Package firefox

Source package: firefox
Version: 96.0.1-alt1
Build time:  Jan 15, 2022, 05:21 PM
 in the task #293538
Category: Networking/WWW
Report package bug
Gear: https://git.altlinux.org/gears/f/firefox.git?a=tree;hb=8940a76e1…
Home page: http://www.mozilla.org/projects/firefox/
License:  MPL-2.0
Summary:  The Mozilla Firefox project is a redesign of Mozilla's browser
Description: 
The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.
List of rpms provided by this srpm: 
firefox (x86_64, ppc64le, i586, armh, aarch64)
firefox-config-privacy (noarch)
firefox-debuginfo (x86_64, ppc64le, i586, armh, aarch64)
firefox-wayland (x86_64, ppc64le, i586, armh, aarch64)
Maintainer: Alexey Gladkov
List of contributors: 
Alexey Gladkov
Sergey Bolshakov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
Konstantin Lepikhov

ACL: Alexey Gladkov, Sergey Bolshakov, Gleb Fotengauer-Malinovskiy
    1. python3-base
    2. /dev/shm
    3. libwireless-devel
    4. /proc
    5. lld12.0-devel
    6. llvm12.0-devel
    7. rpm-build-firefox
    8. alternatives
    9. python3(hamcrest)
    10. libnss-devel-static
    11. mozilla-common-devel
    12. nasm
    13. browser-plugins-npapi-devel
    14. chrpath
    15. node
    16. clang12.0
    17. clang12.0-devel
    18. python3(pip)
    19. rpm-macros-alternatives
    20. libshell
    21. libstdc++-devel
    22. python3(setuptools)
    23. python3(sqlite3)
    24. gst-plugins1.0-devel
    25. gstreamer1.0-devel
    26. pkgconfig(alsa)
    27. pkgconfig(aom)
    28. pkgconfig(bzip2)
    29. pkgconfig(cairo)
    30. pkgconfig(dav1d)
    31. pkgconfig(dbus-1)
    32. pkgconfig(dbus-glib-1)
    33. pkgconfig(dri)
    34. rust >= 1.56.0
    35. rust-cargo >= 1.56.0
    36. pkgconfig(fontconfig)
    37. pkgconfig(freetype2)
    38. pkgconfig(gio-2.0)
    39. pkgconfig(graphite2)
    40. pkgconfig(gtk+-2.0)
    41. pkgconfig(gtk+-3.0)
    42. pkgconfig(harfbuzz)
    43. pkgconfig(hunspell)
    44. pkgconfig(icu-i18n)
    45. pkgconfig(libcurl)
    46. pkgconfig(libdrm)
    47. pkgconfig(libevent)
    48. pkgconfig(libffi)
    49. pkgconfig(libjpeg)
    50. pkgconfig(libnotify)
    51. unzip
    52. pkgconfig(libproxy-1.0)
    53. pkgconfig(libpulse)
    54. pkgconfig(libstartup-notification-1.0)
    55. pkgconfig(nspr) >= 4.32
    56. pkgconfig(nss) >= 3.72
    57. xorg-cf-files
    58. pkgconfig(opus)
    59. pkgconfig(pixman-1)
    60. yasm
    61. pkgconfig(vpx)
    62. zip
    63. pkgconfig(x11)
    64. pkgconfig(xcomposite)
    65. pkgconfig(xcursor)
    66. pkgconfig(xdamage)
    67. pkgconfig(xext)
    68. pkgconfig(xft)
    69. pkgconfig(xi)
    70. pkgconfig(xkbcommon)
    71. pkgconfig(xrandr)
    72. pkgconfig(xscrnsaver)
    73. pkgconfig(xt)
    74. pkgconfig(xtst)
    75. pkgconfig(zlib)
Last changes:
Jan. 15, 2022 Alexey Gladkov 96.0.1-alt1
- New release (96.0.1).
Jan. 12, 2022 Alexey Gladkov 96.0-alt1
- New release (96.0).
- Disable webrtc for armh, ppc64le.
- Security fixes:
  + CVE-2022-22746: Calling into reportValidity could have lead to fullscreen window spoof
  + CVE-2022-22743: Browser window spoof using fullscreen mode
  + CVE-2022-22742: Out-of-bounds memory access when inserting text in edit mode
  + CVE-2022-22741: Browser window spoof using fullscreen mode
  + CVE-2022-22740: Use-after-free of ChannelEventQueue::mOwner
  + CVE-2022-22738: Heap-buffer-overflow in blendGaussianBlur
  + CVE-2022-22737: Race condition when playing audio files
  + CVE-2021-4140: Iframe sandbox bypass with XSLT
  + CVE-2022-22750: IPC passing of resource handles could have lead to sandbox bypass
  + CVE-2022-22749: Lack of URL restrictions when scanning QR codes
  + CVE-2022-22748: Spoofed origin on external protocol launch dialog
  + CVE-2022-22745: Leaking cross-origin URLs through securitypolicyviolation event
  + CVE-2022-22744: The 'Copy as curl' feature in DevTools did not fully escape website-controlled data, potentially leading to command injection
  + CVE-2022-22747: Crash when handling empty pkcs7 sequence
  + CVE-2022-22736: Potential local privilege escalation when loading modules from the install directory.
  + CVE-2022-22739: Missing throttling on external protocol launch dialog
  + CVE-2022-22751: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5
  + CVE-2022-22752: Memory safety bugs fixed in Firefox 96
Dec. 17, 2021 Alexey Gladkov 95.0.1-alt1
- New release (95.0.1).

Back to Top