From cbf234cea83134f61372a00352fe07ce8127cfb2 Mon Sep 17 00:00:00 2001 From: taya Date: Sat, 14 May 2005 15:27:10 +0000 Subject: Update firefox & firefox-gtk1 to 1.0.4. This is a security fix release. Fixed vulnerabilities are follows: MFSA 2005-44 Privilege escalation via non-DOM property overrides MFSA 2005-43 "Wrapped" javascript: urls bypass security checks MFSA 2005-42 Code execution via javascript: IconURL --- www/firefox-gtk1/buildlink3.mk | 4 ++-- www/firefox/Makefile | 12 +++++++++++- www/firefox/Makefile-firefox.common | 4 ++-- www/firefox/PLIST | 10 +++++++++- www/firefox/buildlink3.mk | 4 ++-- www/firefox/distinfo | 8 ++++---- 6 files changed, 30 insertions(+), 12 deletions(-) (limited to 'www') diff --git a/www/firefox-gtk1/buildlink3.mk b/www/firefox-gtk1/buildlink3.mk index 28207eaa7c5..c04fdd5de7d 100644 --- a/www/firefox-gtk1/buildlink3.mk +++ b/www/firefox-gtk1/buildlink3.mk @@ -1,4 +1,4 @@ -# $NetBSD: buildlink3.mk,v 1.3 2005/03/25 08:23:46 salo Exp $ +# $NetBSD: buildlink3.mk,v 1.4 2005/05/14 15:27:10 taya Exp $ BUILDLINK_DEPTH:= ${BUILDLINK_DEPTH}+ FIREFOX_GTK2_BUILDLINK3_MK:= ${FIREFOX_GTK2_BUILDLINK3_MK}+ @@ -12,7 +12,7 @@ BUILDLINK_PACKAGES+= firefox-gtk1 .if !empty(FIREFOX_GTK2_BUILDLINK3_MK:M+) BUILDLINK_DEPENDS.firefox-gtk1+= firefox-gtk1>=1.0 -BUILDLINK_RECOMMENDED.firefox-gtk1+= firefox-gtk1>=1.0.2 +BUILDLINK_RECOMMENDED.firefox-gtk1+= firefox-gtk1>=1.0.4 BUILDLINK_PKGSRCDIR.firefox-gtk1?= ../../www/firefox-gtk1 .endif # FIREFOX_GTK2_BUILDLINK3_MK diff --git a/www/firefox/Makefile b/www/firefox/Makefile index 4c1020f91f5..9f0898d3a40 100644 --- a/www/firefox/Makefile +++ b/www/firefox/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.14 2005/04/02 14:38:14 abs Exp $ +# $NetBSD: Makefile,v 1.15 2005/05/14 15:27:10 taya Exp $ MOZILLA= firefox EXTRACT_SUFX= .tar.bz2 @@ -8,4 +8,14 @@ COMMENT= Lightweight gecko-based web browser MOZILLA_USE_GTK2= # defined MOZILLA_USE_XFT= YES +PKGCONFIG_OVERRIDE+= build/unix/firefox-gtkmozembed.pc +PKGCONFIG_OVERRIDE+= build/unix/firefox-js.pc +PKGCONFIG_OVERRIDE+= build/unix/firefox-nspr.pc +PKGCONFIG_OVERRIDE+= build/unix/firefox-nss.pc +PKGCONFIG_OVERRIDE+= build/unix/firefox-plugin.pc +PKGCONFIG_OVERRIDE+= build/unix/firefox-xpcom.pc +# Some .pc files are filled in by the build process, so we can't fix the +# rpaths until this has happened. +PKGCONFIG_OVERRIDE_STAGE= post-build + .include "../../www/firefox/Makefile-firefox.common" diff --git a/www/firefox/Makefile-firefox.common b/www/firefox/Makefile-firefox.common index 2f29e1b43fd..1c700dd468c 100644 --- a/www/firefox/Makefile-firefox.common +++ b/www/firefox/Makefile-firefox.common @@ -1,7 +1,7 @@ -# $NetBSD: Makefile-firefox.common,v 1.17 2005/04/25 19:26:10 