Package firefox: Information
Default inline alert: Version in the repository: 118.0.2-alt0.p10.1
Source package: firefox
Version: 77.0.1-alt1
Build time: Jun 6, 2020, 01:33 AM in the task #252902
Category: Networking/WWW
Report package bugHome page: http://www.mozilla.org/projects/firefox/
License: MPL-2.0
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Description:
The Mozilla Firefox project is a redesign of Mozilla's browser component, written using the XUL user interface language and designed to be cross-platform.
List of rpms provided by this srpm:
firefox (x86_64, ppc64le, i586, aarch64)
firefox-config-privacy (noarch)
firefox-debuginfo (x86_64, ppc64le, i586, aarch64)
firefox-wayland (noarch)
rpm-build-firefox (noarch)
firefox (x86_64, ppc64le, i586, aarch64)
firefox-config-privacy (noarch)
firefox-debuginfo (x86_64, ppc64le, i586, aarch64)
firefox-wayland (noarch)
rpm-build-firefox (noarch)
Maintainer: Alexey Gladkov
Last changed
June 4, 2020 Alexey Gladkov 77.0.1-alt1
- New release (77.0.1). - Security fixes: + CVE-2020-12399: Timing attack on DSA signatures in NSS library + CVE-2020-12405: Use-after-free in SharedWorkerService + CVE-2020-12406: JavaScript type confusion with NativeTypes + CVE-2020-12407: WebRender leaking GPU memory when using border-image CSS directive + CVE-2020-12408: URL spoofing when using IP addresses + CVE-2020-12409: URL spoofing with unicode characters + CVE-2020-12410: Memory safety bugs fixed in Firefox 77 and Firefox ESR 68.9 + CVE-2020-12411: Memory safety bugs fixed in Firefox 77
May 8, 2020 Alexey Gladkov 76.0.1-alt1
- New release (76.0.1).
May 6, 2020 Alexey Gladkov 76.0-alt1
- New release (76.0). - Security fixes: + CVE-2020-12387: Use-after-free during worker shutdown + CVE-2020-12388: Sandbox escape with improperly guarded Access Tokens + CVE-2020-12389: Sandbox escape with improperly separated process types + CVE-2020-6831: Buffer overflow in SCTP chunk input validation + CVE-2020-12390: Incorrect serialization of nsIPrincipal.origin for IPv6 addresses + CVE-2020-12391: Content-Security-Policy bypass using object elements + CVE-2020-12392: Arbitrary local file access with 'Copy as cURL' + CVE-2020-12393: Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection + CVE-2020-12394: URL spoofing in location bar when unfocussed + CVE-2020-12395: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 + CVE-2020-12396: Memory safety bugs fixed in Firefox 76