Пакет firefox-esr: Информация

Исходный пакет: firefox-esr
Версия: 91.4.0-alt1
Собран:  14 декабря 2021 г. 17:03 в задании #291601
Категория: Сети/WWW
Сообщить об ошибке в пакете
Gear: https://git.altlinux.org/gears/f/firefox-esr.git?a=tree;hb=e9439…
Домашняя страница: http://www.mozilla.org/projects/firefox/
Лицензия: MPL-2.0
О пакете: The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
Описание: 
The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.
Список rpm-пакетов, предоставляемых данным srpm-пакетом:
firefox-esr (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-config-privacy (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-debuginfo (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-wayland (x86_64, ppc64le, i586, armh, aarch64)
Сопровождающий: Andrey Cherepanov
Список участников:
Andrey Cherepanov
Alexey Gladkov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
    1. libX11-devel
    2. /proc
    3. libhunspell-devel
    4. libXScrnSaver-devel
    5. libXcomposite-devel
    6. fontconfig-devel
    7. libXcursor-devel
    8. libXdamage-devel
    9. python3-base
    10. libXext-devel
    11. libcairo-devel
    12. libpulseaudio-devel
    13. libjpeg-devel
    14. libXft-devel
    15. libXi-devel
    16. /dev/shm
    17. python3-module-pip
    18. libXt-devel
    19. python3-module-setuptools
    20. libcurl-devel
    21. libdav1d-devel
    22. python3-modules-sqlite3
    23. libalsa-devel
    24. libdbus-devel
    25. libdbus-glib-devel
    26. libaom-devel
    27. libshell
    28. libdrm-devel
    29. libvpx-devel
    30. rust >= 1.54.0
    31. rust-cargo >= 1.54.0
    32. libevent-devel
    33. pkgconfig(nspr) >= 4.32
    34. alternatives
    35. pkgconfig(nss) >= 3.69.0
    36. libwireless-devel
    37. libffi-devel
    38. autoconf_2.13
    39. autoconf_2.13
    40. libfreetype-devel
    41. libxkbcommon-devel
    42. libstartup-notification-devel
    43. libstdc++-devel
    44. rpm-build-mozilla.org
    45. browser-plugins-npapi-devel
    46. rpm-macros-alternatives
    47. python-module-setuptools
    48. bzlib-devel
    49. libnotify-devel
    50. python-modules-compiler
    51. libnss-devel-static
    52. chrpath
    53. python-modules-json
    54. python-modules-logging
    55. python-modules-sqlite3
    56. clang11.0
    57. clang11.0-devel
    58. lld11.0-devel
    59. unzip
    60. llvm11.0-devel
    61. libGL-devel
    62. gst-plugins1.0-devel
    63. libopus-devel
    64. gstreamer1.0-devel
    65. xorg-cf-files
    66. libgtk+2-devel
    67. libgtk+3-devel
    68. yasm
    69. mozilla-common-devel
    70. libpixman-devel
    71. zip
    72. node
    73. zlib-devel
    74. nasm
    75. libproxy-devel
    76. libgio-devel

Последнее изменение

6 декабря 2021 г. Andrey Cherepanov 91.4.0-alt1
- New ESR version.
- Security fixes:
  + CVE-2021-43536 URL leakage when navigating while executing asynchronous function
  + CVE-2021-43537 Heap buffer overflow when using structured clone
  + CVE-2021-43538 Missing fullscreen and pointer lock notification when requesting both
  + CVE-2021-43539 GC rooting failure when calling wasm instance methods
  + CVE-2021-43541 External protocol handler parameters were unescaped
  + CVE-2021-43542 XMLHttpRequest error codes could have leaked the existence of an external protocol handler
  + CVE-2021-43543 Bypass of CSP sandbox directive when embedding
  + CVE-2021-43545 Denial of Service when using the Location API in a loop
  + CVE-2021-43546 Cursor spoofing could overlay user interface when native cursor is zoomed
18 ноября 2021 г. Andrey Cherepanov 91.3.0-alt2
- Show Home button on toolbar by default (ALT #41360).
2 ноября 2021 г. Andrey Cherepanov 91.3.0-alt1
- New ESR version.
- Security fixes:
  + CVE-2021-38503 iframe sandbox rules did not apply to XSLT stylesheets
  + CVE-2021-38504 Use-after-free in file picker dialog
  + CVE-2021-38505 Windows 10 Cloud Clipboard may have recorded sensitive user data
  + CVE-2021-38506 Firefox could be coaxed into going into fullscreen mode without notification or warning
  + CVE-2021-38507 Opportunistic Encryption in HTTP2 could be used to bypass the Same-Origin-Policy on services hosted on other ports
  + CVE-2021-38508 Permission Prompt could be overlaid, resulting in user confusion and potential spoofing
  + CVE-2021-38509 Javascript alert box could have been spoofed onto an arbitrary domain
  + CVE-2021-38510 Download Protections were bypassed by .inetloc files on Mac OS
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Версия: v24.5.3
Наверх