Package firefox: Information

Source package: firefox
Version: 123.0-alt1
Latest version according to Repology
Build time:  Feb 24, 2024, 10:38 PM in the task #341362
Category: Networking/WWW
Report package bug
License: MPL-2.0
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Description: 
The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.

List of rpms provided by this srpm:
firefox (x86_64, armh, aarch64)
firefox-config-privacy (noarch)
firefox-debuginfo (x86_64, armh, aarch64)

Maintainer: Alexey Gladkov



    1. /dev/shm
    2. /proc
    3. alternatives
    4. browser-plugins-npapi-devel
    5. chrpath
    6. clang17.0
    7. clang17.0-devel
    8. libnss-devel-static
    9. python3(click)
    10. python3(curses)
    11. rust >= 1.65.0
    12. libshell
    13. python3(hamcrest)
    14. libstdc++-devel
    15. python3(setuptools)
    16. rust-cargo >= 1.65.0
    17. python3(pip)
    18. libwireless-devel
    19. unzip
    20. xorg-cf-files
    21. yasm
    22. zip
    23. python3(sqlite3)
    24. rpm-build-firefox
    25. rpm-macros-alternatives
    26. python3-base
    27. glibc-kernheaders-generic
    28. lld17.0-devel
    29. llvm17.0-devel
    30. gst-plugins1.0-devel
    31. gstreamer1.0-devel
    32. mozilla-common-devel
    33. nasm
    34. node
    35. pkgconfig(alsa)
    36. pkgconfig(aom)
    37. pkgconfig(bzip2)
    38. pkgconfig(cairo)
    39. pkgconfig(dav1d)
    40. pkgconfig(dbus-1)
    41. pkgconfig(dbus-glib-1)
    42. pkgconfig(dri)
    43. pkgconfig(fontconfig)
    44. pkgconfig(freetype2)
    45. pkgconfig(gio-2.0)
    46. pkgconfig(graphite2)
    47. pkgconfig(gtk+-3.0)
    48. pkgconfig(harfbuzz)
    49. pkgconfig(hunspell)
    50. pkgconfig(icu-i18n)
    51. pkgconfig(libcurl)
    52. pkgconfig(libdrm)
    53. pkgconfig(libevent)
    54. pkgconfig(libffi)
    55. pkgconfig(libjpeg)
    56. pkgconfig(libnotify)
    57. pkgconfig(libproxy-1.0)
    58. pkgconfig(libpulse)
    59. pkgconfig(libstartup-notification-1.0)
    60. pkgconfig(nspr) >= 4.35
    61. pkgconfig(nss) >= 3.98
    62. pkgconfig(opus)
    63. pkgconfig(pixman-1)
    64. pkgconfig(vpx)
    65. pkgconfig(x11)
    66. pkgconfig(xcomposite)
    67. pkgconfig(xcursor)
    68. pkgconfig(xdamage)
    69. pkgconfig(xext)
    70. pkgconfig(xft)
    71. pkgconfig(xi)
    72. pkgconfig(xkbcommon)
    73. pkgconfig(xrandr)
    74. pkgconfig(xscrnsaver)
    75. pkgconfig(xt)
    76. pkgconfig(xtst)
    77. pkgconfig(zlib)

Last changed


Feb. 24, 2024 Alexey Gladkov 123.0-alt1
- New release (123.0).
- Security fixes:
  + CVE-2024-1546: Out-of-bounds memory read in networking channels
  + CVE-2024-1547: Alert dialog could have been spoofed on another site
  + CVE-2024-1554: fetch could be used to effect cache poisoning
  + CVE-2024-1548: Fullscreen Notification could have been hidden by select element
  + CVE-2024-1549: Custom cursor could obscure the permission dialog
  + CVE-2024-1550: Mouse cursor re-positioned unexpectedly could have led to unintended permission grants
  + CVE-2024-1551: Multipart HTTP Responses would accept the Set-Cookie header in response parts
  + CVE-2024-1555: SameSite cookies were not properly respected when opening a website from an external browser
  + CVE-2024-1556: Invalid memory access in the built-in profiler
  + CVE-2024-1552: Incorrect code generation on 32-bit ARM devices
  + CVE-2024-1553: Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8
  + CVE-2024-1557: Memory safety bugs fixed in Firefox 123
Feb. 8, 2024 Alexey Gladkov 122.0.1-alt1
- New release (122.0.1).
Jan. 23, 2024 Alexey Gladkov 122.0-alt1
- New release (122.0).
- Security fixes:
  + CVE-2024-0741: Out of bounds write in ANGLE
  + CVE-2024-0742: Failure to update user input timestamp
  + CVE-2024-0743: Crash in NSS TLS method
  + CVE-2024-0744: Wild pointer dereference in JavaScript
  + CVE-2024-0745: Stack buffer overflow in WebAudio
  + CVE-2024-0746: Crash when listing printers on Linux
  + CVE-2024-0747: Bypass of Content Security Policy when directive unsafe-inline was set
  + CVE-2024-0748: Compromised content process could modify document URI
  + CVE-2024-0749: Phishing site popup could show local origin in address bar
  + CVE-2024-0750: Potential permissions request bypass via clickjacking
  + CVE-2024-0751: Privilege escalation through devtools
  + CVE-2024-0752: Use-after-free could occur when applying update on macOS
  + CVE-2024-0753: HSTS policy on subdomain could bypass policy of upper domain
  + CVE-2024-0754: Crash when using some WASM files in devtools
  + CVE-2024-0755: Memory safety bugs fixed in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7