Package firefox: Information
Default inline alert: Version in the repository: 118.0.2-alt0.p10.1
Source package: firefox
Version: 64.0-alt1
Build time: Dec 26, 2018, 02:18 AM in the task #218259
Category: Networking/WWW
Report package bugHome page: http://www.mozilla.org/projects/firefox/
License: MPL/GPL/LGPL
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Description:
The Mozilla Firefox project is a redesign of Mozilla's browser component, written using the XUL user interface language and designed to be cross-platform.
List of rpms provided by this srpm:
firefox (x86_64, i586, aarch64)
firefox-debuginfo (x86_64, i586, aarch64)
rpm-build-firefox (noarch)
firefox (x86_64, i586, aarch64)
firefox-debuginfo (x86_64, i586, aarch64)
rpm-build-firefox (noarch)
Maintainer: Alexey Gladkov
Last changed
Dec. 20, 2018 Alexey Gladkov 64.0-alt1
- New release (64.0). - Fixed: + CVE-2018-12407: Buffer overflow with ANGLE library when using VertexBuffer11 module + CVE-2018-17466: Buffer overflow and out-of-bounds read in ANGLE library with TextureStorage11 + CVE-2018-18492: Use-after-free with select element + CVE-2018-18493: Buffer overflow in accelerated 2D canvas with Skia + CVE-2018-18494: Same-origin policy violation using location attribute and performance.getEntries to steal cross-origin URLs + CVE-2018-18495: WebExtension content scripts can be loaded in about: pages + CVE-2018-18496: Embedded feed preview page can be abused for clickjacking + CVE-2018-18497: WebExtensions can load arbitrary URLs through pipe separators + CVE-2018-18498: Integer overflow when calculating buffer sizes for images + CVE-2018-12406: Memory safety bugs fixed in Firefox 64 + CVE-2018-12405: Memory safety bugs fixed in Firefox 64 and Firefox ESR 60.4
Nov. 23, 2018 Alexey Gladkov 63.0.3-alt1
- New release (63.0.3).
Nov. 13, 2018 Alexey Gladkov 63.0.1-alt1
- New release (63.0.1). - Fixed: + CVE-2018-12391: HTTP Live Stream audio data is accessible cross-origin + CVE-2018-12392: Crash with nested event loops + CVE-2018-12393: Integer overflow during Unicode conversion while loading JavaScript + CVE-2018-12395: WebExtension bypass of domain restrictions through header rewriting + CVE-2018-12396: WebExtension content scripts can execute in disallowed contexts + CVE-2018-12397: Missing warning prompt when WebExtension requests local file access + CVE-2018-12398: CSP bypass through stylesheet injection in resource URIs + CVE-2018-12399: Spoofing of protocol registration notification bar + CVE-2018-12400: Favicons are cached in private browsing mode on Firefox for Android + CVE-2018-12401: DOS attack through special resource URI parsing + CVE-2018-12402: SameSite cookies leak when pages are explicitly saved + CVE-2018-12403: Mixed content warning is not displayed when HTTPS page loads a favicon over HTTP + CVE-2018-12388: Memory safety bugs fixed in Firefox 63 + CVE-2018-12390: Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3