Package firefox: Information

    Source package: firefox
    Version: 2.0.0.18-alt0.M40.1
    Build time:  Nov 16, 2008, 08:13 AM
    Category: Networking/WWW
    Report package bug
    Home page: http://www.mozilla.org/projects/firefox/
    License: MPL/GPL
    Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
    Description: 
    The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.
    List of rpms provided by this srpm:
    firefox (x86_64, i586)
    firefox-devel (x86_64, i586)
    Maintainer: Alexey Gladkov
    List of contributors:
    Michael Shigorin
    Alexey Gladkov
    Konstantin Lepikhov
    ACL:
    Alexey Gladkov
      1. libIDL-devel
      2. libXext-devel
      3. libXt-devel
      4. doxygen
      5. alternatives
      6. rpm-build-firefox
      7. libgtk+2-devel
      8. autoconf_2.13
      9. autoconf_2.13
      10. libnspr-devel
      11. libnss-devel
      12. libnss-devel-static
      13. gcc-c++
      14. unzip
      15. makedepend
      16. browser-plugins-npapi-devel
      17. libjpeg-devel
      18. cairo-devel
      19. xorg-cf-files
      20. chrpath
      21. zip
      22. imake
      23. nss-utils

    Last changed

    Nov. 14, 2008 Michael Shigorin 2.0.0.18-alt0.M40.1
    - New bugfix version 2.0.0.18 built for M40
- Fixed:
  + MFSA 2008-58 Parsing error in E4X default namespace
  + MFSA 2008-57 -moz-binding property bypasses security checks on codebase principals
  + MFSA 2008-56 nsXMLHttpRequest::NotifyEventListeners() same-origin violation
  + MFSA 2008-55 Crash and remote code execution in nsFrameManager
  + MFSA 2008-54 Buffer overflow in http-index-format parser
  + MFSA 2008-53 XSS and JavaScript privilege escalation via session restore
  + MFSA 2008-52 Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18)
  + MFSA 2008-50 Crash and remote code execution via __proto__ tampering
  + MFSA 2008-49 Arbitrary code execution via Flash Player dynamic module unloading
  + MFSA 2008-48 Image stealing via canvas and HTTP redirect
  + MFSA 2008-47 Information stealing via local shortcut files
    Oct. 2, 2008 Michael Shigorin 2.0.0.17-alt0.M40.1
    - New bugfix version 2.0.0.17 built for M40
- Fixed:
  + MFSA 2008-45 XBM image uninitialized memory reading
  + MFSA 2008-44 resource: traversal vulnerabilities
  + MFSA 2008-43 BOM characters stripped from JavaScript before execution
  + MFSA 2008-42 Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17)
  + MFSA 2008-41 Privilege escalation via XPCnativeWrapper pollution
  + MFSA 2008-40 Forced mouse drag
  + MFSA 2008-39 Privilege escalation using feed preview page and XSS flaw
  + MFSA 2008-38 nsXMLDocument::OnChannelRedirect() same-origin violation
  + MFSA 2008-37 UTF-8 URL stack buffer overflow
    Aug. 8, 2008 Michael Shigorin 2.0.0.16-alt0.M40.1
    - New bugfix version 2.0.0.16
- Fixed:
 + MFSA 2008-35 Command-line URLs launch multiple tabs when Firefox not running
 + MFSA 2008-34 Remote code execution by overflowing CSS reference counter
    VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
    Version: v24.5.3
    Back to top