ALT repositories
Last updated at Sat, 06 Jun 2020 00:52:42 +0000 | SRPMs: 9547
en ru
SRPMs in branches
hide window
  • 51.0.1-alt0.M80P.1
  • 68.0.1-alt0.M80P.1
  • 60.8.0-alt0.M70C.1
  • 45.9.0-alt0.M70P.1
  • 45.9.0-alt0.M70P.1
  • 10.0.2-alt1.M60C.1
  • 17.0.11-alt0.M60P.1
  • 17.0.11-alt0.M60P.1
  • 10.0.12-alt0.M50P.1
Group :: Networking/WWW
Source RPM: firefox

2013-01-21 Andrey Cherepanov 10.0.12-alt0.M50P.1

    - New version 10.0.12 (ALT #28384)
        

2012-09-15 Andrey Cherepanov 10.0.7-alt0.M50P.2

    - Rebuild with old libpixman
        

2012-09-12 Andrey Cherepanov 10.0.7-alt0.M60P.1

    - New ESR version 10.0.7
    - Fixed:
      + MFSA 2012-72 Web console eval capable of executing chrome-privileged code
      + MFSA 2012-70 Location object security checks bypassed by chrome code
      + MFSA 2012-69 Incorrect site SSL certificate data display
      + MFSA 2012-67 Installer will launch incorrect executable following new installation
      + MFSA 2012-65 Out-of-bounds read in format-number in XSLT
      + MFSA 2012-63 SVG buffer overflow and use-after-free issues
      + MFSA 2012-62 WebGL use-after-free and memory corruption
      + MFSA 2012-61 Memory corruption with bitmap format images with negative height
      + MFSA 2012-58 Use-after-free issues found using Address Sanitizer
      + MFSA 2012-57 Miscellaneous memory safety hazards (rv:15.0/ rv:10.0.7)
        

2012-09-12 Andrey Cherepanov 10.0.7-alt0.M50P.1

    - New ESR version 10.0.7
        

2012-08-19 Andrey Cherepanov 10.0.6-alt0.M60P.1

    - New ESR version 10.0.6
    - Fixed:
      + MFSA 2012-56 Code execution through javascript: URLs
      + MFSA 2012-55 feed: URLs with an innerURI inherit security context of page
      + MFSA 2012-54 Clickjacking of certificate warning page
      + MFSA 2012-53 Content Security Policy 1.0 implementation errors cause data leakage
      + MFSA 2012-52 JSDependentString::undepend string conversion results in memory corruption
      + MFSA 2012-51 X-Frame-Options header ignored when duplicated
      + MFSA 2012-49 Same-compartment Security Wrappers can be bypassed
      + MFSA 2012-48 use-after-free in nsGlobalWindow::PageHidden
      + MFSA 2012-47 Improper filtering of javascript in HTML feed-view
      + MFSA 2012-46 XSS through data: URLs
      + MFSA 2012-45 Spoofing issue with location
      + MFSA 2012-44 Gecko memory corruption
      + MFSA 2012-43 Incorrect URL displayed in addressbar through drag and drop
      + MFSA 2012-42 Miscellaneous memory safety hazards (rv:14.0/ rv:10.0.6)
        

2012-06-21 Andrey Cherepanov 10.0.5-alt0.M60P.1

    - New ESR version 10.0.5
    - Fixed:
      + MFSA 2012-40 Buffer overflow and use-after-free issues found using Address Sanitizer
      + MFSA 2012-39 NSS parsing errors with zero length items
      + MFSA 2012-38 Use-after-free while replacing/inserting a node in a document
      + MFSA 2012-37 Information disclosure though Windows file shares and shortcut files
      + MFSA 2012-36 Content Security Policy inline-script bypass
      + MFSA 2012-34 Miscellaneous memory safety hazards
        

2012-04-24 Andrey Cherepanov 10.0.3-alt0.M60P.1

    - Version 10.0.3 with security fixes
        

2012-03-01 Andrey Cherepanov 10.0.2-alt0.M60P.1

    - Backport to p6 branch (new version with security fixes)
    - Fixed:
      + MFSA 2012-11 libpng integer overflow
      + MFSA 2012-10 use after free in nsXBLDocumentInfo::ReadPrototypeBindings
      + MFSA 2012-09 Firefox Recovery Key.html is saved with unsafe permission
      + MFSA 2012-08 Crash with malformed embedded XSLT stylesheets
      + MFSA 2012-07 Potential Memory Corruption When Decoding Ogg Vorbis files
      + MFSA 2012-06 Uninitialized memory appended when encoding icon images may cause information disclosure
      + MFSA 2012-05 Frame scripts calling into untrusted objects bypass security checks
      + MFSA 2012-04 Child nodes from nsDOMAttribute still accessible after removal of nodes
      + MFSA 2012-03 <iframe> element exposed across domains via name attribute
      + MFSA 2012-01 Miscellaneous memory safety hazards (rv:10.0/ rv:1.9.2.26)
        

