Репозиторий Sisyphus
Последнее обновление: 2017-09-20 13:06:09 +0400 | Пакетов: 18012 | Войти или Зарегистрироваться
en ru uk br
Репозитории ALT Linux
свернуть окно
Sisyphus: 55.0.3-alt1
p8: 55.0.3-alt0.M80P.1
p7: 45.9.0-alt0.M70P.1
t7: 45.9.0-alt0.M70P.1
Platform6: 17.0.11-alt0.M60P.1
t6: 17.0.11-alt0.M60P.1
Platform5: 10.0.12-alt0.M50P.1

Группа :: Сети/WWW
Source RPM: firefox

 Главная   Изменения   Спек   Патчи   Исходники   Загрузить   Gear   Bugs and FR (27/155)   Repocop 

Текущая версия: 55.0.3-alt1
Собрано: 22 дня назад
Размер архива: 228,1 МБ
Repocop status: ok

Домашняя страница:   http://www.mozilla.org/projects/firefox/

Лицензия: MPL/GPL/LGPL
О пакете: The Mozilla Firefox project is a redesign of Mozilla's browser
Описание:

The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.

Текущий майнтейнер: Alexey Gladkov

Список всех майнтейнеров, принимавших участие
в данной и/или предыдущих сборках пакета:
ACL: Список rpm-пакетов, предоставляемых данным srpm-пакетом:
  • firefox
  • firefox-debuginfo
  • rpm-build-firefox
Recent changes (last three changelog entries):

2017-08-29 Alexey Gladkov <legion at altlinux.ru> 55.0.3-alt1

    - New release (55.0.3).

2017-08-13 Alexey Gladkov <legion at altlinux.ru> 55.0.1-alt1

    - New release (55.0.1).
    - Fixed:
    + CVE-2017-7798: XUL injection in the style editor in devtools
    + CVE-2017-7800: Use-after-free in WebSockets during disconnection
    + CVE-2017-7801: Use-after-free with marquee during window resizing
    + CVE-2017-7809: Use-after-free while deleting attached editor DOM node
    + CVE-2017-7784: Use-after-free with image observers
    + CVE-2017-7802: Use-after-free resizing image elements
    + CVE-2017-7785: Buffer overflow manipulating ARIA attributes in DOM
    + CVE-2017-7786: Buffer overflow while painting non-displayable SVG
    + CVE-2017-7806: Use-after-free in layer manager with SVG
    + CVE-2017-7753: Out-of-bounds read with cached style data and pseudo-elements
    + CVE-2017-7787: Same-origin policy bypass with iframes through page reloads
    + CVE-2017-7807: Domain hijacking through AppCache fallback
    + CVE-2017-7792: Buffer overflow viewing certificates with an extremely long OID
    + CVE-2017-7804: Memory protection bypass through WindowsDllDetourPatcher
    + CVE-2017-7791: Spoofing following page navigation with data: protocol and modal alerts
    + CVE-2017-7808: CSP information leak with frame-ancestors containing paths
    + CVE-2017-7782: WindowsDllDetourPatcher allocates memory without DEP protections
    + CVE-2017-7781: Elliptic curve point addition error when using mixed Jacobian-affine coordinates
    + CVE-2017-7794: Linux file truncation via sandbox broker
    + CVE-2017-7803: CSP containing 'sandbox' improperly applied
    + CVE-2017-7799: Self-XSS XUL injection in about:webrtc
    + CVE-2017-7783: DOS attack through long username in URL
    + CVE-2017-7788: Sandboxed about:srcdoc iframes do not inherit CSP directives
    + CVE-2017-7789: Failure to enable HSTS when two STS headers are sent for a connection
    + CVE-2017-7790: Windows crash reporter reads extra memory for some non-null-terminated registry values
    + CVE-2017-7796: Windows updater can delete any file named update.log
    + CVE-2017-7797: Response header name interning leaks across origins
    + CVE-2017-7780: Memory safety bugs fixed in Firefox 55
    + CVE-2017-7779: Memory safety bugs fixed in Firefox 55 and Firefox ESR 52.3

2017-07-12 Alexey Gladkov <legion at altlinux.ru> 54.0.1-alt1

    - New release (54.0.1).

 
© 2009–2017 Игорь Зубков