Firefox Vulnerabilities
Dutch Ingraham
stoa at gmx.us
Sat Aug 8 23:03:27 UTC 2015
On Sat, Aug 08, 2015 at 10:31:40PM +0000, Christian Weisgerber wrote:
> On 2015-08-08, Dutch Ingraham <stoa at gmx.us> wrote:
>
> > As everyone knows, there was a vulnerability announced a few days ago
> > related to the pdf viewer in Firefox.[1]
> >
> > Can someone comment on the status of [1] in the current "stable"
> > Freebsd version of Firefox, 40.0,1? Thanks.
>
> The version of Firefox committed in r393690 (40.0-candidates/build4)
> is not vulnerable.
>
> Presumably this was the reason a pre-release version of Firefox 40
> was committed in the first place.
>
> You can verify it yourself. Go and diff 39.0 and 39.0.3, then check
> that the relevant change is already in 40.0/build4.
>
> --
> Christian "naddy" Weisgerber naddy at mips.inka.de
Thanks, naddy - I was looking through the svn logs, but couldn't seem
to find the diff.
Just for learning purposes, can you (or anyone else) comment on why
there was a beta committed when the stable 39.0.3 seems fine? (As far as
I can tell, this beta version was committed to the tree after 39.03 was
available.)
Thanks again.
More information about the freebsd-questions
mailing list