2012-02-21 Alexey Gladkov 10.0.2-alt1

    - New releaee (10.0.2).
    - Fixed:
      + MFSA 2012-11 libpng integer overflow
      + MFSA 2012-10 use after free in nsXBLDocumentInfo::ReadPrototypeBindings
      + MFSA 2012-09 Firefox Recovery Key.html is saved with unsafe permission
      + MFSA 2012-08 Crash with malformed embedded XSLT stylesheets
      + MFSA 2012-07 Potential Memory Corruption When Decoding Ogg Vorbis files
      + MFSA 2012-06 Uninitialized memory appended when encoding icon images may cause information disclosure
      + MFSA 2012-05 Frame scripts calling into untrusted objects bypass security checks
      + MFSA 2012-04 Child nodes from nsDOMAttribute still accessible after removal of nodes
      + MFSA 2012-03 <iframe> element exposed across domains via name attribute
      + MFSA 2012-01 Miscellaneous memory safety hazards (rv:10.0/ rv:1.9.2.26)
        

2012-01-23 Andrey Cherepanov 9.0.1-alt0.M60P.1

    - Backport to p6 branch (new version with security fixes)
        

2012-01-09 Alexey Gladkov 9.0.1-alt1

    - New releaee (9.0.1).
    - Check default browser (ALT#26195).
    - Change location for noarch extensions (ALT#26702).
    - Add translation for summary and description (ALT#22789).
    - Fixed:
      + MFSA 2011-58 Crash scaling <video> to extreme sizes
      + MFSA 2011-57 Crash when plugin removes itself on Mac OS X
      + MFSA 2011-56 Key detection without JavaScript via SVG animation
      + MFSA 2011-55 nsSVGValue out-of-bounds access
      + MFSA 2011-54 Potentially exploitable crash in the YARR regular expression library
      + MFSA 2011-53 Miscellaneous memory safety hazards (rv:9.0)
        

2011-12-12 Andrey Cherepanov 8.0-alt0.M60P.2

    - Allow third-party extensions by default
        

2011-12-08 Andrey Cherepanov 8.0-alt0.M60P.1

    - Backport to p6 branch (new version with security fixes)
        

2011-11-14 Alexey Gladkov 8.0-alt1

    - New release (8.0).
    - Fixed:
      + MFSA 2011-52 Code execution via NoWaiverWrapper
      + MFSA 2011-51 Cross-origin image theft on Mac with integrated Intel GPU
      + MFSA 2011-50 Cross-origin data theft using canvas and Windows D2D
      + MFSA 2011-49 Memory corruption while profiling using Firebug
      + MFSA 2011-48 Miscellaneous memory safety hazards (rv:8.0)
      + MFSA 2011-47 Potential XSS against sites using Shift-JIS
        

2011-10-27 Andrey Cherepanov 7.0.1-alt1.M60P.1

    - Backport to p6 branch (new version with security fixes)
        

2011-10-19 Alexey Gladkov 7.0.1-alt2

    - Drop depends for extensions.
        

2011-10-06 Alexey Gladkov 7.0.1-alt1

    - New release (7.0.1).
    - Fixed:
      + MFSA 2011-45 Inferring Keystrokes from motion data
      + MFSA 2011-44 Use after free reading OGG headers
      + MFSA 2011-43 loadSubScript unwraps XPCNativeWrapper scope parameter
      + MFSA 2011-42 Potentially exploitable crash in the YARR regular expression library
      + MFSA 2011-41 Potentially exploitable WebGL crashes
      + MFSA 2011-40 Code installation through holding down Enter
      + MFSA 2011-39 Defense against multiple Location headers due to CRLF Injection
      + MFSA 2011-36 Miscellaneous memory safety hazards (rv:7.0 / rv:1.9.2.23)
        

2011-09-06 Alexey Gladkov 6.0.2-alt1

    - New release (6.0.2).
        

2011-09-06 Alexey Gladkov 6.0.1-alt1

    - New release (6.0.1).
    - Fixed:
      + MFSA 2011-34 Protection against fraudulent DigiNotar certificates
        

2011-08-22 Alexey Gladkov 6.0-alt1

    - New release (6.0).
    - Add Conflict to firefox-settings-desktop (ALT#25473).
    - Fixed:
      + MFSA 2011-29 Security issues addressed in Firefox6.
        

2011-07-13 Alexey Gladkov 5.0.1-alt1

    - New release (5.0.1).
    - Fixed:
      + MFSA 2011-28 Non-whitelisted site can trigger xpinstall
      + MFSA 2011-27 XSS encoding hazard with inline SVG
      + MFSA 2011-26 Multiple WebGL crashes
      + MFSA 2011-25 Stealing of cross-domain images using WebGL textures
      + MFSA 2011-22 Integer overflow and arbitrary code execution in Array.reduceRight()
      + MFSA 2011-21 Memory corruption due to multipart/x-mixed-replace images
      + MFSA 2011-20 Use-after-free vulnerability when viewing XUL document with script disabled
      + MFSA 2011-19 Miscellaneous memory safety hazards (rv:3.0/1.9.2.18)
        

2011-05-02 Alexey Gladkov 4.0.1-alt1

    - New release (4.0.1).
    - Update desktop file (ALT#25530).
    - Fixed:
      + MFSA 2011-18 XSLT generate-id() function heap address leak
      + MFSA 2011-17 WebGLES vulnerabilities
      + MFSA 2011-12 Miscellaneous memory safety hazards (rv:2.0.1/ 1.9.2.17/ 1.9.1.19)
        

2011-04-22 Alexey Gladkov 4.0-alt3

    - Set some settings in Firefox to default values (ALT#22148).
        

2011-04-19 Alexey Gladkov 4.0-alt2

    - Fix plugins path.
    - Fix alternatives for /usr/bin/xbrowser.
        

2011-04-01 Alexey Gladkov 4.0-alt1

    - New release (4.0).
    - Remove alternatives for configuration.
        

2011-03-08 Alexey Gladkov 3.6.15-alt1.20110308

    - New release (3.6.15).
    - Fixed:
      + MFSA 2011-10 CSRF risk with plugins and 307 redirects
      + MFSA 2011-09 Crash caused by corrupted JPEG image
      + MFSA 2011-08 ParanoidFragmentSink allows javascript: URLs in chrome documents
      + MFSA 2011-07 Memory corruption during text run construction (Windows)
      + MFSA 2011-06 Use-after-free error using Web Workers
      + MFSA 2011-05 Buffer overflow in JavaScript atom map
      + MFSA 2011-04 Buffer overflow in JavaScript upvarMap
      + MFSA 2011-03 Use-after-free error in JSON.stringify
      + MFSA 2011-02 Recursive eval call causes confirm dialogs to evaluate to true
      + MFSA 2011-01 Miscellaneous memory safety hazards (rv:1.9.2.14/ 1.9.1.17)
        

2010-12-22 Alexey Gladkov 3.6.13-alt1.20101222

    - New release (3.6.13).
    - Fixed:
      + MFSA 2010-84 XSS hazard in multiple character encodings
      + MFSA 2010-83 Location bar SSL spoofing using network error page
      + MFSA 2010-82 Incomplete fix for CVE-2010-0179
      + MFSA 2010-81 Integer overflow vulnerability in NewIdArray
      + MFSA 2010-80 Use-after-free error with nsDOMAttribute MutationObserver
      + MFSA 2010-79 Java security bypass from LiveConnect loaded via data: URL meta refresh
      + MFSA 2010-78 Add support for OTS font sanitizer
      + MFSA 2010-77 Crash and remote code execution using HTML tags inside a XUL tree
      + MFSA 2010-76 Chrome privilege escalation with window.open and <isindex> element
      + MFSA 2010-75 Buffer overflow while line breaking after document.write with long string
      + MFSA 2010-74 Miscellaneous memory safety hazards (rv:1.9.2.13/ 1.9.1.16)
        

2010-11-14 Alexey Gladkov 3.6.13-alt1.20101110

    - New release (3.6.12).
    - Fixed:
      + MFSA 2010-73 Heap buffer overflow mixing document.write and DOM insertion
        

