Sisyphus repository
Last update: 2018-10-20 14:07:09 +0400 | SRPMs: 18632 | Sign in or Sign up
en ru uk br
ALT Linux repositories
hide window
Sisyphus: 62.0.3-alt1
p8: 62.0.3-alt0.M80P.1
p7: 45.9.0-alt0.M70P.1
t7: 45.9.0-alt0.M70P.1
Platform6: 17.0.11-alt0.M60P.1
t6: 17.0.11-alt0.M60P.1
Platform5: 10.0.12-alt0.M50P.1

Group :: Networking/WWW
Source RPM: firefox

 Main   Changelog   Spec   Patches   Sources   Download   Gear   Bugs and FR (13/164)   Repocop 

Current version: 62.0.3-alt1
Built: 15 days ago
Size: 250 MB
Repocop status: ok

Home page:   http://www.mozilla.org/projects/firefox/

License: MPL/GPL/LGPL
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Description:

The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.

Current maintainer: Alexey Gladkov

List of contributors: ACL: List of rpms provided by this srpm:
  • firefox
  • firefox-debuginfo
  • rpm-build-firefox
Recent changes (last three changelog entries):

2018-10-04 Alexey Gladkov <legion at altlinux.ru> 62.0.3-alt1

    - New release (62.0.3).
    + CVE-2018-12386: Type confusion in JavaScript
    + CVE-2018-12387: A vulnerability where the JavaScript JIT compiler
    + CVE-2018-12385: Crash in TransportSecurityInfo due to cached data
    + CVE-2018-12377: Use-after-free in refresh driver timers
    + CVE-2018-12378: Use-after-free in IndexedDB
    + CVE-2018-12379: Out-of-bounds write with malicious MAR file
    + CVE-2017-16541: Proxy bypass using automount and autofs
    + CVE-2018-12381: Dragging and dropping Outlook email message results in page navigation
    + CVE-2018-12382: Addressbar spoofing with javascript URI on Firefox for Android
    + CVE-2018-12383: Setting a master password post-Firefox 58 does not delete unencrypted previously stored passwords
    + CVE-2018-12375: Memory safety bugs fixed in Firefox 62
    + CVE-2018-12376: Memory safety bugs fixed in Firefox 62 and Firefox ESR 60.2

2018-07-06 Alexey Gladkov <legion at altlinux.ru> 61.0.1-alt1

    - New release (61.0.1).

2018-07-02 Alexey Gladkov <legion at altlinux.ru> 61.0-alt1

    - New release (61.0).
    - Fixed:
    + CVE-2018-12359: Buffer overflow using computed size of canvas element
    + CVE-2018-12360: Use-after-free when using focus()
    + CVE-2018-12361: Integer overflow in SwizzleData
    + CVE-2018-12358: Same-origin bypass using service worker and redirection
    + CVE-2018-12362: Integer overflow in SSSE3 scaler
    + CVE-2018-5156: Media recorder segmentation fault when track type is changed during capture
    + CVE-2018-12363: Use-after-free when appending DOM nodes
    + CVE-2018-12364: CSRF attacks through 307 redirects and NPAPI plugins
    + CVE-2018-12365: Compromised IPC child process can list local filenames
    + CVE-2018-12371: Integer overflow in Skia library during edge builder allocation
    + CVE-2018-12366: Invalid data handling during QCMS transformations
    + CVE-2018-12367: Timing attack mitigation of PerformanceNavigationTiming
    + CVE-2018-12368: No warning when opening executable SettingContent-ms files
    + CVE-2018-12369: WebExtension security permission checks bypassed by embedded experiments
    + CVE-2018-12370: SameSite cookie protections bypassed when exiting Reader View
    + CVE-2018-5186: Memory safety bugs fixed in Firefox 61
    + CVE-2018-5187: Memory safety bugs fixed in Firefox 60 and Firefox ESR 60.1
    + CVE-2018-5188: Memory safety bugs fixed in Firefox 60, Firefox ESR 60.1, and Firefox ESR 52.9

 
© 2009–2018 Igor Zubkov