firefox-esr in /community vulnerable to 12 CVEs (6 critical, 4 high, 2 moderate)
The current firefox-esr binary distributed by Alpine is highly insecure.
Summary of security vulnerabilities: 6 critical, 5 high, 2 moderate.
https://www.mozilla.org/en-US/security/advisories/mfsa2019-08/
https://www.mozilla.org/en-US/security/advisories/mfsa2019-10/
Food for thought: how can Alpine react faster to security vulnerabilities and keep users safe?
(from redmine: issue id 10150, created on 2019-03-23, closed on 2019-04-08)
- Changesets:
- Revision 5f447859 on 2019-03-25T10:49:35Z:
community/firefox-esr: upgrade to 60.6.1
See:
* https://www.mozilla.org/en-US/security/advisories/mfsa2019-08/
* https://www.mozilla.org/en-US/security/advisories/mfsa2019-10/
fixes #10150
(cherry picked from commit 985780d336a595bbba269e8d1c32715d70dbee68)