Package firefox-config-privacy: Information

  • Default inline alert: A new version of the package has been build

    Task #: #348263
    Build time: May 22, 2024, 02:14 PM
    New version: 126.0-alt2
Binary package: firefox-config-privacy
Version: 124.0-alt1
Architecture: noarch
Build time:  Mar 20, 2024, 07:13 PM in the task #343190
Source package: firefox
Category: System/Configuration/Networking
Report package bug
Gear: https://git.altlinux.org/gears/f/firefox.git?a=tree;hb=d13864bb5…
Download: firefox-config-privacy-124.0-alt1.noarch.rpm
Build log: https://git.altlinux.org/tasks/343190/build/200/x86_64/log
Home page: https://www.mozilla.org/firefox/
License: MPL-2.0
Summary: Firefox configuration with the paranoid privacy settings
Description: 
Settings disable:
* obsolete ssl protocols;
* safebrowsing, trackingprotection and other requests to third-party services;
* telemetry;
* webrtc;
* the social features;
* dns and network predictors/prefetch;
* and some more...

Most likely you don't need to use this package.
Maintainer: Alexey Gladkov
List of contributors:
Alexey Gladkov
Sergey Bolshakov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
Konstantin Lepikhov

Last changed

March 20, 2024 Alexey Gladkov 124.0-alt1
- New release (124.0).
- Security fixes:
  + CVE-2024-2605: Windows Error Reporter could be used as a Sandbox escape vector
  + CVE-2024-2606: Mishandling of WASM register values
  + CVE-2024-2607: JIT code failed to save return registers on Armv7-A
  + CVE-2024-2608: Integer overflow could have led to out of bounds write
  + CVE-2023-5388: NSS susceptible to timing attack against RSA decryption
  + CVE-2024-2609: Permission prompt input delay could expire when not in focus
  + CVE-2024-2610: Improper handling of html and body tags enabled CSP nonce leakage
  + CVE-2024-2611: Clickjacking vulnerability could have led to a user accidentally granting permissions
  + CVE-2024-2612: Self referencing object could have potentially led to a use-after-free
  + CVE-2024-2613: Improper handling of QUIC ACK frame data could have led to OOM
  + CVE-2024-2614: Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9
  + CVE-2024-2615: Memory safety bugs fixed in Firefox 124
March 6, 2024 Alexey Gladkov 123.0.1-alt1
- New release (123.0.1).
Feb. 24, 2024 Alexey Gladkov 123.0-alt1
- New release (123.0).
- Security fixes:
  + CVE-2024-1546: Out-of-bounds memory read in networking channels
  + CVE-2024-1547: Alert dialog could have been spoofed on another site
  + CVE-2024-1554: fetch could be used to effect cache poisoning
  + CVE-2024-1548: Fullscreen Notification could have been hidden by select element
  + CVE-2024-1549: Custom cursor could obscure the permission dialog
  + CVE-2024-1550: Mouse cursor re-positioned unexpectedly could have led to unintended permission grants
  + CVE-2024-1551: Multipart HTTP Responses would accept the Set-Cookie header in response parts
  + CVE-2024-1555: SameSite cookies were not properly respected when opening a website from an external browser
  + CVE-2024-1556: Invalid memory access in the built-in profiler
  + CVE-2024-1552: Incorrect code generation on 32-bit ARM devices
  + CVE-2024-1553: Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8
  + CVE-2024-1557: Memory safety bugs fixed in Firefox 123
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.3
Back to top