Path to this page:
Subject: CVS commit: pkgsrc/www
From: Nia Alarie
Date: 2022-12-24 16:47:54
Message id: 20221224154754.A16D7FA90@cvs.NetBSD.org
Log Message:
firefox102: update to 102.6.0
Security Vulnerabilities fixed in Firefox ESR 102.6
#CVE-2022-46880: Use-after-free in WebGL
#CVE-2022-46872: Arbitrary file read from a compromised content process
#CVE-2022-46881: Memory corruption in WebGL
#CVE-2022-46874: Drag and Dropped Filenames could have been truncated to
malicious extensions
#CVE-2022-46875: Download Protections were bypassed by .atloc and .ftploc
files on Mac OS
#CVE-2022-46882: Use-after-free in WebGL
#CVE-2022-46878: Memory safety bugs fixed in Firefox 108 and Firefox ESR
102.6
Files: