Package firefox-esr: Information

Source package: firefox-esr
Version: 60.2.0-alt1
Build time:  Sep 11, 2018, 07:09 PM in the task #212803
Category: Networking/WWW
Report package bug
Gear: https://git.altlinux.org/gears/f/firefox-esr.git?a=tree;hb=bf715…
Home page: http://www.mozilla.org/projects/firefox/
License: MPL/GPL/LGPL
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Description: 
The Mozilla Firefox project is a redesign of Mozilla's browser
component, written using the XUL user interface language and designed to
be cross-platform.
List of rpms provided by this srpm:
firefox-esr (x86_64, i586, aarch64)
firefox-esr-debuginfo (x86_64, i586, aarch64)
Maintainer: Andrey Cherepanov
List of contributors:
Andrey Cherepanov
Ivan Zakharyaschev
    1. libvpx-devel
    2. libcurl-devel
    3. alternatives
    4. libwireless-devel
    5. libdbus-devel
    6. libdbus-glib-devel
    7. /dev/shm
    8. autoconf_2.13
    9. autoconf_2.13
    10. libshell
    11. libevent-devel
    12. libffi-devel
    13. libfreetype-devel
    14. lld-devel
    15. /proc
    16. llvm6.0-devel
    17. libstartup-notification-devel
    18. libstdc++-devel
    19. browser-plugins-npapi-devel
    20. bzlib-devel
    21. pkgconfig(nspr) >= 4.17
    22. pkgconfig(nss) >= 3.36.4
    23. rust >= 1.24.1
    24. rust-cargo >= 0.25.0
    25. chrpath
    26. mozilla-common-devel
    27. clang6.0
    28. clang6.0-devel
    29. libGL-devel
    30. gst-plugins1.0-devel
    31. gstreamer1.0-devel
    32. libgio-devel
    33. python-module-distribute
    34. rpm-build-mozilla.org
    35. python-module-pip
    36. libnotify-devel
    37. libnss-devel-static
    38. rpm-macros-alternatives
    39. fontconfig-devel
    40. libX11-devel
    41. python-modules-compiler
    42. python-modules-json
    43. python-modules-logging
    44. python-modules-sqlite3
    45. libXScrnSaver-devel
    46. libXcomposite-devel
    47. libopus-devel
    48. libXcursor-devel
    49. libXdamage-devel
    50. libXext-devel
    51. unzip
    52. libXft-devel
    53. libXi-devel
    54. libXt-devel
    55. libgtk+2-devel
    56. libgtk+3-devel
    57. libcairo-devel
    58. libpixman-devel
    59. libalsa-devel
    60. xorg-cf-files
    61. libhunspell-devel
    62. libjpeg-devel
    63. yasm
    64. zip
    65. zlib-devel
    66. libproxy-devel
    67. libpulseaudio-devel

Last changed

Sept. 10, 2018 Andrey Cherepanov 60.2.0-alt1
- New ESR version (60.2.0).
- Fixed:
  + CVE-2018-12377 Use-after-free in refresh driver timers
  + CVE-2018-12378 Use-after-free in IndexedDB
  + CVE-2018-12379 Out-of-bounds write with malicious MAR file
  + CVE-2017-16541 Proxy bypass using automount and autofs
  + CVE-2018-12381 Dragging and dropping Outlook email message results in page navigation
  + CVE-2018-12376 Memory safety bugs fixed in Firefox 62 and Firefox ESR 60.2
June 26, 2018 Andrey Cherepanov 60.1.0-alt1
- New ESR version (60.1.0).
- Fixed:
  + CVE-2018-12359 Buffer overflow using computed size of canvas element
  + CVE-2018-12360 Use-after-free when using focus()
  + CVE-2018-12361 Integer overflow in SwizzleData
  + CVE-2018-12362 Integer overflow in SSSE3 scaler
  + CVE-2018-5156 Media recorder segmentation fault when track type is changed during capture
  + CVE-2018-12363 Use-after-free when appending DOM nodes
  + CVE-2018-12364 CSRF attacks through 307 redirects and NPAPI plugins
  + CVE-2018-12365 Compromised IPC child process can list local filenames
  + CVE-2018-12371 Integer overflow in Skia library during edge builder allocation
  + CVE-2018-12366 Invalid data handling during QCMS transformations
  + CVE-2018-12367 Timing attack mitigation of PerformanceNavigationTiming
  + CVE-2018-12368 No warning when opening executable SettingContent-ms files
  + CVE-2018-12369 WebExtension security permission checks bypassed by embedded experiments
  + CVE-2018-5187 Memory safety bugs fixed in Firefox 60 and Firefox ESR 60.1
  + CVE-2018-5188 Memory safety bugs fixed in Firefox 60, Firefox ESR 60.1, and Firefox ESR 52.9
June 18, 2018 Andrey Cherepanov 60.0.2-alt2
- Fix build for aarch64 (thanks legion@).
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.0
Back to top