Пакет firefox: Информация

Бинарный пакет: firefox
Версия: 64.0-alt1
Архитектура: i586
Собран:  26 декабря 2018 г. 2:18 в задании #218259
Исходный пакет: firefox
Категория: Сети/WWW
Сообщить об ошибке в пакете
Gear: https://git.altlinux.org/gears/f/firefox.git?a=tree;hb=d3ad2e54f…
Лог сборки: https://git.altlinux.org/tasks/218259/build/140/i586/log
Домашняя страница: http://www.mozilla.org/projects/firefox/
Лицензия: MPL/GPL/LGPL
О пакете: The Mozilla Firefox project is a redesign of Mozilla's browser
Описание: 
The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.
Сопровождающий: Alexey Gladkov
Список участников:
Alexey Gladkov
Ivan Zakharyaschev
Konstantin Lepikhov

Последнее изменение

20 декабря 2018 г. Alexey Gladkov 64.0-alt1
- New release (64.0).
- Fixed:
  + CVE-2018-12407: Buffer overflow with ANGLE library when using VertexBuffer11 module
  + CVE-2018-17466: Buffer overflow and out-of-bounds read in ANGLE library with TextureStorage11
  + CVE-2018-18492: Use-after-free with select element
  + CVE-2018-18493: Buffer overflow in accelerated 2D canvas with Skia
  + CVE-2018-18494: Same-origin policy violation using location attribute and performance.getEntries to steal cross-origin URLs
  + CVE-2018-18495: WebExtension content scripts can be loaded in about: pages
  + CVE-2018-18496: Embedded feed preview page can be abused for clickjacking
  + CVE-2018-18497: WebExtensions can load arbitrary URLs through pipe separators
  + CVE-2018-18498: Integer overflow when calculating buffer sizes for images
  + CVE-2018-12406: Memory safety bugs fixed in Firefox 64
  + CVE-2018-12405: Memory safety bugs fixed in Firefox 64 and Firefox ESR 60.4
23 ноября 2018 г. Alexey Gladkov 63.0.3-alt1
- New release (63.0.3).
13 ноября 2018 г. Alexey Gladkov 63.0.1-alt1
- New release (63.0.1).
- Fixed:
  + CVE-2018-12391: HTTP Live Stream audio data is accessible cross-origin
  + CVE-2018-12392: Crash with nested event loops
  + CVE-2018-12393: Integer overflow during Unicode conversion while loading JavaScript
  + CVE-2018-12395: WebExtension bypass of domain restrictions through header rewriting
  + CVE-2018-12396: WebExtension content scripts can execute in disallowed contexts
  + CVE-2018-12397: Missing warning prompt when WebExtension requests local file access
  + CVE-2018-12398: CSP bypass through stylesheet injection in resource URIs
  + CVE-2018-12399: Spoofing of protocol registration notification bar
  + CVE-2018-12400: Favicons are cached in private browsing mode on Firefox for Android
  + CVE-2018-12401: DOS attack through special resource URI parsing
  + CVE-2018-12402: SameSite cookies leak when pages are explicitly saved
  + CVE-2018-12403: Mixed content warning is not displayed when HTTPS page loads a favicon over HTTP
  + CVE-2018-12388: Memory safety bugs fixed in Firefox 63
  + CVE-2018-12390: Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Версия: v24.5.3
Наверх