Package firefox-esr: Information
Default inline alert: Version in the repository: 102.12.0-alt0.c9.1
Source package: firefox-esr
Version: 91.5.0-alt0.c9.1
Build time: Jan 19, 2022, 07:27 PM in the task #293342
Category: Networking/WWW
Report package bugHome page: http://www.mozilla.org/projects/firefox/
License: MPL-2.0
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
Description:
The Mozilla Firefox project is a redesign of Mozilla's browser component, written using the XUL user interface language and designed to be cross-platform.
List of rpms provided by this srpm:
firefox-esr (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-config-privacy (noarch)
firefox-esr-debuginfo (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-wayland (noarch)
firefox-esr (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-config-privacy (noarch)
firefox-esr-debuginfo (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-wayland (noarch)
Maintainer: Andrey Cherepanov
Last changed
Jan. 12, 2022 Andrey Cherepanov 91.5.0-alt0.c9.1
- Backport new version with security fixes.
Jan. 11, 2022 Andrey Cherepanov 91.5.0-alt1
- New ESR version. - Security fixes: + CVE-2022-22746 Calling into reportValidity could have lead to fullscreen window spoof + CVE-2022-22743 Browser window spoof using fullscreen mode + CVE-2022-22742 Out-of-bounds memory access when inserting text in edit mode + CVE-2022-22741 Browser window spoof using fullscreen mode + CVE-2022-22740 Use-after-free of ChannelEventQueue::mOwner + CVE-2022-22738 Heap-buffer-overflow in blendGaussianBlur + CVE-2022-22737 Race condition when playing audio files + CVE-2021-4140 Iframe sandbox bypass with XSLT + CVE-2022-22748 Spoofed origin on external protocol launch dialog + CVE-2022-22745 Leaking cross-origin URLs through securitypolicyviolation event + CVE-2022-22744 The 'Copy as curl' feature in DevTools did not fully escape website-controlled data, potentially leading to command injection + CVE-2022-22747 Crash when handling empty pkcs7 sequence + CVE-2022-22739 Missing throttling on external protocol launch dialog + CVE-2022-22751 Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5
Dec. 17, 2021 Andrey Cherepanov 91.4.1-alt1
- New ESR version.