Package firefox: Information

  • Default inline alert: Version in the repository: 127.0-alt1

Source package: firefox
Version: 58.0.2-alt1
Latest version according to Repology
Build time:  Feb 12, 2018, 11:31 PM in the task #200448
Category: Networking/WWW
Report package bug
Gear: https://git.altlinux.org/gears/f/firefox.git?a=tree;hb=e85c57cf7…
Home page: http://www.mozilla.org/projects/firefox/
License: MPL/GPL/LGPL
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Description: 
The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.
List of rpms provided by this srpm:
firefox (x86_64, i586)
firefox-debuginfo (x86_64, i586)
rpm-build-firefox (noarch)
Maintainer: Alexey Gladkov
List of contributors:
Alexey Gladkov
Ivan Zakharyaschev
Konstantin Lepikhov
ACL:
Alexey Gladkov
Sergey Bolshakov
Gleb Fotengauer-Malinovskiy
Ajrat Makhmutov
    1. /proc
    2. libpulseaudio-devel
    3. libX11-devel
    4. libhunspell-devel
    5. fontconfig-devel
    6. libXScrnSaver-devel
    7. libXcomposite-devel
    8. /dev/shm
    9. libXdamage-devel
    10. libvpx-devel
    11. libjpeg-devel
    12. libcairo-devel
    13. libXext-devel
    14. gcc-c++
    15. libXft-devel
    16. libXt-devel
    17. libwireless-devel
    18. libshell
    19. libalsa-devel
    20. libcurl-devel
    21. libdbus-devel
    22. libdbus-glib-devel
    23. libstartup-notification-devel
    24. libevent-devel
    25. llvm4.0
    26. llvm4.0-devel
    27. llvm4.0-libs
    28. pkgconfig(nspr) >= 4.17
    29. pkgconfig(nss) >= 3.33.0
    30. rust
    31. rust-cargo
    32. libffi-devel
    33. alternatives
    34. libfreetype-devel
    35. rpm-build-mozilla.org
    36. rpm-macros-alternatives
    37. mozilla-common-devel
    38. autoconf_2.13
    39. autoconf_2.13
    40. python-module-distribute
    41. python-module-pip
    42. python-modules-compiler
    43. python-modules-json
    44. python-modules-logging
    45. python-modules-sqlite3
    46. libnotify-devel
    47. browser-plugins-npapi-devel
    48. libGL-devel
    49. libnss-devel-static
    50. bzlib-devel
    51. libgio-devel
    52. gst-plugins1.0-devel
    53. gstreamer1.0-devel
    54. chrpath
    55. unzip
    56. clang4.0
    57. clang4.0-devel
    58. yasm
    59. libopus-devel
    60. xorg-cf-files
    61. zip
    62. libpixman-devel
    63. zlib-devel
    64. libgtk+2-devel
    65. libgtk+3-devel
    66. libproxy-devel

Last changed

Feb. 11, 2018 Alexey Gladkov 58.0.2-alt1
- New release (58.0.2).
- Fixed:
  + CVE-2018-5091: Use-after-free with DTMF timers
  + CVE-2018-5092: Use-after-free in Web Workers
  + CVE-2018-5093: Buffer overflow in WebAssembly during Memory/Table resizing
  + CVE-2018-5094: Buffer overflow in WebAssembly with garbage collection on uninitialized memory
  + CVE-2018-5095: Integer overflow in Skia library during edge builder allocation
  + CVE-2018-5097: Use-after-free when source document is manipulated during XSLT
  + CVE-2018-5098: Use-after-free while manipulating form input elements
  + CVE-2018-5099: Use-after-free with widget listener
  + CVE-2018-5100: Use-after-free when IsPotentiallyScrollable arguments are freed from memory
  + CVE-2018-5101: Use-after-free with floating first-letter style elements
  + CVE-2018-5102: Use-after-free in HTML media elements
  + CVE-2018-5103: Use-after-free during mouse event handling
  + CVE-2018-5104: Use-after-free during font face manipulation
  + CVE-2018-5105: WebExtensions can save and execute files on local file system without user prompts
  + CVE-2018-5106: Developer Tools can expose style editor information cross-origin through service worker
  + CVE-2018-5107: Printing process will follow symlinks for local file access
  + CVE-2018-5108: Manually entered blob URL can be accessed by subsequent private browsing tabs
  + CVE-2018-5109: Audio capture prompts and starts with incorrect origin attribution
  + CVE-2018-5110: Cursor can be made invisible on OS X
  + CVE-2018-5111: URL spoofing in addressbar through drag and drop
  + CVE-2018-5112: Extension development tools panel can open a non-relative URL in the panel
  + CVE-2018-5113: WebExtensions can load non-HTTPS pages with browser.identity.launchWebAuthFlow
  + CVE-2018-5114: The old value of a cookie changed to HttpOnly remains accessible to scripts
  + CVE-2018-5115: Background network requests can open HTTP authentication in unrelated foreground tabs
  + CVE-2018-5116: WebExtension ActiveTab permission allows cross-origin frame content access
  + CVE-2018-5117: URL spoofing with right-to-left text aligned left-to-right
  + CVE-2018-5118: Activity Stream images can attempt to load local content through file:
  + CVE-2018-5119: Reader view will load cross-origin content in violation of CORS headers
  + CVE-2018-5121: OS X Tibetan characters render incompletely in the addressbar
  + CVE-2018-5122: Potential integer overflow in DoCrypt
  + CVE-2018-5090: Memory safety bugs fixed in Firefox 58
  + CVE-2018-5089: Memory safety bugs fixed in Firefox 58 and Firefox ESR 52.6
  + CVE-2018-5124: Sanitize HTML fragments created for chrome-privileged documents
Jan. 6, 2018 Alexey Gladkov 57.0.4-alt1
- New release (57.0.4).
- Fixed:
  + Speculative execution side-channel attack ("Spectre")
  + CVE-2017-7845: Buffer overflow when drawing and validating elements with ANGLE library using Direct 3D 9
Dec. 8, 2017 Alexey Gladkov 57.0.1-alt2
- Enable dbus support (ALT#34275).
- Change chrome packaging format to omni (ALT#34285).
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.3
Back to top