cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

SECURITY update to 3.5.5. For the list of horrors, see

Browse Source 
http://www.mozilla.org/security/known-vulnerabilities/firefox35.html
This commit is contained in:
naddy 2009-11-27 21:18:52 +00:00
parent 1ef547df95
commit ae373b07bf
12 changed files with 103 additions and 77 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
www/firefox35/Makefile
View File

@ -1,13 +1,13 @@
# $OpenBSD: Makefile,v 1.29 2009/11/17 23:07:45 ajacoutot Exp $
# $OpenBSD: Makefile,v 1.30 2009/11/27 21:18:52 naddy Exp $
SHARED_ONLY= Yes
ONLY_FOR_ARCHS= alpha amd64 arm i386 powerpc sparc sparc64
COMMENT= redesign of Mozilla's browser component
VER= 3.5.3
VER= 3.5.5
DISTNAME= mozilla-1.9.1
PKGNAME= firefox35-${VER}p1
PKGNAME= firefox35-${VER}
SO_VERSION= 22.0
# NOTE: Must bump minor version if any shlib's are removed from the
# components dir to avoid pkg_add -r issues.

10
www/firefox35/distinfo
View File

@ -1,5 +1,5 @@
MD5 (firefox-3.5.3.source.tar.bz2) = yhZ+aRgKsSMK6gdj2icKlQ==
RMD160 (firefox-3.5.3.source.tar.bz2) = wkh8kLSpSQhAgXx7ANzM1ooMRCI=
SHA1 (firefox-3.5.3.source.tar.bz2) = g7JiXrdOgbRzrECsUlBeX8mkl+s=
SHA256 (firefox-3.5.3.source.tar.bz2) = 5jJ4B+0d0MBoX3wvuhQn5+OLXJLzaBHyQ4YfvZt60tI=
SIZE (firefox-3.5.3.source.tar.bz2) = 46766383
MD5 (firefox-3.5.5.source.tar.bz2) = s9kt+0BYQUHcEGjvyb38zA==
RMD160 (firefox-3.5.5.source.tar.bz2) = PC61VC4tNHc9xSsHtG3PzWVuXw0=
SHA1 (firefox-3.5.5.source.tar.bz2) = ohRvttyOh5p4+hOEnxh8FNQUQso=
SHA256 (firefox-3.5.5.source.tar.bz2) = Kr57VWEmfCMN8nlR0djGxYU9BsokJpl/3wpjxdton+s=
SIZE (firefox-3.5.5.source.tar.bz2) = 46907137

10
www/firefox35/patches/patch-browser_app_profile_firefox_js
View File

@ -1,6 +1,6 @@
$OpenBSD: patch-browser_app_profile_firefox_js,v 1.1.1.1 2009/06/21 01:31:24 martynas Exp $
--- browser/app/profile/firefox.js.orig Wed Jun 17 07:21:40 2009
+++ browser/app/profile/firefox.js Sat Jun 20 22:09:09 2009
$OpenBSD: patch-browser_app_profile_firefox_js,v 1.2 2009/11/27 21:18:52 naddy Exp $
--- browser/app/profile/firefox.js.orig Mon Nov 2 22:42:40 2009
+++ browser/app/profile/firefox.js Wed Nov 25 22:04:30 2009
@@ -92,7 +92,7 @@ pref("browser.dictionaries.download.url", "https://%LO
// App-specific update preferences
@ -10,7 +10,7 @@ $OpenBSD: patch-browser_app_profile_firefox_js,v 1.1.1.1 2009/06/21 01:31:24 mar
// This preference turns on app.update.mode and allows automatic download and
// install to take place. We use a separate boolean toggle for this to make
@@ -662,10 +662,10 @@ pref("gecko.handlerService.allowRegisterFromDifferentH
@@ -661,10 +661,10 @@ pref("gecko.handlerService.allowRegisterFromDifferentH
#ifdef MOZ_SAFE_BROWSING
// Safe browsing does nothing unless this pref is set
@ -23,7 +23,7 @@ $OpenBSD: patch-browser_app_profile_firefox_js,v 1.1.1.1 2009/06/21 01:31:24 mar
// Non-enhanced mode (local url lists) URL list to check for updates
pref("browser.safebrowsing.provider.0.updateURL", "http://safebrowsing.clients.google.com/safebrowsing/downloads?client={moz:client}&appver={moz:version}&pver=2.2");
@@ -728,10 +728,8 @@ pref("browser.EULA.version", 3);
@@ -727,10 +727,8 @@ pref("browser.EULA.version", 3);
pref("browser.rights.version", 3);
pref("browser.rights.3.shown", false);

