From Fedora Project Wiki
fp-wiki>ImportUser (Imported from MoinMoin) |
m (1 revision(s)) |
(No difference)
| |
Latest revision as of 16:32, 24 May 2008
[SECURITY] Fedora 7 Update: firefox-2.0.0.5-1.fc7
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-1142 2007-07-18 13:56:13.283230 -------------------------------------------------------------------------------- Name : firefox Product : Fedora 7 Version : 2.0.0.5 Release : 1.fc7 Summary : Mozilla Firefox Web browser. Description : Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. -------------------------------------------------------------------------------- Update Information: Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Several flaws were found in the way Firefox processed certain malformed JavaScript code. A web page containing malicious JavaScript code could cause Firefox to crash or potentially execute arbitrary code as the user running Firefox. (CVE-2007-3734, CVE-2007-3735) Several flaws were found in the way Firefox handles certain JavaScript code. A web page containing malicious JavaScript code could inject arbitrary content into other web pages. (CVE-2007-3736, CVE-2007-3089) A flaw was found in the way Firefox cached web pages on the local disk. A malicious web page may be able to inject arbitrary HTML into a browsing session if the user reloads a targeted site. (CVE-2007-3656) A flaw was found in the way Firefox processes certain web content. A web page containing malicious content could execute arbitrary commands as the user running Firefox. (CVE-2007-3737, CVE-2007-3738) Users of Firefox are advised to upgrade to these erratum packages, which contain patches that correct these issues. -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 18 2007 Kai Engert <kengert@redhat.com> - 2.0.0.5-1 - Update to 2.0.0.5 * Fri Jun 29 2007 Martin Stransky <stransky@redhat.com> 2.0.0.4-3 - backported pango patches from FC6 (1.5.0.12) * Sun Jun 3 2007 Christopher Aillon <caillon@redhat.com> 2.0.0.4-2 - Properly clean up threads with newer NSPR * Wed May 30 2007 Christopher Aillon <caillon@redhat.com> 2.0.0.4-1 - Final version * Wed May 23 2007 Christopher Aillon <caillon@redhat.com> 2.0.0.4-0.rc3 - Update to 2.0.0.4 RC3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #248518 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248518 [ 2 ] CVE-2007-3734 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3734 [ 3 ] CVE-2007-3735 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3735 [ 4 ] CVE-2007-3736 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3736 [ 5 ] CVE-2007-3089 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3089 [ 6 ] CVE-2007-3737 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3737 [ 7 ] CVE-2007-3656 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3656 [ 8 ] CVE-2007-3738 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3738 -------------------------------------------------------------------------------- Updated packages: 75d591e5cfdaaf8016b3879d5855a26e89eab224 firefox-debuginfo-2.0.0.5-1.fc7.ppc64.rpm 2890e5080cee1755468bef43da4c99fe5ed55480 firefox-devel-2.0.0.5-1.fc7.ppc64.rpm c0995eeff554d978b1fd3ae6c764a596ff51bbb6 firefox-2.0.0.5-1.fc7.ppc64.rpm e1dfc4edd5bbf6f7ff86f3c47acafb35bb1559be firefox-debuginfo-2.0.0.5-1.fc7.i386.rpm 769376394b2dfb6e35a23310debad7f96b9f9e9a firefox-2.0.0.5-1.fc7.i386.rpm a310fbf2c3e20f3718b994009b82e19e54861a9f firefox-devel-2.0.0.5-1.fc7.i386.rpm 8ffb6692d8877f4ddadeb74c48ba6e8c04166ab7 firefox-debuginfo-2.0.0.5-1.fc7.x86_64.rpm 9e4a8f2054cc4dfd10bcffac4768ebeb74c870c3 firefox-devel-2.0.0.5-1.fc7.x86_64.rpm b28df6c4a91a5c67da78a72e40a52dd19f9a903d firefox-2.0.0.5-1.fc7.x86_64.rpm f2b2fb576dbc31e74000f91ecdad16b9fd937495 firefox-debuginfo-2.0.0.5-1.fc7.ppc.rpm 19e9f429b9fe6c2482732f9da501158bd927236b firefox-devel-2.0.0.5-1.fc7.ppc.rpm f3a136c44866684ef268992ecc66bf7e009b1ce7 firefox-2.0.0.5-1.fc7.ppc.rpm cde1466ff83f6e8086cb0c70e13e44c223dffa56 firefox-2.0.0.5-1.fc7.src.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://docs.fedoraproject.org/yum/. --------------------------------------------------------------------------------