[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: UPDATE: www/mozilla-firefox 1.0.1
- To: ports_(_at_)_openbsd_(_dot_)_org
- Subject: Re: UPDATE: www/mozilla-firefox 1.0.1
- From: Bernd Ahlers <b_(_dot_)_ahlers_(_at_)_ba-net_(_dot_)_org>
- Date: Sat, 26 Feb 2005 19:26:08 +0100
- Mail-followup-to: ports_(_at_)_openbsd_(_dot_)_org
Christian Weisgerber [Sat Feb 26, 2005 at 01:15:16PM +0000] wrote:
>This is a straightforward update of www/mozilla-firefox to the
>Firefox 1.0.1 release. I simply plugged in the new distfile.
>(Very minor changes: One patch has been regenerated, and I've folded
>in a bit of dependency clean-up by alek_(_at_)__(_dot_)_)
>The 1.0.1 release addresses a number of security vulnerabilities.
>To counter IDN spoofing, Firefox will now always display the raw
>punycode domain name. My testing confirms this on i386.
>On amd64 and sparc64, IDN appears completely broken--Firefox will
>try to resolve the straight UTF-8 name (after % encoding). This
>accidentally confers immunity to IDN spoofing, I guess.
Works for me, on i386.
Visit your host, monkey.org