head 1.50; access; symbols pkgsrc-2013Q2:1.50.0.10 pkgsrc-2013Q2-base:1.50 pkgsrc-2012Q4:1.50.0.8 pkgsrc-2012Q4-base:1.50 pkgsrc-2011Q4:1.50.0.6 pkgsrc-2011Q4-base:1.50 pkgsrc-2011Q2:1.50.0.4 pkgsrc-2011Q2-base:1.50 pkgsrc-2009Q4:1.50.0.2 pkgsrc-2009Q4-base:1.50 pkgsrc-2009Q3:1.49.0.2 pkgsrc-2009Q3-base:1.49 pkgsrc-2009Q2:1.46.0.2 pkgsrc-2009Q2-base:1.46 pkgsrc-2009Q1:1.44.0.2 pkgsrc-2009Q1-base:1.44 pkgsrc-2008Q4:1.40.0.2 pkgsrc-2008Q4-base:1.40 pkgsrc-2008Q3:1.37.0.2 pkgsrc-2008Q3-base:1.37 cube-native-xorg:1.36.0.2 cube-native-xorg-base:1.36 pkgsrc-2008Q2:1.35.0.4 pkgsrc-2008Q2-base:1.35 cwrapper:1.35.0.2 pkgsrc-2008Q1:1.33.0.2 pkgsrc-2008Q1-base:1.33 pkgsrc-2007Q4:1.32.0.2 pkgsrc-2007Q4-base:1.32 pkgsrc-2007Q3:1.29.0.2 pkgsrc-2007Q3-base:1.29 pkgsrc-2007Q2:1.26.0.2 pkgsrc-2007Q2-base:1.26 pkgsrc-2007Q1:1.23.0.2 pkgsrc-2007Q1-base:1.23 pkgsrc-2006Q4:1.21.0.2 pkgsrc-2006Q4-base:1.21 pkgsrc-2006Q3:1.18.0.2 pkgsrc-2006Q3-base:1.18 pkgsrc-2006Q2:1.15.0.2 pkgsrc-2006Q2-base:1.15 pkgsrc-2006Q1:1.11.0.2 pkgsrc-2006Q1-base:1.11 pkgsrc-2005Q4:1.8.0.2 pkgsrc-2005Q4-base:1.8 pkgsrc-2005Q3:1.7.0.2 pkgsrc-2005Q3-base:1.7 pkgsrc-2005Q2:1.6.0.2 pkgsrc-2005Q2-base:1.6 pkgsrc-2005Q1:1.5.0.4 pkgsrc-2005Q1-base:1.5 pkgsrc-2004Q4:1.5.0.2 pkgsrc-2004Q4-base:1.5 pkgsrc-2004Q3:1.2.0.2 pkgsrc-2004Q3-base:1.2; locks; strict; comment @# @; 1.50 date 2009.11.29.03.06.42; author tnn; state dead; branches; next 1.49; 1.49 date 2009.10.03.13.18.23; author ghen; state Exp; branches; next 1.48; 1.48 date 2009.09.24.13.14.53; author wiz; state Exp; branches; next 1.47; 1.47 date 2009.07.22.09.01.35; author wiz; state Exp; branches; next 1.46; 1.46 date 2009.06.24.08.45.52; author ghen; state Exp; branches; next 1.45; 1.45 date 2009.06.19.13.13.06; author he; state Exp; branches; next 1.44; 1.44 date 2009.03.19.15.08.58; author ghen; state Exp; branches; next 1.43; 1.43 date 2009.03.18.00.08.39; author abs; state Exp; branches; next 1.42; 1.42 date 2009.01.07.14.23.03; author ghen; state Exp; branches; next 1.41; 1.41 date 2009.01.05.19.41.37; author ghen; state Exp; branches; next 1.40; 1.40 date 2008.12.21.17.04.40; author jmcneill; state Exp; branches 1.40.2.1; next 1.39; 1.39 date 2008.12.19.07.59.26; author roy; state Exp; branches; next 1.38; 1.38 date 2008.11.24.17.19.13; author is; state Exp; branches; next 1.37; 1.37 date 2008.09.26.12.08.20; author ghen; state Exp; branches 1.37.2.1; next 1.36; 1.36 date 2008.08.22.09.42.15; author ghen; state Exp; branches; next 1.35; 1.35 date 2008.05.20.11.51.55; author ghen; state Exp; branches 1.35.4.1; next 1.34; 1.34 date 2008.05.19.10.43.02; author tnn; state Exp; branches; next 1.33; 1.33 date 2008.02.27.10.00.47; author ghen; state Exp; branches 1.33.2.1; next 1.32; 1.32 date 2007.12.22.07.22.09; author obache; state Exp; branches; next 1.31; 1.31 date 2007.11.15.15.05.23; author tron; state Exp; branches; next 1.30; 1.30 date 2007.10.16.01.53.28; author dmcmahill; state Exp; branches; next 1.29; 1.29 date 2007.10.08.10.13.03; author ghen; state Exp; branches 1.29.2.1; next 1.28; 1.28 date 2007.08.02.08.48.29; author ghen; state Exp; branches; next 1.27; 1.27 date 2007.07.26.12.29.34; author ghen; state Exp; branches; next 1.26; 1.26 date 2007.06.15.16.11.41; author joerg; state Exp; branches 1.26.2.1; next 1.25; 1.25 date 2007.06.15.08.55.29; author ghen; state Exp; branches; next 1.24; 1.24 date 2007.05.12.06.53.21; author ghen; state Exp; branches; next 1.23; 1.23 date 2007.03.02.14.12.24; author ghen; state Exp; branches 1.23.2.1; next 1.22; 1.22 date 2007.02.04.00.15.48; author dmcmahill; state Exp; branches; next 1.21; 1.21 date 2006.12.20.12.53.32; author ghen; state Exp; branches 1.21.2.1; next 1.20; 1.20 date 2006.11.08.13.15.40; author ghen; state Exp; branches; next 1.19; 1.19 date 2006.10.23.09.43.06; author markd; state Exp; branches; next 1.18; 1.18 date 2006.09.24.16.32.46; author salo; state Exp; branches 1.18.2.1; next 1.17; 1.17 date 2006.09.15.13.55.22; author ghen; state Exp; branches; next 1.16; 1.16 date 2006.07.29.02.13.04; author uebayasi; state Exp; branches; next 1.15; 1.15 date 2006.06.03.08.04.36; author ghen; state Exp; branches 1.15.2.1; next 1.14; 1.14 date 2006.06.03.07.57.31; author ghen; state Exp; branches; next 1.13; 1.13 date 2006.05.21.23.18.35; author jlam; state Exp; branches; next 1.12; 1.12 date 2006.04.23.14.14.07; author ghen; state Exp; branches; next 1.11; 1.11 date 2006.03.29.07.47.13; author ghen; state Exp; branches 1.11.2.1; next 1.10; 1.10 date 2006.03.23.15.43.17; author joerg; state Exp; branches; next 1.9; 1.9 date 2006.02.05.14.49.05; author ghen; state Exp; branches; next 1.8; 1.8 date 2005.10.02.12.37.04; author taya; state Exp; branches 1.8.2.1; next 1.7; 1.7 date 2005.07.24.02.58.33; author taya; state Exp; branches 1.7.2.1; next 1.6; 1.6 date 2005.03.25.14.43.45; author taya; state Exp; branches 1.6.2.1; next 1.5; 1.5 date 2004.12.14.23.35.34; author taya; state Exp; branches 1.5.4.1; next 1.4; 1.4 date 2004.12.04.02.16.03; author taya; state Exp; branches; next 1.3; 1.3 date 2004.11.14.23.38.20; author taya; state Exp; branches; next 1.2; 1.2 date 2004.09.20.12.55.43; author taya; state Exp; branches 1.2.2.1; next 1.1; 1.1 date 2004.08.10.14.27.17; author taya; state Exp; branches; next ; 1.40.2.1 date 2009.01.07.13.40.51; author tron; state Exp; branches; next 1.40.2.2; 1.40.2.2 date 2009.01.07.16.50.30; author tron; state Exp; branches; next ; 1.37.2.1 date 2008.11.26.04.45.44; author tron; state Exp; branches; next ; 1.35.4.1 date 2008.08.24.11.10.26; author rtr; state Exp; branches; next ; 1.33.2.1 date 2008.05.21.16.20.33; author tron; state Exp; branches; next ; 1.29.2.1 date 2007.11.15.18.33.15; author ghen; state Exp; branches; next ; 1.26.2.1 date 2007.08.10.01.40.47; author salo; state Exp; branches; next ; 1.23.2.1 date 2007.06.14.01.42.48; author salo; state Exp; branches; next ; 1.21.2.1 date 2007.03.05.19.16.30; author salo; state Exp; branches; next ; 1.18.2.1 date 2006.11.09.09.30.56; author salo; state Exp; branches; next 1.18.2.2; 1.18.2.2 date 2006.12.23.04.34.07; author snj; state Exp; branches; next ; 1.15.2.1 date 2006.07.30.11.42.24; author salo; state Exp; branches; next 1.15.2.2; 1.15.2.2 date 2006.09.17.01.37.45; author salo; state Exp; branches; next ; 1.11.2.1 date 2006.04.23.23.11.55; author salo; state Exp; branches; next 1.11.2.2; 1.11.2.2 date 2006.06.04.00.54.05; author salo; state Exp; branches; next ; 1.8.2.1 date 2006.02.09.10.32.28; author salo; state Exp; branches; next ; 1.7.2.1 date 2005.10.03.14.30.04; author salo; state Exp; branches; next ; 1.6.2.1 date 2005.08.19.07.44.39; author snj; state Exp; branches; next ; 1.5.4.1 date 2005.03.25.17.46.19; author snj; state Exp; branches; next ; 1.2.2.1 date 2004.12.01.01.49.24; author snj; state Exp; branches; next ; desc @@ 1.50 log @update to thunderbird-3.0rc1. The 2.x version is still available in mail/thunderbird2. Major changes: - New Mail Account Setup Wizard - Redesigned Mail Toolbar - Tabbed Email Messages - Smart Folders - New Message Summary View - Column Headings - Message Archive - Activity Manager - New Add-ons Manager - Improved Address Book - Improved Gmail Integration Full release notes: http://www.mozillamessaging.com/en-US/thunderbird/3.0rc1/releasenotes/ @ text @# $NetBSD: Makefile-thunderbird.common,v 1.49 2009/10/03 13:18:23 ghen Exp $ # used by mail/thunderbird/Makefile # used by mail/thunderbird-gtk1/Makefile MOZILLA_BIN= thunderbird-bin MOZ_VER= 2.0.0.23 EXTRACT_SUFX= .tar.bz2 DISTNAME= thunderbird-${MOZ_VER}-source CATEGORIES= mail MASTER_SITES= ${MASTER_SITE_MOZILLA:=thunderbird/releases/${MOZ_VER}/source/} HOMEPAGE= http://www.mozilla.com/en-US/thunderbird/ CONFIGURE_ENV+= MOZ_THUNDERBIRD=1 MAKE_ENV+= MOZ_THUNDERBIRD=1 DISTINFO_FILE= ${.CURDIR}/../../mail/thunderbird/distinfo PATCHDIR= ${.CURDIR}/../../mail/thunderbird/patches CONFIGURE_ARGS+= --enable-application=mail CONFIGURE_ARGS+= --enable-debug=-g CHECK_FILES_SKIP+= ${PREFIX}/lib/${MOZILLA}/chrome/app-chrome.manifest CHECK_FILES_SKIP+= ${PREFIX}/lib/${MOZILLA}/components/compreg.dat CHECK_FILES_SKIP+= ${PREFIX}/lib/${MOZILLA}/components/xpti.dat .PHONY: install-desktop post-install: install-desktop install-desktop: ${SED} \ -e 's|@@MOZILLA@@|${MOZILLA}|g' \ -e 's|@@MOZILLA_NAME@@|Thunderbird|g' \ -e 's|@@MOZILLA_ICON@@|${MOZILLA}.xpm|g' \ < ${.CURDIR}/../../mail/thunderbird/files/thunderbird.desktop.in \ > ${WRKDIR}/${MOZILLA}.desktop ${INSTALL_DATA} ${WRKDIR}/${MOZILLA}.desktop \ ${DESTDIR:Q}${PREFIX:Q}/share/applications/${MOZILLA}.desktop ${LN} -sf ${DESTDIR:Q}${PREFIX:Q}/lib/${MOZILLA}/chrome/icons/default/default.xpm \ ${DESTDIR:Q}${PREFIX:Q}/share/pixmaps/${MOZILLA}.xpm INSTALLATION_DIRS+= share/applications share/pixmaps PKG_DESTDIR_SUPPORT= user-destdir .include "../../sysutils/desktop-file-utils/desktopdb.mk" .include "../../www/seamonkey/Makefile.common" @ 1.49 log @Update thunderbird and thunderbird-gtk1 to 2.0.0.23. Security fixes in this version: MFSA 2009-43 Heap overflow in certificate regexp