Commit Graph

70 Commits

Author SHA1 Message Date
landry
837808d82d Update to firefox35 3.5.19.
Fixes MFSA 2011-12,13,14,15,16 & 18.
2011-04-29 08:02:16 +00:00
landry
360aefae1c Let's use a common DIST_SUBDIR for all mozilla ports so that it's easier
to clean the gigabytes of src tarballs previously piling up in distfiles/.
Update distinfo accordingly.
Looks sane to jasper@.
2011-04-28 20:44:47 +00:00
landry
d2264d1d39 Assorted fixes for:
https://bugzilla.mozilla.org/show_bug.cgi?id=643137 (crash on sparc64
when displaying opentypes fonts, fix from tobias ulmer)
https://bugzilla.mozilla.org/show_bug.cgi?id=644012 (crash on ssl certs
with empty issuer name, pointed our by roberth at openbsd dot pap dot st
and mikolaj kucharski)
2011-03-24 11:41:11 +00:00
landry
0f945ed99c Updates to firefox35 3.5.18, mozilla-firefox 3.6.16 & seamonkey 2.0.3.
All fixing MFSA-2011-11, see
http://blog.mozilla.com/security/2011/03/22/firefox-blocking-fraudulent-certificates/ and
https://blog.torproject.org/blog/detecting-certificate-authority-compromises-and-web-browser-collusion
2011-03-23 15:27:04 +00:00
landry
6bdb4d0a62 Remove the .if for system sqlite, now every port using mozilla MODULE
uses it. Bump dependency to 3.7.5 to ensure it has unlock_notify for
ffx4, and bump all corresponding REVISIONs.
2011-03-22 13:18:26 +00:00
landry
d4c868a945 Update to firefox35 3.5.17. 2011-03-02 14:41:09 +00:00
landry
1c74338058 Fix an unaligned access on sparc64 leading to random crashes when
mozilla tries to read a malformed ICC profile on random image content
found on the web.
backport of http://hg.mozilla.org/mozilla-central/rev/e8207773d54d
ref: https://bugzilla.mozilla.org/show_bug.cgi?id=629057
issue reported and fix found by naddy@
ok naddy@ ajacoutot@
2011-01-28 21:38:12 +00:00
landry
109b199a68 mozilla.port.mk makes all mozilla ports use the sydney_audio_sndio.c
file from www/mozilla-firefox, so remove old instances of that file that
weren't updated with last commits (and were unused anyway)
While here bump all REVISIONs after LIB_DEPENDS change.
ok naddy@
2011-01-18 12:37:44 +00:00
landry
f325f438b2 Add same PRAGMA secure_delete patch to seamonkey and ffx35 for the sake
of consistency, and build against systemwide sqlite.
2011-01-14 22:56:11 +00:00
dcoppa
729f3f4f79 Apply the cups fix to the rest of Mozilla apps (mozilla-thunderbird,
sunbird, firefox35, seamonkey).

Ok & tested by landry@
2011-01-05 08:22:30 +00:00
landry
f6b71b0013 Update to firefox35 3.5.16.
Fixes MFSA 2010-74->84.
http://www.mozilla.org/security/known-vulnerabilities/firefox35.html
2010-12-10 10:36:00 +00:00
dcoppa
927ee14bcd Fix Kerberos/GSSAPI authentication within mozilla ports.
OpenBSD does not have gssapi_krb5. So, to avoid undefined symbol
errors, link libxul with "-lkrb5 -lcrypto".

