summaryrefslogtreecommitdiff
path: root/www/seamonkey
AgeCommit message (Collapse)AuthorFilesLines
2010-12-12Update to seamonkey-2.0.11.tnn2-7/+6
MFSA 2010-84 XSS hazard in multiple character encodings MFSA 2010-83 Location bar SSL spoofing using network error page MFSA 2010-82 Incomplete fix for CVE-2010-0179 MFSA 2010-81 Integer overflow vulnerability in NewIdArray MFSA 2010-80 Use-after-free error with nsDOMAttribute MutationObserver MFSA 2010-79 Java security bypass from LiveConnect loaded via data: URL meta refresh MFSA 2010-78 Add support for OTS font sanitizer MFSA 2010-77 Crash and remote code execution using HTML tags inside a XUL tree MFSA 2010-76 Chrome privilege escalation with window.open and <isindex> element MFSA 2010-75 Buffer overflow while line breaking after document.write with long string MFSA 2010-74 Miscellaneous memory safety hazards (rv:1.9.2.13/ 1.9.1.16) Also: Fixes for a number of non-security-relevant crashes, increasing the stability of the whole platform and the Mail & Newsgroups part of SeaMonkey
2010-11-15PKGREVISION bumps for changes to gtk2, librsvg, libbonobo and libgnomeabs1-2/+2
2010-11-13Reluctantly switch over to bundled cairo and pixman for mozilla packages,tnn1-1/+2
like other distros have recently done. Bump package revisions. Background: The cairo-1.10 update caused multiple regressions in firefox, such as flickering gif animations and crashes. Mozilla doesn't seem interested in fixing it on the stable branches: https://bugzilla.mozilla.org/show_bug.cgi?id=610107 Other references: https://bugzilla.redhat.com/show_bug.cgi?id=628331 http://bugs.gentoo.org/show_bug.cgi?id=337813 https://bugzilla.mozilla.org/show_bug.cgi?id=597174 This workaround is guaranteed to cause other problems in the long run; so we should attempt to switch back when we move to the mozilla-2.0 branch.
2010-11-13Update to seamonkey-2.0.10.tnn2-8/+8
Fixes MFSA 2010-73 Heap buffer overflow mixing document.write and DOM insertion
2010-10-22Security and stability update of seamonkey to 2.0.9.tnn5-47/+18
MFSA 2010-72 Insecure Diffie-Hellman key exchange MFSA 2010-71 Unsafe library loading vulnerabilities MFSA 2010-70 SSL wildcard certificate matching IP addresses MFSA 2010-69 Cross-site information disclosure via modal calls MFSA 2010-68 XSS in gopher parser when parsing hrefs MFSA 2010-67 Dangling pointer vulnerability in LookupGetterOrSetter MFSA 2010-66 Use-after-free error in nsBarProp MFSA 2010-65 Buffer overflow and memory corruption using document.write MFSA 2010-64 Miscellaneous memory safety hazards (rv:1.9.2.11/ 1.9.1.14)
2010-09-14More PKGREVISION bumps for pixman update.wiz1-1/+2
2010-09-09Update to seamonkey-2.0.7.tnn4-19/+26
* Message-ID searches on Google Groups work again * Add-ons preferences button for Lightning should work now * Security fixes: MFSA 2010-63 Information leak via XMLHttpRequest statusText MFSA 2010-62 Copy-and-paste or drag-and-drop into designMode document allows XSS MFSA 2010-61 UTF-7 XSS by overriding document charset using <object> type attribute MFSA 2010-60 XSS using SJOW scripted function MFSA 2010-58 Crash on Mac using fuzzed font in data: URL MFSA 2010-57 Crash and remote code execution in normalizeDocument MFSA 2010-56 Dangling pointer vulnerability in nsTreeContentView MFSA 2010-55 XUL tree removal crash and remote code execution MFSA 2010-54 Dangling pointer vulnerability in nsTreeSelection MFSA 2010-53 Heap buffer overflow in nsTextFrameUtils::TransformText MFSA 2010-52 Windows XP DLL loading vulnerability MFSA 2010-51 Dangling pointer vulnerability using DOM plugin array MFSA 2010-50 Frameset integer overflow vulnerability MFSA 2010-49 Miscellaneous memory safety hazards (rv:1.9.2.9/ 1.9.1.12)
