Package firefox-config-privacy: Information

  • Default inline alert: Version in the repository: 124.0-alt1

Binary package: firefox-config-privacy
Version: 111.0-alt1
Architecture: noarch
Build time:  Mar 16, 2023, 12:21 AM in the task #316754
Source package: firefox
Report package bug
License: MPL-2.0
Summary: Firefox configuration with the paranoid privacy settings
Description: 
Settings disable:
* obsolete ssl protocols;
* safebrowsing, trackingprotection and other requests to third-party services;
* telemetry;
* webrtc;
* the social features;
* dns and network predictors/prefetch;
* and some more...

Most likely you don't need to use this package.

Maintainer: Alexey Gladkov


Last changed


March 14, 2023 Alexey Gladkov 111.0-alt1
- New release (111.0).
- Exclude arch i586.
- Security fixes:
  + CVE-2023-28159: Fullscreen Notification could have been hidden by download popups on Android
  + CVE-2023-25748: Fullscreen Notification could have been hidden by window prompts on Android
  + CVE-2023-25749: Firefox for Android may have opened third-party apps without a prompt
  + CVE-2023-25750: Potential ServiceWorker cache leak during private browsing mode
  + CVE-2023-25751: Incorrect code generation during JIT compilation
  + CVE-2023-28160: Redirect to Web Extension files may have leaked local path
  + CVE-2023-28164: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation
  + CVE-2023-28161: One-time permissions granted to a local file were extended to other local files loaded in the same tab
  + CVE-2023-28162: Invalid downcast in Worklets
  + CVE-2023-25752: Potential out-of-bounds when accessing throttled streams
  + CVE-2023-28163: Windows Save As dialog resolved environment variables
  + CVE-2023-28176: Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9
  + CVE-2023-28177: Memory safety bugs fixed in Firefox 111
March 3, 2023 Alexey Gladkov 110.0.1-alt1
- New release (110.0.1).
Feb. 17, 2023 Alexey Gladkov 110.0-alt1
- New release (110.0).
- Security fixes:
  + CVE-2023-25728: Content security policy leak in violation reports using iframes
  + CVE-2023-25730: Screen hijack via browser fullscreen mode
  + CVE-2023-25743: Fullscreen notification not shown in Firefox Focus
  + CVE-2023-0767: Arbitrary memory write via PKCS 12 in NSS
  + CVE-2023-25735: Potential use-after-free from compartment mismatch in SpiderMonkey
  + CVE-2023-25737: Invalid downcast in SVGUtils::SetupStrokeGeometry
  + CVE-2023-25738: Printing on Windows could potentially crash Firefox with some device drivers
  + CVE-2023-25739: Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext
  + CVE-2023-25729: Extensions could have opened external schemes without user knowledge
  + CVE-2023-25732: Out of bounds memory write from EncodeInputStream
  + CVE-2023-25734: Opening local .url files could cause unexpected network loads
  + CVE-2023-25740: Opening local .scf files could cause unexpected network loads
  + CVE-2023-25731: Prototype pollution when rendering URLPreview
  + CVE-2023-25733: Possible null pointer dereference in TaskbarPreviewCallback
  + CVE-2023-25736: Invalid downcast in GetTableSelectionMode
  + CVE-2023-25741: Same-origin policy leak via image drag and drop
  + CVE-2023-25742: Web Crypto ImportKey crashes tab
  + CVE-2023-25744: Memory safety bugs fixed in Firefox 110 and Firefox ESR 102.8
  + CVE-2023-25745: Memory safety bugs fixed in Firefox 110