Package firefox: Information

  • Default inline alert: Version in the repository: 124.0-alt1

Source package: firefox
Version: 96.0-alt1
Latest version according to Repology
Build time:  Jan 14, 2022, 09:19 PM in the task #293406
Category: Networking/WWW
Report package bug
License: MPL-2.0
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Description: 
The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.

List of rpms provided by this srpm:
firefox (x86_64, ppc64le, i586, armh, aarch64)
firefox-config-privacy (noarch)
firefox-debuginfo (x86_64, ppc64le, i586, armh, aarch64)
firefox-wayland (x86_64, ppc64le, i586, armh, aarch64)

Maintainer: Alexey Gladkov



    1. python3-base
    2. libstdc++-devel
    3. lld12.0-devel
    4. llvm12.0-devel
    5. gst-plugins1.0-devel
    6. gstreamer1.0-devel
    7. /dev/shm
    8. /proc
    9. python3(pip)
    10. libnss-devel-static
    11. pkgconfig(alsa)
    12. pkgconfig(aom)
    13. pkgconfig(bzip2)
    14. pkgconfig(cairo)
    15. pkgconfig(dav1d)
    16. pkgconfig(dbus-1)
    17. pkgconfig(dbus-glib-1)
    18. pkgconfig(dri)
    19. pkgconfig(fontconfig)
    20. pkgconfig(freetype2)
    21. pkgconfig(gio-2.0)
    22. pkgconfig(graphite2)
    23. pkgconfig(gtk+-2.0)
    24. pkgconfig(gtk+-3.0)
    25. pkgconfig(harfbuzz)
    26. pkgconfig(hunspell)
    27. pkgconfig(icu-i18n)
    28. mozilla-common-devel
    29. pkgconfig(libcurl)
    30. pkgconfig(libdrm)
    31. pkgconfig(libevent)
    32. pkgconfig(libffi)
    33. pkgconfig(libjpeg)
    34. pkgconfig(libnotify)
    35. pkgconfig(libproxy-1.0)
    36. pkgconfig(libpulse)
    37. pkgconfig(libstartup-notification-1.0)
    38. pkgconfig(nspr) >= 4.32
    39. python3(setuptools)
    40. pkgconfig(nss) >= 3.72
    41. rust >= 1.56.0
    42. pkgconfig(opus)
    43. rust-cargo >= 1.56.0
    44. pkgconfig(pixman-1)
    45. pkgconfig(vpx)
    46. pkgconfig(x11)
    47. nasm
    48. pkgconfig(xcomposite)
    49. pkgconfig(xcursor)
    50. pkgconfig(xdamage)
    51. pkgconfig(xext)
    52. pkgconfig(xft)
    53. python3(sqlite3)
    54. pkgconfig(xi)
    55. pkgconfig(xkbcommon)
    56. pkgconfig(xrandr)
    57. pkgconfig(xscrnsaver)
    58. pkgconfig(xt)
    59. pkgconfig(xtst)
    60. pkgconfig(zlib)
    61. node
    62. rpm-build-firefox
    63. rpm-macros-alternatives
    64. unzip
    65. libwireless-devel
    66. python3(hamcrest)
    67. xorg-cf-files
    68. yasm
    69. alternatives
    70. zip
    71. libshell
    72. chrpath
    73. browser-plugins-npapi-devel
    74. clang12.0
    75. clang12.0-devel

Last changed


Jan. 12, 2022 Alexey Gladkov 96.0-alt1
- New release (96.0).
- Disable webrtc for armh, ppc64le.
- Security fixes:
  + CVE-2022-22746: Calling into reportValidity could have lead to fullscreen window spoof
  + CVE-2022-22743: Browser window spoof using fullscreen mode
  + CVE-2022-22742: Out-of-bounds memory access when inserting text in edit mode
  + CVE-2022-22741: Browser window spoof using fullscreen mode
  + CVE-2022-22740: Use-after-free of ChannelEventQueue::mOwner
  + CVE-2022-22738: Heap-buffer-overflow in blendGaussianBlur
  + CVE-2022-22737: Race condition when playing audio files
  + CVE-2021-4140: Iframe sandbox bypass with XSLT
  + CVE-2022-22750: IPC passing of resource handles could have lead to sandbox bypass
  + CVE-2022-22749: Lack of URL restrictions when scanning QR codes
  + CVE-2022-22748: Spoofed origin on external protocol launch dialog
  + CVE-2022-22745: Leaking cross-origin URLs through securitypolicyviolation event
  + CVE-2022-22744: The 'Copy as curl' feature in DevTools did not fully escape website-controlled data, potentially leading to command injection
  + CVE-2022-22747: Crash when handling empty pkcs7 sequence
  + CVE-2022-22736: Potential local privilege escalation when loading modules from the install directory.
  + CVE-2022-22739: Missing throttling on external protocol launch dialog
  + CVE-2022-22751: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5
  + CVE-2022-22752: Memory safety bugs fixed in Firefox 96
Dec. 17, 2021 Alexey Gladkov 95.0.1-alt1
- New release (95.0.1).
Dec. 8, 2021 Alexey Gladkov 95.0-alt1
- New release (95.0).
- Security fixes:
  + CVE-2021-43536: URL leakage when navigating while executing asynchronous function
  + CVE-2021-43537: Heap buffer overflow when using structured clone
  + CVE-2021-43538: Missing fullscreen and pointer lock notification when requesting both
  + CVE-2021-43539: GC rooting failure when calling wasm instance methods
  + MOZ-2021-0010: Use-after-free in fullscreen objects on MacOS
  + CVE-2021-43540: WebExtensions could have installed persistent ServiceWorkers
  + CVE-2021-43541: External protocol handler parameters were unescaped
  + CVE-2021-43542: XMLHttpRequest error codes could have leaked the existence of an external protocol handler
  + CVE-2021-43543: Bypass of CSP sandbox directive when embedding
  + CVE-2021-43544: Receiving a malicious URL as text through a SEND intent could have led to XSS
  + CVE-2021-43545: Denial of Service when using the Location API in a loop
  + CVE-2021-43546: Cursor spoofing could overlay user interface when native cursor is zoomed
  + MOZ-2021-0009: Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4