Fedora 11 Update: NetworkManager-openvpn-0.7.2.995-1.git20100202.fc11
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-3471
2010-03-03 01:38:35
--------------------------------------------------------------------------------
Name : NetworkManager-openvpn
Product : Fedora 11
Version : 0.7.2.995
Release : 1.git20100202.fc11
URL : http://www.gnome.org/projects/NetworkManager/
Summary : NetworkManager VPN plugin for OpenVPN
Description :
This package contains software for integrating the OpenVPN VPN software
with NetworkManager and the GNOME desktop.
--------------------------------------------------------------------------------
Update Information:
This update adds support for OLPC wireless mesh devices, fixes a bug with
handling of /etc/hosts, and is better able to recognize updates to system
network configuration files. Additionally, it enhances import/export
capabilities of various VPN plugins and fixes a bug using OpenVPN 'shared key'
connections.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 2 2010 Dan Williams <dcbw(a)redhat.com> - 1:0.7.2.995-1.git20100202
- core: add support for "tls-remote" matching of X509 certificate subjects
- core: handle "port" and "rport" import/export correctly
- core: handle remote peer address correctly in shared key mode
* Mon Nov 23 2009 Dan Williams <dcbw(a)redhat.com> - 1:0.7.2-1
- Add export capability (rh #491355)
- Allow custom renegotiation intervals (rh #490971)
- Handle 'subnet' topology correctly
* Mon Jul 13 2009 Dan Williams <dcbw(a)redhat.com> - 1:0.7.1-1.20090713
- Update to 0.7.1
- Translation updates
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update NetworkManager-openvpn' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
14 years, 2 months
Fedora 11 Update: python-SocksiPy-1.00-3.fc11
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-4176
2010-03-11 07:02:21
--------------------------------------------------------------------------------
Name : python-SocksiPy
Product : Fedora 11
Version : 1.00
Release : 3.fc11
URL : http://socksipy.sourceforge.net/
Summary : A Python SOCKS module
Description :
This Python module allows you to create TCP connections through a SOCKS
proxy without any special effort.
--------------------------------------------------------------------------------
Update Information:
A Python SOCKS module
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #566409 - Review Request: python-SocksiPy - A Python SOCKS module
https://bugzilla.redhat.com/show_bug.cgi?id=566409
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update python-SocksiPy' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
14 years, 2 months
Fedora 11 Update: qstardict-0.13.1-3.fc11
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-4938
2010-03-23 01:42:23
--------------------------------------------------------------------------------
Name : qstardict
Product : Fedora 11
Version : 0.13.1
Release : 3.fc11
URL : http://qstardict.ylsoftware.com/
Summary : StarDict clone written using Qt4
Description :
QStarDict is a StarDict clone written using Qt4. The user interface
is similar to StarDict.
Main features:
* Full support of StarDict dictionaries
* Working from the system tray
* Scanning mouse selection and showing pop-up windows with translation of
selected words
* Translations reformatting
* Pronouncing of the translated words
* Plugins support
--------------------------------------------------------------------------------
Update Information:
QStarDict is a StarDict clone written using Qt4. The user interface is similar
to StarDict. Main features: * Full support of StarDict dictionaries * Working
from the system tray * Scanning mouse selection and showing pop-up windows with
translation of selected words * Translations reformatting * Pronouncing of the
translated words * Plugins support
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update qstardict' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
14 years, 2 months
[SECURITY] Fedora 12 Update: galeon-2.0.7-22.fc12
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-5506
2010-04-01 00:18:40
--------------------------------------------------------------------------------
Name : galeon
Product : Fedora 12
Version : 2.0.7
Release : 22.fc12
URL : http://galeon.sourceforge.net/
Summary : GNOME2 Web browser based on Mozilla
Description :
Galeon is a web browser built around Gecko (Mozilla's rendering
engine) and Necko (Mozilla's networking engine). It's a GNOME web
browser, designed to take advantage of as many GNOME technologies as
makes sense. Galeon was written to do just one thing - browse the web.
--------------------------------------------------------------------------------
Update Information:
Update to new upstream Firefox version 3.5.9 / XULRunner version 1.9.1.9, fixing
multiple security issues detailed in the upstream advisories:
http://www.mozilla.org/security/known-
vulnerabilities/firefox35.html#firefox3.5.9 Update also includes all packages
depending on gecko-libs rebuilt against new version of Firefox / XULRunner.