parsing MFSA 2009-42 Compromise of SSL-protected communication For more info, see http://www.mozilla.com/en-US/thunderbird/2.0.0.23/releasenotes/ @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.48 2009/09/24 13:14:53 wiz Exp $ @ 1.48 log @Include "../../sysutils/desktop-file-utils/desktopdb.mk" to make pkglint happy. @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.47 2009/07/22 09:01:35 wiz Exp $ d6 1 a6 1 MOZ_VER= 2.0.0.22 @ 1.47 log @Remove USE_DIRS from pkgsrc. Shared directories can now be created independently by the pacakges needing them and will be removed automatically by pkg_delete when empty. Packages needing empty directories can use the @@pkgdir command in PLIST. Discussed and ok'd in thread starting at http://mail-index.netbsd.org/tech-pkg/2009/06/30/msg003546.html @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.46 2009/06/24 08:45:52 ghen Exp $ d45 1 @ 1.46 log @Update thunderbird and thunderbird-gtk1 to 2.0.0.22. Security fixes in this version: MFSA 2009-33 Crash viewing multipart/alternative message with text/enhanced part MFSA 2009-32 JavaScript chrome privilege escalation MFSA 2009-29 Arbitrary code execution using event listeners attached to an element whose owner document is null MFSA 2009-27 SSL tampering via non-200 responses to proxy CONNECT requests MFSA 2009-24 Crashes with evidence of memory corruption (rv:1.9.0.11) MFSA 2009-17 Same-origin violations when Adobe Flash loaded via view-source: scheme MFSA 2009-14 Crashes with evidence of memory corruption (rv:1.9.0.9) For more info, see http://www.mozilla.com/en-US/thunderbird/2.0.0.22/releasenotes/ @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.45 2009/06/19 13:13:06 he Exp $ a26 1 USE_DIRS+= xdg-1.4 @ 1.45 log @Move setting of PKGREVISION from Makefile to the common Makefile, so that thunderbird-gtk1 also gets the revision bump, as the latter is already using the newest patch for regxpcom crash fixing. @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.44 2009/03/19 15:08:58 ghen Exp $ d6 1 a6 2 MOZ_VER= 2.0.0.21 PKGREVISION= 1 @ 1.44 log @Update thunderbird and thunderbird-gtk1 to 2.0.0.21. Security fixes in this version: MFSA 2009-10 Upgrade PNG library to fix memory safety hazards MFSA 2009-09 XML data theft via RDFXMLDataSource and cross-domain redirect MFSA 2009-07 Crashes with evidence of memory corruption (rv:1.9.0.7) For more info, see http://www.mozilla.com/en-US/thunderbird/2.0.0.21/releasenotes/ @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.43 2009/03/18 00:08:39 abs Exp $ d7 1 @ 1.43 log @Unify all the mozilla projects into using a single Makefile.common and INSTALL, and put it in seamonkey. Ensure all build with USE_DESTDIR. Bump PKGREVISIONs @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.42 2009/01/07 14:23:03 ghen Exp $ d6 1 a6 1 MOZ_VER= 2.0.0.19 @ 1.42 log @Include xdg-dirs for the share/applications and share/pixmaps directories, otherwise thunderbird doesn't install properly if these directories don't exist on the system, noted by tron. Bump PKGREVISION, brick jmcneill. ;-) @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.41 2009/01/05 19:41:37 ghen Exp $ a21 1 CONFIGURE_ENV+= ac_cv_visibility_pragma=no ac_cv_visibility_hidden=no a26 2 INSTALL_TEMPLATES+= ${.CURDIR}/../../mail/thunderbird/INSTALL d29 3 a31 2 post-install: ${FIND} ${DESTDIR:Q}${PREFIX:Q}/lib/${MOZILLA}/defaults -type f -exec ${CHMOD} u+w {} \; d43 2 a44 5 .include "../../mk/bsd.fast.prefs.mk" .if ${OPSYS} == "NetBSD" || ${OPSYS} == "DragonFly" CPPFLAGS+= -DSQLITE_THREAD_OVERRIDE_LOCK=0 .endif @ 1.41 log @Update thunderbird and thunderbird-gtk1 to 2.0.0.19. Security fixes in this version: MFSA 2008-68 XSS and JavaScript privilege escalation MFSA 2008-67 Escaped null characters ignored by CSS parser MFSA 2008-66 Errors parsing URLs with leading whitespace and control characters MFSA 2008-65 Cross-domain data theft via script redirect error message MFSA 2008-64 XMLHttpRequest 302 response disclosure MFSA 2008-61 Information stealing via loadBindingDocument MFSA 2008-60 Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) For more info, see http://www.mozilla.com/en-US/thunderbird/2.0.0.19/releasenotes/ @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.40 2008/12/21 17:04:40 jmcneill Exp $ d30 2 @ 1.40 log @Add .desktop file for GNOME/KDE/Xfce integration, bump PKGREVISION. ok wiz@@ @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.39 2008/12/19 07:59:26 roy Exp $ d6 1 a6 1 MOZ_VER= 2.0.0.18 @ 1.40.2.1 log @Pullup ticket #2624 - requested by ghen thunderbird: security update thunderbird-gtk1: security update Revisions pulled up: - mail/thunderbird-gtk1/Makefile 1.19 - mail/thunderbird/Makefile 1.32 - mail/thunderbird/Makefile-thunderbird.common 1.41 - mail/thunderbird/distinfo 1.50 --- Module Name: pkgsrc Committed By: ghen Date: Mon Jan 5 19:41:37 UTC 2009 Modified Files: pkgsrc/mail/thunderbird: Makefile Makefile-thunderbird.common distinfo pkgsrc/mail/thunderbird-gtk1: Makefile Log Message: Update thunderbird and thunderbird-gtk1 to 2.0.0.19. Security fixes in this version: MFSA 2008-68 XSS and JavaScript privilege escalation MFSA 2008-67 Escaped null characters ignored by CSS parser MFSA 2008-66 Errors parsing URLs with leading whitespace and control characters MFSA 2008-65 Cross-domain data theft via script redirect error message MFSA 2008-64 XMLHttpRequest 302 response disclosure MFSA 2008-61 Information stealing via loadBindingDocument MFSA 2008-60 Crashes with evidence of memory corruption (rv:1.9.0.5/1.8.1.19) For more info, see http://www.mozilla.com/en-US/thunderbird/2.0.0.19/releasenotes/ @ text @d1 1 a1 1 # $NetBSD$ d6 1 a6 1 MOZ_VER= 2.0.0.19 @ 1.40.2.2 log @Pullup ticket #2624 - requested by ghen thunderbird: build fix thunderbird-gtk1: build fix Revisions pulled up: - mail/thunderbird-gtk1/Makefile 1.20 - mail/thunderbird-gtk1/PLIST 1.16 - mail/thunderbird/Makefile 1.33 - mail/thunderbird/Makefile-thunderbird.common 1.42 - mail/thunderbird/PLIST 1.26 --- Module Name: pkgsrc Committed By: ghen Date: Wed Jan 7 14:23:03 UTC 2009 Modified Files: pkgsrc/mail/thunderbird: Makefile Makefile-thunderbird.common PLIST pkgsrc/mail/thunderbird-gtk1: Makefile PLIST Log Message: Include xdg-dirs for the share/applications and share/pixmaps directories, otherwise thunderbird doesn't install properly if these directories don't exist on the system, noted by tron. Bump PKGREVISION, brick jmcneill. ;-) @ text @a29 2 USE_DIRS+= xdg-1.4 @ 1.39 log @Add an INSTALL template instead of post-install: target so that binary packages and unpriv cleaning work. @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.38 2008/11/24 17:19:13 is Exp $ d32 10 @ 1.38 log @Upgrade to 2.0.0.18 (some security fix) @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.37 2008/09/26 12:08:20 ghen Exp $ d28 2 a30 3 cd ${PREFIX}/lib/${MOZILLA} && \ ${SETENV} LD_LIBRARY_PATH=.:${PREFIX}/lib MOZILLA_FIVE_HOME=. HOME=${WRKSRC:Q} \ ./${MOZILLA_BIN} -register @ 1.37 log @Update thunderbird and thunderbird-gtk1 to 2.0.0.17. Security fixes in this version: MFSA 2008-46 Heap overflow when canceling newsgroup message MFSA 2008-44 resource: traversal vulnerabilities MFSA 2008-43 BOM characters stripped from JavaScript before execution MFSA 2008-42 Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17) MFSA 2008-41 Privilege escalation via XPCnativeWrapper pollution MFSA 2008-38 nsXMLDocument::OnChannelRedirect() same-origin violation MFSA 2008-37 UTF-8 URL stack buffer overflow For more info, see http://www.mozilla.com/en-US/thunderbird/2.0.0.17/releasenotes/ @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.36 2008/08/22 09:42:15 ghen Exp $ d6 1 a6 1 MOZ_VER= 2.0.0.17 @ 1.37.2.1 log @Pullup ticket #2597 - requested by is thunderbird: security update thunderbird-gtk1: security update Revisions pulled up: - mail/thunderbird/Makefile-thunderbird.common 1.38 - mail/thunderbird/distinfo 1.49 --- Module Name: pkgsrc Committed By: is Date: Mon Nov 24 17:19:13 UTC 2008 Modified Files: pkgsrc/mail/thunderbird: Makefile-thunderbird.common distinfo Log Message: Upgrade to 2.0.0.18 (some security fix) @ text @d1 1 a1 1 # $NetBSD$ d6 1 a6 1 MOZ_VER= 2.0.0.18 @ 1.36 log @Update thunderbird and thunderbird-gtk1 to 2.0.0.16. Security fixes in this version: MFSA 2008-34 Remote code execution by overflowing CSS reference counter MFSA 2008-33 Crash and remote code execution in block reflow MFSA 2008-31 Peer-trusted certs can use alt names to spoof MFSA 2008-29 Faulty .properties file results in uninitialized memory being used MFSA 2008-26 Buffer length checks in MIME processing MFSA 2008-25 Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript() MFSA 2008-24 Chrome script loading from fastload file MFSA 2008-21 Crashes with evidence of memory corruption For more info, see http://www.mozilla.com/en-US/thunderbird/2.0.0.16/releasenotes/ @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.35 2008/05/20 11:51:55 ghen Exp $ d6 1 a6 1 MOZ_VER= 2.0.0.16 @ 1.35 log @Update thunderbird