Log message:
*: recursive bump for tiff shlib major bump

Log message:
firefox102: update to 102.6.0

Security Vulnerabilities fixed in Firefox ESR 102.6

    #CVE-2022-46880: Use-after-free in WebGL

    #CVE-2022-46872: Arbitrary file read from a compromised content process

    #CVE-2022-46881: Memory corruption in WebGL

    #CVE-2022-46874: Drag and Dropped Filenames could have been truncated to
    malicious extensions

    #CVE-2022-46875: Download Protections were bypassed by .atloc and .ftploc
    files on Mac OS

    #CVE-2022-46882: Use-after-free in WebGL

    #CVE-2022-46878: Memory safety bugs fixed in Firefox 108 and Firefox ESR
    102.6

Log message:
firefox102: Disable service worker support until the root cause of the
crashes is investigated.

Log message:
firefox102: Update to 102.5.0

Security Vulnerabilities fixed in Firefox ESR 102.5

    #CVE-2022-45403: Service Workers might have learned size of cross-origin
    media files

    #CVE-2022-45404: Fullscreen notification bypass

    #CVE-2022-45405: Use-after-free in InputStream implementation

    #CVE-2022-45406: Use-after-free of a JavaScript Realm

    #CVE-2022-45408: Fullscreen notification bypass via windowName

    #CVE-2022-45409: Use-after-free in Garbage Collection

    #CVE-2022-45410: ServiceWorker-intercepted requests bypassed SameSite cookie
    policy

    #CVE-2022-45411: Cross-Site Tracing was possible via non-standard override
    headers

    #CVE-2022-45412: Symlinks may resolve to partially uninitialized buffers

    #CVE-2022-45416: Keystroke Side-Channel Leakage

    #CVE-2022-45418: Custom mouse cursor could have been drawn over browser UI

    #CVE-2022-45420: Iframe contents could be rendered outside the iframe

    #CVE-2022-45421: Memory safety bugs fixed in Firefox 107 and Firefox ESR
    102.5

Log message:
massive revision bump after textproc/icu update

Log message:
firefox102: reflect new minimum dependency of cbindgen >= 0.24

We're carrying a patch that will only build with recent cbindgen.
Issue noted by Todd Gruhn on pkgsrc-users@.

Log message:
firefox102: Update to 102.4.0

Security Vulnerabilities fixed in Firefox ESR 102.4

    #CVE-2022-42927: Same-origin policy violation could have leaked cross-origin
    URLs

    #CVE-2022-42928: Memory Corruption in JS Engine

    #CVE-2022-42929: Denial of Service via window.print

    #CVE-2022-42932: Memory safety bugs fixed in Firefox 106 and Firefox ESR
    102.4

Log message:
firefox102: update to 102.3.0

Security Vulnerabilities fixed in Firefox ESR 102.3

    #CVE-2022-3266: Out of bounds read when decoding H264

    #CVE-2022-40959: Bypassing FeaturePolicy restrictions on transient pages

    #CVE-2022-40960: Data-race when parsing non-UTF-8 URLs in threads

    #CVE-2022-40958: Bypassing Secure Context restriction for cookies with
    __Host and __Secure prefix

    #CVE-2022-40956: Content-Security-Policy base-uri bypass

    #CVE-2022-40957: Incoherent instruction cache when building WASM on ARM64

    #CVE-2022-40962: Memory safety bugs fixed in Firefox 105 and Firefox ESR
    102.3

Log message:
*: bump PKGREVISION for flac shlib bump

Log message:
firefox102: Update to 102.2.0

                  Mozilla Foundation Security Advisory 2022-34

Security Vulnerabilities fixed in Firefox ESR 102.2

    #CVE-2022-38472: Address bar spoofing via XSLT error handling

    #CVE-2022-38473: Cross-origin XSLT Documents would have inherited the
    parent's permissions

    #CVE-2022-38476: Data race and potential use-after-free in PK11_ChangePW

    #CVE-2022-38477: Memory safety bugs fixed in Firefox 104 and Firefox ESR
    102.2

    #CVE-2022-38478: Memory safety bugs fixed in Firefox 104, Firefox ESR 102.2,
    and Firefox ESR 91.13