Package rpm-build-firefox: Information

These helper macros provide possibility to rebuild
firefox packages by some Alt Linux Team Policy compatible way.
- New release (77.0.1).
- Security fixes:
  + CVE-2020-12399: Timing attack on DSA signatures in NSS library
  + CVE-2020-12405: Use-after-free in SharedWorkerService
  + CVE-2020-12406: JavaScript type confusion with NativeTypes
  + CVE-2020-12407: WebRender leaking GPU memory when using border-image CSS directive
  + CVE-2020-12408: URL spoofing when using IP addresses
  + CVE-2020-12409: URL spoofing with unicode characters
  + CVE-2020-12410: Memory safety bugs fixed in Firefox 77 and Firefox ESR 68.9
  + CVE-2020-12411: Memory safety bugs fixed in Firefox 77
- New release (76.0.1).
- New release (76.0).
- Security fixes:
  + CVE-2020-12387: Use-after-free during worker shutdown
  + CVE-2020-12388: Sandbox escape with improperly guarded Access Tokens
  + CVE-2020-12389: Sandbox escape with improperly separated process types
  + CVE-2020-6831: Buffer overflow in SCTP chunk input validation
  + CVE-2020-12390: Incorrect serialization of nsIPrincipal.origin for IPv6 addresses
  + CVE-2020-12391: Content-Security-Policy bypass using object elements
  + CVE-2020-12392: Arbitrary local file access with 'Copy as cURL'
  + CVE-2020-12393: Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection
  + CVE-2020-12394: URL spoofing in location bar when unfocussed
  + CVE-2020-12395: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8
  + CVE-2020-12396: Memory safety bugs fixed in Firefox 76

Package rpm-build-firefox: Information

Last changed