8
www/firefox35/patches/patch-config_rules_mk
View File

@ -1,7 +1,7 @@
$OpenBSD: patch-config_rules_mk,v 1.1.1.1 2009/06/21 01:31:24 martynas Exp $
--- config/rules.mk.orig Wed Jun 17 07:21:41 2009
+++ config/rules.mk Sat Jun 20 22:09:09 2009
@@ -601,6 +601,12 @@ endif
$OpenBSD: patch-config_rules_mk,v 1.2 2009/11/27 21:18:52 naddy Exp $
--- config/rules.mk.orig Mon Nov 2 22:42:44 2009
+++ config/rules.mk Wed Nov 25 22:04:30 2009
@@ -607,6 +607,12 @@ endif
endif
endif

19
www/firefox35/patches/patch-configure_in
View File

@ -1,6 +1,6 @@
$OpenBSD: patch-configure_in,v 1.3 2009/06/23 17:55:57 martynas Exp $
--- configure.in.orig Wed Jun 17 07:21:41 2009
+++ configure.in Tue Jun 23 13:33:05 2009
$OpenBSD: patch-configure_in,v 1.4 2009/11/27 21:18:52 naddy Exp $
--- configure.in.orig Mon Nov 2 22:42:44 2009
+++ configure.in Fri Nov 27 03:01:08 2009
@@ -1000,7 +1000,7 @@ MOZ_PNG_LIBS='$(call EXPAND_LIBNAME_PATH,mozpng,$(DEPT
MOZ_JS_LIBS='-L$(LIBXUL_DIST)/bin -lmozjs'
@ -19,3 +19,16 @@ $OpenBSD: patch-configure_in,v 1.3 2009/06/23 17:55:57 martynas Exp $
DSO_CFLAGS=''
DSO_PIC_CFLAGS='-fPIC'
DSO_LDOPTS='-shared -fPIC'
@@ -4009,9 +4009,9 @@ AC_CACHE_CHECK(for __thread keyword for TLS variables,
[return tlsIsMainThread;],
ac_cv_thread_keyword=yes,
ac_cv_thread_keyword=no)])
-if test "$ac_cv_thread_keyword" = yes; then
- AC_DEFINE(HAVE_THREAD_TLS_KEYWORD)
-fi
+dnl if test "$ac_cv_thread_keyword" = yes; then
+dnl AC_DEFINE(HAVE_THREAD_TLS_KEYWORD)
+dnl fi
dnl End of C++ language/feature checks
AC_LANG_C

20
www/firefox35/patches/patch-media_liboggplay_src_liboggplay_std_semaphore_h
View File