OK phessler@, landry@ (MAINTAINER)
2010-12-01 15:00:12 +00:00
espie
e50b98837f new depends 2010-11-22 08:36:47 +00:00
jasper
3c57f070a4 - switch to pkg-readmes
ok landry@ (MAINTAINER)
2010-11-11 09:30:36 +00:00
landry
ead2a86ff0 Security update to firefox35 3.5.15.
Fixes MFSA2010-73/CVE-2010-3765/bz #607222.
2010-10-28 12:03:27 +00:00
landry
4ea899788a Do the PFRAG.debug dance so that it produces a working debug-enabled
package. Teach users how to properly report bugs, and add a
run-mozilla.sh patch so that it finds our gdb. While here remove
updates/ subdir at uninstall time, otherwise it stays..
2010-10-27 12:59:29 +00:00
landry
ff26d0a277 Oops. remove debug FLAVOR here, it's now in mozilla.port.mk 2010-10-27 08:14:17 +00:00
ajacoutot
ff07e285bc Remove USE_X11. 2010-10-24 20:58:58 +00:00
landry
d10d8b1140 Update to firefox35 3.5.14 2010-10-22 19:23:13 +00:00
landry
086ac6a802 Fix WANTLIB again after cairo's last commit where X11-xcb went away.
Bump REVISIONs.
2010-10-18 07:15:55 +00:00
landry
a43f6a6caa Whoops, forgot to bump that one too, reported by naddy@. 2010-10-16 14:47:29 +00:00
jasper
9d399d1959 - fix WANTLIB after cairo update.
(please note chromium is still broken, but will be dealt with soon)
2010-10-11 08:19:03 +00:00
landry
5e4eed70e3 Bugfix update to firefox 3.5.13. 2010-09-19 19:20:03 +00:00
landry
5f8a1719d1 Update firefox35 port to 3.5.12, fixing a whole bunch of MFSA (2010-49->63) 2010-09-12 17:55:30 +00:00
fgsch
8a55e4d3bd Bump for python. These are the last bits. 2010-08-30 23:50:44 +00:00
landry
61b81486f8 Update to firefox35 3.5.11, fixes MFSA 2010-{34..47}
Convert port to use mozilla MODULE, which gains us --enable-libxul, so
way less libs are installed. Bring patches/files inline with other
mozilla ports. java plugin still works.
ok/testing sthen@ naddy@
2010-08-02 16:05:37 +00:00
landry
b29887170c Maintenance update to firefox35-3.5.10, Fixes yet another bunch of MFSA,
http://www.mozilla.org/security/known-vulnerabilities/firefox35.html

While here, make it build against systemwide nss/nspr, as others do, and
remove corresponding patches for local copy of nss/nspr. Use newer
${SUBST_CMD} semantics to prettify do-install: target.
2010-06-28 21:32:04 +00:00
espie
8666776b2e gcc3 and gcc4 disagree, so put a common cast to make them compile.
(also compile some file with -O1 in moz)
2010-05-10 12:36:09 +00:00
landry
b524d07986 Various cleanups :
- use SUBST_CMD instead of perl -pi -e
- use ${LOCALBASE}/${TRUEPREFIX}/${X11BASE} instead of the handpatched
  _XXX_ ones
- harmonize default systemwide plugins/extensions search path to
  lib/mozilla/{plugins,extensions} as done in other mozilla ports, but
keep lib/mozilla-plugins added to MOZ_PLUGIN_PATH atm.
2010-04-28 06:50:23 +00:00
naddy
939a18fbbc SECURITY update to 3.5.9:
MFSA 2010-24  XMLDocument::load() doesn't check nsIContentPolicy
MFSA 2010-23 Image src redirect to mailto: URL opens email editor
MFSA 2010-22 Update NSS to support TLS renegotiation indication
MFSA 2010-20 Chrome privilege escalation via forced URL drag and drop
MFSA 2010-19 Dangling pointer vulnerability in nsPluginArray
MFSA 2010-18 Dangling pointer vulnerability in nsTreeContentView
MFSA 2010-17 Remote code execution with use-after-free in nsTreeSelection
MFSA 2010-16 Crashes with evidence of memory corruption
2010-03-31 15:56:44 +00:00
landry
0e2574af7a Fix SIGBUS on sparc64 : https://bugzilla.mozilla.org/show_bug.cgi?id=514645
hints from martin@netbsd, many thanks!
ok naddy@
2010-03-25 16:34:09 +00:00
sthen
f13bb86663 SECURITY update to Firefox 3.5.8. Same diff from naddy@ and Daniel Dickman.
Update sqlite dependency while there.

