Date: Sat, 8 Aug 2015 17:57:54 -0500 From: Dutch Ingraham <stoa@gmx.us> To: Christian Weisgerber <naddy@mips.inka.de> Cc: freebsd-questions@freebsd.org Subject: Re: Firefox Vulnerabilities Message-ID: <20150808225754.GA975@slack> In-Reply-To: <slrnmsd0qc.2jnn.naddy@lorvorc.mips.inka.de> References: <20150808204639.GA8567@slack> <slrnmsd0qc.2jnn.naddy@lorvorc.mips.inka.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Aug 08, 2015 at 10:31:40PM +0000, Christian Weisgerber wrote: > On 2015-08-08, Dutch Ingraham <stoa@gmx.us> wrote: > > > As everyone knows, there was a vulnerability announced a few days ago > > related to the pdf viewer in Firefox.[1] > > > > Can someone comment on the status of [1] in the current "stable" > > Freebsd version of Firefox, 40.0,1? Thanks. > > The version of Firefox committed in r393690 (40.0-candidates/build4) > is not vulnerable. > > Presumably this was the reason a pre-release version of Firefox 40 > was committed in the first place. > > You can verify it yourself. Go and diff 39.0 and 39.0.3, then check > that the relevant change is already in 40.0/build4. > > -- > Christian "naddy" Weisgerber naddy@mips.inka.de Thanks, naddy - I was looking through the svn logs, but couldn't seem to find the diff. Just for learning purposes, can you (or anyone else) comment on why there was a beta committed when the stable 39.0.3 seems fine? (As far as I can tell, this beta version was committed to the tree after 39.03 was available.) Thanks again.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150808225754.GA975>