Package firefox-esr

Source package: firefox-esr
Version: 68.4.1-alt0.M80P.1
Build time:  Jan 15, 2020, 07:47 PM
 in the task #244114
Category: Networking/WWW
Report package bug
License:  MPL/GPL/LGPL
Summary:  The Mozilla Firefox project is a redesign of Mozilla's browser
Description: 
The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.
List of rpms provided by this srpm: 
firefox-esr (x86_64, i586)
firefox-esr-debuginfo (x86_64, i586)
firefox-esr-wayland (noarch)
Last changes:
Jan. 11, 2020 Andrey Cherepanov 68.4.1-alt0.M80P.1
- Backport new version with security fixes to p8 branch.
Jan. 8, 2020 Andrey Cherepanov 68.4.1-alt1
- New ESR version (68.4.1).
- Fixed:
  + CVE-2019-17015 Memory corruption in parent process during new content process initialization on Windows
  + CVE-2019-17016 Bypass of @namespace CSS sanitization during pasting
  + CVE-2019-17017 Type Confusion in XPCVariant.cpp
  + CVE-2019-17021 Heap address disclosure in parent process during content process initialization on Windows
  + CVE-2019-17022 CSS sanitization does not escape HTML tags
  + CVE-2019-17024 Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4
Dec. 6, 2019 Andrey Cherepanov 68.3.0-alt2
- Fix last changelog according to https://www.altlinux.org/Vulnerability_Policy.

Back to Top