head	1.4;
access;
symbols
	pkgsrc-2017Q1:1.3.0.8
	pkgsrc-2017Q1-base:1.3
	pkgsrc-2016Q4:1.3.0.6
	pkgsrc-2016Q4-base:1.3
	pkgsrc-2016Q3:1.3.0.4
	pkgsrc-2016Q3-base:1.3
	pkgsrc-2016Q2:1.3.0.2
	pkgsrc-2016Q2-base:1.3
	pkgsrc-2016Q1:1.2.0.14
	pkgsrc-2016Q1-base:1.2
	pkgsrc-2015Q4:1.2.0.12
	pkgsrc-2015Q4-base:1.2
	pkgsrc-2015Q3:1.2.0.10
	pkgsrc-2015Q3-base:1.2
	pkgsrc-2015Q2:1.2.0.8
	pkgsrc-2015Q2-base:1.2
	pkgsrc-2015Q1:1.2.0.6
	pkgsrc-2015Q1-base:1.2
	pkgsrc-2014Q4:1.2.0.4
	pkgsrc-2014Q4-base:1.2
	pkgsrc-2014Q3:1.2.0.2
	pkgsrc-2014Q3-base:1.2
	pkgsrc-2014Q2:1.1.0.6
	pkgsrc-2014Q2-base:1.1
	pkgsrc-2014Q1:1.1.0.4
	pkgsrc-2014Q1-base:1.1
	pkgsrc-2013Q4:1.1.0.2
	pkgsrc-2013Q4-base:1.1;
locks; strict;
comment	@// @;


1.4
date	2017.04.27.13.32.40;	author ryoon;	state dead;
branches;
next	1.3;
commitid	Dg5r5n5tlHGqXaPz;

1.3
date	2016.04.17.18.33.50;	author ryoon;	state Exp;
branches;
next	1.2;
commitid	IRmqpxXR05Y7G03z;

1.2
date	2014.07.27.20.04.59;	author ryoon;	state Exp;
branches;
next	1.1;
commitid	HLv3K9i3bzvVq3Kx;

1.1
date	2013.11.12.20.50.51;	author ryoon;	state Exp;
branches;
next	;
commitid	StqDqt98qrcNW1dx;


desc
@@


1.4
log
@Update to 52.0.1

Changelog:
52.0.1:
    Fixed

    Clicking on a link in an email may not open this link in the external browser.
    Crash due to incompatibility with McAfee Anti-SPAM add-on. Add-on is blocked in 52.0.1


52.0:
    New

    Folder pane toolbar and folder view selector (replacement for folder view arrows)
    Optionally remove corresponding data files when removing an account from Thunderbird
    Import settings from Becky! Internet Mail
    Possibility to copy message filter
    Dictionary setting is restored when editing a draft. Content-Language header (RFC 3282) transmitted with message
    Calendar: Event can now be created and edited in a tab
    Calendar: Processing of received invitation counter proposals
    Chat: Support Twitter Direct Messages
    Chat: Liking and favoriting in Twitter
    Chat: XMPP: Support SASL SCRAM authentication mechanism
    Chat: Support Jabber/XMPP Message Carbons (XEP-280)

    Changed

    IMPORTANT: The way images are included in a compose window has changed. Images are now included as data URIs and not as references to parts of other messages or operating system files. This allows better interoperability with office packages such as MS Office or LibreOffice. Images linked from locations on the internet will no longer be downloaded and attached to the message automatically. This can be changed for each image individually via the Image Properties dialog or globally by setting the preference mail.compose.attach_http_images.
    Correspondents column now default for all new folders, can be switched off with preference mail.threadpane.use_correspondents
    When replying to a mailing list, reply will be sent to address in From header ignoring Reply-to header
    On Linux PulseAudio is now required to play sound
    Formatting toolbar is now left in place when delivery format is switched to plain text only
    Messages in IMAP folders read on external device are now filtered by default
    Folders backed by mbox storage larger than 4GB are supported without warning (unless preference mailnews.allowMboxOver4GB is set to false)
    IMAP caching now uses Mozilla's latest caching technology
    The keyboard shortcut to insert hyperlinks into a compose window was changed from CTRL+L to CTRL+K to align with Office applications
    Chat: Removed Yahoo! Messenger support (since Yahoo removed support)

    Fixed

    Message preview pane non-functional after IMAP folder was renamed or moved
    Fixed
    Editing in paragraph format: Pressing Shift+Enter sometimes doesn't move the cursor to the next line
    Various corrections when composing messages in paragraph format
    Paste as quotation doesn't always work
    Long lines in plain text replies not properly wrapped
    Undesired white-space before signature in paragraph mode
    When attachment unavailable, compose shows endless "Attaching..." message instead of error
    Text encoding of reply sometimes incorrect (uses encoding of last viewed message)
    Text encoding of message display, reply or forwarded message sometimes incorrect (uses encoding of attachment)
    Delivery Format not preserved for saved drafts (Auto-Detect|Plaintext|HTML|Both)
    Reply to own e-mail does not reply with the correct identity
    IMAP message part caching
    Links with escaped non-ASCII (international) characters can't be clicked
    Calendar: Events specified in timezone "local time" generate alerts in UTC time
    Chat: XMPP Resource collisions
    Various security fixes