and thunderbird-gtk1 to 2.0.0.14 (2.0.0.13 was skipped to stay on par with Firefox version numbering?) Security fixes in this version: MFSA 2008-15 Crashes with evidence of memory corruption (rv:1.8.1.13) MFSA 2008-14 JavaScript privilege escalation and arbitrary code execution For more info, see http://www.mozilla.com/en-US/thunderbird/2.0.0.14/releasenotes/ @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.34 2008/05/19 10:43:02 tnn Exp $ d6 1 a6 1 MOZ_VER= 2.0.0.14 @ 1.35.4.1 log @pullup ticket #2506 - requested by ghen thunderbird, thunderbird-gtk1: update package for security fixes revisions pulled up: pkgsrc/mail/thunderbird/Makefile-thunderbird.common 1.36 pkgsrc/mail/thunderbird/PLIST 1.24 pkgsrc/mail/thunderbird/distinfo 1.46 pkgsrc/mail/thunderbird-gtk1/PLIST 1.14 pkgsrc/mail/thunderbird/patches/patch-af 1.5 pkgsrc/mail/thunderbird/patches/patch-ap 1.5 pkgsrc/mail/thunderbird/patches/patch-dw 1.2 Module Name: pkgsrc Committed By: ghen Date: Fri Aug 22 09:42:15 UTC 2008 Modified Files: pkgsrc/mail/thunderbird: Makefile-thunderbird.common PLIST distinfo pkgsrc/mail/thunderbird-gtk1: PLIST pkgsrc/mail/thunderbird/patches: patch-af patch-ap patch-dw Log Message: Update thunderbird and thunderbird-gtk1 to 2.0.0.16. Security fixes in this version: MFSA 2008-34 Remote code execution by overflowing CSS reference counter MFSA 2008-33 Crash and remote code execution in block reflow MFSA 2008-31 Peer-trusted certs can use alt names to spoof MFSA 2008-29 Faulty .properties file results in uninitialized memory being used MFSA 2008-26 Buffer length checks in MIME processing MFSA 2008-25 Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript() MFSA 2008-24 Chrome script loading from fastload file MFSA 2008-21 Crashes with evidence of memory corruption For more info, see +http://www.mozilla.com/en-US/thunderbird/2.0.0.16/releasenotes/ @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.35 2008/05/20 11:51:55 ghen Exp $ d6 1 a6 1 MOZ_VER= 2.0.0.16 @ 1.34 log @Fix assorted pkglint complaints and warns. @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.33 2008/02/27 10:00:47 ghen Exp $ d6 1 a6 1 MOZ_VER= 2.0.0.12 @ 1.33 log @Update thunderbrd and thunderbird-gtk1 to 2.0.0.12 (.10 and .11 where skipped). Security fixes in this version: MFSA 2008-12 Heap buffer overflow in external MIME bodies MFSA 2008-07 Possible information disclosure in BMP decoder MFSA 2008-05 Directory traversal via chrome: URI MFSA 2008-03 Privilege escalation, XSS, Remote Code Execution MFSA 2008-01 Crashes with evidence of memory corruption (rv:1.8.1.12) For more info, see http://www.mozilla.com/en-US/thunderbird/2.0.0.12/releasenotes/ @ text @d1 3 a3 1 # $NetBSD: Makefile-thunderbird.common,v 1.32 2007/12/22 07:22:09 obache Exp $ @ 1.33.2.1 log @Pullup ticket 2394 - requested by ghen Security update for thunderbird and thunderbird-gtk1 - mail/thunderbird-gtk1/Makefile 1.17 - mail/thunderbird/Makefile-thunderbird.common 1.35 - mail/thunderbird/distinfo 1.45 Module Name: pkgsrc Committed By: ghen Date: Tue May 20 11:51:55 UTC 2008 Modified Files: pkgsrc/mail/thunderbird: Makefile-thunderbird.common distinfo Log Message: Update thunderbird and thunderbird-gtk1 to 2.0.0.14 (2.0.0.13 was skipped to stay on par with Firefox version numbering?) Security fixes in this version: MFSA 2008-15 Crashes with evidence of memory corruption (rv:1.8.1.13) MFSA 2008-14 JavaScript privilege escalation and arbitrary code execution For more info, see http://www.mozilla.com/en-US/thunderbird/2.0.0.14/releasenotes/ --- Module Name: pkgsrc Committed By: ghen Date: Tue May 20 11:52:50 UTC 2008 Modified Files: pkgsrc/mail/thunderbird-gtk1: Makefile Log Message: Unbump PKGREVISION for 2.0.0.14 update. @ text @d1 1 a1 1 # $NetBSD$ d4 1 a4 1 MOZ_VER= 2.0.0.14 @ 1.32 log @Change MOZILLA master sites difinitions, related to PR 37379. There are three types Mozilla mirrors. (http://www.mozilla.org/mirroring.html) * mozilla-current contains only the current version of Firefox and Thunderbird * mozilla-release contains Firefox, Thunderbird, and Sunbird releases * mozilla-all complete archive Define following variables for mozilla master sites: MASTER_SITE_MOZILLA_ALL = mozilla-all MASTER_SITE_MOZILLA = mozilla-release and change some packages to use appropriate variable. Update contents of MASTER_SITE_MOZILLA with master and primary mirrors taken from http://www.mozilla.org/mirrors.html and add some sample definitions. @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.31 2007/11/15 15:05:23 tron Exp $ d4 1 a4 1 MOZ_VER= 2.0.0.9 @ 1.31 log @Update "thunderbird" package to version 2.0.0.9. It fixes the following security problems: - MFSA 2007-36 URIs with invalid %-encoding mishandled by Windows - MFSA 2007-29 Crashes with evidence of memory corruption (rv:1.8.1.8) @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.30 2007/10/16 01:53:28 dmcmahill Exp $ d8 1 a8 2 MASTER_SITES= http://ftp.mozilla.org/pub/mozilla.org/thunderbird/releases/${MOZ_VER}/source/ MASTER_SITES+= ftp://ftp.mozilla.org/pub/mozilla.org/thunderbird/releases/${MOZ_VER}/source/ @ 1.30 log @Make thunderbird also obey the mozilla-single-profile package option that is used already for firefox and thunderbird. @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.29 2007/10/08 10:13:03 ghen Exp $ d4 1 a4 1 MOZ_VER= 2.0.0.6 @ 1.29 log @Fix file permissions for default profile. Bump PKGREVISION. @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.28 2007/08/02 08:48:29 ghen Exp $ a19 1 CONFIGURE_ARGS+= --enable-single-profile @ 1.29.2.1 log @Pullup ticket 2227 - requested by tron security update for thunderbird - pkgsrc/mail/thunderbird/Makefile 1.30 via patch - pkgsrc/mail/thunderbird/Makefile-thunderbird.common 1.31 - pkgsrc/mail/thunderbird/distinfo 1.42 - pkgsrc/mail/thunderbird/patches/patch-ac 1.8 Module Name: pkgsrc Committed By: tron Date: Thu Nov 15 15:05:23 UTC 2007 Modified Files: pkgsrc/mail/thunderbird: Makefile Makefile-thunderbird.common distinfo pkgsrc/mail/thunderbird/patches: patch-ac Log Message: Update "thunderbird" package to version 2.0.0.9. It fixes the following security problems: - MFSA 2007-36 URIs with invalid %-encoding mishandled by Windows - MFSA 2007-29 Crashes with evidence of memory corruption (rv:1.8.1.8) @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.29 2007/10/08 10:13:03 ghen Exp $ d4 1 a4 1 MOZ_VER= 2.0.0.9 @ 1.28 log @Update thunderbrd and thunderbird-gtk1 to 2.0.0.6. Security fixes in this version: MFSA 2007-27 Unescaped URIs passed to external programs MFSA 2007-26 Privilege escalation through chrome-loaded about:blank windows For more info, see http://www.mozilla.com/en-US/thunderbird/2.0.0.6/releasenotes/ @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.27 2007/07/26 12:29:34 ghen Exp $ d32 1 @ 1.27 log @Update thunderbrd and thunderbird-gtk1 to 2.0.0.5. Security fixes in this version: MFSA 2007-15 Security Vulnerability in APOP Authentication MFSA 2007-12 Crashes with evidence of memory corruption For more info, see http://www.mozilla.com/en-US/thunderbird/2.0.0.5/releasenotes/ @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.26 2007/06/15 16:11:41 joerg Exp $ d4 1 a4 1 MOZ_VER= 2.0.0.5 @ 1.26 log @Include sqlite3 locking patch from Firefox. @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.25 2007/06/15 08:55:29 ghen Exp $ d4 1 a4 1 MOZ_VER= 2.0.0.4 @ 1.26.2.1 log @Pullup ticket 2156 - requested by ghen security update for thunderbird Revisions pulled up: - pkgsrc/mail/thunderbird/Makefile-thunderbird.common 1.27, 1.28 - pkgsrc/mail/thunderbird/PLIST 1.23 - pkgsrc/mail/thunderbird/distinfo 1.40, 1.41 - pkgsrc/mail/thunderbird-gtk1/PLIST 1.13 Module Name: pkgsrc Committed By: ghen Date: Thu Jul 26 12:29:37 UTC 2007 Modified Files: pkgsrc/mail/thunderbird: Makefile-thunderbird.common PLIST distinfo pkgsrc/mail/thunderbird-gtk1: PLIST Log Message: Update thunderbrd and thunderbird-gtk1 to 2.0.0.5. Security fixes in this version: MFSA 2007-15 Security Vulnerability in APOP Authentication MFSA 2007-12 Crashes with evidence of memory corruption For more info, see http://www.mozilla.com/en-US/thunderbird/2.0.0.5/releasenotes/ --- Module Name: pkgsrc Committed By: ghen Date: Thu Aug 2 08:48:30 UTC 2007 Modified Files: pkgsrc/mail/thunderbird: Makefile-thunderbird.common distinfo Log Message: Update thunderbrd and thunderbird-gtk1 to 2.0.0.6. Security fixes in this version: MFSA 2007-27 Unescaped URIs passed to external programs MFSA 2007-26 Privilege escalation through chrome-loaded about:blank windows For more info, see http://www.mozilla.com/en-US/thunderbird/2.0.0.6/releasenotes/ @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.28 2007/08/02 08:48:29 ghen Exp $ d4 1 a4 1 MOZ_VER= 2.0.0.6 @ 1.25 log @Update thunderbrd and thunderbird-gtk1 to 2.0.0.4. (2.0.0.1-2.0.0.3 skipped to keep the version on par with Firefox?) Security fixes in this version: MFSA 2007-15 Security Vulnerability in APOP Authentication MFSA 2007-12 Crashes with evidence of memory corruption For