Package firefox-esr: Information

Source package: firefox-esr
Version: 102.8.0-alt1
Latest version according to Repology
Build time:  Mar 5, 2023, 02:58 AM in the task #316235
Category: Networking/WWW
Report package bug
Gear: https://git.altlinux.org/gears/f/firefox-esr.git?a=tree;hb=cc962…
Home page: http://www.mozilla.org/projects/firefox/
License: MPL-2.0
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
Description: 
The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.
List of rpms provided by this srpm:
firefox-esr (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-config-privacy (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-debuginfo (x86_64, ppc64le, i586, armh, aarch64)
firefox-esr-wayland (x86_64, ppc64le, i586, armh, aarch64)
Maintainer: Andrey Cherepanov
List of contributors:
Pavel Vasenkov
Andrey Cherepanov
Alexey Gladkov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
ACL:
Pavel Vasenkov
Andrey Cherepanov
@everybody
    1. libcairo-devel
    2. python3-module-setuptools
    3. /dev/shm
    4. python3-modules-sqlite3
    5. libcurl-devel
    6. libdav1d-devel
    7. libdbus-devel
    8. libdbus-glib-devel
    9. libshell
    10. /proc
    11. libdrm-devel
    12. libevent-devel
    13. libffi-devel
    14. gst-plugins1.0-devel
    15. gstreamer1.0-devel
    16. libfreetype-devel
    17. fontconfig-devel
    18. libstartup-notification-devel
    19. libstdc++-devel
    20. libgio-devel
    21. alternatives
    22. libX11-devel
    23. autoconf_2.13
    24. autoconf_2.13
    25. libXScrnSaver-devel
    26. libXcomposite-devel
    27. libXcursor-devel
    28. libXdamage-devel
    29. libXext-devel
    30. rpm-build-mozilla.org
    31. libXft-devel
    32. libXi-devel
    33. libXt-devel
    34. libalsa-devel
    35. libaom-devel
    36. pkgconfig(alsa)
    37. pkgconfig(aom)
    38. pkgconfig(bzip2)
    39. pkgconfig(cairo)
    40. pkgconfig(dav1d)
    41. pkgconfig(dbus-1)
    42. pkgconfig(dbus-glib-1)
    43. rpm-macros-alternatives
    44. pkgconfig(dri)
    45. browser-plugins-npapi-devel
    46. bzlib-devel
    47. libgtk+2-devel
    48. chrpath
    49. libgtk+3-devel
    50. clang12.0
    51. clang12.0-devel
    52. pkgconfig(fontconfig)
    53. pkgconfig(freetype2)
    54. pkgconfig(gio-2.0)
    55. pkgconfig(graphite2)
    56. pkgconfig(gtk+-2.0)
    57. pkgconfig(gtk+-3.0)
    58. libhunspell-devel
    59. pkgconfig(harfbuzz)
    60. pkgconfig(hunspell)
    61. pkgconfig(icu-i18n)
    62. pkgconfig(libcurl)
    63. pkgconfig(libdrm)
    64. pkgconfig(libevent)
    65. pkgconfig(libffi)
    66. pkgconfig(libjpeg)
    67. pkgconfig(libnotify)
    68. pkgconfig(libproxy-1.0)
    69. pkgconfig(libpulse)
    70. pkgconfig(libstartup-notification-1.0)
    71. pkgconfig(nspr) >= 4.33
    72. pkgconfig(nss) >= 3.72
    73. pkgconfig(opus)
    74. pkgconfig(pixman-1)
    75. pkgconfig(vpx)
    76. libjpeg-devel
    77. python3-base
    78. pkgconfig(x11)
    79. pkgconfig(xcomposite)
    80. pkgconfig(xcursor)
    81. pkgconfig(xdamage)
    82. pkgconfig(xext)
    83. pkgconfig(xft)
    84. pkgconfig(xi)
    85. pkgconfig(xkbcommon)
    86. pkgconfig(xrandr)
    87. pkgconfig(xscrnsaver)
    88. pkgconfig(xt)
    89. pkgconfig(xtst)
    90. pkgconfig(zlib)
    91. libvpx-devel
    92. python3-module-pip
    93. libwireless-devel
    94. python-module-setuptools
    95. python-modules-compiler
    96. python-modules-json
    97. python-modules-logging
    98. libGL-devel
    99. python-modules-sqlite3
    100. libxkbcommon-devel
    101. rust >= 1.60.0
    102. rust-cargo >= 1.60.0
    103. lld12.0-devel
    104. unzip
    105. llvm12.0-devel
    106. libnotify-devel
    107. libnss-devel-static
    108. libopus-devel
    109. xorg-cf-files
    110. libpixman-devel
    111. yasm
    112. mozilla-common-devel
    113. zip
    114. zlib-devel
    115. nasm
    116. node
    117. libpulseaudio-devel
    118. libproxy-devel

Last changed

March 3, 2023 Pavel Vasenkov 102.8.0-alt1
- New ESR version.
- Security fixes
  + CVE-2023-25728 Content security policy leak in violation reports using iframes
  + CVE-2023-25730 Screen hijack via browser fullscreen mode
  + CVE-2023-0767 Arbitrary memory write via PKCS 12 in NSS
  + CVE-2023-25735 Potential use-after-free from compartment mismatch in SpiderMonkey
  + CVE-2023-25737 Invalid downcast in SVGUtils::SetupStrokeGeometry
  + CVE-2023-25738 Printing on Windows could potentially crash Firefox with some device drivers
  + CVE-2023-25739 Use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext
  + CVE-2023-25729 Extensions could have opened external schemes without user knowledge
  + CVE-2023-25732 Out of bounds memory write from EncodeInputStream
  + CVE-2023-25734 Opening local .url files could cause unexpected network loads
  + CVE-2023-25742 Web Crypto ImportKey crashes tab
  + CVE-2023-25744 Memory safety bugs fixed in Firefox 110 and Firefox ESR 102.8
  + CVE-2023-25746 Memory safety bugs fixed in Firefox ESR 102.8
Jan. 18, 2023 Pavel Vasenkov 102.7.0-alt1
- New ESR version.
- Security fixes
  + CVE-2022-46871 libusrsctp library out of date
  + CVE-2023-23598 Arbitrary file read from GTK drag and drop on Linux
  + CVE-2023-23599 Malicious command could be hidden in devtools output on Windows
  + CVE-2023-23601 URL being dragged from cross-origin iframe into same tab triggers navigation
  + CVE-2023-23602 Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers
  + CVE-2022-46877 Fullscreen notification bypass
  + CVE-2023-23603 Calls to <code>console.log</code> allowed bypasing Content Security Policy via format directive
  + CVE-2023-23605 Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7
Dec. 14, 2022 Pavel Vasenkov 102.6.0-alt1
- New ESR version.
- Security fixes
  + CVE-2022-46880 Use-after-free in WebGL
  + CVE-2022-46872 Arbitrary file read from a compromised content process
  + CVE-2022-46881 Memory corruption in WebGL
  + CVE-2022-46874 Drag and Dropped Filenames could have been truncated to malicious extensions
  + CVE-2022-46875 Download Protections were bypassed by .atloc and .ftploc files on Mac OS
  + CVE-2022-46882 Use-after-free in WebGL
  + CVE-2022-46878 Memory safety bugs fixed in Firefox 108 and Firefox ESR 102.6
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.3
Back to top