head 1.6; access; symbols pkgsrc-2015Q2:1.5.0.6 pkgsrc-2015Q2-base:1.5 pkgsrc-2015Q1:1.5.0.4 pkgsrc-2015Q1-base:1.5 pkgsrc-2014Q4:1.5.0.2 pkgsrc-2014Q4-base:1.5 pkgsrc-2014Q3:1.4.0.6 pkgsrc-2014Q3-base:1.4 pkgsrc-2014Q2:1.4.0.4 pkgsrc-2014Q2-base:1.4 pkgsrc-2014Q1:1.4.0.2 pkgsrc-2014Q1-base:1.4 pkgsrc-2013Q4:1.2.0.4 pkgsrc-2013Q4-base:1.2 pkgsrc-2013Q3:1.2.0.2 pkgsrc-2013Q3-base:1.2 pkgsrc-2013Q2:1.1.0.2 pkgsrc-2013Q2-base:1.1; locks; strict; comment @// @; 1.6 date 2015.09.23.06.44.42; author ryoon; state dead; branches; next 1.5; commitid A8JQd1PZS2cnplCy; 1.5 date 2014.10.15.13.07.07; author ryoon; state Exp; branches; next 1.4; commitid BxXu2KLWwPm1yiUx; 1.4 date 2014.02.20.13.19.03; author ryoon; state Exp; branches; next 1.3; commitid T9GvdtUIEdEreQpx; 1.3 date 2014.02.08.09.36.00; author ryoon; state Exp; branches; next 1.2; commitid ggxuC0XAcatWnhox; 1.2 date 2013.09.19.12.37.50; author ryoon; state Exp; branches; next 1.1; commitid hXNFeA0U06W4X26x; 1.1 date 2013.05.23.13.12.13; author ryoon; state Exp; branches; next ; commitid sFsg0DAPswjWXKQw; desc @@ 1.6 log @Update to 41.0 Changelog: New Enhance IME support on Windows (Vista +) using TSF (Text Services Framework) New Ability to set a profile picture for your Firefox Account New Firefox Hello now includes instant messaging New SVG images can be used as favicons New Improved box-shadow rendering performance Changed WebRTC now requires perfect forward secrecy Changed WARP is disabled on Windows 7 Changed Updates to image decoding process Changed Support for running animations of 'transform' and 'opacity' on the compositor thread HTML5 MessageChannel and MessagePort API enabled by default HTML5 Added support for the transform-origin property on SVG elements HTML5 CSS Font Loading API enabled by default HTML5 Navigator.onLine now varies with actual internet connectivity (Windows and Mac OS X only) HTML5 Copy/Cut Web content from JavaScript to the OS clipboard with document.execCommand("cut"/"copy") HTML5 Implemented Cache API for querying named caches that are accessible Window, Worker, and ServiceWorker Developer Removed support for binary XPCOM components in extensions, use addon SDK "system/child_process" pipe mechanism for native binaries instead Developer Network requests can be exported in HAR format Developer Quickly add new CSS rule with New Rule button in the Inspector Developer Screenshot a node or element from markup view with the Screenshot Node context menu item Developer Copy element CSS rule declarations with the Copy Rule Declaration context menu item in the Inspector Developer Pseudo-Class panel in the Inspector Fixed Picture element does not react to resize/viewport changes Fixed Various security fixes Security fixes: Fixed in Firefox 41 2015-114 Information disclosure via the High Resolution Time API 2015-113 Memory safety errors in libGLES in the ANGLE graphics library 2015-112 Vulnerabilities found through code inspection 2015-111 Errors in the handling of CORS preflight request headers 2015-110 Dragging and dropping images exposes final URL after redirects 2015-109 JavaScript immutable property enforcement can be bypassed 2015-108 Scripted proxies can access inner window 2015-107 Out-of-bounds read during 2D canvas display on Linux 16-bit color depth systems 2015-106 Use-after-free while manipulating HTML media content 2015-105 Buffer overflow while decoding WebM video 2015-104 Use-after-free with shared workers and IndexedDB 2015-103 URL spoofing in reader mode 2015-102 Crash when using debugger with SavedStacks in JavaScript 2015-101 Buffer overflow in libvpx while parsing vp9 format video 2015-100 Arbitrary file manipulation by local user through Mozilla updater 2015-99 Site attribute spoofing on Android by pasting URL with unknown scheme 2015-98 Out of bounds read in QCMS library with ICC V4 profile attributes 2015-97 Memory leak in mozTCPSocket to servers 2015-96 Miscellaneous memory safety hazards (rv:41.0 / rv:38.3) @ text @$NetBSD: patch-security_manager_ssl_src_nsNSSComponent.cpp,v 1.5 2014/10/15 13:07:07 ryoon Exp $ --- security/manager/ssl/src/nsNSSComponent.cpp.orig 2014-10-11 09:06:44.000000000 +0000 +++ security/manager/ssl/src/nsNSSComponent.cpp @@@@ -53,6 +53,7 @@@@ #include "nss.h" #include "pkix/pkixnss.h" #include "ssl.h" +#define NSS_ENABLE_ECC 1 #include "sslproto.h" #include "secmod.h" #include "secerr.h" @ 1.5 log @Update to 33.0 Changelog: New OpenH264 support (sandboxed) New Improved search experience through the location bar New Slimmer and faster JavaScript strings New Search suggestions on the Firefox Start (about:home) and new tab (about:newtab) pages New Windows: OMTC enabled by default New New CSP (Content Security Policy) backend New Support for connecting to HTTP proxy over HTTPS New Improved reliability of the session restoration New Azerbaijani [az] locale added Changed Proprietary window.crypto properties/functions removed Changed JSD (JavaScript Debugger Service) removed in favor of the Debugger interface HTML5 @@counter-style rule from CSS3 Counter Styles specification implemented HTML5 DOMMatrix interface implemented Developer Cubic-bezier curves editor Developer Display which elements have listeners attached Developer New sidebar which displays a list of shortcuts to every @@media rule in the current stylesheet Developer Paint flashing for browser content repaints Developer Editable @@keyframes rules in the Rules section of the Inspector Developer CSS transform highlighter in the style-inspector Fixed Fix incomplete downloads being marked as complete by detecting broken HTTP1.1 transfers (237623) Fixed Various security fixes Fixed in Firefox 33 MFSA 2014-82 Accessing cross-origin objects via the Alarms API MFSA 2014-81 Inconsistent video sharing within iframe MFSA 2014-80 Key pinning bypasses MFSA 2014-79 Use-after-free interacting with text directionality MFSA 2014-78 Further uninitialized memory use during GIF MFSA 2014-77 Out-of-bounds write with WebM video MFSA 2014-76 Web Audio memory corruption issues with custom waveforms MFSA 2014-75 Buffer overflow during CSS manipulation MFSA 2014-74 Miscellaneous memory safety hazards (rv:33.0 / rv:31.2) @ text @d1 1 a1 1 $NetBSD: patch-security_manager_ssl_src_nsNSSComponent.cpp,v 1.4 2014/02/20 13:19:03 ryoon Exp $ @ 1.4 log @Update to 27.0.1 * Fix some syscall definitions in JavaScript are fixed. Thank you, tho@@. Changelog: FIXED 27.0.1 - Fixed stability issues with Greasemonkey and other JS that used ClearTimeoutOrInterval FIXED 27.0.1 - JS math correctness issue (bug 941381 @ text @d1 1 a1 1 $NetBSD: patch-security_manager_ssl_src_nsNSSComponent.cpp,v 1.2 2013/09/19 12:37:50 ryoon Exp $ d3 1 a3 1 --- security/manager/ssl/src/nsNSSComponent.cpp.orig 2013-09-10 03:43:51.000000000 +0000 d5 1 a5 2 @@@@ -49,6 +49,7 @@@@ d7 1 d12 1 a12 1 #include "secmime.h" @ 1.3 log @Update to 27.0 Changelog: NEW You can now run more than one service at a time with Firefox SocialAPI, allowing you to receive notifications, chat and more from multiple integrated services CHANGED Enabled TLS 1.1 (RFC 4346) and TLS 1.2 (RFC 5246) by default CHANGED Added support for SPDY 3.1 protocol DEVELOPER Ability to reset style sheets using 'all:unset' DEVELOPER You can now choose to deobfuscate javascript in the debugger (see 762761) DEVELOPER Added support for scrolled fieldsets (see 261037) DEVELOPER Implemented allow-popups directive for iframe sandbox, enabling increased security (see 766282) DEVELOPER CSS cursor keywords -moz-grab and -moz-grabbing have been unprefixed (see 880672) DEVELOPER Added support for ES6 generators in SpiderMonkey (see blog post) DEVELOPER Implemented support for mathematical function Math.hypot() in ES6 (see 896264) HTML5 Dashed line support on Canvas (see 768067) FIXED Get Azure/Skia content rendering working on Linux (see 740200) FIXED 27.0: Security fixes can be found here Fixed in Firefox 27 MFSA 2014-13 