---------------------------------------------------------------------Fedora Update Notification
FEDORA-2007-642
2007-07-20
---------------------------------------------------------------------Product     : Fedora Core 6
Name        : firefox
Version     : 1.5.0.12
Release     : 4.fc6
Summary     : Mozilla Firefox Web browser.
Description :
Mozilla Firefox is an open-source web browser, designed for standards
compliance, performance and portability.

---------------------------------------------------------------------Update Information:

Mozilla Firefox is an open-source web browser, designed for
standards compliance, performance and portability.

Several flaws were found in the way Firefox processed
certain malformed JavaScript code. A web page containing
malicious JavaScript code could cause Firefox to crash or
potentially execute arbitrary code as the user running
Firefox. (CVE-2007-3734, CVE-2007-3735)

Several flaws were found in the way Firefox handles certain
JavaScript code. A web page containing malicious JavaScript
code could inject arbitrary content into other web pages.
(CVE-2007-3736, CVE-2007-3089)

A flaw was found in the way Firefox cached web pages on the
local disk. A malicious web page may be able to inject
arbitrary HTML into a browsing session if the user reloads a
targeted site. (CVE-2007-3656)

A flaw was found in the way Firefox processes certain web
content. A web page containing malicious content could
execute arbitrary commands as the user running Firefox.
(CVE-2007-3737, CVE-2007-3738)

Users of Firefox are advised to upgrade to these erratum
packages, which contain backported patches that correct
these issues.
---------------------------------------------------------------------* Wed Jul 18 2007 Kai Engert  - 1.5.0.12-4
- fix tar ball mistake
* Wed Jul 18 2007 Kai Engert  - 1.5.0.12-3
- Add a patch to stick with major versions 1.5.0.12 / 1.8.0.12
* Tue Jul 17 2007 Kai Engert  - 1.5.0.12-2
- Update to latest snapshot of Mozilla 1.8.0 branch
- Include patches for Mozilla bugs 379245, 384925, 178993,
  381300 (+382686), 358594 (+380933), 382532 (+382503)

---------------------------------------------------------------------This update can be downloaded from:
    
04db587478c5865e44645faaa08a2105f9c565e7  SRPMS/firefox-1.5.0.12-4.fc6.src.rpm
04db587478c5865e44645faaa08a2105f9c565e7  noarch/firefox-1.5.0.12-4.fc6.src.rpm
f1b14a2ec88fb32af73367cf268fcce0d9f7a494  ppc/debug/firefox-debuginfo-1.5.0.12-4.fc6.ppc.rpm
4810057d98164845f5e773f9371a96f694cb1ec7  ppc/firefox-1.5.0.12-4.fc6.ppc.rpm
b0bdbb8d7799c301f78c63c6d0aedac119869c18  ppc/firefox-devel-1.5.0.12-4.fc6.ppc.rpm
ffbe5e5e08488c57799bdc9c68f98f3767c0daf7  x86_64/firefox-1.5.0.12-4.fc6.x86_64.rpm
01bdf0e33965ff1247dd2381ba4ee69739ce9d46  x86_64/debug/firefox-debuginfo-1.5.0.12-4.fc6.x86_64.rpm
252e41424130a8f463ca63044cc9f4d15cb7d503  x86_64/firefox-devel-1.5.0.12-4.fc6.x86_64.rpm
2bfd3305921f9f3e98d92fb2761ab253af92dba8  i386/firefox-1.5.0.12-4.fc6.i386.rpm
dae4f9c1ba9723b94a4b058720e878af23635646  i386/firefox-devel-1.5.0.12-4.fc6.i386.rpm
d92d064ee92b21887704d5e7c4560a367573976c  i386/debug/firefox-debuginfo-1.5.0.12-4.fc6.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at .
---------------------------------------------------------------------_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce

Fedora Core 6 Update: firefox-1.5.0.12-4.fc6

July 20, 2007
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Several flaws were found in the way Firefox processed certain malf...

Summary

Mozilla Firefox is an open-source web browser, designed for standards

compliance, performance and portability.

