Navigation:
Browse pkgsrc
(this page)| 2020-06-04 13:36:28 by Benny Siegert | Files touched by this commit (3) |
Log message:
Pullup ticket #6220 - requested by nia
www/firefox68: security fix
Revisions pulled up:
- www/firefox68/Makefile 1.22
- www/firefox68/distinfo 1.16
- www/firefox68/patches/patch-build_moz.configure_rust.configure 1.1
---
Module Name: pkgsrc
Committed By: nia
Date: Wed Jun 3 13:00:24 UTC 2020
Modified Files:
pkgsrc/www/firefox68: Makefile distinfo
Added Files:
pkgsrc/www/firefox68/patches: patch-build_moz.configure_rust.configure
Log message:
firefox68: Update to 68.9.0
Security Vulnerabilities fixed in Firefox ESR 68.9
#CVE-2020-12399: Timing attack on DSA signatures in NSS library
#CVE-2020-12405: Use-after-free in SharedWorkerService
#CVE-2020-12406: JavaScript Type confusion with NativeTypes
#CVE-2020-12410: Memory safety bugs fixed in Firefox 77 and Firefox ESR 68.9
|
| 2020-05-13 15:40:17 by Benny Siegert | Files touched by this commit (3) |
Log message:
Pullup ticket #6190 - requested by nia
www/firefox68: security fix
Revisions pulled up:
- www/firefox68/Makefile 1.20
- www/firefox68/PLIST 1.6
- www/firefox68/distinfo 1.15
---
Module Name: pkgsrc
Committed By: nia
Date: Sat May 9 13:08:01 UTC 2020
Modified Files:
pkgsrc/www/firefox68: Makefile PLIST distinfo
Log message:
firefox68: Update to 68.8.0
Security Vulnerabilities fixed in Firefox ESR 68.8
#CVE-2020-12387: Use-after-free during worker shutdown
#CVE-2020-12388: Sandbox escape with improperly guarded Access Tokens
#CVE-2020-12389: Sandbox escape with improperly separated process types
#CVE-2020-6831: Buffer overflow in SCTP chunk input validation
#CVE-2020-12392: Arbitrary local file access with 'Copy as cURL'
#CVE-2020-12393: Devtools' 'Copy as cURL' feature did not fully escape
website-controlled data, potentially leading to command injection
#CVE-2020-12395: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8
|
New packages: