Fedora Core 3 Update: sylpheed-1.0.4-0.fc3
by Akira TAGOH
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-264
2005-03-29
---------------------------------------------------------------------
Product : Fedora Core 3
Name : sylpheed
Version : 1.0.4
Release : 0.fc3
Summary : A GTK+ based, lightweight, and fast email client.
Description :
This program is an X based fast email client which has features
like:
o user-friendly and intuitive interface
o integrated NetNews client (partially implemented)
o ability of keyboard-only operation
o Mew/Wanderlust-like key bind
o multipart MIME
o unlimited multiple account handling
o message queueing
o assortment function
o XML-based address book
See /usr/share/doc/sylpheed*/README for more information.
---------------------------------------------------------------------
* Mon Mar 28 2005 Warren Togami <wtogami(a)redhat.com> - 1.0.4-0.fc3
- 1.0.4 fixes another buffer overflow
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
079c6ec9358056925208c99c6ebaee22 SRPMS/sylpheed-1.0.4-0.fc3.src.rpm
84f3bbb2cff85b076825cde553fe9dda x86_64/sylpheed-1.0.4-0.fc3.x86_64.rpm
a807a28b7d13d4d8d1491890c00ff480 x86_64/debug/sylpheed-debuginfo-1.0.4-0.fc3.x86_64.rpm
c747a3fee4f6fa0088199118f92e7134 i386/debug/sylpheed-debuginfo-1.0.4-0.fc3.i386.rpm
8d0f9be6fa4d314e5c869fca9dfeabce i386/sylpheed-1.0.4-0.fc3.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
19 years, 1 month
Fedora Core 2 Update: sylpheed-1.0.4-0.fc2
by Akira TAGOH
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-263
2005-03-29
---------------------------------------------------------------------
Product : Fedora Core 2
Name : sylpheed
Version : 1.0.4
Release : 0.fc2
Summary : A GTK+ based, lightweight, and fast email client.
Description :
This program is an X based fast email client which has features
like:
o user-friendly and intuitive interface
o integrated NetNews client (partially implemented)
o ability of keyboard-only operation
o Mew/Wanderlust-like key bind
o multipart MIME
o unlimited multiple account handling
o message queueing
o assortment function
o XML-based address book
See /usr/share/doc/sylpheed*/README for more information.
---------------------------------------------------------------------
* Mon Mar 28 2005 Warren Togami <wtogami(a)redhat.com> - 1.0.4-0.fc2
- 1.0.4 fixes another buffer overflow
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
2f5a18417bde55cae286daeff079903f SRPMS/sylpheed-1.0.4-0.fc2.src.rpm
9969eb242a19817dafd30edff744ddb3 x86_64/sylpheed-1.0.4-0.fc2.x86_64.rpm
487835349be1bc4794145c0b5b395eaa x86_64/debug/sylpheed-debuginfo-1.0.4-0.fc2.x86_64.rpm
94ca08666fd3ddd52b72be0b23dad99e i386/debug/sylpheed-debuginfo-1.0.4-0.fc2.i386.rpm
6d075fbac76ff0fdb9ce962896ed6952 i386/sylpheed-1.0.4-0.fc2.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
19 years, 1 month
Fedora Core 2 Update: mozilla-1.7.6-1.2.5
by Warren Togami
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-271
2005-03-28
---------------------------------------------------------------------
Product : Fedora Core 2
Name : mozilla
Version : 1.7.6
Release : 1.2.5
Summary : Web browser and mail reader
Description :
Mozilla is an open-source web browser, designed for standards
compliance, performance and portability.
---------------------------------------------------------------------
Update Information:
This update supercedes the previous 1.7.6-1.2.2 which mistakenly had
dependencies on FC3.
