Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
	by mollari.NetBSD.org (Postfix) with ESMTPS id 0216E1A9239
	for <mhonarc+pkgsrc-changes@mail-index.netbsd.org>; Mon, 21 Feb 2022 13:34:28 +0000 (UTC)
Received: by mail.netbsd.org (Postfix, from userid 605)
	id 6716184FA3; Mon, 21 Feb 2022 13:34:28 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by mail.netbsd.org (Postfix) with ESMTP id 9B63D84F7E
	for <pkgsrc-changes@NetBSD.org>; Mon, 21 Feb 2022 13:34:27 +0000 (UTC)
X-Virus-Scanned: amavisd-new at netbsd.org
Received: from mail.netbsd.org ([IPv6:::1])
	by localhost (mail.netbsd.org [IPv6:::1]) (amavisd-new, port 10025)
	with ESMTP id gYeOu4pWXMlO for <pkgsrc-changes@netbsd.org>;
	Mon, 21 Feb 2022 13:34:27 +0000 (UTC)
Received: from cvs.NetBSD.org (ivanova.NetBSD.org [IPv6:2001:470:a085:999:28c:faff:fe03:5984])
	by mail.netbsd.org (Postfix) with ESMTP id 03FE484DA9
	for <pkgsrc-changes@NetBSD.org>; Mon, 21 Feb 2022 13:34:27 +0000 (UTC)
Received: by cvs.NetBSD.org (Postfix, from userid 500)
	id F3D87FB24; Mon, 21 Feb 2022 13:34:26 +0000 (UTC)
Content-Transfer-Encoding: 7bit
Content-Type: multipart/mixed; boundary="_----------=_1645450466132260"
MIME-Version: 1.0
Date: Mon, 21 Feb 2022 13:34:26 +0000
From: "Benny Siegert" <bsiegert@netbsd.org>
Subject: CVS commit: [pkgsrc-2021Q4] pkgsrc/www/firefox91
To: pkgsrc-changes@NetBSD.org
Reply-To: bsiegert@netbsd.org
X-Mailer: log_accum
Message-Id: <20220221133426.F3D87FB24@cvs.NetBSD.org>
Sender: pkgsrc-changes-owner@NetBSD.org
List-Id: <pkgsrc-changes.NetBSD.org>
Precedence: bulk
List-Unsubscribe: <mailto:majordomo@NetBSD.org?subject=Unsubscribe%20pkgsrc-changes&body=unsubscribe%20pkgsrc-changes>

This is a multi-part message in MIME format.

--_----------=_1645450466132260
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"

Module Name:	pkgsrc
Committed By:	bsiegert
Date:		Mon Feb 21 13:34:26 UTC 2022

Modified Files:
	pkgsrc/www/firefox91 [pkgsrc-2021Q4]: Makefile distinfo

Log Message:
Pullup ticket #6582 - requested by nia
www/firefox91: security fix

Revisions pulled up:
- www/firefox91/Makefile                                        1.13
- www/firefox91/distinfo                                        1.10

---
   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Mon Feb 21 03:43:56 UTC 2022

   Modified Files:
   	pkgsrc/www/firefox91: Makefile distinfo

   Log Message:
   firefox91: update to 91.6.0

   Security Vulnerabilities fixed in Firefox ESR 91.6

       #CVE-2022-22753: Privilege Escalation to SYSTEM on Windows via Maintenance
       Service

       #CVE-2022-22754: Extensions could have bypassed permission confirmation
       during update

       #CVE-2022-22756: Drag and dropping an image could have resulted in the
       dropped object being an executable

       #CVE-2022-22759: Sandboxed iframes could have executed script if the parent
       appended elements

       #CVE-2022-22760: Cross-Origin responses could be distinguished between
       script and non-script content-types

       #CVE-2022-22761: frame-ancestors Content Security Policy directive was not
       enforced for framed extension pages

