---
- branch: MAIN
  date: Thu Mar 10 16:22:47 UTC 2022
  files:
  - new: '1.14'
    old: '1.13'
    path: pkgsrc/www/firefox91/Makefile
    pathrev: pkgsrc/www/firefox91/Makefile@1.14
    type: modified
  - new: '1.11'
    old: '1.10'
    path: pkgsrc/www/firefox91/distinfo
    pathrev: pkgsrc/www/firefox91/distinfo@1.11
    type: modified
  id: 20220310T162247Z.85b72170e11d2678e82917cbf8aeb05c0b7770e6
  log: |
    firefox91: update to 91.7.0

    Security Vulnerabilities fixed in Firefox ESR 91.7

        #CVE-2022-26383: Browser window spoof using fullscreen mode

        #CVE-2022-26384: iframe allow-scripts sandbox bypass

        #CVE-2022-26387: Time-of-check time-of-use bug when verifying add-on
        signatures

        #CVE-2022-26381: Use-after-free in text reflows

        #CVE-2022-26386: Temporary files downloaded to /tmp and accessible by other
        local users
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/www/firefox91'
  unixtime: '1646929367'
  user: nia