head 1.11; access; symbols pkgsrc-2015Q3:1.10.0.4 pkgsrc-2015Q3-base:1.10 pkgsrc-2015Q2:1.10.0.2 pkgsrc-2015Q2-base:1.10 pkgsrc-2015Q1:1.8.0.2 pkgsrc-2015Q1-base:1.8 pkgsrc-2014Q4:1.4.0.8 pkgsrc-2014Q4-base:1.4 pkgsrc-2014Q3:1.4.0.6 pkgsrc-2014Q3-base:1.4 pkgsrc-2014Q2:1.4.0.4 pkgsrc-2014Q2-base:1.4 pkgsrc-2014Q1:1.4.0.2 pkgsrc-2014Q1-base:1.4 pkgsrc-2013Q4:1.1.0.4 pkgsrc-2013Q4-base:1.1 pkgsrc-2013Q3:1.1.0.2 pkgsrc-2013Q3-base:1.1; locks; strict; comment @// @; 1.11 date 2015.12.16.09.34.56; author ryoon; state dead; branches; next 1.10; commitid aMgpAzrWlYumE9Ny; 1.10 date 2015.05.12.22.48.54; author ryoon; state Exp; branches; next 1.9; commitid NJZg0HQjg2n73dly; 1.9 date 2015.04.05.12.54.11; author ryoon; state Exp; branches; next 1.8; commitid K8Tn7QcmAk8VWogy; 1.8 date 2015.02.28.04.30.55; author ryoon; state Exp; branches; next 1.7; commitid Y4EEeVfm51r1kJby; 1.7 date 2015.01.30.15.19.59; author ryoon; state Exp; branches; next 1.6; commitid FpjqL3sUP16oQ38y; 1.6 date 2015.01.30.07.32.24; author pho; state Exp; branches; next 1.5; commitid yHqPF30VdLz6g18y; 1.5 date 2015.01.16.22.42.09; author ryoon; state Exp; branches; next 1.4; commitid 4cICGew1Cni4Ki6y; 1.4 date 2014.02.21.16.17.47; author ryoon; state Exp; branches; next 1.3; commitid IaZhHG3VdkSRbZpx; 1.3 date 2014.02.20.13.19.03; author ryoon; state Exp; branches; next 1.2; commitid T9GvdtUIEdEreQpx; 1.2 date 2014.02.08.09.36.00; author ryoon; state Exp; branches; next 1.1; commitid ggxuC0XAcatWnhox; 1.1 date 2013.09.19.12.37.49; author ryoon; state Exp; branches; next ; commitid hXNFeA0U06W4X26x; desc @@ 1.11 log @Update to 43.0 Changelog: New Private Browsing with Tracking Protection offers choice of blocking additional trackers New Improved API support for m4v video playback New Firefox 64-bit for Windows is now available via the Firefox download page New Users can choose search suggestions from the Awesome Bar New On-screen keyboard displayed on selecting input field on devices running Windows 8 or greater New Firefox Health Report has switched to use the same data collection mechanism as telemetry Developer Markup view shows indicators for pseudo-classes locked for elements Developer Bind F1 key to open the settings when the toolbox is focused Developer New 'Use in Console' context menu item in Inspector to store selected element in a temporary variable Developer Search button next to overridden CSS properties to find similar properties in the rules view Developer Ability to filter styles from their property names in the rules view Developer Stack traces are now shown for exceptions inside the console Developer Added ability to display server-side logs in the console Developer Ability to choose resolution for the GCLI screenshot command Developer Subresource integrity allows developers to make their sites more secure Developer Network requests in Console now link to Network panel instead of opening in a popup Developer Unprefixed 'hyphens' property is now supported Developer WebIDE now has a sidebar-based UI Developer The 'transform-origin' property is now supported on SVG elements Developer Animation inspector now displays animations in a timeline Developer Single-process mode is no longer supported for NPAPI plugins Fixed Eyedropper tool does not work as expected when page is zoomed Fixed Various security fixes Fixed in Firefox 43 2015-149 Cross-site reading attack through data and view-source URIs 2015-148 Privilege escalation vulnerabilities in WebExtension APIs 2015-147 Integer underflow