From beech@FreeBSD.org  Sat Feb  9 04:41:11 2008
Return-Path: <beech@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 38A3216A46C
	for <FreeBSD-gnats-submit@freebsd.org>; Sat,  9 Feb 2008 04:41:11 +0000 (UTC)
	(envelope-from beech@FreeBSD.org)
Received: from stargate.alaskaparadise.com (137-42-178-69.gci.net [69.178.42.137])
	by mx1.freebsd.org (Postfix) with ESMTP id 18B3C13C43E
	for <FreeBSD-gnats-submit@freebsd.org>; Sat,  9 Feb 2008 04:41:10 +0000 (UTC)
	(envelope-from beech@FreeBSD.org)
Received: from stargate.alaskaparadise.com (localhost [127.0.0.1])
	by stargate.alaskaparadise.com (Postfix) with ESMTP id 1BB4D8487
	for <FreeBSD-gnats-submit@freebsd.org>; Fri,  8 Feb 2008 19:41:08 -0900 (AKST)
Message-Id: <1202532069.54132@stargate.alaskaparadise.com>
Date: Fri, 8 Feb 2008 19:41:09 -0900
From: "Beech Rintoul" <beech@FreeBSD.org>
To: "FreeBSD gnats submit" <FreeBSD-gnats-submit@freebsd.org>
Subject: [Security Update] www/firefox - Update to 2.0.0.12
X-Send-Pr-Version: gtk-send-pr 0.4.9 
X-GNATS-Notify:

>Number:         120455
>Category:       ports
>Synopsis:       [Security Update] www/firefox - Update to 2.0.0.12
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    gnome
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sat Feb 09 04:50:02 UTC 2008
>Closed-Date:    Sat Feb 09 16:33:12 UTC 2008
>Last-Modified:  Sat Feb  9 16:40:01 UTC 2008
>Originator:     Beech Rintoul
>Release:        FreeBSD 8.0-CURRENT i386
>Organization:
The FreeBSD Project 
>Environment:


System: FreeBSD 8.0-CURRENT #20: Wed Jan 30 07:32:30 AKST 2008
    root@stargate.alaskaparadise.com:/usr/obj/usr/src/sys/STARGATE



>Description:


Some vulnerabilities and weaknesses have been reported Mozilla Firefox, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, conduct spoofing attacks, or to compromise a user's system.

http://secunia.com/advisories/28758/

Update to 2.0.0.12


>How-To-Repeat:





>Fix:


Index: Makefile
===================================================================
RCS file: /home/pcvs/ports/www/firefox/Makefile,v
retrieving revision 1.190
diff -u -r1.190 Makefile
--- Makefile	21 Jan 2008 22:19:51 -0000	1.190
+++ Makefile	9 Feb 2008 00:14:00 -0000
@@ -7,8 +7,7 @@
 #
 
 PORTNAME=	firefox
-DISTVERSION=	2.0.0.11
-PORTREVISION=	1
+DISTVERSION=	2.0.0.12
 PORTEPOCH=	1
 CATEGORIES=	www ipv6
 MASTER_SITES=	${MASTER_SITE_MOZILLA_EXTENDED}
Index: distinfo
===================================================================
RCS file: /home/pcvs/ports/www/firefox/distinfo,v
retrieving revision 1.49
diff -u -r1.49 distinfo
--- distinfo	12 Dec 2007 04:57:18 -0000	1.49
+++ distinfo	9 Feb 2008 00:14:00 -0000
@@ -1,3 +1,3 @@
-MD5 (firefox-2.0.0.11-source.tar.bz2) = b2f982f9f3085195d4797957537ca75d
-SHA256 (firefox-2.0.0.11-source.tar.bz2) = 1b98b8cd061fc0471887a19ca83ef73043f9aab87dacfedae93a388d478f914d
-SIZE (firefox-2.0.0.11-source.tar.bz2) = 37480419
+MD5 (firefox-2.0.0.12-source.tar.bz2) = 361eadc4f2132287f5812762978f43ee
+SHA256 (firefox-2.0.0.12-source.tar.bz2) = c79f6efe46e4dc9137d6bb0751122d0d66b53b77b5770b4ffb131486a980d82e
+SIZE (firefox-2.0.0.12-source.tar.bz2) = 37442741



>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-ports-bugs->gnome 
Responsible-Changed-By: edwin 
Responsible-Changed-When: Sat Feb 9 04:50:12 UTC 2008 
Responsible-Changed-Why:  
Over to maintainer (via the GNATS Auto Assign Tool) 

http://www.freebsd.org/cgi/query-pr.cgi?pr=120455 
State-Changed-From-To: open->closed 
State-Changed-By: marcus 
State-Changed-When: Sat Feb 9 16:33:01 UTC 2008 
State-Changed-Why:  
Committed, thanks! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=120455 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/120455: commit references a PR
Date: Sat,  9 Feb 2008 16:33:02 +0000 (UTC)

 marcus      2008-02-09 16:32:56 UTC
 
   FreeBSD ports repository
 
   Modified files:
     www/firefox          Makefile distinfo 
   Log:
   Update to 2.0.0.12.  This is a security and stability release.  See
   http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.12
   for a list of patched vulnerabilities.
   
   PR:             120455
   Security:       http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.12
   Submitted by:   beech
   
   Revision  Changes    Path
   1.191     +1 -2      ports/www/firefox/Makefile
   1.50      +3 -3      ports/www/firefox/distinfo
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 
>Unformatted:
