Обновить бы, а то уже давно не XUL.
Ок, изменю его на: "Mozilla Firefox is a free open-source browser whose development is overseen by the Mozilla Corporation". Взял с https://developer.mozilla.org/en-US/docs/Glossary/Mozilla_Firefox.
Предлагаю из Fedora, как более нейтральное: Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability.
Ок.
firefox-125.0.1-alt1 -> sisyphus: Wed Apr 17 2024 Ajrat Makhmutov <rauty@altlinux> 125.0.1-alt1 - New version (125.0.1). - Update description (closes: 49990). - Enable VAAPI. - Security fixes: + CVE-2024-3852: GetBoundName in the JIT returned the wrong object + CVE-2024-3853: Use-after-free if garbage collection runs during realm initialization + CVE-2024-3854: Out-of-bounds-read after mis-optimized switch statement + CVE-2024-3855: Incorrect JIT optimization of MSubstr leads to out-of-bounds reads + CVE-2024-3856: Use-after-free in WASM garbage collection + CVE-2024-3857: Incorrect JITting of arguments led to use-after-free during garbage collection + CVE-2024-3858: Corrupt pointer dereference in js::CheckTracedThing<js::Shape> + CVE-2024-3859: Integer-overflow led to out-of-bounds-read in the OpenType sanitizer + CVE-2024-3860: Crash when tracing empty shape lists + CVE-2024-3861: Potential use-after-free due to AlignedBuffer self-move + CVE-2024-3862: Potential use of uninitialized memory in MarkStack assignment operator on self-assignment + CVE-2024-3863: Download Protections were bypassed by .xrm-ms files on Windows + CVE-2024-3302: Denial of Service using HTTP/2 CONTINUATION frames + CVE-2024-3864: Memory safety bug fixed in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10 + CVE-2024-3865: Memory safety bugs fixed in Firefox 125
