Package firefox: Information

Binary package: firefox
Version: 73.0.1-alt1
Architecture: aarch64
Build time:  Feb 27, 2020, 01:44 PM in the task #247014
Source package: firefox
Category: Networking/WWW
Report package bug
Gear: https://git.altlinux.org/gears/f/firefox.git?a=tree;hb=5013845ae…
Build log: https://git.altlinux.org/tasks/247014/build/500/aarch64/log
Home page: http://www.mozilla.org/projects/firefox/
License: MPL-2.0
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Description: 
The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.
Maintainer: Alexey Gladkov
List of contributors:
Alexey Gladkov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
Konstantin Lepikhov

Last changed

Feb. 19, 2020 Alexey Gladkov 73.0.1-alt1
- New release (73.0.1).
Feb. 17, 2020 Alexey Gladkov 73.0-alt1
- New release (73.0).
- Security fixes:
  + CVE-2020-6796: Missing bounds check on shared memory read in the parent process
  + CVE-2020-6797: Extensions granted downloads.open permission could open arbitrary applications on Mac OSX
  + CVE-2020-6798: Incorrect parsing of template tag could result in JavaScript injection
  + CVE-2020-6799: Arbitrary code execution when opening pdf links from other applications, when Firefox is configured as default pdf reader
  + CVE-2020-6800: Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5
  + CVE-2020-6801: Memory safety bugs fixed in Firefox 73
Jan. 23, 2020 Alexey Gladkov 72.0.2-alt1
- New release (72.0.2).
- Security fixes:
  + CVE-2019-17015: Memory corruption in parent process during new content process initialization on Windows
  + CVE-2019-17016: Bypass of @namespace CSS sanitization during pasting
  + CVE-2019-17017: Type Confusion in XPCVariant.cpp
  + CVE-2019-17018: Windows Keyboard in Private Browsing Mode may retain word suggestions
  + CVE-2019-17019: Python files could be inadvertently executed upon opening a download
  + CVE-2019-17020: Content Security Policy not applied to XSL stylesheets applied to XML documents
  + CVE-2019-17021: Heap address disclosure in parent process during content process initialization on Windows
  + CVE-2019-17022: CSS sanitization does not escape HTML tags
  + CVE-2019-17023: NSS may negotiate TLS 1.2 or below after a TLS 1.3 HelloRetryRequest had been sent
  + CVE-2019-17024: Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4
  + CVE-2019-17025: Memory safety bugs fixed in Firefox 72
  + CVE-2019-17026: IonMonkey type confusion with StoreElementHole and FallibleStoreElement
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.3
Back to top