Package firefox: Information

    Source package: firefox
    Version: 141.0.2-alt0.p10.1
    Build time:  Oct 1, 2025, 09:17 PM in the task #391776
    Category: Networking/WWW
    Report package bug
    Gear: https://git.altlinux.org/gears/f/firefox.git?a=tree;hb=716a9cd6e…
    Home page: https://www.mozilla.org/firefox/
    VCS: https://github.com/mozilla-firefox/firefox
    License: MPL-2.0
    Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
    Description: 
    Mozilla Firefox is an open-source web browser, designed
for standards compliance, performance and portability.
    List of RPM packages built from this SRPM:
    firefox (x86_64, aarch64)
    firefox-config-privacy (x86_64, aarch64)
    firefox-debuginfo (x86_64, aarch64)
    Maintainer: Ajrat Makhmutov
    List of contributors:
    Ajrat Makhmutov
    Andrey Cherepanov
    Alexey Gladkov
    Sergey Bolshakov
    Gleb Fotengauer-Malinovskiy
    Ivan Zakharyaschev
    Konstantin Lepikhov
      1. /dev/shm
      2. pkgconfig(libcurl)
      3. pkgconfig(libdrm)
      4. pkgconfig(libevent)
      5. /proc
      6. pkgconfig(libffi)
      7. pkgconfig(libjpeg)
      8. pkgconfig(libnotify)
      9. pkgconfig(libproxy-1.0)
      10. pkgconfig(libpulse)
      11. pkgconfig(libstartup-notification-1.0)
      12. pkgconfig(nspr) >= 4.35
      13. pkgconfig(nss) >= 3.98
      14. pkgconfig(opus)
      15. alternatives
      16. pkgconfig(pixman-1)
      17. pkgconfig(vpx)
      18. pkgconfig(x11)
      19. browser-plugins-npapi-devel
      20. pkgconfig(xcomposite)
      21. pkgconfig(xcursor)
      22. pkgconfig(xdamage)
      23. pkgconfig(xext)
      24. pkgconfig(xft)
      25. pkgconfig(xi)
      26. pkgconfig(xkbcommon)
      27. pkgconfig(xrandr)
      28. pkgconfig(xscrnsaver)
      29. pkgconfig(xt)
      30. pkgconfig(xtst)
      31. pkgconfig(zlib)
      32. cbindgen
      33. python3(click)
      34. chrpath
      35. python3(curses)
      36. clang17.0
      37. clang17.0-devel
      38. python3(hamcrest)
      39. glibc-kernheaders-generic
      40. python3(pip)
      41. python3(setuptools)
      42. python3(sqlite3)
      43. gst-plugins1.0-devel
      44. gstreamer1.0-devel
      45. libnss-devel-static
      46. python3-base
      47. rpm-build-firefox
      48. libshell
      49. rpm-macros-alternatives
      50. libstdc++-devel
      51. rust >= 1.65.0
      52. rust-cargo >= 1.65.0
      53. libwireless-devel
      54. unzip
      55. xorg-cf-files
      56. yasm
      57. zip
      58. lld17.0-devel
      59. llvm17.0-devel
      60. mozilla-common-devel
      61. nasm
      62. node
      63. pkgconfig(alsa)
      64. pkgconfig(aom)
      65. pkgconfig(bzip2)
      66. pkgconfig(cairo)
      67. pkgconfig(dav1d)
      68. pkgconfig(dbus-1)
      69. pkgconfig(dbus-glib-1)
      70. pkgconfig(dri)
      71. pkgconfig(fontconfig)
      72. pkgconfig(freetype2)
      73. pkgconfig(gio-2.0)
      74. pkgconfig(graphite2)
      75. pkgconfig(gtk+-3.0)
      76. pkgconfig(harfbuzz)
      77. pkgconfig(hunspell)
      78. pkgconfig(icu-i18n)

    Last changed

    Aug. 6, 2025 Ajrat Makhmutov 141.0.2-alt0.p10.1
    - Backprort new version to p10 branch.
    Aug. 6, 2025 Ajrat Makhmutov 141.0.2-alt1
    - New version (141.0.2).
    July 29, 2025 Ajrat Makhmutov 141.0-alt1
    - New version (141.0).
- Fixes:
  + CVE-2025-8027: JavaScript engine only wrote partial return value to stack
  + CVE-2025-8028: Large branch table could lead to truncated instruction
  + CVE-2025-8041: Incorrect URL truncation in Firefox for Android
  + CVE-2025-8042: Sandboxed iframe could start downloads
  + CVE-2025-8029: javascript: URLs executed on object and embed tags
  + CVE-2025-8036: DNS rebinding circumvents CORS
  + CVE-2025-8037: Nameless cookies shadow secure cookies
  + CVE-2025-8030: Potential user-assisted code execution in "Copy as cURL" command
  + CVE-2025-8043: Incorrect URL truncation
  + CVE-2025-8031: Incorrect URL stripping in CSP reports
  + CVE-2025-8032: XSLT documents could bypass CSP
  + CVE-2025-8038: CSP frame-src was not correctly enforced for paths
  + CVE-2025-8039: Search terms persisted in URL bar
  + CVE-2025-8033: Incorrect JavaScript state machine for generators
  + CVE-2025-8044: Memory safety bugs fixed in Firefox 141 and Thunderbird 141
  + CVE-2025-8034: Memory safety bugs fixed in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141
  + CVE-2025-8040: Memory safety bugs fixed in Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141
  + CVE-2025-8035: Memory safety bugs fixed in Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141
    VKontakte|Telegram|YouTube|Forum|ALT Linux Space|Bugzilla
    Version: v26.2.2
    Back to top