Package firefox-esr: Information
Default inline alert: Version in the repository: 115.11.0-alt1
Source package: firefox-esr
Version: 102.7.0-alt1
Build time: Feb 21, 2023, 01:07 PM in the task #315243
Category: Networking/WWW
Report package bugHome page: http://www.mozilla.org/projects/firefox/
License: MPL-2.0
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
Description:
The Mozilla Firefox project is a redesign of Mozilla's browser component, written using the XUL user interface language and designed to be cross-platform.
List of rpms provided by this srpm:
firefox-esr (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-config-privacy (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-debuginfo (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-wayland (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-config-privacy (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-debuginfo (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-wayland (x86_64, ppc64le, i586, armh, aarch64)
Maintainer: Andrey Cherepanov
List of contributors:
Pavel Vasenkov
Andrey Cherepanov
Alexey Gladkov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
Pavel Vasenkov
Andrey Cherepanov
Alexey Gladkov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
Last changed
Jan. 18, 2023 Pavel Vasenkov 102.7.0-alt1
- New ESR version. - Security fixes + CVE-2022-46871 libusrsctp library out of date + CVE-2023-23598 Arbitrary file read from GTK drag and drop on Linux + CVE-2023-23599 Malicious command could be hidden in devtools output on Windows + CVE-2023-23601 URL being dragged from cross-origin iframe into same tab triggers navigation + CVE-2023-23602 Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers + CVE-2022-46877 Fullscreen notification bypass + CVE-2023-23603 Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive + CVE-2023-23605 Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7
Dec. 14, 2022 Pavel Vasenkov 102.6.0-alt1
- New ESR version. - Security fixes + CVE-2022-46880 Use-after-free in WebGL + CVE-2022-46872 Arbitrary file read from a compromised content process + CVE-2022-46881 Memory corruption in WebGL + CVE-2022-46874 Drag and Dropped Filenames could have been truncated to malicious extensions + CVE-2022-46875 Download Protections were bypassed by .atloc and .ftploc files on Mac OS + CVE-2022-46882 Use-after-free in WebGL + CVE-2022-46878 Memory safety bugs fixed in Firefox 108 and Firefox ESR 102.6
Dec. 9, 2022 Pavel Vasenkov 102.5.0-alt2
- Build with llvm-version 12 instead llvm-version 13 (Closes: #44436)