Package firefox: Information
Default inline alert: Version in the repository: 118.0.2-alt0.p10.1
Source package: firefox
Version: 62.0.3-alt1
Build time: Oct 5, 2018, 06:15 PM in the task #214118
Category: Networking/WWW
Report package bugHome page: http://www.mozilla.org/projects/firefox/
License: MPL/GPL/LGPL
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Description:
The Mozilla Firefox project is a redesign of Mozilla's browser component, written using the XUL user interface language and designed to be cross-platform.
List of rpms provided by this srpm:
firefox (x86_64, i586, aarch64)
firefox-debuginfo (x86_64, i586, aarch64)
rpm-build-firefox (noarch)
firefox (x86_64, i586, aarch64)
firefox-debuginfo (x86_64, i586, aarch64)
rpm-build-firefox (noarch)
Maintainer: Alexey Gladkov
Last changed
Oct. 4, 2018 Alexey Gladkov 62.0.3-alt1
- New release (62.0.3). + CVE-2018-12386: Type confusion in JavaScript + CVE-2018-12387: A vulnerability where the JavaScript JIT compiler + CVE-2018-12385: Crash in TransportSecurityInfo due to cached data + CVE-2018-12377: Use-after-free in refresh driver timers + CVE-2018-12378: Use-after-free in IndexedDB + CVE-2018-12379: Out-of-bounds write with malicious MAR file + CVE-2017-16541: Proxy bypass using automount and autofs + CVE-2018-12381: Dragging and dropping Outlook email message results in page navigation + CVE-2018-12382: Addressbar spoofing with javascript URI on Firefox for Android + CVE-2018-12383: Setting a master password post-Firefox 58 does not delete unencrypted previously stored passwords + CVE-2018-12375: Memory safety bugs fixed in Firefox 62 + CVE-2018-12376: Memory safety bugs fixed in Firefox 62 and Firefox ESR 60.2
July 6, 2018 Alexey Gladkov 61.0.1-alt1
- New release (61.0.1).
July 2, 2018 Alexey Gladkov 61.0-alt1
- New release (61.0). - Fixed: + CVE-2018-12359: Buffer overflow using computed size of canvas element + CVE-2018-12360: Use-after-free when using focus() + CVE-2018-12361: Integer overflow in SwizzleData + CVE-2018-12358: Same-origin bypass using service worker and redirection + CVE-2018-12362: Integer overflow in SSSE3 scaler + CVE-2018-5156: Media recorder segmentation fault when track type is changed during capture + CVE-2018-12363: Use-after-free when appending DOM nodes + CVE-2018-12364: CSRF attacks through 307 redirects and NPAPI plugins + CVE-2018-12365: Compromised IPC child process can list local filenames + CVE-2018-12371: Integer overflow in Skia library during edge builder allocation + CVE-2018-12366: Invalid data handling during QCMS transformations + CVE-2018-12367: Timing attack mitigation of PerformanceNavigationTiming + CVE-2018-12368: No warning when opening executable SettingContent-ms files + CVE-2018-12369: WebExtension security permission checks bypassed by embedded experiments + CVE-2018-12370: SameSite cookie protections bypassed when exiting Reader View + CVE-2018-5186: Memory safety bugs fixed in Firefox 61 + CVE-2018-5187: Memory safety bugs fixed in Firefox 60 and Firefox ESR 60.1 + CVE-2018-5188: Memory safety bugs fixed in Firefox 60, Firefox ESR 60.1, and Firefox ESR 52.9