head	1.8;
access;
symbols
	pkgsrc-2013Q2:1.7.0.4
	pkgsrc-2013Q2-base:1.7
	pkgsrc-2013Q1:1.7.0.2
	pkgsrc-2013Q1-base:1.7
	pkgsrc-2012Q4:1.6.0.2
	pkgsrc-2012Q4-base:1.6
	pkgsrc-2012Q3:1.5.0.2
	pkgsrc-2012Q3-base:1.5
	pkgsrc-2012Q2:1.4.0.2
	pkgsrc-2012Q2-base:1.4
	pkgsrc-2012Q1:1.3.0.2
	pkgsrc-2012Q1-base:1.3
	pkgsrc-2011Q4:1.1.0.16
	pkgsrc-2011Q4-base:1.1
	pkgsrc-2011Q3:1.1.0.14
	pkgsrc-2011Q3-base:1.1
	pkgsrc-2011Q2:1.1.0.12
	pkgsrc-2011Q2-base:1.1
	pkgsrc-2011Q1:1.1.0.10
	pkgsrc-2011Q1-base:1.1
	pkgsrc-2010Q4:1.1.0.8
	pkgsrc-2010Q4-base:1.1
	pkgsrc-2010Q3:1.1.0.6
	pkgsrc-2010Q3-base:1.1
	pkgsrc-2010Q2:1.1.0.4
	pkgsrc-2010Q2-base:1.1
	pkgsrc-2010Q1:1.1.0.2
	pkgsrc-2010Q1-base:1.1;
locks; strict;
comment	@# @;


1.8
date	2013.08.11.03.18.46;	author ryoon;	state dead;
branches;
next	1.7;
commitid	GDZSqlFAfPtd7Z0x;

1.7
date	2013.01.07.21.55.30;	author ryoon;	state Exp;
branches;
next	1.6;

1.6
date	2012.11.23.17.28.49;	author ryoon;	state Exp;
branches;
next	1.5;

1.5
date	2012.09.06.12.08.51;	author ryoon;	state Exp;
branches;
next	1.4;

1.4
date	2012.04.28.22.48.06;	author ryoon;	state Exp;
branches;
next	1.3;

1.3
date	2012.03.19.10.35.58;	author ryoon;	state Exp;
branches;
next	1.2;

1.2
date	2012.03.10.03.26.05;	author ryoon;	state Exp;
branches;
next	1.1;

1.1
date	2010.03.16.10.59.10;	author tnn;	state Exp;
branches;
next	;


desc
@@


1.8
log
@Update to 2.20

* Merge SunOS patches from www/firefox.

Changelog:
SeaMonkey-specific changes

    The Content Security Policy (CSP) 1.0 parser has been enabled.
    The Mixed Content Blocker has been enabled, blocking insecure active content loads on HTTPS pages.
    New mail alert information can be customized now (Preferences/Mail & Newsgroups/Notifications).
    A confirmation prompt has been introduced to protect against accidental permanent data loss when force-deleting messages using Shift+Del.
    MailNews Save As Template supports multiple selections now.
    The size on disk is now shown for newsgroup folders.
    See the changes page for a more complete overview.

Mozilla platform changes

    Added support for scrollbar style in Mac OS X 10.7 and newer.
    Enabled mixed content blocking to protects users from man-in-the-middle attacks and eavesdroppers on HTTPS pages (learn more).
    Improved about:memory's functional UI.
    Enabled DXVA2 on Windows Vista+ to accelerate H.264 video decoding.
    Simplified interface for notifications of plugin installation.
    Enabled users to switch the search provider across the entire browser.
    CSP policies using the standard syntax and semantics will now be enforced.
    Implemented the HTML5 <input type="range"> form control.
    Added unprefixed requestAnimationFrame.
    Dropped blink effect from CSS rule text-decoration:blink and completely removed <blink> element.
    Fixed several stability issues.

