Package firefox: Information
Default inline alert: Version in the repository: 126.0.1-alt1
Source package: firefox
Version: 112.0-alt1
Build time: Apr 15, 2023, 03:08 PM in the task #318409
Category: Networking/WWW
Report package bugHome page: https://www.mozilla.org/firefox/
License: MPL-2.0
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Description:
The Mozilla Firefox project is a redesign of Mozilla's browser component, written using the XUL user interface language and designed to be cross-platform.
List of rpms provided by this srpm:
firefox (x86_64, armh, aarch64)
firefox-config-privacy (noarch)
firefox-debuginfo (x86_64, armh, aarch64)
firefox (x86_64, armh, aarch64)
firefox-config-privacy (noarch)
firefox-debuginfo (x86_64, armh, aarch64)
Maintainer: Alexey Gladkov
List of contributors:
Alexey Gladkov
Sergey Bolshakov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
Konstantin Lepikhov
Alexey Gladkov
Sergey Bolshakov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
Konstantin Lepikhov
Last changed
April 12, 2023 Alexey Gladkov 112.0-alt1
- New release (112.0). - Security fixes: + CVE-2023-29531: Out-of-bound memory access in WebGL on macOS + CVE-2023-29532: Mozilla Maintenance Service Write-lock bypass + CVE-2023-29533: Fullscreen notification obscured + CVE-2023-29534: Fullscreen notification could have been obscured on Firefox for Android + MFSA-TMP-2023-0001: Double-free in libwebp + CVE-2023-29535: Potential Memory Corruption following Garbage Collector compaction + CVE-2023-29536: Invalid free from JavaScript code + CVE-2023-29537: Data Races in font initialization code + CVE-2023-29538: Directory information could have been leaked to WebExtensions + CVE-2023-29539: Content-Disposition filename truncation leads to Reflected File Download + CVE-2023-29540: Iframe sandbox bypass using redirects and sourceMappingUrls + CVE-2023-29541: Files with malicious extensions could have been downloaded unsafely on Linux + CVE-2023-29542: Bypass of file download extension restrictions + CVE-2023-29543: Use-after-free in debugging APIs + CVE-2023-29544: Memory Corruption in garbage collector + CVE-2023-29545: Windows Save As dialog resolved environment variables + CVE-2023-29546: Screen recording in Private Browsing included address bar on Android + CVE-2023-29547: Secure document cookie could be spoofed with insecure cookie + CVE-2023-29548: Incorrect optimization result on ARM64 + CVE-2023-29549: Javascript's bind function may have failed + CVE-2023-29550: Memory safety bugs fixed in Firefox 112 and Firefox ESR 102.10 + CVE-2023-29551: Memory safety bugs fixed in Firefox 112
March 14, 2023 Alexey Gladkov 111.0-alt1
- New release (111.0). - Exclude arch i586. - Security fixes: + CVE-2023-28159: Fullscreen Notification could have been hidden by download popups on Android + CVE-2023-25748: Fullscreen Notification could have been hidden by window prompts on Android + CVE-2023-25749: Firefox for Android may have opened third-party apps without a prompt + CVE-2023-25750: Potential ServiceWorker cache leak during private browsing mode + CVE-2023-25751: Incorrect code generation during JIT compilation + CVE-2023-28160: Redirect to Web Extension files may have leaked local path + CVE-2023-28164: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation + CVE-2023-28161: One-time permissions granted to a local file were extended to other local files loaded in the same tab + CVE-2023-28162: Invalid downcast in Worklets + CVE-2023-25752: Potential out-of-bounds when accessing throttled streams + CVE-2023-28163: Windows Save As dialog resolved environment variables + CVE-2023-28176: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9 + CVE-2023-28177: Memory safety bugs fixed in Firefox 111
March 3, 2023 Alexey Gladkov 110.0.1-alt1
- New release (110.0.1).