2010-07-21Update to seamonkey-2.0.6tnn3-12/+12
MFSA 2010-47 Cross-origin data leakage from script filename in error messages MFSA 2010-46 Cross-domain data theft using CSS MFSA 2010-45 Multiple location bar spoofing vulnerabilities MFSA 2010-42 Cross-origin data disclosure via Web Workers and importScripts MFSA 2010-41 Remote code execution using malformed PNG image MFSA 2010-40 nsTreeSelection dangling pointer remote code execution MFSA 2010-39 nsCSSValue::Array index integer overflow MFSA 2010-37 Plugin parameter EnsureCachedAttrParamArrays remote code execution MFSA 2010-36 Use-after-free error in NodeIterator MFSA 2010-35 DOM attribute cloning remote code execution vulnerability MFSA 2010-34 Miscellaneous memory safety hazards (rv:1.9.2.7/ 1.9.1.11)
2010-07-21Fix undefined reference to re_comp/re_exec on dragonfly.tnn2-5/+18
Reported by Francois Tigeot.
2010-07-12Add upstream bug ref.tnn4-5/+8
2010-07-12Add some DragonFlyBSD fixes, contributed by Francois Tigeot.tnn4-1/+68
2010-06-25Update to seamonkey-2.0.5. This is a security update.tnn2-7/+6
MFSA 2010-33 User tracking across sites using Math.random() MFSA 2010-32 Content-Disposition: attachment ignored if Content-Type: multipart also present MFSA 2010-31 focus() behavior can be used to inject or steal keystrokes MFSA 2010-30 Integer Overflow in XSLT Node Sorting MFSA 2010-29 Heap buffer overflow in nsGenericDOMDataNode::SetTextInternal MFSA 2010-28 Freed object reuse across plugin instances MFSA 2010-27 Use-after-free error in nsCycleCollector::MarkRoots() MFSA 2010-26 Crashes with evidence of memory corruption MFSA 2010-25 Re-use of freed object due to scope confusion
2010-06-14PKGREVISION bump for png-1.4.x shlib change.wiz1-1/+2
(missed those and *emacs* the first time round because they pull in their png dependencies via default-on options; they were included in the test bulk build though)
2010-04-26replicate the PR pkg/43146 fix for the other mozilla productstnn2-5/+17
2010-04-21g/c unused filestnn3-309/+0
2010-04-03Update to seamonkey-2.0.4.tnn2-7/+6
* Security fixes (MFSA 2010-16 through MFSA 2010-24) * Fixes for a number of non-security-relevant crashes, increasing the stability of the whole platform and the Mail & Newsgroups part of SeaMonkey * ChatZilla localization packs work again (Bug 540842) * FTP file upload was fixed (Bug 467524) * The internal help content was updated some more
2010-03-16clone comm-1.9.1 patch set from devel/xulrunner into mail/thunderbird andtnn67-10/+3017
www/seamonkey so devel/xulrunner can move forward to 1.9.2.
2010-02-17Update to seamonkey-2.0.3.tnn2-6/+6
Security and bugfix release.
2010-01-25Update to seamonkey-2.0.2.tnn2-7/+6
General stability/bugfix update.
2010-01-24More PKGREVISION bumps of jpeg dependencies.wiz1-1/+2
Identified by parsing the NetBSD-i386-5.0.1/2009Q3 pkg_summary files and Robert Elz.
2009-12-16Update to seamonkey-2.0.1. Security and bugfix release.tnn4-7/+24
Contains fixes for the same advisories as firefox-3.5.6.