and buffer overflow processing MP4 metadata in libstagefright 2015-146 Integer overflow in MP4 playback in 64-bit versions 2015-145 Underflow through code inspection 2015-144 Buffer overflows found through code inspection 2015-143 Linux file chooser crashes on malformed images due to flaws in Jasper library 2015-142 DOS due to malformed frames in HTTP/2 2015-141 Hash in data URI is incorrectly parsed 2015-140 Cross-origin information leak through web workers error events 2015-139 Integer overflow allocating extremely large textures 2015-138 Use-after-free in WebRTC when datachannel is used after being destroyed 2015-137 Firefox allows for control characters to be set in cookies 2015-136 Same-origin policy violation using perfomance.getEntries and history navigation 2015-135 Crash with JavaScript variable assignment with unboxed objects 2015-134 Miscellaneous memory safety hazards (rv:43.0 / rv:38.5) @ text @$NetBSD: patch-extensions_spellcheck_hunspell_src_mozHunspell.cpp,v 1.10 2015/05/12 22:48:54 ryoon Exp $ Load system hunspell dictionaries. --- extensions/spellcheck/hunspell/src/mozHunspell.cpp.orig 2015-05-04 00:43:34.000000000 +0000 +++ extensions/spellcheck/hunspell/src/mozHunspell.cpp @@@@ -400,6 +400,14 @@@@ mozHunspell::LoadDictionaryList(bool aNo } } + // load system hunspell dictionaries + nsCOMPtr hunDir; + NS_NewNativeLocalFile(NS_LITERAL_CSTRING("@@PREFIX@@/share/hunspell"), + true, getter_AddRefs(hunDir)); + if (hunDir) { + LoadDictionariesFromDir(hunDir); + } + // find dictionaries from extensions requiring restart nsCOMPtr dictDirs; rv = dirSvc->Get(DICTIONARY_SEARCH_DIRECTORY_LIST, @ 1.10 log @Update to 38.0 Changelog: New New tab-based preferences New Ruby annotation support New Base for the next ESR release. Changed autocomplete=off is no longer supported for username/password fields Changed URL parser avoids doing percent encoding when setting the Fragment part of the URL, and percent decoding when getting the Fragment in line with the URL spec Changed RegExp.prototype.source now returns "(?:)" instead of the empty string for empty regular expressions Changed Improved page load times via speculative connection warmup HTML5 WebSocket now available in Web Workers HTML5 BroadcastChannel API implemented HTML5 Implemented srcset attribute and element for responsive images HTML5 Implemented DOM3 Events KeyboardEvent.code HTML5 Mac OS X: Implemented a subset of the Media Source Extensions (MSE) API to allow native HTML5 playback on YouTube HTML5 Implemented Encrypted Media Extensions (EME) API to support encrypted HTML5 video/audio playback (Windows Vista or later only) HTML5 Automatically download Adobe Primetime Content Decryption Module (CDM) for DRM playback through EME (Windows Vista or later only) Developer Optimized-out variables are now visible in Debugger UI Developer XMLHttpRequest logs in the web console are now visually labelled and can be filtered separately from regular network requests Developer WebRTC now has multistream and renegotiation support Developer copy command added to console Fixed Various security fixes Fixed in Firefox 38 2015-58 Mozilla Windows updater can be run outside of application directory 2015-57 Privilege escalation through IPC channel messages 2015-56 Untrusted site hosting trusted page can intercept webchannel responses 2015-55 Buffer overflow and out-of-bounds read while parsing MP4 video metadata 2015-54 Buffer overflow when parsing compressed XML 2015-53 Use-after-free due to Media Decoder Thread