Mozilla Firefox is an open-source web browser, designed for

standards compliance, performance and portability.

Several flaws were found in the way Firefox processed

certain malformed JavaScript code. A web page containing

malicious JavaScript code could cause Firefox to crash or

potentially execute arbitrary code as the user running

Firefox. (CVE-2007-3734, CVE-2007-3735)

Several flaws were found in the way Firefox handles certain

JavaScript code. A web page containing malicious JavaScript

code could inject arbitrary content into other web pages.

(CVE-2007-3736, CVE-2007-3089)

A flaw was found in the way Firefox cached web pages on the

local disk. A malicious web page may be able to inject

arbitrary HTML into a browsing session if the user reloads a

targeted site. (CVE-2007-3656)

A flaw was found in the way Firefox processes certain web

content. A web page containing malicious content could

execute arbitrary commands as the user running Firefox.

(CVE-2007-3737, CVE-2007-3738)

Users of Firefox are advised to upgrade to these erratum

packages, which contain backported patches that correct

these issues.

- fix tar ball mistake

* Wed Jul 18 2007 Kai Engert - 1.5.0.12-3

- Add a patch to stick with major versions 1.5.0.12 / 1.8.0.12

* Tue Jul 17 2007 Kai Engert - 1.5.0.12-2

- Update to latest snapshot of Mozilla 1.8.0 branch

- Include patches for Mozilla bugs 379245, 384925, 178993,

381300 (+382686), 358594 (+380933), 382532 (+382503)

04db587478c5865e44645faaa08a2105f9c565e7 SRPMS/firefox-1.5.0.12-4.fc6.src.rpm

04db587478c5865e44645faaa08a2105f9c565e7 noarch/firefox-1.5.0.12-4.fc6.src.rpm

f1b14a2ec88fb32af73367cf268fcce0d9f7a494 ppc/debug/firefox-debuginfo-1.5.0.12-4.fc6.ppc.rpm

4810057d98164845f5e773f9371a96f694cb1ec7 ppc/firefox-1.5.0.12-4.fc6.ppc.rpm

b0bdbb8d7799c301f78c63c6d0aedac119869c18 ppc/firefox-devel-1.5.0.12-4.fc6.ppc.rpm

ffbe5e5e08488c57799bdc9c68f98f3767c0daf7 x86_64/firefox-1.5.0.12-4.fc6.x86_64.rpm

01bdf0e33965ff1247dd2381ba4ee69739ce9d46 x86_64/debug/firefox-debuginfo-1.5.0.12-4.fc6.x86_64.rpm

252e41424130a8f463ca63044cc9f4d15cb7d503 x86_64/firefox-devel-1.5.0.12-4.fc6.x86_64.rpm

2bfd3305921f9f3e98d92fb2761ab253af92dba8 i386/firefox-1.5.0.12-4.fc6.i386.rpm

dae4f9c1ba9723b94a4b058720e878af23635646 i386/firefox-devel-1.5.0.12-4.fc6.i386.rpm

d92d064ee92b21887704d5e7c4560a367573976c i386/debug/firefox-debuginfo-1.5.0.12-4.fc6.i386.rpm

This update can be installed with the 'yum' update program. Use 'yum update

package-name' at the command line. For more information, refer to 'Managing

Software with yum,' available at .

