ALT repositories
Last updated at Thu, 02 Dec 2021 00:50:49 +0000 | SRPMs: 17634
en ru
SRPMs in branches
hide window
  • 51.0.1-alt0.M80P.1
  • 68.0.1-alt0.M80P.1
  • 60.8.0-alt0.M70C.1
  • 45.9.0-alt0.M70P.1
  • 45.9.0-alt0.M70P.1
  • 10.0.2-alt1.M60C.1
  • 17.0.11-alt0.M60P.1
  • 17.0.11-alt0.M60P.1
  • 10.0.12-alt0.M50P.1
Group :: Networking/WWW
Source RPM: firefox
Current version: 94.0-alt1
Built: about 1 month ago
Size: 394 MB
Repocop status: skip
Home page:

License: MPL-2.0
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser

The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be

List of contributors:

List of rpms provided by this srpm:
  • firefox
  • firefox-config-privacy
  • firefox-debuginfo
  • firefox-wayland
Recent changes (last three changelog entries):

2021-11-02 Alexey Gladkov 94.0-alt1

    - New release (94.0).
    - Security fixes:
      + CVE-2021-38503: iframe sandbox rules did not apply to XSLT stylesheets
      + CVE-2021-38504: Use-after-free in file picker dialog
      + CVE-2021-38505: Windows 10 Cloud Clipboard may have recorded sensitive user data
      + CVE-2021-38506: Firefox could be coaxed into going into fullscreen mode without notification or warning
      + CVE-2021-38507: Opportunistic Encryption in HTTP2 could be used to bypass the Same-Origin-Policy on services hosted on other ports
      + MOZ-2021-0003: Universal XSS in Firefox for Android via QR Code URLs
      + CVE-2021-38508: Permission Prompt could be overlaid, resulting in user confusion and potential spoofing
      + MOZ-2021-0004: Web Extensions could access pre-redirect URL when their context menu was triggered by a user
      + CVE-2021-38509: Javascript alert box could have been spoofed onto an arbitrary domain
      + CVE-2021-38510: Download Protections were bypassed by .inetloc files on Mac OS
      + MOZ-2021-0005: 'Copy Image Link' context menu action could have been abused to see authentication tokens
      + MOZ-2021-0006: URL Parsing may incorrectly parse internationalized domains
      + MOZ-2021-0007: Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3

2021-10-06 Alexey Gladkov 93.0-alt1

    - New release (93.0).
    - Security fixes:
      + CVE-2021-38496: Use-after-free in MessageTask
      + CVE-2021-38497: Validation message could have been overlaid on another origin
      + CVE-2021-38498: Use-after-free of nsLanguageAtomService object
      + CVE-2021-32810: Data race in crossbeam-deque
      + CVE-2021-38500: Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2
      + CVE-2021-38501: Memory safety bugs fixed in Firefox 93 and Firefox ESR 91.2
      + CVE-2021-38499: Memory safety bugs fixed in Firefox 93

2021-09-28 Alexey Gladkov 92.0.1-alt1

    - New release (92.0.1).
The Geyser project is based on code from Prometheus2.0, which had been made available under the MIT License.