From 7b60799b2340d6cf8bdc7553eb450b9f41b08e2e Mon Sep 17 00:00:00 2001
From: ghen <ghen@pkgsrc.org>
Date: Sun, 30 Mar 2008 13:32:22 +0000
Subject: Update firefox and firefox-gtk1 to 2.0.0.13.

Security fixes in this version:

MFSA 2008-19 XUL popup spoofing variant (cross-tab popups)
MFSA 2008-18 Java socket connection to any local port via LiveConnect
MFSA 2008-17 Privacy issue with SSL Client Authentication
MFSA 2008-16 HTTP Referrer spoofing with malformed URLs
MFSA 2008-15 Crashes with evidence of memory corruption (rv:1.8.1.13)
MFSA 2008-14 JavaScript privilege escalation and arbitrary code execution

For more info, see http://www.mozilla.com/en-US/firefox/2.0.0.13/releasenotes/
---
 www/firefox/Makefile-firefox.common |  4 ++--
 www/firefox/distinfo                | 10 +++++-----
 www/firefox/patches/patch-cn        | 33 +++++++++++++++++++++------------
 3 files changed, 28 insertions(+), 19 deletions(-)

(limited to 'www/firefox')

diff --git a/www/firefox/Makefile-firefox.common b/www/firefox/Makefile-firefox.common
index 73afa7781ff..ba457b8d9fd 100644
--- a/www/firefox/Makefile-firefox.common
+++ b/www/firefox/Makefile-firefox.common
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile-firefox.common,v 1.54 2008/02/08 11:28:30 ghen Exp $
+# $NetBSD: Makefile-firefox.common,v 1.55 2008/03/30 13:32:22 ghen Exp $
 
 MOZILLA_BIN=		firefox-bin
-MOZ_VER=		2.0.0.12
+MOZ_VER=		2.0.0.13
 EXTRACT_SUFX=		.tar.bz2
 
 DISTNAME=		firefox-${MOZ_VER}-source
diff --git a/www/firefox/distinfo b/www/firefox/distinfo
index 0c097744ea6..3b7cf2e51f0 100644
--- a/www/firefox/distinfo
+++ b/www/firefox/distinfo
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.74 2008/02/08 11:28:30 ghen Exp $
+$NetBSD: distinfo,v 1.75 2008/03/30 13:32:22 ghen Exp $
 
-SHA1 (firefox-2.0.0.12-source.tar.bz2) = 766f3e945145d9e4d36d5eb3e551b5eb44a1d862
-RMD160 (firefox-2.0.0.12-source.tar.bz2) = 05c022317ebd065d1953e4b3706c7b125c573a46
-Size (firefox-2.0.0.12-source.tar.bz2) = 37442741 bytes
+SHA1 (firefox-2.0.0.13-source.tar.bz2) = 45e804fe96119af6ce1ca39da07b107eaf3a1d54
+RMD160 (firefox-2.0.0.13-source.tar.bz2) = 3452d5bffd14e8e230c400191c78c431305bd2b2
+Size (firefox-2.0.0.13-source.tar.bz2) = 37520701 bytes
 SHA1 (patch-aa) = 5095449d4e979085fc5791b9d0251076b9c969c3
 SHA1 (patch-ab) = 19069a4e572744eccb04e9906e16dad28d2dac01
 SHA1 (patch-ac) = 96bee96d365d6a95d14031f4f1df9584b94d570b
@@ -43,7 +43,7 @@ SHA1 (patch-cj) = 3ae48c9a906f47cf32706a1d2b3b6b44918e99f4
 SHA1 (patch-ck) = 18e6c412399c8b5b89941d818cf2589711f35472
 SHA1 (patch-cl) = a08ba37aa7ac7806123aa21b6ff8055c6ded6449
 SHA1 (patch-cm) = 7da6e9da803407b25bf4b707562777e8429a37a4
-SHA1 (patch-cn) = dbee403dbe19cb48eff2079f92c8e6a7a94534c4
+SHA1 (patch-cn) = 76f757bcc3f88d8516531546a8532aec4605ef00
 SHA1 (patch-da) = 356e37429832ffd296fa79b9aa7ef20c05d851e0
 SHA1 (patch-db) = f10187cf9de4466e49a967b79875eb01c5afd69f
 SHA1 (patch-dc) = ba7b06f04460d4966e115a9ffdeafc1ebf555972
diff --git a/www/firefox/patches/patch-cn b/www/firefox/patches/patch-cn
index 5024e2a164e..ba42206ff2d 100644
--- a/www/firefox/patches/patch-cn
+++ b/www/firefox/patches/patch-cn
@@ -1,8 +1,8 @@
-$NetBSD: patch-cn,v 1.5 2007/07/26 08:43:50 ghen Exp $
+$NetBSD: patch-cn,v 1.6 2008/03/30 13:32:22 ghen Exp $
 
---- extensions/transformiix/source/xpath/XFormsFunctionCall.cpp.orig	2007-06-24 02:00:32.000000000 +0200
+--- extensions/transformiix/source/xpath/XFormsFunctionCall.cpp.orig	2008-03-05 07:57:26.000000000 +0100
 +++ extensions/transformiix/source/xpath/XFormsFunctionCall.cpp
-@@ -104,7 +104,7 @@ XFormsFunctionCall::evaluate(txIEvalCont
+@@ -108,7 +108,7 @@ XFormsFunctionCall::evaluate(txIEvalCont
          res = (res/i);
        }
        else {
@@ -11,7 +11,7 @@ $NetBSD: patch-cn,v 1.5 2007/07/26 08:43:50 ghen Exp $
        }
        return aContext->recycler()->getNumberResult(res, aResult);
      }
-@@ -159,7 +159,7 @@ XFormsFunctionCall::evaluate(txIEvalCont
+@@ -163,7 +163,7 @@ XFormsFunctionCall::evaluate(txIEvalCont
        NS_ENSURE_SUCCESS(rv, rv);
  
