Pullup ticket #6134 - requested by nia
www/firefox68: security fix

Revisions pulled up:
- www/firefox68/Makefile                                        1.12
- www/firefox68/PLIST                                          1.4
- www/firefox68/distinfo                                        1.10

---
  Module Name: pkgsrc
  Committed By: nia
  Date: Sat Feb 15 12:48:22 UTC 2020

  Modified Files:
  pkgsrc/www/firefox68: Makefile PLIST distinfo

  Log Message:
  firefox68: Update to 68.5.0

  Security Vulnerabilities fixed in Firefox ESR68.5

  # CVE-2020-6796: Missing bounds check on shared memory read in the parent process
  # CVE-2020-6797: Extensions granted downloads.open permission could open arbitrary applications on Mac OSX
  # CVE-2020-6798: Incorrect parsing of template tag could result in JavaScript injection
  # CVE-2020-6799: Arbitrary code execution when opening pdf links from other applications, when Firefox is configured as default pdf reader
  Note: This issue only affects Windows operating systems and when Firefox is configured as the default handler for non-default filetypes. Other operating systems are unaffected.
  # CVE-2020-6800: Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5

(bsiegert)