CVE-2010-0173 CVE-2010-0174 CVE-2010-0175 CVE-2010-0176 CVE-2010-0177
CVE-2010-0178 CVE-2010-0181
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 30 2010 Jan Horak <jhorak(a)redhat.com> - 2.0.7-22
- Rebuild against newer gecko
* Mon Mar 29 2010 Yanko Kaneti <yaneti(a)declera.com> - 2.0.7-21
- Avoid crashing (#577604), gnome bug 418439
- http://start.fedoraproject.org/ as default homepage
* Thu Feb 18 2010 Jan Horak <jhorak(a)redhat.com> - 2.0.7-20
- Rebuild against newer gecko
* Wed Dec 16 2009 Jan Horak <jhorak(a)redhat.com> - 2.0.7-19
- Rebuild against newer gecko
* Thu Nov 5 2009 Jan Horak <jhorak(a)redhat.com> - 2.0.7-18
- Rebuild against newer gecko
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #578147 - CVE-2010-0174 Mozilla crashes with evidence of memory corruption
https://bugzilla.redhat.com/show_bug.cgi?id=578147
[ 2 ] Bug #578149 - CVE-2010-0175 Mozilla remote code execution with use-after-free in nsTreeSelection
https://bugzilla.redhat.com/show_bug.cgi?id=578149
[ 3 ] Bug #578150 - CVE-2010-0176 Mozilla Dangling pointer vulnerability in nsTreeContentView
https://bugzilla.redhat.com/show_bug.cgi?id=578150
[ 4 ] Bug #578152 - CVE-2010-0177 Mozilla Dangling pointer vulnerability in nsPluginArray
https://bugzilla.redhat.com/show_bug.cgi?id=578152
[ 5 ] Bug #578154 - CVE-2010-0178 Firefox Chrome privilege escalation via forced URL drag and drop
https://bugzilla.redhat.com/show_bug.cgi?id=578154
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update galeon' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
14 years, 2 months
[SECURITY] Fedora 12 Update: perl-Gtk2-MozEmbed-0.08-6.fc12.12
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-5506
2010-04-01 00:18:40
--------------------------------------------------------------------------------
Name : perl-Gtk2-MozEmbed
Product : Fedora 12
Version : 0.08
Release : 6.fc12.12
URL : http://search.cpan.org/dist/Gtk2-MozEmbed
Summary : Interface to the Mozilla embedding widget
Description :
This module allows you to use the Mozilla embedding widget from Perl.
--------------------------------------------------------------------------------
Update Information:
Update to new upstream Firefox version 3.5.9 / XULRunner version 1.9.1.9, fixing
multiple security issues detailed in the upstream advisories:
http://www.mozilla.org/security/known-
vulnerabilities/firefox35.html#firefox3.5.9 Update also includes all packages
depending on gecko-libs rebuilt against new version of Firefox / XULRunner.
CVE-2010-0173 CVE-2010-0174 CVE-2010-0175 CVE-2010-0176 CVE-2010-0177
CVE-2010-0178 CVE-2010-0181
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 30 2010 Jan Horak <jhorak(a)redhat.com> - 0.08-6.12
- Rebuild against newer gecko
* Thu Feb 18 2010 Jan Horak <jhorak(a)redhat.com> - 0.08-6.11
- Rebuild against newer gecko
* Wed Dec 16 2009 Jan Horak <jhorak(a)redhat.com> - 0.08-6.10
- Rebuild against newer gecko
* Thu Nov 5 2009 Jan Horak <jhorak(a)redhat.com> - 0.08-6.9
- Rebuild against newer gecko
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #578147 - CVE-2010-0174 Mozilla crashes with evidence of memory corruption
https://bugzilla.redhat.com/show_bug.cgi?id=578147
[ 2 ] Bug #578149 - CVE-2010-0175 Mozilla remote code execution with use-after-free in nsTreeSelection
https://bugzilla.redhat.com/show_bug.cgi?id=578149
[ 3 ] Bug #578150 - CVE-2010-0176 Mozilla Dangling pointer vulnerability in nsTreeContentView
https://bugzilla.redhat.com/show_bug.cgi?id=578150
[ 4 ] Bug #578152 - CVE-2010-0177 Mozilla Dangling pointer vulnerability in nsPluginArray
https://bugzilla.redhat.com/show_bug.cgi?id=578152
[ 5 ] Bug #578154 - CVE-2010-0178 Firefox Chrome privilege escalation via forced URL drag and drop
https://bugzilla.redhat.com/show_bug.cgi?id=578154
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update perl-Gtk2-MozEmbed' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
14 years, 2 months
[SECURITY] Fedora 12 Update: xulrunner-1.9.1.9-1.fc12
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-5506
2010-04-01 00:18:40
--------------------------------------------------------------------------------
Name : xulrunner
Product : Fedora 12
Version : 1.9.1.9
Release : 1.fc12
URL : http://developer.mozilla.org/En/XULRunner
Summary : XUL Runtime for Gecko Applications
Description :
XULRunner provides the XUL Runtime environment for Gecko applications.
