[FEDORA-2008-11598] Fedora 9: xulrunner, firefox, epiphany, blam, epiphany-extensions & 16 more

Severity High

Affected Packages 21

CVEs 11

Update to the new upstream Firefox 3.0.5 / XULRunner 1.9.0.5 fixing multiple
security issues: http://www.mozilla.org/security/known-
vulnerabilities/firefox30.html#firefox3.0.5 This update also contains new
builds of all applications depending on Gecko libraries, built against thenew
version. Note: after the updated packages are installed, Firefox must be
restarted for the update to take effect.

Package	Affected Version
pkg:rpm/fedora/yelp?distro=fedora-9	< 2.22.1.7.fc9
pkg:rpm/fedora/xulrunner?distro=fedora-9	< 1.9.0.5.1.fc9
pkg:rpm/fedora/totem?distro=fedora-9	< 2.23.2.9.fc9
pkg:rpm/fedora/ruby-gnome2?distro=fedora-9	< 0.17.0.4.fc9
pkg:rpm/fedora/mugshot?distro=fedora-9	< 1.2.2.4.fc9
pkg:rpm/fedora/mozvoikko?distro=fedora-9	< 0.9.5.5.fc9
pkg:rpm/fedora/Miro?distro=fedora-9	< 1.2.7.3.fc9
pkg:rpm/fedora/kazehakase?distro=fedora-9	< 0.5.6.1.fc9.2
pkg:rpm/fedora/gtkmozembedmm?distro=fedora-9	< 1.4.2.cvs20060817.24.fc9
pkg:rpm/fedora/google-gadgets?distro=fedora-9	< 0.10.3.2.fc9
pkg:rpm/fedora/gnome-web-photo?distro=fedora-9	< 0.3.16.fc9
pkg:rpm/fedora/gnome-python2-extras?distro=fedora-9	< 2.19.1.22.fc9
pkg:rpm/fedora/galeon?distro=fedora-9	< 2.0.7.4.fc9
pkg:rpm/fedora/firefox?distro=fedora-9	< 3.0.5.1.fc9
pkg:rpm/fedora/evolution-rss?distro=fedora-9	< 0.1.0.5.fc9
pkg:rpm/fedora/epiphany?distro=fedora-9	< 2.22.2.6.fc9
pkg:rpm/fedora/epiphany-extensions?distro=fedora-9	< 2.22.1.6.fc9
pkg:rpm/fedora/devhelp?distro=fedora-9	< 0.19.1.7.fc9
pkg:rpm/fedora/chmsee?distro=fedora-9	< 1.0.1.7.fc9
pkg:rpm/fedora/cairo-dock?distro=fedora-9	< 1.6.3.1.1.fc9.2
pkg:rpm/fedora/blam?distro=fedora-9	< 1.8.5.4.fc9.1

ID

FEDORA-2008-11598

Severity

high

Severity from

CVE-2008-5500

URL

https://bodhi.fedoraproject.org/updates/FEDORA-2008-11598

Published

2008-12-21T08:37:20
(15 years ago)

Modified

2008-12-21T08:37:20
(15 years ago)

Rights

Other Advisories

Source	# ID	Name	URL
Bugzilla	476285	Bug #476285 - CVE-2008-5511 Firefox XSS via XBL bindings to unloaded document	https://bugzilla.redhat.com/show_bug.cgi?id=476285
Bugzilla	476269	Bug #476269 - CVE-2008-5502 JavaScript engine crash - Firefox 3 only	https://bugzilla.redhat.com/show_bug.cgi?id=476269
Bugzilla	476267	Bug #476267 - CVE-2008-5501 Layout engine crash - Firefox 3 only	https://bugzilla.redhat.com/show_bug.cgi?id=476267
Bugzilla	476283	Bug #476283 - CVE-2008-5510 Firefox null characters ignored by CSS parser	https://bugzilla.redhat.com/show_bug.cgi?id=476283
Bugzilla	476281	Bug #476281 - CVE-2008-5508 Firefox errors parsing URLs with control characters	https://bugzilla.redhat.com/show_bug.cgi?id=476281
Bugzilla	476278	Bug #476278 - CVE-2008-5506 Firefox XMLHttpRequest 302 response disclosure	https://bugzilla.redhat.com/show_bug.cgi?id=476278
Bugzilla	476266	Bug #476266 - CVE-2008-5500 Layout engine crashes - Firefox 2 and 3	https://bugzilla.redhat.com/show_bug.cgi?id=476266
Bugzilla	476289	Bug #476289 - CVE-2008-5513 Firefox XSS vulnerabilities in SessionStore	https://bugzilla.redhat.com/show_bug.cgi?id=476289
Bugzilla	476280	Bug #476280 - CVE-2008-5507 Firefox Cross-domain data theft via script redirect error message	https://bugzilla.redhat.com/show_bug.cgi?id=476280
Bugzilla	476287	Bug #476287 - CVE-2008-5512 Firefox JavaScript privilege escalation	https://bugzilla.redhat.com/show_bug.cgi?id=476287
Bugzilla	476274	Bug #476274 - CVE-2008-5505 Firefox 3 User tracking via XUL persist attribute	https://bugzilla.redhat.com/show_bug.cgi?id=476274

