Package firefox: Information

Binary package: firefox
Version: 57.0.1-alt0.M80P.1
Architecture: x86_64
Build time:  Dec 8, 2017, 05:42 PM in the task #195836
Source package: firefox
Category: Networking/WWW
Report package bug
Gear: https://git.altlinux.org/gears/f/firefox.git?a=tree;hb=9d41cfca3…
Download: firefox-57.0.1-alt0.M80P.1.x86_64.rpm
Build log: https://git.altlinux.org/tasks/195836/build/100/x86_64/log
Home page: http://www.mozilla.org/projects/firefox/
License: MPL/GPL/LGPL
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Description: 
The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.
Maintainer: Alexey Gladkov
List of contributors:
Andrey Cherepanov
Alexey Gladkov
Ivan Zakharyaschev
Konstantin Lepikhov

Last changed

Dec. 5, 2017 Andrey Cherepanov 57.0.1-alt0.M80P.1
- Backport new version to p8 branch
Dec. 4, 2017 Alexey Gladkov 57.0.1-alt1
- New release (57.0.1).
Nov. 21, 2017 Alexey Gladkov 57.0-alt1
- New release (57.0).
- Fixed:
  + CVE-2017-7828: Use-after-free of PressShell while restyling layout
  + CVE-2017-7830: Cross-origin URL information leak through Resource Timing API
  + CVE-2017-7831: Information disclosure of exposed properties on JavaScript proxy objects
  + CVE-2017-7832: Domain spoofing through use of dotless 'i' character followed by accent markers
  + CVE-2017-7833: Domain spoofing with Arabic and Indic vowel marker characters
  + CVE-2017-7834: data: URLs opened in new tabs bypass CSP protections
  + CVE-2017-7835: Mixed content blocking incorrectly applies with redirects
  + CVE-2017-7836: Pingsender dynamically loads libcurl on Linux and OS X
  + CVE-2017-7837: SVG loaded as <img> can use meta tags to set cookies
  + CVE-2017-7838: Failure of individual decoding of labels in international domain names triggers punycode display of entire IDN
  + CVE-2017-7839: Control characters before javascript: URLs defeats self-XSS prevention mechanism
  + CVE-2017-7840: Exported bookmarks do not strip script elements from user-supplied tags
  + CVE-2017-7842: Referrer Policy is not always respected for <link> elements
  + CVE-2017-7827: Memory safety bugs fixed in Firefox 57
  + CVE-2017-7826: Memory safety bugs fixed in Firefox 57 and Firefox ESR 52.5
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.3
Back to top