Package firefox-esr: Information

Source package: firefox-esr
Version: 102.9.0-alt1
Build time:  Mar 31, 2023, 01:55 PM in the task #317236
Category: Networking/WWW
Report package bug
License: MPL-2.0
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
Description: 
The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.

List of rpms provided by this srpm:
firefox-esr (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-config-privacy (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-debuginfo (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-wayland (x86_64, ppc64le, i586, armh, aarch64)

Maintainer: Andrey Cherepanov


    1. mozilla-common-devel
    2. nasm
    3. /dev/shm
    4. libopus-devel
    5. node
    6. python3-base
    7. browser-plugins-npapi-devel
    8. bzlib-devel
    9. libcairo-devel
    10. chrpath
    11. clang12.0
    12. clang12.0-devel
    13. libpixman-devel
    14. /proc
    15. python3-module-pip
    16. python3-module-setuptools
    17. gst-plugins1.0-devel
    18. libcurl-devel
    19. libproxy-devel
    20. python3-modules-sqlite3
    21. libdav1d-devel
    22. libdbus-devel
    23. libdbus-glib-devel
    24. libdrm-devel
    25. gstreamer1.0-devel
    26. libpulseaudio-devel
    27. libevent-devel
    28. libffi-devel
    29. libfreetype-devel
    30. libshell
    31. alternatives
    32. autoconf_2.13
    33. autoconf_2.13
    34. rpm-build-mozilla.org
    35. rpm-macros-alternatives
    36. libgio-devel
    37. fontconfig-devel
    38. libstartup-notification-devel
    39. libstdc++-devel
    40. libX11-devel
    41. libXScrnSaver-devel
    42. libXcomposite-devel
    43. libXcursor-devel
    44. libXdamage-devel
    45. libgtk+2-devel
    46. libXext-devel
    47. pkgconfig(alsa)
    48. pkgconfig(aom)
    49. libXft-devel
    50. libXi-devel
    51. libgtk+3-devel
    52. libXt-devel
    53. pkgconfig(bzip2)
    54. pkgconfig(cairo)
    55. libGL-devel
    56. libhunspell-devel
    57. libalsa-devel
    58. pkgconfig(dav1d)
    59. pkgconfig(dbus-1)
    60. pkgconfig(dbus-glib-1)
    61. libaom-devel
    62. pkgconfig(dri)
    63. libjpeg-devel
    64. pkgconfig(fontconfig)
    65. pkgconfig(freetype2)
    66. pkgconfig(gio-2.0)
    67. pkgconfig(graphite2)
    68. pkgconfig(gtk+-2.0)
    69. pkgconfig(gtk+-3.0)
    70. pkgconfig(harfbuzz)
    71. pkgconfig(hunspell)
    72. pkgconfig(icu-i18n)
    73. pkgconfig(libcurl)
    74. pkgconfig(libdrm)
    75. pkgconfig(libevent)
    76. pkgconfig(libffi)
    77. pkgconfig(libjpeg)
    78. pkgconfig(libnotify)
    79. pkgconfig(libproxy-1.0)
    80. pkgconfig(libpulse)
    81. pkgconfig(libstartup-notification-1.0)
    82. libvpx-devel
    83. pkgconfig(nspr) >= 4.33
    84. pkgconfig(nss) >= 3.72
    85. pkgconfig(opus)
    86. pkgconfig(pixman-1)
    87. pkgconfig(vpx)
    88. pkgconfig(x11)
    89. pkgconfig(xcomposite)
    90. pkgconfig(xcursor)
    91. pkgconfig(xdamage)
    92. pkgconfig(xext)
    93. pkgconfig(xft)
    94. libxkbcommon-devel
    95. libnotify-devel
    96. libnss-devel-static
    97. libwireless-devel
    98. xorg-cf-files
    99. unzip
    100. rust >= 1.60.0
    101. rust-cargo >= 1.60.0
    102. pkgconfig(xi)
    103. pkgconfig(xkbcommon)
    104. pkgconfig(xrandr)
    105. pkgconfig(xscrnsaver)
    106. pkgconfig(xt)
    107. python-module-setuptools
    108. pkgconfig(xtst)
    109. pkgconfig(zlib)
    110. python-modules-compiler
    111. python-modules-json
    112. python-modules-logging
    113. python-modules-sqlite3
    114. yasm
    115. zip
    116. lld12.0-devel
    117. llvm12.0-devel
    118. zlib-devel

Last changed


March 22, 2023 Pavel Vasenkov 102.9.0-alt1
- New ESR version.
- Security fixes
  + CVE-2023-25751 Incorrect code generation during JIT compilation
  + CVE-2023-28164 URL being dragged from a removed cross-origin iframe into the same tab triggered navigation
  + CVE-2023-28162 Invalid downcast in Worklets
  + CVE-2023-25752 Potential out-of-bounds when accessing throttled streams
  + CVE-2023-28163 Windows Save As dialog resolved environment variables
  + CVE-2023-28176 Memory safety bugs fixed in Firefox 111 and Firefox ESR 102.9
March 3, 2023 Pavel Vasenkov 102.8.0-alt1
- New ESR version.
- Security fixes
  + CVE-2023-25728 Content security policy leak in violation reports using iframes
  + CVE-2023-25730 Screen hijack via browser fullscreen mode
  + CVE-2023-0767 Arbitrary memory write via PKCS 12 in NSS
  + CVE-2023-25735 Potential use-after-free from compartment mismatch in SpiderMonkey
  + CVE-2023-25737 Invalid downcast in SVGUtils::SetupStrokeGeometry
  + CVE-2023-25738 Printing on Windows could potentially crash Firefox with some device drivers
  + CVE-2023-25739 Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext
  + CVE-2023-25729 Extensions could have opened external schemes without user knowledge
  + CVE-2023-25732 Out of bounds memory write from EncodeInputStream
  + CVE-2023-25734 Opening local .url files could cause unexpected network loads
  + CVE-2023-25742 Web Crypto ImportKey crashes tab
  + CVE-2023-25744 Memory safety bugs fixed in Firefox 110 and Firefox ESR 102.8
  + CVE-2023-25746 Memory safety bugs fixed in Firefox ESR 102.8
Jan. 18, 2023 Pavel Vasenkov 102.7.0-alt1
- New ESR version.
- Security fixes
  + CVE-2022-46871 libusrsctp library out of date
  + CVE-2023-23598 Arbitrary file read from GTK drag and drop on Linux
  + CVE-2023-23599 Malicious command could be hidden in devtools output on Windows
  + CVE-2023-23601 URL being dragged from cross-origin iframe into same tab triggers navigation
  + CVE-2023-23602 Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers
  + CVE-2022-46877 Fullscreen notification bypass
  + CVE-2023-23603 Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive
  + CVE-2023-23605 Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7