Package firefox-esr

Source package: firefox-esr
Version: 91.10.0-alt0.c9.1
Build time:  Jun 9, 2022, 03:37 PM
 in the task #301458
Category: Networking/WWW
Report package bug
License:  MPL-2.0
Summary:  The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
Description: 
The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.
List of rpms provided by this srpm: 
firefox-esr (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-config-privacy (noarch)
firefox-esr-debuginfo (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-wayland (noarch)
Last changes:
June 5, 2022 Pavel Vasenkov 91.10.0-alt0.c9.1
- Backport new version with security fixes.
June 3, 2022 Pavel Vasenkov 91.10.0-alt1
- New ESR version.
- Security fixes:
  + CVE-2022-31736 Cross-Origin resource's length leaked
  + CVE-2022-31737 Heap buffer overflow in WebGL
  + CVE-2022-31738 Browser window spoof using fullscreen mode
  + CVE-2022-31739 Attacker-influenced path traversal when saving downloaded files
  + CVE-2022-31740 Register allocation problem in WASM on arm64
  + CVE-2022-31741 Uninitialized variable leads to invalid memory read
  + CVE-2022-31742 Querying a WebAuthn token with a large number of allowCredential entries may have leaked cross-origin information
  + CVE-2022-31747 Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10
May 22, 2022 Pavel Vasenkov 91.9.1-alt1
- New ESR version.
- Security fixes:
  + CVE-2022-1802 Prototype pollution in Top-Level Await implementation
  + CVE-2022-1529 Untrusted input used in JavaScript object indexing, leading to prototype pollution

Back to Top