--------------------------------------------------------------------------------
Update Information:
Update to new upstream Firefox version 3.5.9 / XULRunner version 1.9.1.9, fixing
multiple security issues detailed in the upstream advisories:
http://www.mozilla.org/security/known-
vulnerabilities/firefox35.html#firefox3.5.9 Update also includes all packages
depending on gecko-libs rebuilt against new version of Firefox / XULRunner.
CVE-2010-0173 CVE-2010-0174 CVE-2010-0175 CVE-2010-0176 CVE-2010-0177
CVE-2010-0178 CVE-2010-0181
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 30 2010 Jan Horak <jhorak(a)redhat.com> - 1.9.1.9-1
- Update to 1.9.1.9
* Wed Mar 24 2010 Dennis Gilmore <dennis(a)ausil.us> - 1.9.1.8-2.1
- fix sparc arch multilib
- dont try and build nanojit on sparc64
* Wed Feb 17 2010 Martin Stransky <stransky(a)redhat.com> - 1.9.1.8-2
- Added fix for #564184 - xulrunner-devel multilib conflict
* Tue Feb 16 2010 Jan Horak <jhorak(a)redhat.com> - 1.9.1.8-1
- Update to 1.9.1.8
* Thu Jan 7 2010 Martin Stransky <stransky(a)redhat.com> - 1.9.1.6-2
- Added fix for #480989
* Wed Dec 16 2009 Jan Horak <jhorak(a)redhat.com> - 1.9.1.6-1
- Update to 1.9.1.6
* Thu Nov 5 2009 Jan Horak <jhorak(a)redhat.com> - 1.9.1.5-1
- Update to 1.9.1.5
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #578147 - CVE-2010-0174 Mozilla crashes with evidence of memory corruption
https://bugzilla.redhat.com/show_bug.cgi?id=578147
[ 2 ] Bug #578149 - CVE-2010-0175 Mozilla remote code execution with use-after-free in nsTreeSelection
https://bugzilla.redhat.com/show_bug.cgi?id=578149
[ 3 ] Bug #578150 - CVE-2010-0176 Mozilla Dangling pointer vulnerability in nsTreeContentView
https://bugzilla.redhat.com/show_bug.cgi?id=578150
[ 4 ] Bug #578152 - CVE-2010-0177 Mozilla Dangling pointer vulnerability in nsPluginArray
https://bugzilla.redhat.com/show_bug.cgi?id=578152
[ 5 ] Bug #578154 - CVE-2010-0178 Firefox Chrome privilege escalation via forced URL drag and drop
https://bugzilla.redhat.com/show_bug.cgi?id=578154
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update xulrunner' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
14 years, 2 months
[SECURITY] Fedora 12 Update: gnome-python2-extras-2.25.3-17.fc12
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-5506
2010-04-01 00:18:40
--------------------------------------------------------------------------------
Name : gnome-python2-extras
Product : Fedora 12
Version : 2.25.3
Release : 17.fc12
URL : http://www.pygtk.org/
Summary : Additional PyGNOME Python extension modules
Description :
The gnome-python-extra package contains the source packages for additional
Python bindings for GNOME. It should be used together with gnome-python.
--------------------------------------------------------------------------------
Update Information:
Update to new upstream Firefox version 3.5.9 / XULRunner version 1.9.1.9, fixing
multiple security issues detailed in the upstream advisories:
http://www.mozilla.org/security/known-
vulnerabilities/firefox35.html#firefox3.5.9 Update also includes all packages
depending on gecko-libs rebuilt against new version of Firefox / XULRunner.
CVE-2010-0173 CVE-2010-0174 CVE-2010-0175 CVE-2010-0176 CVE-2010-0177
CVE-2010-0178 CVE-2010-0181
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 30 2010 Jan Horak <jhorak(a)redhat.com> - 2.25.3-17
- Rebuild against newer gecko
* Thu Feb 18 2010 Jan Horak <jhorak(a)redhat.com> - 2.25.3-16
- Rebuild against newer gecko
* Thu Jan 7 2010 Matthew Barnes <mbarnes(a)redhat.com> - 2.25.3-15
- Add switches to disable gda and gdl subpackages.
