From owner-freebsd-ports  Sat Aug 19 12:30:10 2000
Delivered-To: freebsd-ports@freebsd.org
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id 2DC6E37B42C
	for <freebsd-ports@FreeBSD.org>; Sat, 19 Aug 2000 12:30:02 -0700 (PDT)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.9.3/8.9.2) id MAA32469;
	Sat, 19 Aug 2000 12:30:02 -0700 (PDT)
	(envelope-from gnats@FreeBSD.org)
Received: from blues.jpj.net (blues.jpj.net [204.97.17.146])
	by hub.freebsd.org (Postfix) with ESMTP id E869A37B423
	for <freebsd-gnats-submit@freebsd.org>; Sat, 19 Aug 2000 12:20:04 -0700 (PDT)
Received: from localhost (trevor@localhost)
	by blues.jpj.net (right/backatcha) with ESMTP id e7JJK4B11345
	for <freebsd-gnats-submit@freebsd.org>; Sat, 19 Aug 2000 15:20:04 -0400 (EDT)
Message-Id: <Pine.BSI.4.21.0008191404060.9297-100000@blues.jpj.net>
Date: Sat, 19 Aug 2000 15:20:03 -0400 (EDT)
From: Trevor Johnson <trevor@jpj.net>
To: freebsd-gnats-submit@freebsd.org
Subject: ports/20720: update Netscape ports to 4.75
Sender: owner-freebsd-ports@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


>Number:         20720
>Category:       ports
>Synopsis:       update Netscape ports to 4.75
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    freebsd-ports
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sat Aug 19 12:30:01 PDT 2000
>Closed-Date:
>Last-Modified:
>Originator:     Trevor Johnson
>Release:        4.1-STABLE i386
>Organization:
myself
>Environment:

only tested under
FreeBSD ws99.invalid 4.1-STABLE FreeBSD 4.1-STABLE #0: Sat Jul 29 02:55:41
UTC 2000 root@ws99.invalid:/usr/obj/usr/src/sys/TREVOR41A i386
 
>Description:

Netscape Navigator 4.74 has security bugs, described in
http://www.cert.org/advisories/CA-2000-15.html .  According to Netscape,
the bugs are fixed in version 4.75.  I found that the sample exploit
provided by Dan Brumleve (discoverer of the bugs) no longer works with the
new revision.  I have only tested the BSDI and FreeBSD/i386 versions
(Alpha workstations cheerfully accepted).

I have also added to the MASTER_SITES.  I removed ftp.ausmac.net because
it has a different directory structure than the others.  Removing it
allows us to put "communicator/english/" into NETSCAPE_DIST_SUBDIR.

There's no great urgency to the site changes, only the version bump.

files changed:

	netscape4-communicator/files/md5
	netscape47-communicator/Makefile

>How-To-Repeat:

for bugs, either believe http://www.netscape.com/security/ or:
 - install Netscape 4.74
 - run navigator
 - Edit -> Preferences... -> Advanced -> Enable Java (make it enabled)
 - go to http://www.brumleve.com/BrownOrifice/
 - follow instructions in "Run Brown Orifice HTTPD in Netscape" section
 - browse files (lynx vulhost.invalid:8080/home/vuluser/orifice/)
 - try to repeat with Netscape 4.75

for removed site:
 - traceroute ftp.ausmac.net

>Fix:

