Пакет firefox-esr: Информация
Default inline alert: Версия в репозитории: 128.2.0-alt1
Исходный пакет: firefox-esr
Версия: 128.1.0-alt1
Собран: 7 августа 2024 г. 13:42 в задании #354542
Категория: Сети/WWW
Сообщить об ошибке в пакетеОшибки пересборки | ||
---|---|---|
Архитектура | Дата ошибки | Обновлено |
i586 | 31 августа 2024 г. | 7 сентября 2024 г. |
Домашняя страница: https://www.mozilla.org/firefox/
Лицензия: MPL-2.0
О пакете: The Mozilla Firefox project is a redesign of Mozilla's browser
Описание:
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability.
Список бинарных RPM-пакетов, собираемых из данного SRPM:
firefox-esr (x86_64, i586, aarch64)
firefox-esr-config-privacy (x86_64, i586, aarch64)
firefox-esr-debuginfo (x86_64, i586, aarch64)
firefox-esr (x86_64, i586, aarch64)
firefox-esr-config-privacy (x86_64, i586, aarch64)
firefox-esr-debuginfo (x86_64, i586, aarch64)
Сопровождающий: Ajrat Makhmutov
Список участников:
Ajrat Makhmutov
Pavel Vasenkov
Andrey Cherepanov
Alexey Sheplyakov
Grigory Ustinov
Alexey Gladkov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
Ajrat Makhmutov
Pavel Vasenkov
Andrey Cherepanov
Alexey Sheplyakov
Grigory Ustinov
Alexey Gladkov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
Последнее изменение
6 августа 2024 г. Ajrat Makhmutov 128.1.0-alt1
- New ESR version. - Security fixes: + CVE-2024-7518: Fullscreen notification dialog can be obscured by document content + CVE-2024-7519: Out of bounds memory access in graphics shared memory handling + CVE-2024-7520: Type confusion in WebAssembly + CVE-2024-7521: Incomplete WebAssembly exception handing + CVE-2024-7522: Out of bounds read in editor component + CVE-2024-7524: CSP strict-dynamic bypass using web-compatibility shims + CVE-2024-7525: Missing permission check when creating a StreamFilter + CVE-2024-7526: Uninitialized memory used by WebGL + CVE-2024-7527: Use-after-free in JavaScript garbage collection + CVE-2024-7528: Use-after-free in IndexedDB + CVE-2024-7529: Document content could partially obscure security prompts + CVE-2024-7531: PK11_Encrypt using CKM_CHACHA20 can reveal plaintext on Intel Sandy Bridge machines
24 июля 2024 г. Ajrat Makhmutov 128.0-alt2
- Apply all the changes from regular firefox, the main ones: + Enable VAAPI. + Merge firefox-esr-wayland to firefox-esr. + Enforce window name to associate icon and title with window. + Update the url tag. + Update the description.
15 июля 2024 г. Ajrat Makhmutov 128.0-alt1
- New ESR version. - Security fixes: + CVE-2024-5702: Use-after-free in networking + CVE-2024-5688: Use-after-free in JavaScript object transplant + CVE-2024-5690: External protocol handlers leaked by timing attack + CVE-2024-5691: Sandboxed iframes were able to bypass sandbox restrictions to open a new window + CVE-2024-5692: Bypass of file name restrictions during saving + CVE-2024-5693: Cross-Origin Image leak via Offscreen Canvas + CVE-2024-5696: Memory Corruption in Text Fragments + CVE-2024-5700: Memory safety bugs fixed in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12 + CVE-2024-6600: Memory corruption in WebGL API + CVE-2024-6601: Race condition in permission assignment + CVE-2024-6602: Memory corruption in NSS + CVE-2024-6603: Memory corruption in thread creation + CVE-2024-6604: Memory safety bugs fixed in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13