Security fixes:
 #CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP
 #CVE-2017-5401: Memory Corruption when handling ErrorResult
 #CVE-2017-5402: Use-after-free working with events in FontFace objects
 #CVE-2017-5403: Use-after-free using addRange to add range to an incorrect root object
 #CVE-2017-5404: Use-after-free working with ranges in selections
 #CVE-2017-5406: Segmentation fault in Skia with canvas operations
 #CVE-2017-5407: Pixel and history stealing via floating-point timing side channel with SVG filters
 #CVE-2017-5410: Memory corruption during JavaScript garbage collection incremental sweeping
 #CVE-2017-5411: Use-after-free in Buffer Storage in libGLES
 #CVE-2017-5408: Cross-origin reading of video captions in violation of CORS
 #CVE-2017-5412: Buffer overflow read in SVG filters
 #CVE-2017-5413: Segmentation fault during bidirectional operations
 #CVE-2017-5414: File picker can choose incorrect default directory
 #CVE-2017-5416: Null dereference crash in HttpChannel
 #CVE-2017-5425: Overly permissive Gecko Media Plugin sandbox regular expression access
 #CVE-2017-5426: Gecko Media Plugin sandbox is not started if seccomp-bpf filter is running
 #CVE-2017-5418: Out of bounds read when parsing HTTP digest authorization responses
 #CVE-2017-5419: Repeated authentication prompts lead to DOS attack
 #CVE-2017-5405: FTP response codes can cause use of uninitialized values for ports
 #CVE-2017-5421: Print preview spoofing
 #CVE-2017-5422: DOS attack by using view-source: protocol repeatedly in one hyperlink
 #CVE-2017-5399: Memory safety bugs fixed in Thunderbird 52
 #CVE-2017-5398: Memory safety bugs fixed in Thunderbird 52 and Thunderbird 45.8
@
text
@$NetBSD: patch-mozilla_js_src_vm_SPSProfiler.cpp,v 1.3 2016/04/17 18:33:50 ryoon Exp $

--- mozilla/js/src/vm/SPSProfiler.cpp.orig	2016-04-07 21:33:28.000000000 +0000
+++ mozilla/js/src/vm/SPSProfiler.cpp
@@@@ -4,6 +4,8 @@@@
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
+#include "jscntxtinlines.h"
+
 #include "vm/SPSProfiler.h"
 
 #include "mozilla/DebugOnly.h"
@


1.3
log
@Update to 45.0

* Regen patch names

Changelog:
    New Add a Correspondents column combining Sender and Recipient
    New Much better support for XMPP chatrooms and commands.
    New Remote content exceptions: Improved options to add exceptions.
    New Implement option to always use HTML formatting to prevent unexpected format loss when converting messages to plain text.
    New Use OpenStreetmap for maps (even allow the user to choose from list of map services)
    New Allow spell checking and dictionary selection in the subject line
    New Add dropdown in compose to allow specific setting of font size.
    New Return/Enter in composer will now insert a new paragraph by default (shift-Enter will insert a line break)
    New Mail.ru supports OAuth authentication.
    New Allow copying of name and email address from the message header of an email
    New Allow editing of From when composing a message.
    Fixed Fixed: When sending e-mail which was composed using Chinese, Japanese or Korean characters, unwanted extra spaces were inserted within the text.
    Fixed Spell checker checked spelling in invisible HTML parts of the message.
    Fixed When saving a draft that is edited as new message, original draft was overwritten.
    Fixed External images not displayed in reply/forward
    Fixed Properly preserve pre-formatted blocks in message replies.
    Fixed Crashed in some cases while parsing IMAP messages.
    Fixed Copy/paste from a plain text editor lost white-space (multiple spaces/blanks, tabs, newlines)
    Fixed "Open Draft"/"Forward"/"Edit As New"/"Reply" created message composition with incorrect character encoding.
    Fixed Fixed: Grouped By view sort direction change was broken, plus enabled custom column grouping.
    Fixed Fixed: New emails into a mailbox did not adhere to sort order by received.
    Fixed Fixed: Box.com attachments failed to upload.
    Fixed Fixed: Drag and drop of multiple attachments failed to OS file folder.
    Fixed XMPP had connection problems for users with large rosters

Security bugs:
Fixed in Thunderbird 45
    2016-37 Font vulnerabilities in the Graphite 2 library
    2016-36 Use-after-free during processing of DER encoded keys in NSS
    2016-35 Buffer overflow during ASN.1 decoding in NSS
    2016-34 Out-of-bounds read in HTML parser following a failed allocation
    2016-27 Use-after-free during XML transformations
    2016-24 Use-after-free in SetBody
    2016-23 Use-after-free in HTML5 string parser
    2016-20 Memory leak in libstagefright when deleting an array during MP4 processing
    2016-19 Linux video memory DOS with Intel drivers
    2016-18 CSP reports fail to strip location information for embedded iframe pages
    2016-17 Local file overwriting and potential privilege escalation through CSP reports
    2016-16 Miscellaneous memory safety hazards (rv:45.0 / rv:38.7)
@
text
@d1 1
a1 1
$NetBSD$
@


