April 2010 - package-announce - Fedora Mailing-Lists

Fedora 11 Update: NetworkManager-openvpn-0.7.2.995-1.git20100202.fc11

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-3471 2010-03-03 01:38:35 -------------------------------------------------------------------------------- Name : NetworkManager-openvpn Product : Fedora 11 Version : 0.7.2.995 Release : 1.git20100202.fc11 URL : http://www.gnome.org/projects/NetworkManager/ Summary : NetworkManager VPN plugin for OpenVPN Description : This package contains software for integrating the OpenVPN VPN software with NetworkManager and the GNOME desktop. -------------------------------------------------------------------------------- Update Information: This update adds support for OLPC wireless mesh devices, fixes a bug with handling of /etc/hosts, and is better able to recognize updates to system network configuration files. Additionally, it enhances import/export capabilities of various VPN plugins and fixes a bug using OpenVPN 'shared key' connections. -------------------------------------------------------------------------------- ChangeLog: * Tue Feb 2 2010 Dan Williams <dcbw(a)redhat.com> - 1:0.7.2.995-1.git20100202 - core: add support for "tls-remote" matching of X509 certificate subjects - core: handle "port" and "rport" import/export correctly - core: handle remote peer address correctly in shared key mode * Mon Nov 23 2009 Dan Williams <dcbw(a)redhat.com> - 1:0.7.2-1 - Add export capability (rh #491355) - Allow custom renegotiation intervals (rh #490971) - Handle 'subnet' topology correctly * Mon Jul 13 2009 Dan Williams <dcbw(a)redhat.com> - 1:0.7.1-1.20090713 - Update to 0.7.1 - Translation updates -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update NetworkManager-openvpn' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

14 years, 2 months

1
0
0 / 0

Fedora 11 Update: python-SocksiPy-1.00-3.fc11

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-4176 2010-03-11 07:02:21 -------------------------------------------------------------------------------- Name : python-SocksiPy Product : Fedora 11 Version : 1.00 Release : 3.fc11 URL : http://socksipy.sourceforge.net/ Summary : A Python SOCKS module Description : This Python module allows you to create TCP connections through a SOCKS proxy without any special effort. -------------------------------------------------------------------------------- Update Information: A Python SOCKS module -------------------------------------------------------------------------------- References: [ 1 ] Bug #566409 - Review Request: python-SocksiPy - A Python SOCKS module https://bugzilla.redhat.com/show_bug.cgi?id=566409 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update python-SocksiPy' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

14 years, 2 months

1
0
0 / 0

Fedora 11 Update: qstardict-0.13.1-3.fc11

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-4938 2010-03-23 01:42:23 -------------------------------------------------------------------------------- Name : qstardict Product : Fedora 11 Version : 0.13.1 Release : 3.fc11 URL : http://qstardict.ylsoftware.com/ Summary : StarDict clone written using Qt4 Description : QStarDict is a StarDict clone written using Qt4. The user interface is similar to StarDict. Main features: * Full support of StarDict dictionaries * Working from the system tray * Scanning mouse selection and showing pop-up windows with translation of selected words * Translations reformatting * Pronouncing of the translated words * Plugins support -------------------------------------------------------------------------------- Update Information: QStarDict is a StarDict clone written using Qt4. The user interface is similar to StarDict. Main features: * Full support of StarDict dictionaries * Working from the system tray * Scanning mouse selection and showing pop-up windows with translation of selected words * Translations reformatting * Pronouncing of the translated words * Plugins support -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update qstardict' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