@ -1,15 +1,15 @@
$OpenBSD: patch-media_liboggplay_src_liboggplay_std_semaphore_h,v 1.2 2009/07/21 11:58:54 martynas Exp $
--- media/liboggplay/src/liboggplay/std_semaphore.h.orig Wed Jul 15 18:35:02 2009
+++ media/liboggplay/src/liboggplay/std_semaphore.h Tue Jul 21 14:55:39 2009
$OpenBSD: patch-media_liboggplay_src_liboggplay_std_semaphore_h,v 1.3 2009/11/27 21:18:52 naddy Exp $
--- media/liboggplay/src/liboggplay/std_semaphore.h.orig Wed Nov 25 21:40:24 2009
+++ media/liboggplay/src/liboggplay/std_semaphore.h Wed Nov 25 21:41:04 2009
@@ -74,9 +74,9 @@
* @retval non-zero on error
*/
-#if defined(linux) || defined(SOLARIS)
+#if defined(linux) || defined(SOLARIS) || defined(__OpenBSD__)
-#if defined(linux) || defined(SOLARIS) || defined(AIX) || defined(__FreeBSD__)
+#if defined(linux) || defined(SOLARIS) || defined(AIX) || defined(__FreeBSD__) || defined(__OpenBSD__)
#include <semaphore.h>
-#define SEM_CREATE(p,s) sem_init(&(p), 1, s)
+#define SEM_CREATE(p,s) sem_init(&(p), 0, s)
#define SEM_SIGNAL(p) sem_post(&(p))
#define SEM_WAIT(p) sem_wait(&(p))
#define SEM_CLOSE(p) sem_destroy(&(p))
-#if defined(__FreeBSD__)
+#if defined(__FreeBSD__) || defined(__OpenBSD__)
#define SEM_CREATE(p,s) sem_init(&(p), 0, s)
#else
#define SEM_CREATE(p,s) sem_init(&(p), 1, s)

8
www/firefox35/patches/patch-nsprpub_configure_in
View File

@ -1,7 +1,7 @@
$OpenBSD: patch-nsprpub_configure_in,v 1.1 2009/06/21 15:04:16 martynas Exp $
--- nsprpub/configure.in.orig Wed Jun 17 07:22:05 2009
+++ nsprpub/configure.in Sun Jun 21 17:52:40 2009
@@ -1809,9 +1809,11 @@ mips-sony-newsos*)
$OpenBSD: patch-nsprpub_configure_in,v 1.2 2009/11/27 21:18:52 naddy Exp $
--- nsprpub/configure.in.orig Mon Nov 2 22:43:08 2009
+++ nsprpub/configure.in Wed Nov 25 22:04:30 2009
@@ -1811,9 +1811,11 @@ mips-sony-newsos*)
AC_DEFINE(OPENBSD)
AC_DEFINE(HAVE_BSD_FLOCK)
AC_DEFINE(HAVE_SOCKLEN_T)

