Package firefox-esr: Information
Default inline alert: Version in the repository: 102.12.0-alt0.c9.1
Source package: firefox-esr
Version: 52.4.0-alt1
Build time: Sep 30, 2017, 01:14 PM in the task #189704
Category: Networking/WWW
Report package bugHome page: http://www.mozilla.org/projects/firefox/
License: MPL/GPL/LGPL
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Description:
The Mozilla Firefox project is a redesign of Mozilla's browser component, written using the XUL user interface language and designed to be cross-platform.
Maintainer: Andrey Cherepanov
Last changed
Sept. 29, 2017 Andrey Cherepanov 52.4.0-alt1
- New ESR version (52.4.0) - Fixes: + CVE-2017-7793 Use-after-free with Fetch API + CVE-2017-7818 Use-after-free during ARIA array manipulation + CVE-2017-7819 Use-after-free while resizing images in design mode + CVE-2017-7824 Buffer overflow when drawing and validating elements with ANGLE + CVE-2017-7805 Use-after-free in TLS 1.2 generating handshake hashes + CVE-2017-7814 Blob and data URLs bypass phishing and malware protection warnings + CVE-2017-7825 OS X fonts render some Tibetan and Arabic unicode characters as spaces + CVE-2017-7823 CSP sandbox directive did not create a unique origin + CVE-2017-7810 Memory safety bugs fixed in Firefox 56 and Firefox ESR 52.4
Aug. 8, 2017 Andrey Cherepanov 52.3.0-alt1
- New ESR version (52.3.0) - Security fixes: + CVE-2017-7798: XUL injection in the style editor in devtools + CVE-2017-7800: Use-after-free in WebSockets during disconnection + CVE-2017-7801: Use-after-free with marquee during window resizing + CVE-2017-7809: Use-after-free while deleting attached editor DOM node + CVE-2017-7784: Use-after-free with image observers + CVE-2017-7802: Use-after-free resizing image elements + CVE-2017-7785: Buffer overflow manipulating ARIA attributes in DOM + CVE-2017-7786: Buffer overflow while painting non-displayable SVG + CVE-2017-7753: Out-of-bounds read with cached style data and pseudo-elements + CVE-2017-7787: Same-origin policy bypass with iframes through page reloads + CVE-2017-7807: Domain hijacking through AppCache fallback + CVE-2017-7792: Buffer overflow viewing certificates with an extremely long OID + CVE-2017-7804: Memory protection bypass through WindowsDllDetourPatcher + CVE-2017-7791: Spoofing following page navigation with data: protocol and modal alerts + CVE-2017-7782: WindowsDllDetourPatcher allocates memory without DEP protections + CVE-2017-7803: CSP containing 'sandbox' improperly applied + CVE-2017-7779: Memory safety bugs fixed in Firefox 55 and Firefox ESR 52.3
July 11, 2017 Andrey Cherepanov 52.2.1-alt1
- New ESR version (52.2.1)