---------------------------------------------------------------------
* Sun Mar 27 2005 Warren Togami <wtogami(a)redhat.com> 37:1.7.6-1.2.5
- reduce desktop-file-utils version dep (#152220)
- remove update-desktop-database from scriptlets
- fix gtk system colors
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
2e93d64716ab25839f67b4f917063b9a SRPMS/mozilla-1.7.6-1.2.5.src.rpm
91b036318cc6002d1731c129bcf96e28 x86_64/mozilla-1.7.6-1.2.5.x86_64.rpm
167409ffa36f06cb37040b017beae889 x86_64/mozilla-nspr-1.7.6-1.2.5.x86_64.rpm
4f8e912a56ceb281c7a66c186baf069a
x86_64/mozilla-nspr-devel-1.7.6-1.2.5.x86_64.rpm
232fee0dce85b49c566d8e4e28b31f9e x86_64/mozilla-nss-1.7.6-1.2.5.x86_64.rpm
81720a50b5bb0dfec1115fd8b7918f80
x86_64/mozilla-nss-devel-1.7.6-1.2.5.x86_64.rpm
fb05b71bd4105fcdb4a04fe6b0431fc5
x86_64/mozilla-devel-1.7.6-1.2.5.x86_64.rpm
abf590b8ee56af3535896a6a1eceeceb x86_64/mozilla-mail-1.7.6-1.2.5.x86_64.rpm
2c417c12dced865f0db37366194cce40 x86_64/mozilla-chat-1.7.6-1.2.5.x86_64.rpm
793aa4347fc4d16f6512a02729848386
x86_64/mozilla-js-debugger-1.7.6-1.2.5.x86_64.rpm
49d841233ba022cc051988fea7587878
x86_64/mozilla-dom-inspector-1.7.6-1.2.5.x86_64.rpm
cf3c2ad6594e716420e67e6fea532874
x86_64/debug/mozilla-debuginfo-1.7.6-1.2.5.x86_64.rpm
48d99f4bd366216969bc05ebd908cd44 x86_64/mozilla-1.7.6-1.2.5.i386.rpm
7e2aac09061264fb116a2cc9b3b79163 x86_64/mozilla-nspr-1.7.6-1.2.5.i386.rpm
9ebe8c00e8c30ee88c5f5641a6d001ae
x86_64/mozilla-nspr-devel-1.7.6-1.2.5.i386.rpm
e285cc9470a1f44bb73ae3fc0c80052e x86_64/mozilla-nss-1.7.6-1.2.5.i386.rpm
30cceceae8c08f7852e888fccc291022
x86_64/mozilla-nss-devel-1.7.6-1.2.5.i386.rpm
8dd4ba6d84b9b08858418a9b69c92f1a x86_64/mozilla-devel-1.7.6-1.2.5.i386.rpm
40ef06bf418a697459dd5fd8de993b38 x86_64/mozilla-mail-1.7.6-1.2.5.i386.rpm
5d4f779684f7ce732efe000db14b57e0 x86_64/mozilla-chat-1.7.6-1.2.5.i386.rpm
09c4c881300fa51e530a8f821bf36843
x86_64/mozilla-js-debugger-1.7.6-1.2.5.i386.rpm
6cbb56a9c8196d8956a98fc3fddadeef
x86_64/mozilla-dom-inspector-1.7.6-1.2.5.i386.rpm
48d99f4bd366216969bc05ebd908cd44 i386/mozilla-1.7.6-1.2.5.i386.rpm
7e2aac09061264fb116a2cc9b3b79163 i386/mozilla-nspr-1.7.6-1.2.5.i386.rpm
9ebe8c00e8c30ee88c5f5641a6d001ae
i386/mozilla-nspr-devel-1.7.6-1.2.5.i386.rpm
e285cc9470a1f44bb73ae3fc0c80052e i386/mozilla-nss-1.7.6-1.2.5.i386.rpm
30cceceae8c08f7852e888fccc291022
i386/mozilla-nss-devel-1.7.6-1.2.5.i386.rpm
8dd4ba6d84b9b08858418a9b69c92f1a i386/mozilla-devel-1.7.6-1.2.5.i386.rpm
40ef06bf418a697459dd5fd8de993b38 i386/mozilla-mail-1.7.6-1.2.5.i386.rpm
5d4f779684f7ce732efe000db14b57e0 i386/mozilla-chat-1.7.6-1.2.5.i386.rpm
09c4c881300fa51e530a8f821bf36843
i386/mozilla-js-debugger-1.7.6-1.2.5.i386.rpm
6cbb56a9c8196d8956a98fc3fddadeef
i386/mozilla-dom-inspector-1.7.6-1.2.5.i386.rpm
4fb7a370ac1ae8eecb2235f5f75fb296
i386/debug/mozilla-debuginfo-1.7.6-1.2.5.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
19 years, 1 month
Fedora Core 3 Update: spamassassin-3.0.2-0.fc3
by Warren Togami
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-261
2005-03-28
---------------------------------------------------------------------
Product : Fedora Core 3
Name : spamassassin
Version : 3.0.2
Release : 0.fc3
Summary : Spam filter for email which can be invoked from mail
delivery agents.
