Subject: CVS commit: pkgsrc/www/firefox115
From: David H. Gutteridge
Date: 2025-04-04 02:21:26
Message id: 20250404002126.9DA05FBE1@cvs.NetBSD.org
Log Message:
firefox115: update to 115.22.0

Security Vulnerabilities fixed in Firefox ESR 115.22

Announced
    April 1, 2025
Impact
    high
Products
    Firefox ESR
Fixed in

        Firefox ESR 115.22

#CVE-2025-3028: Use-after-free triggered by XSLTProcessor

Reporter
    Ivan Fratric of Google Project Zero
Impact
    high

Description

JavaScript code running while transforming a document with the XSLTProcessor \ 
could lead to a use-after-free.
References

    Bug 1941002
Files:
RevisionActionfile
1.44modifypkgsrc/www/firefox115/Makefile
1.24modifypkgsrc/www/firefox115/distinfo