Package firefox: Information

Source package: firefox
Version: 64.0-alt1
Build time:  Dec 26, 2018, 02:18 AM in the task #218259
Category: Networking/WWW
Report package bug
Gear: https://git.altlinux.org/gears/f/firefox.git?a=tree;hb=d3ad2e54f…
Home page: http://www.mozilla.org/projects/firefox/
License: MPL/GPL/LGPL
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Description: 
The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.
List of rpms provided by this srpm:
firefox (x86_64, i586, aarch64)
firefox-debuginfo (x86_64, i586, aarch64)
rpm-build-firefox (noarch)
Maintainer: Alexey Gladkov
List of contributors:
Alexey Gladkov
Ivan Zakharyaschev
Konstantin Lepikhov
    1. libX11-devel
    2. fontconfig-devel
    3. libcairo-devel
    4. /proc
    5. libhunspell-devel
    6. libXScrnSaver-devel
    7. /dev/shm
    8. libXcomposite-devel
    9. libXcursor-devel
    10. libXdamage-devel
    11. libjpeg-devel
    12. libXext-devel
    13. python3-base
    14. libXft-devel
    15. libXi-devel
    16. libpulseaudio-devel
    17. libcurl-devel
    18. libXt-devel
    19. libalsa-devel
    20. libdbus-devel
    21. libdbus-glib-devel
    22. libvpx-devel
    23. libevent-devel
    24. libwireless-devel
    25. libffi-devel
    26. rust >= 1.24.1
    27. rust-cargo >= 0.25.0
    28. libfreetype-devel
    29. libshell
    30. alternatives
    31. lld-devel
    32. libstartup-notification-devel
    33. llvm6.0-devel
    34. libstdc++-devel
    35. libgio-devel
    36. autoconf_2.13
    37. autoconf_2.13
    38. libnotify-devel
    39. rpm-build-mozilla.org
    40. pkgconfig(nspr) >= 4.20
    41. pkgconfig(nss) >= 3.40.0
    42. unzip
    43. rpm-macros-alternatives
    44. libnss-devel-static
    45. mozilla-common-devel
    46. browser-plugins-npapi-devel
    47. bzlib-devel
    48. chrpath
    49. xorg-cf-files
    50. clang6.0
    51. libgtk+2-devel
    52. node
    53. clang6.0-devel
    54. gst-plugins1.0-devel
    55. libgtk+3-devel
    56. gstreamer1.0-devel
    57. yasm
    58. zip
    59. libopus-devel
    60. zlib-devel
    61. python-module-distribute
    62. libpixman-devel
    63. python-module-pip
    64. libGL-devel
    65. python-modules-compiler
    66. python-modules-json
    67. libproxy-devel
    68. python-modules-logging
    69. python-modules-sqlite3

Last changed

Dec. 20, 2018 Alexey Gladkov 64.0-alt1
- New release (64.0).
- Fixed:
  + CVE-2018-12407: Buffer overflow with ANGLE library when using VertexBuffer11 module
  + CVE-2018-17466: Buffer overflow and out-of-bounds read in ANGLE library with TextureStorage11
  + CVE-2018-18492: Use-after-free with select element
  + CVE-2018-18493: Buffer overflow in accelerated 2D canvas with Skia
  + CVE-2018-18494: Same-origin policy violation using location attribute and performance.getEntries to steal cross-origin URLs
  + CVE-2018-18495: WebExtension content scripts can be loaded in about: pages
  + CVE-2018-18496: Embedded feed preview page can be abused for clickjacking
  + CVE-2018-18497: WebExtensions can load arbitrary URLs through pipe separators
  + CVE-2018-18498: Integer overflow when calculating buffer sizes for images
  + CVE-2018-12406: Memory safety bugs fixed in Firefox 64
  + CVE-2018-12405: Memory safety bugs fixed in Firefox 64 and Firefox ESR 60.4
Nov. 23, 2018 Alexey Gladkov 63.0.3-alt1
- New release (63.0.3).
Nov. 13, 2018 Alexey Gladkov 63.0.1-alt1
- New release (63.0.1).
- Fixed:
  + CVE-2018-12391: HTTP Live Stream audio data is accessible cross-origin
  + CVE-2018-12392: Crash with nested event loops
  + CVE-2018-12393: Integer overflow during Unicode conversion while loading JavaScript
  + CVE-2018-12395: WebExtension bypass of domain restrictions through header rewriting
  + CVE-2018-12396: WebExtension content scripts can execute in disallowed contexts
  + CVE-2018-12397: Missing warning prompt when WebExtension requests local file access
  + CVE-2018-12398: CSP bypass through stylesheet injection in resource URIs
  + CVE-2018-12399: Spoofing of protocol registration notification bar
  + CVE-2018-12400: Favicons are cached in private browsing mode on Firefox for Android
  + CVE-2018-12401: DOS attack through special resource URI parsing
  + CVE-2018-12402: SameSite cookies leak when pages are explicitly saved
  + CVE-2018-12403: Mixed content warning is not displayed when HTTPS page loads a favicon over HTTP
  + CVE-2018-12388: Memory safety bugs fixed in Firefox 63
  + CVE-2018-12390: Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.3
Back to top