Subject: CVS commit: [pkgsrc-2021Q3] pkgsrc/www
From: Benny Siegert
Date: 2021-10-11 20:36:20
Message id: 20211011183620.EB6E9FA97@cvs.NetBSD.org
Log Message:
Pullup ticket #6509 - requested by nia
www/firefox91: security fix
www/firefox91-l10n: dependent update

Revisions pulled up:
- www/firefox91-l10n/Makefile                                   1.3
- www/firefox91-l10n/distinfo                                   1.4
- www/firefox91/Makefile                                        1.6
- www/firefox91/distinfo                                        1.4

---
   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Fri Oct  8 14:41:35 UTC 2021

   Modified Files:
   	pkgsrc/www/firefox91: Makefile distinfo
   	pkgsrc/www/firefox91-l10n: Makefile distinfo

   Log Message:
   firefox91: Update to 91.2.0

   Security Vulnerabilities fixed in Firefox ESR 91.2

       #CVE-2021-38496: Use-after-free in MessageTask

       #CVE-2021-38497: Validation message could have been overlaid on another
       origin

       #CVE-2021-38498: Use-after-free of nsLanguageAtomService object

       #CVE-2021-32810: Data race in crossbeam-deque

       #CVE-2021-38500: Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15,
       and Firefox ESR 91.2
Files:
RevisionActionfile
1.5.2.1modifypkgsrc/www/firefox91/Makefile
1.2.2.1modifypkgsrc/www/firefox91/distinfo
1.2.2.1modifypkgsrc/www/firefox91-l10n/Makefile
1.2.2.1modifypkgsrc/www/firefox91-l10n/distinfo