Firefox Vulnerabilities

Dutch Ingraham stoa at
Sat Aug 8 23:03:27 UTC 2015

On Sat, Aug 08, 2015 at 10:31:40PM +0000, Christian Weisgerber wrote:
> On 2015-08-08, Dutch Ingraham <stoa at> wrote:
> > As everyone knows, there was a vulnerability announced a few days ago 
> > related to the pdf viewer in Firefox.[1]
> >
> > Can someone comment on the status of [1] in the current "stable" 
> > Freebsd version of Firefox, 40.0,1?  Thanks.
> The version of Firefox committed in r393690 (40.0-candidates/build4)
> is not vulnerable.
> Presumably this was the reason a pre-release version of Firefox 40
> was committed in the first place.
> You can verify it yourself.  Go and diff 39.0 and 39.0.3, then check
> that the relevant change is already in 40.0/build4.
> -- 
> Christian "naddy" Weisgerber                          naddy at

Thanks, naddy - I was looking through the svn logs, but couldn't seem 
to find the diff.

Just for learning purposes, can you (or anyone else) comment on why 
there was a beta committed when the stable 39.0.3 seems fine? (As far as 
I can tell, this beta version was committed to the tree after 39.03 was 

Thanks again.

More information about the freebsd-questions mailing list