Package firefox: Information

    Binary package: firefox
    Version: 54.0.1-alt1
    Architecture: i586
    Build time:  Jul 15, 2017, 04:45 PM in the task #185325
    Source package: firefox
    Category: Networking/WWW
    Report package bug
    Gear: https://git.altlinux.org/gears/f/firefox.git?a=tree;hb=94deea4a2…
    Build log: https://git.altlinux.org/tasks/185325/build/300/i586/log
    Home page: http://www.mozilla.org/projects/firefox/
    License: MPL/GPL/LGPL
    Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
    Description: 
    The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.
    Maintainer: Alexey Gladkov
    List of contributors:
    Alexey Gladkov
    Ivan Zakharyaschev
    Konstantin Lepikhov

    Last changed

    July 12, 2017 Alexey Gladkov 54.0.1-alt1
    - New release (54.0.1).
    June 25, 2017 Alexey Gladkov 54.0-alt1
    - New release (54.0).
- Fixed:
  + CVE-2017-5472: Use-after-free using destroyed node when regenerating trees
  + CVE-2017-7749: Use-after-free during docshell reloading
  + CVE-2017-7750: Use-after-free with track elements
  + CVE-2017-7751: Use-after-free with content viewer listeners
  + CVE-2017-7752: Use-after-free with IME input
  + CVE-2017-7754: Out-of-bounds read in WebGL with ImageInfo object
  + CVE-2017-7755: Privilege escalation through Firefox Installer with same directory DLL files
  + CVE-2017-7756: Use-after-free and use-after-scope logging XHR header errors
  + CVE-2017-7757: Use-after-free in IndexedDB
  + CVE-2017-7778: Vulnerabilities in the Graphite 2 library
  + CVE-2017-7758: Out-of-bounds read in Opus encoder
  + CVE-2017-7759: Android intent URLs can cause navigation to local file system
  + CVE-2017-7760: File manipulation and privilege escalation via callback parameter in Mozilla Windows Updater and Maintenance Service
  + CVE-2017-7761: File deletion and privilege escalation through Mozilla Maintenance Service helper.exe application
  + CVE-2017-7762: Addressbar spoofing in Reader mode
  + CVE-2017-7763: Mac fonts render some unicode characters as spaces
  + CVE-2017-7764: Domain spoofing with combination of Canadian Syllabics and other unicode blocks
  + CVE-2017-7765: Mark of the Web bypass when saving executable files
  + CVE-2017-7766: File execution and privilege escalation through updater.ini, Mozilla Windows Updater, and Mozilla Maintenance Service
  + CVE-2017-7767: Privilege escalation and arbitrary file overwrites through Mozilla Windows Updater and Mozilla Maintenance Service
  + CVE-2017-7768: 32 byte arbitrary file read through Mozilla Maintenance Service
  + CVE-2017-7770: Addressbar spoofing with JavaScript events and fullscreen mode
  + CVE-2017-5471: Memory safety bugs fixed in Firefox 54
  + CVE-2017-5470: Memory safety bugs fixed in Firefox 54 and Firefox ESR 52.2
    May 7, 2017 Alexey Gladkov 53.0.2-alt1
    - New release (53.0.2).
- Fixed:
  + CVE-2017-5031: Use after free in ANGLE
    VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
    Version: v24.5.1
    Back to top