2010-10-26 Alexey Gladkov 3.6.12-alt1.20101025

    - New release (3.6.11).
    - Fixed:
      + MFSA 2010-72 Insecure Diffie-Hellman key exchange
      + MFSA 2010-71 Unsafe library loading vulnerabilities
      + MFSA 2010-70 SSL wildcard certificate matching IP addresses
      + MFSA 2010-69 Cross-site information disclosure via modal calls
      + MFSA 2010-68 XSS in gopher parser when parsing hrefs
      + MFSA 2010-67 Dangling pointer vulnerability in LookupGetterOrSetter
      + MFSA 2010-66 Use-after-free error in nsBarProp
      + MFSA 2010-65 Buffer overflow and memory corruption using document.write
      + MFSA 2010-64 Miscellaneous memory safety hazards (rv:1.9.2.11/ 1.9.1.14)
        

2010-09-21 Alexey Gladkov 3.6.11-alt1.20100920

    - New release (3.6.10).
        

2010-09-12 Alexey Gladkov 3.6.10-alt1.20100909

    - New release (3.6.9).
    - Fixed:
      + MFSA 2010-63 Information leak via XMLHttpRequest statusText
      + MFSA 2010-62 Copy-and-paste or drag-and-drop into designMode document allows XSS
      + MFSA 2010-61 UTF-7 XSS by overriding document charset using <object> type attribute
      + MFSA 2010-59 SJOW creates scope chains ending in outer object
      + MFSA 2010-58 Crash on Mac using fuzzed font in data: URL
      + MFSA 2010-57 Crash and remote code execution in normalizeDocument
      + MFSA 2010-56 Dangling pointer vulnerability in nsTreeContentView
      + MFSA 2010-55 XUL tree removal crash and remote code execution
      + MFSA 2010-54 Dangling pointer vulnerability in nsTreeSelection
      + MFSA 2010-53 Heap buffer overflow in nsTextFrameUtils::TransformText
      + MFSA 2010-52 Windows XP DLL loading vulnerability
      + MFSA 2010-51 Dangling pointer vulnerability using DOM plugin array
      + MFSA 2010-50 Frameset integer overflow vulnerability
      + MFSA 2010-49 Miscellaneous memory safety hazards (rv:1.9.2.9/ 1.9.1.12)
        

2010-07-29 Alexey Gladkov 3.6.9-alt1.20100725

    - New release (3.6.8).
    - Fixed:
      + MFSA 2010-48 Dangling pointer crash regression from plugin parameter array fix
      + MFSA 2010-47 Cross-origin data leakage from script filename in error messages
      + MFSA 2010-46 Cross-domain data theft using CSS
      + MFSA 2010-45 Multiple location bar spoofing vulnerabilities
      + MFSA 2010-44 Characters mapped to U+FFFD in 8 bit encodings cause subsequent character to vanish
      + MFSA 2010-43 Same-origin bypass using canvas context
      + MFSA 2010-42 Cross-origin data disclosure via Web Workers and importScripts
      + MFSA 2010-41 Remote code execution using malformed PNG image
      + MFSA 2010-40 nsTreeSelection dangling pointer remote code execution vulnerability
      + MFSA 2010-39 nsCSSValue::Array index integer overflow
      + MFSA 2010-38 Arbitrary code execution using SJOW and fast native function
      + MFSA 2010-37 Plugin parameter EnsureCachedAttrParamArrays remote code execution vulnerability
      + MFSA 2010-36 Use-after-free error in NodeIterator
      + MFSA 2010-35 DOM attribute cloning remote code execution vulnerability
      + MFSA 2010-34 Miscellaneous memory safety hazards (rv:1.9.2.7/ 1.9.1.11)
        

2010-06-27 Alexey Gladkov 3.6.6-alt1.20100626

    - New release (3.6.6).
    - Fixed:
      + MFSA 2010-33 User tracking across sites using Math.random()
      + MFSA 2010-32 Content-Disposition: attachment ignored if Content-Type: multipart also present
      + MFSA 2010-31 focus() behavior can be used to inject or steal keystrokes
      + MFSA 2010-30 Integer Overflow in XSLT Node Sorting
      + MFSA 2010-29 Heap buffer overflow in nsGenericDOMDataNode::SetTextInternal
      + MFSA 2010-28 Freed object reuse across plugin instances
      + MFSA 2010-26 Crashes with evidence of memory corruption (rv:1.9.2.4/ 1.9.1.10)
        

2010-04-05 Alexey Gladkov 3.6.3-alt1.20100404

    - New release (3.6.3).
    - Fixed:
      + MFSA 2009-25 Re-use of freed object due to scope confusion
        

