Package firefox: Information

  • Default inline alert: Version in the repository: 125.0.3-alt1

Source package: firefox
Version: 103.0-alt1
Latest version according to Repology
Build time:  Jul 27, 2022, 11:36 PM in the task #304397
Category: Networking/WWW
Report package bug
Gear: https://git.altlinux.org/gears/f/firefox.git?a=tree;hb=b8e0e61bf…
Home page: http://www.mozilla.org/projects/firefox/
License: MPL-2.0
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Description: 
The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.
List of rpms provided by this srpm:
firefox (x86_64, i586, armh, aarch64)
firefox-config-privacy (noarch)
firefox-debuginfo (x86_64, i586, armh, aarch64)
firefox-wayland (x86_64, i586, armh, aarch64)
Maintainer: Alexey Gladkov
List of contributors:
Alexey Gladkov
Sergey Bolshakov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
Konstantin Lepikhov
ACL:
Alexey Gladkov
Sergey Bolshakov
Gleb Fotengauer-Malinovskiy
Ajrat Makhmutov
Egor Ignatov
    1. python3(hamcrest)
    2. libwireless-devel
    3. /dev/shm
    4. python3-base
    5. libshell
    6. alternatives
    7. /proc
    8. libstdc++-devel
    9. pkgconfig(alsa)
    10. pkgconfig(aom)
    11. pkgconfig(bzip2)
    12. pkgconfig(cairo)
    13. pkgconfig(dav1d)
    14. pkgconfig(dbus-1)
    15. pkgconfig(dbus-glib-1)
    16. pkgconfig(dri)
    17. pkgconfig(fontconfig)
    18. pkgconfig(freetype2)
    19. pkgconfig(gio-2.0)
    20. pkgconfig(graphite2)
    21. pkgconfig(gtk+-2.0)
    22. pkgconfig(gtk+-3.0)
    23. browser-plugins-npapi-devel
    24. pkgconfig(harfbuzz)
    25. pkgconfig(hunspell)
    26. pkgconfig(icu-i18n)
    27. pkgconfig(libcurl)
    28. pkgconfig(libdrm)
    29. pkgconfig(libevent)
    30. pkgconfig(libffi)
    31. pkgconfig(libjpeg)
    32. chrpath
    33. pkgconfig(libnotify)
    34. pkgconfig(libproxy-1.0)
    35. pkgconfig(libpulse)
    36. lld12.0-devel
    37. clang12.0
    38. clang12.0-devel
    39. pkgconfig(libstartup-notification-1.0)
    40. python3(pip)
    41. llvm12.0-devel
    42. pkgconfig(nspr) >= 4.33
    43. pkgconfig(nss) >= 3.77
    44. pkgconfig(opus)
    45. pkgconfig(pixman-1)
    46. pkgconfig(vpx)
    47. pkgconfig(x11)
    48. pkgconfig(xcomposite)
    49. pkgconfig(xcursor)
    50. pkgconfig(xdamage)
    51. pkgconfig(xext)
    52. pkgconfig(xft)
    53. pkgconfig(xi)
    54. pkgconfig(xkbcommon)
    55. pkgconfig(xrandr)
    56. pkgconfig(xscrnsaver)
    57. pkgconfig(xt)
    58. pkgconfig(xtst)
    59. pkgconfig(zlib)
    60. rust >= 1.60.0
    61. rust-cargo >= 1.60.0
    62. libnss-devel-static
    63. mozilla-common-devel
    64. rpm-build-firefox
    65. gst-plugins1.0-devel
    66. gstreamer1.0-devel
    67. python3(setuptools)
    68. nasm
    69. rpm-macros-alternatives
    70. python3(sqlite3)
    71. node
    72. unzip
    73. xorg-cf-files
    74. zip
    75. yasm

Last changed

July 26, 2022 Alexey Gladkov 103.0-alt1
- New release (103.0).
- Security fixes:
  + CVE-2022-36319: Mouse Position spoofing with CSS transforms
  + CVE-2022-36317: Long URL would hang Firefox for Android
  + CVE-2022-36318: Directory indexes for bundled resources reflected URL parameters
  + CVE-2022-36314: Opening local <code>.lnk</code> files could cause unexpected network loads
  + CVE-2022-36315: Preload Cache Bypasses Subresource Integrity
  + CVE-2022-36316: Performance API leaked whether a cross-site resource is redirecting
  + CVE-2022-36320: Memory safety bugs fixed in Firefox 103
  + CVE-2022-2505: Memory safety bugs fixed in Firefox 103 and 102.1
June 29, 2022 Alexey Gladkov 102.0-alt1
- New release (102.0).
- Use internal libevent.
- Security fixes:
  + CVE-2022-34479: A popup window could be resized in a way to overlay the address bar with web content
  + CVE-2022-34470: Use-after-free in nsSHistory
  + CVE-2022-34468: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI
  + CVE-2022-34482: Drag and drop of malicious image could have led to malicious executable and potential code execution
  + CVE-2022-34483: Drag and drop of malicious image could have led to malicious executable and potential code execution
  + CVE-2022-34476: ASN.1 parser could have been tricked into accepting malformed ASN.1
  + CVE-2022-34481: Potential integer overflow in ReplaceElementsAt
  + CVE-2022-34474: Sandboxed iframes could redirect to external schemes
  + CVE-2022-34469: TLS certificate errors on HSTS-protected domains could be bypassed by the user on Firefox for Android
  + CVE-2022-34471: Compromised server could trick a browser into an addon downgrade
  + CVE-2022-34472: Unavailable PAC file resulted in OCSP requests being blocked
  + CVE-2022-34478: Microsoft protocols can be attacked if a user accepts a prompt
  + CVE-2022-2200: Undesired attributes could be set as part of prototype pollution
  + CVE-2022-34480: Free of uninitialized pointer in lg_init
  + CVE-2022-34477: MediaError message property leaked information on cross-origin same-site pages
  + CVE-2022-34475: HTML Sanitizer could have been bypassed via same-origin script via use tags
  + CVE-2022-34473: HTML Sanitizer could have been bypassed via use tags
  + CVE-2022-34484: Memory safety bugs fixed in Firefox 102 and Firefox ESR 91.11
  + CVE-2022-34485: Memory safety bugs fixed in Firefox 102
June 10, 2022 Alexey Gladkov 101.0.1-alt1
- New release (101.0.1).
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.0
Back to top