2009-11-29remove unused varstnn1-6/+2
2009-11-29fix path to install templatetnn1-2/+2
2009-11-29Update to seamonkey-2.0, from pkgsrc-wip. Hijack maintainership.tnn72-6175/+531
Many, many changes; the biggest being that it's based on firefox 3.5. For an exhaustive list of changes, see: http://www.seamonkey-project.org/releases/seamonkey2.0/changes
2009-11-28add legacy- prefix to files not needed by the upcoming seamonkey-2.0 update,tnn3-0/+309
but that are still referenced by mail/thunderbird2 and time/sunbird.
2009-09-15Update seamonkey, seamonkey-bin and seamonkey-gtk1 to Seamonkey 1.1.18.ghen11-121/+58
Security fixes in this version: MFSA 2009-43 Heap overflow in certificate regexp parsing MFSA 2009-42 Compromise of SSL-protected communication For more info, see http://www.seamonkey-project.org/releases/seamonkey1.1.18/
2009-08-26bump revision because of graphics/jpeg updatesno1-1/+2
2009-08-26bump revision because of graphics/jpeg updatesno1-2/+2
2009-08-06with exception of wip/, there are no remaining consumers of these.tnn2-6/+0
2009-08-05mark as deprecatedtnn2-15/+4
2009-06-24Update seamonkey, seamonkey-bin and seamonkey-gtk1 to Seamonkey 1.1.17.ghen2-6/+6
Security fixes in this version: MFSA 2009-33 Crash viewing multipart/alternative message with text/enhanced part MFSA 2009-32 JavaScript chrome privilege escalation MFSA 2009-29 Arbitrary code execution using event listeners attached to an element whose owner document is null MFSA 2009-27 SSL tampering via non-200 responses to proxy CONNECT requests MFSA 2009-26 Arbitrary domain cookie access by local file: resources MFSA 2009-24 Crashes with evidence of memory corruption (rv:1.9.0.11) MFSA 2009-21 POST data sent to wrong site when saving web page with embedded frame MFSA 2009-17 Same-origin violations when Adobe Flash loaded via view-source: scheme For more info, see http://www.seamonkey-project.org/releases/seamonkey1.1.17/
2009-06-14Remove @dirrm related logic.joerg1-6/+9
2009-06-14Convert @exec/@unexec to @pkgdir or drop it.joerg1-165/+1
2009-05-02Don't try to link against libc_r on DragonFly.hasso3-14/+24
2009-04-21Add RCS idstnn3-0/+6
2009-04-21- Raise the process' limit for open file descriptors to 256.tnn1-2/+7
This avoids font rendering problems with firefox3 on NetBSD 4.x. - Remove setting of LD_LIBRARY_PATH in the startup script. The run path is set in the binaries, and that's where problems should be fixed.
2009-04-11Update seamonkey, seamonkey-bin and seamonkey-gtk1 to Seamonkey 1.1.16.ghen2-6/+6
Security fixes in this version: MFSA 2009-12 XSL Transformation vulnerability For more info, see http://www.seamonkey-project.org/releases/seamonkey1.1.16/
2009-04-07Make Mozilla products build on DragonFly master.hasso2-6/+27
2009-03-20Simply and speed up buildlink3.mk files and processing.joerg1-13/+6
This changes the buildlink3.mk files to use an include guard for the recursive include. The use of BUILDLINK_DEPTH, BUILDLINK_DEPENDS, BUILDLINK_PACKAGES and BUILDLINK_ORDER is handled by a single new variable BUILDLINK_TREE. Each buildlink3.mk file adds a pair of enter/exit marker, which can be used to reconstruct the tree and to determine first level includes. Avoiding := for large variables (BUILDLINK_ORDER) speeds up parse time as += has linear complexity. The include guard reduces system time by avoiding reading files over and over again. For complex packages this reduces both %user and %sys time to half of the former time.
