Описание
ELSA-2007-0724: Critical: firefox security update (CRITICAL)
[1.5.0.12-0.3.el4.0.1]
- Add firefox-oracle-default-bookmarks.html and firefox-oracle-default-prefs.js for errata rebuild
[1.5.0.12-0.3.el4]
- Add a patch to stick with major versions 1.5.0.12 / 1.8.0.12
[1.5.0.12-0.2.el4]
- Update to latest snapshot of Mozilla 1.8.0 branch
- Include patches for Mozilla bugs 379245, 384925, 178993, 381300 (+382686), 358594 (+380933), 382532 (+382503)
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
firefox
1.5.0.12-3.el5.0.1
firefox-devel
1.5.0.12-3.el5.0.1
Oracle Linux i386
firefox
1.5.0.12-3.el5.0.1
firefox-devel
1.5.0.12-3.el5.0.1
Ссылки на источники
Связанные уязвимости
Mozilla Firefox before 1.8.0.13 and 1.8.1.x before 1.8.1.5 does not perform a security zone check when processing a wyciwyg URI, which allows remote attackers to obtain sensitive information, poison the browser cache, and possibly enable further attack vectors via (1) HTTP 302 redirect controls, (2) XMLHttpRequest, or (3) view-source URIs.
Mozilla Firefox before 1.8.0.13 and 1.8.1.x before 1.8.1.5 does not perform a security zone check when processing a wyciwyg URI, which allows remote attackers to obtain sensitive information, poison the browser cache, and possibly enable further attack vectors via (1) HTTP 302 redirect controls, (2) XMLHttpRequest, or (3) view-source URIs.
Mozilla Firefox before 1.8.0.13 and 1.8.1.x before 1.8.1.5 does not perform a security zone check when processing a wyciwyg URI, which allows remote attackers to obtain sensitive information, poison the browser cache, and possibly enable further attack vectors via (1) HTTP 302 redirect controls, (2) XMLHttpRequest, or (3) view-source URIs.
Mozilla Firefox before 1.8.0.13 and 1.8.1.x before 1.8.1.5 does not pe ...
Mozilla Firefox before 1.8.0.13 and 1.8.1.x before 1.8.1.5 does not perform a security zone check when processing a wyciwyg URI, which allows remote attackers to obtain sensitive information, poison the browser cache, and possibly enable further attack vectors via (1) HTTP 302 redirect controls, (2) XMLHttpRequest, or (3) view-source URIs.