Description :
SpamAssassin provides you with a way to reduce if not completely eliminate
Unsolicited Commercial Email (SPAM) from your incoming email. It can
be invoked by a MDA such as sendmail or postfix, or can be called from
a procmail script, .forward file, etc. It uses a genetic-algorithm
evolved scoring system to identify messages which look spammy, then
adds headers to the message so they can be filtered by the user's mail
reading software. This distribution includes the spamd/spamc components
which create a server that considerably speeds processing of mail.
To enable spamassassin, if you are receiving mail locally, simply add
this line to your ~/.procmailrc:
INCLUDERC=/etc/mail/spamassassin/spamassassin-default.rc
To filter spam for all users, add that line to /etc/procmailrc
(creating if necessary).
---------------------------------------------------------------------
Update Information:
http://wiki.apache.org/spamassassin/changes302
Upstream bug fixes.
---------------------------------------------------------------------
* Thu Mar 24 2005 Florian La Roche <laroche(a)redhat.com>
- add "exit 0" to postun script
* Thu Mar 24 2005 Joe Orton <jorton(a)redhat.com> 3.0.2-4
- package the NOTICE file
* Thu Mar 17 2005 Warren Togami <wtogami(a)redhat.com> - 3.0.2-3
- reinclude ia64, thanks jvdias
* Tue Mar 15 2005 Warren Togami <wtogami(a)redhat.com> - 3.0.2-2
- exclude ia64 for now due to Bug #151127
* Mon Dec 20 2004 Warren Togami <wtogami(a)redhat.com> - 3.0.2-1
- 3.0.2
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
fa6de1906320c843125f3a578b522757 SRPMS/spamassassin-3.0.2-0.fc3.src.rpm
82f592b238ef341fa84d33886ab0f294 x86_64/spamassassin-3.0.2-0.fc3.x86_64.rpm
741c896af056b0c7d0accb1576da90ce
x86_64/debug/spamassassin-debuginfo-3.0.2-0.fc3.x86_64.rpm
667d0f426b824fa2d0403859c7422f1e i386/spamassassin-3.0.2-0.fc3.i386.rpm
0a25bc3c18979406006b5fd8e7b77393
i386/debug/spamassassin-debuginfo-3.0.2-0.fc3.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
19 years, 1 month
[SECURITY] Fedora Core 2 Update: squirrelmail-1.4.4-1.FC2
by Warren Togami
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-259
2005-03-28
---------------------------------------------------------------------
Product : Fedora Core 2
Name : squirrelmail
Version : 1.4.4
Release : 1.FC2
Summary : SquirrelMail webmail client
Description :
SquirrelMail is a standards-based webmail package written in PHP4. It
includes built-in pure PHP support for the IMAP and SMTP protocols, and
all pages render in pure HTML 4.0 (with no Javascript) for maximum
compatibility across browsers. It has very few requirements and is very
easy to configure and install. SquirrelMail has all the functionality
you would want from an email client, including strong MIME support,
address books, and folder manipulation.
