Package firefox: Information

Source package: firefox
Version: 68.0-alt1
Build time:  Jul 17, 2019, 04:25 PM in the task #234573
Category: Networking/WWW
Report package bug
Gear: https://git.altlinux.org/gears/f/firefox.git?a=tree;hb=f7d73eb54…
Home page: http://www.mozilla.org/projects/firefox/
License: MPL/GPL/LGPL
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Description: 
The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.
List of rpms provided by this srpm:
firefox (x86_64, ppc64le, i586, aarch64)
firefox-debuginfo (x86_64, ppc64le, i586, aarch64)
firefox-wayland (noarch)
rpm-build-firefox (noarch)
Maintainer: Alexey Gladkov
List of contributors:
Alexey Gladkov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
Konstantin Lepikhov
    1. libvpx5-devel
    2. libcurl-devel
    3. libdbus-devel
    4. python3-base
    5. libdbus-glib-devel
    6. /dev/shm
    7. alternatives
    8. libwireless-devel
    9. libshell
    10. libevent-devel
    11. autoconf_2.13
    12. autoconf_2.13
    13. libffi-devel
    14. libxkbcommon-devel
    15. libfreetype-devel
    16. libstartup-notification-devel
    17. libstdc++-devel
    18. /proc
    19. rust >= 1.35.0
    20. browser-plugins-npapi-devel
    21. rust-cargo >= 1.35.0
    22. bzlib-devel
    23. chrpath
    24. clang7.0
    25. clang7.0-devel
    26. pkgconfig(nspr) >= 4.21
    27. pkgconfig(nss) >= 3.45.0
    28. libnotify-devel
    29. libnss-devel-static
    30. lld-devel
    31. libGL-devel
    32. llvm7.0-devel
    33. libgio-devel
    34. rpm-build-mozilla.org
    35. gst-plugins1.0-devel
    36. gstreamer1.0-devel
    37. libopus-devel
    38. rpm-macros-alternatives
    39. python-module-distribute
    40. fontconfig-devel
    41. python-module-pip
    42. libX11-devel
    43. unzip
    44. libXScrnSaver-devel
    45. libXcomposite-devel
    46. python-modules-compiler
    47. libXcursor-devel
    48. python-modules-json
    49. libXdamage-devel
    50. libpixman-devel
    51. python-modules-logging
    52. python-modules-sqlite3
    53. libXext-devel
    54. libXft-devel
    55. libXi-devel
    56. mozilla-common-devel
    57. libXt-devel
    58. libcairo-devel
    59. libalsa-devel
    60. libgtk+2-devel
    61. xorg-cf-files
    62. libgtk+3-devel
    63. libproxy-devel
    64. libhunspell-devel
    65. nasm
    66. yasm
    67. libjpeg-devel
    68. node
    69. libpulseaudio-devel
    70. zip
    71. zlib-devel

Last changed

July 11, 2019 Alexey Gladkov 68.0-alt1
- New release (68.0).
- Fixed:
  + CVE-2019-9811: Sandbox escape via installation of malicious language pack
  + CVE-2019-11711: Script injection within domain through inner window reuse
  + CVE-2019-11712: Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects
  + CVE-2019-11713: Use-after-free with HTTP/2 cached stream
  + CVE-2019-11714: NeckoChild can trigger crash when accessed off of main thread
  + CVE-2019-11729: Empty or malformed p256-ECDH public keys may trigger a segmentation fault
  + CVE-2019-11715: HTML parsing error can contribute to content XSS
  + CVE-2019-11716: globalThis not enumerable until accessed
  + CVE-2019-11717: Caret character improperly escaped in origins
  + CVE-2019-11718: Activity Stream writes unsanitized content to innerHTML
  + CVE-2019-11719: Out-of-bounds read when importing curve25519 private key
  + CVE-2019-11720: Character encoding XSS vulnerability
  + CVE-2019-11721: Domain spoofing through unicode latin 'kra' character
  + CVE-2019-11730: Same-origin policy treats all files in a directory as having the same-origin
  + CVE-2019-11723: Cookie leakage during add-on fetching across private browsing boundaries
  + CVE-2019-11724: Retired site input.mozilla.org has remote troubleshooting permissions
  + CVE-2019-11725: Websocket resources bypass safebrowsing protections
  + CVE-2019-11727: PKCS#1 v1.5 signatures can be used for TLS 1.3
  + CVE-2019-11728: Port scanning through Alt-Svc header
  + CVE-2019-11710: Memory safety bugs fixed in Firefox 68
  + CVE-2019-11709: Memory safety bugs fixed in Firefox 68 and Firefox ESR 60.8
July 1, 2019 Gleb Fotengauer-Malinovskiy 67.0.4-alt2
- Added ppc64le support.
- spec: cleaned up rpm-build internal macros.
June 21, 2019 Alexey Gladkov 67.0.4-alt1
- New release (67.0.4).
- Fixed:
 + CVE-2019-11708: sandbox escape using Prompt:Open
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.0
Back to top