Package firefox: Information

    Source package: firefox
    Version: 141.0.2-alt0.p10.1
    Build time:  Oct 1, 2025, 09:17 PM in the task #391776
    Category: Networking/WWW
    Report package bug
    Gear: https://git.altlinux.org/gears/f/firefox.git?a=tree;hb=716a9cd6e…
    Home page: https://www.mozilla.org/firefox/
    VCS: https://github.com/mozilla-firefox/firefox
    License: MPL-2.0
    Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
    Description: 
    Mozilla Firefox is an open-source web browser, designed
for standards compliance, performance and portability.
    List of RPM packages built from this SRPM:
    firefox (x86_64, aarch64)
    firefox-config-privacy (x86_64, aarch64)
    firefox-debuginfo (x86_64, aarch64)
    Maintainer: Ajrat Makhmutov
    List of contributors:
    Ajrat Makhmutov
    Andrey Cherepanov
    Alexey Gladkov
    Sergey Bolshakov
    Gleb Fotengauer-Malinovskiy
    Ivan Zakharyaschev
    Konstantin Lepikhov
      1. /dev/shm
      2. /proc
      3. alternatives
      4. browser-plugins-npapi-devel
      5. cbindgen
      6. chrpath
      7. clang17.0
      8. clang17.0-devel
      9. glibc-kernheaders-generic
      10. gst-plugins1.0-devel
      11. gstreamer1.0-devel
      12. python3(pip)
      13. python3(setuptools)
      14. python3(sqlite3)
      15. python3-base
      16. rpm-build-firefox
      17. rpm-macros-alternatives
      18. rust >= 1.65.0
      19. rust-cargo >= 1.65.0
      20. unzip
      21. libnss-devel-static
      22. xorg-cf-files
      23. yasm
      24. zip
      25. libshell
      26. libstdc++-devel
      27. libwireless-devel
      28. lld17.0-devel
      29. pkgconfig(alsa)
      30. pkgconfig(aom)
      31. pkgconfig(bzip2)
      32. pkgconfig(cairo)
      33. pkgconfig(dav1d)
      34. pkgconfig(dbus-1)
      35. pkgconfig(dbus-glib-1)
      36. pkgconfig(dri)
      37. llvm17.0-devel
      38. pkgconfig(fontconfig)
      39. pkgconfig(freetype2)
      40. pkgconfig(gio-2.0)
      41. nasm
      42. pkgconfig(graphite2)
      43. pkgconfig(gtk+-3.0)
      44. python3(click)
      45. pkgconfig(harfbuzz)
      46. pkgconfig(hunspell)
      47. pkgconfig(icu-i18n)
      48. node
      49. pkgconfig(libcurl)
      50. pkgconfig(libdrm)
      51. pkgconfig(libevent)
      52. pkgconfig(libffi)
      53. pkgconfig(libjpeg)
      54. pkgconfig(libnotify)
      55. pkgconfig(libproxy-1.0)
      56. pkgconfig(libpulse)
      57. pkgconfig(libstartup-notification-1.0)
      58. mozilla-common-devel
      59. pkgconfig(nspr) >= 4.35
      60. pkgconfig(nss) >= 3.98
      61. pkgconfig(opus)
      62. python3(hamcrest)
      63. pkgconfig(pixman-1)
      64. python3(curses)
      65. pkgconfig(vpx)
      66. pkgconfig(x11)
      67. pkgconfig(xcomposite)
      68. pkgconfig(xcursor)
      69. pkgconfig(xdamage)
      70. pkgconfig(xext)
      71. pkgconfig(xft)
      72. pkgconfig(xi)
      73. pkgconfig(xkbcommon)
      74. pkgconfig(xrandr)
      75. pkgconfig(xscrnsaver)
      76. pkgconfig(xt)
      77. pkgconfig(xtst)
      78. pkgconfig(zlib)

    Last changed

    Aug. 6, 2025 Ajrat Makhmutov 141.0.2-alt0.p10.1
    - Backprort new version to p10 branch.
    Aug. 6, 2025 Ajrat Makhmutov 141.0.2-alt1
    - New version (141.0.2).
    July 29, 2025 Ajrat Makhmutov 141.0-alt1
    - New version (141.0).
- Fixes:
  + CVE-2025-8027: JavaScript engine only wrote partial return value to stack
  + CVE-2025-8028: Large branch table could lead to truncated instruction
  + CVE-2025-8041: Incorrect URL truncation in Firefox for Android
  + CVE-2025-8042: Sandboxed iframe could start downloads
  + CVE-2025-8029: javascript: URLs executed on object and embed tags
  + CVE-2025-8036: DNS rebinding circumvents CORS
  + CVE-2025-8037: Nameless cookies shadow secure cookies
  + CVE-2025-8030: Potential user-assisted code execution in "Copy as cURL" command
  + CVE-2025-8043: Incorrect URL truncation
  + CVE-2025-8031: Incorrect URL stripping in CSP reports
  + CVE-2025-8032: XSLT documents could bypass CSP
  + CVE-2025-8038: CSP frame-src was not correctly enforced for paths
  + CVE-2025-8039: Search terms persisted in URL bar
  + CVE-2025-8033: Incorrect JavaScript state machine for generators
  + CVE-2025-8044: Memory safety bugs fixed in Firefox 141 and Thunderbird 141
  + CVE-2025-8034: Memory safety bugs fixed in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141
  + CVE-2025-8040: Memory safety bugs fixed in Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141
  + CVE-2025-8035: Memory safety bugs fixed in Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141
    VKontakte|Telegram|YouTube|Forum|ALT Linux Space|Bugzilla
    Version: v26.2.2
    Back to top