pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/www/firefox Add security fix to firefox & firefox-gtk1.
details: https://anonhg.NetBSD.org/pkgsrc/rev/4741420519fa
branches: trunk
changeset: 492202:4741420519fa
user: taya <taya%pkgsrc.org@localhost>
date: Wed Apr 06 16:00:53 2005 +0000
description:
Add security fix to firefox & firefox-gtk1.
fixes "Mozilla Firefox JavaScript Engine Information Disclosure Vulnerability"
See following pages for detail.
http://secunia.com/advisories/14820/
https://bugzilla.mozilla.org/show_bug.cgi?id=288688
Bump PKGREVISION.
diffstat:
www/firefox/Makefile-firefox.common | 3 +-
www/firefox/distinfo | 3 +-
www/firefox/patches/patch-bugzilla288688 | 38 ++++++++++++++++++++++++++++++++
3 files changed, 42 insertions(+), 2 deletions(-)
diffs (72 lines):
diff -r d988e2726c98 -r 4741420519fa www/firefox/Makefile-firefox.common
--- a/www/firefox/Makefile-firefox.common Wed Apr 06 15:48:17 2005 +0000
+++ b/www/firefox/Makefile-firefox.common Wed Apr 06 16:00:53 2005 +0000
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile-firefox.common,v 1.12 2005/03/24 15:36:53 taya Exp $
+# $NetBSD: Makefile-firefox.common,v 1.13 2005/04/06 16:00:53 taya Exp $
MOZILLA_BIN= firefox-bin
MOZ_VER= 1.0.2
+PKGREVISION= 1
EXTRACT_SUFX= .tar.bz2
DISTNAME= firefox-${MOZ_VER}-source
diff -r d988e2726c98 -r 4741420519fa www/firefox/distinfo
--- a/www/firefox/distinfo Wed Apr 06 15:48:17 2005 +0000
+++ b/www/firefox/distinfo Wed Apr 06 16:00:53 2005 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.26 2005/03/24 15:36:53 taya Exp $
+$NetBSD: distinfo,v 1.27 2005/04/06 16:00:53 taya Exp $
SHA1 (firefox-1.0.2/firefox-1.0.2-source.tar.bz2) = 3ad187a4f9b37b63bed29f9548176aea6a4473c3
RMD160 (firefox-1.0.2/firefox-1.0.2-source.tar.bz2) = 7bcf109ee8b374ef489e69a45ac1dc3b1580e156
@@ -28,6 +28,7 @@
SHA1 (patch-bs) = 81065130c96bf966b22e6abb767a5b674dcb52cb
SHA1 (patch-bt) = 6e3ceb31866dfb0dba81c93446db2b21e1df9baa
SHA1 (patch-bu) = db33b8651e3cb1fbf9a18dbe78e1e8288cfda0ee
+SHA1 (patch-bugzilla288688) = cebe5ad483a4cfcd55c6be0f0823b75ed1bd4aba
SHA1 (patch-bv) = 4f23dfd885131ea866f31370f1421e7c19706860
SHA1 (patch-bw) = fc3a518d3762be6e85104a6dc7fffd5ae1a463c8
SHA1 (patch-bx) = 046e19c9c4b431369411658373b14c1822841d85
diff -r d988e2726c98 -r 4741420519fa www/firefox/patches/patch-bugzilla288688
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/www/firefox/patches/patch-bugzilla288688 Wed Apr 06 16:00:53 2005 +0000
@@ -0,0 +1,38 @@
+$NetBSD: patch-bugzilla288688,v 1.1 2005/04/06 16:00:53 taya Exp $
+
+diff -ru ../Orig/mozilla/js/src/jsstr.c ./js/src/jsstr.c
+--- ../Orig/mozilla/js/src/jsstr.c 2003-12-22 15:13:07.000000000 +0900
++++ ./js/src/jsstr.c 2005-04-06 23:33:09.000000000 +0900
+@@ -1378,11 +1378,17 @@
+ JSBool ok;
+
+ /*
+- * Save the rightContext from the current regexp, since it
+- * gets stuck at the end of the replacement string and may
+- * be clobbered by a RegExp usage in the lambda function.
++ * Save the regExpStatics from the current regexp, since they may be
++ * clobbered by a RegExp usage in the lambda function. Note that all
++ * members of JSRegExpStatics are JSSubStrings, so not GC roots, save
++ * input, which is rooted otherwise via argv[-1] in str_replace.
++ *
++ * We need to clear moreParens in the top-of-stack cx->regExpStatics
++ * to it won't be possibly realloc'ed, leaving the bottom-of-stack
++ * moreParens pointing to freed memory.
+ */
+- JSSubString saveRightContext = cx->regExpStatics.rightContext;
++ JSRegExpStatics save = cx->regExpStatics;
++ cx->regExpStatics.moreParens = NULL;
+
+ /*
+ * In the lambda case, not only do we find the replacement string's
+@@ -1460,7 +1466,9 @@
+
+ lambda_out:
+ js_FreeStack(cx, mark);
+- cx->regExpStatics.rightContext = saveRightContext;
++ if (cx->regExpStatics.moreParens)
++ JS_free(cx, cx->regExpStatics.moreParens);
++ cx->regExpStatics = save;
+ return ok;
+ }
+ #endif /* JS_HAS_REPLACE_LAMBDA */
Home |
Main Index |
Thread Index |
Old Index