search

chocolatey-community / chocolatey-packages

Chocolatey Community Maintainers Team Packages - packages that are managed and maintained by core community team for community package repository (https://community.chocolatey.org/packages)
https://community.chocolatey.org/profiles/chocolatey-community
Apache License 2.0
446 stars 381 forks source link

(firefox) Outdated - AU not working anymore #2530

Closed Geo-Ron closed 1 month ago

Geo-Ron commented 2 months ago

Checklist

Please navigate to the following link to view the moderation queue.

New Software Version

130.0

Download location

https://download.mozilla.org/?product=firefox-130.0-ssl&os=win&locale

Package Page

https://community.chocolatey.org/packages/Firefox

Geo-Ron commented 2 months ago

Exploitable Vulnerabilities exist in version < 130

CVEs Exploitable Info:

Mozilla Security Advisory: https://www.mozilla.org/en-US/security/advisories/mfsa2024-39/

pauby commented 2 months ago

What is it you're asking to be done?

yan12125 commented 2 months ago

What is it you're asking to be done?

Most likely the au script for Firefox needs a fix: https://gist.github.com/choco-bot/a14b1e5bfaf70839b338eb1ab7f8226f/a6e3f26d8e8af3f4788aff0b124d4db850786830#firefox. After fixing that script, it's likely that the Firefox package in Chocolatey community will be updated to 130 with vulnerabilities fixed.

pauby commented 2 months ago

As this is a community repository, there is no one person to fix, enhance or manage anything. PR's are welcome.

Geo-Ron commented 2 months ago

As this is a community repository, there is no one person to fix, enhance or manage anything. PR's are welcome.

Accepted!

Geo-Ron commented 2 months ago

I believe my part is done.

Geo-Ron commented 1 month ago

Anything I need to do to get things started?