Package firefox: Information

    Source package: firefox
    Version: 147.0.2-alt1
    Build time:  Feb 3, 2026, 09:33 PM in the task #406572
    Category: Networking/WWW
    Report package bug
    Gear: https://git.altlinux.org/gears/f/firefox.git?a=tree;hb=939c357ff…
    Home page: https://www.mozilla.org/firefox/
    VCS: https://github.com/mozilla-firefox/firefox
    License: MPL-2.0
    Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
    Description: 
    Mozilla Firefox is an open-source web browser, designed
for standards compliance, performance and portability.
    List of RPM packages built from this SRPM:
    firefox (x86_64, aarch64)
    firefox-config-privacy (x86_64, aarch64)
    firefox-debuginfo (x86_64, aarch64)
    Maintainer: Ajrat Makhmutov
    List of contributors:
    Ajrat Makhmutov
    Alexey Gladkov
    Sergey Bolshakov
    Gleb Fotengauer-Malinovskiy
    Ivan Zakharyaschev
    Konstantin Lepikhov
      1. /dev/shm
      2. /proc
      3. alternatives
      4. browser-plugins-npapi-devel
      5. cbindgen
      6. chrpath
      7. clang17.0
      8. clang17.0-devel
      9. glibc-kernheaders-generic
      10. gst-plugins1.0-devel
      11. gstreamer1.0-devel
      12. libnss-devel-static
      13. libshell
      14. libstdc++-devel
      15. libwireless-devel
      16. lld17.0-devel
      17. llvm17.0-devel
      18. mozilla-common-devel
      19. nasm
      20. node
      21. pkgconfig(alsa)
      22. pkgconfig(aom)
      23. pkgconfig(bzip2)
      24. pkgconfig(cairo)
      25. pkgconfig(dav1d)
      26. pkgconfig(dbus-1)
      27. pkgconfig(dbus-glib-1)
      28. pkgconfig(dri)
      29. pkgconfig(fontconfig)
      30. pkgconfig(freetype2)
      31. pkgconfig(gio-2.0)
      32. python3(hamcrest)
      33. pkgconfig(graphite2)
      34. pkgconfig(gtk+-3.0)
      35. python3(pip)
      36. pkgconfig(harfbuzz)
      37. pkgconfig(hunspell)
      38. pkgconfig(icu-i18n)
      39. pkgconfig(libcurl)
      40. python3(click)
      41. pkgconfig(libdrm)
      42. pkgconfig(libevent)
      43. pkgconfig(libffi)
      44. pkgconfig(libjpeg)
      45. pkgconfig(libnotify)
      46. pkgconfig(libproxy-1.0)
      47. pkgconfig(libpulse)
      48. pkgconfig(libstartup-notification-1.0)
      49. pkgconfig(nspr) >= 4.35
      50. pkgconfig(nss) >= 3.98
      51. pkgconfig(opus)
      52. pkgconfig(pixman-1)
      53. pkgconfig(vpx)
      54. pkgconfig(x11)
      55. pkgconfig(xcomposite)
      56. pkgconfig(xcursor)
      57. pkgconfig(xdamage)
      58. pkgconfig(xext)
      59. pkgconfig(xft)
      60. pkgconfig(xi)
      61. pkgconfig(xkbcommon)
      62. pkgconfig(xrandr)
      63. pkgconfig(xscrnsaver)
      64. pkgconfig(xt)
      65. pkgconfig(xtst)
      66. pkgconfig(zlib)
      67. python3(curses)
      68. python3(setuptools)
      69. rpm-macros-alternatives
      70. python3(sqlite3)
      71. python3-base
      72. rust >= 1.65.0
      73. rust-cargo >= 1.65.0
      74. unzip
      75. xorg-cf-files
      76. rpm-build-firefox
      77. yasm
      78. zip

    Last changed

    Jan. 28, 2026 Ajrat Makhmutov 147.0.2-alt1
    - New version (147.0.2).
- Fixes:
  + CVE-2026-24868: Mitigation bypass in the Privacy: Anti-Tracking component
  + CVE-2026-24869: Use-after-free in the Layout: Scrolling and Overflow component
    Jan. 17, 2026 Ajrat Makhmutov 147.0.1-alt1
    - New version (147.0.1).
    Jan. 15, 2026 Ajrat Makhmutov 147.0-alt1
    - New version (147.0).
- Fixes:
  + CVE-2026-0877: Mitigation bypass in the DOM: Security component
  + CVE-2026-0878: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component
  + CVE-2026-0879: Sandbox escape due to incorrect boundary conditions in the Graphics component
  + CVE-2026-0880: Sandbox escape due to integer overflow in the Graphics component
  + CVE-2026-0881: Sandbox escape in the Messaging System component
  + CVE-2026-0882: Use-after-free in the IPC component
  + CVE-2026-0883: Information disclosure in the Networking component
  + CVE-2026-0884: Use-after-free in the JavaScript Engine component
  + CVE-2026-0885: Use-after-free in the JavaScript: GC component
  + CVE-2026-0886: Incorrect boundary conditions in the Graphics component
  + CVE-2026-0887: Clickjacking issue, information disclosure in the PDF Viewer component
  + CVE-2026-0888: Information disclosure in the XML component
  + CVE-2026-0889: Denial-of-service in the DOM: Service Workers component
  + CVE-2026-0890: Spoofing issue in the DOM: Copy & Paste and Drag & Drop component
  + CVE-2026-0891: Memory safety bugs fixed in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147
  + CVE-2026-0892: Memory safety bugs fixed in Firefox 147 and Thunderbird 147
    VKontakte|Telegram|YouTube|Forum|ALT Linux Space|Bugzilla
    Version: v26.2.2
    Back to top