Package firefox-esr: Information

Source package: firefox-esr
Version: 52.3.0-alt1
Latest version according to Repology
Build time:  Aug 9, 2017, 05:48 PM in the task #186871
Category: Networking/WWW
Report package bug
Gear: https://git.altlinux.org/gears/f/firefox-esr.git?a=tree;hb=8528b…
Home page: http://www.mozilla.org/projects/firefox/
License: MPL/GPL/LGPL
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Description: 
The Mozilla Firefox project is a redesign of Mozilla's browser
component, written using the XUL user interface language and designed to
be cross-platform.
List of rpms provided by this srpm:
firefox-esr (x86_64, i586)
firefox-esr-debuginfo (x86_64, i586)
Maintainer: Andrey Cherepanov
List of contributors:
Andrey Cherepanov
Ivan Zakharyaschev
ACL:
Pavel Vasenkov
Andrey Cherepanov
@everybody
    1. libvpx-devel
    2. libwireless-devel
    3. libcurl-devel
    4. libshell
    5. alternatives
    6. libevent-devel
    7. libffi-devel
    8. libstartup-notification-devel
    9. pkgconfig(nspr) >= 4.15
    10. pkgconfig(nss) >= 3.31.0
    11. makedepend
    12. libfreetype-devel
    13. autoconf_2.13
    14. autoconf_2.13
    15. glibc-kernheaders
    16. mozilla-common-devel
    17. libnotify-devel
    18. libnss-devel-static
    19. browser-plugins-npapi-devel
    20. python-module-distribute
    21. bzlib-devel
    22. gst-plugins1.0-devel
    23. gstreamer1.0-devel
    24. chrpath
    25. python-modules-compiler
    26. python-modules-json
    27. libGL-devel
    28. python-modules-logging
    29. python-modules-sqlite3
    30. libIDL-devel
    31. libopus-devel
    32. libgio-devel
    33. libX11-devel
    34. doxygen
    35. libXScrnSaver-devel
    36. unzip
    37. libXcomposite-devel
    38. rpm-build-mozilla.org
    39. libXdamage-devel
    40. libXext-devel
    41. imake
    42. libpixman-devel
    43. rpm-macros-alternatives
    44. libXft-devel
    45. libXt-devel
    46. libalsa-devel
    47. xorg-cf-files
    48. libcairo-devel
    49. libproxy-devel
    50. fontconfig-devel
    51. gcc-c++
    52. libgtk+2-devel
    53. libgtk+3-devel
    54. yasm
    55. libhunspell-devel
    56. libjpeg-devel
    57. zip
    58. libpulseaudio-devel
    59. zlib-devel

Last changed

Aug. 8, 2017 Andrey Cherepanov 52.3.0-alt1
- New ESR version (52.3.0)
- Security fixes:
  + CVE-2017-7798: XUL injection in the style editor in devtools
  + CVE-2017-7800: Use-after-free in WebSockets during disconnection
  + CVE-2017-7801: Use-after-free with marquee during window resizing
  + CVE-2017-7809: Use-after-free while deleting attached editor DOM node
  + CVE-2017-7784: Use-after-free with image observers
  + CVE-2017-7802: Use-after-free resizing image elements
  + CVE-2017-7785: Buffer overflow manipulating ARIA attributes in DOM
  + CVE-2017-7786: Buffer overflow while painting non-displayable SVG
  + CVE-2017-7753: Out-of-bounds read with cached style data and pseudo-elements
  + CVE-2017-7787: Same-origin policy bypass with iframes through page reloads
  + CVE-2017-7807: Domain hijacking through AppCache fallback
  + CVE-2017-7792: Buffer overflow viewing certificates with an extremely long OID
  + CVE-2017-7804: Memory protection bypass through WindowsDllDetourPatcher
  + CVE-2017-7791: Spoofing following page navigation with data: protocol and modal alerts
  + CVE-2017-7782: WindowsDllDetourPatcher allocates memory without DEP protections
  + CVE-2017-7803: CSP containing 'sandbox' improperly applied
  + CVE-2017-7779: Memory safety bugs fixed in Firefox 55 and Firefox ESR 52.3
July 11, 2017 Andrey Cherepanov 52.2.1-alt1
- New ESR version (52.2.1)
June 21, 2017 Andrey Cherepanov 52.2.0-alt1
- New ESR version (52.2.0)
- Security fixes:
  + CVE-2017-5472: Use-after-free using destroyed node when regenerating trees
  + CVE-2017-7749: Use-after-free during docshell reloading
  + CVE-2017-7750: Use-after-free with track elements
  + CVE-2017-7751: Use-after-free with content viewer listeners
  + CVE-2017-7752: Use-after-free with IME input
  + CVE-2017-7754: Out-of-bounds read in WebGL with ImageInfo object
  + CVE-2017-7755: Privilege escalation through Firefox Installer with same directory DLL files
  + CVE-2017-7756: Use-after-free and use-after-scope logging XHR header errors
  + CVE-2017-7757: Use-after-free in IndexedDB
  + CVE-2017-7778: Vulnerabilities in the Graphite 2 library
  + CVE-2017-7758: Out-of-bounds read in Opus encoder
  + CVE-2017-7760: File manipulation and privilege escalation via callback parameter in Mozilla Windows Updater and Maintenance Service
  + CVE-2017-7761: File deletion and privilege escalation through Mozilla Maintenance Service helper.exe application
  + CVE-2017-7763: Mac fonts render some unicode characters as spaces
  + CVE-2017-7764: Domain spoofing with combination of Canadian Syllabics and other unicode blocks
  + CVE-2017-7765: Mark of the Web bypass when saving executable files
  + CVE-2017-7766: File execution and privilege escalation through updater.ini, Mozilla Windows Updater, and Mozilla Maintenance Service
  + CVE-2017-7767: Privilege escalation and arbitrary file overwrites through Mozilla Windows Updater and Mozilla Maintenance Service
  + CVE-2017-7768: 32 byte arbitrary file read through Mozilla Maintenance Service
  + CVE-2017-5470: Memory safety bugs fixed in Firefox 54 and Firefox ESR 52.2
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.0
Back to top