On Fri, Nov 23, 2018 at 01:57:28PM +0100, Antoine Jacoutot wrote:
> On Fri, Nov 23, 2018 at 01:47:24PM +0100, Landry Breuil wrote:
> > On Fri, Nov 23, 2018 at 04:37:10PM +0500, Артур Истомин wrote:
> > > Good day!
> > >
> > > Firefox ESR version in ports 60.2.2, but latest version ESR is 60.3 released on october
> > > 23, where has been fixed at least 2 critical and 3 high security vulnerabilities
> > > (see https://www.mozilla.org/en-US/security/advisories/mfsa2018-27/)
> > >
> > > To update firefox to latest non-vuln version should i update OpenBSD and ports to
> > > 6.4?
> >
> > https://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/www/firefox-esr/distinfo?only_with_tag=OPENBSD_6_4
>
> That is 6.4 :-)
Yes, and the policy in
https://www.openbsd.org/faq/ports/ports.html#PortsSecurity states that's
"the -stable ports tree only gets security backports for the latest
release." - thus 6.3 is EOL portswise.
Landry
No comments:
Post a Comment