aboutsummaryrefslogtreecommitdiff
path: root/security/nss
Commit message (Collapse)AuthorAgeFilesLines
* Upgrade to 3.17.1Dag-Erling Smørgrav2014-09-252-4/+3
| | | | | | | | | PR: 193906 MFH: 2014Q3 Security: CVE-2014-1568 Notes: svn path=/head/; revision=369218
* Update nss to 3.17Baptiste Daroussin2014-09-092-8/+10
| | | | | | | Submitted by: Jan beich Notes: svn path=/head/; revision=367739
* Update to 3.16.3Baptiste Daroussin2014-08-044-47/+7
| | | | | | | | | Add cpe informations Submitted by: Jan Beich Notes: svn path=/head/; revision=363977
* Apply vendor patch to fix race condition in certificate verificationXin LI2014-07-232-1/+31
| | | | | | | | | | | that can lead to remote code execution. Reference: https://hg.mozilla.org/projects/nss/rev/204f22c527f8 Security: CVE-2014-1544 Security: 978b0f76-122d-11e4-afe3-bc5ff4fb5e7b Notes: svn path=/head/; revision=362631
* - Chase database/sqlite3 slib bumpMartin Wilke2014-06-271-0/+1
| | | | | | | Approved by: portmgr (myself) Notes: svn path=/head/; revision=359586
* - Update Firefox to 30.0Beat Gaetzi2014-06-112-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | - Update Firefox ESR to 24.6.0 - Update libxul to 24.6.0 - Update NSS to 3.16.1 - Update NSPR to 4.10.6 - Update Thunderbird to 24.6.0 - Convert USE_BZIP2 to USES - Backport ff31 fix against crashing DEBUG build on newegg.com [1] - Add a note in UPDATING to not build audio/soundtouch with INTEGER_SAMPLES [2] - Use arc4random_buf(3) to generate UUIDs (version 4) - Fix debugger detection used by Telemetry and the slow script dialog - Add STAGE support [3] PR: ports/189991 [1] PR: ports/189217 [2] PR: ports/189488 [2] Submitted by: bapt [3] Sumbitted by: Jan Beich Security: http://www.vuxml.org/freebsd/888a0262-f0d9-11e3-ba0c-b4b52fce4ce8.html Notes: svn path=/head/; revision=357413
* Convert all :U to :tu and :L to :tlBaptiste Daroussin2014-05-051-1/+1
| | | | | | | | | | | | | | | | | Since FreeBSD 8.4 and FreeBSD 9.1 make(1) do support :tu and :tl as a replacement for :U and :L (which has been marked as deprecated) bmake which is the default on FreeBSD 10+ only support by default :tu/:tl a hack has been added at the time to support :U and :L to ease migration. This hack is now not necessary anymore Note that this makes the ports tree incompatible with make(1) from FreeBSD 8.3 or earlier With hat: portmgr Notes: svn path=/head/; revision=352986
* - Update Firefox to 29.0Beat Gaetzi2014-04-292-7/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | - Update Firefox ESR to 24.5.0 - Update Thunderbird to 24.5.0 - Update NSS to 3.16 - Use port dependency for soundtouch library - Require recent graphite2 version explicitly [1] - Require gst-libav version that doesn't crash on seeking [2] and doesn't error out on plugin load [3] - Remove gstreamer note in pkg-message for www/firefox, [3] may still happen with www/firefox-esr but only until it tracks esr31 (ca 2014-09-01) - Fix USE_XPI in mail/thunderbird-i18n [4] Security: http://www.vuxml.org/freebsd/985d4d6c-cfbd-11e3-a003-b4b52fce4ce8.html PR: ports/187939 [1] PR: ports/188133 [2] PR: ports/181964 [3] PR: ports/188984 [4] Submitted by: Toomas Aas <toomas.aas@raad.tartu.ee> [1] Submitted by: Jakub Lach <jakub_lach@mailplus.pl> [2] Submitted by: Jan Beich [3] and this update! Submitted by: Toni Ballesta <mustelator@yahoo.es> [4] Approved by: portmgr (bdrewery, security update to non-staged port) Notes: svn path=/head/; revision=352640
