Advertisement
Front, Kernel, Security, Distributions, Development. See your byline here on LWN.net.
Sponsored link
Vyatta –
Linux & Open Source
Alternative to Cisco –
Advanced Routing,
Firewall, VPN, QoS..
Free Download ->
| ||||||||||||||||
Fedora alert FEDORA-2008-6518 (xulrunner)
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2008-6518 2008-07-18 01:38:11 -------------------------------------------------------------------------------- Name : xulrunner Product : Fedora 9 Version : 1.9.0.1 Release : 1.fc9 URL : http://www.mozilla.org/projects/xulrunner/ Summary : XUL Runtime for Gecko Applications Description : XULRunner provides the XUL Runtime environment for Gecko applications. -------------------------------------------------------------------------------- Update Information: Updated firefox packages that fix several security issues are now available for Fedora 9. An integer overflow flaw was found in the way Firefox displayed certain web content. A malicious web site could cause Firefox to crash, or execute arbitrary code with the permissions of the user running Firefox. (CVE-2008-2785) A flaw was found in the way Firefox handled certain command line URLs. If another application passed Firefox a malformed URL, it could result in Firefox executing local malicious content with chrome privileges. (CVE-2008-2933) Updated packages update Mozilla Firefox to upstream version 3.0.1 to address these flaws: http://www.mozilla.org/security/known- vulnerabilities/firefox30.html#firefox3.0.1 This update also contains devhelp, epiphany, epiphany-extensions, and yelp packages rebuilt against new Firefox / Gecko libraries. -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 16 2008 Christopher Aillon <caillon@redhat.com> 1.9.0.1-1 - Update to 1.9.0.1 * Mon Jun 30 2008 Dennis Gilmore <dennis@ausil.us> 1.9-1.1 - handle sparc arches * Tue Jun 17 2008 Christopher Aillon <caillon@redhat.com> 1.9-1 - Update to 1.9 final * Thu May 29 2008 Christopher Aillon <caillon@redhat.com> 1.9-0.63 - Simplify PS/PDF operators * Thu May 22 2008 Christopher Aillon <caillon@redhat.com> 1.9-0.62 - Upstream patch to fsync() less * Thu May 8 2008 Colin Walters <walters@redhat.com> 1.9-0.61 - Ensure we enable startup notification; add BR and modify config (bug #445543) -------------------------------------------------------------------------------- References: [ 1 ] Bug #452204 - CVE-2008-2785 mozilla: CSS reference counter overflow (ZDI-CAN-349) https://bugzilla.redhat.com/show_bug.cgi?id=452204 [ 2 ] Bug #454697 - CVE-2008-2933 Firefox command line URL launches multi-tabs https://bugzilla.redhat.com/show_bug.cgi?id=454697 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update xulrunner' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-ann... (Log in to post comments)
|
||||||||||||||||