Subject: CVS commit: pkgsrc/www/firefox91
From: Nia Alarie
Date: 2022-03-10 17:22:47
Message id: 20220310162247.152F0FB24@cvs.NetBSD.org
Log Message:
firefox91: update to 91.7.0

Security Vulnerabilities fixed in Firefox ESR 91.7

    #CVE-2022-26383: Browser window spoof using fullscreen mode

    #CVE-2022-26384: iframe allow-scripts sandbox bypass

    #CVE-2022-26387: Time-of-check time-of-use bug when verifying add-on
    signatures

    #CVE-2022-26381: Use-after-free in text reflows

    #CVE-2022-26386: Temporary files downloaded to /tmp and accessible by other
    local users
Files:
RevisionActionfile
1.14modifypkgsrc/www/firefox91/Makefile
1.11modifypkgsrc/www/firefox91/distinfo