14 years, 2 months

1
0
0 / 0

[SECURITY] Fedora 12 Update: galeon-2.0.7-22.fc12

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-5506 2010-04-01 00:18:40 -------------------------------------------------------------------------------- Name : galeon Product : Fedora 12 Version : 2.0.7 Release : 22.fc12 URL : http://galeon.sourceforge.net/ Summary : GNOME2 Web browser based on Mozilla Description : Galeon is a web browser built around Gecko (Mozilla's rendering engine) and Necko (Mozilla's networking engine). It's a GNOME web browser, designed to take advantage of as many GNOME technologies as makes sense. Galeon was written to do just one thing - browse the web. -------------------------------------------------------------------------------- Update Information: Update to new upstream Firefox version 3.5.9 / XULRunner version 1.9.1.9, fixing multiple security issues detailed in the upstream advisories: http://www.mozilla.org/security/known- vulnerabilities/firefox35.html#firefox3.5.9 Update also includes all packages depending on gecko-libs rebuilt against new version of Firefox / XULRunner. CVE-2010-0173 CVE-2010-0174 CVE-2010-0175 CVE-2010-0176 CVE-2010-0177 CVE-2010-0178 CVE-2010-0181 -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 30 2010 Jan Horak <jhorak(a)redhat.com> - 2.0.7-22 - Rebuild against newer gecko * Mon Mar 29 2010 Yanko Kaneti <yaneti(a)declera.com> - 2.0.7-21 - Avoid crashing (#577604), gnome bug 418439 - http://start.fedoraproject.org/ as default homepage * Thu Feb 18 2010 Jan Horak <jhorak(a)redhat.com> - 2.0.7-20 - Rebuild against newer gecko * Wed Dec 16 2009 Jan Horak <jhorak(a)redhat.com> - 2.0.7-19 - Rebuild against newer gecko * Thu Nov 5 2009 Jan Horak <jhorak(a)redhat.com> - 2.0.7-18 - Rebuild against newer gecko -------------------------------------------------------------------------------- References: [ 1 ] Bug #578147 - CVE-2010-0174 Mozilla crashes with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=578147 [ 2 ] Bug #578149 - CVE-2010-0175 Mozilla remote code execution with use-after-free in nsTreeSelection https://bugzilla.redhat.com/show_bug.cgi?id=578149 [ 3 ] Bug #578150 - CVE-2010-0176 Mozilla Dangling pointer vulnerability in nsTreeContentView https://bugzilla.redhat.com/show_bug.cgi?id=578150 [ 4 ] Bug #578152 - CVE-2010-0177 Mozilla Dangling pointer vulnerability in nsPluginArray https://bugzilla.redhat.com/show_bug.cgi?id=578152 [ 5 ] Bug #578154 - CVE-2010-0178 Firefox Chrome privilege escalation via forced URL drag and drop https://bugzilla.redhat.com/show_bug.cgi?id=578154 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update galeon' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

14 years, 2 months

1
0
0 / 0

[SECURITY] Fedora 12 Update: perl-Gtk2-MozEmbed-0.08-6.fc12.12

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-5506 2010-04-01 00:18:40 -------------------------------------------------------------------------------- Name : perl-Gtk2-MozEmbed Product : Fedora 12 Version : 0.08 Release : 6.fc12.12 URL : http://search.cpan.org/dist/Gtk2-MozEmbed Summary : Interface to the Mozilla embedding widget Description : This module allows you to use the Mozilla embedding widget from Perl. -------------------------------------------------------------------------------- Update Information: Update to new upstream Firefox version 3.5.9 / XULRunner version 1.9.1.9, fixing multiple security issues detailed in the upstream advisories: http://www.mozilla.org/security/known- vulnerabilities/firefox35.html#firefox3.5.9 Update also includes all packages depending on gecko-libs rebuilt against new version of Firefox / XULRunner. CVE-2010-0173 CVE-2010-0174 CVE-2010-0175 CVE-2010-0176 CVE-2010-0177 CVE-2010-0178 CVE-2010-0181 -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 30 2010 Jan Horak <jhorak(a)redhat.com> - 0.08-6.12 - Rebuild against newer gecko * Thu Feb 18 2010 Jan Horak <jhorak(a)redhat.com> - 0.08-6.11 - Rebuild against newer gecko * Wed Dec 16 2009 Jan Horak <jhorak(a)redhat.com> - 0.08-6.10 - Rebuild against newer gecko * Thu Nov 5 2009 Jan Horak <jhorak(a)redhat.com> - 0.08-6.9 - Rebuild against newer gecko -------------------------------------------------------------------------------- References: [ 1 ] Bug #578147 - CVE-2010-0174 Mozilla crashes with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=578147 [ 2 ] Bug #578149 - CVE-2010-0175 Mozilla remote code execution with use-after-free in nsTreeSelection https://bugzilla.redhat.com/show_bug.cgi?id=578149 [ 3 ] Bug #578150 - CVE-2010-0176 Mozilla Dangling pointer vulnerability in nsTreeContentView https://bugzilla.redhat.com/show_bug.cgi?id=578150 [ 4 ] Bug #578152 - CVE-2010-0177 Mozilla Dangling pointer vulnerability in nsPluginArray https://bugzilla.redhat.com/show_bug.cgi?id=578152 [ 5 ] Bug #578154 - CVE-2010-0178 Firefox Chrome privilege escalation via forced URL drag and drop https://bugzilla.redhat.com/show_bug.cgi?id=578154 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update perl-Gtk2-MozEmbed' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