---------------------------------------------------------------------
Update Information:
Multiple issues in squirrelmail (CAN-2005-0104)
Upgrade to 1.4.4
---------------------------------------------------------------------
* Thu Jan 27 2005 Warren Togami <wtogami(a)redhat.com> 1.4.4-2
- 1.4.4
- re-include translations and Provide squirrelmail-i18n
better compatible with upstream, but we cannot split sub-package
due to support of existing distributions
- remove unnecessary .po files
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
a238db60bcad582241e36e125eb2888a SRPMS/squirrelmail-1.4.4-1.FC2.src.rpm
196e34e86ad654beb1f44462c6148e99 x86_64/squirrelmail-1.4.4-1.FC2.noarch.rpm
196e34e86ad654beb1f44462c6148e99 i386/squirrelmail-1.4.4-1.FC2.noarch.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
19 years, 1 month
[SECURITY] Fedora Core 3 Update: squirrelmail-1.4.4-1.FC3
by Warren Togami
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-260
2005-03-28
---------------------------------------------------------------------
Product : Fedora Core 3
Name : squirrelmail
Version : 1.4.4
Release : 1.FC3
Summary : SquirrelMail webmail client
Description :
SquirrelMail is a standards-based webmail package written in PHP4. It
includes built-in pure PHP support for the IMAP and SMTP protocols, and
all pages render in pure HTML 4.0 (with no Javascript) for maximum
compatibility across browsers. It has very few requirements and is very
easy to configure and install. SquirrelMail has all the functionality
you would want from an email client, including strong MIME support,
address books, and folder manipulation.
---------------------------------------------------------------------
Update Information:
Multiple issues in squirrelmail (CAN-2005-0104)
Upgrade to 1.4.4
---------------------------------------------------------------------
* Thu Jan 27 2005 Warren Togami <wtogami(a)redhat.com> 1.4.4-2
- 1.4.4
- re-include translations and Provide squirrelmail-i18n
better compatible with upstream, but we cannot split sub-package
due to support of existing distributions
- remove unnecessary .po files
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
b62f0fe0b26a125239e4897a1aef60d8 SRPMS/squirrelmail-1.4.4-1.FC3.src.rpm
4df4db9e6f9b4278615c5d6189427f7a x86_64/squirrelmail-1.4.4-1.FC3.noarch.rpm
4df4db9e6f9b4278615c5d6189427f7a i386/squirrelmail-1.4.4-1.FC3.noarch.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
19 years, 1 month
[SECURITY] Fedora Core 2 Update: kernel-2.6.10-1.771_FC2
by Dave Jones
---------------------------------------------------------------------
Fedora Security Update Notification
FEDORA-2005-262
2005-03-28
---------------------------------------------------------------------
Product : Fedora Core 2
Name : kernel
Version : 2.6.10
Release : 1.771_FC2
Summary : The Linux kernel (the core of the Linux operating system)
Description :
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system. The kernel handles the basic functions
of the operating system: memory allocation, process allocation, device
input and output, etc.
---------------------------------------------------------------------
* Sun Mar 27 2005 Dave Jones <davej(a)redhat.com>
- Catch up with all recent security issues.
- CAN-2005-0210 : dst leak
- CAN-2005-0384 : ppp dos
- CAN-2005-0531 : Sign handling issues.
- CAN-2005-0400 : EXT2 information leak.
- CAN-2005-0449 : Remote oops.
- CAN-2005-0736 : Epoll overflow
- CAN-2005-0749 : ELF loader may kfree wrong memory.
- CAN-2005-0750 : Missing range checking in bluetooth
- CAN-2005-0767 : drm race in radeon
- CAN-2005-0815 : Corrupt isofs images could cause oops.
* Tue Mar 22 2005 Dave Jones <davej(a)redhat.com>
- Fix swapped parameters to memset in ieee802.11 code.
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
279048bd2e34f477912badf1bb73d798 SRPMS/kernel-2.6.10-1.771_FC2.src.rpm
65d8acccaa8686bc8a8be34268801b5a x86_64/kernel-2.6.10-1.771_FC2.x86_64.rpm
a5a4c03beb3cd37a71789b4c40e99797 x86_64/kernel-smp-2.6.10-1.771_FC2.x86_64.rpm
28ca62a9652cca57aadc0841dd58c85c x86_64/debug/kernel-debuginfo-2.6.10-1.771_FC2.x86_64.rpm
e8d9cfc6aa998268426023a8a7bd3012 x86_64/kernel-sourcecode-2.6.10-1.771_FC2.noarch.rpm
3a14cc12fa4e6fb796edc1f8b7fa36cb x86_64/kernel-doc-2.6.10-1.771_FC2.noarch.rpm
2dd2777c4e63ee49a1fa5d0aac63198e i386/kernel-2.6.10-1.771_FC2.i586.rpm
4f85f53a459595cf69635ca98f538eea i386/kernel-smp-2.6.10-1.771_FC2.i586.rpm
f6c507301df73b72cb9636a3e7db2eb6 i386/debug/kernel-debuginfo-2.6.10-1.771_FC2.i586.rpm
c11edec2fb84f899cbc4ba21e0cf3a0a i386/kernel-2.6.10-1.771_FC2.i686.rpm
b2a94b6b94be8816b02901b4347b805c i386/kernel-smp-2.6.10-1.771_FC2.i686.rpm
3fe0f11bdf21a2d3aa9afa2956926542 i386/debug/kernel-debuginfo-2.6.10-1.771_FC2.i686.rpm
e8d9cfc6aa998268426023a8a7bd3012 i386/kernel-sourcecode-2.6.10-1.771_FC2.noarch.rpm
3a14cc12fa4e6fb796edc1f8b7fa36cb i386/kernel-doc-2.6.10-1.771_FC2.noarch.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
19 years, 1 month
[SECURITY] Fedora Core 2 Update: devhelp-0.9.1-0.2.5
by Christopher Aillon
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-251
2005-03-25
---------------------------------------------------------------------
Product : Fedora Core 2
Name : devhelp
Version : 0.9.1
Release : 0.2.5
Summary : API document browser
Description :
A API document browser for GNOME 2.
---------------------------------------------------------------------
Update Information:
There were several security flaws found in the mozilla package, which
devhelp depends on. Users of devhelp are advised to upgrade to this
updated package which has been rebuilt against a later version of
mozilla which is not vulnerable to these flaws.
---------------------------------------------------------------------
* Wed Mar 23 2005 Christopher Aillon <caillon(a)redhat.com> 0.9.1-0.2.5
- Use correct Requires line
* Wed Mar 23 2005 Christopher Aillon <caillon(a)redhat.com> 0.9.1-0.2.4
- Rebuild
* Wed Mar 23 2005 Christopher Aillon <caillon(a)redhat.com> 0.9.1-0.2.3
- Rebuild against mozilla 1.7.6
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
a35fe8bea6559080c3a6f461527a0461 SRPMS/devhelp-0.9.1-0.2.5.src.rpm
1bff7e616103f3875599df5a0291f63d x86_64/devhelp-0.9.1-0.2.5.x86_64.rpm
f3509c3787eff72692d4468972e53443
x86_64/devhelp-devel-0.9.1-0.2.5.x86_64.rpm
441fa682bdab1eb47a7fc8002a68a166
x86_64/debug/devhelp-debuginfo-0.9.1-0.2.5.x86_64.rpm
2b9c05582b7223a571b6fbd023041f30 i386/devhelp-0.9.1-0.2.5.i386.rpm
94cd93edd472cca7f38df7dcbd45b80d i386/devhelp-devel-0.9.1-0.2.5.i386.rpm
18fec0d58c92e91fab1b0ee4036fa2d1
i386/debug/devhelp-debuginfo-0.9.1-0.2.5.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
19 years, 1 month
[SECURITY] Fedora Core 2 Update: epiphany-1.2.10-0.2.1
by Christopher Aillon
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-253
2005-03-25
---------------------------------------------------------------------
Product : Fedora Core 2
Name : epiphany
Version : 1.2.10
Release : 0.2.1
Summary : GNOME web browser based on the Mozilla rendering engine
Description :
epiphany is a simple GNOME web browser based on the Mozilla rendering
engine
---------------------------------------------------------------------
Update Information:
There were several security flaws found in the mozilla package, which
epiphany depends on. Users of epiphany are advised to upgrade to this
updated package which has been rebuilt against a later version of
mozilla which is not vulnerable to these flaws.
---------------------------------------------------------------------
* Wed Mar 23 2005 Christopher Aillon <caillon(a)redhat.com> 1.2.10-0.2.1
- Update to 1.2.10
- Build against mozilla 1.7.6 (with help from Christian Persch)
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
398444378e055d50d82da73619b3cafb SRPMS/epiphany-1.2.10-0.2.1.src.rpm
52e4b6cd8f2ff59b219c3b2ad6aeb8d1 x86_64/epiphany-1.2.10-0.2.1.x86_64.rpm
26d196879bb545c94911264c0af96cd9
x86_64/debug/epiphany-debuginfo-1.2.10-0.2.1.x86_64.rpm
8fed4532e1d742bb7fc9cb02083fec11 i386/epiphany-1.2.10-0.2.1.i386.rpm
80fdc9ccfd0bbf7fb56ad039f28ce2ea
i386/debug/epiphany-debuginfo-1.2.10-0.2.1.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
19 years, 1 month
[SECURITY] Fedora Core 2 Update: mozilla-1.7.6-1.2.2
by Christopher Aillon
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-248
2005-03-25
---------------------------------------------------------------------
Product : Fedora Core 2
Name : mozilla
Version : 1.7.6
Release : 1.2.2
Summary : Web browser and mail reader
Description :
Mozilla is an open-source web browser, designed for standards
compliance, performance and portability.
---------------------------------------------------------------------
Update Information:
A buffer overflow bug was found in the way Mozilla processes GIF images.
It is possible for an attacker to create a specially crafted GIF image,
which when viewed by a victim will execute arbitrary code as the victim.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2005-0399 to this issue.
A bug was found in the way Mozilla responds to proxy auth requests. It
is possible for a malicious webserver to steal credentials from a
victims browser by issuing a 407 proxy authentication request.
(CAN-2005-0147)
A bug was found in the way Mozilla displays dialog windows. It is
possible that a malicious web page which is being displayed in a
background tab could present the user with a dialog window appearing to
come from the active page. (CAN-2004-1380)
A bug was found in the way Mozilla Mail handles cookies when loading
content over HTTP regardless of the user's preference. It is possible
that a particular user could be tracked through the use of malicious
mail messages which load content over HTTP. (CAN-2005-0149)
A flaw was found in the way Mozilla displays international domain names.
It is possible for an attacker to display a valid URL, tricking the user
into thinking they are viewing a legitimate webpage when they are not.
(CAN-2005-0233)
A bug was found in the way Mozilla handles pop-up windows. It is
possible for a malicious website to control the content in an unrelated
site's pop-up window. (CAN-2004-1156)
A bug was found in the way Mozilla saves temporary files. Temporary
files are saved with world readable permissions, which could allow a
local malicious user to view potentially sensitive data. (CAN-2005-0142)
A bug was found in the way Mozilla handles synthetic middle click
events. It is possible for a malicious web page to steal the contents of
a victims clipboard. (CAN-2005-0146)
A bug was found in the way Mozilla processes XUL content. If a malicious
web page can trick a user into dragging an object, it is possible to
load malicious XUL content. (CAN-2005-0401)
A bug was found in the way Mozilla loads links in a new tab which are
middle clicked. A malicious web page could read local files or modify
privileged chrom settings. (CAN-2005-0141)
A bug was found in the way Mozilla displays the secure site icon. A
malicious web page can use a view-source URL targetted at a secure page,
while loading an insecure page, yet the secure site icon shows the
previous secure state. (CAN-2005-0144)
A bug was found in the way Mozilla displays the secure site icon. A
malicious web page can display the secure site icon by loading a binary
file from a secured site. (CAN-2005-0143)
A bug was found in the way Mozilla displays the download dialog window.
A malicious site can obfuscate the content displayed in the source
field, tricking a user into thinking they are downloading content from a
trusted source. (CAN-2005-0585)
Users of Mozilla are advised to upgrade to this updated package which
contains Mozilla version 1.7.6 to correct these issues.
