From 950c3b6eeb24c3572d9aae1c14700f2beffdd11a Mon Sep 17 00:00:00 2001 From: tron Date: Sun, 11 Aug 2013 18:24:31 +0000 Subject: Pullup ticket #4206 - requested by ryoon mail/thunderbird: security update Revisions pulled up: - mail/thunderbird/Makefile 1.118-1.119 - mail/thunderbird/distinfo 1.123-1.124,1.126-1.127 --- Module Name: pkgsrc Committed By: ryoon Date: Tue Jul 9 10:57:20 UTC 2013 Modified Files: pkgsrc/mail/thunderbird: Makefile distinfo Log Message: Update to 17.0.7 Changelog: FIXED Security fixes can be found here Fixed in Thunderbird 17.0.7 MFSA 2013-59 XrayWrappers can be bypassed to run user defined methods in a privileged context MFSA 2013-56 PreserveWrapper has inconsistent behavior MFSA 2013-55 SVG filters can lead to information disclosure MFSA 2013-54 Data in the body of XHR HEAD requests leads to CSRF attacks MFSA 2013-53 Execution of unmapped memory through onreadystatechange event MFSA 2013-51 Privileged content access and execution via XBL MFSA 2013-50 Memory corruption found using Address Sanitizer MFSA 2013-49 Miscellaneous memory safety hazards (rv:22.0 / rv:17.0.7) --- Module Name: pkgsrc Committed By: wiz Date: Tue Jul 9 21:25:24 UTC 2013 Modified Files: pkgsrc/mail/thunderbird: distinfo Log Message: restore enigmail checksums, again. --- Module Name: pkgsrc Committed By: ryoon Date: Sat Aug 10 00:31:20 UTC 2013 Modified Files: pkgsrc/mail/thunderbird: Makefile distinfo Log Message: Update to 17.0.8 Changelog: Security bugfixes. MFSA 2013-75 Local Java applets may read contents of local file system MFSA 2013-73 Same-origin bypass with web workers and XMLHttpRequest MFSA 2013-72 Wrong principal used for validating URI for some Javascript components MFSA 2013-71 Further Privilege escalation through Mozilla Updater MFSA 2013-69 CRMF requests allow for code execution and XSS attacks MFSA 2013-68 Document URI misrepresentation and masquerading MFSA 2013-66 Buffer overflow in Mozilla Maintenance Service and Mozilla Updater MFSA 2013-63 Miscellaneous memory safety hazards (rv:23.0 / rv:17.0.8) --- Module Name: pkgsrc Committed By: khorben Date: Sat Aug 10 23:26:31 UTC 2013 Modified Files: pkgsrc/mail/thunderbird: distinfo Log Message: Fixed building thunderbird with the "mozilla-enigmail" option enabled. --- mail/thunderbird/Makefile | 5 ++--- mail/thunderbird/distinfo | 8 ++++---- 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/mail/thunderbird/Makefile b/mail/thunderbird/Makefile index aba0ac50312..c6df758dde1 100644 --- a/mail/thunderbird/Makefile +++ b/mail/thunderbird/Makefile @@ -1,11 +1,10 @@ -# $NetBSD: Makefile,v 1.117 2013/06/06 12:54:42 wiz Exp $ +# $NetBSD: Makefile,v 1.117.2.1 2013/08/11 18:24:31 tron Exp $ # DISTNAME= # empty PKGNAME= thunderbird-${TB_VER} -TB_VER= 17.0.6 +TB_VER= 17.0.8 LIGHTNINGVER= 1.9 -PKGREVISION= 3 CATEGORIES= mail MASTER_SITES= ${MASTER_SITE_MOZILLA_ESR:=thunderbird/releases/${TB_VER}esr/source/} \ ${MASTER_SITE_MOZILLA_ALL:=thunderbird/releases/${TB_VER}esr/source/} diff --git a/mail/thunderbird/distinfo b/mail/thunderbird/distinfo index 3edf29d9b78..cd6f542d7f5 100644 --- a/mail/thunderbird/distinfo +++ b/mail/thunderbird/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.122 2013/05/24 09:59:54 wiz Exp $ +$NetBSD: distinfo,v 1.122.2.1 2013/08/11 18:24:31 tron Exp $ SHA1 (enigmail-1.4.5.tar.gz) = 16d0450a9f5fb4de0e9cc5b9f8091dce4b070aaf RMD160 (enigmail-1.4.5.tar.gz) = 860a1ca813fd2ccae69ac0afe07affd39611e56a @@ -6,9 +6,9 @@ Size (enigmail-1.4.5.tar.gz) = 1269207 bytes SHA1 (lightning-1.9.source.tar.bz2) = 3cc625649debed6f7403c862f166b771b80b92ce RMD160 (lightning-1.9.source.tar.bz2) = 3396533847c05ed37537b9a78d771e55f767bea6 Size (lightning-1.9.source.tar.bz2) = 113944316 bytes -SHA1 (thunderbird-17.0.6esr.source.tar.bz2) = bb70b820b5b518e1bff4c4ec0ff3416b5a1a4f21 -RMD160 (thunderbird-17.0.6esr.source.tar.bz2) = f98b5f48a774051a1390fa50d4178403ab032293 -Size (thunderbird-17.0.6esr.source.tar.bz2) = 113885201 bytes +SHA1 (thunderbird-17.0.8esr.source.tar.bz2) = f50a6d2fe2219154ae78cd89902238c0d1743310 +RMD160 (thunderbird-17.0.8esr.source.tar.bz2) = 4c807d26ccc2432bc7818b3f0ac3cf94faad154d +Size (thunderbird-17.0.8esr.source.tar.bz2) = 113699743 bytes SHA1 (patch-aa) = c73e3fa16dea308a0cf6ca684529958336c788f3 SHA1 (patch-aa-toplevel) = 1207a234377bab854f59b13ce51efe810913f1e0 SHA1 (patch-ab) = 7432f73e9771260849d99e14008164bd3d564bf8 -- cgit v1.2.3