Пакет firefox: Информация
Default inline alert: Версия в репозитории: 126.0.1-alt1
Исходный пакет: firefox
Версия: 121.0-alt1
Собран: 21 декабря 2023 г. 4:59 в задании #336902
Категория: Сети/WWW
Сообщить об ошибке в пакетеДомашняя страница: https://www.mozilla.org/firefox/
Лицензия: MPL-2.0
О пакете: The Mozilla Firefox project is a redesign of Mozilla's browser
Описание:
The Mozilla Firefox project is a redesign of Mozilla's browser component, written using the XUL user interface language and designed to be cross-platform.
Список rpm-пакетов, предоставляемых данным srpm-пакетом:
firefox (x86_64, armh, aarch64)
firefox-config-privacy (noarch)
firefox-debuginfo (x86_64, armh, aarch64)
firefox (x86_64, armh, aarch64)
firefox-config-privacy (noarch)
firefox-debuginfo (x86_64, armh, aarch64)
Сопровождающий: Alexey Gladkov
Список участников:
Alexey Gladkov
Sergey Bolshakov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
Konstantin Lepikhov
Alexey Gladkov
Sergey Bolshakov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
Konstantin Lepikhov
Последнее изменение
20 декабря 2023 г. Alexey Gladkov 121.0-alt1
- New release (121.0). - Security fixes: + CVE-2023-6856: Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with Mesa VM driver + CVE-2023-6135: NSS susceptible to "Minerva" attack + CVE-2023-6865: Potential exposure of uninitialized data in EncryptingOutputStream + CVE-2023-6857: Symlinks may resolve to smaller than expected buffers + CVE-2023-6858: Heap buffer overflow in nsTextFragment + CVE-2023-6859: Use-after-free in PR_GetIdentitiesLayer + CVE-2023-6866: TypedArrays lack sufficient exception handling + CVE-2023-6860: Potential sandbox escape due to VideoBridge lack of texture validation + CVE-2023-6867: Clickjacking permission prompts using the popup transition + CVE-2023-6861: Heap buffer overflow affected nsWindow::PickerOpen(void) in headless mode + CVE-2023-6868: WebPush requests on Firefox for Android did not require VAPID key + CVE-2023-6869: Content can paint outside of sandboxed iframe + CVE-2023-6870: Android Toast notifications may obscure fullscreen event notifications + CVE-2023-6871: Lack of protocol handler warning in some instances + CVE-2023-6872: Browsing history leaked to syslogs via GNOME + CVE-2023-6863: Undefined behavior in ShutdownObserver() + CVE-2023-6864: Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6 + CVE-2023-6873: Memory safety bugs fixed in Firefox 121
1 декабря 2023 г. Alexey Gladkov 120.0.1-alt1
- New release (120.0.1).
21 ноября 2023 г. Alexey Gladkov 120.0-alt1
- New release (120.0). - Security fixes: + CVE-2023-6204: Out-of-bound memory access in WebGL2 blitFramebuffer + CVE-2023-6205: Use-after-free in MessagePort::Entangled + CVE-2023-6206: Clickjacking permission prompts using the fullscreen transition + CVE-2023-6207: Use-after-free in ReadableByteStreamQueueEntry::Buffer + CVE-2023-6208: Using Selection API would copy contents into X11 primary selection. + CVE-2023-6209: Incorrect parsing of relative URLs starting with "///" + CVE-2023-6210: Mixed-content resources not blocked in a javascript: pop-up + CVE-2023-6211: Clickjacking to load insecure pages in HTTPS-only mode + CVE-2023-6212: Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5 + CVE-2023-6213: Memory safety bugs fixed in Firefox 120