Репозиторий Sisyphus
Последнее обновление: 16 октября 2019 | Пакетов: 17499 | Посещений: 15281078
en ru br
Репозитории ALT
S:2.49.4-alt1
5.1: 1.1.18-alt2
4.1: 1.1.16-alt0.M41.1
+updates:1.1.13-alt0.M41.1
4.0: 1.1.12-alt0.M40.1
www.altlinux.org/Changes

Группа :: Сети/WWW
Пакет: seamonkey

 Главная   Изменения   Спек   Патчи   Sources   Загрузить   Gear   Bugs and FR  Repocop 

13 ноября 2008 Michael Shigorin <mike at altlinux.org> 1:1.1.13-alt0.M41.1

  • 1.1.13 security update built for M41
     +MFSA 2008-58 Parsing error in E4X default namespace
     +MFSA 2008-57 -moz-binding property bypasses security checks on codebase principals
     +MFSA 2008-56 nsXMLHttpRequest::NotifyEventListeners() same-origin violation
     +MFSA 2008-55 Crash and remote code execution in nsFrameManager
     +MFSA 2008-54 Buffer overflow in http-index-format parser
     +MFSA 2008-53 XSS and JavaScript privilege escalation via session restore
     +MFSA 2008-52 Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18)
     +MFSA 2008-50 Crash and remote code execution via __proto__ tampering
     +MFSA 2008-49 Arbitrary code execution via Flash Player dynamic module unloading
     +MFSA 2008-48 Image stealing via canvas and HTTP redirect
     +MFSA 2008-47 Information stealing via local shortcut files

26 сентября 2008 Michael Shigorin <mike at altlinux.org> 1:1.1.12-alt0.M41.1

  • 1.1.12 security update built for M41
     + MFSA 2008-46  Heap overflow when canceling newsgroup message
     + MFSA 2008-45 XBM image uninitialized memory reading
     + MFSA 2008-44 resource: traversal vulnerabilities
     + MFSA 2008-43 BOM characters stripped from JavaScript before execution
     + MFSA 2008-42 Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17)
     + MFSA 2008-41 Privilege escalation via XPCnativeWrapper pollution
     + MFSA 2008-40 Forced mouse drag
     + MFSA 2008-38 nsXMLDocument::OnChannelRedirect() same-origin violation
     + MFSA 2008-37 UTF-8 URL stack buffer overflow

5 августа 2008 Michael Shigorin <mike at altlinux.org> 1:1.1.11-alt0.M41.1

  • built for M41

17 июля 2008 Damir Shayhutdinov <damir at altlinux.ru> 1:1.1.11-alt1

  • 1.1.11 security update
     + MFSA 2008-34  Remote code execution by overflowing CSS reference counter

6 июля 2008 Damir Shayhutdinov <damir at altlinux.ru> 1:1.1.10-alt1

  • 1.1.10 security update
     + MFSA 2008-33  Crash and remote code execution in block reflow
     + MFSA 2008-32 Remote site run as local file via Windows URL shortcut
     + MFSA 2008-31 Peer-trusted certs can use alt names to spoof
     + MFSA 2008-30 File location URL in directory listings not escaped properly
     + MFSA 2008-29 Faulty .properties file results in uninitialized memory being used
     + MFSA 2008-28 Arbitrary socket connections with Java LiveConnect on Mac OS X
     + MFSA 2008-27 Arbitrary file upload via originalTarget and DOM Range
     + MFSA 2008-25 Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript()
     + MFSA 2008-24 Chrome script loading from fastload file
     + MFSA 2008-23 Signed JAR tampering
     + MFSA 2008-22 XSS through JavaScript same-origin violation
     + MFSA 2008-21 Crashes with evidence of memory corruption (rv:1.8.1.15)
     + MFSA 2008-20 Crash in JavaScript garbage collector

13 мая 2008 Damir Shayhutdinov <damir at altlinux.ru> 1:1.1.9-alt3

  • Fix building with new sisyphus_check
  • Applied a patch from RedHat, fixing CVE-2008-1380

29 марта 2008 Damir Shayhutdinov <damir at altlinux.ru> 1:1.1.9-alt2

  • Fix 128x128 icon placement (#12887)
  • Restored %_libdir/*.so symlinks for M40 updates (suggested by mike@)

26 марта 2008 Damir Shayhutdinov <damir at altlinux.ru> 1:1.1.9-alt1

  • 1.1.9 security update
     + MFSA 2008-19 XUL popup spoofing variant (cross-tab popups)
     + MFSA 2008-18 Java socket connection to any local port via LiveConnect
     + MFSA 2008-17 Privacy issue with SSL Client Authentication
     + MFSA 2008-16 HTTP Referrer spoofing with malformed URLs
     + MFSA 2008-15 Crashes with evidence of memory corruption (rv:1.8.1.13)
     + MFSA 2008-14 JavaScript privilege escalation and arbitrary code execution

8 февраля 2008 Damir Shayhutdinov <damir at altlinux.ru> 1:1.1.8-alt1

  • 1.1.8 security update
     + MFSA 2008-10 URL token stealing via stylesheet redirect
     + MFSA 2008-09 Mishandling of locally-saved plain text files
     + MFSA 2008-06 Web browsing history and forward navigation stealing
     + MFSA 2008-05 Directory traversal via chrome: URI
     + MFSA 2008-03 Privilege escalation, XSS, Remote Code Execution
     + MFSA 2008-02 Multiple file input focus stealing vulnerabilities
     + MFSA 2008-01 Crashes with evidence of memory corruption (rv:1.8.1.12)
  • Removed .so files from libdir

6 декабря 2007 Damir Shayhutdinov <damir at altlinux.ru> 1:1.1.7-alt2

  • Applied fix for shorcuts in non-latin layouts

1 декабря 2007 Damir Shayhutdinov <damir at altlinux.ru> 1:1.1.7-alt1

  • 1.1.7 security update
     + MFSA 2007-39 Referer-spoofing via window.location race condition
     + MFSA 2007-38 Memory corruption vulnerabilities (rv:1.8.1.10)
     + MFSA 2007-37 jar: URI scheme XSS hazard

20 октября 2007 Damir Shayhutdinov <damir at altlinux.ru> 1:1.1.5-alt1

  • 1.1.5 security update
     + MFSA 2007-36 URIs with invalid %-encoding mishandled by Windows
     + MFSA 2007-35 XPCNativeWrapper pollution using Script object
     + MFSA 2007-34 Possible file stealing through sftp protocol
     + MFSA 2007-33 XUL pages can hide the window titlebar
     + MFSA 2007-32 File input focus stealing vulnerability
     + MFSA 2007-31 Browser digest authentication request splitting
     + MFSA 2007-30 onUnload Tailgating
     + MFSA 2007-29 Crashes with evidence of memory corruption (rv:1.8.1.8)
     + MFSA 2007-28 Code execution via QuickTime Media-link files

4 августа 2007 Damir Shayhutdinov <damir at altlinux.ru> 1:1.1.4-alt1

  • 1.1.4 security update
     + MFSA 2007-27  Unescaped URIs passed to external programs
     + MFSA 2007-26 Privilege escalation through chrome-loaded about:blank windows
     + MFSA 2007-23 Remote code execution by launching SeaMonkey from Internet Explorer
  • During postun, call rebuild-databases.sh only if it exists

1 августа 2007 Damir Shayhutdinov <damir at altlinux.ru> 1:1.1.3-alt1

  • 1.1.3 security update
     + MFSA 2007-25 XPCNativeWrapper pollution
     + MFSA 2007-24 Unauthorized access to wyciwyg:// documents
     + MFSA 2007-22 File type confusion due to %00 in name
     + MFSA 2007-21 Privilege escalation using an event handler attached to an element not in the document
     + MFSA 2007-20 Frame spoofing while window is loading
     + MFSA 2007-19 XSS using addEventListener and setTimeout
     + MFSA 2007-18 Crashes with evidence of memory corruption (rv:1.8.1.5)
  • All subpackages with postun sections require seamonkey package during postun (#12002)

31 мая 2007 Damir Shayhutdinov <damir at altlinux.ru> 1:1.1.2-alt1

  • 1.1.2 security update
     + MFSA 2007-17 XUL Popup Spoofing
     + MFSA 2007-16 XSS using addEventListener
     + MFSA 2007-15 Security Vulnerability in APOP Authentication
     + MFSA 2007-14 Path Abuse in Cookies
     + MFSA 2007-12 Crashes with evidence of memory corruption (rv:1.8.0.12/1.8.1.4)

13 марта 2007 Damir Shayhutdinov <damir at altlinux.ru> 1:1.1.1-alt1.1

  • Built with new libnspr
  • Cool version with six 1's: 1:1.1.1-alt1.1 :)

28 февраля 2007 Damir Shayhutdinov <damir at altlinux.ru> 1:1.1.1-alt1

  • New upstream release (1.1.1)
  • Following critical security vulnerabilities were fixed:
     + MFSA 2007-08  onUnload + document.write() memory corruption
     + MFSA 2007-07 Embedded nulls in location.hostname confuse same-domain checks
     + MFSA 2007-06 Mozilla Network Security Services (NSS) SSLv2 buffer overflow
     + MFSA 2007-05 XSS and local file access by opening blocked popups
     + MFSA 2007-04 Spoofing using custom cursor and CSS3 hotspot
     + MFSA 2007-03 Information disclosure through cache collisions
     + MFSA 2007-02 Improvements to help protect against Cross-Site Scripting attacks
     + MFSA 2007-01 Crashes with evidence of memory corruption (rv:1.8.0.10/1.8.1.2)
  • The tab-preview tooltips no longer show a preview for the active tab.