creation during shutdown 2015-52 Sensitive URL encoded information written to Android logcat 2015-51 Use-after-free during text processing with vertical text enabled 2015-50 Out-of-bounds read and write in asm.js validation 2015-49 Referrer policy ignored when links opened by middle-click and context menu 2015-48 Buffer overflow with SVG content and CSS 2015-47 Buffer overflow parsing H.264 video with Linux Gstreamer 2015-46 Miscellaneous memory safety hazards (rv:38.0 / rv:31.7) @ text @d1 1 a1 1 $NetBSD: patch-extensions_spellcheck_hunspell_src_mozHunspell.cpp,v 1.9 2015/04/05 12:54:11 ryoon Exp $ @ 1.9 log @Update to 37.0 * Bump nspr requirement. Changelog: New Heartbeat user rating system - your feedback about Firefox New Yandex set as default search provider for the Turkish locale New Bing search now uses HTTPS for secure searching New Improved protection against site impersonation via OneCRL centralized certificate revocation New Opportunistically encrypt HTTP traffic where the server supports HTTP/2 AltSvc Changed Disabled insecure TLS version fallback for site security Changed Extended SSL error reporting for reporting non-certificate errors Changed TLS False Start optimization now requires a cipher suite using AEAD construction Changed Improved certificate and TLS communication security by removing support for DSA Changed Improved performance of WebGL rendering on Windows HTML5 Implemented a subset of the Media Source Extensions (MSE) API to allow native HTML5 playback on YouTube (Windows only) HTML5 Added support for CSS display:contents HTML5 IndexedDB now accessible from worker threads HTML5 New SDP/JSEP implementation in WebRTC Developer Debug tabs opened in Chrome Desktop, Chrome for Android, and Safari for iOS Developer New Inspector animations panel to control element animations Developer New Security Panel included in Network Panel Developer Debugger panel support for chrome:// and about:// URIs Developer Added logging of weak ciphers to the web console Fixed Various security fixes Fixed in Firefox 37 2015-42 Windows can retain access to privileged content on navigation to unprivileged pages 2015-41 PRNG weakness allows for DNS poisoning on Android 2015-40 Same-origin bypass through anchor navigation 2015-39 Use-after-free due to type confusion flaws 2015-38 Memory corruption crashes in Off Main Thread Compositing 2015-37 CORS requests should not follow 30x redirections after preflight 2015-36 Incorrect memory management for simple-type arrays in WebRTC 2015-35 Cursor clickjacking with flash and images 2015-34 Out of bounds read in QCMS library 2015-33 resource:// documents can load privileged pages 2015-32 Add-on lightweight theme installation approval bypassed through MITM attack 2015-31 Use-after-free when using the Fluendo MP3 GStreamer plugin 2015-30 Miscellaneous memory safety hazards (rv:37.0 / rv:31.6) @ text @d1 1 a1 1 $NetBSD: patch-extensions_spellcheck_hunspell_src_mozHunspell.cpp,v 1.8 2015/02/28 04:30:55 ryoon Exp $ d5 1 a5 1 --- extensions/spellcheck/hunspell/src/mozHunspell.cpp.orig 2015-03-27 02:20:32.000000000 +0000 d13 1 a13 1 + NS_NewNativeLocalFile(NS_LITERAL_CSTRING("/usr/pkg/share/hunspell"), @ 1.8 log @Update to 36.0 Changelog: New Pinned tiles on the new tab page can be synced New Support for the full HTTP/2 protocol. HTTP/2 enables a faster, more scalable, and more responsive web. New Locale added: Uzbek (uz) Changed -remote option removed Changed No longer accept insecure RC4 ciphers whenever possible Changed Phasing