Package firefox-esr: Information

    Source package: firefox-esr
    Version: 115.11.0-alt1
    Latest version according to Repology
    Build time:  May 19, 2024, 09:48 PM in the task #347636
    Category: Networking/WWW
    Report package bug
    FTBFS
    ArchitectureFTBFS sinceUpdate
    i586May 25, 2024June 22, 2024
    x86_64May 23, 2024June 24, 2024

    License: MPL-2.0
    Summary: The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
    Description: 
    The Mozilla Firefox project is a redesign of Mozilla's browser component,
    written using the XUL user interface language and designed to be
    cross-platform.

    List of rpms provided by this srpm:
    firefox-esr (x86_64, i586, aarch64)
    firefox-esr-config-privacy (x86_64, i586, aarch64)
    firefox-esr-debuginfo (x86_64, i586, aarch64)
    firefox-esr-wayland (x86_64, i586, aarch64)

    Maintainer: Andrey Cherepanov



      1. /dev/shm
      2. /proc
      3. libnotify-devel
      4. libnss-devel-static
      5. alternatives
      6. autoconf_2.13
      7. autoconf_2.13
      8. browser-plugins-npapi-devel
      9. bzlib-devel
      10. fontconfig-devel
      11. chrpath
      12. clang15.0
      13. clang15.0-devel
      14. libopus-devel
      15. libpixman-devel
      16. libproxy-devel
      17. libpulseaudio-devel
      18. libshell
      19. libstartup-notification-devel
      20. libstdc++-devel
      21. glibc-kernheaders-generic
      22. gst-plugins1.0-devel
      23. gstreamer1.0-devel
      24. python3(sqlite3)
      25. libGL-devel
      26. libvpx-devel
      27. libwireless-devel
      28. python3-base
      29. libxkbcommon-devel
      30. lld15.0-devel
      31. llvm15.0-devel
      32. mozilla-common-devel
      33. nasm
      34. node
      35. libX11-devel
      36. libXScrnSaver-devel
      37. libXcomposite-devel
      38. rpm-build-mozilla.org
      39. libXcursor-devel
      40. libXdamage-devel
      41. libXext-devel
      42. libXft-devel
      43. libXi-devel
      44. rpm-macros-alternatives
      45. libXt-devel
      46. libalsa-devel
      47. libaom-devel
      48. pkgconfig(alsa)
      49. pkgconfig(aom)
      50. pkgconfig(bzip2)
      51. pkgconfig(cairo)
      52. pkgconfig(dav1d)
      53. pkgconfig(dbus-1)
      54. pkgconfig(dbus-glib-1)
      55. pkgconfig(dri)
      56. pkgconfig(fontconfig)
      57. pkgconfig(freetype2)
      58. pkgconfig(gio-2.0)
      59. pkgconfig(graphite2)
      60. pkgconfig(gtk+-2.0)
      61. pkgconfig(gtk+-3.0)
      62. pkgconfig(harfbuzz)
      63. pkgconfig(hunspell)
      64. pkgconfig(icu-i18n)
      65. pkgconfig(libcurl)
      66. pkgconfig(libdrm)
      67. pkgconfig(libevent)
      68. pkgconfig(libffi)
      69. pkgconfig(libjpeg)
      70. pkgconfig(libnotify)
      71. pkgconfig(libproxy-1.0)
      72. pkgconfig(libpulse)
      73. pkgconfig(libstartup-notification-1.0)
      74. pkgconfig(nspr) >= 4.35
      75. pkgconfig(nss) >= 3.86
      76. pkgconfig(opus)
      77. pkgconfig(pixman-1)
      78. pkgconfig(vpx)
      79. pkgconfig(x11)
      80. pkgconfig(xcomposite)
      81. pkgconfig(xcursor)
      82. pkgconfig(xdamage)
      83. pkgconfig(xext)
      84. pkgconfig(xft)
      85. pkgconfig(xi)
      86. pkgconfig(xkbcommon)
      87. pkgconfig(xrandr)
      88. pkgconfig(xscrnsaver)
      89. pkgconfig(xt)
      90. pkgconfig(xtst)
      91. pkgconfig(zlib)
      92. python3(click)
      93. libcairo-devel
      94. python3(curses)
      95. libcurl-devel
      96. libdav1d-devel
      97. libdbus-devel
      98. libdbus-glib-devel
      99. python3(hamcrest)
      100. libdrm-devel
      101. python3(imp)
      102. libevent-devel
      103. libffi-devel
      104. rust >= 1.65.0
      105. rust-cargo >= 1.65.0
      106. libfreetype-devel
      107. python3(pip)
      108. libgio-devel
      109. unzip
      110. libjpeg-devel
      111. python3(setuptools)
      112. xorg-cf-files
      113. libgtk+2-devel
      114. libgtk+3-devel
      115. yasm
      116. zip
      117. zlib-devel
      118. libhunspell-devel

    Last changed


    May 19, 2024 Pavel Vasenkov 115.11.0-alt1
    - New ESR version.
    - Security fixes
      + CVE-2024-4367 Arbitrary JavaScript execution in PDF.js
      + CVE-2024-4767 IndexedDB files retained in private browsing mode
      + CVE-2024-4768 Potential permissions request bypass via clickjacking
      + CVE-2024-4769 Cross-origin responses could be distinguished between script and non-script content-types
      + CVE-2024-4770 Use-after-free could occur when printing to PDF
      + CVE-2024-4777 Memory safety bugs fixed in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11
    April 16, 2024 Pavel Vasenkov 115.10.0-alt1
    - New ESR version.
    - Security fixes
      + CVE-2024-3852 GetBoundName in the JIT returned the wrong object
      + CVE-2024-3854 Out-of-bounds-read after mis-optimized switch statement
      + CVE-2024-3857 Incorrect JITting of arguments led to use-after-free during garbage collection
      + CVE-2024-2609 Permission prompt input delay could expire when not in focus
      + CVE-2024-3859 Integer-overflow led to out-of-bounds-read in the OpenType sanitizer
      + CVE-2024-3861 Potential use-after-free due to AlignedBuffer self-move
      + CVE-2024-3863 Download Protections were bypassed by .xrm-ms files on Windows
      + CVE-2024-3302 Denial of Service using HTTP/2 CONTINUATION frames
      + CVE-2024-3864 Memory safety bug fixed in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10
    April 3, 2024 Pavel Vasenkov 115.9.1-alt1
    - New ESR version.
    - Security fixes
      + CVE-2024-0743 Crash in NSS TLS method
      + CVE-2024-2605 Windows Error Reporter could be used as a Sandbox escape vector
      + CVE-2024-2607 JIT code failed to save return registers on Armv7-A
      + CVE-2024-2608 Integer overflow could have led to out of bounds write
      + CVE-2024-2616 Improve handling of out-of-memory conditions in ICU
      + CVE-2023-5388 NSS susceptible to timing attack against RSA decryption
      + CVE-2024-2610 Improper handling of html and body tags enabled CSP nonce leakage
      + CVE-2024-2611 Clickjacking vulnerability could have led to a user accidentally granting permissions
      + CVE-2024-2612 Self referencing object could have potentially led to a use-after-free
      + CVE-2024-2614 Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9
      + CVE-2024-29944 Privileged JavaScript Execution via Event Handlers