Package firefox-esr: Information

Source package: firefox-esr
Version: 115.2.1-alt1
Latest version according to Repology
Build time:  Sep 20, 2023, 08:36 AM in the task #329883
Category: Networking/WWW
Report package bug
Gear: https://git.altlinux.org/gears/f/firefox-esr.git?a=tree;hb=76ce8…
Home page: http://www.mozilla.org/projects/firefox/
License: MPL-2.0
Summary: The Mozilla Firefox project is a redesign of Mozilla's browser (ESR version)
Description: 
The Mozilla Firefox project is a redesign of Mozilla's browser component,
written using the XUL user interface language and designed to be
cross-platform.
List of rpms provided by this srpm:
firefox-esr (x86_64, armh, aarch64)
firefox-esr-config-privacy (x86_64, armh, aarch64)
firefox-esr-debuginfo (x86_64, armh, aarch64)
firefox-esr-wayland (x86_64, armh, aarch64)
Maintainer: Andrey Cherepanov
List of contributors:
Pavel Vasenkov
Andrey Cherepanov
Alexey Gladkov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
ACL:
Pavel Vasenkov
Andrey Cherepanov
@everybody
    1. libpixman-devel
    2. browser-plugins-npapi-devel
    3. python3-base
    4. python3(pip)
    5. bzlib-devel
    6. python3(click)
    7. libproxy-devel
    8. chrpath
    9. libcairo-devel
    10. /dev/shm
    11. libpulseaudio-devel
    12. clang15.0
    13. clang15.0-devel
    14. python3(curses)
    15. libcurl-devel
    16. libshell
    17. /proc
    18. libstartup-notification-devel
    19. libstdc++-devel
    20. libdav1d-devel
    21. glibc-kernheaders-generic
    22. python3(hamcrest)
    23. libdbus-devel
    24. libdbus-glib-devel
    25. python3(setuptools)
    26. libdrm-devel
    27. gst-plugins1.0-devel
    28. gstreamer1.0-devel
    29. libevent-devel
    30. alternatives
    31. libffi-devel
    32. rpm-build-mozilla.org
    33. fontconfig-devel
    34. python3(sqlite3)
    35. autoconf_2.13
    36. autoconf_2.13
    37. rpm-macros-alternatives
    38. libfreetype-devel
    39. pkgconfig(alsa)
    40. pkgconfig(aom)
    41. pkgconfig(bzip2)
    42. pkgconfig(cairo)
    43. pkgconfig(dav1d)
    44. pkgconfig(dbus-1)
    45. pkgconfig(dbus-glib-1)
    46. pkgconfig(dri)
    47. libX11-devel
    48. pkgconfig(fontconfig)
    49. pkgconfig(freetype2)
    50. pkgconfig(gio-2.0)
    51. libXScrnSaver-devel
    52. libXcomposite-devel
    53. libXcursor-devel
    54. libXdamage-devel
    55. pkgconfig(graphite2)
    56. libXext-devel
    57. pkgconfig(gtk+-2.0)
    58. pkgconfig(gtk+-3.0)
    59. libXft-devel
    60. libXi-devel
    61. pkgconfig(harfbuzz)
    62. pkgconfig(hunspell)
    63. pkgconfig(icu-i18n)
    64. libXt-devel
    65. pkgconfig(libcurl)
    66. pkgconfig(libdrm)
    67. pkgconfig(libevent)
    68. pkgconfig(libffi)
    69. pkgconfig(libjpeg)
    70. libalsa-devel
    71. pkgconfig(libnotify)
    72. libaom-devel
    73. pkgconfig(libproxy-1.0)
    74. pkgconfig(libpulse)
    75. pkgconfig(libstartup-notification-1.0)
    76. pkgconfig(nspr) >= 4.35
    77. pkgconfig(nss) >= 3.86
    78. pkgconfig(opus)
    79. pkgconfig(pixman-1)
    80. pkgconfig(vpx)
    81. pkgconfig(x11)
    82. libgio-devel
    83. pkgconfig(xcomposite)
    84. pkgconfig(xcursor)
    85. pkgconfig(xdamage)
    86. pkgconfig(xext)
    87. pkgconfig(xft)
    88. pkgconfig(xi)
    89. pkgconfig(xkbcommon)
    90. pkgconfig(xrandr)
    91. pkgconfig(xscrnsaver)
    92. pkgconfig(xt)
    93. pkgconfig(xtst)
    94. pkgconfig(zlib)
    95. rust >= 1.65.0
    96. rust-cargo >= 1.65.0
    97. libvpx-devel
    98. libwireless-devel
    99. libgtk+2-devel
    100. libgtk+3-devel
    101. unzip
    102. libxkbcommon-devel
    103. libGL-devel
    104. libhunspell-devel
    105. xorg-cf-files
    106. yasm
    107. zip
    108. lld15.0-devel
    109. zlib-devel
    110. llvm15.0-devel
    111. libjpeg-devel
    112. libnss-devel-static
    113. mozilla-common-devel
    114. nasm
    115. libnotify-devel
    116. node
    117. libopus-devel

