Subject: CVS commit: pkgsrc/www/firefox115
From: Ryo ONODERA
Date: 2024-01-10 16:38:44
Message id: 20240110153844.5F4D8FA42@cvs.NetBSD.org
Log Message:
firefox115: Update to 115.6.0

Changelog:
115.6.0:
* Security fixes.

Mozilla Foundation Security Advisory 2023-54
#CVE-2023-6856: Heap-buffer-overflow affecting WebGL DrawElementsInstanced
 method with Mesa VM driver
#CVE-2023-6865: Potential exposure of uninitialized data in
 EncryptingOutputStream
#CVE-2023-6857: Symlinks may resolve to smaller than expected buffers
#CVE-2023-6858: Heap buffer overflow in nsTextFragment
#CVE-2023-6859: Use-after-free in PR_GetIdentitiesLayer
#CVE-2023-6860: Potential sandbox escape due to VideoBridge lack of texture
 validation
#CVE-2023-6867: Clickjacking permission prompts using the popup transition
#CVE-2023-6861: Heap buffer overflow affected nsWindow::PickerOpen(void) in
 headless mode
#CVE-2023-6862: Use-after-free in nsDNSService
#CVE-2023-6863: Undefined behavior in ShutdownObserver()
#CVE-2023-6864: Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and
 Thunderbird 115.6
Files:
RevisionActionfile
1.13modifypkgsrc/www/firefox115/Makefile
1.4modifypkgsrc/www/firefox115/distinfo
1.6modifypkgsrc/www/firefox115/mozilla-common.mk