Date: Tue, 11 Aug 2015 19:48:30 +0000 (UTC) From: Jan Beich <jbeich@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r393967 - head/security/vuxml Message-ID: <201508111948.t7BJmUHE004092@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jbeich Date: Tue Aug 11 19:48:29 2015 New Revision: 393967 URL: https://svnweb.freebsd.org/changeset/ports/393967 Log: Oops, mark bundled libvpx v1.4.0 in firefox as vulnerable again libvpx v1.3.0-4418-g587ff64 in firefox-esr 38.x shouldn't be affected given Mozilla hasn't backported the update there. MFSA 2015-89 says otherwise though. https://bugzilla.mozilla.org/show_bug.cgi?id=1178215 Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Tue Aug 11 19:33:40 2015 (r393966) +++ head/security/vuxml/vuln.xml Tue Aug 11 19:48:29 2015 (r393967) @@ -65,6 +65,14 @@ Notes: <name>libvpx</name> <range><lt>1.5.0</lt></range> </package> + <package> + <name>firefox</name> + <range><lt>40.0,1</lt></range> + </package> + <package> + <name>linux-firefox</name> + <range><lt>40.0,1</lt></range> + </package> </affects> <description> <body xmlns="http://www.w3.org/1999/xhtml">; @@ -87,6 +95,7 @@ Notes: <dates> <discovery>2015-08-11</discovery> <entry>2015-08-11</entry> + <modified>2015-08-11</modified> </dates> </vuln>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201508111948.t7BJmUHE004092>