Package firefox-esr: Information

    Source package: firefox-esr
    Version: 128.2.0-alt1
    Latest version according to Repology
    Build time:  Sep 8, 2024, 06:07 PM in the task #357090
    Category: Networking/WWW
    Report package bug
    License: MPL-2.0
    Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
    Description: 
    Mozilla Firefox is an open-source web browser, designed
    for standards compliance, performance and portability.

    List of RPM packages built from this SRPM:
    firefox-esr (x86_64, i586, aarch64)
    firefox-esr-config-privacy (x86_64, i586, aarch64)
    firefox-esr-debuginfo (x86_64, i586, aarch64)

    Maintainer: Ajrat Makhmutov



      1. /dev/shm
      2. /proc
      3. alternatives
      4. browser-plugins-npapi-devel
      5. cbindgen
      6. chrpath
      7. clang17.0
      8. clang17.0-devel
      9. glibc-kernheaders-generic
      10. gst-plugins1.0-devel
      11. gstreamer1.0-devel
      12. libnss-devel-static
      13. libshell
      14. libstdc++-devel
      15. libwireless-devel
      16. lld17.0-devel
      17. llvm17.0-devel
      18. mozilla-common-devel
      19. nasm
      20. node
      21. pkgconfig(alsa)
      22. pkgconfig(aom)
      23. pkgconfig(bzip2)
      24. pkgconfig(cairo)
      25. pkgconfig(dav1d)
      26. pkgconfig(dbus-1)
      27. pkgconfig(dbus-glib-1)
      28. pkgconfig(dri)
      29. pkgconfig(fontconfig)
      30. pkgconfig(freetype2)
      31. pkgconfig(gio-2.0)
      32. pkgconfig(graphite2)
      33. pkgconfig(gtk+-3.0)
      34. pkgconfig(harfbuzz)
      35. pkgconfig(hunspell)
      36. pkgconfig(icu-i18n)
      37. pkgconfig(libcurl)
      38. pkgconfig(libdrm)
      39. pkgconfig(libevent)
      40. pkgconfig(libffi)
      41. pkgconfig(libjpeg)
      42. pkgconfig(libnotify)
      43. pkgconfig(libproxy-1.0)
      44. pkgconfig(libpulse)
      45. pkgconfig(libstartup-notification-1.0)
      46. pkgconfig(nspr) >= 4.35
      47. pkgconfig(nss) >= 3.98
      48. pkgconfig(opus)
      49. pkgconfig(pixman-1)
      50. pkgconfig(vpx)
      51. pkgconfig(x11)
      52. pkgconfig(xcomposite)
      53. pkgconfig(xcursor)
      54. pkgconfig(xdamage)
      55. pkgconfig(xext)
      56. pkgconfig(xft)
      57. pkgconfig(xi)
      58. pkgconfig(xkbcommon)
      59. pkgconfig(xrandr)
      60. pkgconfig(xscrnsaver)
      61. pkgconfig(xt)
      62. pkgconfig(xtst)
      63. pkgconfig(zlib)
      64. python3(click)
      65. python3(curses)
      66. python3(hamcrest)
      67. python3(pip)
      68. python3(setuptools)
      69. python3(sqlite3)
      70. python3-base
      71. rpm-build-firefox
      72. rpm-macros-alternatives
      73. rust >= 1.65.0
      74. rust-cargo >= 1.65.0
      75. unzip
      76. xorg-cf-files
      77. yasm
      78. zip

    Last changed


    Sept. 7, 2024 Ajrat Makhmutov 128.2.0-alt1
    - New ESR version.
    - Security fixes:
      + CVE-2024-8385: WASM type confusion involving ArrayTypes
      + CVE-2024-8381: Type confusion when looking up a property name in a "with" block
      + CVE-2024-8382: Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran
      + CVE-2024-8383: Firefox did not ask before openings news: links in an external application
      + CVE-2024-8384: Garbage collection could mis-color cross-compartment objects in OOM conditions
      + CVE-2024-8386: SelectElements could be shown over another site if popups are allowed
      + CVE-2024-8387: Memory safety bugs fixed in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2
    Aug. 6, 2024 Ajrat Makhmutov 128.1.0-alt1
    - New ESR version.
    - Security fixes:
      + CVE-2024-7518: Fullscreen notification dialog can be obscured by document content
      + CVE-2024-7519: Out of bounds memory access in graphics shared memory handling
      + CVE-2024-7520: Type confusion in WebAssembly
      + CVE-2024-7521: Incomplete WebAssembly exception handing
      + CVE-2024-7522: Out of bounds read in editor component
      + CVE-2024-7524: CSP strict-dynamic bypass using web-compatibility shims
      + CVE-2024-7525: Missing permission check when creating a StreamFilter
      + CVE-2024-7526: Uninitialized memory used by WebGL
      + CVE-2024-7527: Use-after-free in JavaScript garbage collection
      + CVE-2024-7528: Use-after-free in IndexedDB
      + CVE-2024-7529: Document content could partially obscure security prompts
      + CVE-2024-7531: PK11_Encrypt using CKM_CHACHA20 can reveal plaintext on Intel Sandy Bridge machines
    July 24, 2024 Ajrat Makhmutov 128.0-alt2
    - Apply all the changes from regular firefox, the main ones:
      + Enable VAAPI.
      + Merge firefox-esr-wayland to firefox-esr.
      + Enforce window name to associate icon and title with window.
      + Update the url tag.
      + Update the description.