14 years, 2 months

1
0
0 / 0

[SECURITY] Fedora 12 Update: xulrunner-1.9.1.9-1.fc12

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-5506 2010-04-01 00:18:40 -------------------------------------------------------------------------------- Name : xulrunner Product : Fedora 12 Version : 1.9.1.9 Release : 1.fc12 URL : http://developer.mozilla.org/En/XULRunner Summary : XUL Runtime for Gecko Applications Description : XULRunner provides the XUL Runtime environment for Gecko applications. -------------------------------------------------------------------------------- Update Information: Update to new upstream Firefox version 3.5.9 / XULRunner version 1.9.1.9, fixing multiple security issues detailed in the upstream advisories: http://www.mozilla.org/security/known- vulnerabilities/firefox35.html#firefox3.5.9 Update also includes all packages depending on gecko-libs rebuilt against new version of Firefox / XULRunner. CVE-2010-0173 CVE-2010-0174 CVE-2010-0175 CVE-2010-0176 CVE-2010-0177 CVE-2010-0178 CVE-2010-0181 -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 30 2010 Jan Horak <jhorak(a)redhat.com> - 1.9.1.9-1 - Update to 1.9.1.9 * Wed Mar 24 2010 Dennis Gilmore <dennis(a)ausil.us> - 1.9.1.8-2.1 - fix sparc arch multilib - dont try and build nanojit on sparc64 * Wed Feb 17 2010 Martin Stransky <stransky(a)redhat.com> - 1.9.1.8-2 - Added fix for #564184 - xulrunner-devel multilib conflict * Tue Feb 16 2010 Jan Horak <jhorak(a)redhat.com> - 1.9.1.8-1 - Update to 1.9.1.8 * Thu Jan 7 2010 Martin Stransky <stransky(a)redhat.com> - 1.9.1.6-2 - Added fix for #480989 * Wed Dec 16 2009 Jan Horak <jhorak(a)redhat.com> - 1.9.1.6-1 - Update to 1.9.1.6 * Thu Nov 5 2009 Jan Horak <jhorak(a)redhat.com> - 1.9.1.5-1 - Update to 1.9.1.5 -------------------------------------------------------------------------------- References: [ 1 ] Bug #578147 - CVE-2010-0174 Mozilla crashes with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=578147 [ 2 ] Bug #578149 - CVE-2010-0175 Mozilla remote code execution with use-after-free in nsTreeSelection https://bugzilla.redhat.com/show_bug.cgi?id=578149 [ 3 ] Bug #578150 - CVE-2010-0176 Mozilla Dangling pointer vulnerability in nsTreeContentView https://bugzilla.redhat.com/show_bug.cgi?id=578150 [ 4 ] Bug #578152 - CVE-2010-0177 Mozilla Dangling pointer vulnerability in nsPluginArray https://bugzilla.redhat.com/show_bug.cgi?id=578152 [ 5 ] Bug #578154 - CVE-2010-0178 Firefox Chrome privilege escalation via forced URL drag and drop https://bugzilla.redhat.com/show_bug.cgi?id=578154 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update xulrunner' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

