Пакет firefox: Информация
Default inline alert: Версия в репозитории: 126.0.1-alt1
Исходный пакет: firefox
Версия: 122.0-alt1
Собран: 24 января 2024 г. 21:27 в задании #338897
Категория: Сети/WWW
Сообщить об ошибке в пакетеДомашняя страница: https://www.mozilla.org/firefox/
Лицензия: MPL-2.0
О пакете: The Mozilla Firefox project is a redesign of Mozilla's browser
Описание:
The Mozilla Firefox project is a redesign of Mozilla's browser component, written using the XUL user interface language and designed to be cross-platform.
Список rpm-пакетов, предоставляемых данным srpm-пакетом:
firefox (x86_64, armh, aarch64)
firefox-config-privacy (noarch)
firefox-debuginfo (x86_64, armh, aarch64)
firefox (x86_64, armh, aarch64)
firefox-config-privacy (noarch)
firefox-debuginfo (x86_64, armh, aarch64)
Сопровождающий: Alexey Gladkov
Список участников:
Alexey Gladkov
Sergey Bolshakov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
Konstantin Lepikhov
Alexey Gladkov
Sergey Bolshakov
Gleb Fotengauer-Malinovskiy
Ivan Zakharyaschev
Konstantin Lepikhov
Последнее изменение
23 января 2024 г. Alexey Gladkov 122.0-alt1
- New release (122.0). - Security fixes: + CVE-2024-0741: Out of bounds write in ANGLE + CVE-2024-0742: Failure to update user input timestamp + CVE-2024-0743: Crash in NSS TLS method + CVE-2024-0744: Wild pointer dereference in JavaScript + CVE-2024-0745: Stack buffer overflow in WebAudio + CVE-2024-0746: Crash when listing printers on Linux + CVE-2024-0747: Bypass of Content Security Policy when directive unsafe-inline was set + CVE-2024-0748: Compromised content process could modify document URI + CVE-2024-0749: Phishing site popup could show local origin in address bar + CVE-2024-0750: Potential permissions request bypass via clickjacking + CVE-2024-0751: Privilege escalation through devtools + CVE-2024-0752: Use-after-free could occur when applying update on macOS + CVE-2024-0753: HSTS policy on subdomain could bypass policy of upper domain + CVE-2024-0754: Crash when using some WASM files in devtools + CVE-2024-0755: Memory safety bugs fixed in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7
10 января 2024 г. Alexey Gladkov 121.0.1-alt1
- New release (121.0.1).
20 декабря 2023 г. Alexey Gladkov 121.0-alt1
- New release (121.0). - Security fixes: + CVE-2023-6856: Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with Mesa VM driver + CVE-2023-6135: NSS susceptible to "Minerva" attack + CVE-2023-6865: Potential exposure of uninitialized data in EncryptingOutputStream + CVE-2023-6857: Symlinks may resolve to smaller than expected buffers + CVE-2023-6858: Heap buffer overflow in nsTextFragment + CVE-2023-6859: Use-after-free in PR_GetIdentitiesLayer + CVE-2023-6866: TypedArrays lack sufficient exception handling + CVE-2023-6860: Potential sandbox escape due to VideoBridge lack of texture validation + CVE-2023-6867: Clickjacking permission prompts using the popup transition + CVE-2023-6861: Heap buffer overflow affected nsWindow::PickerOpen(void) in headless mode + CVE-2023-6868: WebPush requests on Firefox for Android did not require VAPID key + CVE-2023-6869: Content can paint outside of sandboxed iframe + CVE-2023-6870: Android Toast notifications may obscure fullscreen event notifications + CVE-2023-6871: Lack of protocol handler warning in some instances + CVE-2023-6872: Browsing history leaked to syslogs via GNOME + CVE-2023-6863: Undefined behavior in ShutdownObserver() + CVE-2023-6864: Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6 + CVE-2023-6873: Memory safety bugs fixed in Firefox 121