Fixed in SeaMonkey 2.20
MFSA 2013-75 Local Java applets may read contents of local file system
MFSA 2013-74 Firefox full and stub installer DLL hijacking
MFSA 2013-73 Same-origin bypass with web workers and XMLHttpRequest
MFSA 2013-72 Wrong principal used for validating URI for some Javascript components
MFSA 2013-71 Further Privilege escalation through Mozilla Updater
MFSA 2013-70 Bypass of XrayWrappers using XBL Scopes
MFSA 2013-69 CRMF requests allow for code execution and XSS attacks
MFSA 2013-68 Document URI misrepresentation and masquerading
MFSA 2013-67 Crash during WAV audio file decoding
MFSA 2013-66 Buffer overflow in Mozilla Maintenance Service and Mozilla Updater
MFSA 2013-65 Buffer underflow when generating CRMF requests
MFSA 2013-64 Use after free mutating DOM during SetBody
MFSA 2013-63 Miscellaneous memory safety hazards (rv:23.0 / rv:17.0.8)
@
text
@$NetBSD: patch-am,v 1.7 2013/01/07 21:55:30 ryoon Exp $

SHA1_Update conflicts with openssl which may be dynamically loaded
at runtime via libcups or libgssapi so causing a crash due to using
the wrong binding.  So rename here to avoid conflict.

--- mozilla/security/nss/lib/freebl/blapi.h.orig	2012-11-18 10:19:50.000000000 +0000
+++ mozilla/security/nss/lib/freebl/blapi.h
@@@@ -1043,6 +1043,8 @@@@ extern void SHA1_DestroyContext(SHA1Cont
 */
 extern void SHA1_Begin(SHA1Context *cx);
 
+#define SHA1_Update NSS_SHA1_Update
+
 /*
 ** Update the SHA-1 hash function with more data.
 **	"cx" the context
@


1.7
log
@* Regen patches...
* Fix build on recent NetBSD (kproc_info vs kproc_info2)
@
text
@d1 1
a1 1
$NetBSD: patch-am,v 1.5 2012/09/06 12:08:51 ryoon Exp $
@


1.6
log
@Update to 2.14

* Patches are synced with xulrunner-17.0, and regen patches
* Update Mozilla Lightning to 1.9

Changelog:
SeaMonkey-specific changes
    None (see changes page for minor changes).

Mozilla platform changes
    OS X 10.6 is now the minimum supported Mac version.
    JavaScript Maps and Sets are now iterable.
    SVG FillPaint and StrokePaint have been implemented.
    The sandbox attribute has been implemented for iframes, enabling increased security.
    Fixed several stability issues.

Security fixes
Fixed in SeaMonkey 2.14
MFSA 2012-106 Use-after-free, buffer overflow, and memory corruption issues found using Address Sanitizer
MFSA 2012-105 Use-after-free and buffer overflow issues found using Address Sanitizer
MFSA 2012-103 Frames can shadow top.location
MFSA 2012-101 Improper character decoding in HZ-GB-2312 charset
MFSA 2012-100 Improper security filtering for cross-origin wrappers
MFSA 2012-99 XrayWrappers exposes chrome-only properties when not in chrome compartment
MFSA 2012-97 XMLHttpRequest inherits incorrect principal within sandbox
MFSA 2012-96 Memory corruption in str_unescape
MFSA 2012-94 Crash when combining SVG text on path with CSS
MFSA 2012-93 evalInSanbox location context incorrectly applied
MFSA 2012-92 Buffer overflow while rendering GIF images
MFSA 2012-91 Miscellaneous memory safety hazards (rv:17.0/ rv:10.0.11)
@
text
@@


1.5
log
@Update to 2.12

* Update Mozilla Lightning to 1.7
* Update Enigmail to 1.4.4 (functionality is not tested yet; should
  be updated)
* Regen patches

Changelog:
SeaMonkey-specific changes
    None.

Mozilla platform changes
    Added support for SPDY networking protocol v3.
    Implemented WebGL enhancements, including compressed textures for better performance.
    Optimized memory usage for add-ons.
    Implemented the CSS word-break property.
    Implemented high precision event timer.
    HTML5: Added native support for the Opus audio codec.
    HTML5: Added support for the source element media attribute.
    HTML5: Added support for the audio element and video element played attribute.
    Fixed several stability issues.

