[Bug 261410] www/firefox: unfixed security vulnerabilities
- Reply: bugzilla-noreply_a_freebsd.org: "maintainer-feedback requested: [Bug 261410] www/firefox: unfixed security vulnerabilities"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 261410] www/firefox: unfixed security vulnerabilities"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 261410] www/firefox: Upda to 96.0.2 (unfixed security vulnerabilities)"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 261410] www/firefox: Update to 96.0.2 (unfixed security vulnerabilities)"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 261410] www/firefox: Update to 96.0.2 (unfixed security vulnerabilities)"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 261410] www/firefox: Update to 96.0.2 (unfixed security vulnerabilities)"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 261410] www/firefox: Update to 96.0.2 (unfixed security vulnerabilities)"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 261410] www/firefox: Update to 96.0.2 (unfixed security vulnerabilities)"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 261410] www/firefox: Update to 96.0.2 (unfixed security vulnerabilities)"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 261410] www/firefox: Update to 96.0.2 (unfixed security vulnerabilities)"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 261410] www/firefox: Update to 96.0.2 (unfixed security vulnerabilities)"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 261410] www/firefox: Update to 96.0.2 (unfixed security vulnerabilities)"
- Reply: bugzilla-noreply_a_freebsd.org: "maintainer-approval requested: [Bug 261410] www/firefox: Update to 96.0.2 (unfixed security vulnerabilities) : [Attachment 231401] v1.0 (zstd, git)"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 261410] www/firefox: Update to 96.0.2 (unfixed security vulnerabilities)"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 261410] www/firefox: Update to 96.0.3 (unfixed security vulnerabilities)"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 261410] www/firefox: Update to 96.0.3 (unfixed security vulnerabilities)"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 261410] www/firefox: Update to 96.0.3 (unfixed security vulnerabilities)"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 261410] www/firefox: Update to 96.0.3 (unfixed security vulnerabilities)"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 261410] www/firefox: Update to 96.0.3 (unfixed security vulnerabilities)"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 261410] www/firefox: Update to 96.0.3 (unfixed security vulnerabilities)"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 261410] www/firefox: Update to 96.0.3 (unfixed security vulnerabilities)"
- Reply: bugzilla-noreply_a_freebsd.org: "[Bug 261410] www/firefox: Update to 96.0.3 (unfixed security vulnerabilities)"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sun, 23 Jan 2022 06:28:41 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=261410
Bug ID: 261410
Summary: www/firefox: unfixed security vulnerabilities
Product: Ports & Packages
Version: Latest
Hardware: Any
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: Individual Port(s)
Assignee: gecko@FreeBSD.org
Reporter: shoesoft@gmx.net
Flags: maintainer-feedback?(gecko@FreeBSD.org)
Assignee: gecko@FreeBSD.org
The current port version 95.0.2 has several security vulnerabilities which are
fixed in firefox 96:
<https://www.mozilla.org/en-US/security/advisories/mfsa2022-01/>
The following are classified as high impact:
* CVE-2022-22746
* CVE-2022-22743
* CVE-2022-22741
* CVE-2022-22740
* CVE-2022-22738
* CVE-2022-22737
* CVE-2021-4140
* CVE-2022-22751
There are also no entries in security/vuxml.
Is anyone working on the upgrade to 96.0.2?
Unfortunately, the update is not trivial. Some larger patches no longer apply.
--
You are receiving this mail because:
You are the assignee for the bug.