Subject: CVS commit: pkgsrc/www/firefox68
From: Nia Alarie
Date: 2020-05-09 15:08:01
Message id: 20200509130801.D85A1FB27@cvs.NetBSD.org
Log Message:
firefox68: Update to 68.8.0

Security Vulnerabilities fixed in Firefox ESR 68.8

    #CVE-2020-12387: Use-after-free during worker shutdown

    #CVE-2020-12388: Sandbox escape with improperly guarded Access Tokens

    #CVE-2020-12389: Sandbox escape with improperly separated process types

    #CVE-2020-6831: Buffer overflow in SCTP chunk input validation

    #CVE-2020-12392: Arbitrary local file access with 'Copy as cURL'

    #CVE-2020-12393: Devtools' 'Copy as cURL' feature did not fully escape
    website-controlled data, potentially leading to command injection

    #CVE-2020-12395: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8
Files:
RevisionActionfile
1.20modifypkgsrc/www/firefox68/Makefile
1.6modifypkgsrc/www/firefox68/PLIST
1.15modifypkgsrc/www/firefox68/distinfo