[Bug 273766] www/firefox < 117.0 and mail/thunderbird < 102.15.0 have critical security vuln

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Wed, 13 Sep 2023 19:32:02 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=273766

            Bug ID: 273766
           Summary: www/firefox < 117.0 and mail/thunderbird < 102.15.0
                    have critical security vuln
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Many People
          Priority: ---
         Component: Individual Port(s)
          Assignee: gecko@FreeBSD.org
          Reporter: pete@nomadlogic.org
          Assignee: gecko@FreeBSD.org
             Flags: maintainer-feedback?(gecko@FreeBSD.org)

This was reported today:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-40/

"Opening a malicious WebP image could lead to a heap buffer overflow in the
content process. We are aware of this issue being exploited in other products
in the wild."

-- 
You are receiving this mail because:
You are the assignee for the bug.