more info, see http://www.mozilla.com/en-US/thunderbird/2.0.0.4/releasenotes/ @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.24 2007/05/12 06:53:21 ghen Exp $ d33 6 @ 1.24 log @Update to Thunderbird 2.0.0.0. What's New in Thunderbird 2 * Message Tags: Create your own tags for organizing email. Messages can be assigned any number of tags. Tags can be combined with saved searches and mail views to make it easier to organize email. * Visual Theme: Thunderbird 2's theme and user interface have been updated to improve usability and maximize screen real estate. * Session History Navigation: Back and Forward buttons allow navigation through message history. * Advanced Folder Views: Customize the folder pane to show favorite, unread or recent folders. * Easy Access to Popular Web Mail Services: Gmail and .Mac users can access their accounts in Thunderbird by simply providing their user names and passwords. * Improved Support For Extensions: Extensions can now add custom columns to the message list pane in addition to storing custom message data in the mail database. * Improved New Mail Notification Alerts: New mail alerts include information such as the subject, sender and message preview text. * Folder Summary Popups: Mouse over a folder with new messages to see a summary of the new messages in that folder. * Saved Search Folder Performance: Search results for saved search folders are now cached, improving folder loading performance. * Find As You Type: Finds and highlights message text as you type. * Improved Filing Tools: Recent folder menu items for moving and copying messages to recently used folders. Move / Copy again functionality. * Updates to the Extension System: The extension system has been updated to provide enhanced security and to allow for easier localization of extensions. The Rumbling Edge has a more detailed list of notable bug fixes: http://weblogs.mozillazine.org/rumblingedge/archives/2007/03/tb_2.html @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.23 2007/03/02 14:12:24 ghen Exp $ d4 1 a4 1 MOZ_VER= 2.0.0.0 @ 1.23 log @Update thunderbird and thunderbird-gtk1 to 1.5.0.10. Fixed in this version: MFSA 2007-06 Mozilla Network Security Services (NSS) SSLv2 buffer overflow MFSA 2007-01 Crashes with evidence of memory corruption (rv:1.8.0.10/1.8.1.2) For more info, see http://www.mozilla.com/en-US/thunderbird/releases/1.5.0.10.html @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.22 2007/02/04 00:15:48 dmcmahill Exp $ d4 1 a4 1 MOZ_VER= 1.5.0.10 d11 1 a11 1 HOMEPAGE= http://www.mozilla.org/projects/thunderbird/ @ 1.23.2.1 log @Pullup ticket 2109 - requested by ghen security update for thunderbird Updated via patch provided by the submitter, packages in HEAD were renamed. Module Name: pkgsrc Committed By: ghen Date: Thu May 31 21:36:52 UTC 2007 Modified Files: pkgsrc/mail/thunderbird15: Makefile Makefile-thunderbird.common distinfo pkgsrc/mail/thunderbird15-gtk1: Makefile Log Message: Update thunderbird15 and thunderbird15-gtk1 to 1.5.0.12 (they skipped .11 to stay on par with Firefox?). Security fixes in this version: MFSA 2007-15 Security Vulnerability in APOP Authentication MFSA 2007-12 Crashes with evidence of memory corruption For more info, see http://www.mozilla.com/en-US/thunderbird/releases/1.5.0.12.html @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.23 2007/03/02 14:12:24 ghen Exp $ d4 1 a4 1 MOZ_VER= 1.5.0.12 @ 1.22 log @Get these mozilla clients to work on Solaris-2.9/sparc. There were two issues. The PLIST was incorrect and since the PLIST is used by the "moz-install" script, anything missing from the PLIST is never installed even when building from source. When libfreebl* were not installed it caused the clients to fail to load the security component and fail with "The browser failed to load its security component". The second issue is that many installations of solaris-2.9 include various glib/gtk/gnome libraries in /usr/lib. This causes failures because the pkgsrc ones were used at link time and the /usr/lib ones at run time. Work around this by setting a LD_LIBRARY_PATH that includes the pkgsrc lib directory first. pkgrevision bumps all around. @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.21 2006/12/20 12:53:32 ghen Exp $ d4 1 a4 1 MOZ_VER= 1.5.0.9 @ 1.21 log @Update thunderbird and thunderbird-gtk1 to 1.5.0.9. Fixed in this version: MFSA 2006-74 Mail header processing heap overflows MFSA 2006-73 Mozilla SVG Processing Remote Code Execution MFSA 2006-72 XSS by setting img.src to javascript: URI MFSA 2006-71 LiveConnect crash finalizing JS objects MFSA 2006-70 Privilege escallation using watch point MFSA 2006-68 Crashes with evidence of memory corruption (rv:1.8.0.9/1.8.1.1) For more info, see http://www.mozilla.com/en-US/thunderbird/releases/1.5.0.9.html @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.20 2006/11/08 13:15:40 ghen Exp $ d30 1 a30 1 ${SETENV} LD_LIBRARY_PATH=. MOZILLA_FIVE_HOME=. HOME=${WRKSRC:Q} \ @ 1.21.2.1 log @Pullup ticket 2039 - requested by ghen security update for thunderbird Revisions pulled up: - pkgsrc/mail/thunderbird/Makefile-thunderbird.common 1.23 - pkgsrc/mail/thunderbird/PLIST patch - pkgsrc/mail/thunderbird/distinfo patch - pkgsrc/mail/thunderbird/patches/patch-ap patch - pkgsrc/mail/thunderbird/patches/patch-ax patch - pkgsrc/mail/thunderbird-gtk1/PLIST 1.9 Module Name: pkgsrc Committed By: ghen Date: Fri Mar 2 14:12:25 UTC 2007 Modified Files: pkgsrc/mail/thunderbird: Makefile-thunderbird.common PLIST distinfo pkgsrc/mail/thunderbird-gtk1: PLIST pkgsrc/mail/thunderbird/patches: patch-ap patch-ax Log Message: Update thunderbird and thunderbird-gtk1 to 1.5.0.10. Fixed in this version: MFSA 2007-06 Mozilla Network Security Services (NSS) SSLv2 buffer overflow MFSA 2007-01 Crashes with evidence of memory corruption (rv:1.8.0.10/1.8.1.2) For more info, see http://www.mozilla.com/en-US/thunderbird/releases/1.5.0.10.html @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.23 2007/03/02 14:12:24 ghen Exp $ d4 1 a4 1 MOZ_VER= 1.5.0.10 @ 1.20 log @Update thunderbird and thunderbird-gtk1 to 1.5.0.8. Fixed in this version: MFSA 2006-67 Running Script can be recompiled MFSA 2006-66 RSA signature forgery (variant) MFSA 2006-65 Crashes with evidence of memory corruption (rv:1.8.0.8) For more info, see http://www.mozilla.com/en-US/thunderbird/releases/1.5.0.8.html @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.19 2006/10/23 09:43:06 markd Exp $ d4 1 a4 1 MOZ_VER= 1.5.0.8 @ 1.19 log @Build the default set of extensions in thunderbird{,-gtk1}. Allows GSSAPI authentication to work on NetBSD-current. Fixes my PR 33512. OKed by ghen. Bump PKGREVISION. @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.18 2006/09/24 16:32:46 salo Exp $ d4 1 a4 1 MOZ_VER= 1.5.0.7 @ 1.18 log @Use Makefile.common from seamonkey dir instead of mozilla. @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.17 2006/09/15 13:55:22 ghen Exp $ a19 1 CONFIGURE_ARGS+= --enable-extensions=wallet,spellcheck,xmlextras @ 1.18.2.1 log @Pullup ticket 1906 - requested by ghen security update for thunderbird Revisions pulled up: - pkgsrc/mail/thunderbird/Makefile-thunderbird.common 1.19, 1.20 - pkgsrc/mail/thunderbird/PLIST 1.16, 1.17 - pkgsrc/mail/thunderbird/distinfo 1.28, 1.29, 1.30, 1.31 - pkgsrc/mail/thunderbird/patches/patch-ai 1.4 - pkgsrc/mail/thunderbird/patches/patch-as 1.3 - pkgsrc/mail/thunderbird/patches/patch-at 1.1 - pkgsrc/mail/thunderbird-gtk1/PLIST 1.7, 1.8 Module Name: pkgsrc Committed By: markd Date: Thu Oct 19 10:26:14 UTC 2006 Modified Files: pkgsrc/mail/thunderbird: distinfo pkgsrc/mail/thunderbird/patches: patch-ai Log Message: Fix crash after printing caused by trying to destroy the same charset structure multiple times. Bump PKGREVISION. --- Module Name: pkgsrc Committed By: tron Date: Fri Oct 20 12:45:13 UTC 2006 Modified Files: pkgsrc/mail/thunderbird: distinfo Added Files: pkgsrc/mail/thunderbird/patches: patch-as Log Message: Fix "if [ ... == ...]" in a build script. --- Module Name: pkgsrc Committed By: markd Date: Mon Oct 23 09:43:06 UTC 2006 Modified Files: pkgsrc/mail/thunderbird: Makefile-thunderbird.common PLIST pkgsrc/mail/thunderbird-gtk1: PLIST Log Message: Build the default set of extensions in thunderbird{,-gtk1}. Allows GSSAPI authentication to work on NetBSD-current. Fixes my PR 33512. OKed by ghen. Bump PKGREVISION. --- Module Name: pkgsrc Committed By: markd Date: Mon Oct 23 10:49:35 UTC 2006 Modified Files: pkgsrc/mail/thunderbird: distinfo Added Files: pkgsrc/mail/thunderbird/patches: patch-at Log Message: thunderbird's ldap doesn't work talking to an ipv4 ldap server if talking to ipv4 addresses using ipv6 addresses isn't allowed, which is the default on NetBSD. Patch to use a v4 socket when talking to an ipv4 ldap server. Fixes my PR 33511. seamonkey/firefox/sunbird have the same code so make the same patch. OKed ghen. Bump PKGREVISION. --- Module Name: pkgsrc Committed By: ghen Date: Wed Nov 8 13:15:40 UTC 2006 Modified Files: pkgsrc/mail/thunderbird: Makefile-thunderbird.common PLIST distinfo pkgsrc/mail/thunderbird-gtk1: PLIST Log Message: Update thunderbird and thunderbird-gtk1 to 1.5.0.8. Fixed in this version: MFSA 2006-67 Running Script can be recompiled MFSA 2006-66 RSA signature forgery (variant) MFSA 2006-65 Crashes with evidence of memory corruption (rv:1.8.0.8) For more info, see http://www.mozilla.com/en-US/thunderbird/releases/1.5.0.8.html @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.20 2006/11/08 13:15:40 ghen Exp $ d4 1 a4 1 MOZ_VER= 1.5.0.8 d20 1 @ 1.18.2.2 log @Pullup ticket 1965 - requested by ghen security update for thunderbird Revisions pulled up: - pkgsrc/mail/thunderbird/Makefile-thunderbird.common 1.21 - pkgsrc/mail/thunderbird/distinfo 1.32 Module Name: pkgsrc Committed By: ghen Date: Wed Dec 20 12:53:32 UTC 2006 Modified Files: pkgsrc/mail/thunderbird: Makefile-thunderbird.common distinfo Log Message: Update thunderbird and thunderbird-gtk1 to 1.5.0.9. Fixed in this version: MFSA 2006-74 Mail header processing heap overflows MFSA 2006-73 Mozilla SVG Processing Remote Code Execution MFSA 2006-72 XSS by setting img.src to javascript: URI MFSA 2006-71 LiveConnect crash finalizing JS objects MFSA 2006-70 Privilege escallation using watch point MFSA 2006-68 Crashes with evidence of memory corruption (rv:1.8.0.9/1.8.1.1) For more info, see http://www.mozilla.com/en-US/thunderbird/releases/1.5.0.9.html @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.18.2.1 2006/11/09 09:30:56 salo Exp $ d4 1 a4 1 MOZ_VER= 1.5.0.9 @ 1.17 log @Update thunderbird and thunderbird-gtk1 to 1.5.0.7. Fixed in this version: MFSA 2006-64 Crashes with evidence of memory corruption (rv:1.8.0.7) MFSA 2006-63 JavaScript execution in mail via XBL MFSA 2006-60 RSA Signature Forgery MFSA 2006-59 Concurrency-related vulnerability MFSA 2006-58 Auto-Update compromise through DNS and SSL spoofing MFSA 2006-57 JavaScript Regular Expression Heap Corruption For more info, see http://www.mozilla.com/thunderbird/releases/1.5.0.7.html @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.16 2006/07/29 02:13:04 uebayasi Exp $ d34 1 a34 1 .include "../../www/mozilla/Makefile.common" @ 1.16 log @Update Thunderbird to 1.5.0.5. This is a security update announce at July 26, 2006. See the following URLs in detail: http://www.mozilla.org/security/announce/2006/mfsa2006-56.html http://www.mozilla.org/security/announce/2006/mfsa2006-55.html http://www.mozilla.org/security/announce/2006/mfsa2006-54.html http://www.mozilla.org/security/announce/2006/mfsa2006-53.html http://www.mozilla.org/security/announce/2006/mfsa2006-52.html http://www.mozilla.org/security/announce/2006/mfsa2006-51.html http://www.mozilla.org/security/announce/2006/mfsa2006-50.html http://www.mozilla.org/security/announce/2006/mfsa2006-49.html http://www.mozilla.org/security/announce/2006/mfsa2006-48.html http://www.mozilla.org/security/announce/2006/mfsa2006-47.html http://www.mozilla.org/security/announce/2006/mfsa2006-46.html http://www.mozilla.org/security/announce/2006/mfsa2006-45.html http://www.mozilla.org/security/announce/2006/mfsa2006-44.html @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.15 2006/06/03 08:04:36 ghen Exp $ d4 1 a4 1 MOZ_VER= 1.5.0.5 @ 1.15 log @Update www/firefox and www/firefox-gtk to 1.5.0.4, mail/thunderbird and mail/thunderbird-gtk1 to 1.5.0.4, and www/seamonkey, www/seamonkey-gtk1 and www/seamonkey-bin to 1.0.2 (salo has already updated www/firefox-bin). Note that thunderbird skipped one release number (again) to stay on par with firefox. These updates provide: * improvements to product stability, * several important security fixes (see below). Fixed in Firefox 1.5.0.4: MFSA 2006-43 Privilege escalation using addSelectionListener MFSA 2006-42 Web site XSS using BOM on UTF-8 pages MFSA 2006-41 File stealing by changing input type (variant) MFSA 2006-39 "View Image" local resource linking (Windows) MFSA 2006-38 Buffer overflow in crypto.signText() MFSA 2006-37 Remote compromise via content-defined setter on object prototypes MFSA 2006-36 PLUGINSPAGE privileged JavaScript execution 2 MFSA 2006-35 Privilege escalation through XUL persist MFSA 2006-34 XSS viewing javascript: frames or images from context menu MFSA 2006-33 HTTP response smuggling MFSA 2006-32 Fixes for crashes with potential memory corruption MFSA 2006-31 EvalInSandbox escape (Proxy Autoconfig, Greasemonkey) Fixed in Thunderbird 1.5.0.4: MFSA 2006-42 Web site XSS using BOM on UTF-8 pages MFSA 2006-40 Double-free on malformed VCard MFSA 2006-38 Buffer overflow in crypto.signText() MFSA 2006-37 Remote compromise via content-defined setter on object prototypes MFSA 2006-35 Privilege escalation through XUL persist MFSA 2006-33 HTTP response smuggling MFSA 2006-32 Fixes for crashes with potential memory corruption MFSA 2006-31 EvalInSandbox escape (Proxy Autoconfig, Greasemonkey) Fixed in SeaMonkey 1.0.2: MFSA 2006-43 Privilege escalation using addSelectionListener MFSA 2006-42 Web site XSS using BOM on UTF-8 pages MFSA 2006-41 File stealing by changing input type (variant) MFSA 2006-40 Double-free on malformed VCard MFSA 2006-39 "View Image" local resource linking (Windows) MFSA 2006-38 Buffer overflow in crypto.signText() MFSA 2006-37 Remote compromise via content-defined setter on object prototypes MFSA 2006-35 Privilege escalation through XUL persist MFSA 2006-34 XSS viewing javascript: frames or images from context menu MFSA 2006-33 HTTP response smuggling MFSA 2006-32 Fixes for crashes with potential memory corruption MFSA 2006-31 EvalInSandbox escape (Proxy Autoconfig, Greasemonkey) @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.14 2006/06/03 07:57:31 ghen Exp $ d4 1 a4 1 MOZ_VER= 1.5.0.4 @ 1.15.2.1 log @Pullup ticket 1760 - requested by uebayasi security update for thunderbird Revisions pulled up: - pkgsrc/mail/thunderbird/Makefile-thunderbird.common 1.16 - pkgsrc/mail/thunderbird/distinfo 1.25 Module Name: pkgsrc Committed By: uebayasi Date: Sat Jul 29 02:13:04 UTC 2006 Modified Files: pkgsrc/mail/thunderbird: Makefile-thunderbird.common distinfo Log Message: Update Thunderbird to 1.5.0.5. This is a security update announce at July 26, 2006. See the following URLs in detail: http://www.mozilla.org/security/announce/2006/mfsa2006-56.html http://www.mozilla.org/security/announce/2006/mfsa2006-55.html http://www.mozilla.org/security/announce/2006/mfsa2006-54.html http://www.mozilla.org/security/announce/2006/mfsa2006-53.html http://www.mozilla.org/security/announce/2006/mfsa2006-52.html http://www.mozilla.org/security/announce/2006/mfsa2006-51.html http://www.mozilla.org/security/announce/2006/mfsa2006-50.html http://www.mozilla.org/security/announce/2006/mfsa2006-49.html http://www.mozilla.org/security/announce/2006/mfsa2006-48.html http://www.mozilla.org/security/announce/2006/mfsa2006-47.html http://www.mozilla.org/security/announce/2006/mfsa2006-46.html http://www.mozilla.org/security/announce/2006/mfsa2006-45.html http://www.mozilla.org/security/announce/2006/mfsa2006-44.html @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.16 2006/07/29 02:13:04 uebayasi Exp $ d4 1 a4 1 MOZ_VER= 1.5.0.5 @ 1.15.2.2 log @Pullup ticket 1828 - requested by ghen security update for thunderbird Revisions pulled up: - pkgsrc/mail/thunderbird/Makefile-thunderbird.common 1.17 - pkgsrc/mail/thunderbird/distinfo 1.26, 1.27 Module Name: pkgsrc Committed By: tron Date: Mon Jul 31 14:05:00 UTC 2006 Modified Files: pkgsrc/mail/thunderbird: distinfo Added Files: pkgsrc/mail/thunderbird/patches: patch-as Log Message: Make this build with GCC 4.1.x. --- Module Name: pkgsrc Committed By: ghen Date: Fri Sep 15 13:55:22 UTC 2006 Modified Files: pkgsrc/mail/thunderbird: Makefile-thunderbird.common distinfo Removed Files: pkgsrc/mail/thunderbird/patches: patch-as Log Message: Update thunderbird and thunderbird-gtk1 to 1.5.0.7. Fixed in this version: MFSA 2006-64 Crashes with evidence of memory corruption (rv:1.8.0.7) MFSA 2006-63 JavaScript execution in mail via XBL MFSA 2006-60 RSA Signature Forgery MFSA 2006-59 Concurrency-related vulnerability MFSA 2006-58 Auto-Update compromise through DNS and SSL spoofing MFSA 2006-57 JavaScript Regular Expression Heap Corruption For more info, see http://www.mozilla.com/thunderbird/releases/1.5.0.7.html @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.17 2006/09/15 13:55:22 ghen Exp $ d4 1 a4 1 MOZ_VER= 1.5.0.7 @ 1.14 log @Remove MESSAGE, as this seems to be no longer true for 1.5+ releases. @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.13 2006/05/21 23:18:35 jlam Exp $ d4 1 a4 1 MOZ_VER= 1.5.0.2 @ 1.13 log @Set MESSAGE_SRC instead of MESSAGE so that we can take advantage of MESSAGE_SUBST properly. No package should be setting MESSAGE anyway. @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.12 2006/04/23 14:14:07 ghen Exp $ a17 1 MESSAGE_SRC+= ${.CURDIR}/../../mail/thunderbird/MESSAGE @ 1.12 log @Update to Thunderbird 1.5.0.2 (1.5.0.1 was skipped to stay in sync with Firefox). Thunderbird 1.5.0.2 offers improved