Package rpm-build-firefox: Information

  • Default inline alert: Version in the repository: 90.0-alt1

Binary package: rpm-build-firefox
Version: 72.0.2-alt0.1.p9
Architecture: noarch
Build time:  Mar 26, 2020, 10:29 PM in the task #245893
Source package: firefox
Report package bug
License: MPL-2.0
Summary: RPM helper macros to rebuild firefox packages
Description: 
These helper macros provide possibility to rebuild
firefox packages by some Alt Linux Team Policy compatible way.

Maintainer: Alexey Gladkov


Last changed


March 24, 2020 Andrey Cherepanov 72.0.2-alt0.1.p9
- Backport new version with security fixed to p9 branch.
Jan. 23, 2020 Alexey Gladkov 72.0.2-alt1
- New release (72.0.2).
- Security fixes:
  + CVE-2019-17015: Memory corruption in parent process during new content process initialization on Windows
  + CVE-2019-17016: Bypass of @namespace CSS sanitization during pasting
  + CVE-2019-17017: Type Confusion in XPCVariant.cpp
  + CVE-2019-17018: Windows Keyboard in Private Browsing Mode may retain word suggestions
  + CVE-2019-17019: Python files could be inadvertently executed upon opening a download
  + CVE-2019-17020: Content Security Policy not applied to XSL stylesheets applied to XML documents
  + CVE-2019-17021: Heap address disclosure in parent process during content process initialization on Windows
  + CVE-2019-17022: CSS sanitization does not escape HTML tags
  + CVE-2019-17023: NSS may negotiate TLS 1.2 or below after a TLS 1.3 HelloRetryRequest had been sent
  + CVE-2019-17024: Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4
  + CVE-2019-17025: Memory safety bugs fixed in Firefox 72
  + CVE-2019-17026: IonMonkey type confusion with StoreElementHole and FallibleStoreElement
Dec. 5, 2019 Alexey Gladkov 71.0-alt1
- New release (71.0).
- Update license tag.
- Security fixes:
  + CVE-2019-11756: Use-after-free of SFTKSession object
  + CVE-2019-17008: Use-after-free in worker destruction
  + CVE-2019-13722: Stack corruption due to incorrect number of arguments in WebRTC code
  + CVE-2019-11745: Out of bounds write in NSS when encrypting with a block cipher
  + CVE-2019-17014: Dragging and dropping a cross-origin resource, incorrectly loaded as an image, could result in information disclosure
  + CVE-2019-17009: Updater temporary files accessible to unprivileged processes
  + CVE-2019-17010: Use-after-free when performing device orientation checks
  + CVE-2019-17005: Buffer overflow in plain text serializer
  + CVE-2019-17011: Use-after-free when retrieving a document in antitracking
  + CVE-2019-17012: Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3
  + CVE-2019-17013: Memory safety bugs fixed in Firefox 71