Subject: CVS commit: pkgsrc/www
From: Nia Alarie
Date: 2022-09-24 00:52:50
Message id: 20220923225250.69A0FFA90@cvs.NetBSD.org

Log Message:
firefox102: update to 102.3.0

Security Vulnerabilities fixed in Firefox ESR 102.3

    #CVE-2022-3266: Out of bounds read when decoding H264

    #CVE-2022-40959: Bypassing FeaturePolicy restrictions on transient pages

    #CVE-2022-40960: Data-race when parsing non-UTF-8 URLs in threads

    #CVE-2022-40958: Bypassing Secure Context restriction for cookies with
    __Host and __Secure prefix

    #CVE-2022-40956: Content-Security-Policy base-uri bypass

    #CVE-2022-40957: Incoherent instruction cache when building WASM on ARM64

    #CVE-2022-40962: Memory safety bugs fixed in Firefox 105 and Firefox ESR
    102.3

Files:
RevisionActionfile
1.8modifypkgsrc/www/firefox102/Makefile
1.5modifypkgsrc/www/firefox102/distinfo
1.5modifypkgsrc/www/firefox102-l10n/Makefile
1.4modifypkgsrc/www/firefox102-l10n/distinfo
1.1removepkgsrc/www/firefox102/patches/patch-js_src_jit_arm64_vixl_MozCpu-vixl.cpp