openbsd-ports

Author	SHA1	Message	Date
landry	89388e6bed	Security update to mozilla-firefox 3.6.12. Fixes MFSA2010-73/CVE-2010-3765/bz #607222.	2010-10-28 12:04:00 +00:00
landry	ddce2813d1	Update to mozilla-firefox 3.6.11, tested by various on ports@ (thanks!) Fixes (valid for other moz updates): MFSA 2010-72 Insecure Diffie-Hellman key exchange MFSA 2010-71 Unsafe library loading vulnerabilities MFSA 2010-70 SSL wildcard certificate matching IP addresses MFSA 2010-69 Cross-site information disclosure via modal calls MFSA 2010-68 XSS in gopher parser when parsing hrefs MFSA 2010-67 Dangling pointer vulnerability in LookupGetterOrSetter MFSA 2010-66 Use-after-free error in nsBarProp MFSA 2010-65 Buffer overflow and memory corruption using document.write MFSA 2010-64 Miscellaneous memory safety hazards	2010-10-22 19:19:17 +00:00
landry	e954fd7c50	Bugfix update to mozilla-firefox 3.6.10	2010-09-19 19:19:05 +00:00
landry	5f8a1719d1	Update firefox35 port to 3.5.12, fixing a whole bunch of MFSA (2010-49->63)	2010-09-12 17:55:30 +00:00
landry	eeb42780af	Moore's law reloaded: When you commit a firefox update, a new bugfix release will be out within 24h. Doh! So here comes 3.6.8, fixing MFSA-2010-48/critical bug 575836 Reminded by naddy@/dhill@/Patrick Keshishian Proactive ok naddy@	2010-07-25 21:18:34 +00:00
landry	6ac6c16143	Security/Reliability update to firefox 3.6.7, fixes MFSA-2010-34 -> 47 http://www.mozilla.org/security/known-vulnerabilities/firefox36.html ok naddy@	2010-07-22 21:42:13 +00:00
landry	4d98df5567	Update to mozilla-firefox 3.6.6. Fixes a bunch of MFSA, see http://www.mozilla.org/security/known-vulnerabilities/firefox36.html The new plugin sandboxing code is disabled because : - it only supports binary blobs plugins we don't have - it is an horrible maze of #ifdef linux-apple-win32 coming straight from an old version of chromium. Future versions should have better BSD support.. tested by several on ports@, thanks!	2010-06-28 21:24:22 +00:00
landry	ad076fd40f	Update www/mozilla-firefox from 3.0.19 to 3.6.3, merging the wip done in www/firefox36 mostly by martynas@ and naddy@. Note that the java plugin from devel/jdk currently doesn't work with this version of firefox, in the meantime users really needed it will have to use www/firefox35. ok naddy@	2010-04-26 19:55:58 +00:00
naddy	846bed1120	SECURITY update to 3.0.19: MFSA 2010-20 Chrome privilege escalation via forced URL drag and drop MFSA 2010-19 Dangling pointer vulnerability in nsPluginArray MFSA 2010-18 Dangling pointer vulnerability in nsTreeContentView MFSA 2010-17 Remote code execution with use-after-free in nsTreeSelection MFSA 2010-16 Crashes with evidence of memory corruption	2010-03-31 15:46:12 +00:00
naddy	2c0af6bc4f	SECURITY update to 3.0.18: MFSA 2010-05 XSS hazard using SVG document and binary Content-Type MFSA 2010-04 XSS due to window.dialogArguments being readable cross-domain MFSA 2010-03 Use-after-free crash in HTML parser MFSA 2010-01 Crashes with evidence of memory corruption Also fix some corrupted $OpenBSD keywords, pointed out by sthen@ ok sthen@	2010-02-24 18:17:23 +00:00
naddy	7ef0c5c7ee	minor reliability update to 3.0.17	2010-01-06 14:37:35 +00:00
naddy	9d0588f952	SECURITY update to 3.0.16: MFSA 2009-71 GeckoActiveXObject exception messages can be used to enumerate installed COM objects MFSA 2009-70 Privilege escalation via chrome window.opener MFSA 2009-69 Location bar spoofing vulnerabilities MFSA 2009-68 NTLM reflection vulnerability MFSA 2009-65 Crashes with evidence of memory corruption	2009-12-17 22:08:13 +00:00
naddy	2ef69bc65e	SECURITY update to 3.0.15. For the list of horrors, see http://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.15	2009-11-27 21:15:51 +00:00
martynas	67f1ca01e0	security update to mozilla-firefox-3.0.14. MFSA 2009-51, MFSA 2009-50, MFSA 2009-49, MFSA 2009-48, MFSA 2009-47 http://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.14	2009-09-10 21:28:25 +00:00
