Package firefox: Information

Source package: firefox
Version: 72.0.2-alt0.1.p9
Build time:  Mar 26, 2020, 10:29 PM in the task #245893
Category: Networking/WWW
Report package bug
Gear: https://git.altlinux.org/gears/f/firefox.git?a=tree;hb=0dc6830af…
Home page: http://www.mozilla.org/projects/firefox/
License: MPL-2.0
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Description: 
The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.
List of rpms provided by this srpm:
firefox (x86_64, ppc64le, i586, aarch64)
firefox-config-privacy (noarch)
firefox-debuginfo (x86_64, ppc64le, i586, aarch64)
firefox-wayland (noarch)
rpm-build-firefox (noarch)
Maintainer: Alexey Gladkov
List of contributors:
Andrey Cherepanov
Alexey Gladkov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
Konstantin Lepikhov
    1. libvpx5-devel
    2. libwireless-devel
    3. /dev/shm
    4. python3-base
    5. libcurl-devel
    6. alternatives
    7. libxkbcommon-devel
    8. libshell
    9. libdbus-devel
    10. libdbus-glib-devel
    11. /proc
    12. autoconf_2.13
    13. autoconf_2.13
    14. libstartup-notification-devel
    15. lld-devel
    16. libstdc++-devel
    17. llvm7.0-devel
    18. rust >= 1.37.0
    19. rust-cargo >= 1.37.0
    20. libdrm-devel
    21. browser-plugins-npapi-devel
    22. bzlib-devel
    23. chrpath
    24. pkgconfig(nspr) >= 4.24
    25. pkgconfig(nss) >= 3.49.1
    26. clang7.0
    27. clang7.0-devel
    28. libevent-devel
    29. mozilla-common-devel
    30. libnotify-devel
    31. libGL-devel
    32. libnss-devel-static
    33. gst-plugins1.0-devel
    34. libffi-devel
    35. gstreamer1.0-devel
    36. nasm
    37. libfreetype-devel
    38. rpm-build-mozilla.org
    39. rpm-macros-alternatives
    40. node
    41. python-module-distribute
    42. libopus-devel
    43. libX11-devel
    44. python-module-pip
    45. libXScrnSaver-devel
    46. unzip
    47. libXcomposite-devel
    48. libXcursor-devel
    49. libXdamage-devel
    50. libXext-devel
    51. python-modules-compiler
    52. python-modules-json
    53. python-modules-logging
    54. libXft-devel
    55. python-modules-sqlite3
    56. libXi-devel
    57. libXt-devel
    58. libpixman-devel
    59. fontconfig-devel
    60. libalsa-devel
    61. libgio-devel
    62. xorg-cf-files
    63. yasm
    64. libcairo-devel
    65. zip
    66. zlib-devel
    67. libhunspell-devel
    68. libgtk+2-devel
    69. libjpeg-devel
    70. libgtk+3-devel
    71. libpulseaudio-devel
    72. libproxy-devel

Last changed

March 24, 2020 Andrey Cherepanov 72.0.2-alt0.1.p9
- Backport new version with security fixed to p9 branch.
Jan. 23, 2020 Alexey Gladkov 72.0.2-alt1
- New release (72.0.2).
- Security fixes:
  + CVE-2019-17015: Memory corruption in parent process during new content process initialization on Windows
  + CVE-2019-17016: Bypass of @namespace CSS sanitization during pasting
  + CVE-2019-17017: Type Confusion in XPCVariant.cpp
  + CVE-2019-17018: Windows Keyboard in Private Browsing Mode may retain word suggestions
  + CVE-2019-17019: Python files could be inadvertently executed upon opening a download
  + CVE-2019-17020: Content Security Policy not applied to XSL stylesheets applied to XML documents
  + CVE-2019-17021: Heap address disclosure in parent process during content process initialization on Windows
  + CVE-2019-17022: CSS sanitization does not escape HTML tags
  + CVE-2019-17023: NSS may negotiate TLS 1.2 or below after a TLS 1.3 HelloRetryRequest had been sent
  + CVE-2019-17024: Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4
  + CVE-2019-17025: Memory safety bugs fixed in Firefox 72
  + CVE-2019-17026: IonMonkey type confusion with StoreElementHole and FallibleStoreElement
Dec. 5, 2019 Alexey Gladkov 71.0-alt1
- New release (71.0).
- Update license tag.
- Security fixes:
  + CVE-2019-11756: Use-after-free of SFTKSession object
  + CVE-2019-17008: Use-after-free in worker destruction
  + CVE-2019-13722: Stack corruption due to incorrect number of arguments in WebRTC code
  + CVE-2019-11745: Out of bounds write in NSS when encrypting with a block cipher
  + CVE-2019-17014: Dragging and dropping a cross-origin resource, incorrectly loaded as an image, could result in information disclosure
  + CVE-2019-17009: Updater temporary files accessible to unprivileged processes
  + CVE-2019-17010: Use-after-free when performing device orientation checks
  + CVE-2019-17005: Buffer overflow in plain text serializer
  + CVE-2019-17011: Use-after-free when retrieving a document in antitracking
  + CVE-2019-17012: Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3
  + CVE-2019-17013: Memory safety bugs fixed in Firefox 71
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.0
Back to top