Package firefox-esr

Source package: firefox-esr
Version: 91.9.0-alt1
Build time:  May 5, 2022, 06:17 AM
 in the task #299477
Category: Networking/WWW
Report package bug
Gear: https://git.altlinux.org/gears/f/firefox-esr.git?a=tree;hb=3ed94…
Home page: http://www.mozilla.org/projects/firefox/
License:  MPL-2.0
Summary:  The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
Description: 
The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.
List of rpms provided by this srpm: 
firefox-esr (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-config-privacy (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-debuginfo (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-wayland (x86_64, ppc64le, i586, armh, aarch64)
Maintainer: Andrey Cherepanov
List of contributors: 
Pavel Vasenkov
Andrey Cherepanov
Alexey Gladkov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev

ACL: Andrey Cherepanov, Pavel Vasenkov, @everybody
    1. /dev/shm
    2. libcurl-devel
    3. libdav1d-devel
    4. libdbus-devel
    5. libdbus-glib-devel
    6. browser-plugins-npapi-devel
    7. bzlib-devel
    8. libnotify-devel
    9. libnss-devel-static
    10. chrpath
    11. pkgconfig(nspr) >= 4.32
    12. pkgconfig(nss) >= 3.72.0
    13. clang11.0
    14. clang11.0-devel
    15. libvpx-devel
    16. libdrm-devel
    17. /proc
    18. python-module-setuptools
    19. libopus-devel
    20. python-modules-compiler
    21. python-modules-json
    22. python-modules-logging
    23. python-modules-sqlite3
    24. libevent-devel
    25. libpixman-devel
    26. libffi-devel
    27. libX11-devel
    28. libproxy-devel
    29. libfreetype-devel
    30. libXScrnSaver-devel
    31. libwireless-devel
    32. libXcomposite-devel
    33. libXcursor-devel
    34. libXdamage-devel
    35. python3-base
    36. libXext-devel
    37. libXft-devel
    38. libXi-devel
    39. libpulseaudio-devel
    40. libXt-devel
    41. python3-module-pip
    42. libGL-devel
    43. python3-module-setuptools
    44. libxkbcommon-devel
    45. python3-modules-sqlite3
    46. libgio-devel
    47. libalsa-devel
    48. libaom-devel
    49. rpm-build-mozilla.org
    50. gst-plugins1.0-devel
    51. gstreamer1.0-devel
    52. lld11.0-devel
    53. rpm-macros-alternatives
    54. libshell
    55. rust >= 1.54.0
    56. rust-cargo >= 1.54.0
    57. alternatives
    58. llvm11.0-devel
    59. autoconf_2.13
    60. autoconf_2.13
    61. libstartup-notification-devel
    62. libstdc++-devel
    63. unzip
    64. libgtk+2-devel
    65. libhunspell-devel
    66. fontconfig-devel
    67. mozilla-common-devel
    68. xorg-cf-files
    69. libgtk+3-devel
    70. libcairo-devel
    71. yasm
    72. zip
    73. zlib-devel
    74. libjpeg-devel
    75. nasm
    76. node
Last changes:
May 4, 2022 Pavel Vasenkov 91.9.0-alt1
- New ESR version.
- Security fixes:
  + CVE-2022-29914 Fullscreen notification bypass using popups
  + CVE-2022-29909 Bypassing permission prompt in nested browsing contexts
  + CVE-2022-29916 Leaking browser history with CSS variables
  + CVE-2022-29911 iframe Sandbox bypass
  + CVE-2022-29912 Reader mode bypassed SameSite cookies
  + CVE-2022-29917 Memory safety bugs fixed in Firefox 100 and Firefox ESR 91.9
April 6, 2022 Pavel Vasenkov 91.8.0-alt1
- New ESR version.
- Security fixes:
  + CVE-2022-1097 Use-after-free in NSSToken objects
  + CVE-2022-28281 Out of bounds write due to unexpected WebAuthN Extensions
  + CVE-2022-1196 Use-after-free after VR Process destruction
  + CVE-2022-28282 Use-after-free in DocumentL10n::TranslateDocument
  + CVE-2022-28285 Incorrect AliasSet used in JIT Codegen
  + CVE-2022-28286 iframe contents could be rendered outside the border
  + CVE-2022-24713 Denial of Service via complex regular expressions
  + CVE-2022-28289 Memory safety bugs fixed in Firefox 99 and Firefox ESR 91.8
March 13, 2022 Pavel Vasenkov 91.7.0-alt1
- New ESR version.
- Security fixes:
  + CVE-2022-26383 Browser window spoof using fullscreen mode
  + CVE-2022-26384 iframe allow-scripts sandbox bypass
  + CVE-2022-26387 Time-of-check time-of-use bug when verifying add-on signatures
  + CVE-2022-26381 Use-after-free in text reflows
  + CVE-2022-26386 Temporary files downloaded to /tmp and accessible by other local users

Back to Top