1.2
log
@Update to 31.0

* Update enigmail to 1.7

Changelog:
    NEW
    Autocompleting email addresses now matches against any part of the name or email (bug 529584)

    NEW
    Composing a mail to a newsgroup will now autocomplete newsgroup names (bug 61491)

    FIXED
    Insecure NTLM (pre-NTLMv2) authentication disabled (see 828183)

Fixed in Thunderbird 31
MFSA 2014-66 IFRAME sandbox same-origin access through redirect
MFSA 2014-65 Certificate parsing broken by non-standard character encoding
MFSA 2014-64 Crash in Skia library when scaling high quality images
MFSA 2014-63 Use-after-free while when manipulating certificates in the trusted cache
MFSA 2014-62 Exploitable WebGL crash with Cesium JavaScript library
MFSA 2014-61 Use-after-free with FireOnStateChange event
MFSA 2014-59 Use-after-free in DirectWrite font handling
MFSA 2014-58 Use-after-free in Web Audio due to incorrect control message ordering
MFSA 2014-57 Buffer overflow during Web Audio buffering for playback
MFSA 2014-56 Miscellaneous memory safety hazards (rv:31.0 / rv:24.7)
@
text
@d1 1
a1 1
$NetBSD: patch-mozilla_js_src_vm_SPSProfiler.cpp,v 1.1 2013/11/12 20:50:51 ryoon Exp $
d3 1
a3 1
--- mozilla/js/src/vm/SPSProfiler.cpp.orig	2014-07-18 00:05:30.000000000 +0000
@


1.1
log
@Update to 24.1.0

Changelog:
24.1.
    FIXED
    Fixed an issue where signatures were shown in too lighter grey making them difficult to read (bug 917906)
    FIXED
    Fixed an issue where Auto CC for reply might not work if the cc address is the same as the sending address (bug 917231)
    FIXED
    Security fixes can be found here

Fixed in Thunderbird 24.0
MFSA 2013-92 GC hazard with default compartments and frame chain restoration
MFSA 2013-91 User-defined properties on DOM proxies get the wrong "this" object
MFSA 2013-90 Memory corruption involving scrolling
MFSA 2013-89 Buffer overflow with multi-column, lists, and floats
MFSA 2013-88 compartment mismatch re-attaching XBL-backed nodes
MFSA 2013-85 Uninitialized data in IonMonkey
MFSA 2013-83 Mozilla Updater does not lock MAR file after signature verification
MFSA 2013-82 Calling scope for new Javascript objects can lead to memory corruption
MFSA 2013-81 Use-after-free with select element
MFSA 2013-80 NativeKey continues handling key messages after widget is destroyed
MFSA 2013-79 Use-after-free in Animation Manager during stylesheet cloning
MFSA 2013-77 Improper state in HTML5 Tree Builder with templates
MFSA 2013-76 Miscellaneous memory safety hazards (rv:24.0 / rv:17.0.9)


24.0
    NEW
    Message threads can now be ignored or watched
    NEW
    Emails can now be sent to IDN based email addresses
    NEW
    Zoom functionality is now available in the compose window
    CHANGED
    In the Compose window, ctrl/cmd + and ctrl/cmd - now change the zoom setting rather than the font size
    CHANGED
    In Twitter, replying to a tweet now replies to all users, just like on the Twitter website
    FIXED
    Interactions in the filter list dialogs have been improved
    FIXED
    In Chat user nicknames are now highlighted when mentioned
    FIXED
    In IRC, long messages will now be sent in multiple parts instead of being cut off
    FIXED
    Various security fixes

Fixed in Thunderbird 24.1
MFSA 2013-102 Use-after-free in HTML document templates
MFSA 2013-101 Memory corruption in workers
MFSA 2013-100 Miscellaneous use-after-free issues found through ASAN fuzzing
MFSA 2013-98 Use-after-free when updating offline cache
MFSA 2013-97 Writing to cycle collected object during image decoding
MFSA 2013-96 Improperly initialized memory and overflows in some JavaScript functions
MFSA 2013-95 Access violation with XSLT and uninitialized data
MFSA 2013-94 Spoofing addressbar though SELECT element
MFSA 2013-93 Miscellaneous memory safety hazards (rv:25.0 / rv:24.1 / rv:17.0.10)
@
text
@d1 1
a1 1
$NetBSD$
d3 1
a3 1
--- mozilla/js/src/vm/SPSProfiler.cpp.orig	2013-10-23 22:09:05.000000000 +0000
d5 3
a7 1
@@@@ -8,6 +8,7 @@@@
a8 2
 #include "jsnum.h"
 #include "jsscript.h"
d10 2
d13 1
a13 2
 #include "vm/SPSProfiler.h"
 #include "vm/StringBuffer.h"
@