Package firefox-config-privacy: Information

  • Default inline alert: Version in the repository: 125.0.2-alt1

Binary package: firefox-config-privacy
Version: 96.0.1-alt1
Architecture: noarch
Build time:  Jan 15, 2022, 05:21 PM in the task #293538
Source package: firefox
Category: System/Configuration/Networking
Report package bug
Gear: https://git.altlinux.org/gears/f/firefox.git?a=tree;hb=8940a76e1…
Download: firefox-config-privacy-96.0.1-alt1.noarch.rpm
Build log: https://git.altlinux.org/tasks/293538/build/100/x86_64/log
Home page: http://www.mozilla.org/projects/firefox/
License: MPL-2.0
Summary: Firefox configuration with the paranoid privacy settings
Description: 
Settings disable:
* obsolete ssl protocols;
* safebrowsing, trackingprotection and other requests to third-party services;
* telemetry;
* webrtc;
* the social features;
* dns and network predictors/prefetch;
* and some more...

Most likely you don't need to use this package.
Maintainer: Alexey Gladkov
List of contributors:
Alexey Gladkov
Sergey Bolshakov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
Konstantin Lepikhov

Last changed

Jan. 15, 2022 Alexey Gladkov 96.0.1-alt1
- New release (96.0.1).
Jan. 12, 2022 Alexey Gladkov 96.0-alt1
- New release (96.0).
- Disable webrtc for armh, ppc64le.
- Security fixes:
  + CVE-2022-22746: Calling into reportValidity could have lead to fullscreen window spoof
  + CVE-2022-22743: Browser window spoof using fullscreen mode
  + CVE-2022-22742: Out-of-bounds memory access when inserting text in edit mode
  + CVE-2022-22741: Browser window spoof using fullscreen mode
  + CVE-2022-22740: Use-after-free of ChannelEventQueue::mOwner
  + CVE-2022-22738: Heap-buffer-overflow in blendGaussianBlur
  + CVE-2022-22737: Race condition when playing audio files
  + CVE-2021-4140: Iframe sandbox bypass with XSLT
  + CVE-2022-22750: IPC passing of resource handles could have lead to sandbox bypass
  + CVE-2022-22749: Lack of URL restrictions when scanning QR codes
  + CVE-2022-22748: Spoofed origin on external protocol launch dialog
  + CVE-2022-22745: Leaking cross-origin URLs through securitypolicyviolation event
  + CVE-2022-22744: The 'Copy as curl' feature in DevTools did not fully escape website-controlled data, potentially leading to command injection
  + CVE-2022-22747: Crash when handling empty pkcs7 sequence
  + CVE-2022-22736: Potential local privilege escalation when loading modules from the install directory.
  + CVE-2022-22739: Missing throttling on external protocol launch dialog
  + CVE-2022-22751: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5
  + CVE-2022-22752: Memory safety bugs fixed in Firefox 96
Dec. 17, 2021 Alexey Gladkov 95.0.1-alt1
- New release (95.0.1).
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.4.2
Back to top