Firefox Vulnerabilities
Dutch Ingraham
stoa at gmx.us
Sat Aug 8 20:47:01 UTC 2015
Hi all:
I'm currently running amd64 version 10.1-RELEASE-p16. I update my
ports tree through svn. Yesterday, I updated the tree and subsequently
upgraded Firefox:
$ pkg info firefox
firefox-40.0,1
Name : firefox
Version : 40.0,1
Installed on : Fri Aug 7 08:08:07 CDT 2015
[snip]
As everyone knows, there was a vulnerability announced a few days ago
related to the pdf viewer in Firefox.[1] This was fixed in the latest
stable version, which is apparently 39.0.3.[2] Version 40.*, which
started life prior to the date of the vulnerability, remains in beta.[3]
I can't seem to find where this vulnerability [1] was fixed in the beta
version in the ports tree.[4] I don't see any comments in
/usr/ports/UPDATING nor in /usr/ports/CHANGES related to this issue.
Can someone comment on the status of [1] in the current "stable"
Freebsd version of Firefox, 40.0,1? Thanks.
[1] https://www.mozilla.org/en-US/security/advisories/mfsa2015-78/
[2] https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/
[3] https://www.mozilla.org/en-US/firefox/40.0beta/releasenotes/
[4] https://bugzilla.mozilla.org/buglist.cgi?j_top=OR&f1=target_milestone&\
o3=equals&v3=Firefox%2040&o1=equals&resolution=FIXED&o2=anyexact&query_\
format=advanced&f3=target_milestone&f2=cf_status_firefox40&bug_status=\
RESOLVED&bug_status=VERIFIED&bug_status=CLOSED&v1=mozilla40&v2=fixed%\
2Cverified&limit=0
More information about the freebsd-questions
mailing list