Package firefox-esr: Information

Source package: firefox-esr
Version: 68.4.1-alt1
Build time:  Jan 13, 2020, 08:16 PM in the task #243942
Category: Networking/WWW
Report package bug
Gear: https://git.altlinux.org/gears/f/firefox-esr.git?a=tree;hb=0569d…
Home page: http://www.mozilla.org/projects/firefox/
License: MPL/GPL/LGPL
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Description: 
The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.
List of rpms provided by this srpm:
firefox-esr (x86_64, ppc64le, i586, aarch64)
firefox-esr-debuginfo (x86_64, ppc64le, i586, aarch64)
firefox-esr-wayland (noarch)
Maintainer: Andrey Cherepanov
List of contributors:
Andrey Cherepanov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
    1. libX11-devel
    2. fontconfig-devel
    3. libXScrnSaver-devel
    4. libXcomposite-devel
    5. libXcursor-devel
    6. libXdamage-devel
    7. libXext-devel
    8. libXft-devel
    9. libpulseaudio-devel
    10. libXi-devel
    11. libjpeg-devel
    12. libXt-devel
    13. libcairo-devel
    14. libalsa-devel
    15. libvpx5-devel
    16. libcurl-devel
    17. python3-base
    18. libwireless-devel
    19. /dev/shm
    20. libdbus-devel
    21. libdbus-glib-devel
    22. libxkbcommon-devel
    23. libevent-devel
    24. libshell
    25. /proc
    26. libffi-devel
    27. lld-devel
    28. llvm7.0-devel
    29. libfreetype-devel
    30. alternatives
    31. rust >= 1.35.0
    32. rust-cargo >= 1.35.0
    33. autoconf_2.13
    34. autoconf_2.13
    35. libstartup-notification-devel
    36. libstdc++-devel
    37. pkgconfig(nspr) >= 4.21
    38. pkgconfig(nss) >= 3.45.0
    39. mozilla-common-devel
    40. rpm-build-mozilla.org
    41. browser-plugins-npapi-devel
    42. nasm
    43. libgio-devel
    44. bzlib-devel
    45. rpm-macros-alternatives
    46. node
    47. chrpath
    48. clang7.0
    49. clang7.0-devel
    50. unzip
    51. python-module-distribute
    52. libnotify-devel
    53. libnss-devel-static
    54. gst-plugins1.0-devel
    55. gstreamer1.0-devel
    56. python-module-pip
    57. python-modules-compiler
    58. xorg-cf-files
    59. python-modules-json
    60. python-modules-logging
    61. libGL-devel
    62. python-modules-sqlite3
    63. yasm
    64. libgtk+2-devel
    65. libgtk+3-devel
    66. zip
    67. zlib-devel
    68. libopus-devel
    69. libhunspell-devel
    70. libpixman-devel
    71. libproxy-devel

Last changed

Jan. 8, 2020 Andrey Cherepanov 68.4.1-alt1
- New ESR version (68.4.1).
- Fixed:
  + CVE-2019-17015 Memory corruption in parent process during new content process initialization on Windows
  + CVE-2019-17016 Bypass of @namespace CSS sanitization during pasting
  + CVE-2019-17017 Type Confusion in XPCVariant.cpp
  + CVE-2019-17021 Heap address disclosure in parent process during content process initialization on Windows
  + CVE-2019-17022 CSS sanitization does not escape HTML tags
  + CVE-2019-17024 Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4
Dec. 6, 2019 Andrey Cherepanov 68.3.0-alt2
- Fix last changelog according to https://www.altlinux.org/Vulnerability_Policy.
Dec. 5, 2019 Andrey Cherepanov 68.3.0-alt1
- New ESR version (68.3.0).
- Fixed:
  + CVE-2019-17008 Use-after-free in worker destruction
  + CVE-2019-13722 Stack corruption due to incorrect number of arguments in WebRTC code
  + CVE-2019-11745 Out of bounds write in NSS when encrypting with a block cipher
  + CVE-2019-17009 Updater temporary files accessible to unprivileged processes
  + CVE-2019-17010 Use-after-free when performing device orientation checks
  + CVE-2019-17005 Buffer overflow in plain text serializer
  + CVE-2019-17011 Use-after-free when retrieving a document in antitracking
  + CVE-2019-17012 Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.3
Back to top