Описание
ELSA-2009-0397: firefox security update (CRITICAL)
xulrunner:
[1.9.0.7-3.0.1.el5]
- Added xulrunner-oracle-default-prefs.js and removed the corresponding RedHat one
[1.9.0.7-3]
- Updated per 1.9.0.8
firefox:
[3.0.7-3.0.1.el4]
- Update firstrun and homepage URLS
- Add oracle-firefox-branding.patch
- Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding RedHat ones
[3.0.7-3.el4]
- Updated per 1.9.0.8
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
xulrunner
1.9.0.7-3.0.1.el5
xulrunner-devel
1.9.0.7-3.0.1.el5
xulrunner-devel-unstable
1.9.0.7-3.0.1.el5
Oracle Linux i386
xulrunner
1.9.0.7-3.0.1.el5
xulrunner-devel
1.9.0.7-3.0.1.el5
xulrunner-devel-unstable
1.9.0.7-3.0.1.el5
Связанные CVE
Связанные уязвимости
The txMozillaXSLTProcessor::TransformToDoc function in Mozilla Firefox before 3.0.8 and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XML file with a crafted XSLT transform.
The txMozillaXSLTProcessor::TransformToDoc function in Mozilla Firefox before 3.0.8 and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XML file with a crafted XSLT transform.
The txMozillaXSLTProcessor::TransformToDoc function in Mozilla Firefox before 3.0.8 and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XML file with a crafted XSLT transform.
The txMozillaXSLTProcessor::TransformToDoc function in Mozilla Firefox ...
Mozilla Firefox 3.0.7 on Windows 7 allows remote attackers to execute arbitrary code via unknown vectors related to the _moveToEdgeShift XUL tree method, which triggers garbage collection on objects that are still in use, as demonstrated by Nils during a PWN2OWN competition at CanSecWest 2009.