Now
pkgsrc-2019Q4 commitmail json YAML
pkgsrc/www/firefox68/Makefile@1.5.4.2
/
diff
pkgsrc/www/firefox68/PLIST@1.3.4.1 / diff
pkgsrc/www/firefox68/distinfo@1.5.4.2 / diff
pkgsrc/www/firefox68/PLIST@1.3.4.1 / diff
pkgsrc/www/firefox68/distinfo@1.5.4.2 / diff
Pullup ticket #6134 - requested by nia
www/firefox68: security fix
Revisions pulled up:
- www/firefox68/Makefile 1.12
- www/firefox68/PLIST 1.4
- www/firefox68/distinfo 1.10
---
Module Name: pkgsrc
Committed By: nia
Date: Sat Feb 15 12:48:22 UTC 2020
Modified Files:
pkgsrc/www/firefox68: Makefile PLIST distinfo
Log Message:
firefox68: Update to 68.5.0
Security Vulnerabilities fixed in Firefox ESR68.5
# CVE-2020-6796: Missing bounds check on shared memory read in the parent process
# CVE-2020-6797: Extensions granted downloads.open permission could open arbitrary applications on Mac OSX
# CVE-2020-6798: Incorrect parsing of template tag could result in JavaScript injection
# CVE-2020-6799: Arbitrary code execution when opening pdf links from other applications, when Firefox is configured as default pdf reader
Note: This issue only affects Windows operating systems and when Firefox is configured as the default handler for non-default filetypes. Other operating systems are unaffected.
# CVE-2020-6800: Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5
www/firefox68: security fix
Revisions pulled up:
- www/firefox68/Makefile 1.12
- www/firefox68/PLIST 1.4
- www/firefox68/distinfo 1.10
---
Module Name: pkgsrc
Committed By: nia
Date: Sat Feb 15 12:48:22 UTC 2020
Modified Files:
pkgsrc/www/firefox68: Makefile PLIST distinfo
Log Message:
firefox68: Update to 68.5.0
Security Vulnerabilities fixed in Firefox ESR68.5
# CVE-2020-6796: Missing bounds check on shared memory read in the parent process
# CVE-2020-6797: Extensions granted downloads.open permission could open arbitrary applications on Mac OSX
# CVE-2020-6798: Incorrect parsing of template tag could result in JavaScript injection
# CVE-2020-6799: Arbitrary code execution when opening pdf links from other applications, when Firefox is configured as default pdf reader
Note: This issue only affects Windows operating systems and when Firefox is configured as the default handler for non-default filetypes. Other operating systems are unaffected.
# CVE-2020-6800: Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5