Пакет firefox: Информация
Default inline alert: Версия в репозитории: 124.0.2-alt1
Исходный пакет: firefox
Версия: 102.0-alt1
Собран: 29 июня 2022 г. 19:47 в задании #302831
Категория: Сети/WWW
Сообщить об ошибке в пакетеДомашняя страница: http://www.mozilla.org/projects/firefox/
Лицензия: MPL-2.0
О пакете: The Mozilla Firefox project is a redesign of Mozilla's browser
Описание:
The Mozilla Firefox project is a redesign of Mozilla's browser component, written using the XUL user interface language and designed to be cross-platform.
Список rpm-пакетов, предоставляемых данным srpm-пакетом:
firefox (x86_64, i586, armh, aarch64)
firefox-config-privacy (noarch)
firefox-debuginfo (x86_64, i586, armh, aarch64)
firefox-wayland (x86_64, i586, armh, aarch64)
firefox (x86_64, i586, armh, aarch64)
firefox-config-privacy (noarch)
firefox-debuginfo (x86_64, i586, armh, aarch64)
firefox-wayland (x86_64, i586, armh, aarch64)
Сопровождающий: Alexey Gladkov
Список участников:
Alexey Gladkov
Sergey Bolshakov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
Konstantin Lepikhov
Alexey Gladkov
Sergey Bolshakov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
Konstantin Lepikhov
Последнее изменение
29 июня 2022 г. Alexey Gladkov 102.0-alt1
- New release (102.0). - Use internal libevent. - Security fixes: + CVE-2022-34479: A popup window could be resized in a way to overlay the address bar with web content + CVE-2022-34470: Use-after-free in nsSHistory + CVE-2022-34468: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI + CVE-2022-34482: Drag and drop of malicious image could have led to malicious executable and potential code execution + CVE-2022-34483: Drag and drop of malicious image could have led to malicious executable and potential code execution + CVE-2022-34476: ASN.1 parser could have been tricked into accepting malformed ASN.1 + CVE-2022-34481: Potential integer overflow in ReplaceElementsAt + CVE-2022-34474: Sandboxed iframes could redirect to external schemes + CVE-2022-34469: TLS certificate errors on HSTS-protected domains could be bypassed by the user on Firefox for Android + CVE-2022-34471: Compromised server could trick a browser into an addon downgrade + CVE-2022-34472: Unavailable PAC file resulted in OCSP requests being blocked + CVE-2022-34478: Microsoft protocols can be attacked if a user accepts a prompt + CVE-2022-2200: Undesired attributes could be set as part of prototype pollution + CVE-2022-34480: Free of uninitialized pointer in lg_init + CVE-2022-34477: MediaError message property leaked information on cross-origin same-site pages + CVE-2022-34475: HTML Sanitizer could have been bypassed via same-origin script via use tags + CVE-2022-34473: HTML Sanitizer could have been bypassed via use tags + CVE-2022-34484: Memory safety bugs fixed in Firefox 102 and Firefox ESR 91.11 + CVE-2022-34485: Memory safety bugs fixed in Firefox 102
10 июня 2022 г. Alexey Gladkov 101.0.1-alt1
- New release (101.0.1).
2 июня 2022 г. Alexey Gladkov 101.0-alt2
- Wayland: Add fix for utility popups (MOZ#1771104). - Use LLVM12 again.