martynas	261715b957	security update to mozilla-firefox-3.0.13	2009-08-03 21:53:33 +00:00
martynas	0c7ae6d7c7	security update to mozilla-firefox-3.0.12	2009-07-21 19:25:49 +00:00
martynas	f6879d3eef	mozilla-firefox-3.0.11	2009-06-11 14:10:37 +00:00
martynas	ffd91fa3b4	security update to mozilla-firefox-3.0.10. from robert at openbsd.pap.st MFSA 2009-23 Crash in nsTextFrame::ClearTextRun() http://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.10 ok kurt@, naddy@	2009-04-28 21:50:16 +00:00
martynas	c3a6bd83c4	security update to mozilla-firefox-3.0.9. MFSA 2009-22, MFSA 2009-21, MFSA 2009-20, MFSA 2009-19, MFSA 2009-18, MFSA 2009-17, MFSA 2009-16, MFSA 2009-15, MFSA 2009-14: "go ahead" naddy@	2009-04-22 21:59:31 +00:00
martynas	352d6bb69f	mozilla-firefox-3.0.8: forced release after security bugs got attention MFSA 2009-12 Mozilla Firefox XSL Parsing 'root' XML Tag Remote Memory Corruption Vulnerability * http://www.securityfocus.com/bid/34235/exploit * https://bugzilla.mozilla.org/show_bug.cgi?id=485217 * CVE-2009-1169 MFSA 2009-12 covers the Pwn2Own bug, which is a crash involving the XUL <tree> widget. * https://bugzilla.mozilla.org/show_bug.cgi?id=484320 * CVE-2009-1044 ok naddy@	2009-03-28 15:59:04 +00:00
martynas	5580d8dca2	security update to mozilla-firefox-3.0.7. MFSA 2009-11, MFSA 2009-10, MFSA 2009-09, MFSA 2009-08, MFSA 2009-07. http://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.7 includes security update to the png library ok naddy@	2009-03-05 23:42:20 +00:00
martynas	d762abf08b	security/stability update to mozilla-firefox-3.0.6. MFSA 2009-06; MFSA 2009-05; MFSA 2009-04; MFSA 2009-03; MFSA 2009-02; MFSA 2009-01 http://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.6 ok naddy@	2009-02-04 21:08:15 +00:00
martynas	6dfe2634be	security update to mozilla-firefox-3.0.5. MFSA 2008-69; MFSA 2008-68; MFSA 2008-67; MFSA 2008-66; MFSA 2008-65; MFSA 2008-64; MFSA 2008-63; MFSA 2008-60. tested by sthen@ and naddy@. ok naddy@	2008-12-18 19:27:13 +00:00
martynas	9944b0d1c5	it is the right time to update to mozilla-firefox-3.0.4, which has been tested good enough, and i've fixed all the issues i'm aware of. furthermore 2.0 branch has basically reached eol, since there will be only one minor update (2.0.0.19) discussed with kurt@, naddy@ and porters pkgname change handling help naddy@ ok naddy@	2008-11-20 23:41:32 +00:00
martynas	c5067e1a5b	security update to mozilla-firefox-2.0.0.18. MFSA 2008-58; MFSA 2008-57; MFSA 2008-56; MFSA 2008-55; MFSA 2008-54; MFSA 2008-53; MFSA 2008-52; MFSA 2008-50; MFSA 2008-49; MFSA 2008-48; MFSA 2008-47. http://www.mozilla.org/security/known-vulnerabilities/firefox20.html#firefox2.0.0.18 ok naddy@	2008-11-13 16:57:14 +00:00
martynas	20b073c42f	security update to mozilla-firefox-2.0.0.17. MFSA 2008-45, MFSA 2008-44, MFSA 2008-43, MFSA 2008-42, MFSA 2008-41, MFSA 2008-40, MFSA 2008-39, MFSA 2008-38, MFSA 2008-37 http://www.mozilla.org/security/known-vulnerabilities/firefox20.html#firefox2.0.0.17 ok naddy@. looks good to kurt@	2008-09-24 19:23:25 +00:00
martynas	22f1813fee	security update to mozilla-firefox-2.0.0.16. MFSA 2008-35, MFSA 2008-34 ok kurt@, naddy@, bernd@	2008-07-17 16:47:39 +00:00
martynas	9a3396b096	security update to mozilla-firefox-2.0.0.15, fixes MFSA 2008-33, MFSA 2008-32, MFSA 2008-31, MFSA 2008-30, MFSA 2008-29, MFSA 2008-28, MFSA 2008-27, MFSA 2008-25, MFSA 2008-24, MFSA 2008-23, MFSA 2008-22, MFSA 2008-21 http://www.mozilla.org/projects/security/known-vulnerabilities.html#Firefox2.0.0.15 ok kurt@, naddy@	2008-07-04 13:47:25 +00:00
martynas	b8a903ea58	security update to mozilla-firefox-2.0.0.14; MFSA 2008-20 ok kurt@, naddy@	2008-04-18 15:17:17 +00:00
jasper	8d27fc2715	SECURITY UPDATE to mozilla-firefox 2.0.0.13 fixes multiple vulnerabilities: http://secunia.com/advisories/29526/ ok landry@ martynas@	2008-03-27 21:51:35 +00:00