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform
Affected	pkg:rpm/fedora/yelp?distro=fedora-9	fedora	yelp	< 2.22.1.7.fc9	fedora-9
Affected	pkg:rpm/fedora/xulrunner?distro=fedora-9	fedora	xulrunner	< 1.9.0.5.1.fc9	fedora-9
Affected	pkg:rpm/fedora/totem?distro=fedora-9	fedora	totem	< 2.23.2.9.fc9	fedora-9
Affected	pkg:rpm/fedora/ruby-gnome2?distro=fedora-9	fedora	ruby-gnome2	< 0.17.0.4.fc9	fedora-9
Affected	pkg:rpm/fedora/mugshot?distro=fedora-9	fedora	mugshot	< 1.2.2.4.fc9	fedora-9
Affected	pkg:rpm/fedora/mozvoikko?distro=fedora-9	fedora	mozvoikko	< 0.9.5.5.fc9	fedora-9
Affected	pkg:rpm/fedora/Miro?distro=fedora-9	fedora	Miro	< 1.2.7.3.fc9	fedora-9
Affected	pkg:rpm/fedora/kazehakase?distro=fedora-9	fedora	kazehakase	< 0.5.6.1.fc9.2	fedora-9
Affected	pkg:rpm/fedora/gtkmozembedmm?distro=fedora-9	fedora	gtkmozembedmm	< 1.4.2.cvs20060817.24.fc9	fedora-9
Affected	pkg:rpm/fedora/google-gadgets?distro=fedora-9	fedora	google-gadgets	< 0.10.3.2.fc9	fedora-9
Affected	pkg:rpm/fedora/gnome-web-photo?distro=fedora-9	fedora	gnome-web-photo	< 0.3.16.fc9	fedora-9
Affected	pkg:rpm/fedora/gnome-python2-extras?distro=fedora-9	fedora	gnome-python2-extras	< 2.19.1.22.fc9	fedora-9
Affected	pkg:rpm/fedora/galeon?distro=fedora-9	fedora	galeon	< 2.0.7.4.fc9	fedora-9
Affected	pkg:rpm/fedora/firefox?distro=fedora-9	fedora	firefox	< 3.0.5.1.fc9	fedora-9
Affected	pkg:rpm/fedora/evolution-rss?distro=fedora-9	fedora	evolution-rss	< 0.1.0.5.fc9	fedora-9
Affected	pkg:rpm/fedora/epiphany?distro=fedora-9	fedora	epiphany	< 2.22.2.6.fc9	fedora-9
Affected	pkg:rpm/fedora/epiphany-extensions?distro=fedora-9	fedora	epiphany-extensions	< 2.22.1.6.fc9	fedora-9
Affected	pkg:rpm/fedora/devhelp?distro=fedora-9	fedora	devhelp	< 0.19.1.7.fc9	fedora-9
Affected	pkg:rpm/fedora/chmsee?distro=fedora-9	fedora	chmsee	< 1.0.1.7.fc9	fedora-9
Affected	pkg:rpm/fedora/cairo-dock?distro=fedora-9	fedora	cairo-dock	< 1.6.3.1.1.fc9.2	fedora-9
Affected	pkg:rpm/fedora/blam?distro=fedora-9	fedora	blam	< 1.8.5.4.fc9.1	fedora-9

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date