Пакет firefox: Информация

  • Default inline alert: Версия в репозитории: 126.0.1-alt1

Исходный пакет: firefox
Версия: 61.0-alt1
Последняя версия по данным Repology
Собран:  5 июля 2018 г. 20:39 в задании #209471
Категория: Сети/WWW
Сообщить об ошибке в пакете
Gear: https://git.altlinux.org/gears/f/firefox.git?a=tree;hb=92b19fe3f…
Домашняя страница: http://www.mozilla.org/projects/firefox/
Лицензия: MPL/GPL/LGPL
О пакете: The Mozilla Firefox project is a redesign of Mozilla's browser
Описание: 
The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.
Список rpm-пакетов, предоставляемых данным srpm-пакетом:
firefox (x86_64, i586, aarch64)
firefox-debuginfo (x86_64, i586, aarch64)
rpm-build-firefox (noarch)
Сопровождающий: Alexey Gladkov
Список участников:
Alexey Gladkov
Ivan Zakharyaschev
Konstantin Lepikhov
Права:
Alexey Gladkov
Sergey Bolshakov
Gleb Fotengauer-Malinovskiy
Ajrat Makhmutov
    1. /proc
    2. libpulseaudio-devel
    3. libhunspell-devel
    4. libvpx-devel
    5. libX11-devel
    6. libcairo-devel
    7. fontconfig-devel
    8. /dev/shm
    9. libXScrnSaver-devel
    10. libXcomposite-devel
    11. libXcursor-devel
    12. libXdamage-devel
    13. libwireless-devel
    14. libXext-devel
    15. python3-base
    16. libXft-devel
    17. libjpeg-devel
    18. libXi-devel
    19. libXt-devel
    20. libalsa-devel
    21. libcurl-devel
    22. libshell
    23. libdbus-devel
    24. libdbus-glib-devel
    25. lld-devel
    26. llvm6.0-devel
    27. libstartup-notification-devel
    28. libstdc++-devel
    29. rust >= 1.24.1
    30. rust-cargo >= 0.25.0
    31. libevent-devel
    32. mozilla-common-devel
    33. pkgconfig(nspr) >= 4.17
    34. pkgconfig(nss) >= 3.38.0
    35. alternatives
    36. libffi-devel
    37. rpm-build-mozilla.org
    38. rpm-macros-alternatives
    39. libfreetype-devel
    40. autoconf_2.13
    41. autoconf_2.13
    42. python-module-distribute
    43. python-module-pip
    44. python-modules-compiler
    45. python-modules-json
    46. python-modules-logging
    47. python-modules-sqlite3
    48. unzip
    49. browser-plugins-npapi-devel
    50. bzlib-devel
    51. chrpath
    52. gst-plugins1.0-devel
    53. zip
    54. clang6.0
    55. libgio-devel
    56. gstreamer1.0-devel
    57. clang6.0-devel
    58. zlib-devel
    59. xorg-cf-files
    60. yasm
    61. libnotify-devel
    62. libnss-devel-static
    63. libGL-devel
    64. libgtk+2-devel
    65. libgtk+3-devel
    66. libopus-devel
    67. libpixman-devel
    68. libproxy-devel

Последнее изменение

2 июля 2018 г. Alexey Gladkov 61.0-alt1
- New release (61.0).
- Fixed:
  + CVE-2018-12359: Buffer overflow using computed size of canvas element
  + CVE-2018-12360: Use-after-free when using focus()
  + CVE-2018-12361: Integer overflow in SwizzleData
  + CVE-2018-12358: Same-origin bypass using service worker and redirection
  + CVE-2018-12362: Integer overflow in SSSE3 scaler
  + CVE-2018-5156: Media recorder segmentation fault when track type is changed during capture
  + CVE-2018-12363: Use-after-free when appending DOM nodes
  + CVE-2018-12364: CSRF attacks through 307 redirects and NPAPI plugins
  + CVE-2018-12365: Compromised IPC child process can list local filenames
  + CVE-2018-12371: Integer overflow in Skia library during edge builder allocation
  + CVE-2018-12366: Invalid data handling during QCMS transformations
  + CVE-2018-12367: Timing attack mitigation of PerformanceNavigationTiming
  + CVE-2018-12368: No warning when opening executable SettingContent-ms files
  + CVE-2018-12369: WebExtension security permission checks bypassed by embedded experiments
  + CVE-2018-12370: SameSite cookie protections bypassed when exiting Reader View
  + CVE-2018-5186: Memory safety bugs fixed in Firefox 61
  + CVE-2018-5187: Memory safety bugs fixed in Firefox 60 and Firefox ESR 60.1
  + CVE-2018-5188: Memory safety bugs fixed in Firefox 60, Firefox ESR 60.1, and Firefox ESR 52.9
7 июня 2018 г. Alexey Gladkov 60.0.2-alt1
- New release (60.0.2).
- Fixed:
  + CVE-2018-6126: Heap buffer overflow rasterizing paths in SVG with Skia
17 мая 2018 г. Alexey Gladkov 60.0.1-alt1
- New release (60.0.1).
- Fixed:
  + CVE-2018-5154: Use-after-free with SVG animations and clip paths
  + CVE-2018-5155: Use-after-free with SVG animations and text paths
  + CVE-2018-5157: Same-origin bypass of PDF Viewer to view protected PDF files
  + CVE-2018-5158: Malicious PDF can inject JavaScript into PDF Viewer
  + CVE-2018-5159: Integer overflow and out-of-bounds write in Skia
  + CVE-2018-5160: Uninitialized memory use by WebRTC encoder
  + CVE-2018-5152: WebExtensions information leak through webRequest API
  + CVE-2018-5153: Out-of-bounds read in mixed content websocket messages
  + CVE-2018-5163: Replacing cached data in JavaScript Start-up Bytecode Cache
  + CVE-2018-5164: CSP not applied to all multipart content sent with multipart/x-mixed-replace
  + CVE-2018-5166: WebExtension host permission bypass through filterReponseData
  + CVE-2018-5167: Improper linkification of chrome: and javascript: content in web console and JavaScript debugger
  + CVE-2018-5168: Lightweight themes can be installed without user interaction
  + CVE-2018-5169: Dragging and dropping link text onto home button can set home page to include chrome pages
  + CVE-2018-5172: Pasted script from clipboard can run in the Live Bookmarks page or PDF viewer
  + CVE-2018-5173: File name spoofing of Downloads panel with Unicode characters
  + CVE-2018-5174: Windows Defender SmartScreen UI runs with less secure behavior for downloaded files in Windows 10 April 2018 Update
  + CVE-2018-5175: Universal CSP bypass on sites using strict-dynamic in their policies
  + CVE-2018-5176: JSON Viewer script injection
  + CVE-2018-5177: Buffer overflow in XSLT during number formatting
  + CVE-2018-5165: Checkbox for enabling Flash protected mode is inverted in 32-bit Firefox
  + CVE-2018-5180: heap-use-after-free in mozilla::WebGLContext::DrawElementsInstanced
  + CVE-2018-5181: Local file can be displayed in noopener tab through drag and drop of hyperlink
  + CVE-2018-5182: Local file can be displayed from hyperlink dragged and dropped on addressbar
  + CVE-2018-5151: Memory safety bugs fixed in Firefox 60
  + CVE-2018-5150: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Версия: v24.5.3
Наверх