Bug 247716 - security/vuxml: Add multiple firefox-esr vulnerabilities
Summary: security/vuxml: Add multiple firefox-esr vulnerabilities
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Many People
Assignee: Ports Security Team
Keywords: buildisok
Depends on:
Reported: 2020-07-02 12:51 UTC by rob2g2
Modified: 2020-07-24 08:56 UTC (History)
5 users (show)

See Also:
bugzilla: maintainer-feedback? (ports-secteam)
koobs: maintainer-feedback? (gecko)

vuxml patch to include firefox-esr vulnerabilities (950 bytes, patch)
2020-07-02 12:51 UTC, rob2g2
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description rob2g2 2020-07-02 12:51:14 UTC
Created attachment 216138 [details]
vuxml patch to include firefox-esr vulnerabilities

inform users about CVE-2020-12417 CVE-2020-12418 CVE-2020-12419 CVE-2020-12420 CVE-2020-12421
Comment 1 Kubilay Kocak freebsd_committer freebsd_triage 2020-07-03 02:09:14 UTC
If there are issues related to addressing these security vulnerabilities, please include them in this issues "Depends On" field. If they don't exist, please create them for anny/all affected port origins
Comment 2 Automation User 2020-07-18 00:08:58 UTC
Build info is available at https://gitlab.com/swills/freebsd-ports/pipelines/168031133
Comment 3 Jochen Neumeister freebsd_committer 2020-07-24 08:56:56 UTC
Firefox-esr already has version 68.11.0 in the ports.
Since gecko (jbeich) doesn't make vuxml entries anymore, I close here.