* - Update Firefox to 28.0Beat Gaetzi2014-03-192-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | - Update Firefox ESR to 24.4.0 - Update Thunderbird to 24.4.0 - Update NSPR to 4.10.4 - Update NSS to 3.15.5 - Switch GSTREAMER option for non-esr ports to depend on multimedia/gstreamer1 [2] - Switch to Uses/compiler.mk, defaults to lang/gcc47 on 8.x and 9.x - Use port dependencies for libogg, libvorbis, libopus, harfbuzz, graphite2 - Enable readahead in url-classifier, asmjs, download resume like on Linux - Build www/firefox and www/seamonkey faster using unified compilation - Unbreak build on sparc64 [1] - Workaround OPTIMIZED_CFLAGS startup crash on 8.x and 9.x - OPTIMIZED_CFLAGS is enabled by default - A few DEBUG build fixes - Add clang 3.2/3.3/3.4 workarounds for i386 - Mention known GSTREAMER issue in pkg-message Submitted by: Jan Beich PR: ports/186580 [1] Requested by: kwm [2] Security: http://www.vuxml.org/freebsd/610de647-af8d-11e3-a25b-b4b52fce4ce8.html Notes: svn path=/head/; revision=348650
* - Update Firefox to 27.0Beat Gaetzi2014-02-052-3/+3
| | | | | | | | | | | | | | | | | | | | | - Update Firefox ESR to 24.3.0 - Update Thunderbird to 24.3.0 - Update NSPR to 4.10.3 - Update NSS to 3.15.4 - Depend on yasm when building with bundled libvpx or libjpeg-turbo - Prepare gstreamer conditional for upcoming Firefox versions - Improve jemalloc3 conditional - Break build unless alsa-lib port installs new config file - Chase USE_DOS2UNIX deprecation - Temporarily disable system cairo over screen corruption with smoothScroll [1] Submitted by: Jan Beich Reported by: flo [1] Security: http://www.vuxml.org/freebsd/1753f0ff-8dd5-11e3-9b45-b4b52fce4ce8.html Notes: svn path=/head/; revision=342632
* Update to nspr 4.10.2Florian Smeets2013-12-142-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update to nss 3.15.3.1 Update firefox-esr and thunderbird to 24.2.0 Update firefox to 26.0 Update seamonkey to 2.23 - catch up with directory renames since USES=webplugins was introduced; fixes plugins not being automatically enabled after install - linux-firefox and linux-seamonkey can play HTML5 audio [2][3] and measure about:memory usage, again - dom.ipc.plugins.enabled->true no longer crash linux-firefox which makes some flash sites work again; as there's no nspluginwrapper in-between the infamous "youtube issue" never occurs - install DEBUG with symbols [3] and describe the option better [4] - enable dumping about:memory upon kill -65, kill -66 and GC/CC log upon kill -67 to a file under /tmp directory; linux-firefox uses kill -34, kill -35 and kill -36 respectively PR: ports/183861 [1] PR: ports/184006 [2] PR: ports/169896 [3] PR: ports/184285 [3] PR: ports/184286 [4] Security: dd116b19-64b3-11e3-868f-0025905a4771 In collaboration with: Jan Beich <jbeich@tormail.org> Notes: svn path=/head/; revision=336446
* - update to 3.15.2 [1]Florian Smeets2013-10-242-12/+11
| | | | | | | | | | - support stage PR: ports/183282 [1] Submitted by: pfg [1] Notes: svn path=/head/; revision=331529
* Add NO_STAGE all over the place in preparation for the staging support (cat: ↵Baptiste Daroussin2013-09-201-0/+1
| | | | | | | security) Notes: svn path=/head/; revision=327769
* Convert to new perl frameworkBaptiste Daroussin2013-09-161-2/+2
| | | | | | | Convert USE_GMAKE to USES=gmake Notes: svn path=/head/; revision=327417
