Package firefox: Information

    Source package: firefox
    Version: 125.0.3-alt1
    Latest version according to Repology
    Build time:  May 3, 2024, 01:25 PM in the task #347212
    Category: Networking/WWW
    Report package bug
    Gear: https://git.altlinux.org/gears/f/firefox.git?a=tree;hb=9f205c5a3…
    Home page: https://www.mozilla.org/firefox/
    License: MPL-2.0
    Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
    Description: 
    Mozilla Firefox is an open-source web browser, designed
for standards compliance, performance and portability.
    List of rpms provided by this srpm:
    firefox (x86_64, aarch64)
    firefox-config-privacy (noarch)
    firefox-debuginfo (x86_64, aarch64)
    Maintainer: Ajrat Makhmutov
    List of contributors:
    Ajrat Makhmutov
    Alexey Gladkov
    Sergey Bolshakov
    Gleb Fotengauer-Malinovskiy
    Ivan Zakharyaschev
    Konstantin Lepikhov
    ACL:
    Alexey Gladkov
    Sergey Bolshakov
    Gleb Fotengauer-Malinovskiy
    Ajrat Makhmutov
    Egor Ignatov
      1. /dev/shm
      2. /proc
      3. alternatives
      4. browser-plugins-npapi-devel
      5. chrpath
      6. clang17.0
      7. clang17.0-devel
      8. python3(click)
      9. python3(curses)
      10. python3(hamcrest)
      11. python3(pip)
      12. glibc-kernheaders-generic
      13. gst-plugins1.0-devel
      14. gstreamer1.0-devel
      15. python3(setuptools)
      16. libnss-devel-static
      17. python3(sqlite3)
      18. python3-base
      19. libshell
      20. libstdc++-devel
      21. rpm-build-firefox
      22. rpm-macros-alternatives
      23. rust >= 1.65.0
      24. rust-cargo >= 1.65.0
      25. unzip
      26. xorg-cf-files
      27. yasm
      28. zip
      29. libwireless-devel
      30. lld17.0-devel
      31. llvm17.0-devel
      32. mozilla-common-devel
      33. nasm
      34. node
      35. pkgconfig(alsa)
      36. pkgconfig(aom)
      37. pkgconfig(bzip2)
      38. pkgconfig(cairo)
      39. pkgconfig(dav1d)
      40. pkgconfig(dbus-1)
      41. pkgconfig(dbus-glib-1)
      42. pkgconfig(dri)
      43. pkgconfig(fontconfig)
      44. pkgconfig(freetype2)
      45. pkgconfig(gio-2.0)
      46. pkgconfig(graphite2)
      47. pkgconfig(gtk+-3.0)
      48. pkgconfig(harfbuzz)
      49. pkgconfig(hunspell)
      50. pkgconfig(icu-i18n)
      51. pkgconfig(libcurl)
      52. pkgconfig(libdrm)
      53. pkgconfig(libevent)
      54. pkgconfig(libffi)
      55. pkgconfig(libjpeg)
      56. pkgconfig(libnotify)
      57. pkgconfig(libproxy-1.0)
      58. pkgconfig(libpulse)
      59. pkgconfig(libstartup-notification-1.0)
      60. pkgconfig(nspr) >= 4.35
      61. pkgconfig(nss) >= 3.98
      62. pkgconfig(opus)
      63. pkgconfig(pixman-1)
      64. pkgconfig(vpx)
      65. pkgconfig(x11)
      66. pkgconfig(xcomposite)
      67. pkgconfig(xcursor)
      68. pkgconfig(xdamage)
      69. pkgconfig(xext)
      70. pkgconfig(xft)
      71. pkgconfig(xi)
      72. pkgconfig(xkbcommon)
      73. pkgconfig(xrandr)
      74. pkgconfig(xscrnsaver)
      75. pkgconfig(xt)
      76. pkgconfig(xtst)
      77. pkgconfig(zlib)

    Last changed

    April 30, 2024 Ajrat Makhmutov 125.0.3-alt1
    - New version (125.0.3).
    April 23, 2024 Ajrat Makhmutov 125.0.2-alt1
    - New version (125.0.2).
    April 17, 2024 Ajrat Makhmutov 125.0.1-alt1
    - New version (125.0.1).
- Update description (closes: 49990).
- Enable VAAPI.
- Security fixes:
  + CVE-2024-3852: GetBoundName in the JIT returned the wrong object
  + CVE-2024-3853: Use-after-free if garbage collection runs during realm initialization
  + CVE-2024-3854: Out-of-bounds-read after mis-optimized switch statement
  + CVE-2024-3855: Incorrect JIT optimization of MSubstr leads to out-of-bounds reads
  + CVE-2024-3856: Use-after-free in WASM garbage collection
  + CVE-2024-3857: Incorrect JITting of arguments led to use-after-free during garbage collection
  + CVE-2024-3858: Corrupt pointer dereference in js::CheckTracedThing<js::Shape>
  + CVE-2024-3859: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer
  + CVE-2024-3860: Crash when tracing empty shape lists
  + CVE-2024-3861: Potential use-after-free due to AlignedBuffer self-move
  + CVE-2024-3862: Potential use of uninitialized memory in MarkStack assignment operator on self-assignment
  + CVE-2024-3863: Download Protections were bypassed by .xrm-ms files on Windows
  + CVE-2024-3302: Denial of Service using HTTP/2 CONTINUATION frames
  + CVE-2024-3864: Memory safety bug fixed in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10
  + CVE-2024-3865: Memory safety bugs fixed in Firefox 125
    VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
    Version: v24.5.0
    Back to top