Package firefox-wayland: Information
Binary package: firefox-wayland
Version: 77.0.1-alt1
Architecture: noarch
Build time: Jun 6, 2020, 01:33 AM in the task #252902
Source package: firefox
Category: Networking/WWW
Report package bugHome page: http://www.mozilla.org/projects/firefox/
License: MPL-2.0
Summary: Firefox Wayland launcher.
Description:
The firefox-wayland package contains launcher and desktop file to run Firefox natively on Wayland.
Maintainer: Alexey Gladkov
Last changed
June 4, 2020 Alexey Gladkov 77.0.1-alt1
- New release (77.0.1). - Security fixes: + CVE-2020-12399: Timing attack on DSA signatures in NSS library + CVE-2020-12405: Use-after-free in SharedWorkerService + CVE-2020-12406: JavaScript type confusion with NativeTypes + CVE-2020-12407: WebRender leaking GPU memory when using border-image CSS directive + CVE-2020-12408: URL spoofing when using IP addresses + CVE-2020-12409: URL spoofing with unicode characters + CVE-2020-12410: Memory safety bugs fixed in Firefox 77 and Firefox ESR 68.9 + CVE-2020-12411: Memory safety bugs fixed in Firefox 77
May 8, 2020 Alexey Gladkov 76.0.1-alt1
- New release (76.0.1).
May 6, 2020 Alexey Gladkov 76.0-alt1
- New release (76.0). - Security fixes: + CVE-2020-12387: Use-after-free during worker shutdown + CVE-2020-12388: Sandbox escape with improperly guarded Access Tokens + CVE-2020-12389: Sandbox escape with improperly separated process types + CVE-2020-6831: Buffer overflow in SCTP chunk input validation + CVE-2020-12390: Incorrect serialization of nsIPrincipal.origin for IPv6 addresses + CVE-2020-12391: Content-Security-Policy bypass using object elements + CVE-2020-12392: Arbitrary local file access with 'Copy as cURL' + CVE-2020-12393: Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection + CVE-2020-12394: URL spoofing in location bar when unfocussed + CVE-2020-12395: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 + CVE-2020-12396: Memory safety bugs fixed in Firefox 76