Package firefox: Information
Default inline alert: Version in the repository: 125.0.3-alt1
Source package: firefox
Version: 79.0-alt1
Build time: Aug 16, 2020, 03:43 AM in the task #256176
Category: Networking/WWW
Report package bugHome page: http://www.mozilla.org/projects/firefox/
License: MPL-2.0
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Description:
The Mozilla Firefox project is a redesign of Mozilla's browser component, written using the XUL user interface language and designed to be cross-platform.
List of rpms provided by this srpm:
firefox (x86_64, i586, aarch64)
firefox-config-privacy (noarch)
firefox-debuginfo (x86_64, i586, aarch64)
firefox-wayland (x86_64, i586, aarch64)
rpm-build-firefox (noarch)
firefox (x86_64, i586, aarch64)
firefox-config-privacy (noarch)
firefox-debuginfo (x86_64, i586, aarch64)
firefox-wayland (x86_64, i586, aarch64)
rpm-build-firefox (noarch)
Maintainer: Alexey Gladkov
List of contributors:
Alexey Gladkov
Sergey Bolshakov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
Konstantin Lepikhov
Alexey Gladkov
Sergey Bolshakov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
Konstantin Lepikhov
Last changed
July 30, 2020 Alexey Gladkov 79.0-alt1
- New release (79.0). - ExcludeArch armh ppc64le - Security fixes: + CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker + CVE-2020-6514: WebRTC data channel leaks internal address to peer + CVE-2020-15655: Extension APIs could be used to bypass Same-Origin Policy + CVE-2020-15653: Bypassing iframe sandbox when allowing popups + CVE-2020-6463: Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture + CVE-2020-15656: Type confusion for special arguments in IonMonkey + CVE-2020-15658: Overriding file type when saving to disk + CVE-2020-15657: DLL hijacking due to incorrect loading path + CVE-2020-15654: Custom cursor can overlay user interface + CVE-2020-15659: Memory safety bugs fixed in Firefox 79
July 13, 2020 Alexey Gladkov 78.0.2-alt1
- New release (78.0.2). - Security fixes: + MFSA-2020-0003: X-Frame-Options bypass using object or embed tags
July 4, 2020 Alexey Gladkov 78.0.1-alt1
- New release (78.0.1). - Security fixes: + CVE-2020-12415: AppCache manifest poisoning due to url encoded character processing + CVE-2020-12416: Use-after-free in WebRTC VideoBroadcaster + CVE-2020-12417: Memory corruption due to missing sign-extension for ValueTags on ARM64 + CVE-2020-12418: Information disclosure due to manipulated URL object + CVE-2020-12419: Use-after-free in nsGlobalWindowInner + CVE-2020-12420: Use-After-Free when trying to connect to a STUN server + CVE-2020-12402: RSA Key Generation vulnerable to side-channel attack + CVE-2020-12421: Add-On updates did not respect the same certificate trust rules as software updates + CVE-2020-12422: Integer overflow in nsJPEGEncoder::emptyOutputBuffer + CVE-2020-12423: DLL Hijacking due to searching %PATH% for a library + CVE-2020-12424: WebRTC permission prompt could have been bypassed by a compromised content process + CVE-2020-12425: Out of bound read in Date.parse() + CVE-2020-12426: Memory safety bugs fixed in Firefox 78