Package firefox: Information

Source package: firefox
Version: 66.0.1-alt1
Build time:  Apr 1, 2019, 04:27 PM in the task #226302
Category: Networking/WWW
Report package bug
Gear: https://git.altlinux.org/gears/f/firefox.git?a=tree;hb=8d38ea4df…
Home page: http://www.mozilla.org/projects/firefox/
License: MPL/GPL/LGPL
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Description: 
The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.
List of rpms provided by this srpm:
firefox (x86_64, i586, aarch64)
firefox-debuginfo (x86_64, i586, aarch64)
rpm-build-firefox (noarch)
Maintainer: Alexey Gladkov
List of contributors:
Alexey Gladkov
Ivan Zakharyaschev
Konstantin Lepikhov
    1. libcurl-devel
    2. libdbus-devel
    3. libdbus-glib-devel
    4. libvpx5-devel
    5. /dev/shm
    6. python3-base
    7. libwireless-devel
    8. libshell
    9. libevent-devel
    10. alternatives
    11. libffi-devel
    12. libfreetype-devel
    13. autoconf_2.13
    14. autoconf_2.13
    15. libstartup-notification-devel
    16. libstdc++-devel
    17. rust >= 1.31.1
    18. rust-cargo >= 1.31.1
    19. browser-plugins-npapi-devel
    20. bzlib-devel
    21. chrpath
    22. clang7.0
    23. clang7.0-devel
    24. /proc
    25. pkgconfig(nspr) >= 4.21
    26. pkgconfig(nss) >= 3.43.0
    27. lld-devel
    28. llvm7.0-devel
    29. libnotify-devel
    30. libnss-devel-static
    31. libgio-devel
    32. gst-plugins1.0-devel
    33. gstreamer1.0-devel
    34. libX11-devel
    35. libGL-devel
    36. rpm-build-mozilla.org
    37. libopus-devel
    38. libXScrnSaver-devel
    39. libXcomposite-devel
    40. python-module-distribute
    41. rpm-macros-alternatives
    42. libXcursor-devel
    43. libXdamage-devel
    44. libXext-devel
    45. python-module-pip
    46. libXft-devel
    47. unzip
    48. libXi-devel
    49. python-modules-compiler
    50. python-modules-json
    51. python-modules-logging
    52. python-modules-sqlite3
    53. fontconfig-devel
    54. libpixman-devel
    55. libXt-devel
    56. mozilla-common-devel
    57. libgtk+2-devel
    58. libgtk+3-devel
    59. libalsa-devel
    60. xorg-cf-files
    61. nasm
    62. yasm
    63. node
    64. zip
    65. libproxy-devel
    66. libhunspell-devel
    67. zlib-devel
    68. libcairo-devel
    69. libjpeg-devel
    70. libpulseaudio-devel

Last changed

March 27, 2019 Alexey Gladkov 66.0.1-alt1
- New release (66.0.1).
- Fixed:
  + CVE-2019-9790: Use-after-free when removing in-use DOM elements
  + CVE-2019-9791: Type inference is incorrect for constructors entered through on-stack replacement with IonMonkey
  + CVE-2019-9792: IonMonkey leaks JS_OPTIMIZED_OUT magic value to script
  + CVE-2019-9793: Improper bounds checks when Spectre mitigations are disabled
  + CVE-2019-9794: Command line arguments not discarded during execution
  + CVE-2019-9795: Type-confusion in IonMonkey JIT compiler
  + CVE-2019-9796: Use-after-free with SMIL animation controller
  + CVE-2019-9797: Cross-origin theft of images with createImageBitmap
  + CVE-2019-9798: Library is loaded from world writable APITRACE_LIB location
  + CVE-2019-9799: Information disclosure via IPC channel messages
  + CVE-2019-9801: Windows programs that are not 'URL Handlers' are exposed to web content
  + CVE-2019-9802: Chrome process information leak
  + CVE-2019-9803: Upgrade-Insecure-Requests incorrectly enforced for same-origin navigation
  + CVE-2019-9804: Code execution through 'Copy as cURL' in Firefox Developer Tools on macOS
  + CVE-2019-9805: Potential use of uninitialized memory in Prio
  + CVE-2019-9806: Denial of service through successive FTP authorization prompts
  + CVE-2019-9807: Text sent through FTP connection can be incorporated into alert messages
  + CVE-2019-9809: Denial of service through FTP modal alert error messages
  + CVE-2019-9808: WebRTC permissions can display incorrect origin with data: and blob: URLs
  + CVE-2019-9789: Memory safety bugs fixed in Firefox 66
  + CVE-2019-9788: Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6
  + CVE-2019-9810: IonMonkey MArraySlice has incorrect alias information
  + CVE-2019-9813: Ionmonkey type confusion with __proto__ mutations
March 2, 2019 Alexey Gladkov 65.0.2-alt1
- New release (65.0.2).
- Use libvpx5.
Feb. 19, 2019 Alexey Gladkov 65.0.1-alt1
- New release (65.0.1).
- Fixed:
  + CVE-2018-18356: Use-after-free in Skia
  + CVE-2019-5785: Integer overflow in Skia
  + CVE-2018-18511: Cross-origin theft of images with ImageBitmapRenderingContext
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.0
Back to top