ok naddy@
(reminder, ports is not fully open, do not commit without specific permission)
2010-02-24 16:59:49 +00:00
naddy
29007885ca minor reliability update to 3.5.7 2010-01-05 21:26:40 +00:00
steven
a68eb4c3e0 fix README.OpenBSD path in message
noticed by Kent R. Spillner
2009-12-26 20:56:24 +00:00
sthen
9998ef502d Use @unexec-delete instead of @unexec for the *-update-* goos.
prodded by espie@
discussed with espie@ ajacoutot@ landry@
2009-12-22 13:02:11 +00:00
naddy
8ee6746f58 SECURITY update to 3.5.6. Fixes:
MFSA 2009-71 GeckoActiveXObject exception messages can be used to enumerate installed COM objects
MFSA 2009-70 Privilege escalation via chrome window.opener
MFSA 2009-69 Location bar spoofing vulnerabilities
MFSA 2009-68 NTLM reflection vulnerability
MFSA 2009-67 Integer overflow, crash in libtheora video library
MFSA 2009-66 Memory safety fixes in liboggplay media library
MFSA 2009-65 Crashes with evidence of memory corruption
2009-12-20 20:11:37 +00:00
naddy
ae373b07bf SECURITY update to 3.5.5. For the list of horrors, see
http://www.mozilla.org/security/known-vulnerabilities/firefox35.html
2009-11-27 21:18:52 +00:00
ajacoutot
6815706205 Firefox and Seamonkey bundle their own libnss3, so use same workaround
as for security/nss:
SHA1_Update conflicts with openssl which may be dynamically loaded
at runtime via libcups or libgssapi so causing a crash due to using
the wrong binding.  So rename here to avoid conflict.

ok jasper@ sthen@
2009-11-17 23:07:45 +00:00
martynas
84856b7c61 - create downloads dir with mode 0700 instead
- pass --disable-crashreporter
2009-09-18 20:35:27 +00:00
martynas
1e56ae8a3c security update to firefox35-3.5.3. MFSA 2009-51, MFSA 2009-50,
MFSA 2009-49, MFSA 2009-47.
http://www.mozilla.org/security/known-vulnerabilities/firefox35.html#firefox3.5.3
2009-09-10 22:18:59 +00:00
kili
8fc6287292 WANTLIB changes after xcb addition and bump. 2009-08-10 06:29:51 +00:00
martynas
4b8293aba5 on pthread_create failure, don't forget to unset & close handle 2009-08-03 22:15:51 +00:00
martynas
c815b2d914 security update to firefox35-3.5.2. 2009-08-03 21:27:00 +00:00
martynas
71ce12c718 put more work into sydney audio after the report from naddy@.
- fix some hella lame bugs inherited from sun, and clean up
- despite what the big clever comment says, callback thread will
be started twice if buffering is slow enough and will screw up
playback;  guard it
- supports s16 big endian as well
- audio_callback is void
- dont print stuff to stdout/stderr in the backend
- appropriately set writing buffer
- be more careful with lists in the audio callback
- create worker thread little bit earlier
- things i've forgotten to summarize
should fix stuttering videos & out-of-sync audio in weird cases.
2009-07-23 19:04:42 +00:00
martynas
30fec63c43 clean up dlsym nonsense; sndio will always be present for sydney
backend anyway
2009-07-23 17:17:41 +00:00
martynas
4578e9080a do not even try to let configure.in pick up nanojit on sparc64.
sparc* also matches sparc64;  however, native asm code is missing
for jit on sparc64, and jit is not ready for 64-bit in general (yet).
should fix sparc64.  reported by matthieu@.
2009-07-21 19:53:17 +00:00
martynas
f2426580b9 give it a chance to recongize some external libs. 2009-07-21 19:43:04 +00:00
martynas
24951976c2 implement sydney sndio backend. bump minor;
this was the last step of getting videos working alright.
problem reported by naddy@.
2009-07-21 12:12:37 +00:00
martynas
f9fb5e0574 - fix endianness checks
- dont use shared sems
2009-07-21 11:58:54 +00:00
martynas
17e560f7ba - mman needs types
- enable jit.  currently on i386, arm, sparc
tested by naddy@
javascript performance more than 2x faster, according to sunspider
benchmark
2009-07-20 23:41:34 +00:00