Package firefox-esr: Information

Source package: firefox-esr
Version: 102.7.0-alt1
Build time:  Feb 21, 2023, 01:07 PM in the task #315243
Category: Networking/WWW
Report package bug
Gear: https://git.altlinux.org/gears/f/firefox-esr.git?a=tree;hb=9a20b…
Home page: http://www.mozilla.org/projects/firefox/
License: MPL-2.0
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
Description: 
The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.
List of rpms provided by this srpm:
firefox-esr (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-config-privacy (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-debuginfo (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-wayland (x86_64, ppc64le, i586, armh, aarch64)
Maintainer: Andrey Cherepanov
List of contributors:
Pavel Vasenkov
Andrey Cherepanov
Alexey Gladkov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
    1. libopus-devel
    2. mozilla-common-devel
    3. nasm
    4. libpixman-devel
    5. node
    6. python3-base
    7. browser-plugins-npapi-devel
    8. bzlib-devel
    9. libproxy-devel
    10. chrpath
    11. clang12.0
    12. clang12.0-devel
    13. libpulseaudio-devel
    14. /dev/shm
    15. python3-module-pip
    16. libcairo-devel
    17. python3-module-setuptools
    18. /proc
    19. libcurl-devel
    20. libshell
    21. python3-modules-sqlite3
    22. libdav1d-devel
    23. libdbus-devel
    24. libdbus-glib-devel
    25. libstartup-notification-devel
    26. libstdc++-devel
    27. libdrm-devel
    28. gst-plugins1.0-devel
    29. gstreamer1.0-devel
    30. libevent-devel
    31. libffi-devel
    32. fontconfig-devel
    33. alternatives
    34. libfreetype-devel
    35. autoconf_2.13
    36. autoconf_2.13
    37. rpm-build-mozilla.org
    38. rpm-macros-alternatives
    39. libX11-devel
    40. libXScrnSaver-devel
    41. libXcomposite-devel
    42. libXcursor-devel
    43. libXdamage-devel
    44. libXext-devel
    45. libXft-devel
    46. libXi-devel
    47. libgio-devel
    48. libXt-devel
    49. libalsa-devel
    50. libaom-devel
    51. pkgconfig(alsa)
    52. pkgconfig(aom)
    53. pkgconfig(bzip2)
    54. pkgconfig(cairo)
    55. pkgconfig(dav1d)
    56. pkgconfig(dbus-1)
    57. pkgconfig(dbus-glib-1)
    58. pkgconfig(dri)
    59. pkgconfig(fontconfig)
    60. pkgconfig(freetype2)
    61. pkgconfig(gio-2.0)
    62. pkgconfig(graphite2)
    63. pkgconfig(gtk+-2.0)
    64. pkgconfig(gtk+-3.0)
    65. libgtk+2-devel
    66. pkgconfig(harfbuzz)
    67. pkgconfig(hunspell)
    68. libgtk+3-devel
    69. pkgconfig(icu-i18n)
    70. pkgconfig(libcurl)
    71. pkgconfig(libdrm)
    72. pkgconfig(libevent)
    73. pkgconfig(libffi)
    74. pkgconfig(libjpeg)
    75. pkgconfig(libnotify)
    76. pkgconfig(libproxy-1.0)
    77. pkgconfig(libpulse)
    78. pkgconfig(libstartup-notification-1.0)
    79. pkgconfig(nspr) >= 4.33
    80. pkgconfig(nss) >= 3.72
    81. pkgconfig(opus)
    82. pkgconfig(pixman-1)
    83. libhunspell-devel
    84. rust >= 1.60.0
    85. rust-cargo >= 1.60.0
    86. libvpx-devel
    87. pkgconfig(vpx)
    88. pkgconfig(x11)
    89. pkgconfig(xcomposite)
    90. pkgconfig(xcursor)
    91. pkgconfig(xdamage)
    92. pkgconfig(xext)
    93. pkgconfig(xft)
    94. pkgconfig(xi)
    95. pkgconfig(xkbcommon)
    96. pkgconfig(xrandr)
    97. pkgconfig(xscrnsaver)
    98. pkgconfig(xt)
    99. unzip
    100. pkgconfig(xtst)
    101. pkgconfig(zlib)
    102. libjpeg-devel
    103. libwireless-devel
    104. libGL-devel
    105. yasm
    106. zip
    107. zlib-devel
    108. xorg-cf-files
    109. libxkbcommon-devel
    110. python-module-setuptools
    111. python-modules-compiler
    112. python-modules-json
    113. python-modules-logging
    114. python-modules-sqlite3
    115. lld12.0-devel
    116. llvm12.0-devel
    117. libnotify-devel
    118. libnss-devel-static

Last changed

Jan. 18, 2023 Pavel Vasenkov 102.7.0-alt1
- New ESR version.
- Security fixes
  + CVE-2022-46871 libusrsctp library out of date
  + CVE-2023-23598 Arbitrary file read from GTK drag and drop on Linux
  + CVE-2023-23599 Malicious command could be hidden in devtools output on Windows
  + CVE-2023-23601 URL being dragged from cross-origin iframe into same tab triggers navigation
  + CVE-2023-23602 Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers
  + CVE-2022-46877 Fullscreen notification bypass
  + CVE-2023-23603 Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive
  + CVE-2023-23605 Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7
Dec. 14, 2022 Pavel Vasenkov 102.6.0-alt1
- New ESR version.
- Security fixes
  + CVE-2022-46880 Use-after-free in WebGL
  + CVE-2022-46872 Arbitrary file read from a compromised content process
  + CVE-2022-46881 Memory corruption in WebGL
  + CVE-2022-46874 Drag and Dropped Filenames could have been truncated to malicious extensions
  + CVE-2022-46875 Download Protections were bypassed by .atloc and .ftploc files on Mac OS
  + CVE-2022-46882 Use-after-free in WebGL
  + CVE-2022-46878 Memory safety bugs fixed in Firefox 108 and Firefox ESR 102.6
Dec. 9, 2022 Pavel Vasenkov 102.5.0-alt2
- Build with llvm-version 12 instead llvm-version 13 (Closes: #44436)
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.3
Back to top