18 января 2007 Damir Shayhutdinov <damir at altlinux.ru> 1:1.1-alt1

  • New upstream release (1.1)
  • seamonkey-caledar subpackage removed by upstream.

29 декабря 2006 Damir Shayhutdinov <damir at altlinux.ru> 1:1.0.7-alt2

  • Added dependancy for seamonkey-psm (#2316)

20 декабря 2006 Damir Shayhutdinov <damir at altlinux.ru> 1:1.0.7-alt1

  • New upstream release (1.0.7)
  • Following critical security vulnerabilities were fixed:
     + MFSA 2006-75 RSS Feed-preview referrer leak
     + MFSA 2006-74 Mail header processing heap overflows
     + MFSA 2006-73 Mozilla SVG Processing Remote Code Execution
     + MFSA 2006-72 XSS by setting img.src to javascript: URI
     + MFSA 2006-71 LiveConnect crash finalizing JS objects
     + MFSA 2006-70 Privilege escallation using watch point
     + MFSA 2006-69 CSS cursor image buffer overflow (Windows only)
     + MFSA 2006-68 Crashes with evidence of memory corruption (rv:1.8.0.9/1.8.1.1)

15 ноября 2006 Damir Shayhutdinov <damir at altlinux.ru> 1:1.0.6-alt2

  • Removed -fstack-protector and -D_FORTIFY_SOURCE=2 from optflags
  • Moved "enigmail" upper as suggested by Dmitry Katsubo <dma_k@mail.ru>
  • Packed seamonkey-xremote-client (fixes #10299)
  • Moved macros to rpm-build-seamonkey package.
  • seamonkey-devel now requires rpm-build-seamonkey package to preserve backward compatibility.

13 ноября 2006 Damir Shayhutdinov <damir at altlinux.ru> 1:1.0.6-alt1

  • New upstream release (1.0.6)
  • Following critical security vulnerabilities were fixed:
     + MFSA 2006-67 Running Script can be recompiled
     + MFSA 2006-66 RSA signature forgery (variant)
     + MFSA 2006-65 Crashes with evidence of memory corruption (rv:1.8.0.8)

20 октября 2006 Damir Shayhutdinov <damir at altlinux.ru> 1:1.0.5-alt3

  • Removed libssp-devel from BuildReqs

8 октября 2006 Damir Shayhutdinov <damir at altlinux.ru> 1:1.0.5-alt2

  • Updated enigmail to 0.94.1
  • Changed libdir in seamonkey-*.pc to /usr/lib/mozilla

16 сентября 2006 Damir Shayhutdinov <damir at altlinux.ru> 1:1.0.5-alt1

  • 1.0.5 version.

27 августа 2006 Damir Shayhutdinov <damir at altlinux.ru> 1:1.0.4-alt5

  • Marked installed-chrome.txt as a config file, this should save language
    and skin selection after an upgrade.
  • Corrected seamonkey-mail desktop file.
  • Enabled extensions building.

18 августа 2006 Damir Shayhutdinov <damir at altlinux.ru> 1:1.0.4-alt4

  • Provides: mozilla = 1.8
  • Built with system mozldap

16 августа 2006 Damir Shayhutdinov <damir at altlinux.ru> 1:1.0.4-alt3

  • Added searching plugins in %browser_plugins_path
  • Fixed pkgconfig and seamonkey-config (replaced /usr/lib/seamonkey-1.0.4 with /usr/lib)
  • Fixed #4352

10 августа 2006 Damir Shayhutdinov <damir at altlinux.ru> 1:1.0.4-alt2

  • Disabled link prefetching by default to be more traffic friendly
  • Added Provides and Obsoletes: mozilla-*
  • Move all from /usr/lib/seamonkey to /usr/lib/mozilla

6 августа 2006 Damir Shayhutdinov <damir at altlinux.ru> 1.0.4-alt1

  • 1.0.4
  • more spec cleanup as suggested by php-coder@

4 июля 2006 Damir Shayhutdinov <damir at altlinux.ru> 1.0.3-alt1

  • first build for Sisyphus
  • based on cleaned up mozilla.spec
 
дизайн и разработка: Vladimir Lettiev aka crux © 2004-2005, Andrew Avramenko aka liks © 2007-2008
текущий майнтейнер: Michael Shigorin