52
www/firefox35/patches/patch-nsprpub_pr_src_misc_prdtoa_c
View File

@ -1,6 +1,6 @@
$OpenBSD: patch-nsprpub_pr_src_misc_prdtoa_c,v 1.1 2009/06/21 15:04:16 martynas Exp $
--- nsprpub/pr/src/misc/prdtoa.c.orig Wed Jun 17 07:22:05 2009
+++ nsprpub/pr/src/misc/prdtoa.c Sun Jun 21 17:53:38 2009
$OpenBSD: patch-nsprpub_pr_src_misc_prdtoa_c,v 1.2 2009/11/27 21:18:52 naddy Exp $
--- nsprpub/pr/src/misc/prdtoa.c.orig Wed Nov 25 21:46:23 2009
+++ nsprpub/pr/src/misc/prdtoa.c Wed Nov 25 21:47:05 2009
@@ -47,42 +47,14 @@
#include "primpl.h"
@ -44,7 +44,7 @@ $OpenBSD: patch-nsprpub_pr_src_misc_prdtoa_c,v 1.1 2009/06/21 15:04:16 martynas
/****************************************************************
*
* The author of this software is David M. Gay.
@@ -102,3300 +74,82 @@ void _PR_CleanupDtoa(void)
@@ -102,3310 +74,82 @@ void _PR_CleanupDtoa(void)
*
***************************************************************/
@ -131,7 +131,12 @@ $OpenBSD: patch-nsprpub_pr_src_misc_prdtoa_c,v 1.1 2009/06/21 15:04:16 martynas
- * #define MALLOC your_malloc, where your_malloc(n) acts like malloc(n)
- * if memory is available and otherwise does something you deem
- * appropriate. If MALLOC is undefined, malloc will be invoked
- * directly -- and assumed always to succeed.
- * directly -- and assumed always to succeed. Similarly, if you
- * want something other than the system's free() to be called to
- * recycle memory acquired from MALLOC, #define FREE to be the
- * name of the alternate routine. (FREE or free is only called in
- * pathological cases, e.g., in a dtoa call after a dtoa return in
- * mode 3 with thousands of digits requested.)
- * #define Omit_Private_Memory to omit logic (added Jan. 1998) for making
- * memory allocations from a private pool of memory when possible.
- * When used, the private pool is PRIVATE_MEM bytes long: 2304 bytes,
@ -531,7 +536,7 @@ $OpenBSD: patch-nsprpub_pr_src_misc_prdtoa_c,v 1.1 2009/06/21 15:04:16 martynas
-#define FREE_DTOA_LOCK(n) /*nothing*/
-#endif
-
-#define Kmax 15
-#define Kmax 7
-
- struct
-Bigint {
@ -561,9 +566,10 @@ $OpenBSD: patch-nsprpub_pr_src_misc_prdtoa_c,v 1.1 2009/06/21 15:04:16 martynas
-#endif
-
- ACQUIRE_DTOA_LOCK(0);
- if (rv = freelist[k]) {
- /* The k > Kmax case does not need ACQUIRE_DTOA_LOCK(0), */
- /* but this case seems very unlikely. */
- if (k <= Kmax && (rv = freelist[k]))
- freelist[k] = rv->next;
- }
- else {
- x = 1 << k;
-#ifdef Omit_Private_Memory
@ -571,7 +577,7 @@ $OpenBSD: patch-nsprpub_pr_src_misc_prdtoa_c,v 1.1 2009/06/21 15:04:16 martynas
-#else
- len = (sizeof(Bigint) + (x-1)*sizeof(ULong) + sizeof(double) - 1)
- /sizeof(double);
- if (pmem_next - private_mem + len <= PRIVATE_mem) {
- if (k <= Kmax && pmem_next - private_mem + len <= PRIVATE_mem) {
- rv = (Bigint*)pmem_next;
- pmem_next += len;
- }
@ -595,10 +601,18 @@ $OpenBSD: patch-nsprpub_pr_src_misc_prdtoa_c,v 1.1 2009/06/21 15:04:16 martynas
-#endif
-{
- if (v) {
- ACQUIRE_DTOA_LOCK(0);
- v->next = freelist[v->k];
- freelist[v->k] = v;
- FREE_DTOA_LOCK(0);
- if (v->k > Kmax)
-#ifdef FREE
- FREE((void*)v);
-#else
- free((void*)v);
-#endif
- else {
- ACQUIRE_DTOA_LOCK(0);
- v->next = freelist[v->k];
- freelist[v->k] = v;
- FREE_DTOA_LOCK(0);
- }
- }
- }
-
@ -1328,10 +1342,6 @@ $OpenBSD: patch-nsprpub_pr_src_misc_prdtoa_c,v 1.1 2009/06/21 15:04:16 martynas
- b->wds = (x[1] = z) ? 2 : 1;
- }
- else {
-#ifdef DEBUG
- if (!z)
- Bug("Zero passed to d2b");
-#endif
- k = lo0bits(&z);
- x[0] = z;
-#ifndef Sudden_Underflow
@ -3381,7 +3391,7 @@ $OpenBSD: patch-nsprpub_pr_src_misc_prdtoa_c,v 1.1 2009/06/21 15:04:16 martynas
PR_IMPLEMENT(PRStatus)
PR_dtoa(PRFloat64 d, PRIntn mode, PRIntn ndigits,
@@ -3411,7 +165,7 @@ PR_dtoa(PRFloat64 d, PRIntn mode, PRIntn ndigits,
@@ -3421,7 +165,7 @@ PR_dtoa(PRFloat64 d, PRIntn mode, PRIntn ndigits,
PR_SetError(PR_INVALID_ARGUMENT_ERROR, 0);
return rv;
}
@ -3390,7 +3400,7 @@ $OpenBSD: patch-nsprpub_pr_src_misc_prdtoa_c,v 1.1 2009/06/21 15:04:16 martynas
if (!result) {
PR_SetError(PR_OUT_OF_MEMORY_ERROR, 0);
return rv;
@@ -3426,7 +180,7 @@ PR_dtoa(PRFloat64 d, PRIntn mode, PRIntn ndigits,
@@ -3436,7 +180,7 @@ PR_dtoa(PRFloat64 d, PRIntn mode, PRIntn ndigits,
}
rv = PR_SUCCESS;
}
@ -3399,7 +3409,7 @@ $OpenBSD: patch-nsprpub_pr_src_misc_prdtoa_c,v 1.1 2009/06/21 15:04:16 martynas
return rv;
}
@@ -3448,9 +202,9 @@ PR_cnvtf(char *buf, int bufsz, int prcsn, double dfval
@@ -3458,9 +202,9 @@ PR_cnvtf(char *buf, int bufsz, int prcsn, double dfval
char *num, *nump;
char *bufp = buf;
char *endnum;
@ -3411,7 +3421,7 @@ $OpenBSD: patch-nsprpub_pr_src_misc_prdtoa_c,v 1.1 2009/06/21 15:04:16 martynas
/* If anything fails, we store an empty string in 'buf' */
num = (char*)PR_MALLOC(bufsz);
if (num == NULL) {
@@ -3458,7 +212,7 @@ PR_cnvtf(char *buf, int bufsz, int prcsn, double dfval
@@ -3468,7 +212,7 @@ PR_cnvtf(char *buf, int bufsz, int prcsn, double dfval
return;
}
/* XXX Why use mode 1? */

