Package firefox-esr: Information

Source package: firefox-esr
Version: 68.4.1-alt1
Build time:  Jan 9, 2020, 08:05 AM in the task #243925
Category: Networking/WWW
Report package bug
Gear: https://git.altlinux.org/gears/f/firefox-esr.git?a=tree;hb=0569d…
Home page: http://www.mozilla.org/projects/firefox/
License: MPL/GPL/LGPL
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Description: 
The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.
List of rpms provided by this srpm:
firefox-esr (x86_64, ppc64le, i586, aarch64)
firefox-esr-debuginfo (x86_64, ppc64le, i586, aarch64)
firefox-esr-wayland (noarch)
Maintainer: Andrey Cherepanov
List of contributors:
Andrey Cherepanov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
    1. libgtk+2-devel
    2. libgtk+3-devel
    3. /proc
    4. libX11-devel
    5. libhunspell-devel
    6. libXScrnSaver-devel
    7. fontconfig-devel
    8. libXcomposite-devel
    9. /dev/shm
    10. libXcursor-devel
    11. libXdamage-devel
    12. libXext-devel
    13. libXft-devel
    14. libXi-devel
    15. libXt-devel
    16. libjpeg-devel
    17. python3-base
    18. libcairo-devel
    19. libalsa-devel
    20. libpulseaudio-devel
    21. libvpx5-devel
    22. libcurl-devel
    23. libdbus-devel
    24. libdbus-glib-devel
    25. libwireless-devel
    26. libxkbcommon-devel
    27. libevent-devel
    28. rust >= 1.35.0
    29. rust-cargo >= 1.35.0
    30. libffi-devel
    31. libfreetype-devel
    32. libshell
    33. alternatives
    34. lld-devel
    35. llvm7.0-devel
    36. pkgconfig(nspr) >= 4.21
    37. pkgconfig(nss) >= 3.45.0
    38. rpm-build-mozilla.org
    39. rpm-macros-alternatives
    40. autoconf_2.13
    41. autoconf_2.13
    42. libnotify-devel
    43. libnss-devel-static
    44. mozilla-common-devel
    45. bzlib-devel
    46. chrpath
    47. libstartup-notification-devel
    48. nasm
    49. unzip
    50. libstdc++-devel
    51. browser-plugins-npapi-devel
    52. libgio-devel
    53. clang7.0
    54. clang7.0-devel
    55. python-module-distribute
    56. node
    57. python-module-pip
    58. libopus-devel
    59. gst-plugins1.0-devel
    60. gstreamer1.0-devel
    61. xorg-cf-files
    62. python-modules-compiler
    63. yasm
    64. python-modules-json
    65. python-modules-logging
    66. python-modules-sqlite3
    67. zip
    68. libGL-devel
    69. libpixman-devel
    70. zlib-devel
    71. libproxy-devel

Last changed

Jan. 8, 2020 Andrey Cherepanov 68.4.1-alt1
- New ESR version (68.4.1).
- Fixed:
  + CVE-2019-17015 Memory corruption in parent process during new content process initialization on Windows
  + CVE-2019-17016 Bypass of @namespace CSS sanitization during pasting
  + CVE-2019-17017 Type Confusion in XPCVariant.cpp
  + CVE-2019-17021 Heap address disclosure in parent process during content process initialization on Windows
  + CVE-2019-17022 CSS sanitization does not escape HTML tags
  + CVE-2019-17024 Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4
Dec. 6, 2019 Andrey Cherepanov 68.3.0-alt2
- Fix last changelog according to https://www.altlinux.org/Vulnerability_Policy.
Dec. 5, 2019 Andrey Cherepanov 68.3.0-alt1
- New ESR version (68.3.0).
- Fixed:
  + CVE-2019-17008 Use-after-free in worker destruction
  + CVE-2019-13722 Stack corruption due to incorrect number of arguments in WebRTC code
  + CVE-2019-11745 Out of bounds write in NSS when encrypting with a block cipher
  + CVE-2019-17009 Updater temporary files accessible to unprivileged processes
  + CVE-2019-17010 Use-after-free when performing device orientation checks
  + CVE-2019-17005 Buffer overflow in plain text serializer
  + CVE-2019-17011 Use-after-free when retrieving a document in antitracking
  + CVE-2019-17012 Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.3
Back to top