* Wed Dec 16 2009 Jan Horak <jhorak(a)redhat.com> - 2.25.3-14
- Rebuild against newer gecko
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #578147 - CVE-2010-0174 Mozilla crashes with evidence of memory corruption
https://bugzilla.redhat.com/show_bug.cgi?id=578147
[ 2 ] Bug #578149 - CVE-2010-0175 Mozilla remote code execution with use-after-free in nsTreeSelection
https://bugzilla.redhat.com/show_bug.cgi?id=578149
[ 3 ] Bug #578150 - CVE-2010-0176 Mozilla Dangling pointer vulnerability in nsTreeContentView
https://bugzilla.redhat.com/show_bug.cgi?id=578150
[ 4 ] Bug #578152 - CVE-2010-0177 Mozilla Dangling pointer vulnerability in nsPluginArray
https://bugzilla.redhat.com/show_bug.cgi?id=578152
[ 5 ] Bug #578154 - CVE-2010-0178 Firefox Chrome privilege escalation via forced URL drag and drop
https://bugzilla.redhat.com/show_bug.cgi?id=578154
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update gnome-python2-extras' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
14 years, 2 months
[SECURITY] Fedora 12 Update: firefox-3.5.9-1.fc12
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-5506
2010-04-01 00:18:40
--------------------------------------------------------------------------------
Name : firefox
Product : Fedora 12
Version : 3.5.9
Release : 1.fc12
URL : http://www.mozilla.org/projects/firefox/
Summary : Mozilla Firefox Web browser
Description :
Mozilla Firefox is an open-source web browser, designed for standards
compliance, performance and portability.
--------------------------------------------------------------------------------
Update Information:
Update to new upstream Firefox version 3.5.9 / XULRunner version 1.9.1.9, fixing
multiple security issues detailed in the upstream advisories:
http://www.mozilla.org/security/known-
vulnerabilities/firefox35.html#firefox3.5.9 Update also includes all packages
depending on gecko-libs rebuilt against new version of Firefox / XULRunner.
CVE-2010-0173 CVE-2010-0174 CVE-2010-0175 CVE-2010-0176 CVE-2010-0177
CVE-2010-0178 CVE-2010-0181
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 30 2010 Jan Horak <jhorak(a)redhat.com> - 3.5.9-1
- Update to 3.5.9
* Tue Feb 16 2010 Jan Horak <jhorak(a)redhat.com> - 3.5.8-1
- Update to 3.5.8
* Wed Dec 16 2009 Jan Horak <jhorak(a)redhat.com> - 3.5.6-1
- Update to 3.5.6
* Thu Nov 5 2009 Jan Horak <jhorak(a)redhat.com> - 3.5.5-1
- Update to 3.5.5
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #578147 - CVE-2010-0174 Mozilla crashes with evidence of memory corruption
https://bugzilla.redhat.com/show_bug.cgi?id=578147
[ 2 ] Bug #578149 - CVE-2010-0175 Mozilla remote code execution with use-after-free in nsTreeSelection
https://bugzilla.redhat.com/show_bug.cgi?id=578149
[ 3 ] Bug #578150 - CVE-2010-0176 Mozilla Dangling pointer vulnerability in nsTreeContentView
https://bugzilla.redhat.com/show_bug.cgi?id=578150
[ 4 ] Bug #578152 - CVE-2010-0177 Mozilla Dangling pointer vulnerability in nsPluginArray
https://bugzilla.redhat.com/show_bug.cgi?id=578152
[ 5 ] Bug #578154 - CVE-2010-0178 Firefox Chrome privilege escalation via forced URL drag and drop
https://bugzilla.redhat.com/show_bug.cgi?id=578154
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update firefox' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
14 years, 2 months
[SECURITY] Fedora 12 Update: mozvoikko-1.0-9.fc12
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-5506
2010-04-01 00:18:40
--------------------------------------------------------------------------------
Name : mozvoikko
Product : Fedora 12
Version : 1.0
Release : 9.fc12
URL : http://voikko.sourceforge.net
Summary : Finnish Voikko spell-checker extension for Mozilla programs
Description :
This is mozvoikko, an extension for Mozilla programs for using the Finnish
spell-checker Voikko.
--------------------------------------------------------------------------------
Update Information:
Update to new upstream Firefox version 3.5.9 / XULRunner version 1.9.1.9, fixing
multiple security issues detailed in the upstream advisories:
http://www.mozilla.org/security/known-
vulnerabilities/firefox35.html#firefox3.5.9 Update also includes all packages
depending on gecko-libs rebuilt against new version of Firefox / XULRunner.