2010-03-29 Alexey Gladkov 3.6.2-alt1.20100328

    - New release (3.6.2).
    - Fix for Transport Layer Security (ALT#22994).
    - Fix addons search (ALT#22878).
    - Fix release notes (ALT#22883).
    - Fixed:
      + MFSA 2010-15 Asynchronous Auth Prompt attaches to wrong window
      + MFSA 2010-14 Browser chrome defacement via cached XUL stylesheets
      + MFSA 2010-13 Content policy bypass with image preloading
      + MFSA 2010-12 XSS using addEventListener and setTimeout on a wrapped object
      + MFSA 2010-11 Crashes with evidence of memory corruption (rv:1.9.2.2/ 1.9.1.8/ 1.9.0.18)
      + MFSA 2010-10 XSS via plugins and unprotected Location object
      + MFSA 2010-09 Deleted frame reuse in multipart/x-mixed-replace image
      + MFSA 2010-08 WOFF heap corruption due to integer overflow
        

2010-01-22 Alexey Gladkov 3.6.0-alt1

    - New release (3.6.0).
    - Fix process name (ALT#22731).
        

2010-01-07 Alexey Gladkov 3.6.0-alt0.20100113

    - New snapshot (3.6.0 20100113).
        

2009-11-24 Alexey Gladkov 3.6.0-alt0.20091124

    - New major branch (3.6.0 b4pre).
        

2009-10-11 Alexey Gladkov 3.5.3-alt0.20091010

    - New snapshot (3.5.3 20091010).
    - KDE: Update patches (ALT#21509).
        

2009-09-28 Alexey Gladkov 3.5.3-alt0.20090918.1

    - Rebuild with new browser-plugins-npapi.
        

2009-09-20 Alexey Gladkov 3.5.3-alt0.20090918

    - New snapshot (3.5.3 20090918).
    - Set firefox as default KDE/KDE4 browser (ALT#21509).
    - Update desktop file (ALT#21510).
    - Update requires (ALT#21533).
        

2009-09-01 Alexey Gladkov 3.5.3-alt0.20090831

    - New snapshot (3.5.3 20090831).
        

2009-07-17 Alexey Gladkov 3.5.1-alt1

    - New release (3.5.1).
        

2009-07-01 Alexey Gladkov 3.5-alt2

    - New release (3.5).
        

2009-06-04 Alexey Gladkov 3.5-alt1.20090601

    - New snapshot (3.5 20090601).
        

2009-04-24 Alexey Gladkov 3.5-alt1.20090424

    - New snapshot (3.5 20090424).
        

2009-01-18 Alexey Gladkov 3.1-alt1.20090312

    - New snapshot (3.1 20090312).
        

2008-11-18 Alexey Gladkov 3.0.4-alt1

    - New release (3.0.4).
    - Fixed:
      + MFSA 2008-58 Parsing error in E4X default namespace
      + MFSA 2008-57 -moz-binding property bypasses security checks on codebase principals
      + MFSA 2008-56 nsXMLHttpRequest::NotifyEventListeners() same-origin violation
      + MFSA 2008-55 Crash and remote code execution in nsFrameManager
      + MFSA 2008-54 Buffer overflow in http-index-format parser
      + MFSA 2008-53 XSS and JavaScript privilege escalation via session restore
      + MFSA 2008-52 Crashes with evidence of memory corruption (rv:1.9.0.4/1.8.1.18)
      + MFSA 2008-51 file: URIs inherit chrome privileges when opened from chrome
      + MFSA 2008-47 Information stealing via local shortcut files
        

2008-10-08 Alexey Gladkov 3.0.3-alt1

    - New release (3.0.3).
    - Firefox set itself as default browser correctly (ALT#17384).
    - Reload new plugins.
    - Fixed:
      + MFSA 2008-44 resource: traversal vulnerabilities
      + MFSA 2008-43 BOM characters stripped from JavaScript before execution
      + MFSA 2008-42 Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17)
      + MFSA 2008-41 Privilege escalation via XPCnativeWrapper pollution
      + MFSA 2008-40 Forced mouse drag
        

2008-09-09 Alexey Gladkov 3.0.1-alt2

    - New bugfix build.
    - Update desktop file (ALT#10558).
        

