Описание
ELSA-2012-0079: firefox security update (CRITICAL)
firefox: [3.6.26-1.0.1.el6_2]
- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones
[3.6.26-1]
- Update to 3.6.26
xulrunner:
[1.9.2.26-1.0.1.el6_2]
- Replace xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js
[1.9.2.26-1]
- Update to 1.9.2.26
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
firefox
3.6.26-1.0.1.el5_7
xulrunner
1.9.2.26-1.0.1.el5_7
xulrunner-devel
1.9.2.26-1.0.1.el5_7
Oracle Linux x86_64
firefox
3.6.26-1.0.1.el5_7
xulrunner
1.9.2.26-1.0.1.el5_7
xulrunner-devel
1.9.2.26-1.0.1.el5_7
Oracle Linux i386
firefox
3.6.26-1.0.1.el5_7
xulrunner
1.9.2.26-1.0.1.el5_7
xulrunner-devel
1.9.2.26-1.0.1.el5_7
Oracle Linux 6
Oracle Linux x86_64
firefox
3.6.26-1.0.1.el6_2
xulrunner
1.9.2.26-1.0.1.el6_2
xulrunner-devel
1.9.2.26-1.0.1.el6_2
Oracle Linux i686
firefox
3.6.26-1.0.1.el6_2
xulrunner
1.9.2.26-1.0.1.el6_2
xulrunner-devel
1.9.2.26-1.0.1.el6_2
Ссылки на источники
Связанные уязвимости
Mozilla Firefox before 3.6.26 and 4.x through 6.0, Thunderbird before 3.1.18 and 5.0 through 6.0, and SeaMonkey before 2.4 do not properly enforce the IPv6 literal address syntax, which allows remote attackers to obtain sensitive information by making XMLHttpRequest calls through a proxy and reading the error messages.
Mozilla Firefox before 3.6.26 and 4.x through 6.0, Thunderbird before 3.1.18 and 5.0 through 6.0, and SeaMonkey before 2.4 do not properly enforce the IPv6 literal address syntax, which allows remote attackers to obtain sensitive information by making XMLHttpRequest calls through a proxy and reading the error messages.
Mozilla Firefox before 3.6.26 and 4.x through 6.0, Thunderbird before 3.1.18 and 5.0 through 6.0, and SeaMonkey before 2.4 do not properly enforce the IPv6 literal address syntax, which allows remote attackers to obtain sensitive information by making XMLHttpRequest calls through a proxy and reading the error messages.
Mozilla Firefox before 3.6.26 and 4.x through 6.0, Thunderbird before ...