CVS commit: pkgsrc/www/firefox140

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/www/firefox140
From: "David H. Gutteridge" <gutteridge%netbsd.org@localhost>
Date: Thu, 21 May 2026 15:34:06 +0000

Module Name:    pkgsrc
Committed By:   gutteridge
Date:           Thu May 21 15:34:06 UTC 2026

Modified Files:
        pkgsrc/www/firefox140: Makefile distinfo
Removed Files:
        pkgsrc/www/firefox140/patches:
            patch-media_ffvpx_libavcodec_parser__list.c

Log Message:
firefox140: update to 140.11

Mozilla Foundation Security Advisory 2026-48
Security Vulnerabilities fixed in Firefox ESR 140.11

Announced
    May 19, 2026
Impact
    high
Products
    Firefox ESR
Fixed in

        Firefox ESR 140.11

#CVE-2026-8946: Incorrect boundary conditions in the Audio/Video: Web Codecs component

Reporter
    zx
Impact
    high

References

    Bug 2029070

#CVE-2026-8388: Incorrect boundary conditions in the JavaScript Engine: JIT component

Reporter
    ggwhyp
Impact
    high

References

    Bug 2036978

#CVE-2026-8947: Use-after-free in the DOM: Bindings (WebIDL) component

Reporter
    Satoki Tsuji
Impact
    high

References

    Bug 2038439

#CVE-2026-8391: Other issue in the JavaScript Engine component

Reporter
    ggwhyp
Impact
    high

References

    Bug 2038575

#CVE-2026-8401: Sandbox escape in the Profile Backup component

Reporter
    ggwhyp
Impact
    high

References

    Bug 2038679

#CVE-2026-8949: Integer overflow in the Widget: Win32 component

Reporter
    q1
Impact
    moderate

References

    Bug 1355639

#CVE-2026-8950: Same-origin policy bypass in the Networking: HTTP component

Reporter
    Jakub Szymsza
Impact
    moderate

References

    Bug 1965430

#CVE-2026-8953: Sandbox escape due to use-after-free in the Disability Access APIs component

Reporter
    stevej
Impact
    moderate

References

    Bug 2029511

#CVE-2026-8954: Incorrect boundary conditions, integer overflow in the Audio/Video component

Reporter
    Ameen Basha M K
Impact
    moderate

References

    Bug 2030747

#CVE-2026-8955: Privilege escalation in the DOM: Workers component

Reporter
    lebr0nli
Impact
    moderate

References

    Bug 2031064

#CVE-2026-8956: Integer overflow in the Networking: JAR component

Reporter
    Yaqoub Aldurayhim
Impact
    moderate

References

    Bug 2032427

#CVE-2026-8957: Privilege escalation in the Enterprise Policies component

Reporter
    Mateusz Dobrzyński
Impact
    moderate

References

    Bug 2033850

#CVE-2026-8958: Information disclosure, sandbox escape in the Security: Process Sandboxing component

Reporter
    Yaqoub Aldurayhim
Impact
    moderate

References

    Bug 2034713

#CVE-2026-8959: Sandbox escape due to incorrect boundary conditions in the Widget: Win32 component

Reporter
    Ameen Basha M K
Impact
    moderate

References

    Bug 2034754

#CVE-2026-8961: Spoofing issue in the Form Autofill component

Reporter
    Hafiizh
Impact
    low

References

    Bug 1962625

#CVE-2026-8962: Mitigation bypass in the DOM: Security component

Reporter
    Manojkumar Jaganathan
Impact
    low

References

    Bug 2004804

#CVE-2026-8968: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component

Reporter
    Tristan Madani
Impact
    low

References

    Bug 2030467

#CVE-2026-8970: Privilege escalation in the Security component

Reporter
    pakhunov.anton.n
Impact
    low

References

    Bug 2032174

#CVE-2026-8974: Memory safety bugs fixed in Firefox ESR 140.11 and Firefox 151

Reporter
    Nika Layzell, Randell Jesup, Timothy Nikkel, Tom Schuster and the Mozilla Fuzzing Team
Impact
    moderate

Description

Memory safety bugs present in Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been 
exploited to run arbitrary code.
References

    Memory safety bugs fixed in Firefox ESR 140.11 and Firefox 151

#CVE-2026-8975: Memory safety bugs fixed in Firefox ESR 115.36, Firefox ESR 140.11 and Firefox 151

Reporter
    Andrew McCreight, Valentin Gosu, Nika Layzell, Tom Schuster and the Mozilla Fuzzing Team
Impact
    high

Description

Memory safety bugs present in Firefox ESR 115.35, Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these 
could have been exploited to run arbitrary code.
References

    Memory safety bugs fixed in Firefox ESR 115.36, Firefox ESR 140.11 and Firefox 151


To generate a diff of this commit:
cvs rdiff -u -r1.16 -r1.17 pkgsrc/www/firefox140/Makefile \
    pkgsrc/www/firefox140/distinfo
cvs rdiff -u -r1.3 -r0 \
    pkgsrc/www/firefox140/patches/patch-media_ffvpx_libavcodec_parser__list.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/www/firefox140/Makefile
diff -u pkgsrc/www/firefox140/Makefile:1.16 pkgsrc/www/firefox140/Makefile:1.17
--- pkgsrc/www/firefox140/Makefile:1.16 Thu May  7 20:25:32 2026
+++ pkgsrc/www/firefox140/Makefile      Thu May 21 15:34:05 2026
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.16 2026/05/07 20:25:32 gutteridge Exp $
+# $NetBSD: Makefile,v 1.17 2026/05/21 15:34:05 gutteridge Exp $
 
 FIREFOX_VER=           ${MOZ_BRANCH}${MOZ_BRANCH_MINOR}
-MOZ_BRANCH=            140.10
-MOZ_BRANCH_MINOR=      .2esr
+MOZ_BRANCH=            140.11
+MOZ_BRANCH_MINOR=      .0esr
 
 DISTNAME=      firefox-${FIREFOX_VER}.source
 PKGNAME=       ${DISTNAME:S/.source//:S/b/beta/:S/esr//:S/firefox-/firefox140-/}
Index: pkgsrc/www/firefox140/distinfo
diff -u pkgsrc/www/firefox140/distinfo:1.16 pkgsrc/www/firefox140/distinfo:1.17
--- pkgsrc/www/firefox140/distinfo:1.16 Thu May  7 20:25:32 2026
+++ pkgsrc/www/firefox140/distinfo      Thu May 21 15:34:06 2026
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.16 2026/05/07 20:25:32 gutteridge Exp $
+$NetBSD: distinfo,v 1.17 2026/05/21 15:34:06 gutteridge Exp $
 
-BLAKE2s (firefox-140.10.2esr.source.tar.xz) = e8ccac19f20030271519ca34b325ee152f6f53f8343bea5b4c1cf1359a63aa4c
-SHA512 (firefox-140.10.2esr.source.tar.xz) = bda7d5e6d59a2ad310e3f3e6e8ec05c78222edce266671d5d454dfa3e8f0086add3b9c0099db907cb62b2587ed47026ba7b3aa4f0406693d142d8d91b818d551
-Size (firefox-140.10.2esr.source.tar.xz) = 638783848 bytes
+BLAKE2s (firefox-140.11.0esr.source.tar.xz) = 567b3ce95be1e3809dbd1d4e36a9b4fed544bd4b8e3bf24fff238daf0743bfaf
+SHA512 (firefox-140.11.0esr.source.tar.xz) = d06adb3ef4de1324e3d61872d70de31ab08ac013f33903549bed28c6ebcc5b4dee94bb36388282c1935d77d1a564079f3adbf08d6bb80284a899cbb3d861300c
+Size (firefox-140.11.0esr.source.tar.xz) = 637083992 bytes
 BLAKE2s (nodejs-output-140.0.4.tgz) = 7ebb5993c8c9d7d5492afdb9fa7fef74fec7753fb0b14673817f24faf4a7fca4
 SHA512 (nodejs-output-140.0.4.tgz) = e421b0b6be8b5b8dfda705eefcf4573a1270df9012dca5eac9ba0ac2af2bcc47dd66b1057106f8c2336a10bdcc39b9f852041dd33da9e7a8929d981dbb4e1fb4
 Size (nodejs-output-140.0.4.tgz) = 245385 bytes
@@ -26,7 +26,6 @@ SHA1 (patch-js_public_Utility.h) = bb546
 SHA1 (patch-js_src_jit_FlushICache.cpp) = f5d1fcb391c36a29fb71a78dbf731ee6a1cb17b6
 SHA1 (patch-js_src_util_NativeStack.cpp) = a0a16d8d8d78d3cc3f4d2a508586f1a7821f7dba
 SHA1 (patch-js_src_vm_TypedArrayObject-inl.h) = e7913c8d4b2b05b67040baa64dae62d6ba40390e
-SHA1 (patch-media_ffvpx_libavcodec_parser__list.c) = 3965eb52df3e0821807ddf258c1209a2dd636104
 SHA1 (patch-media_ffvpx_libavutil_arm_bswap.h) = ae89120862442275d6b14446c5a63b0ef570124f
 SHA1 (patch-media_libpng_pngpriv.h) = 8320a1f7534ed5c4914b597bb3d6117d0060318f
 SHA1 (patch-modules_fdlibm_src_math__private.h) = e20b6c23011d7123cbbd64a500eb8ce8c426620e

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index