2008-07-18 Alexey Gladkov 3.0.1-alt1

    - New version (3.0.1).
    - Fixed:
      + MFSA 2008-36 Crash with malformed GIF file on Mac OS X
      + MFSA 2008-35 Command-line URLs launch multiple tabs when Firefox not running
      + MFSA 2008-34 Remote code execution by overflowing CSS reference counter
        

2008-07-13 Alexey Gladkov 3.0-alt2.20080704

    - New bugfix build.
    - Add searchplugins: bugzilla@altlinux, wikipedia-ru, yandex.
    - Remove RPATH.
        

2008-07-04 Alexey Gladkov 3.0-alt1.20080704

    - New cvs snapshot 3.0 (20080704).
        

2008-05-31 Alexey Gladkov 3.0-alt1.20080530

    - New cvs snapshot 20080530.
        

2008-05-20 Alexey Gladkov 3.0-alt1.20080519

    - New cvs snapshot (3.0 rc1).
        

2008-02-03 Alexey Gladkov 3.0-alt1.b3pre

    - New cvs snapshot.
        

2007-12-20 Alexey Gladkov 3.0.b2-alt1

    - New major beta version 3.0.b2
        

2007-11-28 Alexey Gladkov 3.0.b1-alt1

    - New major beta version 3.0.b1
        

2007-02-25 Alexey Gladkov 2.0.0.2-alt1

    - New bugfix version 2.0.0.2
    - Remove version from requires in *.pc.
    - Fixed:
        + MFSA 2007-07  Embedded nulls in location.hostname confuse same-domain checks
        + MFSA 2007-06 Mozilla Network Security Services (NSS) SSLv2 buffer overflow
        + MFSA 2007-05 XSS and local file access by opening blocked popups
        + MFSA 2007-04 Spoofing using custom cursor and CSS3 hotspot
        + MFSA 2007-03 Information disclosure through cache collisions
        + MFSA 2007-02 Improvements to help protect against Cross-Site Scripting attacks
        + MFSA 2007-01 Crashes with evidence of memory corruption (rv:1.8.0.10/1.8.1.2)
        

2007-01-28 Alexey Gladkov 2.0.0.1-alt1

    - New minor version 2.0.0.1
    - Fixed:
        + MFSA 2006-76  XSS using outer window's Function object
        + MFSA 2006-75 RSS Feed-preview referrer leak
        + MFSA 2006-73 Mozilla SVG Processing Remote Code Execution
        + MFSA 2006-72 XSS by setting img.src to javascript: URI
        + MFSA 2006-71 LiveConnect crash finalizing JS objects
        + MFSA 2006-70 Privilege escalation using watch point
        + MFSA 2006-69 CSS cursor image buffer overflow (Windows only)
        + MFSA 2006-68 Crashes with evidence of memory corruption (rv:1.8.0.9/1.8.1.1)
        

2006-11-23 Alexey Gladkov 2.0-alt2

    - Add %pre script.
    - Remove version specific paths.
        

2006-10-28 Alexey Gladkov 2.0-alt1

    - New major version 2.0 .
    - Don't build libxul.
    - Add support for printing via Pango.
    - Change printer paper size at A4.
    - Check compatibility disabled.
    - Patch disabling OS_TEST autoguessing for %ix86 builds on x86_64 host.
        

2006-09-15 Alexey Gladkov 1.5.0.7-alt1

    - New version 1.5.0.7 .
    - Fixed:
        + MFSA 2006-64  Crashes with evidence of memory corruption (rv:1.8.0.7)
        + MFSA 2006-62 Popup-blocker cross-site scripting (XSS)
        + MFSA 2006-61 Frame spoofing using document.open()
        + MFSA 2006-60 RSA Signature Forgery
        + MFSA 2006-59 Concurrency-related vulnerability
        + MFSA 2006-58 Auto-Update compromise through DNS and SSL spoofing
        + MFSA 2006-57 JavaScript Regular Expression Heap Corruption
        

2006-08-30 Alexey Gladkov 1.5.0.6-alt4

    - Add libgtkembedmoz.so, firefox-gtkembedmoz.pc .
    - Update BuildRequires.
        

2006-08-16 Alexey Gladkov 1.5.0.6-alt3

    - bugfix build.
    - Patch to enable intl.locale.matchOS was removed.
    - Added default download directory.
        

2006-08-09 Alexey Gladkov 1.5.0.6-alt2

    - bugfix build.
    - Added patch to handle #9863 (history #4352).
        

