Package firefox-esr: Information
Default inline alert: Version in the repository: 102.11.0-alt0.c9.1
Source package: firefox-esr
Version: 68.4.1-alt1
Build time: Jan 13, 2020, 08:16 PM in the task #243942
Category: Networking/WWW
Report package bugHome page: http://www.mozilla.org/projects/firefox/
License: MPL/GPL/LGPL
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Description:
The Mozilla Firefox project is a redesign of Mozilla's browser component, written using the XUL user interface language and designed to be cross-platform.
List of rpms provided by this srpm:
firefox-esr (x86_64, ppc64le, i586, aarch64)
firefox-esr-debuginfo (x86_64, ppc64le, i586, aarch64)
firefox-esr-wayland (noarch)
firefox-esr (x86_64, ppc64le, i586, aarch64)
firefox-esr-debuginfo (x86_64, ppc64le, i586, aarch64)
firefox-esr-wayland (noarch)
Maintainer: Andrey Cherepanov
Last changed
Jan. 8, 2020 Andrey Cherepanov 68.4.1-alt1
- New ESR version (68.4.1). - Fixed: + CVE-2019-17015 Memory corruption in parent process during new content process initialization on Windows + CVE-2019-17016 Bypass of @namespace CSS sanitization during pasting + CVE-2019-17017 Type Confusion in XPCVariant.cpp + CVE-2019-17021 Heap address disclosure in parent process during content process initialization on Windows + CVE-2019-17022 CSS sanitization does not escape HTML tags + CVE-2019-17024 Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4
Dec. 6, 2019 Andrey Cherepanov 68.3.0-alt2
- Fix last changelog according to https://www.altlinux.org/Vulnerability_Policy.
Dec. 5, 2019 Andrey Cherepanov 68.3.0-alt1
- New ESR version (68.3.0). - Fixed: + CVE-2019-17008 Use-after-free in worker destruction + CVE-2019-13722 Stack corruption due to incorrect number of arguments in WebRTC code + CVE-2019-11745 Out of bounds write in NSS when encrypting with a block cipher + CVE-2019-17009 Updater temporary files accessible to unprivileged processes + CVE-2019-17010 Use-after-free when performing device orientation checks + CVE-2019-17005 Buffer overflow in plain text serializer + CVE-2019-17011 Use-after-free when retrieving a document in antitracking + CVE-2019-17012 Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3