ALT repositories
Last updated at Fri, 24 Jul 2020 14:09:54 +0000 | SRPMs: 24197
en ru
SRPMs in branches
hide window
  • 51.0.1-alt0.M80P.1
  • 68.0.1-alt0.M80P.1
  • 60.8.0-alt0.M70C.1
  • 45.9.0-alt0.M70P.1
  • 45.9.0-alt0.M70P.1
  • 10.0.2-alt1.M60C.1
  • 17.0.11-alt0.M60P.1
  • 17.0.11-alt0.M60P.1
  • 10.0.12-alt0.M50P.1
Group :: Networking/WWW
Source RPM: firefox
Current version: 88.0.1-alt1
Built: 4 days ago
Size: 384 MB
Repocop status: skip
Gear:   http://git.altlinux.org/gears/f/firefox.git
Archive:   http://ftp.altlinux.org/pub/distributions/archive/sisyphus/index/src/f/firefox
Home page:   http://www.mozilla.org/projects/firefox/

License: MPL-2.0
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Description:

The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.

Current maintainer: Alexey Gladkov

List of contributors: ACL: List of rpms provided by this srpm:
  • firefox
  • firefox-config-privacy
  • firefox-debuginfo
  • firefox-wayland
  • rpm-build-firefox
Recent changes (last three changelog entries):

2021-05-07 Alexey Gladkov 88.0.1-alt1

    - New release (88.0.1).
    - Security fixes:
      + CVE-2021-29953: Universal Cross-Site Scripting
      + CVE-2021-29952: Race condition in Web Render Components
        

2021-04-19 Alexey Gladkov 88.0-alt1

    - New release (88.0).
    - Security fixes:
      + CVE-2021-23994: Out of bound write due to lazy initialization
      + CVE-2021-23995: Use-after-free in Responsive Design Mode
      + CVE-2021-23996: Content rendered outside of webpage viewport
      + CVE-2021-23997: Use-after-free when freeing fonts from cache
      + CVE-2021-23998: Secure Lock icon could have been spoofed
      + CVE-2021-23999: Blob URLs may have been granted additional privileges
      + CVE-2021-24000: requestPointerLock() could be applied to a tab different from the visible tab
      + CVE-2021-24001: Testing code could have enabled session history manipulations by a compromised content process
      + CVE-2021-24002: Arbitrary FTP command execution on FTP servers using an encoded URL
      + CVE-2021-29945: Incorrect size computation in WebAssembly JIT could lead to null-reads
      + CVE-2021-29944: HTML injection vulnerability in Firefox for Android's Reader View
      + CVE-2021-29946: Port blocking could be bypassed
      + CVE-2021-29947: Memory safety bugs fixed in Firefox 88
        

2021-03-24 Alexey Gladkov 87.0-alt1

    - New release (87.0).
    - Security fixes:
      + CVE-2021-23981: Texture upload into an unbound backing buffer resulted in an out-of-bound read
      + CVE-2021-23982: Internal network hosts could have been probed by a malicious webpage
      + CVE-2021-23983: Transitions for invalid ::marker properties resulted in memory corruption
      + CVE-2021-23984: Malicious extensions could have spoofed popup information
      + CVE-2021-23985: Devtools remote debugging feature could have been enabled without indication to the user
      + CVE-2021-23986: A malicious extension could have performed credential-less same origin policy violations
      + CVE-2021-23987: Memory safety bugs fixed in Firefox 87 and Firefox ESR 78.9
      + CVE-2021-23988: Memory safety bugs fixed in Firefox 87
        
 
The Geyser project is based on code from Prometheus2.0, which had been made available under the MIT License.