Package firefox-esr: Information
Default inline alert: Version in the repository: 115.9.1-alt0.c10.1
Source package: firefox-esr
Version: 68.2.0-alt1
Build time: Oct 29, 2019, 03:13 PM in the task #239816
Category: Networking/WWW
Report package bugHome page: http://www.mozilla.org/projects/firefox/
License: MPL/GPL/LGPL
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Description:
The Mozilla Firefox project is a redesign of Mozilla's browser component, written using the XUL user interface language and designed to be cross-platform.
List of rpms provided by this srpm:
firefox-esr (x86_64, ppc64le, i586, aarch64)
firefox-esr-debuginfo (x86_64, ppc64le, i586, aarch64)
firefox-esr-wayland (noarch)
firefox-esr (x86_64, ppc64le, i586, aarch64)
firefox-esr-debuginfo (x86_64, ppc64le, i586, aarch64)
firefox-esr-wayland (noarch)
Maintainer: Andrey Cherepanov
Last changed
Oct. 27, 2019 Andrey Cherepanov 68.2.0-alt1
- New ESR version (68.2.0). - Fixed: + CVE-2019-15903 Heap overflow in expat library in XML_GetCurrentLineNumber + CVE-2019-11757 Use-after-free when creating index updates in IndexedDB + CVE-2019-11758 Potentially exploitable crash due to 360 Total Security + CVE-2019-11759 Stack buffer overflow in HKDF output + CVE-2019-11760 Stack buffer overflow in WebRTC networking + CVE-2019-11761 Unintended access to a privileged JSONView object + CVE-2019-11762 document.domain-based origin isolation has same-origin-property violation + CVE-2019-11763 Incorrect HTML parsing results in XSS bypass technique + CVE-2019-11764 Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2
Sept. 19, 2019 Andrey Cherepanov 68.1.0-alt2
- Fix open context menu (thanks george@).
Sept. 4, 2019 Andrey Cherepanov 68.1.0-alt1
- New ESR version (68.1.0). - Fixed: + CVE-2019-11751 Malicious code execution through command line parameters + CVE-2019-11746 Use-after-free while manipulating video + CVE-2019-11744 XSS by breaking out of title and textarea elements using innerHTML + CVE-2019-11742 Same-origin policy violation with SVG filters and canvas to steal cross-origin images + CVE-2019-11736 File manipulation and privilege escalation in Mozilla Maintenance Service + CVE-2019-11753 Privilege escalation with Mozilla Maintenance Service in custom Firefox installation location + CVE-2019-11752 Use-after-free while extracting a key value in IndexedDB + CVE-2019-9812 Sandbox escape through Firefox Sync + CVE-2019-11743 Cross-origin access to unload event attributes + CVE-2019-11748 Persistence of WebRTC permissions in a third party context + CVE-2019-11749 Camera information available without prompting using getUserMedia + CVE-2019-11750 Type confusion in Spidermonkey + CVE-2019-11738 Content security policy bypass through hash-based sources in directives + CVE-2019-11747 'Forget about this site' removes sites from pre-loaded HSTS list + CVE-2019-11735 Memory safety bugs fixed in Firefox 69 and Firefox ESR 68.1 + CVE-2019-11740 Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox ESR 60.9 - Build in 8 jobs.