Last changed

Sept. 8, 2023 Pavel Vasenkov 115.2.1-alt1
- New ESR version.
- Security fixes
  + CVE-2023-3600 Use-after-free in workers
  + CVE-2023-4045 Offscreen Canvas could have bypassed cross-origin restrictions
  + CVE-2023-4046 Incorrect value used during WASM compilation
  + CVE-2023-4047 Potential permissions request bypass via clickjacking
  + CVE-2023-4048 Crash in DOMParser due to out-of-memory conditions
  + CVE-2023-4049 Fix potential race conditions when releasing platform objects
  + CVE-2023-4050 Stack buffer overflow in StorageManager
  + CVE-2023-4052 File deletion and privilege escalation through Firefox uninstaller
  + CVE-2023-4054 Lack of warning when opening appref-ms files
  + CVE-2023-4055 Cookie jar overflow caused unexpected cookie jar state
  + CVE-2023-4056 Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, Firefox ESR 102.14, Thunderbird 115.1, and Thunderbird 102.14
  + CVE-2023-4057 Memory safety bugs fixed in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1
  + CVE-2023-4573 Memory corruption in IPC CanvasTranslator
  + CVE-2023-4574 Memory corruption in IPC ColorPickerShownCallback
  + CVE-2023-4575 Memory corruption in IPC FilePickerShownCallback
  + CVE-2023-4576 Integer Overflow in RecordedSourceSurfaceCreation
  + CVE-2023-4577 Memory corruption in JIT UpdateRegExpStatics
  + CVE-2023-4051 Full screen notification obscured by file open dialog
  + CVE-2023-4578 Error reporting methods in SpiderMonkey could have triggered an Out of Memory Exception
  + CVE-2023-4053 Full screen notification obscured by external program
  + CVE-2023-4580 Push notifications saved to disk unencrypted
  + CVE-2023-4581 XLL file extensions were downloadable without warnings
  + CVE-2023-4582 Buffer Overflow in WebGL glGetProgramiv
  + CVE-2023-4583 Browsing Context potentially not cleared when closing Private Window
  + CVE-2023-4584 Memory safety bugs fixed in Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2
  + CVE-2023-4585 Memory safety bugs fixed in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2
  + CVE-2023-4863 Heap buffer overflow in libwebp
June 27, 2023 Pavel Vasenkov 102.12.0-alt2
- Fixes: Unstable name collisions
         Build failure with GCC 13
June 7, 2023 Pavel Vasenkov 102.12.0-alt1
- New ESR version.
- Security fixes
  + CVE-2023-34414 Click-jacking certificate exceptions through rendering lag
  + CVE-2023-34416 Memory safety bugs fixed in Firefox 114 and Firefox ESR 102.12
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.3
Back to top