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

http://www.redhat.com/mailman/listinfo/fedora-package-announce

FEDORA-2007-642 2007-07-20 Name : firefox Version : 1.5.0.12 Release : 4.fc6 Summary : Mozilla Firefox Web browser. Description : Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Several flaws were found in the way Firefox processed certain malformed JavaScript code. A web page containing malicious JavaScript code could cause Firefox to crash or potentially execute arbitrary code as the user running Firefox. (CVE-2007-3734, CVE-2007-3735) Several flaws were found in the way Firefox handles certain JavaScript code. A web page containing malicious JavaScript code could inject arbitrary content into other web pages. (CVE-2007-3736, CVE-2007-3089) A flaw was found in the way Firefox cached web pages on the local disk. A malicious web page may be able to inject arbitrary HTML into a browsing session if the user reloads a targeted site. (CVE-2007-3656) A flaw was found in the way Firefox processes certain web content. A web page containing malicious content could execute arbitrary commands as the user running Firefox. (CVE-2007-3737, CVE-2007-3738) Users of Firefox are advised to upgrade to these erratum packages, which contain backported patches that correct these issues. - fix tar ball mistake * Wed Jul 18 2007 Kai Engert - 1.5.0.12-3 - Add a patch to stick with major versions 1.5.0.12 / 1.8.0.12 * Tue Jul 17 2007 Kai Engert - 1.5.0.12-2 - Update to latest snapshot of Mozilla 1.8.0 branch - Include patches for Mozilla bugs 379245, 384925, 178993, 381300 (+382686), 358594 (+380933), 382532 (+382503) 04db587478c5865e44645faaa08a2105f9c565e7 SRPMS/firefox-1.5.0.12-4.fc6.src.rpm 04db587478c5865e44645faaa08a2105f9c565e7 noarch/firefox-1.5.0.12-4.fc6.src.rpm f1b14a2ec88fb32af73367cf268fcce0d9f7a494 ppc/debug/firefox-debuginfo-1.5.0.12-4.fc6.ppc.rpm 4810057d98164845f5e773f9371a96f694cb1ec7 ppc/firefox-1.5.0.12-4.fc6.ppc.rpm b0bdbb8d7799c301f78c63c6d0aedac119869c18 ppc/firefox-devel-1.5.0.12-4.fc6.ppc.rpm ffbe5e5e08488c57799bdc9c68f98f3767c0daf7 x86_64/firefox-1.5.0.12-4.fc6.x86_64.rpm 01bdf0e33965ff1247dd2381ba4ee69739ce9d46 x86_64/debug/firefox-debuginfo-1.5.0.12-4.fc6.x86_64.rpm 252e41424130a8f463ca63044cc9f4d15cb7d503 x86_64/firefox-devel-1.5.0.12-4.fc6.x86_64.rpm 2bfd3305921f9f3e98d92fb2761ab253af92dba8 i386/firefox-1.5.0.12-4.fc6.i386.rpm dae4f9c1ba9723b94a4b058720e878af23635646 i386/firefox-devel-1.5.0.12-4.fc6.i386.rpm d92d064ee92b21887704d5e7c4560a367573976c i386/debug/firefox-debuginfo-1.5.0.12-4.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at . Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce

Change Log

References

Update Instructions

Severity
Name : firefox
Version : 1.5.0.12
Release : 4.fc6
Summary : Mozilla Firefox Web browser.

Related News

11.Locks IsometricPattern Esm H320
2 - 3 min read
The upcoming release of Linux Mint 22 will introduce significant changes, particularly in handling XApp , GNOME applications, and the Software
2.Motherboard Esm H320
2 - 3 min read
German software engineer Lennart Poettering recently presented run0 , a new tool in systemd v256 that aims to address the security concerns
22.Lock ScreenEffect Esm H320
2 - 3 min read
Red Hat recently released its newest enterprise Linux distro, Red Hat Enterprise Linux (RHEL) 9.4 , which introduces several features designed to
8.Locks HexConnections CodeGlobe Esm H320
1 - 2 min read
The latest release of Debian , one of the oldest and most trusted distributions within the Linux ecosystem, redefines security, stability, and
20.Lock AbstractDigital Circular Esm H320
1 - 2 min read
The Ubuntu security team has recently discovered and addressed multiple vulnerabilities in the Apache HTTP Server. The vulnerabilities affected
1.Penguin Landscape Esm H320
1 - 2 min read
A critical vulnerability was discovered in the Linux kernel's netfilter subsystem, specifically within the nf_tables component, posing potential
19.Laptop Bed Esm H320
2 - 3 min read
The release of Google Chrome 124 addresses four vulnerabilities, including a critical security flaw that can enable attackers to execute arbitrary
23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved