Пакет firefox: Информация

The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.
- New release (59.0.2).
- Fixed:
  + CVE-2018-5127: Buffer overflow manipulating SVG animatedPathSegList
  + CVE-2018-5128: Use-after-free manipulating editor selection ranges
  + CVE-2018-5129: Out-of-bounds write with malformed IPC messages
  + CVE-2018-5130: Mismatched RTP payload type can trigger memory corruption
  + CVE-2018-5131: Fetch API improperly returns cached copies of no-store/no-cache resources
  + CVE-2018-5132: WebExtension Find API can search privileged pages
  + CVE-2018-5133: Value of the app.support.baseURL preference is not properly sanitized
  + CVE-2018-5134: WebExtensions may use view-source: URLs to bypass content restrictions
  + CVE-2018-5135: WebExtension browserAction can inject scripts into unintended contexts
  + CVE-2018-5136: Same-origin policy violation with data: URL shared workers
  + CVE-2018-5137: Script content can access legacy extension non-contentaccessible resources
  + CVE-2018-5138: Android Custom Tab address spoofing through long domain names
  + CVE-2018-5140: Moz-icon images accessible to web content through moz-icon: protocol
  + CVE-2018-5141: DOS attack through notifications Push API
  + CVE-2018-5142: Media Capture and Streams API permissions display incorrect origin with data: and blob: URLs
  + CVE-2018-5143: Self-XSS pasting javascript: URL with embedded tab into addressbar
  + CVE-2018-5126: Memory safety bugs fixed in Firefox 59
  + CVE-2018-5125: Memory safety bugs fixed in Firefox 59 and Firefox ESR 52.7
  + CVE-2018-5146: Out of bounds memory write in libvorbis
  + CVE-2018-5147: Out of bounds memory write in libtremor
  + CVE-2018-5148: Use-after-free in compositor
- Fix ALSA (ALT#34553).
- Enable ALSA support.

Пакет firefox: Информация

Последнее изменение