Ubuntu
firefox package

firefox package vulnerable

Bug #1861003 reported by John Darrah
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
firefox (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

The firefox package has been vulnerable for one week with no update.

https://www.mozilla.org/en-US/firefox/72.0.2/releasenotes/

Does the firefox packaging team need to be reassessed?

ProblemType: Bug
DistroRelease: Ubuntu 19.10
Package: firefox 72.0.1+build1-0ubuntu0.19.10.1
ProcVersionSignature: Ubuntu 5.3.0-26.28-generic 5.3.13
Uname: Linux 5.3.0-26-generic x86_64
ApportVersion: 2.20.11-0ubuntu8.2
Architecture: amd64
BuildID: 20200107212822
Date: Mon Jan 27 11:55:52 2020
ProcEnviron:
 TERM=xterm
 PATH=(custom, no user)
 XDG_RUNTIME_DIR=<set>
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: firefox
UpgradeStatus: No upgrade log present (probably fresh install)

Revision history for this message
John Darrah (xasthurii) wrote :
Revision history for this message
Chris Coulson (chrisccoulson) wrote :

Hi,

There were no advisories published for the 72.0.2 release. It's a bug fix release.

information type: Private Security → Public
Revision history for this message
Olivier Tilloy (osomon) wrote :

Note that firefox 72.0.2 is available in focal-proposed. It hasn't migrated to the release pocket yet because of other components. As explained by Chris, the normal process of backporting to all supported releases via the security pocket isn't applicable here, given this update doesn't fix any security issues.

Changed in firefox (Ubuntu):
status: New → Incomplete
status: Incomplete → Fix Committed
Revision history for this message
Olivier Tilloy (osomon) wrote :

Nevermind my last comment, 72.0.2 was published to {xenial,bionic,eoan}-{updates,security}.

Olivier Tilloy (osomon)
Changed in firefox (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.