---------------------------------------------------------------------
* Wed Mar 23 2005 Christopher Aillon <caillon(a)redhat.com> 37:1.7.6-1.2.2
- Install all-redhat.js pref files
* Wed Mar 23 2005 Christopher Aillon <caillon(a)redhat.com> 37:1.7.6-1.2.1
- Update to 1.7.6
- Import changes from FC-3
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
670cd6dfd4638a8b720c5524dfda0904 SRPMS/mozilla-1.7.6-1.2.2.src.rpm
250c3130e8e6155be3aad1ba87230558 x86_64/mozilla-1.7.6-1.2.2.x86_64.rpm
fbcc83d64cde004cec0a7bc1aca02e58 x86_64/mozilla-nspr-1.7.6-1.2.2.x86_64.rpm
e824cb1b879262dae5b84f5a7e5ee995
x86_64/mozilla-nspr-devel-1.7.6-1.2.2.x86_64.rpm
6a05ed7fb6d14e24f3be8c175ff4c8b3 x86_64/mozilla-nss-1.7.6-1.2.2.x86_64.rpm
d5d63a2c25fa094e097bea688283c323
x86_64/mozilla-nss-devel-1.7.6-1.2.2.x86_64.rpm
88b1642f9efa482b8dc4d2ad0ce379db
x86_64/mozilla-devel-1.7.6-1.2.2.x86_64.rpm
b801fab02c0c048598f638b4a28fae3e x86_64/mozilla-mail-1.7.6-1.2.2.x86_64.rpm
9772a6749e5e2bac54844fade15e1b14 x86_64/mozilla-chat-1.7.6-1.2.2.x86_64.rpm
1920c0b8b1755128c0155b99e6fcf1d3
x86_64/mozilla-js-debugger-1.7.6-1.2.2.x86_64.rpm
6245b9a349949253d2d05d8641d00db3
x86_64/mozilla-dom-inspector-1.7.6-1.2.2.x86_64.rpm
1484983385ff129c03169a196c40c587
x86_64/debug/mozilla-debuginfo-1.7.6-1.2.2.x86_64.rpm
241e38a280bf30ab84eeb87a916ba5ac x86_64/mozilla-1.7.6-1.2.2.i386.rpm
8059d43c76c69a9dcdfbc80bab47c61d x86_64/mozilla-nspr-1.7.6-1.2.2.i386.rpm
78823643c0968e1127cb3a1105361ec3
x86_64/mozilla-nspr-devel-1.7.6-1.2.2.i386.rpm
25095410d01ea542dc1e429afb8c2b41 x86_64/mozilla-nss-1.7.6-1.2.2.i386.rpm
41aaf5aa43ef2ac72cbaa2e50fa8a768
x86_64/mozilla-nss-devel-1.7.6-1.2.2.i386.rpm
13eecc00d20fea369a3f2826235858b7 x86_64/mozilla-devel-1.7.6-1.2.2.i386.rpm
599cb8a1eeea64e30761f182e1e4b8c9 x86_64/mozilla-mail-1.7.6-1.2.2.i386.rpm
c88c78fe40130f350fa63eb5012a7519 x86_64/mozilla-chat-1.7.6-1.2.2.i386.rpm
054ca767763a06e4dc8c7791ad4e0b62
x86_64/mozilla-js-debugger-1.7.6-1.2.2.i386.rpm
08593a9c0909bbdfc2b3913420bc2b7e
x86_64/mozilla-dom-inspector-1.7.6-1.2.2.i386.rpm
241e38a280bf30ab84eeb87a916ba5ac i386/mozilla-1.7.6-1.2.2.i386.rpm
8059d43c76c69a9dcdfbc80bab47c61d i386/mozilla-nspr-1.7.6-1.2.2.i386.rpm
78823643c0968e1127cb3a1105361ec3
i386/mozilla-nspr-devel-1.7.6-1.2.2.i386.rpm
25095410d01ea542dc1e429afb8c2b41 i386/mozilla-nss-1.7.6-1.2.2.i386.rpm
41aaf5aa43ef2ac72cbaa2e50fa8a768
i386/mozilla-nss-devel-1.7.6-1.2.2.i386.rpm
13eecc00d20fea369a3f2826235858b7 i386/mozilla-devel-1.7.6-1.2.2.i386.rpm
599cb8a1eeea64e30761f182e1e4b8c9 i386/mozilla-mail-1.7.6-1.2.2.i386.rpm
c88c78fe40130f350fa63eb5012a7519 i386/mozilla-chat-1.7.6-1.2.2.i386.rpm
054ca767763a06e4dc8c7791ad4e0b62
i386/mozilla-js-debugger-1.7.6-1.2.2.i386.rpm
08593a9c0909bbdfc2b3913420bc2b7e
i386/mozilla-dom-inspector-1.7.6-1.2.2.i386.rpm
d8233042be25ec4f4cabcbe431d1a1b7
i386/debug/mozilla-debuginfo-1.7.6-1.2.2.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
19 years, 1 month