Пакет firefox-esr: Информация
Default inline alert: Версия в репозитории: 115.10.0-alt1
Исходный пакет: firefox-esr
Версия: 115.8.0-alt2
Собран: 7 марта 2024 г. 12:03 в задании #342227
Категория: Сети/WWW
Сообщить об ошибке в пакетеДомашняя страница: http://www.mozilla.org/projects/firefox/
Лицензия: MPL-2.0
О пакете: The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
Описание:
The Mozilla Firefox project is a redesign of Mozilla's browser component, written using the XUL user interface language and designed to be cross-platform.
Список rpm-пакетов, предоставляемых данным srpm-пакетом:
firefox-esr (x86_64, i586, armh, aarch64)
firefox-esr-config-privacy (x86_64, i586, armh, aarch64)
firefox-esr-debuginfo (x86_64, i586, armh, aarch64)
firefox-esr-wayland (x86_64, i586, armh, aarch64)
firefox-esr (x86_64, i586, armh, aarch64)
firefox-esr-config-privacy (x86_64, i586, armh, aarch64)
firefox-esr-debuginfo (x86_64, i586, armh, aarch64)
firefox-esr-wayland (x86_64, i586, armh, aarch64)
Сопровождающий: Andrey Cherepanov
Список участников:
Andrey Cherepanov
Pavel Vasenkov
Alexey Sheplyakov
Grigory Ustinov
Alexey Gladkov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
Andrey Cherepanov
Pavel Vasenkov
Alexey Sheplyakov
Grigory Ustinov
Alexey Gladkov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
Последнее изменение
7 марта 2024 г. Andrey Cherepanov 115.8.0-alt2
- Use maximize icon for CSD restore button missing in some themes (ALT #49606).
21 февраля 2024 г. Pavel Vasenkov 115.8.0-alt1
- New ESR version. - Security fixes + CVE-2024-1546 Out-of-bounds memory read in networking channels + CVE-2024-1547 Alert dialog could have been spoofed on another site + CVE-2024-1548 Fullscreen Notification could have been hidden by select element + CVE-2024-1549 Custom cursor could obscure the permission dialog + CVE-2024-1550 Mouse cursor re-positioned unexpectedly could have led to unintended permission grants + CVE-2024-1551 Multipart HTTP Responses would accept the Set-Cookie header in response parts + CVE-2024-1552 Incorrect code generation on 32-bit ARM devices + CVE-2024-1553 Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8
6 февраля 2024 г. Alexey Sheplyakov 115.7.0-alt2
- Reverted malicious upstream commit https://hg.mozilla.org/integration/autoland/rev/a03a9c72d1db3716adffc6968cfb6eb43c6fcd74 which forces firefox to autoremove yandex, mail.ru, vk search extensions. Note: reverting that (and some similar) commit is a necessary condition to make firefox obey the search engine settings specified in policies.json. Alas it might be not enough. The problem is that firefox is tightly integrated with services provided by Mozilla corporation, such as bookmark sync, telemetry, captive portal detection, you name it. Reportedly a similar malware has been deployed there, thus yandex search extension (or in fact any extension) can be removed remotely (that is, without user consent) if the user is signed in into mozilla account, sends telemetry data to mozilla, etc. Perhaps it's time to make unmozilla firefox (similarly to ungoogled chromium). - policies.json: use yandex search by default (Closes: #43516).