pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/pkgsrc-2005Q1]: pkgsrc/www/firefox Pullup ticket 459 - requested by S...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/2a7ae7f74425
branches:  pkgsrc-2005Q1
changeset: 490982:2a7ae7f74425
user:      snj <snj%pkgsrc.org@localhost>
date:      Fri Apr 22 06:48:12 2005 +0000

description:
Pullup ticket 459 - requested by Shin'ichiro TAYA
security fix for firefox and firefox-gtk1

Revisions pulled up:
- pkgsrc/www/firefox/Makefile-firefox.common            1.15
- pkgsrc/www/firefox/distinfo                           1.28
- pkgsrc/www/firefox/patches/patch-bugzilla28868        removed

    Module Name:    pkgsrc
    Committed By:   taya
    Date:           Sun Apr 17 02:19:39 UTC 2005

    Modified Files:
            pkgsrc/www/firefox: Makefile-firefox.common distinfo
    Removed Files:
            pkgsrc/www/firefox/patches: patch-bugzilla288688

    Log Message:
    Update firefox & firefox-gtk1 to 1.0.3.

    This is a security fix release.
    Fixed vulnerabilities are follows:

    MFSA 2005-33  Javascript "lambda" replace exposes memory contents
    MFSA 2005-34 javascript: PLUGINSPAGE code execution
    MFSA 2005-35 Showing blocked javascript: popup uses wrong privilege context
    MFSA 2005-36 Cross-site scripting through global scope pollution
    MFSA 2005-37 Code execution through javascript: favicons
    MFSA 2005-38 Search plugin cross-site scripting
    MFSA 2005-39 Arbitrary code execution from Firefox sidebar panel II
    MFSA 2005-40 Missing Install object instance checks
    MFSA 2005-41 Privilege escalation via DOM property overrides

diffstat:

 www/firefox/Makefile-firefox.common      |   5 +--
 www/firefox/distinfo                     |   9 +++----
 www/firefox/patches/patch-bugzilla288688 |  38 --------------------------------
 3 files changed, 6 insertions(+), 46 deletions(-)

diffs (80 lines):

diff -r 18d3ccbe6771 -r 2a7ae7f74425 www/firefox/Makefile-firefox.common
--- a/www/firefox/Makefile-firefox.common       Thu Apr 21 16:47:34 2005 +0000
+++ b/www/firefox/Makefile-firefox.common       Fri Apr 22 06:48:12 2005 +0000
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile-firefox.common,v 1.11.2.2 2005/04/07 18:36:27 salo Exp $
+# $NetBSD: Makefile-firefox.common,v 1.11.2.3 2005/04/22 06:48:12 snj Exp $
 
 MOZILLA_BIN=   firefox-bin
-MOZ_VER=       1.0.2
-PKGREVISION=   1
+MOZ_VER=       1.0.3
 EXTRACT_SUFX=  .tar.bz2
 
 DISTNAME=      firefox-${MOZ_VER}-source
diff -r 18d3ccbe6771 -r 2a7ae7f74425 www/firefox/distinfo
--- a/www/firefox/distinfo      Thu Apr 21 16:47:34 2005 +0000
+++ b/www/firefox/distinfo      Fri Apr 22 06:48:12 2005 +0000
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.25.2.2 2005/04/07 18:36:27 salo Exp $
+$NetBSD: distinfo,v 1.25.2.3 2005/04/22 06:48:12 snj Exp $
 
-SHA1 (firefox-1.0.2/firefox-1.0.2-source.tar.bz2) = 3ad187a4f9b37b63bed29f9548176aea6a4473c3
-RMD160 (firefox-1.0.2/firefox-1.0.2-source.tar.bz2) = 7bcf109ee8b374ef489e69a45ac1dc3b1580e156
-Size (firefox-1.0.2/firefox-1.0.2-source.tar.bz2) = 32760074 bytes
+SHA1 (firefox-1.0.3/firefox-1.0.3-source.tar.bz2) = afaf5e7664ff619b30a82e4239a04ce9fd4f1f8b
+RMD160 (firefox-1.0.3/firefox-1.0.3-source.tar.bz2) = e160e64ea82b3d992dbd119d72c6b8c602d2a0f2
+Size (firefox-1.0.3/firefox-1.0.3-source.tar.bz2) = 32784300 bytes
 SHA1 (patch-aa) = 9225a7a2c9b4545e800008169d4d88452c85d1a9
 SHA1 (patch-ab) = 0c1f2d6cca09b4dd6b168ed29d84d245967a3369
 SHA1 (patch-ac) = 32aa4b92eea19aca07077a292cb759d074026642
@@ -28,7 +28,6 @@
 SHA1 (patch-bs) = 81065130c96bf966b22e6abb767a5b674dcb52cb
 SHA1 (patch-bt) = 6e3ceb31866dfb0dba81c93446db2b21e1df9baa
 SHA1 (patch-bu) = db33b8651e3cb1fbf9a18dbe78e1e8288cfda0ee
-SHA1 (patch-bugzilla288688) = cebe5ad483a4cfcd55c6be0f0823b75ed1bd4aba
 SHA1 (patch-bv) = 4f23dfd885131ea866f31370f1421e7c19706860
 SHA1 (patch-bw) = fc3a518d3762be6e85104a6dc7fffd5ae1a463c8
 SHA1 (patch-bx) = 046e19c9c4b431369411658373b14c1822841d85
diff -r 18d3ccbe6771 -r 2a7ae7f74425 www/firefox/patches/patch-bugzilla288688
--- a/www/firefox/patches/patch-bugzilla288688  Thu Apr 21 16:47:34 2005 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,38 +0,0 @@
-$NetBSD: patch-bugzilla288688,v 1.1.2.2 2005/04/07 18:36:27 salo Exp $
-
-diff -ru ../Orig/mozilla/js/src/jsstr.c ./js/src/jsstr.c
---- ../Orig/mozilla/js/src/jsstr.c     2003-12-22 15:13:07.000000000 +0900
-+++ ./js/src/jsstr.c   2005-04-06 23:33:09.000000000 +0900
-@@ -1378,11 +1378,17 @@
-         JSBool ok;
- 
-         /*
--         * Save the rightContext from the current regexp, since it
--         * gets stuck at the end of the replacement string and may
--         * be clobbered by a RegExp usage in the lambda function.
-+         * Save the regExpStatics from the current regexp, since they may be
-+         * clobbered by a RegExp usage in the lambda function.  Note that all
-+         * members of JSRegExpStatics are JSSubStrings, so not GC roots, save
-+         * input, which is rooted otherwise via argv[-1] in str_replace.
-+         *
-+         * We need to clear moreParens in the top-of-stack cx->regExpStatics
-+         * to it won't be possibly realloc'ed, leaving the bottom-of-stack
-+         * moreParens pointing to freed memory.
-          */
--        JSSubString saveRightContext = cx->regExpStatics.rightContext;
-+        JSRegExpStatics save = cx->regExpStatics;
-+        cx->regExpStatics.moreParens = NULL;
- 
-         /*
-          * In the lambda case, not only do we find the replacement string's
-@@ -1460,7 +1466,9 @@
- 
-       lambda_out:
-         js_FreeStack(cx, mark);
--        cx->regExpStatics.rightContext = saveRightContext;
-+        if (cx->regExpStatics.moreParens)
-+            JS_free(cx, cx->regExpStatics.moreParens);
-+        cx->regExpStatics = save;
-         return ok;
-     }
- #endif /* JS_HAS_REPLACE_LAMBDA */



Home | Main Index | Thread Index | Old Index