Subject: CVS commit: [pkgsrc-2020Q2] pkgsrc/www/firefox68
From: Benny Siegert
Date: 2020-07-30 20:13:52
Message id: 20200730181352.D7EF7FB28@cvs.NetBSD.org
Log Message:
Pullup ticket #6287 - requested by nia
www/firefox68: security fix

Revisions pulled up:
- www/firefox68/Makefile                                        1.31
- www/firefox68/distinfo                                        1.21

---
   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Wed Jul 29 14:20:30 UTC 2020

   Modified Files:
   	pkgsrc/www/firefox68: Makefile distinfo

   Log Message:
   firefox68: Update to 68.11.0

   Security Vulnerabilities fixed in Firefox ESR 68.11

       #CVE-2020-15652: Potential leak of redirect targets when loading scripts in
       a worker

       #CVE-2020-6514: WebRTC data channel leaks internal address to peer

       #CVE-2020-6463: Use-after-free in ANGLE
       gl::Texture::onUnbindAsSamplerTexture

       #CVE-2020-15650: Overwriting local files through malicious file picker
       application

       #CVE-2020-15649: Exfiltrating local files through malicious file picker
       application

       #CVE-2020-15659: Memory safety bugs fixed in Firefox 79 and Firefox ESR
       68.11
Files:
RevisionActionfile
1.26.2.2modifypkgsrc/www/firefox68/Makefile
1.18.2.2modifypkgsrc/www/firefox68/distinfo