Package firefox: Information

Source package: firefox
Version: 63.0.1-alt1
Build time:  Nov 13, 2018, 10:03 PM in the task #216395
Category: Networking/WWW
Report package bug
Gear: https://git.altlinux.org/gears/f/firefox.git?a=tree;hb=b0e16664d…
Home page: http://www.mozilla.org/projects/firefox/
License: MPL/GPL/LGPL
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Description: 
The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.
List of rpms provided by this srpm:
firefox (x86_64, i586, aarch64)
firefox-debuginfo (x86_64, i586, aarch64)
rpm-build-firefox (noarch)
Maintainer: Alexey Gladkov
List of contributors:
Alexey Gladkov
Ivan Zakharyaschev
Konstantin Lepikhov
    1. libvpx-devel
    2. libcurl-devel
    3. libdbus-devel
    4. /dev/shm
    5. libdbus-glib-devel
    6. libwireless-devel
    7. python3-base
    8. libevent-devel
    9. rust >= 1.24.1
    10. rust-cargo >= 0.25.0
    11. libffi-devel
    12. /proc
    13. alternatives
    14. libfreetype-devel
    15. lld-devel
    16. llvm6.0-devel
    17. autoconf_2.13
    18. autoconf_2.13
    19. pkgconfig(nspr) >= 4.20
    20. pkgconfig(nss) >= 3.40.0
    21. libnotify-devel
    22. mozilla-common-devel
    23. libnss-devel-static
    24. libgio-devel
    25. libGL-devel
    26. node
    27. libX11-devel
    28. unzip
    29. libopus-devel
    30. gst-plugins1.0-devel
    31. browser-plugins-npapi-devel
    32. python-module-distribute
    33. gstreamer1.0-devel
    34. libXScrnSaver-devel
    35. bzlib-devel
    36. libXcomposite-devel
    37. libXcursor-devel
    38. libXdamage-devel
    39. python-module-pip
    40. libXext-devel
    41. libshell
    42. rpm-build-mozilla.org
    43. libXft-devel
    44. libXi-devel
    45. rpm-macros-alternatives
    46. chrpath
    47. libXt-devel
    48. python-modules-compiler
    49. fontconfig-devel
    50. python-modules-json
    51. clang6.0
    52. python-modules-logging
    53. python-modules-sqlite3
    54. clang6.0-devel
    55. xorg-cf-files
    56. libpixman-devel
    57. libalsa-devel
    58. libgtk+2-devel
    59. libgtk+3-devel
    60. yasm
    61. zip
    62. zlib-devel
    63. libhunspell-devel
    64. libcairo-devel
    65. libproxy-devel
    66. libjpeg-devel
    67. libstartup-notification-devel
    68. libstdc++-devel
    69. libpulseaudio-devel

Last changed

Nov. 13, 2018 Alexey Gladkov 63.0.1-alt1
- New release (63.0.1).
- Fixed:
  + CVE-2018-12391: HTTP Live Stream audio data is accessible cross-origin
  + CVE-2018-12392: Crash with nested event loops
  + CVE-2018-12393: Integer overflow during Unicode conversion while loading JavaScript
  + CVE-2018-12395: WebExtension bypass of domain restrictions through header rewriting
  + CVE-2018-12396: WebExtension content scripts can execute in disallowed contexts
  + CVE-2018-12397: Missing warning prompt when WebExtension requests local file access
  + CVE-2018-12398: CSP bypass through stylesheet injection in resource URIs
  + CVE-2018-12399: Spoofing of protocol registration notification bar
  + CVE-2018-12400: Favicons are cached in private browsing mode on Firefox for Android
  + CVE-2018-12401: DOS attack through special resource URI parsing
  + CVE-2018-12402: SameSite cookies leak when pages are explicitly saved
  + CVE-2018-12403: Mixed content warning is not displayed when HTTPS page loads a favicon over HTTP
  + CVE-2018-12388: Memory safety bugs fixed in Firefox 63
  + CVE-2018-12390: Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3
Oct. 4, 2018 Alexey Gladkov 62.0.3-alt1
- New release (62.0.3).
- Fixed:
  + CVE-2018-12386: Type confusion in JavaScript
  + CVE-2018-12387: A vulnerability where the JavaScript JIT compiler
  + CVE-2018-12385: Crash in TransportSecurityInfo due to cached data
  + CVE-2018-12377: Use-after-free in refresh driver timers
  + CVE-2018-12378: Use-after-free in IndexedDB
  + CVE-2018-12379: Out-of-bounds write with malicious MAR file
  + CVE-2017-16541: Proxy bypass using automount and autofs
  + CVE-2018-12381: Dragging and dropping Outlook email message results in page navigation
  + CVE-2018-12382: Addressbar spoofing with javascript URI on Firefox for Android
  + CVE-2018-12383: Setting a master password post-Firefox 58 does not delete unencrypted previously stored passwords
  + CVE-2018-12375: Memory safety bugs fixed in Firefox 62
  + CVE-2018-12376: Memory safety bugs fixed in Firefox 62 and Firefox ESR 60.2
July 6, 2018 Alexey Gladkov 61.0.1-alt1
- New release (61.0.1).
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.0
Back to top