sqlite database. Allows us to build against system sqlite3 again, and
get rid of the infamous symbol size mismatch warning reported several
times on ports@.
See https://bugzilla.mozilla.org/show_bug.cgi?id=445164 for why mozilla
now hard-requires secure_delete, and
https://bugzilla.mozilla.org/show_bug.cgi?id=546162 for the reasons they
don't want to make that an option and forces us to do such hacks.
ok jasper@
that when they are dlopen()'ed they can tell ld.so where to go hunt for
the other mozilla libs they depend on.
Similar fix as done in xulrunner 1.8 patch-config_rules_mk 2 years ago
by martynas@, needed to convert py-gnome-extras to xulrunner 1.9.
No fallout on firefox.
http://www.mozilla.org/security/known-vulnerabilities/firefox36.html
The new plugin sandboxing code is disabled because :
- it only supports binary blobs plugins we don't have
- it is an horrible maze of #ifdef linux-apple-win32 coming straight
from an old version of chromium. Future versions should have better BSD
support..
tested by several on ports@, thanks!
corresponding libs from SHARED_LIBS/PLIST. Bump minor and PKGNAME.
Bring in a pair of patches from xulrunner, and add a DIRECTORY variable
as done in xulrunner that is subst'ed in config/autoconf.mk.in.
sthen@ likes.
- use SUBST_CMD instead of perl -pi -e
- use ${LOCALBASE}/${TRUEPREFIX}/${X11BASE} instead of the handpatched
_XXX_ ones
- harmonize default systemwide plugins/extensions search path to
lib/mozilla/{plugins,extensions} as done in other mozilla ports
it breaks loading png icons through gdk_pixbuf_new_from_file as gtk is
linked with systemwide png. This went unnoticed so far as firefox always
shipped a fallback xpm icon, but this is not the case anymore, so now
gtk_window_set_icon_list() is not called anymore, and the window manager
shows the default icon for firefox windows in taskbar/tasklists..
So add graphics/netpbm as a build dependency, do the necessary netpbm
magic in do-install to create the default.xpm from mozicon128.png, and
patch widget/src/gtk2/nsWindow.cpp to not try to load png icons.
While here fix icon path in desktop file, and add a comment about why we
don't use systemwide png.
www/firefox36 mostly by martynas@ and naddy@.
Note that the java plugin from devel/jdk currently doesn't work with this
version of firefox, in the meantime users really needed it will have to
use www/firefox35.
ok naddy@
MFSA 2010-20 Chrome privilege escalation via forced URL drag and drop
MFSA 2010-19 Dangling pointer vulnerability in nsPluginArray
MFSA 2010-18 Dangling pointer vulnerability in nsTreeContentView
MFSA 2010-17 Remote code execution with use-after-free in nsTreeSelection
MFSA 2010-16 Crashes with evidence of memory corruption
been tested good enough, and i've fixed all the issues i'm aware
of. furthermore 2.0 branch has basically reached eol, since there
will be only one minor update (2.0.0.19)
discussed with kurt@, naddy@ and porters
pkgname change handling help naddy@
ok naddy@
Fixes multiple vulnerabilities:
CVE-2008-0412
CVE-2008-0413
CVE-2008-0414
CVE-2008-0415
CVE-2008-0419
CVE-2008-0591
CVE-2008-0593
More infos:
http://secunia.com/advisories/28758/
Tested by some people on ports@. Thanks!
ok martynas@, laurent@, steven@
upgraded and didn't use mergemaster;
- remove lines, related to debug build and fd in README.OpenBSD;
help from sturm@, kurt@, espie@, naddy@
ok kurt@, sturm@
therefore bump the PKGNAME to p0 now;
- enable official branding by default
- fix some WANTLIB markers
work done by Martynas Venckus; thanks.
tested by many many people; ok pvalchev@