        PRInt32 result = 0;
@@ -20,7 +20,7 @@ $NetBSD: patch-cn,v 1.5 2007/07/26 08:43:50 ghen Exp $
        nsresult rv = xformsService->GetDaysFromDateTime(date, &result);
        if (NS_SUCCEEDED(rv)) {
          res = result;
-@@ -211,7 +211,7 @@ XFormsFunctionCall::evaluate(txIEvalCont
+@@ -215,7 +215,7 @@ XFormsFunctionCall::evaluate(txIEvalCont
        NS_ENSURE_SUCCESS(rv, rv);
  
        PRInt32 index = 0;
@@ -29,7 +29,7 @@ $NetBSD: patch-cn,v 1.5 2007/07/26 08:43:50 ghen Exp $
        rv = xformsService->GetRepeatIndexById(mNode, indexId, &index);
        NS_ENSURE_SUCCESS(rv, rv);
  
-@@ -344,7 +344,7 @@ XFormsFunctionCall::evaluate(txIEvalCont
+@@ -348,7 +348,7 @@ XFormsFunctionCall::evaluate(txIEvalCont
                                        getter_AddRefs(nodes));
        NS_ENSURE_SUCCESS(rv, rv);
     
@@ -38,7 +38,7 @@ $NetBSD: patch-cn,v 1.5 2007/07/26 08:43:50 ghen Exp $
        PRInt32 i;
        for (i = 0; i < nodes->size(); ++i) {
          double test;
-@@ -352,7 +352,7 @@ XFormsFunctionCall::evaluate(txIEvalCont
+@@ -356,7 +356,7 @@ XFormsFunctionCall::evaluate(txIEvalCont
          txXPathNodeUtils::appendNodeValue(nodes->get(i), resultStr);
          test = Double::toDouble(resultStr);
          if (Double::isNaN(test)) {
@@ -47,7 +47,7 @@ $NetBSD: patch-cn,v 1.5 2007/07/26 08:43:50 ghen Exp $
            break;
          }
          if (test > res || i == 0) {
-@@ -372,7 +372,7 @@ XFormsFunctionCall::evaluate(txIEvalCont
+@@ -376,7 +376,7 @@ XFormsFunctionCall::evaluate(txIEvalCont
                                        getter_AddRefs(nodes));
        NS_ENSURE_SUCCESS(rv, rv);
     
@@ -56,7 +56,7 @@ $NetBSD: patch-cn,v 1.5 2007/07/26 08:43:50 ghen Exp $
        PRInt32 i;
        for (i = 0; i < nodes->size(); ++i) {
          double test;
-@@ -380,7 +380,7 @@ XFormsFunctionCall::evaluate(txIEvalCont
+@@ -384,7 +384,7 @@ XFormsFunctionCall::evaluate(txIEvalCont
          txXPathNodeUtils::appendNodeValue(nodes->get(i), resultStr);
          test = Double::toDouble(resultStr);
          if (Double::isNaN(test)) {
@@ -65,7 +65,7 @@ $NetBSD: patch-cn,v 1.5 2007/07/26 08:43:50 ghen Exp $
            break;
          }
          if ((test < res) || (i==0)) {
-@@ -403,7 +403,7 @@ XFormsFunctionCall::evaluate(txIEvalCont
+@@ -407,7 +407,7 @@ XFormsFunctionCall::evaluate(txIEvalCont
        NS_ENSURE_SUCCESS(rv, rv);
  
        PRInt32 result = 0;
@@ -74,7 +74,7 @@ $NetBSD: patch-cn,v 1.5 2007/07/26 08:43:50 ghen Exp $
        nsresult rv = xformsService->GetMonths(duration, &result);
        if (NS_SUCCEEDED(rv)) {
          res = result;
-@@ -479,7 +479,7 @@ XFormsFunctionCall::evaluate(txIEvalCont
+@@ -527,7 +527,7 @@ XFormsFunctionCall::evaluate(txIEvalCont
            // up the chain
            return rv;
          }
@@ -83,7 +83,7 @@ $NetBSD: patch-cn,v 1.5 2007/07/26 08:43:50 ghen Exp $
        }
  
        return aContext->recycler()->getNumberResult(res, aResult);
-@@ -504,7 +504,7 @@ XFormsFunctionCall::evaluate(txIEvalCont
+@@ -552,7 +552,7 @@ XFormsFunctionCall::evaluate(txIEvalCont
            // up the chain
            return rv;
          }
@@ -92,3 +92,12 @@ $NetBSD: patch-cn,v 1.5 2007/07/26 08:43:50 ghen Exp $
        }
  
        return aContext->recycler()->getNumberResult(res, aResult);
+@@ -634,7 +634,7 @@ XFormsFunctionCall::evaluate(txIEvalCont
+       // If the result is too large (ERANGE), we consider the result to be kNaN.
+       result = pow(base, exponent);
+       if (errno == EDOM || errno == ERANGE) {
+-        result = Double::NaN;
++        result = Double::NaN();
+       }
+ 
+       return aContext->recycler()->getNumberResult(result, aResult);
-- 
cgit v1.2.3