| |||||||||||||||||||
|
| |||||||||||||||||||
Pardus alert 2010-39 (xulrunner firefox)
------------------------------------------------------------------------ Pardus Linux Security Advisory 2010-39 security@pardus.org.tr ------------------------------------------------------------------------ Date: 2010-03-09 Severity: 3 Type: Local ------------------------------------------------------------------------ Summary ======= Multiple vulnerabilities have been fixed in Firefox, which can be exploited by malicious people to conduct cross-site scripting attacks or compromise a user's system. Description =========== MFSA 2010-05 XSS hazard using SVG document and binary Content-Type MFSA 2010-04 XSS due to window.dialogArguments being readable cross-domain MFSA 2010-03 Use-after-free crash in HTML parser MFSA 2010-02 Web Worker Array Handling Heap Corruption Vulnerability MFSA 2010-01 Crashes with evidence of memory corruption (rv:1.9.1.8/ 1.9.0.18) Affected packages: Pardus 2009: xulrunner, all before 1.9.1.8-27-21 firefox, all before 3.5.8-122-23 Resolution ========== There are update(s) for xulrunner, firefox. You can update them via Package Manager or with a single command from console: pisi up xulrunner firefox References ========== * http://bugs.pardus.org.tr/show_bug.cgi?id=12316 * http://www.mozilla.org/security/known-vulnerabilities/fir... ------------------------------------------------------------------------ _______________________________________________ Pardus-security mailing list Pardus-security@pardus.org.tr http://liste.pardus.org.tr/mailman/listinfo/pardus-security (Log in to post comments)
|
|
||||||||||||||||||