bernd	1d00ee6e88	Security update to mozilla-firefox-2.0.0.12. Fixes multiple vulnerabilities: CVE-2008-0412 CVE-2008-0413 CVE-2008-0414 CVE-2008-0415 CVE-2008-0419 CVE-2008-0591 CVE-2008-0593 More infos: http://secunia.com/advisories/28758/ Tested by some people on ports@. Thanks! ok martynas@, laurent@, steven@	2008-02-11 18:13:44 +00:00
martynas	0f165eda60	- security update to mozilla-firefox-2.0.0.10: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.10 - fix canvas.drawImage regression. ok kurt@, kili@	2007-11-28 20:22:25 +00:00
martynas	c3055b17e9	update to 2.0.0.9, a regression fix release: http://developer.mozilla.org/devnews/index.php/2007/10/22/firefox-2008-update-to-be-updated/ ok kurt@, naddy@	2007-11-08 16:07:42 +00:00
martynas	dd58cf6c31	security update to mozilla-firefox-2.0.0.8: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.8 ok kurt@, naddy@	2007-10-23 20:13:26 +00:00
martynas	0946c23a6f	update to 2.0.0.7; fixes MFSA 2007-28: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.7 ok kurt@; naddy@. similar diff from bernd@	2007-09-20 16:28:28 +00:00
martynas	e65c158c58	security update to 2.0.0.6: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.6 the diff matches with naddy@'s, ok kurt@	2007-08-02 13:09:41 +00:00
naddy	a1723b4fa7	SECURITY update to 2.0.0.5. Fixes a rash of security vulnerabilities and bugs. ok kurt@	2007-07-24 19:32:13 +00:00
martynas	819930f960	security update to mozilla-firefox-2.0.0.4 http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.4 - WANTLIB for xenocara; - use the combination of find(1) and install(1) to install the {DATA,DIST}FILES, as suggested by kurt@; - remove the two patches that are already upstream; - fmt; ok kurt@, naddy@	2007-06-01 08:03:42 +00:00
espie	d4ebcd974d	more base64 checksums	2007-04-05 17:26:05 +00:00
martynas	076c6a6f95	- update to 2.0.0.3; - don't force -Os; ok naddy@, kurt@	2007-03-27 16:04:37 +00:00
robert	d3d161c7d9	- update to version 2.0.0.2 and apply several security fixes, therefore bump the PKGNAME to p0 now; - enable official branding by default - fix some WANTLIB markers work done by Martynas Venckus; thanks. tested by many many people; ok pvalchev@	2007-03-01 22:46:06 +00:00
naddy	6f3f4607cc	add man page; from Martynas Venckus <martynas@altroot.org>, ok kurt@	2007-02-14 22:44:32 +00:00
kurt	c07becdd02	- update to 2.0.0.1 from Martynas Venckus <martynas at altroot.org> - add a -devel sub-package for vlc plugin input and testing from many - thanks! okay naddy@ pvalchev@	2007-01-12 21:46:17 +00:00
bernd	fa5982a5ac	Security update to firefox 1.5.0.9. More info: http://www.mozilla.org/projects/security/known-vulnerabilities.html#Firefox ok steven@	2006-12-21 09:53:43 +00:00
wilfried	f6e93594db	SECURITY update to 1.5.0.8 see http://www.mozilla.org/projects/security/known-vulnerabilities.html for details	2006-11-10 14:15:49 +00:00
steven	4b337b355c	SECURITY update to firefox 1.5.0.7 see http://www.mozilla.org/projects/security/known-vulnerabilities.html for details ok bernd@	2006-09-17 21:02:58 +00:00
bernd	1498df97f8	Security update to mozilla-firefox-1.5.0.5. This update fixes multiple security vulnerabilities. For detailed information see: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox1.5.0.5 ok steven@	2006-07-31 09:32:19 +00:00
bernd	682eb24b83	Security update to mozilla-firefox-1.5.0.4. Fixes multiple security vulnerabilities. For detailed information see: http://secunia.com/advisories/20376/ http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox1.5.0.4 ok steven@	2006-06-05 09:30:06 +00:00
bernd	3bbe03aff4	Update to 1.5.0.3. Security fixes inside... More info: CVE-2006-1993 http://secunia.com/advisories/19802/ tested by many "go ahead" jolan@	2006-05-05 10:14:21 +00:00
wilfried	2431442cac	update to 1.5.0.2 fixes multiple critical vulnerabilities	2006-04-18 10:37:32 +00:00

1 2

61 Commits