Subject: CVS commit: [pkgsrc-2006Q1] pkgsrc/www/mozilla-bin
To: None <pkgsrc-changes@NetBSD.org>
From: Lubomir Sedlacik <salo@netbsd.org>
List: pkgsrc-changes
Date: 04/22/2006 23:43:04
Module Name:	pkgsrc
Committed By:	salo
Date:		Sat Apr 22 23:43:04 UTC 2006

Modified Files:
	pkgsrc/www/mozilla-bin [pkgsrc-2006Q1]: Makefile distinfo

Log Message:
Pullup ticket 1439 - requested by tron
security update for mozilla-bin

Revisions pulled up:
- pkgsrc/www/mozilla-bin/Makefile		1.29
- pkgsrc/www/mozilla-bin/distinfo		1.18

   Module Name:		pkgsrc
   Committed By:	tron
   Date:		Sat Apr 22 13:16:28 UTC 2006

   Modified Files:
   	pkgsrc/www/mozilla-bin: Makefile distinfo

   Log Message:
   Update "mozilla-bin" package to version 1.7.13. Changes since 1.7.12:
   - stability fixes
   - security fixes
     - MFSA 2006-27  Table Rebuilding Code Execution Vulnerability
     - MFSA 2006-25 Privilege escalation through Print Preview
     - MFSA 2006-24 Privilege escalation using crypto.generateCRMFRequest
     - MFSA 2006-23 File stealing by changing input type
     - MFSA 2006-22 CSS Letter-Spacing Heap Overflow Vulnerability
     - MFSA 2006-21 JavaScript execution in mail when forwarding in-line
     - MFSA 2006-19 Cross-site scripting using .valueOf.call()
     - MFSA 2006-18 Mozilla Firefox Tag Order Vulnerability
     - MFSA 2006-17 cross-site scripting through window.controllers
     - MFSA 2006-16 Accessing XBL compilation scope via valueOf.call()
     - MFSA 2006-15 Privilege escalation using a JavaScript function's cloned
       parent
     - MFSA 2006-14 Privilege escalation via XBL.method.eval
     - MFSA 2006-13 Downloading executables with "Save Image As..."
     - MFSA 2006-12 Secure-site spoof (requires security warning dialog)
     - MFSA 2006-11 Crashes with evidence of memory corruption (rv:1.8)
     - MFSA 2006-10 JavaScript garbage-collection hazard audit
     - MFSA 2006-09 Cross-site JavaScript injection using event handlers
     - MFSA 2006-05 Localstore.rdf XML injection through XULDocument.persist()
     - MFSA 2006-03 Long document title causes startup denial of Service
     - MFSA 2006-01 JavaScript garbage-collection hazards


To generate a diff of this commit:
cvs rdiff -r1.28 -r1.28.2.1 pkgsrc/www/mozilla-bin/Makefile
cvs rdiff -r1.17 -r1.17.6.1 pkgsrc/www/mozilla-bin/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.