Package rpm-build-firefox: Information

    Binary package: rpm-build-firefox
    Version: 51.0.1-alt0.M80P.1
    Architecture: noarch
    Build time:  Feb 7, 2017, 10:58 PM in the task #177727
    Source package: firefox
    Category: Development/Other
    Report package bug
    Gear: https://git.altlinux.org/gears/f/firefox.git?a=tree;hb=12176bc2c…
    Download: rpm-build-firefox-51.0.1-alt0.M80P.1.noarch.rpm
    Build log: https://git.altlinux.org/tasks/177727/build/100/i586/log
    Home page: http://www.mozilla.org/projects/firefox/
    License: MPL/GPL/LGPL
    Summary: RPM helper macros to rebuild firefox packages
    Description: 
    These helper macros provide possibility to rebuild
firefox packages by some Alt Linux Team Policy compatible way.
    Maintainer: Alexey Gladkov
    List of contributors:
    Andrey Cherepanov
    Alexey Gladkov
    Ivan Zakharyaschev
    Konstantin Lepikhov

    Last changed

    Feb. 7, 2017 Andrey Cherepanov 51.0.1-alt0.M80P.1
    - Backport new version to p8 branch
    Jan. 30, 2017 Alexey Gladkov 51.0.1-alt1
    - New release (51.0.1).
- Fixed:
  + CVE-2017-5375: Excessive JIT code allocation allows bypass of ASLR and DEP
  + CVE-2017-5376: Use-after-free in XSL
  + CVE-2017-5377: Memory corruption with transforms to create gradients in Skia
  + CVE-2017-5378: Pointer and frame data leakage of Javascript objects
  + CVE-2017-5379: Use-after-free in Web Animations
  + CVE-2017-5380: Potential use-after-free during DOM manipulations
  + CVE-2017-5390: Insecure communication methods in Developer Tools JSON viewer
  + CVE-2017-5389: WebExtensions can install additional add-ons via modified host requests
  + CVE-2017-5396: Use-after-free with Media Decoder
  + CVE-2017-5381: Certificate Viewer exporting can be used to navigate and save to arbitrary filesystem locations
  + CVE-2017-5382: Feed preview can expose privileged content errors and exceptions
  + CVE-2017-5383: Location bar spoofing with unicode characters
  + CVE-2017-5384: Information disclosure via Proxy Auto-Config (PAC)
  + CVE-2017-5385: Data sent in multipart channels ignores referrer-policy response headers
  + CVE-2017-5386: WebExtensions can use data: protocol to affect other extensions
  + CVE-2017-5394: Android location bar spoofing using fullscreen and JavaScript events
  + CVE-2017-5391: Content about: pages can load privileged about: pages
  + CVE-2017-5392: Weak references using multiple threads on weak proxy objects lead to unsafe memory usage
  + CVE-2017-5393: Remove addons.mozilla.org CDN from whitelist for mozAddonManager
  + CVE-2017-5395: Android location bar spoofing during scrolling
  + CVE-2017-5387: Disclosure of local file existence through TRACK tag error messages
  + CVE-2017-5388: WebRTC can be used to generate a large amount of UDP traffic for DDOS attacks
  + CVE-2017-5374: Memory safety bugs fixed in Firefox 51
  + CVE-2017-5373: Memory safety bugs fixed in Firefox 51 and Firefox ESR 45.7
    Dec. 17, 2016 Andrey Cherepanov 50.1.0-alt0.M80P.1
    - Backport new version to p8 branch
    VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
    Version: v24.4.2
    Back to top