out Certificates with 1024-bit RSA Keys Changed Shut down hangs will now show the crash reporter before exiting the program Changed Add-on Compatibility HTML5 Support for the ECMAScript 6 Symbol data type added HTML5 unicode-range CSS descriptor implemented HTML5 CSSOM-View scroll behavior implemented allowing smooth scrolling of content without custom libraries HTML5 object-fit and object-position implemented. Defines how and where the content of a replaced element is displayed HTML5 isolation CSS property implemented. Create a new stacking context to isolate groups of boxes to control which blend together HTML5 CSS3 will-change property implemented. Hints the browser of elements that will be modified. The browser will perform some performance optimization for these HTML5 Changed JavaScript 'const' semantics to conform better to the ES6 specification. The const declaration is now block-scoped and requires an initializer. It also can not be redeclared anymore. HTML5 Improved ES6 generators for better performance Developer Eval sources now appear in the Debugger Debug JavaScript code that is evaluated dynamically, either as a string passed to eval() or as a string passed to the Function constructor Developer DOM Promises inspection Developer Inspector: More paste options in markup view Fixed CSS gradients work on premultiplied colors Fixed Fix some unexpected logout from Facebook or Google after restart Fixed Various security fixes Fixed in Firefox 36 2015-27 Caja Compiler JavaScript sandbox bypass 2015-26 UI Tour whitelisted sites in background tab can spoof foreground tabs 2015-25 Local files or privileged URLs in pages can be opened into new tabs 2015-24 Reading of local files through manipulation of form autocomplete 2015-23 Use-after-free in Developer Console date with OpenType Sanitiser 2015-22 Crash using DrawTarget in Cairo graphics library 2015-21 Buffer underflow during MP3 playback 2015-20 Buffer overflow during CSS restyling 2015-19 Out-of-bounds read and write while rendering SVG content 2015-18 Double-free when using non-default memory allocators with a zero-length XHR 2015-17 Buffer overflow in libstagefright during MP4 video playback 2015-16 Use-after-free in IndexedDB 2015-15 TLS TURN and STUN connections silently fail to simple TCP connections 2015-14 Malicious WebGL content crash when writing strings 2015-13 Appended period to hostnames can bypass HPKP and HSTS protections 2015-12 Invoking Mozilla updater will load locally stored DLL files 2015-11 Miscellaneous memory safety hazards (rv:36.0 / rv:31.5) @ text @d1 1 a1 1 $NetBSD: patch-extensions_spellcheck_hunspell_src_mozHunspell.cpp,v 1.7 2015/01/30 15:19:59 ryoon Exp $ d5 1 a5 1 --- extensions/spellcheck/hunspell/src/mozHunspell.cpp.orig 2015-02-17 21:40:49.000000000 +0000 d7 1 a7 1 @@@@ -400,6 +400,12 @@@@ mozHunspell::LoadDictionaryList(bool aNo d12 6 a17 4 + nsIFile* hunDir; + NS_NewNativeLocalFile(NS_LITERAL_CSTRING("@@PREFIX@@/share/hunspell"), + true, &hunDir); + LoadDictionariesFromDir(hunDir); @ 1.7 log @Bump PKGREVISION. * Fix merge mistake. @ text @d1 1 a1 1 $NetBSD: patch-extensions_spellcheck_hunspell_src_mozHunspell.cpp,v 1.6 2015/01/30 07:32:24 pho Exp $ d5 1 a5 1 --- extensions/spellcheck/hunspell/src/mozHunspell.cpp.orig 2015-01-23 06:00:09.000000000 +0000 d7 1 a7 1 @@@@ -400,6 +400,14 @@@@ mozHunspell::LoadDictionaryList(bool aNo d12 1 a12 1 + nsCOMPtr hunDir; d14 2 a15 4 + true, getter_AddRefs(hunDir)); + if (hunDir) { + LoadDictionariesFromDir(hunDir); + } @ 1.6 log @Fix many issues on Darwin PLIST: * lib/firefox/libmozglue.so is built and installed as a shared library on some platforms including Darwin. mozilla-common.mk: * Sandboxing support is only available when the toolkit is cairo-cocoa. * It tries to use MacOS X 10.6 SDK by default, which is not always possible. patches/patch-build_gyp.mozbuild: * Don't assume iOS just because the toolkit is not cocoa. Ideally there should be an AC_SUBST just like 'ARM_ARCH' but nothing exists currently. * MacOS X SDK version should be able to configure with ./configure --enable-macos-target=VER patches/patch-extensions_spellcheck_hunspell_src_mozHunspell.cpp: * NS_NewNativeLocalFile() can fail and leave hunDir null, so we must check if it succeeded. This is not Darwin specific though. * "%%LOCALBASE%%" in the hunspell path is currently not substituted, which looks very erroneous to me. But since I don't know why ryoon@@ changed it from "@@PREFIX@@" to "%%LOCALBASE%%" I leave it as it is. patches/patch-ipc_glue_moz.build: * Don't assume cocoa toolkit just because OS_ARCH is Darwin. patches/patch-js_src_asmjs_AsmJSSignalHandlers.cpp: * Increase portability for non-x86 Darwin by not hardwiring x86_THREAD_STATE. patches/patch-js_xpconnect_src_xpcprivate.h: * The declaration has to be C++11 'extern template', otherwise non-weak symbol collision will occur between libmozjs and libxul. We can't easily test if the feature is supported by compiler due to GCC bug #1773: http://gcc.gnu.org/bugzilla/show_bug.cgi?id=1773 patches/patch-memory_mozalloc_VolatileBufferOSX.cpp: * Try to fallback to valloc(3) if posix_memalign(3) is not avialble. It has been added since MacOS 10.6. patches/patch-toolkit_library_moz.build: * GSTREAMER_LIBS are linked to libxul on Darwin, while they are dlopen(3)'ed at runtime on other platforms. The problem is that the toolkit being cocoa isn't relevant at all. It's Darwin that needs the special handling, not Cocoa. patches/patch-toolkit_xre_nsAppRunner.cpp: * MacOS X < 10.6 had an undocumented behavior concerning execve(2) inside a threaded process. If a process tried to call execve(2) and had more than one active thread, the kernel returned ENOTSUP. So we have to either fork(2) or vfork(2) before calling execve(2) to make sure the caller is single-threaded as otherwise the application fails to restart itself. patches/patch-xpcom_base_nsStackWalk.cpp, patches/patch-xpcom_build_PoisonIOInterposer.h: * Replace XP_MACOSX with XP_DARWIN as the former is not defined when the toolkit is not cocoa. patches/patch-xpcom_glue_standalone_nsXPCOMGlue.cpp: * Fix inconsistent use of XP_DARWIN and XP_MACOSX: LEADING_UNDERSCORE should be empty when we are going to load XPCOM using dlopen(3), not NSAddImage(). @ text @d1 1 a1 1 $NetBSD: patch-extensions_spellcheck_hunspell_src_mozHunspell.cpp,v 1.5 2015/01/16 22:42:09 ryoon Exp $ d13 1 a13 1 + NS_NewNativeLocalFile(NS_LITERAL_CSTRING("%%LOCALBASE%%/share/hunspell"), @ 1.5 log @Update to 35.0 Changelog: New Firefox Hello with new rooms-based conversations model New New search UI improved and enabled for more locales New Access the Firefox Marketplace from the Tools menu and optional toolbar button New Built-in support for H264 (MP4) on Mac OS X Snow Leopard (10.6) and newer through native APIs New Use tiled rendering on OS X New Improved high quality image resizing performance New Improved handling of dynamic styling changes to increase responsiveness HTML5 Added support for the CSS Font Loading API HTML5 Resource Timing API implemented