Navigation:
Browse pkgsrc
(this page) 2023-08-28 08:46:34 by Nia Alarie | Files touched by this commit (59) |  |
Log message: Remove www/firefox91 We were keeping this around for screen recording support, which is now supported and stable in 102 ESR. |
2022-09-06 17:38:35 by Nia Alarie | Files touched by this commit (4) |  |
Log message:
firefox91: update to 91.13.0
Security Vulnerabilities fixed in Firefox ESR 91.13
#CVE-2022-38472: Address bar spoofing via XSLT error handling
#CVE-2022-38473: Cross-origin XSLT Documents would have inherited the
parent's permissions
#CVE-2022-38478: Memory safety bugs fixed in Firefox 104, Firefox ESR 102.2,
and Firefox ESR 91.13
|
| 2022-08-09 15:39:28 by Nia Alarie | Files touched by this commit (5) | |
Log message:
firefox91: update to 91.12.0. Fix building with latest cbindgen.
Mozilla Foundation Security Advisory 2022-29
Security Vulnerabilities fixed in Firefox ESR 91.12
#CVE-2022-36319: Mouse Position spoofing with CSS transforms
#CVE-2022-36318: Directory indexes for bundled resources reflected URL
parameters
|
| 2022-07-22 10:16:40 by Nia Alarie | Files touched by this commit (4) | |
Log message:
firefox91: update to 91.11.0
Mozilla Foundation Security Advisory 2022-25
Security Vulnerabilities fixed in Firefox ESR 91.11
#CVE-2022-34479: A popup window could be resized in a way to overlay the
address bar with web content
#CVE-2022-34470: Use-after-free in nsSHistory
#CVE-2022-34468: CSP sandbox header without `allow-scripts` can be bypassed
via retargeted javascript: URI
#CVE-2022-34481: Potential integer overflow in ReplaceElementsAt
#CVE-2022-31744: CSP bypass enabling stylesheet injection
#CVE-2022-34472: Unavailable PAC file resulted in OCSP requests being
blocked
#CVE-2022-34478: Microsoft protocols can be attacked if a user accepts a
prompt
#CVE-2022-2200: Undesired attributes could be set as part of prototype
pollution
#CVE-2022-34484: Memory safety bugs fixed in Firefox 102 and Firefox ESR
91.11
|
| 2022-06-14 11:17:20 by Nia Alarie | Files touched by this commit (4) | |
Log message:
firefox91: update to 91.10.0
Security Vulnerabilities fixed in Firefox ESR 91.10
#CVE-2022-31736: Cross-Origin resource's length leaked
#CVE-2022-31737: Heap buffer overflow in WebGL
#CVE-2022-31738: Browser window spoof using fullscreen mode
#CVE-2022-31739: Attacker-influenced path traversal when saving downloaded
files
#CVE-2022-31740: Register allocation problem in WASM on arm64
#CVE-2022-31741: Uninitialized variable leads to invalid memory read
#CVE-2022-31742: Querying a WebAuthn token with a large number of
allowCredential entries may have leaked cross-origin information
#CVE-2022-31747: Memory safety bugs fixed in Firefox 101 and Firefox ESR
91.10
|
| 2022-05-16 23:21:29 by Nia Alarie | Files touched by this commit (2) |
Log message: firefox91-l10n: sync with firefox91 |
| 2022-04-10 15:43:44 by Nia Alarie | Files touched by this commit (4) | |
Log message: firefox91: update to 91.8.0 Security Vulnerabilities fixed in Firefox ESR 91.8 #CVE-2022-1097: Use-after-free in NSSToken objects #CVE-2022-28281: Out of bounds write due to unexpected WebAuthN Extensions #CVE-2022-1196: Use-after-free after VR Process destruction #CVE-2022-28282: Use-after-free in DocumentL10n::TranslateDocument #CVE-2022-28285: Incorrect AliasSet used in JIT Codegen #CVE-2022-28286: iframe contents could be rendered outside the border #CVE-2022-24713: Denial of Service via complex regular expressions #CVE-2022-28289: Memory safety bugs fixed in Firefox 99 and Firefox ESR 91.8 |
| 2022-03-10 17:28:30 by Nia Alarie | Files touched by this commit (2) |
Log message: firefox91-l10n: sync with firefox91 |
| 2022-02-21 04:51:53 by Nia Alarie | Files touched by this commit (2) |
Log message: firefox91-l10n: sync with firefox91 |
| 2022-01-26 14:39:12 by Ryo ONODERA | Files touched by this commit (2) |
Log message: firefox91-l10n: Update to 91.5.0 * Sync with www/firefox91-91.5.0. |
New packages: