---
- branch: MAIN
  date: Sun Apr 10 13:43:44 UTC 2022
  files:
  - new: '1.16'
    old: '1.15'
    path: pkgsrc/www/firefox91/Makefile
    pathrev: pkgsrc/www/firefox91/Makefile@1.16
    type: modified
  - new: '1.12'
    old: '1.11'
    path: pkgsrc/www/firefox91/distinfo
    pathrev: pkgsrc/www/firefox91/distinfo@1.12
    type: modified
  - new: '1.10'
    old: '1.9'
    path: pkgsrc/www/firefox91-l10n/Makefile
    pathrev: pkgsrc/www/firefox91-l10n/Makefile@1.10
    type: modified
  - new: '1.12'
    old: '1.11'
    path: pkgsrc/www/firefox91-l10n/distinfo
    pathrev: pkgsrc/www/firefox91-l10n/distinfo@1.12
    type: modified
  id: 20220410T134344Z.fcc36c2f65f6eb2db8ed7c925781fe3575a0a119
  log: |
    firefox91: update to 91.8.0

    Security Vulnerabilities fixed in Firefox ESR 91.8

    #CVE-2022-1097: Use-after-free in NSSToken objects

    #CVE-2022-28281: Out of bounds write due to unexpected WebAuthN Extensions

    #CVE-2022-1196: Use-after-free after VR Process destruction

    #CVE-2022-28282: Use-after-free in DocumentL10n::TranslateDocument

    #CVE-2022-28285: Incorrect AliasSet used in JIT Codegen

    #CVE-2022-28286: iframe contents could be rendered outside the border

    #CVE-2022-24713: Denial of Service via complex regular expressions

    #CVE-2022-28289: Memory safety bugs fixed in Firefox 99 and Firefox ESR 91.8
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/www'
  unixtime: '1649598224'
  user: nia