Sisyphus repository
Last update: 2018-04-25 20:06:48 +0400 | SRPMs: 18294 | Sign in or Sign up
en ru uk br
ALT Linux repositories
hide window
Sisyphus: 59.0.2-alt2
p8: 59.0.2-alt1.M80P.1
p7: 45.9.0-alt0.M70P.1
t7: 45.9.0-alt0.M70P.1
Platform6: 17.0.11-alt0.M60P.1
t6: 17.0.11-alt0.M60P.1
Platform5: 10.0.12-alt0.M50P.1

Group :: Networking/WWW
Source RPM: firefox

 Main   Changelog   Spec   Patches   Sources   Download   Gear   Bugs and FR (23/161)   Repocop 

Current version: 59.0.2-alt2
Built: 23 days ago
Size: 238 MB
Repocop status: ok

Home page:

Summary: The Mozilla Firefox project is a redesign of Mozilla's browser

The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be

Current maintainer: Alexey Gladkov

List of contributors: ACL: List of rpms provided by this srpm:
  • firefox
  • firefox-debuginfo
  • rpm-build-firefox
Recent changes (last three changelog entries):

2018-03-30 Alexey Gladkov <legion at> 59.0.2-alt2

    - Fix locale switch (ALT#34741)

2018-03-27 Alexey Gladkov <legion at> 59.0.2-alt1

    - New release (59.0.2).
    - Fixed:
    + CVE-2018-5127: Buffer overflow manipulating SVG animatedPathSegList
    + CVE-2018-5128: Use-after-free manipulating editor selection ranges
    + CVE-2018-5129: Out-of-bounds write with malformed IPC messages
    + CVE-2018-5130: Mismatched RTP payload type can trigger memory corruption
    + CVE-2018-5131: Fetch API improperly returns cached copies of no-store/no-cache resources
    + CVE-2018-5132: WebExtension Find API can search privileged pages
    + CVE-2018-5133: Value of the preference is not properly sanitized
    + CVE-2018-5134: WebExtensions may use view-source: URLs to bypass content restrictions
    + CVE-2018-5135: WebExtension browserAction can inject scripts into unintended contexts
    + CVE-2018-5136: Same-origin policy violation with data: URL shared workers
    + CVE-2018-5137: Script content can access legacy extension non-contentaccessible resources
    + CVE-2018-5138: Android Custom Tab address spoofing through long domain names
    + CVE-2018-5140: Moz-icon images accessible to web content through moz-icon: protocol
    + CVE-2018-5141: DOS attack through notifications Push API
    + CVE-2018-5142: Media Capture and Streams API permissions display incorrect origin with data: and blob: URLs
    + CVE-2018-5143: Self-XSS pasting javascript: URL with embedded tab into addressbar
    + CVE-2018-5126: Memory safety bugs fixed in Firefox 59
    + CVE-2018-5125: Memory safety bugs fixed in Firefox 59 and Firefox ESR 52.7
    + CVE-2018-5146: Out of bounds memory write in libvorbis
    + CVE-2018-5147: Out of bounds memory write in libtremor
    + CVE-2018-5148: Use-after-free in compositor

2018-02-22 Alexey Gladkov <legion at> 58.0.2-alt3

    - Fix ALSA (ALT#34553).

© 2009–2018 Igor Zubkov