18
www/firefox35/patches/patch-security_nss_cmd_platlibs_mk
View File

@ -1,15 +1,17 @@
$OpenBSD: patch-security_nss_cmd_platlibs_mk,v 1.1 2009/06/21 18:42:15 martynas Exp $
--- security/nss/cmd/platlibs.mk.orig Sun Jun 21 21:34:18 2009
+++ security/nss/cmd/platlibs.mk Sun Jun 21 21:34:45 2009
@@ -201,9 +201,10 @@ endif
$OpenBSD: patch-security_nss_cmd_platlibs_mk,v 1.2 2009/11/27 21:18:52 naddy Exp $
--- security/nss/cmd/platlibs.mk.orig Wed Nov 25 21:50:05 2009
+++ security/nss/cmd/platlibs.mk Wed Nov 25 21:51:56 2009
@@ -195,10 +195,11 @@ endif
# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
EXTRA_SHARED_LIBS += \
-L$(DIST)/lib \
+ -L$(NSPR_LIB_DIR) \
- $(SQLITE) \
-L$(NSSUTIL_LIB_DIR) \
- -lnssutil3 \
-L$(NSPR_LIB_DIR) \
+ -L$(LOCALBASE)/lib \
$(SQLITE) \
-lnssutil3 \
- -L$(NSPR_LIB_DIR) \
+ $(SQLITE) \
+ -lnssutil3 \
-lplc4 \
-lplds4 \
-lnspr4 \

