https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=261410
Bug ID: 261410
Summary: www/firefox: unfixed security vulnerabilities
Product: Ports & Packages
Version: Latest
Hardware: Any
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: Individual Port(s)
Assignee: [email protected]
Reporter: [email protected]
Flags: maintainer-feedback?([email protected])
Assignee: [email protected]
The current port version 95.0.2 has several security vulnerabilities which are
fixed in firefox 96:
<https://www.mozilla.org/en-US/security/advisories/mfsa2022-01/>
The following are classified as high impact:
* CVE-2022-22746
* CVE-2022-22743
* CVE-2022-22741
* CVE-2022-22740
* CVE-2022-22738
* CVE-2022-22737
* CVE-2021-4140
* CVE-2022-22751
There are also no entries in security/vuxml.
Is anyone working on the upgrade to 96.0.2?
Unfortunately, the update is not trivial. Some larger patches no longer apply.
--
You are receiving this mail because:
You are the assignee for the bug.
