Package firefox: Information
Default inline alert: Version in the repository: 134.0.1-alt1
Source package: firefox
Version: 134.0-alt1
Build time: Jan 10, 2025, 09:45 PM in the task #368493
Category: Networking/WWW
Report package bugHome page: https://www.mozilla.org/firefox/
License: MPL-2.0
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser
Description:
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability.
List of RPM packages built from this SRPM:
firefox (x86_64, i586, aarch64)
firefox-config-privacy (x86_64, i586, aarch64)
firefox-debuginfo (x86_64, i586, aarch64)
firefox (x86_64, i586, aarch64)
firefox-config-privacy (x86_64, i586, aarch64)
firefox-debuginfo (x86_64, i586, aarch64)
Maintainer: Ajrat Makhmutov
List of contributors:
Ajrat Makhmutov
Alexey Gladkov
Sergey Bolshakov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
Konstantin Lepikhov
Ajrat Makhmutov
Alexey Gladkov
Sergey Bolshakov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
Konstantin Lepikhov
Last changed
Jan. 9, 2025 Ajrat Makhmutov 134.0-alt1
- New version (134.0). - Security fixes: + CVE-2025-0244: Address bar spoofing using an invalid protocol scheme on Firefox for Android + CVE-2025-0245: Lock screen setting bypass in Firefox Focus for Android + CVE-2025-0246: Address bar spoofing using an invalid protocol scheme on Firefox for Android + CVE-2025-0237: WebChannel APIs susceptible to confused deputy attack + CVE-2025-0238: Use-after-free when breaking lines in text + CVE-2025-0239: Alt-Svc ALPN validation failure when redirected + CVE-2025-0240: Compartment mismatch when parsing JavaScript JSON module + CVE-2025-0241: Memory corruption when using JavaScript Text Segmentation + CVE-2025-0242: Memory safety bugs fixed in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6 + CVE-2025-0243: Memory safety bugs fixed in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6 + CVE-2025-0247: Memory safety bugs fixed in Firefox 134 and Thunderbird 134
Dec. 20, 2024 Ajrat Makhmutov 133.0.3-alt1
- New version (133.0.3). - Fix FTBFS with python 3.12.8.
Nov. 28, 2024 Ajrat Makhmutov 133.0.0-alt1
- New version (133.0.0). - Security fixes: + CVE-2024-11691: Out-of-bounds write in Apple GPU drivers via WebGL + CVE-2024-11700: Potential Tapjacking Exploit for Intent Confirmation on Android + CVE-2024-11692: Select list elements could be shown over another site + CVE-2024-11701: Misleading Address Bar State During Navigation Interruption + CVE-2024-11702: Inadequate Clipboard Protection in Private Browsing Mode on Android + CVE-2024-11693: Download Protections were bypassed by .library-ms files on Windows + CVE-2024-11694: CSP Bypass and XSS Exposure via Web Compatibility Shims + CVE-2024-11695: URL Bar Spoofing via Manipulated Punycode and Whitespace Characters + CVE-2024-11703: Password access without authentication via PIN bypass on Android + CVE-2024-11696: Unhandled Exception in Add-on Signature Verification + CVE-2024-11697: Improper Keypress Handling in Executable File Confirmation Dialog + CVE-2024-11704: Potential Double-Free Vulnerability in PKCS#7 Decryption Handling + CVE-2024-11698: Fullscreen Lock-Up When Modal Dialog Interrupts Transition on macOS + CVE-2024-11705: Null Pointer Dereference in NSC_DeriveKey + CVE-2024-11706: Null Pointer Dereference in PKCS#12 Utility + CVE-2024-11708: Data race with PlaybackParams + CVE-2024-11699: Memory safety bugs fixed in Firefox 133, Firefox ESR 128.5, and Thunderbird 128.5