Пакет firefox: Информация
Default inline alert: Версия в репозитории: 125.0.2-alt1
Бинарный пакет: firefox
Версия: 101.0-alt1
Архитектура: x86_64
Собран: 2 июня 2022 г. 13:29 в задании #301047
Исходный пакет: firefox
Категория: Сети/WWW
Сообщить об ошибке в пакетеЗагрузка: firefox-101.0-alt1.x86_64.rpm
Домашняя страница: http://www.mozilla.org/projects/firefox/
Лицензия: MPL-2.0
О пакете: The Mozilla Firefox project is a redesign of Mozilla's browser
Описание:
The Mozilla Firefox project is a redesign of Mozilla's browser component, written using the XUL user interface language and designed to be cross-platform.
Сопровождающий: Alexey Gladkov
Список участников:
Alexey Gladkov
Sergey Bolshakov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
Konstantin Lepikhov
Alexey Gladkov
Sergey Bolshakov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
Konstantin Lepikhov
Последнее изменение
1 июня 2022 г. Alexey Gladkov 101.0-alt1
- New release (101.0). - Use internal cbindgen again. - Security fixes: + CVE-2022-31736: Cross-Origin resource's length leaked + CVE-2022-31737: Heap buffer overflow in WebGL + CVE-2022-31738: Browser window spoof using fullscreen mode + CVE-2022-31739: Attacker-influenced path traversal when saving downloaded files + CVE-2022-31740: Register allocation problem in WASM on arm64 + CVE-2022-31741: Uninitialized variable leads to invalid memory read + CVE-2022-31742: Querying a WebAuthn token with a large number of allowCredential entries may have leaked cross-origin information + CVE-2022-31743: HTML Parsing incorrectly ended HTML comments prematurely + CVE-2022-31744: CSP bypass enabling stylesheet injection + CVE-2022-31745: Incorrect Assertion caused by unoptimized array shift operations + CVE-2022-1919: Memory Corruption when manipulating webp images + CVE-2022-31747: Memory safety bugs fixed in Firefox 101 and Firefox ESR 91.10 + CVE-2022-31748: Memory safety bugs fixed in Firefox 101
21 мая 2022 г. Alexey Gladkov 100.0.2-alt1
- New release (100.0.2). - Security fixes: + CVE-2022-1802: Prototype pollution in Top-Level Await implementation + CVE-2022-1529: Untrusted input used in JavaScript object indexing, leading to prototype pollution
3 мая 2022 г. Alexey Gladkov 100.0-alt1
- New release (100.0). - Security fixes: + CVE-2022-29914: Fullscreen notification bypass using popups + CVE-2022-29909: Bypassing permission prompt in nested browsing contexts + CVE-2022-29916: Leaking browser history with CSS variables + CVE-2022-29911: iframe Sandbox bypass + CVE-2022-29912: Reader mode bypassed SameSite cookies + CVE-2022-29910: Firefox for Android forgot HTTP Strict Transport Security settings + CVE-2022-29915: Leaking cross-origin redirect through the Performance API + CVE-2022-29917: Memory safety bugs fixed in Firefox 100 and Firefox ESR 91.9 + CVE-2022-29918: Memory safety bugs fixed in Firefox 100