Next | Query returned 1 messages, browsing 1 to 10 | previous

History of commit frequency

CVS Commit History:


   2023-01-26 20:58:25 by Benny Siegert | Files touched by this commit (4) | Package updated
Log message:
Pullup ticket #6725 - requested by nia
www/firefox102: security fix
www/firefox102-l10n: dependent update

Revisions pulled up:
- www/firefox102-l10n/Makefile                                  1.9
- www/firefox102-l10n/distinfo                                  1.8
- www/firefox102/Makefile                                       1.15
- www/firefox102/distinfo                                       1.10

---
   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Tue Jan 24 17:59:28 UTC 2023

   Modified Files:
   	pkgsrc/www/firefox102: Makefile distinfo
   	pkgsrc/www/firefox102-l10n: Makefile distinfo

   Log message:
   firefox102: Update to 102.7.0

   Security Vulnerabilities fixed in Firefox ESR 102.7

       #CVE-2022-46871: libusrsctp library out of date

       #CVE-2023-23598: Arbitrary file read from GTK drag and drop on Linux

       #CVE-2023-23599: Malicious command could be hidden in devtools output on
       Windows

       #CVE-2023-23601: URL being dragged from cross-origin iframe into same tab
       triggers navigation

       #CVE-2023-23602: Content Security Policy wasn't being correctly applied to
       WebSockets in WebWorkers

       #CVE-2022-46877: Fullscreen notification bypass

       #CVE-2023-23603: Calls to <code>console.log</code> allowed \ 
bypasing Content
       Security Policy via format directive

       #CVE-2023-23605: Memory safety bugs fixed in Firefox 109 and Firefox ESR
       102.7

Next | Query returned 1 messages, browsing 1 to 10 | previous