2006-08-05 Alexey Gladkov 1.5.0.6-alt1

    - New version 1.5.0.6 . 
    - Fixed:
        + Fixed an issue with playing Windows Media content
        + MFSA 2006-56  chrome: scheme loading remote content
        + MFSA 2006-55 Crashes with evidence of memory corruption (rv:1.8.0.5)
        + MFSA 2006-54 XSS with XPCNativeWrapper(window).Function(...)
        + MFSA 2006-53 UniversalBrowserRead privilege escalation
        + MFSA 2006-52 PAC privilege escalation using Function.prototype.call
        + MFSA 2006-51 Privilege escalation using named-functions and redefined "new Object()"
        + MFSA 2006-50 JavaScript engine vulnerabilities
        + MFSA 2006-48 JavaScript new Function race condition
        + MFSA 2006-47 Native DOM methods can be hijacked across domains
        + MFSA 2006-46 Memory corruption with simultaneous events
        + MFSA 2006-45 Javascript navigator Object Vulnerability
        + MFSA 2006-44 Code execution through deleted frame reference
        

2006-06-08 Alexey Gladkov 1.5.0.4-alt1

    - New version.
    - Fixed:
        + MFSA 2006-43 Privilege escalation using addSelectionListener
        + MFSA 2006-42 Web site XSS using BOM on UTF-8 pages
        + MFSA 2006-41 File stealing by changing input type (variant)
        + MFSA 2006-39 "View Image" local resource linking (Windows)
        + MFSA 2006-38 Buffer overflow in crypto.signText()
        + MFSA 2006-37 Remote compromise via content-defined setter on object prototypes
        + MFSA 2006-36 PLUGINSPAGE privileged JavaScript execution 2
        + MFSA 2006-35 Privilege escalation through XUL persist
        + MFSA 2006-34 XSS viewing javascript: frames or images from context menu
        + MFSA 2006-33 HTTP response smuggling
        + MFSA 2006-32 Fixes for crashes with potential memory corruption
        + MFSA 2006-31 EvalInSandbox escape (Proxy Autoconfig, Greasemonkey)
        

2006-05-12 Alexey Gladkov 1.5.0.3-alt1

    - New version.
    - Build libxul library.
    - Fixed:
        + MFSA 2006-30 Deleted object reference when designMode="on".
        

2006-03-15 Alexey Gladkov 1.5.0.1-alt2

    - bugfix build.
    - include fix
    - plugins directory fix;
        

2006-02-13 Alexey Gladkov 1.5.0.1-alt1

    - New version 1.5.0.1
    - Buildrequires updated for xorg-7.0 
    - run-firefox script bugfix:
      * usage update
      * plugins search path (x86_64)
      * unparseable commands handling
    - bugfix: #7334, #7682, #8757, #8784, #9017
        

2005-12-04 Alexey Gladkov 1.5-alt1

    - New version 1.5 .
    - Spec cleanup.
    - Build with external rpm-build-firefox .
    - Build with system NSS and NSPR.
    - Unused libraries removed.
    - Rpm mascros bugfix.
      * fix for new rpm.
      * change extension installation sheme (again).
    - Default preference tunning.
    - Startup script rewritten. Now it is single script.
      * command line shortcut added: altfaq:NUM .
    - SVG support enabled.
    - directory /usr/share/firefox-@version@/extensions was added to extensions search path .
      * this location is controled by the option extensions.dir.extensions .
    - Bug: #7682, #7801, #7856, #7949 fixed.
        

2005-08-16 Alexey Gladkov 1.0.6-alt4

    - major bugfix.
    - build with official branding.
    - x86_64 compatibility addon (patch20, patch21).
        

2005-08-07 Alexey Gladkov 1.0.6-alt3

    - release version.
    - firsttime script added.
    - SVG support disabled.
    - Patch #2 bugfix (bug: #7682)
        

2005-07-24 Konstantin A. Lepikhov 1.0.6-alt2.cvs

    - fix -nox patch.
    - add gssapi detection and build fixes from mhz@.
        

2005-07-19 Konstantin A. Lepikhov 1.0.6-alt1.cvs

    - new version from aviary branch fixing various bugs:
      + MFSA2005-54
      + Restore API compatibility for extensions and web applications 
        that did not work in Firefox 1.0.5.
        