CVE-2010-0173 CVE-2010-0174 CVE-2010-0175 CVE-2010-0176 CVE-2010-0177
CVE-2010-0178 CVE-2010-0181
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 30 2010 Jan Horak <jhorak(a)redhat.com> - 1.0-9
- Rebuild against newer gecko
* Thu Feb 18 2010 Jan Horak <jhorak(a)redhat.com> - 1.0-8
- Rebuild against newer gecko
* Wed Dec 16 2009 Jan Horak <jhorak(a)redhat.com> - 1.0-7
- Rebuild against newer gecko
* Thu Nov 5 2009 Jan Horak <jhorak(a)redhat.com> - 1.0-6
- Rebuild against newer gecko
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #578147 - CVE-2010-0174 Mozilla crashes with evidence of memory corruption
https://bugzilla.redhat.com/show_bug.cgi?id=578147
[ 2 ] Bug #578149 - CVE-2010-0175 Mozilla remote code execution with use-after-free in nsTreeSelection
https://bugzilla.redhat.com/show_bug.cgi?id=578149
[ 3 ] Bug #578150 - CVE-2010-0176 Mozilla Dangling pointer vulnerability in nsTreeContentView
https://bugzilla.redhat.com/show_bug.cgi?id=578150
[ 4 ] Bug #578152 - CVE-2010-0177 Mozilla Dangling pointer vulnerability in nsPluginArray
https://bugzilla.redhat.com/show_bug.cgi?id=578152
[ 5 ] Bug #578154 - CVE-2010-0178 Firefox Chrome privilege escalation via forced URL drag and drop
https://bugzilla.redhat.com/show_bug.cgi?id=578154
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update mozvoikko' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
14 years, 2 months
[SECURITY] Fedora 12 Update: gnome-web-photo-0.9-6.fc12
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-5506
2010-04-01 00:18:40
--------------------------------------------------------------------------------
Name : gnome-web-photo
Product : Fedora 12
Version : 0.9
Release : 6.fc12
URL : http://download.gnome.org/sources/gnome-web-photo/0.9/
Summary : HTML pages thumbnailer
Description :
gnome-web-photo contains a thumbnailer that will be used by GNOME applications,
including the file manager, to generate screenshots of web pages.
--------------------------------------------------------------------------------
Update Information:
Update to new upstream Firefox version 3.5.9 / XULRunner version 1.9.1.9, fixing
multiple security issues detailed in the upstream advisories:
http://www.mozilla.org/security/known-
vulnerabilities/firefox35.html#firefox3.5.9 Update also includes all packages
depending on gecko-libs rebuilt against new version of Firefox / XULRunner.
CVE-2010-0173 CVE-2010-0174 CVE-2010-0175 CVE-2010-0176 CVE-2010-0177
CVE-2010-0178 CVE-2010-0181
--------------------------------------------------------------------------------
ChangeLog:
* Tue Mar 30 2010 Jan Horak <jhorak(a)redhat.com> - 0.9-6
- Rebuild against newer gecko
* Thu Feb 18 2010 Jan Horak <jhorak(a)redhat.com> - 0.9-5
- Rebuild against newer gecko
* Wed Dec 16 2009 Jan Horak <jhorak(a)redhat.com> - 0.9-4
- Rebuild against newer gecko
* Thu Nov 5 2009 Jan Horak <jhorak(a)redhat.com> - 0.9-3
- Rebuild against newer gecko
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #578147 - CVE-2010-0174 Mozilla crashes with evidence of memory corruption
https://bugzilla.redhat.com/show_bug.cgi?id=578147
[ 2 ] Bug #578149 - CVE-2010-0175 Mozilla remote code execution with use-after-free in nsTreeSelection
https://bugzilla.redhat.com/show_bug.cgi?id=578149
[ 3 ] Bug #578150 - CVE-2010-0176 Mozilla Dangling pointer vulnerability in nsTreeContentView
https://bugzilla.redhat.com/show_bug.cgi?id=578150
[ 4 ] Bug #578152 - CVE-2010-0177 Mozilla Dangling pointer vulnerability in nsPluginArray
https://bugzilla.redhat.com/show_bug.cgi?id=578152
[ 5 ] Bug #578154 - CVE-2010-0178 Firefox Chrome privilege escalation via forced URL drag and drop
https://bugzilla.redhat.com/show_bug.cgi?id=578154
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update gnome-web-photo' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
14 years, 2 months