Hello ports@, landry@ First off, I wanna apologize if you, Landry have already been panicking about this. But, if you weren't aware, FF has an actively attacked RCE vuln right now, and the port in our ports tree hasn't been updated.
https://thehackernews.com/2024/10/mozilla-warns-of-active-exploitation-in.html https://nvd.nist.gov/vuln/detail/CVE-2024-9680 If/when this port is updated to the point-release patch, will -STABLE get this too, considering the severity of this sort of vuln? or do we just leave the -STABLE tree to rest? Its not a feature update so I don't see why not updating to a security patch would help anyone on -STABLE. Thanks. Peace- -- iz (they/them) > i like to say mundane things, > there are too many uninteresting things > that go unnoticed. izder456 (dot) neocities (dot) org
