Subject: CVS commit: [pkgsrc-2019Q3] pkgsrc/www/firefox68
From: Benny Siegert
Date: 2019-12-07 11:50:33
Message id: 20191207105033.CF0B7FA97@cvs.NetBSD.org
Log Message:
Pullup ticket #6090 - requested by nia
www/firefox68: security fix

Revisions pulled up:
- www/firefox68/Makefile                                        1.3
- www/firefox68/PLIST                                           1.2
- www/firefox68/distinfo                                        1.2

---
   Module Name:	pkgsrc
   Committed By:	ryoon
   Date:		Tue Nov  5 17:14:30 UTC 2019

   Modified Files:
   	pkgsrc/www/firefox68: Makefile PLIST distinfo

   Log Message:
   Update to 68.2.0 with patch from Piotr Meyer

   Changelog:
   Security fixes:
   #CVE-2019-15903: Heap overflow in expat library in XML_GetCurrentLineNumber
   #CVE-2019-11757: Use-after-free when creating index updates in IndexedDB
   #CVE-2019-11758: Potentially exploitable crash due to 360 Total Security
   #CVE-2019-11759: Stack buffer overflow in HKDF output
   #CVE-2019-11760: Stack buffer overflow in WebRTC networking
   #CVE-2019-11761: Unintended access to a privileged JSONView object
   #CVE-2019-11762: document.domain-based origin isolation has \ 
same-origin-property violation
   #CVE-2019-11763: Incorrect HTML parsing results in XSS bypass technique
   #CVE-2019-11764: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2
Files:
RevisionActionfile
1.1.2.1modifypkgsrc/www/firefox68/Makefile
1.1.2.1modifypkgsrc/www/firefox68/PLIST
1.1.2.1modifypkgsrc/www/firefox68/distinfo