Hello ports@, landry@
First off, I wanna apologize if you, Landry have already been panicking
about this. But, if you weren't aware, FF has an actively attacked RCE
vuln right now, and the port in our ports tree hasn't been updated.
https://thehackernews.com/2024/10/mozilla-warns-of-active-exploitation-in.html
https://nvd.nist.gov/vuln/detail/CVE-2024-9680
If/when this port is updated to the point-release patch, will -STABLE
get this too, considering the severity of this sort of vuln? or do we
just leave the -STABLE tree to rest? Its not a feature update so I
don't see why not updating to a security patch would help anyone on
-STABLE.
Thanks.
Peace-
--
iz (they/them)
> i like to say mundane things,
> there are too many uninteresting things
> that go unnoticed.
izder456 (dot) neocities (dot) org
No comments:
Post a Comment