Package rpm-build-firefox: Information

  • Default inline alert: Version in the repository: 90.0-alt1

Binary package: rpm-build-firefox
Version: 63.0.1-alt1
Architecture: noarch
Build time:  Nov 13, 2018, 10:03 PM in the task #216395
Source package: firefox
Category: Development/Other
Report package bug
Gear: https://git.altlinux.org/gears/f/firefox.git?a=tree;hb=b0e16664d…
Build log: https://git.altlinux.org/tasks/216395/build/400/aarch64/log
Home page: http://www.mozilla.org/projects/firefox/
License: MPL/GPL/LGPL
Summary: RPM helper macros to rebuild firefox packages
Description: 
These helper macros provide possibility to rebuild
firefox packages by some Alt Linux Team Policy compatible way.
Maintainer: Alexey Gladkov
List of contributors:
Alexey Gladkov
Ivan Zakharyaschev
Konstantin Lepikhov

Last changed

Nov. 13, 2018 Alexey Gladkov 63.0.1-alt1
- New release (63.0.1).
- Fixed:
  + CVE-2018-12391: HTTP Live Stream audio data is accessible cross-origin
  + CVE-2018-12392: Crash with nested event loops
  + CVE-2018-12393: Integer overflow during Unicode conversion while loading JavaScript
  + CVE-2018-12395: WebExtension bypass of domain restrictions through header rewriting
  + CVE-2018-12396: WebExtension content scripts can execute in disallowed contexts
  + CVE-2018-12397: Missing warning prompt when WebExtension requests local file access
  + CVE-2018-12398: CSP bypass through stylesheet injection in resource URIs
  + CVE-2018-12399: Spoofing of protocol registration notification bar
  + CVE-2018-12400: Favicons are cached in private browsing mode on Firefox for Android
  + CVE-2018-12401: DOS attack through special resource URI parsing
  + CVE-2018-12402: SameSite cookies leak when pages are explicitly saved
  + CVE-2018-12403: Mixed content warning is not displayed when HTTPS page loads a favicon over HTTP
  + CVE-2018-12388: Memory safety bugs fixed in Firefox 63
  + CVE-2018-12390: Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3
Oct. 4, 2018 Alexey Gladkov 62.0.3-alt1
- New release (62.0.3).
- Fixed:
  + CVE-2018-12386: Type confusion in JavaScript
  + CVE-2018-12387: A vulnerability where the JavaScript JIT compiler
  + CVE-2018-12385: Crash in TransportSecurityInfo due to cached data
  + CVE-2018-12377: Use-after-free in refresh driver timers
  + CVE-2018-12378: Use-after-free in IndexedDB
  + CVE-2018-12379: Out-of-bounds write with malicious MAR file
  + CVE-2017-16541: Proxy bypass using automount and autofs
  + CVE-2018-12381: Dragging and dropping Outlook email message results in page navigation
  + CVE-2018-12382: Addressbar spoofing with javascript URI on Firefox for Android
  + CVE-2018-12383: Setting a master password post-Firefox 58 does not delete unencrypted previously stored passwords
  + CVE-2018-12375: Memory safety bugs fixed in Firefox 62
  + CVE-2018-12376: Memory safety bugs fixed in Firefox 62 and Firefox ESR 60.2
July 6, 2018 Alexey Gladkov 61.0.1-alt1
- New release (61.0.1).
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.1
Back to top