Описание
ELSA-2010-0681: firefox security update (CRITICAL)
firefox:
[3.6.9-2.0.1.el5]
- Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat ones
[3.6.9-2]
- Fixed xulrunner version
[3.6.9-1]
- Update to 3.6.9
nspr:
[4.8.6-1]
- update to 4.8.6
nss:
[3.12.7-2.0.1.el5_5]
- Update clean.gif in the nss-3.12.7-stripped.tar.bz2 tarball
[3.12.7-2]
- fix dependencies, undo previous change
[3.12.7-1]
- Update to 3.12.7
xulrunner:
[1.9.2.9-1.0.1.el5]
- Added xulrunner-oracle-default-prefs.js and removed the corresponding RedHat one.
[1.9.2.9-1]
- Update to 1.9.2.9
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
firefox
3.6.9-2.0.1.el5
nspr
4.8.6-1.el5
nspr-devel
4.8.6-1.el5
nss
3.12.7-2.0.1.el5
nss-devel
3.12.7-2.0.1.el5
nss-pkcs11-devel
3.12.7-2.0.1.el5
nss-tools
3.12.7-2.0.1.el5
xulrunner
1.9.2.9-1.0.1.el5
xulrunner-devel
1.9.2.9-1.0.1.el5
Oracle Linux x86_64
firefox
3.6.9-2.0.1.el5
nspr
4.8.6-1.el5
nspr-devel
4.8.6-1.el5
nss
3.12.7-2.0.1.el5
nss-devel
3.12.7-2.0.1.el5
nss-pkcs11-devel
3.12.7-2.0.1.el5
nss-tools
3.12.7-2.0.1.el5
xulrunner
1.9.2.9-1.0.1.el5
xulrunner-devel
1.9.2.9-1.0.1.el5
Oracle Linux i386
firefox
3.6.9-2.0.1.el5
nspr
4.8.6-1.el5
nspr-devel
4.8.6-1.el5
nss
3.12.7-2.0.1.el5
nss-devel
3.12.7-2.0.1.el5
nss-pkcs11-devel
3.12.7-2.0.1.el5
nss-tools
3.12.7-2.0.1.el5
xulrunner
1.9.2.9-1.0.1.el5
xulrunner-devel
1.9.2.9-1.0.1.el5
Ссылки на источники
Связанные уязвимости
The navigator.plugins implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle destruction of the DOM plugin array, which might allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via crafted access to the navigator object, related to a "dangling pointer vulnerability."
The navigator.plugins implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle destruction of the DOM plugin array, which might allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via crafted access to the navigator object, related to a "dangling pointer vulnerability."
The navigator.plugins implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle destruction of the DOM plugin array, which might allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via crafted access to the navigator object, related to a "dangling pointer vulnerability."
The navigator.plugins implementation in Mozilla Firefox before 3.5.12 ...
The navigator.plugins implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle destruction of the DOM plugin array, which might allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via crafted access to the navigator object, related to a "dangling pointer vulnerability."