svn commit: r305684 - in head: . Mk mail mail/enigmail mail/enigmail-seamonkey mail/enigmail-thunderbird mail/enigmail-thunderbird-esr mail/linux-thunderbird mail/thunderbird mail/thunderbird-esr m...

Cy Schubert Cy.Schubert at komquats.com
Thu Oct 11 19:10:03 UTC 2012 

In message <201210102113.q9ALD7xC002643 at svn.freebsd.org>, Florian Smeets 
writes
:
> Author: flo
> Date: Wed Oct 10 21:13:06 2012
> New Revision: 305684
> URL: http://svn.freebsd.org/changeset/ports/305684
> 
> Log:
>   - Update firefox-esr, thunderbird-esr, linux-firefox and linux-thunderbird 
> to 10.0.8
>   - Update firefox and thunderbird to 16.0
>   - Update seamonkey to 2.13
>   - Update all -i18n ports respectively
>   - switch firefox 16.0 and seamonkey 2.13 to ALSA by default for better
>     latency during pause and seeking with HTML5 video
>   - remove fedisableexcept() hacks, obsolete since FreeBSD 4.0
>   - support system hunspell dictionaries [1]
>   - unbreak -esr ports with clang3.2 [2]
>   - unbreak nss build when CC contains full path [3]
>   - remove GNOME option grouping [4]
>   - integrate enigmail into thunderbird/seamonkey as an option [5]
>   - remove mail/enigmail* [6]
>   - enable ENIGMAIL, LIGHTNING and GIO options by default
>   - add more reporters in about:memory: page-faults-hard, page-faults-soft,
>     resident, vsize
>   - use bundled jemalloc 3.0.0 on FreeBSD < 10.0 for gecko 16.0,
>     only heap-allocated reporter works in about:memory (see bug 762445)
>   - use lrintf() instead of slow C cast in bundled libopus
>   - use libjpeg-turbo's faster color conversion if available during build
>   - record startup time for telemetry
>   - use -z origin instead of hardcoding path to gecko runtime
>   - fail early if incompatible libxul version is installed (in USE_GECKO)
>   - *miscellaneous cleanups and fixups*
>   
>   PR:		ports/171534 [1]
>   PR:		ports/171566 [2]
>   PR:		ports/172164 [3]
>   PR:		ports/172201 [4]
>   Discussed with:	ale, beat, Jan Beich [5]
>   Approved by:	ale [6]
>   In collaboration with:	Jan Beich <jbeich at tormail.org>
>   Security:	6e5a9afd-12d3-11e2-b47d-c8600054b392
>   Feature safe:	yes
>   Approved by:	portmgr (beat)

This should be flagged FORBIDDEN. See https://blog.mozilla.org/security/2012
/10/10/security-vulnerability-in-firefox-16/. Malicious sites have access 
to Visted URLs and URL parameters. It appears that Thunderbird and 
Seamonkey are not affected


-- 
Cheers,
Cy Schubert <Cy.Schubert at komquats.com>
FreeBSD UNIX:  <cy at FreeBSD.org>   Web:  http://www.FreeBSD.org

	The need of the many outweighs the greed of the few.

More information about the svn-ports-all mailing list