stability, and several security fixes: MFSA 2006-28 Security check of js_ValueToFunctionObject() can be circumvented MFSA 2006-27 Table Rebuilding Code Execution Vulnerability MFSA 2006-26 Mail Multiple Information Disclosure MFSA 2006-25 Privilege escalation through Print Preview MFSA 2006-24 Privilege escalation using crypto.generateCRMFRequest MFSA 2006-22 CSS Letter-Spacing Heap Overflow Vulnerability MFSA 2006-21 JavaScript execution in mail when forwarding in-line MFSA 2006-20 Crashes with evidence of memory corruption (rv:1.8.0.2) MFSA 2006-08 "AnyName" entrainment and access control hazard MFSA 2006-07 Read beyond buffer while parsing XML MFSA 2006-06 Integer overflows in E4X, SVG and Canvas MFSA 2006-05 Localstore.rdf XML injection through XULDocument.persist() MFSA 2006-04 Memory corruption via QueryInterface on Location, Navigator objects MFSA 2006-02 Changing postion:relative to static corrupts memory MFSA 2006-01 JavaScript garbage-collection hazards For a detailed ChangeLog, see: http://weblogs.mozillazine.org/rumblingedge/archives/2006/02/1-5-0-2.html @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.11 2006/03/29 07:47:13 ghen Exp $ d18 1 a18 1 MESSAGE= ${.CURDIR}/../../mail/thunderbird/MESSAGE @ 1.11 log @Make thunderbird pass CHECK_FILES by skipping automatically generated files. @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.10 2006/03/23 15:43:17 joerg Exp $ d4 1 a4 1 MOZ_VER= 1.5 @ 1.11.2.1 log @Pullup ticket 1442 - requested by ghen security update for thunderbird Revisions pulled up: - pkgsrc/mail/thunderbird/Makefile 1.18 - pkgsrc/mail/thunderbird/Makefile-thunderbird.common 1.12 - pkgsrc/mail/thunderbird/distinfo 1.22 - pkgsrc/mail/thunderbird/patches/patch-ab 1.9 - pkgsrc/mail/thunderbird-gtk1/Makefile 1.9 Module Name: pkgsrc Committed By: ghen Date: Sun Apr 23 14:14:07 UTC 2006 Modified Files: pkgsrc/mail/thunderbird: Makefile Makefile-thunderbird.common distinfo pkgsrc/mail/thunderbird-gtk1: Makefile pkgsrc/mail/thunderbird/patches: patch-ab Log Message: Update to Thunderbird 1.5.0.2 (1.5.0.1 was skipped to stay in sync with Firefox). Thunderbird 1.5.0.2 offers improved stability, and several security fixes: MFSA 2006-28 Security check of js_ValueToFunctionObject() can be circumvented MFSA 2006-27 Table Rebuilding Code Execution Vulnerability MFSA 2006-26 Mail Multiple Information Disclosure MFSA 2006-25 Privilege escalation through Print Preview MFSA 2006-24 Privilege escalation using crypto.generateCRMFRequest MFSA 2006-22 CSS Letter-Spacing Heap Overflow Vulnerability MFSA 2006-21 JavaScript execution in mail when forwarding in-line MFSA 2006-20 Crashes with evidence of memory corruption (rv:1.8.0.2) MFSA 2006-08 "AnyName" entrainment and access control hazard MFSA 2006-07 Read beyond buffer while parsing XML MFSA 2006-06 Integer overflows in E4X, SVG and Canvas MFSA 2006-05 Localstore.rdf XML injection through XULDocument.persist() MFSA 2006-04 Memory corruption via QueryInterface on Location, Navigator objects MFSA 2006-02 Changing postion:relative to static corrupts memory MFSA 2006-01 JavaScript garbage-collection hazards For a detailed ChangeLog, see: http://weblogs.mozillazine.org/rumblingedge/archives/2006/02/1-5-0-2.html @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.12 2006/04/23 14:14:07 ghen Exp $ d4 1 a4 1 MOZ_VER= 1.5.0.2 @ 1.11.2.2 log @Pullup ticket 1682 - requested by ghen security update for firefox and thunderbird Revisions pulled up: - pkgsrc/www/firefox/Makefile 1.35 - pkgsrc/www/firefox/Makefile-firefox.common 1.30, 1.33 - pkgsrc/www/firefox/distinfo 1.49, 1.50 - pkgsrc/www/firefox-gtk1/Makefile 1.13 - pkgsrc/www/firefox/patches/patch-fa removed - pkgsrc/www/firefox/patches/patch-fb removed - pkgsrc/mail/thunderbird/Makefile-thunderbird.common 1.15 - pkgsrc/mail/thunderbird/PLIST 1.14 - pkgsrc/mail/thunderbird/distinfo 1.23 - pkgsrc/mail/thunderbird-gtk1/PLIST 1.5 Module Name: pkgsrc Committed By: ghen Date: Thu May 4 05:16:13 UTC 2006 Modified Files: pkgsrc/www/firefox: Makefile Makefile-firefox.common distinfo pkgsrc/www/firefox-gtk1: Makefile Removed Files: pkgsrc/www/firefox/patches: patch-fa patch-fb Log Message: Update Firefox to 1.5.0.3, which is identical to our 1.5.0.2nb2 (except for the advertized version), so there's no reason to upgrade. :-) Fixes a denial of service vulnerability (MFSA 2006-30). --- Module Name: pkgsrc Committed By: ghen Date: Sat Jun 3 08:04:36 UTC 2006 Modified Files: pkgsrc/mail/thunderbird: Makefile-thunderbird.common PLIST distinfo pkgsrc/mail/thunderbird-gtk1: PLIST pkgsrc/www/firefox: Makefile-firefox.common distinfo Log Message: Update www/firefox and www/firefox-gtk to 1.5.0.4, mail/thunderbird and mail/thunderbird-gtk1 to 1.5.0.4 (salo has already updated www/firefox-bin). Note that thunderbird skipped one release number (again) to stay on par with firefox. These updates provide: * improvements to product stability, * several important security fixes (see below). Fixed in Firefox 1.5.0.4: MFSA 2006-43 Privilege escalation using addSelectionListener MFSA 2006-42 Web site XSS using BOM on UTF-8 pages MFSA 2006-41 File stealing by changing input type (variant) MFSA 2006-39 "View Image" local resource linking (Windows) MFSA 2006-38 Buffer overflow in crypto.signText() MFSA 2006-37 Remote compromise via content-defined setter on object prototypes MFSA 2006-36 PLUGINSPAGE privileged JavaScript execution 2 MFSA 2006-35 Privilege escalation through XUL persist MFSA 2006-34 XSS viewing javascript: frames or images from context menu MFSA 2006-33 HTTP response smuggling MFSA 2006-32 Fixes for crashes with potential memory corruption MFSA 2006-31 EvalInSandbox escape (Proxy Autoconfig, Greasemonkey) Fixed in Thunderbird 1.5.0.4: MFSA 2006-42 Web site XSS using BOM on UTF-8 pages MFSA 2006-40 Double-free on malformed VCard MFSA 2006-38 Buffer overflow in crypto.signText() MFSA 2006-37 Remote compromise via content-defined setter on object prototypes MFSA 2006-35 Privilege escalation through XUL persist MFSA 2006-33 HTTP response smuggling MFSA 2006-32 Fixes for crashes with potential memory corruption MFSA 2006-31 EvalInSandbox escape (Proxy Autoconfig, Greasemonkey) @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.15 2006/06/03 08:04:36 ghen Exp $ d4 1 a4 1 MOZ_VER= 1.5.0.4 @ 1.10 log @Readd minor DragonFly patch. Disable use of visibility attributes, It's Just Broken (TM). Bump revision. @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.9 2006/02/05 14:49:05 ghen Exp $ a22 1 CONFIGURE_ENV+= ac_cv_visibility_pragma=no ac_cv_visibility_hidden=no d24 5 @ 1.9 log @Update to Thunderbird 1.5. What's new: * Automated update to streamline product upgrades. Notification of an update is more prominent, and updates to Thunderbird may now be half a megabyte or smaller. Updating extensions has also improved. * Sort address autocomplete results by how often you send e-mail to each recipient. * Spell check as you type. * Saved Search Folders can now search across multiple accounts. * Built in phishing detector to help protect users against email scams. * Podcasting and other RSS Improvements. * Deleting attachments from messages. * Integration with server side spam filtering. * Reply and forward actions for message filters. * Kerberos Authentication. * Auto save as draft for mail composition. * Message aging. * Filters for Global Inbox. * Improvements to product usability including redesigned options interface, and SMTP server management. * Many security enhancements. For a more detailed list of changes, see http://weblogs.mozillazine.org/rumblingedge/archives/2006/01/1-5.html Ok with wiz. @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.8 2005/10/02 12:37:04 taya Exp $ d23 2 @ 1.8 log @ Update thunderbird & thunderbird-gtk1 to 1.0.7 What's New in Thunderbird 1.0.7 (from Release Notes) Thunderbird 1.0.7 is a security and stability update that is part of our ongoing program to provide a safe Internet experience for our customers. We recommend that all users upgrade to this latest version. @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.7 2005/07/24 02:58:33 taya Exp $ d3 16 a18 14 MOZILLA_BIN= thunderbird-bin MOZ_VER= 1.0.7 EXTRACT_SUFX= .tar.bz2 DISTNAME= thunderbird-${MOZ_VER}-source MASTER_SITES= http://ftp.mozilla.org/pub/mozilla.org/thunderbird/releases/${MOZ_VER}/source/ \ ftp://ftp.mozilla.org/pub/mozilla.org/thunderbird/releases/${MOZ_VER}/source/ HOMEPAGE= http://www.mozilla.org/projects/thunderbird/ CONFIGURE_ENV+= MOZ_THUNDERBIRD=1 MAKE_ENV+= MOZ_THUNDERBIRD=1 DISTINFO_FILE= ${.CURDIR}/../../mail/thunderbird/distinfo PATCHDIR= ${.CURDIR}/../../mail/thunderbird/patches d20 1 a23 6 pre-install: ${CP} -r ${WRKSRC}/dist/bin/defaults/profile/extensions \ ${WRKSRC}/dist/bin ${MV} ${WRKSRC}/dist/bin/extensions/installed-extensions.txt \ ${WRKSRC}/dist/bin/extensions/installed-extensions-processed.txt d26 1 a26 1 ${SETENV} LD_LIBRARY_PATH=. MOZILLA_FIVE_HOME=. HOME=${WRKSRC} \ @ 1.8.2.1 log @Pullup ticket 1102 - requested by Geert Hendrickx