diff -ru www.orig/netscape4-communicator/files/md5 www/netscape4-communicator/files/md5
--- www.orig/netscape4-communicator/files/md5	Tue Aug  8 16:25:13 2000
+++ www/netscape4-communicator/files/md5	Sat Aug 19 16:47:29 2000
@@ -1,11 +1,12 @@
 MD5 (Fortify-1.4.6-unix-x86.tar.gz) = 93fd03a90dcfbf8d55ce0785d2a42ffc
 MD5 (autoadmin-v408.x86-unknown-freebsd.tar.gz) = 0435245b83fc5d9be6844ebfa1a242f0
 MD5 (communicator-v408-export.x86-unknown-freebsd.tar.gz) = dfe7005dd39ac900fe336d6f052acfdb
-MD5 (communicator-v474-us.alpha-dec-osf4.0.tar.gz) = c38db0f4496f02ac55c52d14e814f58f
-MD5 (communicator-v474-us.x86-bsdi-bsd2.tar.gz) = dbd4f625781dec0fd78c6846279f9fe4
-MD5 (communicator-v474-us.x86-unknown-freebsd.tar.gz) = c263ce8213ecb99d15cde03815774c77
-MD5 (communicator-v474-us.x86-unknown-linux2.2.tar.gz) = f9004cf09b6147d6f56c7302447bfcfe
+MD5 (communicator-v475-us.alpha-dec-osf4.0.tar.gz) = 762aba7a8a6871733d7e745c25e618b5
+MD5 (communicator-v475-us.x86-bsdi-bsd2.tar.gz) = 30280590f4e75bea070ec6e4f902cff0
+MD5 (communicator-v475-us.x86-unknown-freebsd.tar.gz) = 937948331ee2dad0f2010678dfa29668
+MD5 (communicator-v475-us.x86-unknown-linux2.2.tar.gz) = 3fdb3b2a8200646b8816fc428975584b
 MD5 (navigator-v408-export.x86-unknown-freebsd.tar.gz) = 63d607f8e861471f4dcd14d048e1f652
-MD5 (navigator-v474-us.x86-bsdi-bsd2.tar.gz) = 859b024aec21cf440608b8631a9ac475
-MD5 (navigator-v474-us.x86-unknown-freebsd.tar.gz) = fd174c0ffef1f6f6cccae321b29cd4c0
-MD5 (navigator-v474-us.x86-unknown-linux2.2.tar.gz) = 04faccc952e0d5a78a3c13e0f04e6c5b
+MD5 (navigator-v475-us.alpha-dec-osf4.0.tar.gz) = 688bbf5ee77f2145bcd575a2aa918a88
+MD5 (navigator-v475-us.x86-bsdi-bsd2.tar.gz) = 35db9c1fc5db01131d99167b6746df9f
+MD5 (navigator-v475-us.x86-unknown-freebsd.tar.gz) = 9ffc7c025339e190dda1e42a8f5241a6
+MD5 (navigator-v475-us.x86-unknown-linux2.2.tar.gz) = 4fd68b63566033ad94f1fa06acb8b36b
diff -ru www.orig/netscape47-communicator/Makefile www/netscape47-communicator/Makefile
--- www.orig/netscape47-communicator/Makefile	Sun Jul 30 01:17:35 2000
+++ www/netscape47-communicator/Makefile	Sat Aug 19 16:17:49 2000
@@ -12,16 +12,37 @@
 .include <bsd.port.pre.mk>
 .endif
 
