Date: Sat, 8 Aug 2015 15:46:39 -0500 From: Dutch Ingraham <stoa@gmx.us> To: freebsd-questions@freebsd.org Subject: Firefox Vulnerabilities Message-ID: <20150808204639.GA8567@slack>
next in thread | raw e-mail | index | archive | help
Hi all: I'm currently running amd64 version 10.1-RELEASE-p16. I update my ports tree through svn. Yesterday, I updated the tree and subsequently upgraded Firefox: $ pkg info firefox firefox-40.0,1 Name : firefox Version : 40.0,1 Installed on : Fri Aug 7 08:08:07 CDT 2015 [snip] As everyone knows, there was a vulnerability announced a few days ago related to the pdf viewer in Firefox.[1] This was fixed in the latest stable version, which is apparently 39.0.3.[2] Version 40.*, which started life prior to the date of the vulnerability, remains in beta.[3] I can't seem to find where this vulnerability [1] was fixed in the beta version in the ports tree.[4] I don't see any comments in /usr/ports/UPDATING nor in /usr/ports/CHANGES related to this issue. Can someone comment on the status of [1] in the current "stable" Freebsd version of Firefox, 40.0,1? Thanks. [1] https://www.mozilla.org/en-US/security/advisories/mfsa2015-78/ [2] https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/ [3] https://www.mozilla.org/en-US/firefox/40.0beta/releasenotes/ [4] https://bugzilla.mozilla.org/buglist.cgi?j_top=OR&f1=target_milestone&\ o3=equals&v3=Firefox%2040&o1=equals&resolution=FIXED&o2=anyexact&query_\ format=advanced&f3=target_milestone&f2=cf_status_firefox40&bug_status=\ RESOLVED&bug_status=VERIFIED&bug_status=CLOSED&v1=mozilla40&v2=fixed%\ 2Cverified&limit=0
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150808204639.GA8567>