head 1.4; access; symbols pkgsrc-2015Q3:1.3.0.8 pkgsrc-2015Q3-base:1.3 pkgsrc-2015Q2:1.3.0.6 pkgsrc-2015Q2-base:1.3 pkgsrc-2015Q1:1.3.0.4 pkgsrc-2015Q1-base:1.3 pkgsrc-2014Q4:1.3.0.2 pkgsrc-2014Q4-base:1.3 pkgsrc-2014Q3:1.2.0.10 pkgsrc-2014Q3-base:1.2 pkgsrc-2014Q2:1.2.0.8 pkgsrc-2014Q2-base:1.2 pkgsrc-2014Q1:1.2.0.6 pkgsrc-2014Q1-base:1.2 pkgsrc-2013Q4:1.2.0.4 pkgsrc-2013Q4-base:1.2 pkgsrc-2013Q3:1.2.0.2 pkgsrc-2013Q3-base:1.2 pkgsrc-2013Q2:1.1.0.2 pkgsrc-2013Q2-base:1.1; locks; strict; comment @// @; 1.4 date 2015.10.02.22.49.36; author ryoon; state dead; branches; next 1.3; commitid 4NPwQdOyvYkssADy; 1.3 date 2014.11.02.05.40.31; author ryoon; state Exp; branches; next 1.2; commitid NE5EWeAimDmUuzWx; 1.2 date 2013.09.28.14.37.05; author ryoon; state Exp; branches; next 1.1; commitid RJpfztu2N6Kgkd7x; 1.1 date 2013.05.23.13.25.30; author ryoon; state Exp; branches; next ; commitid B2zASeC5iDep2LQw; desc @@ 1.4 log @Update to 2.38 Changelog: Based on xulrunner 41.0 Security fixes: 2015-114 Information disclosure via the High Resolution Time API 2015-113 Memory safety errors in libGLES in the ANGLE graphics library 2015-112 Vulnerabilities found through code inspection 2015-111 Errors in the handling of CORS preflight request headers 2015-110 Dragging and dropping images exposes final URL after redirects 2015-109 JavaScript immutable property enforcement can be bypassed 2015-108 Scripted proxies can access inner window 2015-107 Out-of-bounds read during 2D canvas display on Linux 16-bit color depth systems 2015-106 Use-after-free while manipulating HTML media content 2015-105 Buffer overflow while decoding WebM video 2015-104 Use-after-free with shared workers and IndexedDB 2015-103 URL spoofing in reader mode 2015-102 Crash when using debugger with SavedStacks in JavaScript 2015-101 Buffer overflow in libvpx while parsing vp9 format video 2015-100 Arbitrary file manipulation by local user through Mozilla updater 2015-99 Site attribute spoofing on Android by pasting URL with unknown scheme 2015-98 Out of bounds read in QCMS library with ICC V4 profile attributes 2015-97 Memory leak in mozTCPSocket to servers 2015-96 Miscellaneous memory safety hazards (rv:41.0 / rv:38.3) @ text @$NetBSD: patch-mozilla_security_manager_ssl_src_nsNSSComponent.cpp,v 1.3 2014/11/02 05:40:31 ryoon Exp $ --- mozilla/security/manager/ssl/src/nsNSSComponent.cpp.orig 2014-10-14 06:36:36.000000000 +0000 +++ mozilla/security/manager/ssl/src/nsNSSComponent.cpp @@@@ -53,6 +53,7 @@@@ #include "nss.h" #include "pkix/pkixnss.h" #include "ssl.h" +#define NSS_ENABLE_ECC 1 #include "sslproto.h" #include "secmod.h" #include "secerr.h" @ 1.3 log @Update to 2.30 * Update enigmail to 1.7.2 Changelog: * SeaMonkey specific changes are not available. * Use xul engine from Firefox 33. @ text @d1 1 a1 1 $NetBSD: patch-mozilla_security_manager_ssl_src_nsNSSComponent.cpp,v 1.2 2013/09/28 14:37:05 ryoon Exp $ @ 1.2 log @Update to 2.21 Changelog: SeaMonkey-specific changes Implemented an option to thread messages received by date. Allowed deletion of news posts by default. Implemented optional taskbar preview-per-tab. Added support (permission prompt) for desktop notifications. Added Isn't operator for searching by Priority. See the changes page for a more complete overview. Mozilla platform changes Support for new scrollbar style on Mac OS X 10.7 and newer. Accessibility related improvements on using pinned tabs (bug 577727). Major SVG rendering improvements around Image tiling and scaling (bug 600207). Removed support for sherlock files that are loaded from application or profile directory. Support for W3C touch events disabled (bug 888304). Fixed several stability issues. Fixed in SeaMonkey 2.21 MFSA 2013-92 GC hazard with default compartments and frame chain restoration MFSA 2013-91 User-defined properties on DOM proxies get the wrong "this" object MFSA 2013-90 Memory corruption involving scrolling MFSA 2013-89 Buffer overflow with multi-column, lists, and floats MFSA 2013-88 compartment mismatch re-attaching XBL-backed nodes MFSA 2013-85 Uninitialized data in IonMonkey MFSA 2013-83 Mozilla Updater does not lock MAR file after signature verification MFSA 2013-82 Calling scope for new Javascript objects can lead to memory corruption MFSA 2013-81 Use-after-free with select element MFSA 2013-80 NativeKey continues handling key messages after widget is destroyed MFSA 2013-79 Use-after-free in Animation Manager during stylesheet cloning MFSA 2013-78 Integer overflow in ANGLE library MFSA 2013-77 Improper state in HTML5 Tree Builder with templates MFSA 2013-76 Miscellaneous memory safety hazards (rv:24.0 / rv:17.0.9) @ text @d1 1 a1 1 $NetBSD: patch-mozilla_security_manager_ssl_src_nsNSSComponent.cpp,v 1.1 2013/05/23 13:25:30 ryoon Exp $ d3 1 a3 1 --- mozilla/security/manager/ssl/src/nsNSSComponent.cpp.orig 2013-09-16 18:26:55.000000000 +0000 d5 1 a5 2 @@@@ -49,6 +49,7 @@@@ d7 1 d12 1 a12 1 #include "secmime.h" @ 1.1 log @Update to 18.0beta4 * Use common files for www/firefox. SeaMonkey-specific changes Basic Private Browsing support has been added (experimental for now). Added support for safe browsing which blocks potentially malicious websites reported as attack sites (malware) or web forgeries (phishing). Information like preview text, subject and sender can be shown in new mail notifications now. See the changes page for minor changes. Mozilla platform changes CSS -moz-user-select:none selection has been changed to improve compatibility with -webkit-user-select:none (bug 816298). Applied graphics-related performance improvements (bug 809821). Removed E4X support from SpiderMonkey. Added support for the
element. Implemented scoped stylesheets. Fixed some function keys not working when pressed (bug 833719). Fixed several stability issues. @ text @d1 1 a1 1 $NetBSD$ d3 1 a3 1 --- mozilla/security/manager/ssl/src/nsNSSComponent.cpp.orig 2013-05-03 03:08:10.000000000 +0000 d5 2 a6 1 @@@@ -72,6 +72,7 @@@@ a7 1 #include "pk11func.h" d12 1 a12 1 #include "sechash.h" @