security update for firefox and thunderbird Updated via patch from the submitter, includes these changes: Module Name: pkgsrc Committed By: joerg Date: Fri Dec 30 21:35:58 UTC 2005 Modified Files: pkgsrc/mail/thunderbird/patches: patch-ab patch-ac patch-aq patch-ba patch-bo patch-bs Added Files: pkgsrc/mail/thunderbird/patches: patch-ar patch-da patch-db patch-dc patch-de patch-df patch-dg patch-dh patch-dj patch-dk patch-dl patch-dm patch-do patch-ds patch-dt Log Message: Add DragonFly build support, partly based on the patches from www/firefox. --- Module Name: pkgsrc Committed By: joerg Date: Wed Jan 4 08:55:08 UTC 2006 Modified Files: pkgsrc/mail/thunderbird: distinfo Log Message: Also commit distinfo. Reminded by wiz@@. --- Module Name: pkgsrc Committed By: ghen Date: Sun Feb 5 14:49:05 UTC 2006 Modified Files: pkgsrc/mail/thunderbird: Makefile Makefile-thunderbird.common PLIST distinfo pkgsrc/mail/thunderbird-gtk1: Makefile PLIST pkgsrc/mail/thunderbird/patches: patch-aa patch-ab patch-ac patch-af patch-ag patch-ai patch-aj patch-al patch-ap patch-aq patch-aw patch-ax patch-bb patch-bo patch-bq patch-br patch-db patch-de patch-df Removed Files: pkgsrc/mail/thunderbird-gtk1: MESSAGE pkgsrc/mail/thunderbird/patches: patch-bt patch-bw patch-cc patch-ce patch-cf Log Message: Update to Thunderbird 1.5. What's new: * Automated update to streamline product upgrades. Notification of an update is more prominent, and updates to Thunderbird may now be half a megabyte or smaller. Updating extensions has also improved. * Sort address autocomplete results by how often you send e-mail to each recipient. * Spell check as you type. * Saved Search Folders can now search across multiple accounts. * Built in phishing detector to help protect users against email scams. * Podcasting and other RSS Improvements. * Deleting attachments from messages. * Integration with server side spam filtering. * Reply and forward actions for message filters. * Kerberos Authentication. * Auto save as draft for mail composition. * Message aging. * Filters for Global Inbox. * Improvements to product usability including redesigned options interface, and SMTP server management. * Many security enhancements. For a more detailed list of changes, see http://weblogs.mozillazine.org/rumblingedge/archives/2006/01/1-5.html Ok with wiz. --- Module Name: pkgsrc Committed By: ghen Date: Sun Feb 5 14:43:59 UTC 2006 Modified Files: pkgsrc/www/mozilla: Makefile.common Log Message: Set CATEGORIES ?=www (instead of =) such that thunderbird (and later sunbird) can override it. Ok for wiz. --- odule Name: pkgsrc Committed By: ghen Date: Sun Feb 5 14:46:31 UTC 2006 Modified Files: pkgsrc/www/firefox: Makefile Makefile-firefox.common PLIST distinfo pkgsrc/www/firefox-gtk1: Makefile PLIST Added Files: pkgsrc/www/firefox/patches: patch-dw patch-dx Removed Files: pkgsrc/www/firefox/patches: patch-bugzilla-319004 Log Message: Update to Firefox 1.5.0.1, a bug fix release for Firefox 1.5. What's new: * Improved stability. * Improved support for Mac OS X. * International Domain Name support for Iceland (.is) is now enabled. * Fixes for several memory leaks. * Several security enhancements. For a more detailed list changes, see http://www.squarefree.com/burningedge/releases/1.5.0.1.html Ok with wiz. @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.9 2006/02/05 14:49:05 ghen Exp $ d3 14 a16 16 MOZILLA_BIN= thunderbird-bin MOZ_VER= 1.5 EXTRACT_SUFX= .tar.bz2 DISTNAME= thunderbird-${MOZ_VER}-source CATEGORIES= mail MASTER_SITES= http://ftp.mozilla.org/pub/mozilla.org/thunderbird/releases/${MOZ_VER}/source/ MASTER_SITES+= ftp://ftp.mozilla.org/pub/mozilla.org/thunderbird/releases/${MOZ_VER}/source/ HOMEPAGE= http://www.mozilla.org/projects/thunderbird/ CONFIGURE_ENV+= MOZ_THUNDERBIRD=1 MAKE_ENV+= MOZ_THUNDERBIRD=1 DISTINFO_FILE= ${.CURDIR}/../../mail/thunderbird/distinfo PATCHDIR= ${.CURDIR}/../../mail/thunderbird/patches MESSAGE= ${.CURDIR}/../../mail/thunderbird/MESSAGE a17 1 CONFIGURE_ARGS+= --enable-application=mail d21 6 d29 1 a29 1 ${SETENV} LD_LIBRARY_PATH=. MOZILLA_FIVE_HOME=. HOME=${WRKSRC:Q} \ @ 1.7 log @ Update thunderbird & thunderbird-gtk1 to 1.0.6 This is a security fix release. Fixed in Thunderbird 1.0.5/1.0.6 MFSA 2005-56 Code execution through shared function objects MFSA 2005-55 XHTML node spoofing MFSA 2005-52 Same origin violation: frame calling top.focus() MFSA 2005-50 Possibly exploitable crash in InstallVersion.compareTo() MFSA 2005-46 XBL scripts ran even when Javascript disabled MFSA 2005-44 Privilege escalation via non-DOM property overrides MFSA 2005-41 Privilege escalation via DOM property overrides MFSA 2005-40 Missing Install object instance checks MFSA 2005-33 Javascript "lambda" replace exposes memory contents @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.6 2005/03/25 14:43:45 taya Exp $ d4 1 a4 1 MOZ_VER= 1.0.6 @ 1.7.2.1 log @Pullup ticket 797 - requested by Shin'ichiro TAYA security update for thunderbird Revisions pulled up: - pkgsrc/mail/thunderbird/Makefile 1.11 - pkgsrc/mail/thunderbird/Makefile-thunderbird.common 1.8 - pkgsrc/mail/thunderbird/distinfo 1.18 - pkgsrc/mail/thunderbird-gtk1/Makefile 1.4 Module Name: pkgsrc Committed By: taya Date: Sun Oct 2 12:37:04 UTC 2005 Modified Files: pkgsrc/mail/thunderbird: Makefile Makefile-thunderbird.common distinfo pkgsrc/mail/thunderbird-gtk1: Makefile Log Message: Update thunderbird & thunderbird-gtk1 to 1.0.7 What's New in Thunderbird 1.0.7 (from Release Notes) Thunderbird 1.0.7 is a security and stability update that is part of our ongoing program to provide a safe Internet experience for our customers. We recommend that all users upgrade to this latest version. @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.8 2005/10/02 12:37:04 taya Exp $ d4 1 a4 1 MOZ_VER= 1.0.7 @ 1.6 log @ Update thunderbird & thunderbird-gtk2 to 1.0.2 Thunderbird 1.0.2 is a security and stability update. Fixed vulnerbilities are follows. MFSA 2005-30 GIF heap overflow parsing Netscape extension 2 MFSA 2005-25 Image drag and drop executable spoofing MFSA 2005-21 Overwrite arbitrary files downloading .lnk twice MFSA 2005-18 Memory overwrite in string library MFSA 2005-17 Install source spoofing with user:pass@@host MFSA 2005-15 Heap overflow possible in UTF8 to Unicode conversion @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.5 2004/12/14 23:35:34 taya Exp $ d4 1 a4 1 MOZ_VER= 1.0.2 @ 1.6.2.1 log @Pullup ticket 685 - requested by Shin'ichiro TAYA security update for thunderbird and thunderbird-gtk1 Revisions pulled up: - pkgsrc/mail/thunderbird/Makefile-thunderbird.common 1.7 - pkgsrc/mail/thunderbird/PLIST 1.11 - pkgsrc/mail/thunderbird/distinfo 1.15 - pkgsrc/mail/thunderbird-gtk1/PLIST 1.2 Module Name: pkgsrc Committed By: taya Date: Sun Jul 24 02:58:33 UTC 2005 Modified Files: pkgsrc/mail/thunderbird: Makefile-thunderbird.common PLIST distinfo pkgsrc/mail/thunderbird-gtk1: PLIST Log Message: Update thunderbird & thunderbird-gtk1 to 1.0.6 This is a security fix release. Fixed in Thunderbird 1.0.5/1.0.6 MFSA 2005-56 Code execution through shared function objects MFSA 2005-55 XHTML node spoofing MFSA 2005-52 Same origin violation: frame calling top.focus() MFSA 2005-50 Possibly exploitable crash in InstallVersion.compareTo() MFSA 2005-46 XBL scripts ran even when Javascript disabled MFSA 2005-44 Privilege escalation via non-DOM property overrides MFSA 2005-41 Privilege escalation via DOM property overrides MFSA 2005-40 Missing Install object instance checks MFSA 2005-33 Javascript "lambda" replace exposes memory contents @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.6 2005/03/25 14:43:45 taya Exp $ d4 1 a4 1 MOZ_VER= 1.0.6 @ 1.5 log @ Update thunderbird & thunderbird-gtk2 to 1.0 Here are some of the new features to look for in Thunderbird: * Adaptive Junk Mail Controls * RSS Integration * Saved Search Folders Saved Search Folders display messages based on previously set search criteria. For example, instead of filtering messages into a new folder, you can create a Saved Search Folder that lists all the messages received from a certain person over the past 30 days, even if those messages are stored in different folders and subfolders. * Global Inbox Support POP3 users can now combine all of their POP3 accounts into a single global inbox under local folders. * Message Grouping You can now group messages in a folder by attributes such as date, sender, priority or a custom label. For instance, a folder grouped by date will group messages from today, yesterday, last week, etc. into self-contained groups in the message list pane. (View > Sort By > Grouped By Sort) * Privacy Protection In order to help protect your privacy, Thunderbird now automatically blocks remote image requests in emails from senders you don't know. * Comprehensive Mail Migration from other Mail Clients Switching to Thunderbird has never been easier since Thunderbird can now migrate all of your email data including settings, mail folders and address book data from common