[Bug 283357] security/vuxml: update entry for mail/thunderbird

Reply: bugzilla-noreply_a_freebsd.org: "[Bug 283357] security/vuxml: update entry for mail/thunderbird"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 283357] security/vuxml: update entry for mail/thunderbird"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 283357] security/vuxml: update entry for mail/thunderbird"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Mon, 16 Dec 2024 00:49:24 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=283357

            Bug ID: 283357
           Summary: security/vuxml: update entry for mail/thunderbird
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: Individual Port(s)
          Assignee: ports-bugs@FreeBSD.org
          Reporter: jcfyecrayz@liamekaens.com
                CC: gecko@FreeBSD.org, ports-secteam@FreeBSD.org
                CC: gecko@FreeBSD.org, ports-secteam@FreeBSD.org

In ports eb66f4658087fd0fe83d8f5c30fa084f95c58c2b, an entry to VuXML was added
for www/firefox, www/firefox-esr, and mail/thunderbird (vuxml update committed
Dec 10).

The CVEs documented in that commit were fixed for thunderbird 128.5.0 (note
that the current mail/thunderbird port is 128.5.1 as of Dec 10).

I believe the mail/thunderbird vuxml entry should be changed from '< 133' to '<
128.5'.

Here are the relevant mozilla security advisory references (dated Nov 26):
https://www.mozilla.org/en-US/security/advisories/mfsa2024-67/
https://www.mozilla.org/en-US/security/advisories/mfsa2024-68/

-- 
You are receiving this mail because:
You are the assignee for the bug.