head 1.2; access; symbols pkgsrc-2016Q4:1.1.0.16 pkgsrc-2016Q4-base:1.1 pkgsrc-2016Q3:1.1.0.14 pkgsrc-2016Q3-base:1.1 pkgsrc-2016Q2:1.1.0.12 pkgsrc-2016Q2-base:1.1 pkgsrc-2016Q1:1.1.0.10 pkgsrc-2016Q1-base:1.1 pkgsrc-2015Q4:1.1.0.8 pkgsrc-2015Q4-base:1.1 pkgsrc-2015Q3:1.1.0.6 pkgsrc-2015Q3-base:1.1 pkgsrc-2015Q2:1.1.0.4 pkgsrc-2015Q2-base:1.1 pkgsrc-2015Q1:1.1.0.2 pkgsrc-2015Q1-base:1.1; locks; strict; comment @// @; 1.2 date 2017.01.25.13.24.51; author ryoon; state dead; branches; next 1.1; commitid 3acwYN6np6o7SlDz; 1.1 date 2015.02.16.16.16.17; author bad; state Exp; branches; next ; commitid D1C7H4hKP4KvBfay; desc @@ 1.2 log @Update to 51.0 Changelog: New Users can view passwords in the save password prompt before saving them Added a zoom button in the URL bar: Displays percent above or below 100 percent when a user has changed the page zoom setting from the default Lets users return to the default setting by clicking on the button Improved video performance for users without GPU acceleration for less CPU usage and a better full screen experience Firefox will save passwords even in forms that do not have “submit” events Added support for FLAC (Free Lossless Audio Codec) playback Added support for WebGL 2, with advanced graphics rendering features like transform feedback, improved texturing capabilities, and a new sophisticated shading language A warning is displayed when a login page does not have a secure connection Added Georgian (ka) and Kabyle (kab) locales An even faster E10s! Tab Switching is better! Improved reliability of browser data sync Remove Belarusian (be) locale Fixed Various security fixes Changed Use 2D graphics library (Skia) for content rendering on Linux Re-enabled E10s support for Russian (ru) locale Updated to NSS 3.28.1 Security fixes: #CVE-2017-5375: Excessive JIT code allocation allows bypass of ASLR and DEP #CVE-2017-5376: Use-after-free in XSL #CVE-2017-5377: Memory corruption with transforms to create gradients in Skia #CVE-2017-5378: Pointer and frame data leakage of Javascript objects #CVE-2017-5379: Use-after-free in Web Animations #CVE-2017-5380: Potential use-after-free during DOM manipulations #CVE-2017-5390: Insecure communication methods in Developer Tools JSON viewer #CVE-2017-5389: WebExtensions can install additional add-ons via modified host requests #CVE-2017-5396: Use-after-free with Media Decoder #CVE-2017-5381: Certificate Viewer exporting can be used to navigate and save to arbitrary filesystem locations #CVE-2017-5382: Feed preview can expose privileged content errors and exceptions #CVE-2017-5383: Location bar spoofing with unicode characters #CVE-2017-5384: Information disclosure via Proxy Auto-Config (PAC) #CVE-2017-5385: Data sent in multipart channels ignores referrer-policy response headers #CVE-2017-5386: WebExtensions can use data: protocol to affect other extensions #CVE-2017-5394: Android location bar spoofing using fullscreen and JavaScript events #CVE-2017-5391: Content about: pages can load privileged about: pages #CVE-2017-5392: Weak references using multiple threads on weak proxy objects lead to unsafe memory usage #CVE-2017-5393: Remove addons.mozilla.org CDN from whitelist for mozAddonManager #CVE-2017-5395: Android location bar spoofing during scrolling #CVE-2017-5387: Disclosure of local file existence through TRACK tag error messages #CVE-2017-5388: WebRTC can be used to generate a large amount of UDP traffic for DDOS attacks #CVE-2017-5374: Memory safety bugs fixed in Firefox 51 #CVE-2017-5373: Memory safety bugs fixed in Firefox 51 and Firefox ESR 45.7 @ text @$NetBSD: patch-js_src_jskwgen.cpp,v 1.1 2015/02/16 16:16:17 bad Exp $ --- js/src/jskwgen.cpp.orig 2015-01-23 06:00:01.000000000 +0000 +++ js/src/jskwgen.cpp 2015-02-05 11:42:30.000000000 +0000 @@@@ -181,7 +181,7 @@@@ *s++ = '\\'; break; default: - if (!isprint(c)) { + if (!isprint(((unsigned char)c))) { *s++ = '\\'; *s++ = (char)('0' + (0x3 & (((unsigned char)c) >> 6))); *s++ = (char)('0' + (0x7 & (((unsigned char)c) >> 3))); @ 1.1 log @Re-enable -Werror=char-subscripts and fix the fallout in the code. Per discussion with ryoon@@. Bump PKGREVISION for this and the previous two commits. @ text @d1 1 a1 1 $NetBSD$ @