Fixed in SeaMonkey 2.12
MFSA 2012-70 Location object security checks bypassed by chrome code
MFSA 2012-69 Incorrect site SSL certificate data display
MFSA 2012-68 DOMParser loads linked resources in extensions when parsing text/html
MFSA 2012-65 Out-of-bounds read in format-number in XSLT
MFSA 2012-64 Graphite 2 memory corruption
MFSA 2012-63 SVG buffer overflow and use-after-free issues
MFSA 2012-62 WebGL use-after-free and memory corruption
MFSA 2012-61 Memory corruption with bitmap format images with negative height
MFSA 2012-59 Location object can be shadowed using Object.defineProperty
MFSA 2012-58 Use-after-free issues found using Address Sanitizer
MFSA 2012-57 Miscellaneous memory safety hazards (rv:15.0/ rv:10.0.7)
@
text
@d1 1
a1 1
$NetBSD: patch-am,v 1.4 2012/04/28 22:48:06 ryoon Exp $
d7 1
a7 1
--- mozilla/security/nss/lib/freebl/blapi.h.orig	2012-08-27 04:49:28.000000000 +0000
@


1.4
log
@Update to 2.9

* Remove unused option.
* Restore jemalloc option.

Changelog:
* The File and Move Bookmarks dialogs are resizable now.
* HTML5 videos that do not start automatically show a large play button now.
* Add-ons Sync can now be configured without the Add-ons Sync Prefs add-on.
* Pasting a URL from the clipboard into the Download Manager window will
  download it.
* Plugins can be disabled for the whole suite now in addition to
  Mail & Newsgroups only.

* View Source now has line numbers.
* Line breaks are now supported in the title attribute.
* Find in Page search results are scrolled into view now.
* The column-fill CSS property has been implemented.
* Support for the text-align-last CSS property has been added.
* Experimental support for ECMAScript 6 Map and Set objects has been
  implemented.
* Fixed several stability issues.
@
text
@d1 1
a1 1
$NetBSD: patch-am,v 1.3 2012/03/19 10:35:58 ryoon Exp $
d7 1
a7 1
--- mozilla/security/nss/lib/freebl/blapi.h.orig	2012-04-23 06:28:18.000000000 +0000
d9 1
a9 1
@@@@ -1038,6 +1038,8 @@@@ extern void SHA1_DestroyContext(SHA1Cont
@


1.3
log
@Update to 2.8

* Based on xulrunner-11.0
* Patches are almost as same as mail/thunderbird

Changelog:
See http://www.seamonkey-project.org/releases/seamonkey2.8/ etc.
@
text
@d1 1
a1 1
$NetBSD: patch-am,v 1.2 2012/03/10 03:26:05 ryoon Exp $
d7 1
a7 1
--- mozilla/security/nss/lib/freebl/blapi.h.orig	2012-03-13 05:33:09.000000000 +0000
@


1.2
log
@Update to 2.7.2

* Many new features.
* Security bugfixes.
* See http://www.seamonkey-project.org/releases/seamonkey2.7/
@
text
@d1 1
a1 1
$NetBSD: patch-am,v 1.1 2010/03/16 10:59:10 tnn Exp $
d7 1
a7 1
--- mozilla/security/nss/lib/freebl/blapi.h.orig	2012-02-16 14:09:30.000000000 +0000
@


1.1
log
@clone comm-1.9.1 patch set from devel/xulrunner into mail/thunderbird and
www/seamonkey so devel/xulrunner can move forward to 1.9.2.
@
text
@d1 1
a1 1
$NetBSD: patch-am,v 1.1.1.1 2009/08/05 02:59:48 tnn Exp $
d7 1
a7 1
--- mozilla/security/nss/lib/freebl/blapi.h.orig	2009-06-29 18:15:13.000000000 +0200
d9 1
a9 1
@@@@ -925,6 +925,8 @@@@ extern void SHA1_DestroyContext(SHA1Cont
@