Пакет firefox-esr: Информация

  • Default inline alert: Собрана новая версия пакета

    № Задания: #344912
    Собран: 16 апреля 2024 г. 20:38
    Новая версия: 115.10.0-alt1

  • Default inline alert: Версия в репозитории: 115.9.1-alt1

Исходный пакет: firefox-esr
Версия: 91.6.0-alt1
Последняя версия по данным Repology
Собран:  9 февраля 2022 г. 21:49 в задании #295121
Категория: Сети/WWW
Сообщить об ошибке в пакете
Gear: https://git.altlinux.org/gears/f/firefox-esr.git?a=tree;hb=35ed6…
Домашняя страница: http://www.mozilla.org/projects/firefox/
Лицензия: MPL-2.0
О пакете: The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
Описание: 
The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.
Список rpm-пакетов, предоставляемых данным srpm-пакетом:
firefox-esr (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-config-privacy (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-debuginfo (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-wayland (x86_64, ppc64le, i586, armh, aarch64)
Сопровождающий: Andrey Cherepanov
Список участников:
Pavel Vasenkov
Andrey Cherepanov
Alexey Gladkov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
Права:
Pavel Vasenkov
Andrey Cherepanov
@everybody
    1. autoconf_2.13
    2. autoconf_2.13
    3. libxkbcommon-devel
    4. libdrm-devel
    5. libshell
    6. /dev/shm
    7. python3-base
    8. browser-plugins-npapi-devel
    9. bzlib-devel
    10. chrpath
    11. libevent-devel
    12. python3-module-pip
    13. clang11.0
    14. clang11.0-devel
    15. lld11.0-devel
    16. llvm11.0-devel
    17. /proc
    18. python3-module-setuptools
    19. libstartup-notification-devel
    20. libstdc++-devel
    21. libffi-devel
    22. python3-modules-sqlite3
    23. libnotify-devel
    24. libfreetype-devel
    25. libnss-devel-static
    26. mozilla-common-devel
    27. libopus-devel
    28. gst-plugins1.0-devel
    29. rust >= 1.54.0
    30. gstreamer1.0-devel
    31. rust-cargo >= 1.54.0
    32. pkgconfig(nspr) >= 4.32
    33. pkgconfig(nss) >= 3.69.0
    34. nasm
    35. node
    36. libGL-devel
    37. libpixman-devel
    38. fontconfig-devel
    39. libgio-devel
    40. libproxy-devel
    41. alternatives
    42. libX11-devel
    43. rpm-build-mozilla.org
    44. rpm-macros-alternatives
    45. python-module-setuptools
    46. libcairo-devel
    47. libXScrnSaver-devel
    48. libXcomposite-devel
    49. python-modules-compiler
    50. libXcursor-devel
    51. libpulseaudio-devel
    52. libXdamage-devel
    53. python-modules-json
    54. python-modules-logging
    55. python-modules-sqlite3
    56. libXext-devel
    57. libXft-devel
    58. libXi-devel
    59. libXt-devel
    60. unzip
    61. libcurl-devel
    62. libalsa-devel
    63. libdav1d-devel
    64. libaom-devel
    65. libdbus-devel
    66. libgtk+2-devel
    67. libhunspell-devel
    68. libdbus-glib-devel
    69. libjpeg-devel
    70. libgtk+3-devel
    71. libvpx-devel
    72. libwireless-devel
    73. yasm
    74. xorg-cf-files
    75. zip
    76. zlib-devel

Последнее изменение

9 февраля 2022 г. Pavel Vasenkov 91.6.0-alt1
- New ESR version.
- Security fixes:
  + CVE-2022-22753 Privilege Escalation to SYSTEM on Windows via Maintenance Service
  + CVE-2022-22754 Extensions could have bypassed permission confirmation during update
  + CVE-2022-22756 Drag and dropping an image could have resulted in the dropped object being an executable
  + CVE-2022-22759 Sandboxed iframes could have executed script if the parent appended elements
  + CVE-2022-22760 Cross-Origin responses could be distinguished between script and non-script content-types
  + CVE-2022-22761 frame-ancestors Content Security Policy directive was not enforced for framed extension pages
  + CVE-2022-22763 Script Execution during invalid object state
  + CVE-2022-22764 Memory safety bugs fixed in Firefox 97 and Firefox ESR 91.6
27 января 2022 г. Pavel Vasenkov 91.5.1-alt1
- New ESR version.
11 января 2022 г. Andrey Cherepanov 91.5.0-alt1
- New ESR version.
- Security fixes:
  + CVE-2022-22746 Calling into reportValidity could have lead to fullscreen window spoof
  + CVE-2022-22743 Browser window spoof using fullscreen mode
  + CVE-2022-22742 Out-of-bounds memory access when inserting text in edit mode
  + CVE-2022-22741 Browser window spoof using fullscreen mode
  + CVE-2022-22740 Use-after-free of ChannelEventQueue::mOwner
  + CVE-2022-22738 Heap-buffer-overflow in blendGaussianBlur
  + CVE-2022-22737 Race condition when playing audio files
  + CVE-2021-4140 Iframe sandbox bypass with XSLT
  + CVE-2022-22748 Spoofed origin on external protocol launch dialog
  + CVE-2022-22745 Leaking cross-origin URLs through securitypolicyviolation event
  + CVE-2022-22744 The 'Copy as curl' feature in DevTools did not fully escape website-controlled data, potentially leading to command injection
  + CVE-2022-22747 Crash when handling empty pkcs7 sequence
  + CVE-2022-22739 Missing throttling on external protocol launch dialog
  + CVE-2022-22751 Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Версия: v24.4.2
Наверх