| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
older C environments as well.
|
|
broke the package for NetBSD 1.6.
|
|
state was completely broken.
|
|
an underscore.
|
|
USE_TOOLS and any of "autoconf", "autoconf213", "automake" or
"automake14". Also, we don't need to call the auto* tools via
${ACLOCAL}, ${AUTOCONF}, etc., since the tools framework takes care
to symlink the correct tool to the correct name, so we can just use
aclocal, autoconf, etc.
|
|
Several changes are involved since they are all interrelated. These
changes affect about 1000 files.
The first major change is rewriting bsd.builtin.mk as well as all of
the builtin.mk files to follow the new example in bsd.builtin.mk.
The loop to include all of the builtin.mk files needed by the package
is moved from bsd.builtin.mk and into bsd.buildlink3.mk. bsd.builtin.mk
is now included by each of the individual builtin.mk files and provides
some common logic for all of the builtin.mk files. Currently, this
includes the computation for whether the native or pkgsrc version of
the package is preferred. This causes USE_BUILTIN.* to be correctly
set when one builtin.mk file includes another.
The second major change is teach the builtin.mk files to consider
files under ${LOCALBASE} to be from pkgsrc-controlled packages. Most
of the builtin.mk files test for the presence of built-in software by
checking for the existence of certain files, e.g. <pthread.h>, and we
now assume that if that file is under ${LOCALBASE}, then it must be
from pkgsrc. This modification is a nod toward LOCALBASE=/usr. The
exceptions to this new check are the X11 distribution packages, which
are handled specially as noted below.
The third major change is providing builtin.mk and version.mk files
for each of the X11 distribution packages in pkgsrc. The builtin.mk
file can detect whether the native X11 distribution is the same as
the one provided by pkgsrc, and the version.mk file computes the
version of the X11 distribution package, whether it's built-in or not.
The fourth major change is that the buildlink3.mk files for X11 packages
that install parts which are part of X11 distribution packages, e.g.
Xpm, Xcursor, etc., now use imake to query the X11 distribution for
whether the software is already provided by the X11 distribution.
This is more accurate than grepping for a symbol name in the imake
config files. Using imake required sprinkling various builtin-imake.mk
helper files into pkgsrc directories. These files are used as input
to imake since imake can't use stdin for that purpose.
The fifth major change is in how packages note that they use X11.
Instead of setting USE_X11, package Makefiles should now include
x11.buildlink3.mk instead. This causes the X11 package buildlink3
and builtin logic to be executed at the correct place for buildlink3.mk
and builtin.mk files that previously set USE_X11, and fixes packages
that relied on buildlink3.mk files to implicitly note that X11 is
needed. Package buildlink3.mk should also include x11.buildlink3.mk
when linking against the package libraries requires also linking
against the X11 libraries. Where it was obvious, redundant inclusions
of x11.buildlink3.mk have been removed.
|
|
by macros from math.h to avoid alignement problems described in
PR pkg/30106.
|
|
USE_GNU_TOOLS -> USE_TOOLS
awk -> gawk
m4 -> gm4
make -> gmake
sed -> gsed
yacc -> bison
|
|
This is a security fix release.
Fixed vulnerabilities are follows:
MFSA 2005-44 Privilege escalation via non-DOM property overrides
MFSA 2005-43 "Wrapped" javascript: urls bypass security checks
MFSA 2005-42 Code execution via javascript: IconURL
|
|
explicitly, because it fails to detect them with default setting.
suggested by Todd Willey.
|
|
This is a security fix release.
Fixed vulnerabilities are follows:
MFSA 2005-33 Javascript "lambda" replace exposes memory contents
MFSA 2005-35 Showing blocked javascript: popup uses wrong privilege context
MFSA 2005-36 Cross-site scripting through global scope pollution
MFSA 2005-37 Code execution through javascript: favicons
MFSA 2005-38 Search plugin cross-site scripting
MFSA 2005-40 Missing Install object instance checks
MFSA 2005-41 Privilege escalation via DOM property overrides
|
|
|
|
fixes "Mozilla Firefox JavaScript Engine Information Disclosure Vulnerability"
See following pages for detail.
http://secunia.com/advisories/14820/
https://bugzilla.mozilla.org/show_bug.cgi?id=288688
Bump PKGREVISION.
|
|
mozilla/Makefile.common, rather than adding it into each Makefile
(also fixes thunderbird-gtk2).
|
|
|
|
BUILDLINK_DEPENDS.
|
|
This is a security fix release.
Fixed bugs are follows.