-MASTER_SITES=	ftp://ftp.netscape.com/pub/communicator/english/${NETSCAPE_DIST_SUBDIR}/ \
-		ftp://ftp.spin.ad.jp/pub/WWW/netscape/communicator/english/${NETSCAPE_DIST_SUBDIR}/ \
-		ftp://ftp.sunet.se/pub/www/Netscape/communicator/english/${NETSCAPE_DIST_SUBDIR}/ \
-		ftp://ftp.hi.is/pub/mirrors/ftp.netscape.com/pub/communicator/english/${NETSCAPE_DIST_SUBDIR}/ \
-		ftp://ftp.unicamp.br/pub6/netscape/communicator/english/${NETSCAPE_DIST_SUBDIR}/ \
-		ftp://the.ausmac.net/wd2a/security/cryptography/128bit-browsers/Netscape/${NETSCAPE_DIST_SUBDIR}/
-DISTFILES=	${BROWSER}-v474-us.${NETSCAPE_DIST_TAG}.tar.gz
+MASTER_SITES=	ftp://ftp.netscape.com/pub/${NETSCAPE_DIST_SUBDIR} \
+		ftp://ftp.bu.edu/pub/mirrors/ftp.netscape.com/pub/${NETSCAPE_DIST_SUBDIR} \
+		ftp://ftp.cuhk.edu.hk/pub/www/netscape/${NETSCAPE_DIST_SUBDIR} \
+		ftp://ftp.spin.ad.jp/pub/WWW/netscape/${NETSCAPE_DIST_SUBDIR} \
+		ftp://sunsite.sut.ac.jp/pub/archives/WWW/netscape/${NETSCAPE_DIST_SUBDIR} \
+		ftp://ftp.kmitl.ac.th/pub/netscape/${NETSCAPE_DIST_SUBDIR} \
+		ftp://ftp.tuwien.ac.at/z134/infosys/browsers/netscape/pub/${NETSCAPE_DIST_SUBDIR} \
+		ftp://ftp.euronet.be/pub/mirror/ftp.netscape.com/pub/${NETSCAPE_DIST_SUBDIR} \
+		ftp://sunsite.cnlab-switch.ch/mirror/netscape/${NETSCAPE_DIST_SUBDIR} \
+		ftp://ftp.uni-heidelberg.de/pub/Netscape/pub/${NETSCAPE_DIST_SUBDIR} \
+		ftp://ftp.darenet.dk/mirrors/ftp2.netscape.com/pub/${NETSCAPE_DIST_SUBDIR} \
+		ftp://ftp.cica.es/pub5/netscape/${NETSCAPE_DIST_SUBDIR} \
+		ftp://ftp.calvacom.fr/pub1/browser/${NETSCAPE_DIST_SUBDIR} \
+		ftp://ftp.ciril.fr/pub1/netscape/${NETSCAPE_DIST_SUBDIR} \
+		ftp://ftp.uniroma2.it/%7bC/Netscape/${NETSCAPE_DIST_SUBDIR} \
+		ftp://ftp.nluug.nl/vol/2/netscape/${NETSCAPE_DIST_SUBDIR} \
+		ftp://ftp.ntnu.no/pub/www/Netscape/${NETSCAPE_DIST_SUBDIR} \
+		ftp://sunsite.uio.no/pub/network/web/netscape/${NETSCAPE_DIST_SUBDIR} \
+		ftp://ftp.man.poznan.pl/vols/vol1/netscape/${NETSCAPE_DIST_SUBDIR} \
+		ftp://ftp.sunet.se/pub/www/Netscape/${NETSCAPE_DIST_SUBDIR} \
+		ftp://ftp.uakom.sk/pub/WWW/Netscape/${NETSCAPE_DIST_SUBDIR} \
+		ftp://ftp.hi.is/pub/mirrors/ftp.netscape.com/pub/${NETSCAPE_DIST_SUBDIR} \
+		ftp://ftp.unicamp.br/pub6/netscape/${NETSCAPE_DIST_SUBDIR} \
+		ftp://ftp.mox.uniandes.edu.co/pub/${NETSCAPE_DIST_SUBDIR} \
+		ftp://ftp.nsu.ru/pub/mirrors/ftp-de.netscape.com/pub/${NETSCAPE_DIST_SUBDIR} \
+		ftp://ftp.curtin.edu.au/pub/internet/netscape/${NETSCAPE_DIST_SUBDIR}
+		
+DISTFILES=	${BROWSER}-v475-us.${NETSCAPE_DIST_TAG}.tar.gz
 
 MASTERDIR=	${.CURDIR}/../netscape4-communicator
-WRKSRC=		${WRKDIR}/${BROWSER}-v474.${NETSCAPE_DIST_TAG}
+WRKSRC=		${WRKDIR}/${BROWSER}-v475.${NETSCAPE_DIST_TAG}
 ONLY_FOR_ARCHS?=	i386 alpha
 
 .if ${ARCH} == "alpha" && !defined(BROWSER)
@@ -39,12 +60,12 @@
 
 NETSCAPE_DIST_ARCH?=	unsupported/freebsd # | supported/dec_unix40 | supported/linux22 | unsupported/bsdi21
 NETSCAPE_DIST_GRADE?=	complete_install # | navigator_standalone
-NETSCAPE_DIST_SUBDIR?=	${BROWSER_VER}/unix/${NETSCAPE_DIST_ARCH}/${NETSCAPE_DIST_GRADE}
+NETSCAPE_DIST_SUBDIR?=	communicator/english/${BROWSER_VER}/unix/${NETSCAPE_DIST_ARCH}/${NETSCAPE_DIST_GRADE}/
 NETSCAPE_DIST_TAG?=	x86-unknown-freebsd # | x86-unknown-linux2.2 | x86-bsdi-bsd2 | alpha-dec-osf4.0
 
-BROWSER_VER=	4.74
-INFILE_HEAD?=	'Communicator,4.74.0.20000707'
+BROWSER_VER=	4.75
+INFILE_HEAD?=	'Communicator,4.75.0.20000814'
 NO_AUTOADMIN=	'Not available'
-NO_FORTIFY=	'No need for 4.74'
+NO_FORTIFY=	'No need for 4.75'
 
 .include "${MASTERDIR}/Makefile"



>Release-Note:
>Audit-Trail:
>Unformatted:


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message