12
www/firefox35/patches/patch-security_nss_lib_freebl_unix_rand_c
View File

@ -1,7 +1,7 @@
$OpenBSD: patch-security_nss_lib_freebl_unix_rand_c,v 1.1 2009/06/21 15:04:16 martynas Exp $
--- security/nss/lib/freebl/unix_rand.c.orig Wed Jun 17 07:22:10 2009
+++ security/nss/lib/freebl/unix_rand.c Sun Jun 21 17:58:22 2009
@@ -890,7 +890,6 @@ safe_pclose(FILE *fp)
$OpenBSD: patch-security_nss_lib_freebl_unix_rand_c,v 1.2 2009/11/27 21:18:52 naddy Exp $
--- security/nss/lib/freebl/unix_rand.c.orig Mon Nov 2 22:43:12 2009
+++ security/nss/lib/freebl/unix_rand.c Wed Nov 25 22:04:30 2009
@@ -849,7 +849,6 @@ safe_pclose(FILE *fp)
/* Fork netstat to collect its output by default. Do not unset this unless
* another source of entropy is available
*/
@ -9,7 +9,7 @@ $OpenBSD: patch-security_nss_lib_freebl_unix_rand_c,v 1.1 2009/06/21 15:04:16 ma
void RNG_SystemInfoForRNG(void)
{
@@ -957,7 +956,7 @@ void RNG_SystemInfoForRNG(void)
@@ -916,7 +915,7 @@ void RNG_SystemInfoForRNG(void)
GiveSystemInfo();
/* grab some data from system's PRNG before any other files. */
@ -18,7 +18,7 @@ $OpenBSD: patch-security_nss_lib_freebl_unix_rand_c,v 1.1 2009/06/21 15:04:16 ma
/* If the user points us to a random file, pass it through the rng */
randfile = getenv("NSRANDFILE");
@@ -1259,7 +1258,7 @@ size_t RNG_SystemRNG(void *dest, size_t maxLen)
@@ -1159,7 +1158,7 @@ size_t RNG_SystemRNG(void *dest, size_t maxLen)
size_t fileBytes = 0;
unsigned char *buffer = dest;

14
www/firefox35/patches/patch-security_nss_lib_softoken_config_mk
View File

@ -1,10 +1,10 @@
$OpenBSD: patch-security_nss_lib_softoken_config_mk,v 1.1 2009/06/21 18:42:15 martynas Exp $
--- security/nss/lib/softoken/config.mk.orig Wed Jun 17 07:22:11 2009
+++ security/nss/lib/softoken/config.mk Sun Jun 21 21:33:37 2009
@@ -60,9 +60,10 @@ RESNAME = $(LIBRARY_NAME).rc
ifdef NS_USE_GCC
$OpenBSD: patch-security_nss_lib_softoken_config_mk,v 1.2 2009/11/27 21:18:52 naddy Exp $
--- security/nss/lib/softoken/config.mk.orig Wed Nov 25 21:52:34 2009
+++ security/nss/lib/softoken/config.mk Wed Nov 25 21:53:44 2009
@@ -56,9 +56,10 @@ ifdef NS_USE_GCC
EXTRA_SHARED_LIBS += \
-L$(DIST)/lib \
-L$(NSSUTIL_LIB_DIR) \
+ -L$(NSPR_LIB_DIR) \
+ -L$(LOCALBASE)/lib \
-lnssutil3 \
@ -13,10 +13,10 @@ $OpenBSD: patch-security_nss_lib_softoken_config_mk,v 1.1 2009/06/21 18:42:15 ma
-lplc4 \
-lplds4 \
-lnspr4 \
@@ -85,9 +86,10 @@ else
# $(EXTRA_SHARED_LIBS) come before $(OS_LIBS), except on AIX.
@@ -82,9 +83,10 @@ else
EXTRA_SHARED_LIBS += \
-L$(DIST)/lib \
-L$(NSSUTIL_LIB_DIR) \
+ -L$(NSPR_LIB_DIR) \
+ -L$(LOCALBASE)/lib \
-lnssutil3 \

3
www/firefox35/pkg/PLIST
View File

@ -1,4 +1,4 @@
@comment $OpenBSD: PLIST,v 1.6 2009/06/21 20:46:38 martynas Exp $
@comment $OpenBSD: PLIST,v 1.7 2009/11/27 21:18:52 naddy Exp $
bin/firefox35
firefox35/
firefox35/LICENSE
@ -339,6 +339,7 @@ firefox35/modules/WindowDraggingUtils.jsm
firefox35/modules/XPCOMUtils.jsm
firefox35/modules/debug.js
firefox35/modules/distribution.js
firefox35/modules/openLocationLastURL.jsm
firefox35/modules/utils.js
@bin firefox35/mozilla-xremote-client
firefox35/platform.ini