HTML5 CSS filters enabled by default HTML5 Changed JavaScript 'let' semantics to conform better to the ES6 specification Developer Support for inspecting ::before and ::after pseudo elements Developer Computed view: Nodes matching the hovered selector are now highlighted Developer Network Monitor: New request/response headers view (more info) Developer Added support for the EXT_blend_minmax WebGL extension Fixed Show DOM Properties context menu item in inspector Fixed Reduced resource usage for scaled images Fixed PDF.js updated to version 1.0.907 Fixed Non-HTTP(S) XHR now returns correct status code Fixed Various security fixes Security fixes: 2015-09 XrayWrapper bypass through DOM objects 2015-08 Delegated OCSP responder certificates failure with id-pkix-ocsp-nocheck extension 2015-07 Gecko Media Plugin sandbox escape 2015-06 Read-after-free in WebRTC 2015-05 Read of uninitialized memory in Web Audio 2015-04 Cookie injection through Proxy Authenticate responses 2015-03 sendBeacon requests lack an Origin header 2015-02 Uninitialized memory use during bitmap rendering 2015-01 Miscellaneous memory safety hazards (rv:35.0 / rv:31.4) @ text @d1 1 a1 1 $NetBSD: patch-extensions_spellcheck_hunspell_src_mozHunspell.cpp,v 1.4 2014/02/21 16:17:47 ryoon Exp $ d3 3 a5 1 --- extensions/spellcheck/hunspell/src/mozHunspell.cpp.orig 2015-01-09 04:38:27.000000000 +0000 d7 1 a7 1 @@@@ -400,6 +400,12 @@@@ mozHunspell::LoadDictionaryList(bool aNo d12 1 a12 1 + nsIFile* hunDir; d14 4 a17 2 + true, &hunDir); + LoadDictionariesFromDir(hunDir); @ 1.4 log @Bump PKGREVISION Fix SUBST string. From tsutsui@@, thank you. @ text @d1 1 a1 1 $NetBSD: patch-extensions_spellcheck_hunspell_src_mozHunspell.cpp,v 1.3 2014/02/20 13:19:03 ryoon Exp $ d3 1 a3 1 --- extensions/spellcheck/hunspell/src/mozHunspell.cpp.orig 2014-02-12 21:28:58.000000000 +0000 d5 1 a5 1 @@@@ -426,6 +426,12 @@@@ mozHunspell::LoadDictionaryList() d11 1 a11 1 + NS_NewNativeLocalFile(NS_LITERAL_CSTRING("@@PREFIX@@/share/hunspell"), @ 1.3 log @Update to 27.0.1 * Fix some syscall definitions in JavaScript are fixed. Thank you, tho@@. Changelog: FIXED 27.0.1 - Fixed stability issues with Greasemonkey and other JS that used ClearTimeoutOrInterval FIXED 27.0.1 - JS math correctness issue (bug 941381 @ text @d1 1 a1 1 $NetBSD: patch-extensions_spellcheck_hunspell_src_mozHunspell.cpp,v 1.1 2013/09/19 12:37:49 ryoon Exp $ d11 1 a11 1 + NS_NewNativeLocalFile(NS_LITERAL_CSTRING("/usr/pkg/share/hunspell"), @ 1.2 log @Update to 27.0 Changelog: NEW You can now run more than one service at a time with Firefox SocialAPI, allowing you to receive notifications, chat and more from multiple integrated services CHANGED Enabled TLS 1.1 (RFC 4346) and TLS 1.2 (RFC 5246) by default CHANGED Added support for SPDY 3.1 protocol DEVELOPER Ability to reset style sheets using 'all:unset' DEVELOPER You can now choose to deobfuscate javascript in the debugger (see 762761) DEVELOPER Added support for scrolled fieldsets (see 261037) DEVELOPER Implemented allow-popups directive for iframe sandbox, enabling increased security (see 766282) DEVELOPER CSS cursor keywords -moz-grab and -moz-grabbing have been unprefixed (see 880672) DEVELOPER Added support for ES6 generators in SpiderMonkey (see blog post) DEVELOPER Implemented support for mathematical function Math.hypot() in ES6 (see 896264) HTML5 Dashed line support on Canvas (see 768067) FIXED Get Azure/Skia content rendering working on Linux (see 740200) FIXED 27.0: Security fixes can be found here