head	1.2;
access;
symbols
	RELEASE_4_5_0:1.1
	RELEASE_4_4_0:1.1
	RELEASE_4_3_0:1.1
	RELEASE_4_2_0:1.1;
locks; strict;
comment	@# @;


1.2
date	2002.02.10.23.05.21;	author trevor;	state dead;
branches;
next	1.1;

1.1
date	2000.11.04.23.08.07;	author trevor;	state Exp;
branches;
next	;


desc
@@


1.2
log
@Send the BSD/OS Netscape ports to Davy Jones' locker.
They have at least two dangerous bugs:

- a buffer overflow in the password field of HTML forms can lead
  to execution of hostile code, as reported by Michal Zalewski at
  (URL:http://www.securityfocus.com/archive/1/136137).  This was the
  subject of advisory FreeBSD-SA-00:66.

- if JavaScript is enabled, JavaScript code embedded in the comment
  blocks of images can be executed.  This can result in sensitive
  information being sent to a Web server. The bug was reported by
  Florian Wesch at (URL:http://www.securityfocus.com/archive/1/175060)
  and (URL:http://www.dividuum.de/).

Requested by:	nectar
@
text
@*******************************************************************************
None of the Software or underlying information or technology may be downloaded
or otherwise exported or re-exported (i) into (or to a national or resident of)
Cuba, Iraq, Libya, Sudan, North Korea, Iran, Syria or any other country to
which the U.S. has embargoed goods; or (ii) to anyone on the U.S. Treasury
Department's list of Specially Designated Nationals or the U.S. Commerce
Department's Table of Denial Orders.  By downloading or using the Software, you
are agreeing to the foregoing and you are representing and warranting that you
are not located in, under the control of, or a national or resident of any such
country or on any such list.
*******************************************************************************
@


1.1
log
@Now that the Netscape master port has been updated to 4.76, keep
these at 4.75 for users who want to take a risk.  Keep them forbidden,
and mention that a fixed version exists.  Create a PKGMESSAGE file
for the export notice.
@
text
@@