* - update firefox to 23.0Florian Smeets2013-08-082-6/+15
| | | | | | | | | | | | - update firefox-esr, thunderbird and libxul to 17.0.8 - update seamonkey to 2.20 - fix plist for *-i18n Security: 0998e79d-0055-11e3-905b-0025905a4771 In collaboration with: Jan Beich <jbeich@tormail.org> Notes: svn path=/head/; revision=324409
* Update to 3.15.1Florian Smeets2013-07-1010-36/+28
| | | | | | | Submitted by: Jan Beich <jbeich@tormail.org> Notes: svn path=/head/; revision=322687
* - update firefox to 21.0Florian Smeets2013-05-162-17/+5
| | | | | | | | | | | | - update firefox-esr and thunderbird to 17.0.6 - WEBRTC now supports PULSEAUDIO - make linux-firefox work with plugins again (e.g. quakelive) Security: 4a1ca8a4-bd82-11e2-b7a0-d43d7e0c7c02 In collaboration with: Jan Beich <jbeich@tormail.org> Notes: svn path=/head/; revision=318268
* Rely on bsdtar to autodetermine the format of the distfiles when possibleBaptiste Daroussin2013-04-291-2/+1
| | | | | | | | | | For a while now bsdtar is able to autotermine compression and archive format. Let's then use tar directly instead of piping to tar. Now USE_BZIP2 and USE_XZ only set EXTRACT_SUFX to the right format Notes: svn path=/head/; revision=316786
* - update thunderbird, firefox-esr, linux-thunderbird and linux-firefox toFlorian Smeets2013-04-033-20/+6
| | | | | | | | | | | | | | | | | | | 17.0.5 - update firefox to 20.0 - update seamonkey and linux-seamonkey to 2.17 - update nspr to 4.9.6 - remove mail/thunderbird-esr, Mozilla stopped providing 2 versions of thunderbird - prune support for old FreeBSD versions; users of 8.2, 7.4 or earlier are advised to upgrade - http://www.freebsd.org/security/ - add vuln.xml entry Security: 94976433-9c74-11e2-a9fc-d43d7e0c7c02 Approved by: portmgr (miwi) In collaboration with: Jan Beich <jbeich@tormail.org> Notes: svn path=/head/; revision=315713
* Move this check to the correct place.Florian Smeets2013-02-231-1/+1
| | | | | | | | Submitted by: Jan Beich <jbeich@tormail.org> Pointhat to: flo Notes: svn path=/head/; revision=312801
* Add support for older FreeBSD released by relying on USE_GCCFlorian Smeets2013-02-211-0/+4
| | | | | | | | Requested by: ale Submitted by: Jan Beich <jbeich@tormail.org> Notes: svn path=/head/; revision=312726
* The files we are looking for are also in ${LOCALBASE}/bin, this shouldFlorian Smeets2013-02-201-1/+1
| | | | | | | | | | | | | | | | | | | | | help people that installed binutils on an older version of FreeBSD and upgraded base in the meantime. e.g. Install binutils on 9.0 they got installed in ${LOCALBASE}/x86_64-portbld-freebsd9.0 after upgrading to 9.1 the nss port would look in ${LOCALBASE}/x86_64-portbld-freebsd9.1 and not find the tools its looking for, falling back to the tools from base that don't support all the instructions the nss ports needs. Avoid all this by using ${LOCALBASE}/bin Notes: svn path=/head/; revision=312675
* - update firefox to 19.0Florian Smeets2013-02-199-56/+64
| | | | | | | | | | | | | | | | | - update firefox-esr, thunderbird, linux-firefox, linux-thunderbird to 17.0.3 - update linux-seamonkey to 2.16 - update nspr to 4.9.5 - update nss to 3.14.3 - add DuckDuckGo search plugin to firefox [1] - mark kompozer deprecated - clang fixes for www/libxul19 [2] Security: http://www.vuxml.org/freebsd/e3f0374a-7ad6-11e2-84cd-d43d7e0c7c02.html Submitted by: DuckDuckGo [1], dim [2] In collaboration with: Jan Beich <jbeich@tormail.org> Notes: svn path=/head/; revision=312608