2009-03-19Update seamonkey, seamonkey-bin and seamonkey-gtk1 to Seamonkey 1.1.15.ghen3-8/+7
Security fixes in this version: MFSA 2009-10 Upgrade PNG library to fix memory safety hazards MFSA 2009-09 XML data theft via RDFXMLDataSource and cross-domain redirect MFSA 2009-07 Crashes with evidence of memory corruption (rv:1.9.0.7) For more info, see http://www.seamonkey-project.org/releases/seamonkey1.1.15/
2009-03-18Unify all the mozilla projects into using a single Makefile.common andabs5-49/+38
INSTALL, and put it in seamonkey. Ensure all build with USE_DESTDIR. Bump PKGREVISIONs
2009-02-18Strip out -fomit-frame-pointer if passed in cflagsabs1-1/+4
2009-01-05Update seamonkey, seamonkey-bin and seamonkey-gtk1 to Seamonkey 1.1.14.ghen2-6/+6
Security fixes in this version: MFSA 2008-68 XSS and JavaScript privilege escalation MFSA 2008-67 Escaped null characters ignored by CSS parser MFSA 2008-66 Errors parsing URLs with leading whitespace and control characters MFSA 2008-65 Cross-domain data theft via script redirect error message MFSA 2008-64 XMLHttpRequest 302 response disclosure MFSA 2008-61 Information stealing via loadBindingDocument MFSA 2008-60 Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) For more info, see http://www.seamonkey-project.org/releases/seamonkey1.1.14/
2008-12-17add ${JEMALLOC} to PLIST substitutiontnn1-2/+2
2008-12-17remove obsolete commenttnn1-3/+1
2008-12-17Be more explicit wrt the mozilla-jemalloc PKG_OPTION.tnn1-5/+9
It turns out that if neither --enable-jemalloc or --disable-jemalloc is given, the outcome depends on what platform we're on. If you were on NetBSD and had the mozilla-jemalloc option enabled you weren't actually building with the mozilla jemalloc replacement. I've now enabled the mozilla-jemalloc option by default only on Linux and Solaris, where we know it's needed. This is part of PR pkg/39085. XXX need to research whether mozilla-jemalloc has any advantage on NetBSD.
2008-11-22Update seamonkey, seamonkey-bin and seamonkey-gtk1 to Seamonkey 1.1.13.ghen2-6/+6
Security fixes in this version: MFSA 2008-59 Script access to .documentURI and .textContent in mail MFSA 2008-58 Parsing error in E4X default namespace MFSA 2008-57 -moz-binding property bypasses security checks on codebase principals MFSA 2008-56 nsXMLHttpRequest::NotifyEventListeners() same-origin violation MFSA 2008-55 Crash and remote code execution in nsFrameManager MFSA 2008-54 Buffer overflow in http-index-format parser MFSA 2008-53 XSS and JavaScript privilege escalation via session restore MFSA 2008-52 Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18) MFSA 2008-50 Crash and remote code execution via __proto__ tampering MFSA 2008-49 Arbitrary code execution via Flash Player dynamic module unloading MFSA 2008-48 Image stealing via canvas and HTTP redirect MFSA 2008-47 Information stealing via local shortcut files For more info, see http://www.seamonkey-project.org/releases/seamonkey1.1.13/
2008-11-03- This common Makefile is used by time/sunbird as well.ghen1-4/+2
- Don't set MAINTAINER and HOMEPAGE variables here, they should be set by individual packages including this file (I don't want to implicitly be maintainer for all packages including this Makefile fragment).
2008-09-26Update seamonkey, seamonkey-bin and seamonkey-gtk1 to Seamonkey 1.1.12.ghen2-6/+6
Security fixes in this version: MFSA 2008-46 Heap overflow when canceling newsgroup message MFSA 2008-45 XBM image uninitialized memory reading MFSA 2008-44 resource: traversal vulnerabilities MFSA 2008-43 BOM characters stripped from JavaScript before execution MFSA 2008-42 Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17) MFSA 2008-41 Privilege escalation via XPCnativeWrapper pollution MFSA 2008-40 Forced mouse drag MFSA 2008-38 nsXMLDocument::OnChannelRedirect() same-origin violation MFSA 2008-37 UTF-8 URL stack buffer overflow For more info, see http://www.seamonkey-project.org/releases/seamonkey1.1.12/
2008-09-18Invert check for jemalloc options so firefox can actually build on someadrianp1-2/+2
platforms that don't like jemalloc.
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-09 09:27:47 +0000