Package firefox-esr: Information
Default inline alert: Version in the repository: 115.10.0-alt1
Source package: firefox-esr
Version: 91.10.0-alt1
Build time: Jun 4, 2022, 01:23 AM in the task #301215
Category: Networking/WWW
Report package bugHome page: http://www.mozilla.org/projects/firefox/
License: MPL-2.0
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
Description:
The Mozilla Firefox project is a redesign of Mozilla's browser component, written using the XUL user interface language and designed to be cross-platform.
List of rpms provided by this srpm:
firefox-esr (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-config-privacy (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-debuginfo (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-wayland (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-config-privacy (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-debuginfo (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-wayland (x86_64, ppc64le, i586, armh, aarch64)
Maintainer: Andrey Cherepanov
List of contributors:
Pavel Vasenkov
Andrey Cherepanov
Alexey Gladkov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
Pavel Vasenkov
Andrey Cherepanov
Alexey Gladkov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
Last changed
June 3, 2022 Pavel Vasenkov 91.10.0-alt1
- New ESR version. - Security fixes: + CVE-2022-31736 Cross-Origin resource's length leaked + CVE-2022-31737 Heap buffer overflow in WebGL + CVE-2022-31738 Browser window spoof using fullscreen mode + CVE-2022-31739 Attacker-influenced path traversal when saving downloaded files + CVE-2022-31740 Register allocation problem in WASM on arm64 + CVE-2022-31741 Uninitialized variable leads to invalid memory read + CVE-2022-31742 Querying a WebAuthn token with a large number of allowCredential entries may have leaked cross-origin information + CVE-2022-31747 Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10
May 22, 2022 Pavel Vasenkov 91.9.1-alt1
- New ESR version. - Security fixes: + CVE-2022-1802 Prototype pollution in Top-Level Await implementation + CVE-2022-1529 Untrusted input used in JavaScript object indexing, leading to prototype pollution
May 4, 2022 Pavel Vasenkov 91.9.0-alt1
- New ESR version. - Security fixes: + CVE-2022-29914 Fullscreen notification bypass using popups + CVE-2022-29909 Bypassing permission prompt in nested browsing contexts + CVE-2022-29916 Leaking browser history with CSS variables + CVE-2022-29911 iframe Sandbox bypass + CVE-2022-29912 Reader mode bypassed SameSite cookies + CVE-2022-29917 Memory safety bugs fixed in Firefox 100 and Firefox ESR 91.9