mail applications such as the Mozilla 1.x Suite, Outlook Express, Outlook and Eudora. @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.4 2004/12/04 02:16:03 taya Exp $ d4 1 a4 1 MOZ_VER= 1.0 @ 1.5.4.1 log @Pullup ticket 390 - requested by Shin'ichiro TAYA security fix for thunderbird and thunderbird-gtk2 Revisions pulled up: - pkgsrc/mail/thunderbird/Makefile-thunderbird.common 1.6 - pkgsrc/mail/thunderbird/PLIST 1.9 - pkgsrc/mail/thunderbird/distinfo 1.14 - pkgsrc/mail/thunderbird-gtk2/PLIST 1.8 Module Name: pkgsrc Committed By: taya Date: Fri Mar 25 14:43:46 UTC 2005 Modified Files: pkgsrc/mail/thunderbird: Makefile-thunderbird.common PLIST distinfo pkgsrc/mail/thunderbird-gtk2: PLIST Log Message: Update thunderbird & thunderbird-gtk2 to 1.0.2 Thunderbird 1.0.2 is a security and stability update. Fixed vulnerbilities are follows. MFSA 2005-30 GIF heap overflow parsing Netscape extension 2 MFSA 2005-25 Image drag and drop executable spoofing MFSA 2005-21 Overwrite arbitrary files downloading .lnk twice MFSA 2005-18 Memory overwrite in string library MFSA 2005-17 Install source spoofing with user:pass@@host MFSA 2005-15 Heap overflow possible in UTF8 to Unicode conversion @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.5 2004/12/14 23:35:34 taya Exp $ d4 1 a4 1 MOZ_VER= 1.0.2 @ 1.4 log @ 1)Generate extension directory at installation time. 2)sync patches from www/mozilla. - update patch-ab from commit log >> date: 2004/08/31 02:37:57; author: danw; state: Exp; lines: +13 -6 >> darwin fixes (tested against firefox-gtk2) - update patch-ac - update patch-bx - add patch-bz - add patch-ca - add patch-cb from commit log >> date: 2004/07/07 09:08:31; author: aymeric; state: Exp; lines: +14 -7 >> . on PowerPC, update files so that Mozilla works properly when compiled with >> gcc version 3+. >> . generally reduce diffs to Linux version >> . retain compatibility with older ABI (AIX-like) thanks to useful comments >> from Charles Hannum >> >> Thanks to Matthew Green for the fruitful discussion. This should address >> PR#23240 as far as mozilla is concerned. - remove patch-bn enable HAVE_SOCKLEN_T - update patch-br from commit log >> date: 2004/10/04 11:52:45; author: grant; state: Exp; lines: +10 -6 >> bring across a patch in Firefox for using thread-safe resolver library >> functions on NetBSD >=2.0F. - update patch-cc make mozilla work on NetBSD-current/alpha 3)bump PKGREVISION @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.3 2004/11/14 23:38:20 taya Exp $ d4 1 a4 2 MOZ_VER= 0.9 PKGREVISION= 1 d7 2 a8 2 MASTER_SITES= http://ftp.mozilla.org/pub/mozilla.org/thunderbird/releases/${MOZ_VER}/ \ ftp://ftp.mozilla.org/pub/mozilla.org/thunderbird/releases/${MOZ_VER}/ @ 1.3 log @ Update thunderbird & thunderbird-gtk2 to 0.9 Here are the highlights for this Thunderbird release: * Saved Search Folders - Saved Search Folders display messages based on previously set search criteria. For example, instead of filtering messages into a new folder, you could create a Saved Search Folder that lists all the messages received from a certain person over the past 30 days, even if those messages are stored in different folders and subfolders. * Message Grouping - You can now group messages in a folder by attributes such as date, sender, priority or a custom label. For instance, a folder grouped by date will group messages from today, yesterday, last week, etc. into self-contained groups in the message list pane. (View > Sort By > Grouped By Sort) * Other New Features - Messages with attachments now get marked as such in the message list pane immediately and not when the message is displayed. - Improvements to Thunderbird's Global Inbox support for POP3 users. - The new quick search bar introduced in 0.8 now features a clear button when search text is present inside the quick search box. - Fixed a regression introduced in 0.8 where a user could not change the local folder path in the Account Manager. - Improved offline support including fixes for common offline-related problems. - Improved privacy controls block remote content in e-mail messages from senders not in your address book. - Long file attachment names are no longer truncated in the message pane. - Bug fixes too numerous to mention! @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.2 2004/09/20 12:55:43 taya Exp $ d5 1 d28 5 @ 1.2 log @ Update thunderbird & thunderbird-gtk2 to 0.8 What's new from Release Notes: * Global Inbox POP3 users can now combine all of their POP3 accounts into a single global inbox under local folders. * Comprehensive Data Migration Switching to Thunderbird has never been easier since Thunderbird can now migrate all of your e-mail data including settings, mail folders and address book data from common mail applications such as the Mozilla 1.x Suite, Outlook Express, Outlook and Eudora. * RSS Integration Thunderbird now features a built in RSS reader which allows you to easily subscribe to and read news and weblogs that support RSS. * Improved Privacy Controls In order to help protect your privacy, Thunderbird now automatically blocks remote image requests in e-mails from senders you don't know. * Improved Quick Search Thunderbird now makes it even easier to manage your e-mail. Quick search now supports many different types of search criteria including the ability to search message body text. Thunderbird can also highlight the quick search terms in the message body. * Other New Features Support for using a master password to encrypt saved e-mail account passwords. Linux GNOME users can now make Thunderbird their default e-mail client (Tools > Options > General). If your network uses proxy authentication for HTTP, Thunderbird now correctly prompts for proxy authentication instead of silently failing. Bug fixes too numerous to mention! --- Several security holes have been fixed. See the page bellow for detail. http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3 @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.1 2004/08/10 14:27:17 taya Exp $ d4 1 a4 1 MOZ_VER= 0.8 d6 1 a6 1 DISTNAME= thunderbird-source-${MOZ_VER} @ 1.2.2.1 log @Pullup ticket 157 - requested by Havard Eidnes security fix for thunderbird and thunderbird-gtk2 Module Name: pkgsrc Committed By: kristerw Date: Thu Nov 4 20:06:34 UTC 2004 Modified Files: pkgsrc/mail/thunderbird: distinfo pkgsrc/mail/thunderbird/patches: patch-bt Log Message: Use __va_copy instead of va_copy for NetBSD. This is needed on gcc 3.4= since the build use -ansi that in turn makes gcc 3.4 modify its pre- defined symbols in such a way that va_copy is not defined. --- Module Name: pkgsrc Committed By: taya Date: Sun Nov 14 23:38:20 UTC 2004 Modified Files: pkgsrc/mail/thunderbird: Makefile-thunderbird.common PLIST dist= info pkgsrc/mail/thunderbird-gtk2: PLIST Log Message: Update thunderbird & thunderbird-gtk2 to 0.9 Here are the highlights for this Thunderbird release: * Saved Search Folders - Saved Search Folders display messages based on previously set search criteria. For example, instead of filtering messages into a new folder, you could create a Saved Search Folder that lists all the messages received from a certain person over the past 30 days, even if those messages are stored in different folders and subfolders. * Message Grouping - You can now group messages in a folder by attributes such as date, sender, priority or a custom label. For instance, a folder grouped by date will group messages from today, yesterday, last week, etc. into self-contained groups in the message list pane. (View > Sort By > Grouped By Sort) * Other New Features - Messages with attachments now get marked as such in the message list pane immediately and not when the message is displayed. - Improvements to Thunderbird's Global Inbox support for POP3 users. - The new quick search bar introduced in 0.8 now features a clear button when search text is present inside the quick search box. - Fixed a regression introduced in 0.8 where a user could not change the local folder path in the Account Manager. - Improved offline support including fixes for common offline-related problems. - Improved privacy controls block remote content in e-mail messages from senders not in your address book. - Long file attachment names are no longer truncated in the message pane. - Bug fixes too numerous to mention! @ text @d1 1 a1 1 # $NetBSD: Makefile-thunderbird.common,v 1.3 2004/11/14 23:38:20 taya Exp $ d4 1 a4 1 MOZ_VER= 0.9 d6 1 a6 1 DISTNAME= thunderbird-${MOZ_VER}-source @ 1.1 log @ Update thunderbird & thunderbird-gtk2 to 0.7.3 thunderbird 0.7.3 is a security fix release. Fixed bugs are: - lock icon and certificate spoof with onunload document.write (Bugzilla#253121) - Malicious certificates can permanently break HTTPS/SSL (Bugzilla#249004) See the page below. http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.2 @ text @d1 1 a1 1 # $NetBSD: Makefile,v 1.4 2004/07/06 13:41:35 taya Exp $ d4 1 a4 1 MOZ_VER= 0.7.3 d6 1 a6 1 DISTNAME= thunderbird-${MOZ_VER}-source d19 1 @