Navigation:
Browse pkgsrc
(this page)
www firefox9..
CVSweb ] [ 
Homepage ] [ 
RSS ] [ 
Required by ] [ 
Add to tracker ]| 2021-12-14 18:44:44 by Thomas Merkel | Files touched by this commit (4) |
Log message:
Pullup ticket #6552 - requested by nia
www/firefox91: security fix
Revisions pulled up:
- www/firefox91-l10n/Makefile 1.5
- www/firefox91-l10n/distinfo 1.7
- www/firefox91/Makefile 1.10
- www/firefox91/distinfo 1.7
---
Module Name: pkgsrc
Committed By: nia
Date: Fri Dec 10 14:32:07 UTC 2021
Modified Files:
pkgsrc/www/firefox91: Makefile distinfo
pkgsrc/www/firefox91-l10n: Makefile distinfo
Log message:
firefox91: Update to 91.4.0
Security Vulnerabilities fixed in Firefox ESR 91.4.0
#CVE-2021-43536: URL leakage when navigating while executing asynchronous
function
#CVE-2021-43537: Heap buffer overflow when using structured clone
#CVE-2021-43538: Missing fullscreen and pointer lock notification when
requesting both
#CVE-2021-43539: GC rooting failure when calling wasm instance methods
#CVE-2021-43541: External protocol handler parameters were unescaped
#CVE-2021-43542: XMLHttpRequest error codes could have leaked the existence
of an external protocol handler
#CVE-2021-43543: Bypass of CSP sandbox directive when embedding
#CVE-2021-43545: Denial of Service when using the Location API in a loop
#CVE-2021-43546: Cursor spoofing could overlay user interface when native
cursor is zoomed
#MOZ-2021-0009: Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4
|
2021-11-05 20:28:53 by Benny Siegert | Files touched by this commit (4) |  |
Log message:
Pullup ticket #6530 - requested by nia
www/firefox91: security fix
Revisions pulled up:
- www/firefox91/Makefile 1.8
- www/firefox91/PLIST 1.3
- www/firefox91/distinfo 1.6
- www/firefox91/patches/patch-modules_fdlibm_src_math__private.h 1.1
---
Module Name: pkgsrc
Committed By: nia
Date: Wed Nov 3 19:19:40 UTC 2021
Modified Files:
pkgsrc/www/firefox91: Makefile PLIST distinfo
Added Files:
pkgsrc/www/firefox91/patches: patch-modules_fdlibm_src_math__private.h
Log message:
firefox91: update to 91.3.0
Security Vulnerabilities fixed in Firefox ESR 91.3
#CVE-2021-38503: iframe sandbox rules did not apply to XSLT stylesheets
#CVE-2021-38504: Use-after-free in file picker dialog
#CVE-2021-38506: Firefox could be coaxed into going into fullscreen mode
without notification or warning
#CVE-2021-38507: Opportunistic Encryption in HTTP2 could be used to bypass
the Same-Origin-Policy on services hosted on other ports
#MOZ-2021-0008: Use-after-free in HTTP2 Session object
#CVE-2021-38508: Permission Prompt could be overlaid, resulting in user
confusion and potential spoofing
#CVE-2021-38509: Javascript alert box could have been spoofed onto an
arbitrary domain
#CVE-2021-38510: Download Protections were bypassed by .inetloc files on Mac
OS
#MOZ-2021-0007: Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3
|
| 2021-10-11 20:36:20 by Benny Siegert | Files touched by this commit (4) | |
Log message:
Pullup ticket #6509 - requested by nia
www/firefox91: security fix
www/firefox91-l10n: dependent update
Revisions pulled up:
- www/firefox91-l10n/Makefile 1.3
- www/firefox91-l10n/distinfo 1.4
- www/firefox91/Makefile 1.6
- www/firefox91/distinfo 1.4
---
Module Name: pkgsrc
Committed By: nia
Date: Fri Oct 8 14:41:35 UTC 2021
Modified Files:
pkgsrc/www/firefox91: Makefile distinfo
pkgsrc/www/firefox91-l10n: Makefile distinfo
Log message:
firefox91: Update to 91.2.0
Security Vulnerabilities fixed in Firefox ESR 91.2
#CVE-2021-38496: Use-after-free in MessageTask
#CVE-2021-38497: Validation message could have been overlaid on another
origin
#CVE-2021-38498: Use-after-free of nsLanguageAtomService object
#CVE-2021-32810: Data race in crossbeam-deque
#CVE-2021-38500: Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15,
and Firefox ESR 91.2
|
New packages: