Package firefox-wayland: Information

    Binary package: firefox-wayland
    Version: 96.0.1-alt1
    Architecture: i586
    Build time:  Jan 15, 2022, 05:21 PM in the task #293538
    Source package: firefox
    Category: Networking/WWW
    Report package bug
    License: MPL-2.0
    Summary: Firefox Wayland launcher.
    Description: 
    The firefox-wayland package contains launcher and desktop file
    to run Firefox natively on Wayland.

    Maintainer: Alexey Gladkov


    Last changed


    Jan. 15, 2022 Alexey Gladkov 96.0.1-alt1
    - New release (96.0.1).
    Jan. 12, 2022 Alexey Gladkov 96.0-alt1
    - New release (96.0).
    - Disable webrtc for armh, ppc64le.
    - Security fixes:
      + CVE-2022-22746: Calling into reportValidity could have lead to fullscreen window spoof
      + CVE-2022-22743: Browser window spoof using fullscreen mode
      + CVE-2022-22742: Out-of-bounds memory access when inserting text in edit mode
      + CVE-2022-22741: Browser window spoof using fullscreen mode
      + CVE-2022-22740: Use-after-free of ChannelEventQueue::mOwner
      + CVE-2022-22738: Heap-buffer-overflow in blendGaussianBlur
      + CVE-2022-22737: Race condition when playing audio files
      + CVE-2021-4140: Iframe sandbox bypass with XSLT
      + CVE-2022-22750: IPC passing of resource handles could have lead to sandbox bypass
      + CVE-2022-22749: Lack of URL restrictions when scanning QR codes
      + CVE-2022-22748: Spoofed origin on external protocol launch dialog
      + CVE-2022-22745: Leaking cross-origin URLs through securitypolicyviolation event
      + CVE-2022-22744: The 'Copy as curl' feature in DevTools did not fully escape website-controlled data, potentially leading to command injection
      + CVE-2022-22747: Crash when handling empty pkcs7 sequence
      + CVE-2022-22736: Potential local privilege escalation when loading modules from the install directory.
      + CVE-2022-22739: Missing throttling on external protocol launch dialog
      + CVE-2022-22751: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5
      + CVE-2022-22752: Memory safety bugs fixed in Firefox 96
    Dec. 17, 2021 Alexey Gladkov 95.0.1-alt1
    - New release (95.0.1).