LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Scientific Linux alert SL-fire-20121030 (firefox)



From:
    	      Pat Riehecky <riehecky@fnal.gov> 


To:
    	      "SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV"
	<SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV> 


Subject:
    	      Security ERRATA Critical: firefox on SL5.x, SL6.x i386/x86_64 


Date:
    	      Tue, 30 Oct 2012 13:06:54 -0500


Message-ID:
    	      <5090173E.5030205@fnal.gov>


Archive-link:
    	      Article, Thread
              


Synopsis:          Critical: firefox security update
Issue Date:        2012-10-26
CVE Numbers:       CVE-2012-4194
                    CVE-2012-4195
                    CVE-2012-4196
--
Multiple flaws were found in the location object implementation in Firefox.
Malicious content could be used to perform cross-site scripting attacks,
bypass the same-origin policy, or cause Firefox to execute arbitrary code.
(CVE-2012-4194, CVE-2012-4195, CVE-2012-4196)

For technical details regarding these flaws, refer to the Mozilla security
advisories for Firefox 10.0.10 ESR.

After installing the update, Firefox must be restarted for the changes to
take effect.
--

SL5
   x86_64
     firefox-10.0.10-1.el5_8.i386.rpm
     firefox-10.0.10-1.el5_8.x86_64.rpm
     xulrunner-10.0.10-1.el5_8.i386.rpm
     xulrunner-10.0.10-1.el5_8.x86_64.rpm
     xulrunner-devel-10.0.10-1.el5_8.i386.rpm
     xulrunner-devel-10.0.10-1.el5_8.x86_64.rpm
   i386
     firefox-10.0.10-1.el5_8.i386.rpm
     xulrunner-10.0.10-1.el5_8.i386.rpm
     xulrunner-devel-10.0.10-1.el5_8.i386.rpm
SL6
   x86_64
     firefox-10.0.10-1.el6_3.i686.rpm
     firefox-10.0.10-1.el6_3.x86_64.rpm
     xulrunner-10.0.10-1.el6_3.i686.rpm
     xulrunner-10.0.10-1.el6_3.x86_64.rpm
     xulrunner-devel-10.0.10-1.el6_3.i686.rpm
     xulrunner-devel-10.0.10-1.el6_3.x86_64.rpm
   i386
     firefox-10.0.10-1.el6_3.i686.rpm
     xulrunner-10.0.10-1.el6_3.i686.rpm
     xulrunner-devel-10.0.10-1.el6_3.i686.rpm

- Scientific Linux Development Team
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds