Subject: CVS commit: pkgsrc/www/firefox68
From: Nia Alarie
Date: 2020-02-15 13:48:22
Message id: 20200215124822.978EDFBF4@cvs.NetBSD.org
Log Message:
firefox68: Update to 68.5.0

Security Vulnerabilities fixed in Firefox ESR68.5

# CVE-2020-6796: Missing bounds check on shared memory read in the parent process
# CVE-2020-6797: Extensions granted downloads.open permission could open \ 
arbitrary applications on Mac OSX
# CVE-2020-6798: Incorrect parsing of template tag could result in JavaScript \ 
injection
# CVE-2020-6799: Arbitrary code execution when opening pdf links from other \ 
applications, when Firefox is configured as default pdf reader
	Note: This issue only affects Windows operating systems and when Firefox is \ 
configured as the default handler for non-default filetypes. Other operating \ 
systems are unaffected.
# CVE-2020-6800: Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5
Files:
RevisionActionfile
1.12modifypkgsrc/www/firefox68/Makefile
1.4modifypkgsrc/www/firefox68/PLIST
1.10modifypkgsrc/www/firefox68/distinfo