* - update firefox, thunderbird, linux-firefox and linux-thunderbird to 17.0.2Florian Smeets2013-01-091-5/+3
| | | | | | | | | | - update firefox-esr, thunderbird-esr and libxul to 10.0.12 - update linux-seamonkey to 2.15 Security: http://www.vuxml.org/freebsd/a4ed6632-5aa9-11e2-8fcb-c8600054b392.html Notes: svn path=/head/; revision=310165
* Update to 3.14.1.with.ckbi.1.93Florian Smeets2013-01-052-6/+7
| | | | | | | | | | This was released to revoke certificates that were used for MITM. For details see: https://blog.mozilla.org/security/2013/01/03/revoking-trust-in-two-turktrust-certficates/ Notes: svn path=/head/; revision=309970
* - Update www/firefox{,-i18n} to 16.0.2Florian Smeets2012-10-283-6/+8
| | | | | | | | | | | | | | | | | | | | | - Update seamonkey to 2.13.2 - Update ESR ports and libxul to 10.0.10 - Update nspr to 4.9.3 - Update nss to 3.14 - with GNOMEVFS2 option build its extension, too [1] - make heap-committed and heap-dirty reporters work in about:memory - properly mark QT4 as experimental (needs love upstream) - *miscellaneous cleanups and fixups* mail/thunderbird will be updated once the tarballs are available. PR: ports/173052 [1] Security: 6b3b1b97-207c-11e2-a03f-c8600054b392 Feature safe: yes In collaboration with: Jan Beich <jbeich@tormail.org> Notes: svn path=/head/; revision=306558
* - Update firefox-esr, thunderbird-esr, linux-firefox and linux-thunderbird ↵Florian Smeets2012-10-103-1/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | to 10.0.8 - Update firefox and thunderbird to 16.0 - Update seamonkey to 2.13 - Update all -i18n ports respectively - switch firefox 16.0 and seamonkey 2.13 to ALSA by default for better latency during pause and seeking with HTML5 video - remove fedisableexcept() hacks, obsolete since FreeBSD 4.0 - support system hunspell dictionaries [1] - unbreak -esr ports with clang3.2 [2] - unbreak nss build when CC contains full path [3] - remove GNOME option grouping [4] - integrate enigmail into thunderbird/seamonkey as an option [5] - remove mail/enigmail* [6] - enable ENIGMAIL, LIGHTNING and GIO options by default - add more reporters in about:memory: page-faults-hard, page-faults-soft, resident, vsize - use bundled jemalloc 3.0.0 on FreeBSD < 10.0 for gecko 16.0, only heap-allocated reporter works in about:memory (see bug 762445) - use lrintf() instead of slow C cast in bundled libopus - use libjpeg-turbo's faster color conversion if available during build - record startup time for telemetry - use -z origin instead of hardcoding path to gecko runtime - fail early if incompatible libxul version is installed (in USE_GECKO) - *miscellaneous cleanups and fixups* PR: ports/171534 [1] PR: ports/171566 [2] PR: ports/172164 [3] PR: ports/172201 [4] Discussed with: ale, beat, Jan Beich [5] Approved by: ale [6] In collaboration with: Jan Beich <jbeich@tormail.org> Security: 6e5a9afd-12d3-11e2-b47d-c8600054b392 Feature safe: yes Approved by: portmgr (beat) Notes: svn path=/head/; revision=305684
* - Update firefox to 15.0.1Florian Smeets2012-09-072-9/+15
| | | | | | | | | | | | | | | | | | | | | | | - Sync changes from gecko repository@r995 general - don't specify prefix for libevent when using pkg-config - ia64 and sparc64 use 8k pagesize by default - add visibility hack for clang 3.2 with libc++ - fix build using clang 3.2 (on FreeBSD 10-CURRENT) - rename a few more patches to ease tracking of bugzilla bugs www/seamonkey - unbreak unsetting LDAP and MAILNEWS options after bug 707305 - use compile time debugging WITH_DEBUG security/nss - unbreak install WITH_DEBUG - unbreak powerpc64 devel/nspr - use absolute paths when specifiying srcdir to make gdb(1) happy In collaboration with: andreast, zeising, Jan Beich <jbeich@tormail.org> Notes: svn path=/head/; revision=303831
* - update firefox and thunderbird to 15.0Florian Smeets2012-08-305-23/+33
| | | | | | | | | | | | | | | | | | | | | | | | - update firefox-esr, thunderbird-esr, linux-thunderbird and linux-firefox to 10.0.7 - update seamonkey and linux-seamonkey to 2.12 - update nss to 3.13.6 - update bsdipc code (posix_spawn, SysV shared memory) - rename patches to easily track those not (yet) submitted upstream - reduce package size, except for www/libxul[1] - restore default objdir to what it was in 13.0 - fix mail/enigmail after thunderbird build changes - don't accidentally pick up headers from installed ports[3] - add support for PREFIX != LOCALBASE to Makefile.webplugins [4] - document vulnerabilities in vuln.xml - *miscellaneous cleanups and fixups* Obtained from: OpenBSD ports[1] PR: ports/159831, ports/160933, ports/170467[3], ports/170236 [4] Submitted by: avilla [4] In collaboration with: Jan Beich <jbeich@tormail.net> Who did most of the hard work. Notes: svn path=/head/; revision=303378
* - update firefox/thunderbird ESR versions to 10.0.6Florian Smeets2012-07-262-2/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - update firefox 14.0.1 - update thunderbird to 14.0 - update seamonkey to 2.11 - switch to new options framework - add experimental rendering via cairo-qt (QT4 option) - add audio backend options (ALSA and PulseAudio) - rename SMB option to GNOMEVFS2 - turn on LOGGING by default (like upstream linux builds) - improve about:memory output - unbreak PGO - use system libs [1] - switch to libevent2 [2] - fix conflict with devel/libunwind and base gcc [3] - unbreak clang/libc++ build [4] - unbreak build with base gcc on >= 9.x [5] - use common IPC code with other BSDs[6] - and *miscellaneous improvements* PR: ports/146231 [1], ports/161421 [2] ports/150631, ports/168369, ports/168637, ports/168793, ports/168978 [3] ports/163454, ports/164905, ports/169231 [4] ports/169389, ports/169479 [5] Obtained from: pkgsrc via bugzilla #753046 [6] In collaboration with: Jan Beich (who did the major part of this work and deserves a special thank you!) Notes: svn path=/head/; revision=301582
* Update to 3.13.5Florian Smeets2012-06-042-3/+3
| | | | Notes: svn path=/head/; revision=298395
* update to 3.13.4Florian Smeets2012-04-142-3/+3
| | | | Notes: svn path=/head/; revision=294830
* Update to 3.13.3Florian Smeets2012-03-052-3/+3
| | | | Notes: svn path=/head/; revision=292757
* update to 3.13.2Florian Smeets2012-02-204-39/+10
| | | | Notes: svn path=/head/; revision=291954
* add upstream patch, to fix "__GNUC_MINOR is not defined" build error thatFlorian Smeets2012-01-312-0/+24
| | | | | | | | | | | | | | | causes some ports depending on nss to fail. e.g. net-im/pidgin-sipe. The patch is taken from https://bugzilla.mozilla.org/show_bug.cgi?id=702090 This patch will be part of the next nss release and can be removed with the next update. PR: ports/164655 PR: ports/164391 Submitted by: rm Notes: svn path=/head/; revision=290207