reed Exp $ +# $NetBSD: Makefile-firefox.common,v 1.18 2005/05/14 15:27:10 taya Exp $ MOZILLA_BIN= firefox-bin -MOZ_VER= 1.0.3 +MOZ_VER= 1.0.4 EXTRACT_SUFX= .tar.bz2 DISTNAME= firefox-${MOZ_VER}-source diff --git a/www/firefox/PLIST b/www/firefox/PLIST index 216e69b83e5..5121282e70b 100644 --- a/www/firefox/PLIST +++ b/www/firefox/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.14 2005/04/15 12:42:27 wiz Exp $ +@comment $NetBSD: PLIST,v 1.15 2005/05/14 15:27:10 taya Exp $ bin/${MOZILLA} @comment begin PROGRAMS lib/${MOZILLA}/${MOZILLA_BIN} @@ -96,6 +96,14 @@ lib/${MOZILLA}/libxpcom_compat.${SO_SUFFIX} lib/${MOZILLA}/libxpistub.${SO_SUFFIX} ${SUNOSLIB}lib/${MOZILLA}/libfreebl_hybrid_3.${SO_SUFFIX} @comment end DSO +@comment begin PKGCONFIG +lib/pkgconfig/firefox-gtkmozembed.pc +lib/pkgconfig/firefox-js.pc +lib/pkgconfig/firefox-nspr.pc +lib/pkgconfig/firefox-nss.pc +lib/pkgconfig/firefox-plugin.pc +lib/pkgconfig/firefox-xpcom.pc +@comment end PKGCONFIG @comment begin DATA lib/${MOZILLA}/LICENSE lib/${MOZILLA}/README.txt diff --git a/www/firefox/buildlink3.mk b/www/firefox/buildlink3.mk index e8c517a9745..95a0e60ed87 100644 --- a/www/firefox/buildlink3.mk +++ b/www/firefox/buildlink3.mk @@ -1,4 +1,4 @@ -# $NetBSD: buildlink3.mk,v 1.4 2005/03/25 08:23:46 salo Exp $ +# $NetBSD: buildlink3.mk,v 1.5 2005/05/14 15:27:10 taya Exp $ BUILDLINK_DEPTH:= ${BUILDLINK_DEPTH}+ FIREFOX_BUILDLINK3_MK:= ${FIREFOX_BUILDLINK3_MK}+ @@ -12,7 +12,7 @@ BUILDLINK_PACKAGES+= firefox .if !empty(FIREFOX_BUILDLINK3_MK:M+) BUILDLINK_DEPENDS.firefox+= firefox>=1.0 -BUILDLINK_RECOMMENDED.firefox+= firefox>=1.0.2 +BUILDLINK_RECOMMENDED.firefox+= firefox>=1.0.4 BUILDLINK_PKGSRCDIR.firefox?= ../../www/firefox .endif # FIREFOX_BUILDLINK3_MK diff --git a/www/firefox/distinfo b/www/firefox/distinfo index 84a04117cbe..0ba46c53ea4 100644 --- a/www/firefox/distinfo +++ b/www/firefox/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.28 2005/04/17 02:19:39 taya Exp $ +$NetBSD: distinfo,v 1.29 2005/05/14 15:27:10 taya Exp $ -SHA1 (firefox-1.0.3/firefox-1.0.3-source.tar.bz2) = afaf5e7664ff619b30a82e4239a04ce9fd4f1f8b -RMD160 (firefox-1.0.3/firefox-1.0.3-source.tar.bz2) = e160e64ea82b3d992dbd119d72c6b8c602d2a0f2 -Size (firefox-1.0.3/firefox-1.0.3-source.tar.bz2) = 32784300 bytes +SHA1 (firefox-1.0.4/firefox-1.0.4-source.tar.bz2) = d030628e52e1bebe9d6515d7fab5a126a1b6b38a +RMD160 (firefox-1.0.4/firefox-1.0.4-source.tar.bz2) = 4b04740fe4615ddddd16ec296509177ab29d4edc +Size (firefox-1.0.4/firefox-1.0.4-source.tar.bz2) = 32756592 bytes SHA1 (patch-aa) = 9225a7a2c9b4545e800008169d4d88452c85d1a9 SHA1 (patch-ab) = 0c1f2d6cca09b4dd6b168ed29d84d245967a3369 SHA1 (patch-ac) = 32aa4b92eea19aca07077a292cb759d074026642 -- cgit v1.2.3