Package firefox-esr: Information
Default inline alert: Version in the repository: 115.8.0-alt2
Source package: firefox-esr
Version: 102.1.0-alt1
Build time: Aug 18, 2022, 06:48 PM in the task #304700
Category: Networking/WWW
Report package bugHome page: http://www.mozilla.org/projects/firefox/
License: MPL-2.0
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
Description:
The Mozilla Firefox project is a redesign of Mozilla's browser component, written using the XUL user interface language and designed to be cross-platform.
List of rpms provided by this srpm:
firefox-esr (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-config-privacy (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-debuginfo (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-wayland (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-config-privacy (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-debuginfo (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-wayland (x86_64, ppc64le, i586, armh, aarch64)
Maintainer: Andrey Cherepanov
List of contributors:
Pavel Vasenkov
Andrey Cherepanov
Alexey Gladkov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
Pavel Vasenkov
Andrey Cherepanov
Alexey Gladkov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
Last changed
July 22, 2022 Pavel Vasenkov 102.1.0-alt1
- New ESR version. - Security fixes: + CVE-2022-36319 Mouse Position spoofing with CSS transforms + CVE-2022-36318 Directory indexes for bundled resources reflected URL parameters + CVE-2022-36314 Opening local <code>.lnk</code> files could cause unexpected network loads + CVE-2022-2505 Memory safety bugs fixed in Firefox 103 and 102.1
June 29, 2022 Pavel Vasenkov 91.11.0-alt1
- New ESR version. - Security fixes: + CVE-2022-34479 A popup window could be resized in a way to overlay the address bar with web content + CVE-2022-34470 Use-after-free in nsSHistory + CVE-2022-34468 CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI + CVE-2022-34481 Potential integer overflow in ReplaceElementsAt + CVE-2022-31744 CSP bypass enabling stylesheet injection + CVE-2022-34472 Unavailable PAC file resulted in OCSP requests being blocked + CVE-2022-34478 Microsoft protocols can be attacked if a user accepts a prompt + CVE-2022-2200 Undesired attributes could be set as part of prototype pollution + CVE-2022-34484 Memory safety bugs fixed in Firefox 102 and Firefox ESR 91.11
June 3, 2022 Pavel Vasenkov 91.10.0-alt1
- New ESR version. - Security fixes: + CVE-2022-31736 Cross-Origin resource's length leaked + CVE-2022-31737 Heap buffer overflow in WebGL + CVE-2022-31738 Browser window spoof using fullscreen mode + CVE-2022-31739 Attacker-influenced path traversal when saving downloaded files + CVE-2022-31740 Register allocation problem in WASM on arm64 + CVE-2022-31741 Uninitialized variable leads to invalid memory read + CVE-2022-31742 Querying a WebAuthn token with a large number of allowCredential entries may have leaked cross-origin information + CVE-2022-31747 Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10