Netscape Navigator 4.74 has security bugs, described in http://www.cert.org/advisories/CA-2000-15.html . According to Netscape, the bugs are fixed in version 4.75. I found that the sample exploit provided by Dan Brumleve (discoverer of the bugs) no longer works with the new revision. I have only tested the BSDI and FreeBSD/i386 versions (Alpha workstations cheerfully accepted). I have also added to the MASTER_SITES. I removed ftp.ausmac.net because it has a different directory structure than the others. Removing it allows us to put "communicator/english/" into NETSCAPE_DIST_SUBDIR. There's no great urgency to the site changes, only the version bump. files changed: netscape4-communicator/files/md5 netscape47-communicator/Makefile How-To-Repeat: for bugs, either believe http://www.netscape.com/security/ or: - install Netscape 4.74 - run navigator - Edit -> Preferences... -> Advanced -> Enable Java (make it enabled) - go to http://www.brumleve.com/BrownOrifice/ - follow instructions in "Run Brown Orifice HTTPD in Netscape" section - browse files (lynx vulhost.invalid:8080/home/vuluser/orifice/) - try to repeat with Netscape 4.75 for removed site: - traceroute ftp.ausmac.net
Responsible Changed From-To: freebsd-ports->sada I'm working on these ports.
State Changed From-To: open->closed Netscape PORTVERSION is already 4.75, so committed about new MASTER_SITES lines. Thanks.
A commit references this bug: Author: miwi Date: Mon Feb 15 15:18:26 UTC 2016 New revision: 408936 URL: https://svnweb.freebsd.org/changeset/ports/408936 Log: - Document firefox -- Same-origin-policy violation using Service Workers with plugins PR: 20720 Submitted by: Christoph Moench-Tegeder Changes: head/security/vuxml/vuln.xml