       #CVE-2022-22763: Script Execution during invalid object state

       #CVE-2022-22764: Memory safety bugs fixed in Firefox 97 and Firefox ESR 91.6


To generate a diff of this commit:
cvs rdiff -u -r1.11.2.1 -r1.11.2.2 pkgsrc/www/firefox91/Makefile
cvs rdiff -u -r1.8.2.1 -r1.8.2.2 pkgsrc/www/firefox91/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


--_----------=_1645450466132260
Content-Disposition: inline
Content-Length: 1961
Content-Transfer-Encoding: binary
Content-Type: text/x-diff; charset=us-ascii

Modified files:

Index: pkgsrc/www/firefox91/Makefile
diff -u pkgsrc/www/firefox91/Makefile:1.11.2.1 pkgsrc/www/firefox91/Makefile:1.11.2.2
--- pkgsrc/www/firefox91/Makefile:1.11.2.1	Sun Feb 20 10:20:21 2022
+++ pkgsrc/www/firefox91/Makefile	Mon Feb 21 13:34:26 2022
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.11.2.1 2022/02/20 10:20:21 bsiegert Exp $
+# $NetBSD: Makefile,v 1.11.2.2 2022/02/21 13:34:26 bsiegert Exp $
 
 FIREFOX_VER=		${MOZ_BRANCH}${MOZ_BRANCH_MINOR}
-MOZ_BRANCH=		91.5
+MOZ_BRANCH=		91.6
 MOZ_BRANCH_MINOR=	.0esr
 
 DISTNAME=	firefox-${FIREFOX_VER}.source

Index: pkgsrc/www/firefox91/distinfo
diff -u pkgsrc/www/firefox91/distinfo:1.8.2.1 pkgsrc/www/firefox91/distinfo:1.8.2.2
--- pkgsrc/www/firefox91/distinfo:1.8.2.1	Sun Feb 20 10:20:21 2022
+++ pkgsrc/www/firefox91/distinfo	Mon Feb 21 13:34:26 2022
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.8.2.1 2022/02/20 10:20:21 bsiegert Exp $
+$NetBSD: distinfo,v 1.8.2.2 2022/02/21 13:34:26 bsiegert Exp $
 
-BLAKE2s (firefox-91.5.0esr.source.tar.xz) = ede7eb4257b2709ac5c05806761a0ab3a4cc6fb262eeb970ee47fba1bc2504fd
-SHA512 (firefox-91.5.0esr.source.tar.xz) = 1712415b6b73c6a21edfefc39eaba5fcbbca54032f78627c0005d291501d16ef4daffb8b9a160d1d5361113ceba04eb5ddb21d903e3dd8d58838aa9596f2d781
-Size (firefox-91.5.0esr.source.tar.xz) = 381371300 bytes
+BLAKE2s (firefox-91.6.0esr.source.tar.xz) = 4f738596ac1c9608dcdf2dc1f6771065ab3f9dd2927c9a0c569c9fdb671f5424
+SHA512 (firefox-91.6.0esr.source.tar.xz) = 3dd1929f93cdd087a93fc3597f32d9005c986b59832954e01a8c2472b179c92ad611eaa73d3fc000a08b838a0b70da73ff5ba82d6009160655ba6894cf04520e
+Size (firefox-91.6.0esr.source.tar.xz) = 386869628 bytes
 BLAKE2s (nodejs-output-91.0.tgz) = 5007b8d20d6264a4cd573b465643cff83c2adc75ad7dd9fba97ff5fcae787c9f
 SHA512 (nodejs-output-91.0.tgz) = 3a457101a4aaa5ae955b77c41ba6b0d98eb5dd0ae9d6d8cc77c0c7bc0e844238a9c0d86cd1838ffb6a37ad8851f871c21e4ca1bb59d11e58fc42c5fec88c298c
 Size (nodejs-output-91.0.tgz) = 201061 bytes


--_----------=_1645450466132260--