris SPARC and x86 is not available due to lack of a
precompiled binary at this point of time.
|
|
make sure lib/mozilla-linux/plugins exists, even for binary packages.
Should fix moz-bin-* packages in bulk builds.
XXX: binary package still doesn't install quite a number of (empty)
directories that do get created with 'make install'.
|
|
|
|
not available yet but it includes security fixes for e.g. SA14821.
Support for Solaris SPARC and x86 is not available due to lack of a
precompiled binary at this point of time.
|
|
the following security issuses were fixed:
MFSA 2005-29 Internationalized Domain Name (IDN) homograph spoofing
MFSA 2005-28 Unsafe /tmp/plugtmp directory exploitable to erase user's files
MFSA 2005-27 Plugins can be used to load privileged content
MFSA 2005-26 Cross-site scripting by dropping javascript: link on tab
MFSA 2005-25 Image drag and drop executable spoofing
MFSA 2005-24 HTTP auth prompt tab spoofing
MFSA 2005-23 Download dialog source spoofing
MFSA 2005-21 Overwrite arbitrary files downloading .lnk twice
MFSA 2005-20 XSLT can include stylesheets from arbitrary hosts
MFSA 2005-18 Memory overwrite in string library
MFSA 2005-17 Install source spoofing with user:pass@host
MFSA 2005-16 Spoofing download and security dialogs with overlapping windows
MFSA 2005-15 Heap overflow possible in UTF8 to Unicode conversion
MFSA 2005-14 SSL "secure site" indicator spoofing
MFSA 2005-13 Window Injection Spoofing
Support for Solaris SPARC and x86 is not available due to lack of a
precompiled binary at this point of time.
|
|
|
|
are only emulators/suse91_gtk2 and emulators/suse91_locale, so use
that direct in the paths
|
|
NetBSD case, and makes Linux firefox-bin 1.0 find NetBSD
/usr/pkg/lib/libXcursor.so rather than using the Linux one supplied
by the suse_x11 package
|
|
- NPRuntime support. NPRuntime is an extension to the Netscape Plugin API that
was developed in cooperation with Apple, Opera, and a group of plugin
vendors. http://www.mozilla.org/projects/plugins/npruntime.html
- Added undetectable document.all support, and support for exposing elements
by their ID in the global scope for greater IE compatibility when viewing
pages that don't request standards compliant behaviour.
https://bugzilla.mozilla.org/show_bug.cgi?id=248549 and
https://bugzilla.mozilla.org/show_bug.cgi?id=256932.
- Fix for http://secunia.com/advisories/12956/
Support for Solaris SPARC and x86 is not available due to lack of a
precompiled binary at this point of time.
|
|
|
|
|
|
when MOZ_GTK2 is set.
Add a way to specify a different mozilla.sh script.
|
|
Mozilla 1.7.3 is a security update to Mozilla 1.7 that fixes a several
security vulnerabilities.
#93 "Send page" heap overrun (258005)
#92 javascript clipboard access (257523)
#91 Privilege request confusion (253942)
#90 Buffer overflow when displaying VCard (257314)
#89 BMP integer overflow (255067)
#88 javascript: link dragging (250862)
#87 non-ascii hostname heap overrun (256316)
#86 Malicious POP3 server III (245066, 226669)
#85 Wrong file permissions after installing on Linux (231083, 235781)
#84 Wrong file permissions in linux archive (254303)
See the page bellow for detail
http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3
|
|
- lock icon and certificate spoof with onunload document.write
(Bugzilla#253121)
- Malicious certificates can permanently break HTTPS/SSL (Bugzilla#249004)
Support for Solaris x86 is not available due to lack of a precompiled
binary at this point of time.
|
|
fragment so the right MOZ_VER is picked up.
|
|
needed in 1.6, 2.0 or -current.
|
|
hardcode it, just look in the official and contrib binary directories.
|
|
|
|
The full list of changes can be found at:
http://www.mozilla.org/releases/mozilla1.7/README.html
Major browser changes since 1.6:
* A new option to prevent sites from using JavaScript to block the
browser's context menu.
* A new set of icons for files that are associated with Mozilla on
Windows.
* Password Manager has a "show passwords" mode which will display
saved passwords. You will need to enter your master password if
you are using one.
* The "Set As Wallpaper" feature now has a confirmation dialog.
* Linux GTK2 builds have improved support for OS themes.
* Cookie dialogs have been reworked to make them more usable.
* Date handling, especially on OS X, has been improved.
* It is now possible to fine-tune Mozilla's pop-up blocking using
two preferences (dom.popup_maximum and dom.popup_allowed_events)
but there's no UI for that yet. Even without a UI, users should
notice a greater variety of pop-ups blocked (primarily mouseover
pop-ups) and a limit of 20 or so open at one time - regardless of
whether pop-up blocking is active. This will provide some protection
from sites that open hundreds of windows in a loop.
* Downloaded files are now moved to the target directory as soon
as the user selects the desired location. This was the frequently
reported bug 55690.
* There is now user interface to activate Smooth Scrolling (Preferences
-> Appearance).
* Mozilla now supports basic FTP upload.
|
|
|
|
should fix PR pkg/25799 from jmmv.
XXX the whole linux compat dependency system needs overhauling, but
this should suffice for now.
|
|
|
|
|
|
reflect this.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
binary pkgs.
|
|
changes since 1.5:
* One of the most requested Mozilla Mail features, an option to
separate the Recipient and Sender columns in the thread pane, has been
implemented.
* Another frequently requested MailNews feature, a preference for
placing the user's signature above the quoted text, has been added.
* "Remove from server after x days" has been implemented for POP3 mail
accounts.
* vCard support has been added to Mozilla Mail.
* Mozilla 1.6 includes a new cross-platform NTLM authentication
mechanism. This feature brings NTLM authentication to the non-Windows
Mozilla users for the first time and also delivers more robust and
featureful NTLM support to users of older Windows versions.
* Ask Jeeves searching has been added to Mozilla 1.6.
* "Translate Page" functionality has returned to this release of Mozilla.
* The View Source window now has reload functionality.
* Several security-related bugs were fixed in 1.6
* Chatzilla 0.9.48 has been merged, which adds RPL_ISUPPORT support,
halfop mode support, and properly masks key and password dialogs.
* Many crash bugs have been fixed.
* One step closer to the kitchen sink, about:about has been
implemented. Typing about:about in the address field will give the
user a nice list of available about:s.
* The opacity implementation was completely revamped to properly
change the opacity of all descendants as a group.
* CSS inheritance has been updated to work per CSS2.1 (computed values
are inherited).
|
|
|
|
|
|
|
|
Noted in agc's latest bulk build.
|
|
fixes gtk2 packages.
|
|
which there is currently no gtk1 pkg).
|
|
mozilla-bin/Makefile.common and mozilla-bin-nightly/Makefile.common.
the result is much less duplication and more consistent installations.
tested on NetBSD-current only (for now).
|
