Package firefox-esr-config-privacy: Information

Binary package: firefox-esr-config-privacy
Version: 115.9.1-alt1
Architecture: aarch64
Build time:  Apr 9, 2024, 09:23 PM in the task #344254
Source package: firefox-esr
Category: System/Configuration/Networking
Report package bug
Gear: https://git.altlinux.org/gears/f/firefox-esr.git?a=tree;hb=67e12…
Download: firefox-esr-config-privacy-115.9.1-alt1.aarch64.rpm
Build log: https://git.altlinux.org/tasks/344254/build/100/aarch64/log
Home page: http://www.mozilla.org/projects/firefox/
License: MPL-2.0
Summary: Firefox configuration with the paranoid privacy settings
Description: 
Settings disable:
* obsolete ssl protocols;
* safebrowsing, trackingprotection and other requests to third-party services;
* telemetry;
* webrtc;
* the social features;
* dns and network predictors/prefetch;
* and some more...

Most likely you don't need to use this package.
Maintainer: Andrey Cherepanov
List of contributors:
Pavel Vasenkov
Andrey Cherepanov
Alexey Sheplyakov
Grigory Ustinov
Alexey Gladkov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev

Last changed

April 3, 2024 Pavel Vasenkov 115.9.1-alt1
- New ESR version.
- Security fixes
  + CVE-2024-0743 Crash in NSS TLS method
  + CVE-2024-2605 Windows Error Reporter could be used as a Sandbox escape vector
  + CVE-2024-2607 JIT code failed to save return registers on Armv7-A
  + CVE-2024-2608 Integer overflow could have led to out of bounds write
  + CVE-2024-2616 Improve handling of out-of-memory conditions in ICU
  + CVE-2023-5388 NSS susceptible to timing attack against RSA decryption
  + CVE-2024-2610 Improper handling of html and body tags enabled CSP nonce leakage
  + CVE-2024-2611 Clickjacking vulnerability could have led to a user accidentally granting permissions
  + CVE-2024-2612 Self referencing object could have potentially led to a use-after-free
  + CVE-2024-2614 Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9
  + CVE-2024-29944 Privileged JavaScript Execution via Event Handlers
March 7, 2024 Andrey Cherepanov 115.8.0-alt2
- Use maximize icon for CSD restore button missing in some themes (ALT #49606).
Feb. 21, 2024 Pavel Vasenkov 115.8.0-alt1
- New ESR version.
- Security fixes
  + CVE-2024-1546 Out-of-bounds memory read in networking channels
  + CVE-2024-1547 Alert dialog could have been spoofed on another site
  + CVE-2024-1548 Fullscreen Notification could have been hidden by select element
  + CVE-2024-1549 Custom cursor could obscure the permission dialog
  + CVE-2024-1550 Mouse cursor re-positioned unexpectedly could have led to unintended permission grants
  + CVE-2024-1551 Multipart HTTP Responses would accept the Set-Cookie header in response parts
  + CVE-2024-1552 Incorrect code generation on 32-bit ARM devices
  + CVE-2024-1553 Memory safety bugs fixed in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.3
Back to top