Fixed in Firefox 27 MFSA 2014-13 Inconsistent JavaScript handling of access to Window objects MFSA 2014-12 NSS ticket handling issues MFSA 2014-11 Crash when using web workers with asm.js MFSA 2014-10 Firefox default start page UI content invokable by script MFSA 2014-09 Cross-origin information leak through web workers MFSA 2014-08 Use-after-free with imgRequestProxy and image proccessing MFSA 2014-07 XSLT stylesheets treated as styles in Content Security Policy MFSA 2014-06 Profile path leaks to Android system log MFSA 2014-05 Information disclosure with *FromPoint on iframes MFSA 2014-04 Incorrect use of discarded images by RasterImage MFSA 2014-03 UI selection timeout missing on download prompts MFSA 2014-02 Clone protected content with XBL scopes MFSA 2014-01 Miscellaneous memory safety hazards (rv:27.0 / rv:24.3) @ text @d3 1 a3 1 --- extensions/spellcheck/hunspell/src/mozHunspell.cpp.orig 2014-01-28 04:03:40.000000000 +0000 @ 1.1 log @Update to 24.0, ESR edition. * Merge some patches via FreeBSD ports. * Tested on NetBSD/amd64 6.99.23 and DragonFly/amd64 3.4.1. * Use system hunspell dictionaries. * DuckDuckGo search window. * Enable system icu support. Changelog: NEW Support for new scrollbar style in Mac OS X 10.7 and newer NEW Implemented Close tabs to the right NEW Social: Ability to tear-off chat windows to view separately by simply dragging them out CHANGED Accessibility related improvements on using pinned tabs (see 577727) CHANGED Removed support for Revocation Lists feature (see 867465) CHANGED Performance improvements on New Tab Page loads (see 791670) DEVELOPER Major SVG rendering improvements around Image tiling and scaling (see 600207 ) DEVELOPER Improved and unified Browser console for enhanced debugging experience, replacing existing Error console DEVELOPER Removed support for sherlock files that are loaded from application or profile directory FIXED Replace fixed-ratio audio resampler in webrtc.org capture code with Speex resampler and eliminate pseudo-44000Hz rate ( see 886886) FIXED 24.0: Security fixes can be found here Fixed in Firefox 24 MFSA 2013-92 GC hazard with default compartments and frame chain restoration MFSA 2013-91 User-defined properties on DOM proxies get the wrong "this" object MFSA 2013-90 Memory corruption involving scrolling MFSA 2013-89 Buffer overflow with multi-column, lists, and floats MFSA 2013-88 compartment mismatch re-attaching XBL-backed nodes MFSA 2013-87 Shared object library loading from writable location MFSA 2013-86 WebGL Information disclosure through OS X NVIDIA graphic drivers MFSA 2013-85 Uninitialized data in IonMonkey MFSA 2013-84 Same-origin bypass through symbolic links MFSA 2013-83 Mozilla Updater does not lock MAR file after signature verification MFSA 2013-82 Calling scope for new Javascript objects can lead to memory corruption MFSA 2013-81 Use-after-free with select element MFSA 2013-80 NativeKey continues handling key messages after widget is destroyed MFSA 2013-79 Use-after-free in Animation Manager during stylesheet cloning MFSA 2013-78 Integer overflow in ANGLE library MFSA 2013-77 Improper state in HTML5 Tree Builder with templates MFSA 2013-76 Miscellaneous memory safety hazards (rv:24.0 / rv:17.0.9) @ text @d1 1 a1 1 $NetBSD$ d3 1 a3 1 --- extensions/spellcheck/hunspell/src/mozHunspell.cpp.orig 2013-09-10 03:43:29.000000000 +0000 d5 1 a5 1 @@@@ -417,6 +417,12 @@@@ mozHunspell::LoadDictionaryList() d11 1 a11 1 + NS_NewNativeLocalFile(NS_LITERAL_CSTRING("@@PREFIX@@/share/hunspell"), @