MFSA 2005-32 Drag and drop loading of privileged XUL
MFSA 2005-30 GIF heap overflow parsing Netscape extension 2
MFSA 2005-29 Internationalized Domain Name (IDN) homograph spoofing
MFSA 2005-28 Unsafe /tmp/plugtmp directory exploitable to erase user's files
MFSA 2005-27 Plugins can be used to load privileged content
MFSA 2005-26 Cross-site scripting by dropping javascript: link on tab
MFSA 2005-25 Image drag and drop executable spoofing
MFSA 2005-24 HTTP auth prompt tab spoofing
MFSA 2005-23 Download dialog source spoofing
MFSA 2005-21 Overwrite arbitrary files downloading .lnk twice
MFSA 2005-20 XSLT can include stylesheets from arbitrary hosts
MFSA 2005-18 Memory overwrite in string library
MFSA 2005-17 Install source spoofing with user:pass@host
MFSA 2005-16 Spoofing download and security dialogs with overlapping windows
MFSA 2005-15 Heap overflow possible in UTF8 to Unicode conversion
MFSA 2005-14 SSL "secure site" indicator spoofing
MFSA 2005-13 Window Injection Spoofing
see changelog for detail.
http://www.mozilla.org/releases/mozilla1.7.6/changelog.html
|
|
|
|
- add $NetBSD$ to patch-ah
thanks to adrianp, wiz, kambe san.
|
|
Changes from release notes
- NPRuntime support. NPRuntime is an extension to the Netscape Plugin API
that was developed in cooperation with Apple, Opera, and a group of plugin
vendors. http://www.mozilla.org/projects/plugins/npruntime.html
- Added undetectable document.all support, and support for exposing elements
by their ID in the global scope for greater IE compatibility when viewing
pages that don't request standards compliant behaviour.
https://bugzilla.mozilla.org/show_bug.cgi?id=248549 and
https://bugzilla.mozilla.org/show_bug.cgi?id=256932.
|
|
Suggested by Roland Illig, ok'd by various.
|
|
former) for applications that are known to require C++.
|
|
from mozilla CVS.
|
|
More specifically, this lets Mozilla NSS be used by other programs.
Also make the pkgconfig substitutions happen at post-build time, so that
the right rpaths are added to the mozilla-nspr.pc file (which is filled
in during the build).
Bump PKGREVISION to 1 for both packages. Ok'ed by taya@, the maintainer.
|
|
derivatives) now appears to work properly on amd64.
Patches from Nicholas Joly.
|
|
functions on NetBSD >=2.0F.
|
|
Mozilla 1.7.3 is a security update to Mozilla 1.7 that fixes a several
security vulnerabilities.
#93 "Send page" heap overrun (258005)
#92 javascript clipboard access (257523)
#91 Privilege request confusion (253942)
#90 Buffer overflow when displaying VCard (257314)
#89 BMP integer overflow (255067)
#88 javascript: link dragging (250862)
#87 non-ascii hostname heap overrun (256316)
#86 Malicious POP3 server III (245066, 226669)
#85 Wrong file permissions after installing on Linux (231083, 235781)
#84 Wrong file permissions in linux archive (254303)
See the page bellow for detail
http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3
|
|
|
|
which are the full option names used to set rpath directives for the
linker and the compiler, respectively. In places were we are invoking
the linker, use "${LINKER_RPATH_FLAG} <path>", where the space is
inserted in case the flag is a word, e.g. -rpath. The default values
of *_RPATH_FLAG are set by the compiler/*.mk files, depending on the
compiler that you use. They may be overridden on a ${OPSYS}-specific
basis by setting _OPSYS_LINKER_RPATH_FLAG and _OPSYS_COMPILER_RPATH_FLAG,
respectively. Garbage-collect _OPSYS_RPATH_NAME and _COMPILER_LD_FLAG.
|
|
It has (probably long since) been replaced by configuration checks
in mozilla's configure script. The resulting source still compiles
and works on netbsd-1-5 / i386.
|
|
|
|
mozilla 1.7.2 is a security fix release.
Fixed bugs are:
- lock icon and certificate spoof with onunload document.write (Bugzilla#253121)
- Malicious certificates can permanently break HTTPS/SSL (Bugzilla#249004)
See the page below.
http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.2
|
|
- Use socklen_t for 5th arg. of getsockopt() instead of size_t
Now mozilla runs on sparc64.
But It's not complete (e.g. can't connect to IPv6 site)
|
|
gcc version 3+.
