ALT repositories
Last updated at Fri, 24 Jul 2020 14:09:54 +0000 | SRPMs: 24197
en ru
SRPMs in branches
hide window
  • 51.0.1-alt0.M80P.1
  • 68.0.1-alt0.M80P.1
  • 60.8.0-alt0.M70C.1
  • 45.9.0-alt0.M70P.1
  • 45.9.0-alt0.M70P.1
  • 10.0.2-alt1.M60C.1
  • 17.0.11-alt0.M60P.1
  • 17.0.11-alt0.M60P.1
  • 10.0.12-alt0.M50P.1
Group :: Networking/WWW
Source RPM: firefox
Current version: 77.0.1-alt1
Built: 11 months ago
Rebuilt: 11 months ago
Size: 402 MB
Repocop status: skip
Home page:

License: MPL-2.0
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser

The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be

Current maintainer: Alexey Gladkov

List of contributors: ACL: List of rpms provided by this srpm:
  • firefox
  • firefox-config-privacy
  • firefox-debuginfo
  • firefox-wayland
  • rpm-build-firefox
Recent changes (last three changelog entries):

2020-06-04 Alexey Gladkov 77.0.1-alt1

    - New release (77.0.1).
    - Security fixes:
      + CVE-2020-12399: Timing attack on DSA signatures in NSS library
      + CVE-2020-12405: Use-after-free in SharedWorkerService
      + CVE-2020-12406: JavaScript type confusion with NativeTypes
      + CVE-2020-12407: WebRender leaking GPU memory when using border-image CSS directive
      + CVE-2020-12408: URL spoofing when using IP addresses
      + CVE-2020-12409: URL spoofing with unicode characters
      + CVE-2020-12410: Memory safety bugs fixed in Firefox 77 and Firefox ESR 68.9
      + CVE-2020-12411: Memory safety bugs fixed in Firefox 77

2020-05-08 Alexey Gladkov 76.0.1-alt1

    - New release (76.0.1).

2020-05-06 Alexey Gladkov 76.0-alt1

    - New release (76.0).
    - Security fixes:
      + CVE-2020-12387: Use-after-free during worker shutdown
      + CVE-2020-12388: Sandbox escape with improperly guarded Access Tokens
      + CVE-2020-12389: Sandbox escape with improperly separated process types
      + CVE-2020-6831: Buffer overflow in SCTP chunk input validation
      + CVE-2020-12390: Incorrect serialization of nsIPrincipal.origin for IPv6 addresses
      + CVE-2020-12391: Content-Security-Policy bypass using object elements
      + CVE-2020-12392: Arbitrary local file access with 'Copy as cURL'
      + CVE-2020-12393: Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection
      + CVE-2020-12394: URL spoofing in location bar when unfocussed
      + CVE-2020-12395: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8
      + CVE-2020-12396: Memory safety bugs fixed in Firefox 76
The Geyser project is based on code from Prometheus2.0, which had been made available under the MIT License.