LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Fedora alert FEDORA-2009-3893 (google-gadgets)



From:
    	      updates@fedoraproject.org 


To:
    	      fedora-package-announce@redhat.com 


Subject:
    	      [SECURITY] Fedora 10 Update: google-gadgets-0.10.5-5.fc10 


Date:
    	      Fri, 24 Apr 2009 19:52:12 +0000


Message-ID:
    	      <20090424195213.0F21B10F891@bastion2.fedora.phx.redhat.com>


Archive-link:
    	      Article, Thread
              


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-3893
2009-04-22 19:42:31
--------------------------------------------------------------------------------

Name        : google-gadgets
Product     : Fedora 10
Version     : 0.10.5
Release     : 5.fc10
URL         : http://code.google.com/p/google-gadgets-for-linux/
Summary     : Google Gadgets for Linux
Description :
Google Gadgets for Linux provides a platform for running desktop
gadgets under Linux, catering to the unique needs of Linux users. It
can run, without modification, many Google Desktop gadgets as well as
the Universal Gadgets on iGoogle.

--------------------------------------------------------------------------------
Update Information:

http://www.mozilla.org/security/known-
vulnerabilities/firefox30.html#firefox3.0.9
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr 21 2009 Christopher Aillon <caillon@redhat.com> - 0.10.5-5
- Rebuild against newer gecko
* Fri Mar 27 2009 Christopher Aillon <caillon@redhat.com> - 0.10.5-4
- Rebuild against newer gecko
* Fri Mar  6 2009 Jan Horak <jhorak@redhat.com> - 0.10.5-3
- Rebuild against newer gecko
* Wed Feb  4 2009 Christopher Aillon <caillon@redhat.com> - 0.10.5-2
- Rebuild against newer gecko
* Wed Jan 14 2009 Rex Dieter <rdieter@fedoraproject.org> - 0.10.5-1
- 0.10.5, req'd by kde
* Tue Dec 30 2008 Michel Salim <salimma@fedoraproject.org> - 0.10.4-2
- BR: Network-Manager-devel, startup-notification-devel
- Pass the browser plugin directory to ./configure
- Move designer desktop entry to -gtk subpackage
* Sat Dec 20 2008 Rex Dieter <rdieter@fedoraproject.org> - 0.10.4-1
- Update to 0.10.4 (#477251)
- -devel: Requires: %name-gtk %name-qt (devel symlinks)
- BR: pkgconfig (automatic pkgconfig deps)
* Sun Nov 23 2008 Michel Salim <salimma@fedoraproject.org> - 0.10.3-1
- Update to 0.10.3
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #496252 - CVE-2009-1302 Firefox 3 Layout engine crashes
        https://bugzilla.redhat.com/show_bug.cgi?id=496252
  [ 2 ] Bug #496253 - CVE-2009-1303 Firefox 2 and 3 Layout engine crash
        https://bugzilla.redhat.com/show_bug.cgi?id=496253
  [ 3 ] Bug #496255 - CVE-2009-1304 Firefox 3 JavaScript engine crashes
        https://bugzilla.redhat.com/show_bug.cgi?id=496255
  [ 4 ] Bug #496256 - CVE-2009-1305 Firefox 2 and 3 JavaScript engine crash
        https://bugzilla.redhat.com/show_bug.cgi?id=496256
  [ 5 ] Bug #486704 - CVE-2009-0652 firefox: does not properly prevent the literal rendering of
homoglyph characters in IDN domain names (spoof URLs and conduct phishing attacks)
        https://bugzilla.redhat.com/show_bug.cgi?id=486704
  [ 6 ] Bug #496262 - CVE-2009-1306 Firefox jar: scheme ignores the content-disposition: header on
the inner URI
        https://bugzilla.redhat.com/show_bug.cgi?id=496262
  [ 7 ] Bug #496263 - CVE-2009-1307 Firefox Same-origin violations when Adobe Flash loaded via
view-source: protocol
        https://bugzilla.redhat.com/show_bug.cgi?id=496263
  [ 8 ] Bug #496266 - CVE-2009-1308 Firefox XSS hazard using third-party stylesheets and XBL
bindings
        https://bugzilla.redhat.com/show_bug.cgi?id=496266
  [ 9 ] Bug #496267 - CVE-2009-1309 Firefox Same-origin violations in XMLHttpRequest and
XPCNativeWrapper.toString
        https://bugzilla.redhat.com/show_bug.cgi?id=496267
  [ 10 ] Bug #496270 - CVE-2009-1310 Firefox Malicious search plugins can inject code into
arbitrary sites
        https://bugzilla.redhat.com/show_bug.cgi?id=496270
  [ 11 ] Bug #496271 - CVE-2009-1311 Firefox POST data sent to wrong site when saving web page with
embedded frame
        https://bugzilla.redhat.com/show_bug.cgi?id=496271
  [ 12 ] Bug #496274 - CVE-2009-1312 Firefox allows Refresh header to redirect to javascript: URIs
        https://bugzilla.redhat.com/show_bug.cgi?id=496274
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update google-gadgets' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-ann...
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds