Date: Sun, 23 Jan 2022 06:28:41 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=261410 Bug ID: 261410 Summary: www/firefox: unfixed security vulnerabilities Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: gecko@FreeBSD.org Reporter: email@example.com Flags: maintainer-feedback?(gecko@FreeBSD.org) Assignee: gecko@FreeBSD.org The current port version 95.0.2 has several security vulnerabilities which are fixed in firefox 96: <https://www.mozilla.org/en-US/security/advisories/mfsa2022-01/> The following are classified as high impact: * CVE-2022-22746 * CVE-2022-22743 * CVE-2022-22741 * CVE-2022-22740 * CVE-2022-22738 * CVE-2022-22737 * CVE-2021-4140 * CVE-2022-22751 There are also no entries in security/vuxml. Is anyone working on the upgrade to 96.0.2? Unfortunately, the update is not trivial. Some larger patches no longer apply. -- You are receiving this mail because: You are the assignee for the bug.