14 years, 2 months

1
0
0 / 0

[SECURITY] Fedora 12 Update: gnome-python2-extras-2.25.3-17.fc12

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-5506 2010-04-01 00:18:40 -------------------------------------------------------------------------------- Name : gnome-python2-extras Product : Fedora 12 Version : 2.25.3 Release : 17.fc12 URL : http://www.pygtk.org/ Summary : Additional PyGNOME Python extension modules Description : The gnome-python-extra package contains the source packages for additional Python bindings for GNOME. It should be used together with gnome-python. -------------------------------------------------------------------------------- Update Information: Update to new upstream Firefox version 3.5.9 / XULRunner version 1.9.1.9, fixing multiple security issues detailed in the upstream advisories: http://www.mozilla.org/security/known- vulnerabilities/firefox35.html#firefox3.5.9 Update also includes all packages depending on gecko-libs rebuilt against new version of Firefox / XULRunner. CVE-2010-0173 CVE-2010-0174 CVE-2010-0175 CVE-2010-0176 CVE-2010-0177 CVE-2010-0178 CVE-2010-0181 -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 30 2010 Jan Horak <jhorak(a)redhat.com> - 2.25.3-17 - Rebuild against newer gecko * Thu Feb 18 2010 Jan Horak <jhorak(a)redhat.com> - 2.25.3-16 - Rebuild against newer gecko * Thu Jan 7 2010 Matthew Barnes <mbarnes(a)redhat.com> - 2.25.3-15 - Add switches to disable gda and gdl subpackages. * Wed Dec 16 2009 Jan Horak <jhorak(a)redhat.com> - 2.25.3-14 - Rebuild against newer gecko -------------------------------------------------------------------------------- References: [ 1 ] Bug #578147 - CVE-2010-0174 Mozilla crashes with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=578147 [ 2 ] Bug #578149 - CVE-2010-0175 Mozilla remote code execution with use-after-free in nsTreeSelection https://bugzilla.redhat.com/show_bug.cgi?id=578149 [ 3 ] Bug #578150 - CVE-2010-0176 Mozilla Dangling pointer vulnerability in nsTreeContentView https://bugzilla.redhat.com/show_bug.cgi?id=578150 [ 4 ] Bug #578152 - CVE-2010-0177 Mozilla Dangling pointer vulnerability in nsPluginArray https://bugzilla.redhat.com/show_bug.cgi?id=578152 [ 5 ] Bug #578154 - CVE-2010-0178 Firefox Chrome privilege escalation via forced URL drag and drop https://bugzilla.redhat.com/show_bug.cgi?id=578154 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update gnome-python2-extras' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

14 years, 2 months

1
0
0 / 0

[SECURITY] Fedora 12 Update: firefox-3.5.9-1.fc12

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-5506 2010-04-01 00:18:40 -------------------------------------------------------------------------------- Name : firefox Product : Fedora 12 Version : 3.5.9 Release : 1.fc12 URL : http://www.mozilla.org/projects/firefox/ Summary : Mozilla Firefox Web browser Description : Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. -------------------------------------------------------------------------------- Update Information: Update to new upstream Firefox version 3.5.9 / XULRunner version 1.9.1.9, fixing multiple security issues detailed in the upstream advisories: http://www.mozilla.org/security/known- vulnerabilities/firefox35.html#firefox3.5.9 Update also includes all packages depending on gecko-libs rebuilt against new version of Firefox / XULRunner. CVE-2010-0173 CVE-2010-0174 CVE-2010-0175 CVE-2010-0176 CVE-2010-0177 CVE-2010-0178 CVE-2010-0181 -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 30 2010 Jan Horak <jhorak(a)redhat.com> - 3.5.9-1 - Update to 3.5.9 * Tue Feb 16 2010 Jan Horak <jhorak(a)redhat.com> - 3.5.8-1 - Update to 3.5.8 * Wed Dec 16 2009 Jan Horak <jhorak(a)redhat.com> - 3.5.6-1 - Update to 3.5.6 * Thu Nov 5 2009 Jan Horak <jhorak(a)redhat.com> - 3.5.5-1 - Update to 3.5.5 -------------------------------------------------------------------------------- References: [ 1 ] Bug #578147 - CVE-2010-0174 Mozilla crashes with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=578147 [ 2 ] Bug #578149 - CVE-2010-0175 Mozilla remote code execution with use-after-free in nsTreeSelection https://bugzilla.redhat.com/show_bug.cgi?id=578149 [ 3 ] Bug #578150 - CVE-2010-0176 Mozilla Dangling pointer vulnerability in nsTreeContentView https://bugzilla.redhat.com/show_bug.cgi?id=578150 [ 4 ] Bug #578152 - CVE-2010-0177 Mozilla Dangling pointer vulnerability in nsPluginArray https://bugzilla.redhat.com/show_bug.cgi?id=578152 [ 5 ] Bug #578154 - CVE-2010-0178 Firefox Chrome privilege escalation via forced URL drag and drop https://bugzilla.redhat.com/show_bug.cgi?id=578154 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update firefox' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