. generally reduce diffs to Linux version
. retain compatibility with older ABI (AIX-like) thanks to useful comments
from Charles Hannum
Thanks to Matthew Green for the fruitful discussion. This should address
PR#23240 as far as mozilla is concerned.
|
|
bump PKGREVISION
fix PR 26125
|
|
New features and fixes
Browser
* A new option to prevent sites from using JavaScript to block the
browser's context menu.
* Password Manager has a "show passwords" mode which will display
saved passwords. You will need to enter your master password if
you are using one.
* The "Set As Wallpaper" feature now has a confirmation dialog.
* Linux GTK2 builds have improved support for OS themes.
* Cookie dialogs have been reworked to make them more usable.
* Date handling, especially on OS X, has been improved.
* It is now possible to fine-tune Mozilla's pop-up blocking using
two preferences (dom.popup_maximum and dom.popup_allowed_events)
but there's no UI for that yet. Even without a UI, users should
notice a greater variety of pop-ups blocked (primarily mouseover
pop-ups) and a limit of 20 or so open at one time - regardless
of whether pop-up blocking is active. This will provide some
protection from sites that open hundreds of windows in a loop.
* Downloaded files are now moved to the target directory as soon
as the user selects the desired location. This was the
frequently reported bug 55690.
* There is now user interface to activate Smooth Scrolling
(Preferences -> Appearance).
* Mozilla now supports basic FTP upload.
Mail
* Many improvements to Palm Sync.
* IMAP IDLE support has been added.
* Support for "MSN Authentication" and Secure Password
* Authentication using SSPI NTLM auth for SMTP and POP3.
* A new preference to "always use the default character encoding
for replies" rather than using the encoding of the message being
replied to.
* Improvements to performance of downloading, viewing, and saving
mail messages.
* Support for multiple identities on the same mail account. See
the Multiple Identity Support documentation for more details.
* Support for relative paths for mail folders in prefs.js. This
makes it easier to copy profiles around without having to fix up
prefs.js afterwards.
* You can now edit address lists containing "Last, First" style
names.
* When composing mail, you can now use the up and down arrow keys
to scroll through the To/Cc/Bcc list.
* All Mozilla LDAP queries now default to using LDAPv3
(previously, they used LDAPv2). Mozilla should gracefully fall
back to v2 if v3 isn't found.
Chatzilla
* Chatzilla now supports zooming of fonts with keyboard shortcuts
(Ctrl + and Ctrl -), as well as with the View menu.
* Improved date handling; using the date/time format for the
locale.
* Support for the /ignore command.
* The ability to change the font family and size.
* Working custom sounds on Windows and Linux.
* Improvements to the preferences panel and the user interface for
half-op mode.
Under the Hood
* Size and performance have improved dramatically with this
release. When compared to Mozilla 1.6, Mozilla 1.7 is 7% faster at
startup, is 8% faster to open a window, has 9% faster page
loading, and is 5% smaller in binary size.
* A long-standing bug with CSS backgrounds on table elements has
been fixed (standards mode only).
* Support for Kerberos HTTP authentication using GSSAPI (benefits
Unix-like platforms including Linux and OS X).
* Support for smb:// URLs using the gnome-vfs library (only
enabled in GTK2+XFT Linux builds).
* Support for server push of XML documents using
multipart/x-mixed-replace and XMLHttpRequest.
* Liveconnect now works when a Java applet's codebase is in a
different domain.
* Support for the CSS3 opacity property.
* Mozilla adds support for the onbeforeunload event. This lets web
application developers add code that alerts the user about
potential data-loss when closing a web application, or when
leaving a HTML page with potentially sensitive information.
* This release has a new SVG backend. The feature is not yet
enabled in the mozilla.org releases but developers may wish to
compile with this feature enabled.
* Mozilla handles dynamic style changes much better (see bug 15608
for details.)
* Mozilla has upgraded the NSS libraries to version 3.9. NSS 3.9
passes all the NISCC SSL/TLS and S/MIME tests (1.6 million test
cases of invalid input data) without crashes or memory leaks.
|
|
use CONFLICTS, because they are installing the same files...
|
|
find the headers/files, and this breaks some packages using the .pc files
with firefox*.
|
|
are required to build some packages.
Bump PKGREVISION.
|
|
even if it's main app creates another user config directory.
e.g. firefox creates .phoenix, thunderbird creates .thunderbird
so no need to define user config directory for each package based on mozilla.
simply remove ${WRKDIR}/.mozilla is enough
|
|
|
|
|
|
- correct ARM architecture handling
- add g++-3.0 support for xpcom module on alpha
- bump PKGREVISION
|
|
|
|
|
|
|
|
|
|
shouldn't have bumped at all.
|
|
accidental version number downgrade. We are now at version 1.6nb3.
|
|
|