* - update to NSS_3_13_1_WITH_CKBI_1_88_RTMFlorian Smeets2012-01-122-8/+10
| | | | | | | | | - some fixes to make the regression tests actually run [1] Submitted by: mi [1] Notes: svn path=/head/; revision=289060
* update to CKBI version 1.88 which includes the latest mozilla cert dataFlorian Smeets2011-12-282-3/+4
| | | | Notes: svn path=/head/; revision=288205
* Move nspr and nss to gecko@ team. they are part of the mozilla stack.Koop Mast2011-10-071-1/+1
| | | | | | | Talked with flo@ at EuroBSD con 2011 Notes: svn path=/head/; revision=283150
* Update to 3.12.11.Koop Mast2011-09-032-5/+8
| | | | | | | | | This update is based on the nss-3.12.11.with.ckbi.1.87 release. The only change with the nss-3.12.11 release is that the certs from the DigiNotar CA are marked a untrusted. Notes: svn path=/head/; revision=281099
* Update to 3.12.10.Koop Mast2011-08-132-4/+5
| | | | | | | | PR: ports/159080 Submitted by: flo@ Notes: svn path=/head/; revision=279603
* Patch a assumtion that uname -m returns the architecture value instead of ↵Koop Mast2011-03-031-0/+11
| | | | | | | | | | | | | MACHINE. This makes it unbuildable on platforms where these differ (pc98, powerpc64, sun4v). Use uname -p to fix this. PR: ports/155228 Submitted by: Nathan Whitehorn <nwhitehorn@FreeBSD.org> Notes: svn path=/head/; revision=270208
* Update to 3.12.9.Koop Mast2011-03-023-15/+5
| | | | | | | Submitted by: beat Notes: svn path=/head/; revision=270119
* - Update to 3.12.8Beat Gaetzi2010-10-215-203/+8
| | | | | | | Approved by: kwm Notes: svn path=/head/; revision=263400
* I did a typo of use incorrect braces in there, so it correct.Jeremy Messenger2010-07-131-1/+1
| | | | | | | | Submitted by: Anonymous <swell.k@gmail.com> Feature safe: yes Notes: svn path=/head/; revision=257705
* Fix race condition in sqlite3 backend (Bug#564011).Alex Dupre2010-06-252-5/+98
| | | | | | | | Approved by: mezz Feature safe: yes Notes: svn path=/head/; revision=256957
* Respect the LOCALBASE in a patch to find sqlite3 correct.Jeremy Messenger2010-06-241-1/+1
| | | | | | | | | PR: ports/146197 Submitted by: Anonymous <swell.k@gmail.com> Feature safe: yes Notes: svn path=/head/; revision=256919
* Fix the build on powerpc64. By adding CPU_ARCH detection.Koop Mast2010-06-112-1/+48
| | | | | | | | | | And by adding some G5-specific code in mpcpucache.c to detect cacheline sizes. PR: ports/147696 Submitted by: nwhitehorn@ Notes: svn path=/head/; revision=256407
* A bunch of changes for the SQLITE3 backend:Alex Dupre2010-05-207-87/+129
| | | | | | | | | | | | 1) fix for bug #528467 (C_UnwrapKey didn't work with DSA and EC private keys) 2) fix for bug #526231 (C_GetAttributeValue didn't correctly work) 3) partial fix for bug #564011 (object ID race on keypairgen) 4) use sqlite3 in ports (there is no reason to compile the bundled one) Approved by: no objections by marcus and gnome team Notes: svn path=/head/; revision=254639
* Fix the 'nss-config --libs' by remove the '-Wl,-R/usr/local/lib/nss' to allowJeremy Messenger2010-04-292-1/+2
| | | | | | | | | | other gecko applications to be able to build with nss. PR: ports/144994 Submitted by: mi Notes: svn path=/head/; revision=253404
* - Update to 3.12.6Beat Gaetzi2010-04-104-27/+26
| | | | | | | Approved by: marcus Notes: svn path=/head/; revision=252517
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-19 05:42:32 +0000