Date: Sun, 23 Jan 2022 06:28:41 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 261410] www/firefox: unfixed security vulnerabilities Message-ID: <bug-261410-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D261410 Bug ID: 261410 Summary: www/firefox: unfixed security vulnerabilities Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: gecko@FreeBSD.org Reporter: shoesoft@gmx.net Flags: maintainer-feedback?(gecko@FreeBSD.org) Assignee: gecko@FreeBSD.org The current port version 95.0.2 has several security vulnerabilities which = are fixed in firefox 96: <https://www.mozilla.org/en-US/security/advisories/mfsa2022-01/>; The following are classified as high impact: * CVE-2022-22746 * CVE-2022-22743 * CVE-2022-22741 * CVE-2022-22740 * CVE-2022-22738 * CVE-2022-22737 * CVE-2021-4140 * CVE-2022-22751 There are also no entries in security/vuxml. Is anyone working on the upgrade to 96.0.2? Unfortunately, the update is not trivial. Some larger patches no longer app= ly. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-261410-7788>