Inconsistent JavaScript handling of access to Window objects MFSA 2014-12 NSS ticket handling issues MFSA 2014-11 Crash when using web workers with asm.js MFSA 2014-10 Firefox default start page UI content invokable by script MFSA 2014-09 Cross-origin information leak through web workers MFSA 2014-08 Use-after-free with imgRequestProxy and image proccessing MFSA 2014-07 XSLT stylesheets treated as styles in Content Security Policy MFSA 2014-06 Profile path leaks to Android system log MFSA 2014-05 Information disclosure with *FromPoint on iframes MFSA 2014-04 Incorrect use of discarded images by RasterImage MFSA 2014-03 UI selection timeout missing on download prompts MFSA 2014-02 Clone protected content with XBL scopes MFSA 2014-01 Miscellaneous memory safety hazards (rv:27.0 / rv:24.3) @ text @d3 1 a3 1 --- security/manager/ssl/src/nsNSSComponent.cpp.orig 2014-01-28 04:04:01.000000000 +0000 d5 1 a5 1 @@@@ -53,6 +53,7 @@@@ @ 1.2 log @Update to 24.0, ESR edition. * Merge some patches via FreeBSD ports. * Tested on NetBSD/amd64 6.99.23 and DragonFly/amd64 3.4.1. * Use system hunspell dictionaries. * DuckDuckGo search window. * Enable system icu support. Changelog: NEW Support for new scrollbar style in Mac OS X 10.7 and newer NEW Implemented Close tabs to the right NEW Social: Ability to tear-off chat windows to view separately by simply dragging them out CHANGED Accessibility related improvements on using pinned tabs (see 577727) CHANGED Removed support for Revocation Lists feature (see 867465) CHANGED Performance improvements on New Tab Page loads (see 791670) DEVELOPER Major SVG rendering improvements around Image tiling and scaling (see 600207 ) DEVELOPER Improved and unified Browser console for enhanced debugging experience, replacing existing Error console DEVELOPER Removed support for sherlock files that are loaded from application or profile directory FIXED Replace fixed-ratio audio resampler in webrtc.org capture code with Speex resampler and eliminate pseudo-44000Hz rate ( see 886886) FIXED 24.0: Security fixes can be found here Fixed in Firefox 24 MFSA 2013-92 GC hazard with default compartments and frame chain restoration MFSA 2013-91 User-defined properties on DOM proxies get the wrong "this" object MFSA 2013-90 Memory corruption involving scrolling MFSA 2013-89 Buffer overflow with multi-column, lists, and floats MFSA 2013-88 compartment mismatch re-attaching XBL-backed nodes MFSA 2013-87 Shared object library loading from writable location MFSA 2013-86 WebGL Information disclosure through OS X NVIDIA graphic drivers MFSA 2013-85 Uninitialized data in IonMonkey MFSA 2013-84 Same-origin bypass through symbolic links MFSA 2013-83 Mozilla Updater does not lock MAR file after signature verification MFSA 2013-82 Calling scope for new Javascript objects can lead to memory corruption MFSA 2013-81 Use-after-free with select element MFSA 2013-80 NativeKey continues handling key messages after widget is destroyed MFSA 2013-79 Use-after-free in Animation Manager during stylesheet cloning MFSA 2013-78 Integer overflow in ANGLE library MFSA 2013-77 Improper state in HTML5 Tree Builder with templates MFSA 2013-76 Miscellaneous memory safety hazards (rv:24.0 / rv:17.0.9) @ text @d1 1 a1 1 $NetBSD: patch-security_manager_ssl_src_nsNSSComponent.cpp,v 1.1 2013/05/23 13:12:13 ryoon Exp $ d3 1 a3 1 --- security/manager/ssl/src/nsNSSComponent.cpp.orig 2013-09-10 03:43:51.000000000 +0000 d5 1 a5 1 @@@@ -49,6 +49,7 @@@@ @ 1.1 log @Bump PKGREVISION. * Remove reference to devel/xulrunner. * Move some common files for firefox/xulrunner-21.0. * Move patches from devel/sulrunner. * Take MAINTAINERship. @ text @d1 1 a1 1 $NetBSD: patch-security_manager_ssl_src_nsNSSComponent.cpp,v 1.1 2013/05/19 08:47:41 ryoon Exp $ d3 1 a3 1 --- security/manager/ssl/src/nsNSSComponent.cpp.orig 2013-05-11 19:19:50.000000000 +0000 d5 2 a6 1 @@@@ -72,6 +72,7 @@@@ a7 1 #include "pk11func.h" d12 1 a12 1 #include "sechash.h" @