2005-07-11 Konstantin A. Lepikhov 1.0.5-alt2.cvs

    - new version from aviary branch;
        

2005-06-22 Konstantin A. Lepikhov 1.0.5-alt1.cvs

    - new version from aviary branch fixing various security bugs;
    - fix: #4846, #5101, #7126 (legion).
    - if_{with,without} debug - added (legion).
    - keyword 'altbug:' added, patch2 updated (legion).
    - postin/postun-scripts scripts bugfixes (legion).
    - triggers added for trash cleanup (legion).
        

2005-06-20 Konstantin A. Lepikhov 1.0.5-alt0.cvs

    - new version from aviary branch;
    - fix #6595;
    - add switches for svg/xprint easy builds.
    - update alt-prefs-tuning.patch (disable annoying default browser dialog).
        

2005-06-12 Konstantin A. Lepikhov 1.0.4-alt1

    - new version;
    - SA15601 security fix;
    - BuildRequires cleanup (remove xorg-x11-libs-static).
        

2005-04-21 Alexey Gladkov 1.0.3-alt1

    - new version;
    - requires fix;
        

2005-04-13 Alexey Gladkov 1.0.2-alt1

    - new version;
    - RPATH fix;
    - NoX patch was rewritten;
        

2005-03-06 Alexey Gladkov 1.0.1-alt2

    - rpm macros was updated;
        

2005-02-25 Alexey Gladkov 1.0.1-alt1

    - new version;
    - patch9 was added (mozilla Bug #123315);
    - patch10, patch11 was added (#6151);
        

2005-02-14 Alexey Gladkov 1.0-alt7

    - plugins path bugfix;
    - svg support added;
    - x86_64 compatibility added (thx mouse@);
        

2005-02-01 Alexey Gladkov 1.0-alt6

    - update patch firefox-1.0-20050201-alt-nox.patch 
      * uninstall-global-theme command-line option was added;
      * update-register command-line option was added;
    - firefox-1.0-alt-rpm-scripts.tar.bz2 bugfix;
        

2005-01-27 Alexey Gladkov 1.0-alt5

    - disable svg support becouse svg layout lead to segfault 
      when mozilla compile with gcc3.4 .
    - search plugins was moved into the standalone rpm package.
        

2005-01-19 Alexey Gladkov 1.0-alt4

    - Rebuilt with libstdc++.so.6.
        

2005-01-05 Alexey Gladkov 1.0-alt3

    - new version;
    - browser-plugins-npapi support added;
    - new icons default icons(thx shrek@);
    - option uninstall-global-extension was fixed;
        

2004-11-03 Alexey Gladkov 1.0-alt2.rc1

    - extension sheme changes;
    - postin/preun scripts chenges;
        

2004-10-18 Alexey Gladkov 1.0-alt2.PR

    - new default extensions added;
    - protocol 'mailto' external handler added; 
    - firefox.macro changed;
    - postun script changed;
    - icons changed;
        

2004-09-30 Alexey Gladkov 1.0-alt1.PR

    - New version 1.0PR;
    - New extension scheme;
    - Add:
        * New option 'run-without-x' added (mouse, legion);
        * SVG support added;
        * Certificate (ALT Linux CA Root) added;
        * ALT Linux BTS search plugin added;
        * RPATH added to all binary files;
    - bug #4284 fixed;
        

2004-05-28 Alexey Gladkov 0.8-alt4

    - Move back some changes at alt3 build.
    - Bug #4157 fixed.
        

2004-04-30 Alexey Gladkov 0.8-alt3.1

    - viewsource protocol was added.
        

2004-04-29 Alexey Gladkov 0.8-alt3

    - Minimize buildin extensions;
    - Disable debug output;
    - Disable some options:
      + disable JavaScript debug library;
      + disable LDAP support;
      + disable logging facilities;
    - Necko protocols cleanup;
        

2004-02-24 Alexey Gladkov 0.8-alt2

    - Splash screen added (thx sadist@);
    - Search plugins added;
    - Remove devel package Conflicts;
    - Change rebuild-database.sh script. Script must be run only as root;
    - Change locale hack.
        

2004-02-11 Alexey Gladkov 0.8-alt1

    - Mozilla Firebird becomes Mozilla Firefox. Mozilla's next 
      generation browser has changed names (again);
    - New version;
        

2004-01-11 Alexey Gladkov 0.7-alt2

    - Spec changes.
    - run-mozilla.sh script patch.
        

2003-12-30 Alexey Gladkov 0.7-alt1

    - first build for ALT Linux.
    - rpm macro created.
    - new scheme loading extensions added (thx force@)
        
 
The Geyser project is based on code from Prometheus2.0, which had been made available under the MIT License.