14 years, 2 months

1
0
0 / 0

[SECURITY] Fedora 12 Update: mozvoikko-1.0-9.fc12

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-5506 2010-04-01 00:18:40 -------------------------------------------------------------------------------- Name : mozvoikko Product : Fedora 12 Version : 1.0 Release : 9.fc12 URL : http://voikko.sourceforge.net Summary : Finnish Voikko spell-checker extension for Mozilla programs Description : This is mozvoikko, an extension for Mozilla programs for using the Finnish spell-checker Voikko. -------------------------------------------------------------------------------- Update Information: Update to new upstream Firefox version 3.5.9 / XULRunner version 1.9.1.9, fixing multiple security issues detailed in the upstream advisories: http://www.mozilla.org/security/known- vulnerabilities/firefox35.html#firefox3.5.9 Update also includes all packages depending on gecko-libs rebuilt against new version of Firefox / XULRunner. CVE-2010-0173 CVE-2010-0174 CVE-2010-0175 CVE-2010-0176 CVE-2010-0177 CVE-2010-0178 CVE-2010-0181 -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 30 2010 Jan Horak <jhorak(a)redhat.com> - 1.0-9 - Rebuild against newer gecko * Thu Feb 18 2010 Jan Horak <jhorak(a)redhat.com> - 1.0-8 - Rebuild against newer gecko * Wed Dec 16 2009 Jan Horak <jhorak(a)redhat.com> - 1.0-7 - Rebuild against newer gecko * Thu Nov 5 2009 Jan Horak <jhorak(a)redhat.com> - 1.0-6 - Rebuild against newer gecko -------------------------------------------------------------------------------- References: [ 1 ] Bug #578147 - CVE-2010-0174 Mozilla crashes with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=578147 [ 2 ] Bug #578149 - CVE-2010-0175 Mozilla remote code execution with use-after-free in nsTreeSelection https://bugzilla.redhat.com/show_bug.cgi?id=578149 [ 3 ] Bug #578150 - CVE-2010-0176 Mozilla Dangling pointer vulnerability in nsTreeContentView https://bugzilla.redhat.com/show_bug.cgi?id=578150 [ 4 ] Bug #578152 - CVE-2010-0177 Mozilla Dangling pointer vulnerability in nsPluginArray https://bugzilla.redhat.com/show_bug.cgi?id=578152 [ 5 ] Bug #578154 - CVE-2010-0178 Firefox Chrome privilege escalation via forced URL drag and drop https://bugzilla.redhat.com/show_bug.cgi?id=578154 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update mozvoikko' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

14 years, 2 months

1
0
0 / 0

[SECURITY] Fedora 12 Update: gnome-web-photo-0.9-6.fc12

by updates＠fedoraproject.org

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-5506 2010-04-01 00:18:40 -------------------------------------------------------------------------------- Name : gnome-web-photo Product : Fedora 12 Version : 0.9 Release : 6.fc12 URL : http://download.gnome.org/sources/gnome-web-photo/0.9/ Summary : HTML pages thumbnailer Description : gnome-web-photo contains a thumbnailer that will be used by GNOME applications, including the file manager, to generate screenshots of web pages. -------------------------------------------------------------------------------- Update Information: Update to new upstream Firefox version 3.5.9 / XULRunner version 1.9.1.9, fixing multiple security issues detailed in the upstream advisories: http://www.mozilla.org/security/known- vulnerabilities/firefox35.html#firefox3.5.9 Update also includes all packages depending on gecko-libs rebuilt against new version of Firefox / XULRunner. CVE-2010-0173 CVE-2010-0174 CVE-2010-0175 CVE-2010-0176 CVE-2010-0177 CVE-2010-0178 CVE-2010-0181 -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 30 2010 Jan Horak <jhorak(a)redhat.com> - 0.9-6 - Rebuild against newer gecko * Thu Feb 18 2010 Jan Horak <jhorak(a)redhat.com> - 0.9-5 - Rebuild against newer gecko * Wed Dec 16 2009 Jan Horak <jhorak(a)redhat.com> - 0.9-4 - Rebuild against newer gecko * Thu Nov 5 2009 Jan Horak <jhorak(a)redhat.com> - 0.9-3 - Rebuild against newer gecko -------------------------------------------------------------------------------- References: [ 1 ] Bug #578147 - CVE-2010-0174 Mozilla crashes with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=578147 [ 2 ] Bug #578149 - CVE-2010-0175 Mozilla remote code execution with use-after-free in nsTreeSelection https://bugzilla.redhat.com/show_bug.cgi?id=578149 [ 3 ] Bug #578150 - CVE-2010-0176 Mozilla Dangling pointer vulnerability in nsTreeContentView https://bugzilla.redhat.com/show_bug.cgi?id=578150 [ 4 ] Bug #578152 - CVE-2010-0177 Mozilla Dangling pointer vulnerability in nsPluginArray https://bugzilla.redhat.com/show_bug.cgi?id=578152 [ 5 ] Bug #578154 - CVE-2010-0178 Firefox Chrome privilege escalation via forced URL drag and drop https://bugzilla.redhat.com/show_bug.cgi?id=578154 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update gnome-web-photo' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------

14 years, 2 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

package-announce April 2010