[Bug 281960] security/vuxml: possibly wrong entry for mail/thunderbird

From: <bugzilla-noreply_at_freebsd.org>
Date: Wed, 09 Oct 2024 14:51:52 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=281960

            Bug ID: 281960
           Summary: security/vuxml: possibly wrong entry for
                    mail/thunderbird
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: Individual Port(s)
          Assignee: ports-bugs@FreeBSD.org
          Reporter: jcfyecrayz@liamekaens.com
                CC: gecko@FreeBSD.org, ports-secteam@FreeBSD.org
                CC: gecko@FreeBSD.org, ports-secteam@FreeBSD.org

In ports 86d1aa3caa24c97cdc63962d13fef16be12c84b7, an entry to VuXML was added
for www/firefox, www/firefox-esr, and mail/thunderbird.  It looks like the
mail/thunderbird entry has a typo (copy/paste from the firefox-esr entry
perhaps) where the version specifier "< 128.3.0,1" probably should be "<
128.3.0" without the ,1 port epoch.  mail/thunderbird has never had PORTEPOCH
set.

The most recent advisories (https://www.mozilla.org/en-US/security/advisories/)
indicate that thunderbird 128.3 is fixed for the vulnerabilities mentioned in
the VuXML entry.

-- 
You are receiving this mail because:
You are on the CC list for the bug.