Репозиторий Sisyphus
Последнее обновление: 2017-07-23 12:06:02 +0400 | Пакетов: 17935 | Войти или Зарегистрироватся
en ru uk br
Репозитории ALT Linux
свернуть окно
Sisyphus: 52.2.1-alt1
p8: 45.9.0-alt0.M80P.1
p7: 45.9.0-alt0.M70P.1
t7: 45.9.0-alt0.M70P.1

Группа :: Сети/WWW
Source RPM: firefox-esr

 Главная   Изменения   Спек   Патчи   Исходники   Загрузить   Gear   Bugs and FR (0/3)   Repocop 

Текущая версия: 52.2.1-alt1
Собрано: 11 дня назад
Размер архива: 204,8 МБ
Repocop status: ok

Домашняя страница:   http://www.mozilla.org/projects/firefox/

Лицензия: MPL/GPL/LGPL
О пакете: The Mozilla Firefox project is a redesign of Mozilla's browser
Описание:

The Mozilla Firefox project is a redesign of Mozilla's browser
component, written using the XUL user interface language and designed to
be cross-platform.

Текущий майнтейнер: Андрей Черепанов

Список всех майнтейнеров, принимавших участие
в данной и/или предыдущих сборках пакета:
ACL: Список rpm-пакетов, предоставляемый данным srpm-пакетом:
  • firefox-esr
  • firefox-esr-debuginfo
Recent changes (last three changelog entries):

2017-07-11 Andrey Cherepanov <cas at altlinux.org> 52.2.1-alt1

    - New ESR version (52.2.1)

2017-06-21 Andrey Cherepanov <cas at altlinux.org> 52.2.0-alt1

    - New ESR version (52.2.0)
    - Security fixes:
    + CVE-2017-5472: Use-after-free using destroyed node when regenerating trees
    + CVE-2017-7749: Use-after-free during docshell reloading
    + CVE-2017-7750: Use-after-free with track elements
    + CVE-2017-7751: Use-after-free with content viewer listeners
    + CVE-2017-7752: Use-after-free with IME input
    + CVE-2017-7754: Out-of-bounds read in WebGL with ImageInfo object
    + CVE-2017-7755: Privilege escalation through Firefox Installer with same directory DLL files
    + CVE-2017-7756: Use-after-free and use-after-scope logging XHR header errors
    + CVE-2017-7757: Use-after-free in IndexedDB
    + CVE-2017-7778: Vulnerabilities in the Graphite 2 library
    + CVE-2017-7758: Out-of-bounds read in Opus encoder
    + CVE-2017-7760: File manipulation and privilege escalation via callback parameter in Mozilla Windows Updater and Maintenance Service
    + CVE-2017-7761: File deletion and privilege escalation through Mozilla Maintenance Service helper.exe application
    + CVE-2017-7763: Mac fonts render some unicode characters as spaces
    + CVE-2017-7764: Domain spoofing with combination of Canadian Syllabics and other unicode blocks
    + CVE-2017-7765: Mark of the Web bypass when saving executable files
    + CVE-2017-7766: File execution and privilege escalation through updater.ini, Mozilla Windows Updater, and Mozilla Maintenance Service
    + CVE-2017-7767: Privilege escalation and arbitrary file overwrites through Mozilla Windows Updater and Mozilla Maintenance Service
    + CVE-2017-7768: 32 byte arbitrary file read through Mozilla Maintenance Service
    + CVE-2017-5470: Memory safety bugs fixed in Firefox 54 and Firefox ESR 52.2

2017-05-08 Andrey Cherepanov <cas at altlinux.org> 52.1.1-alt1

    - New ESR version (52.1.1)
    - Set plugin.load_flash_only setting to false to allow use all NPAPI plugins
    - Security fixes since 52.0:
    + CVE-2016-10196: Vulnerabilities in Libevent library
    + CVE-2017-5031: Use after free in ANGLE
    + CVE-2017-5428: integer overflow in createImageBitmap()
    + CVE-2017-5429: Memory safety bugs fixed in Firefox 53, Firefox ESR
    + CVE-2017-5430: Memory safety bugs fixed in Firefox 53 and Firefox ESR
    + CVE-2017-5435: Use-after-free during transaction processing in the
    + CVE-2017-5439: Use-after-free in nsTArray Length() during XSLT
    + CVE-2017-5440: Use-after-free in txExecutionState destructor during
    + CVE-2017-5444: Buffer overflow while parsing
    + CVE-2017-5446: Out-of-bounds read when HTTP/2 DATA frames are sent
    + CVE-2017-5451: Addressbar spoofing with onblur event
    + CVE-2017-5454: Sandbox escape allowing file system read access through
    + CVE-2017-5455: Sandbox escape through internal feed reader APIs
    + CVE-2017-5456: Sandbox escape allowing local file system access
    + CVE-2017-5464: Memory corruption with accessibility and DOM
    + CVE-2017-5466: Origin confusion when reloading isolated data:text/html
    + CVE-2017-5467: Memory corruption when drawing Skia content

 
© 2009–2017 Игорь Зубков