[FEDORA-2009-10878] Fedora 11: chmsee, blam, epiphany-extensions, epiphany, galeon & 17 more

Severity High

Affected Packages 22

CVEs 9

Update to new upstream Firefox version 3.5.4, fixing multiple security issues
detailed in the upstream advisories: http://www.mozilla.org/security/known-
vulnerabilities/firefox35.html#firefox3.5.4 Update also includes all packages
depending on gecko-libs rebuilt against new version of Firefox / XULRunner.

Package	Affected Version
pkg:rpm/fedora/yelp?distro=fedora-11	< 2.26.0.8.fc11
pkg:rpm/fedora/xulrunner?distro=fedora-11	< 1.9.1.4.1.fc11
pkg:rpm/fedora/seahorse-plugins?distro=fedora-11	< 2.26.2.7.fc11
pkg:rpm/fedora/ruby-gnome2?distro=fedora-11	< 0.19.3.3.fc11
pkg:rpm/fedora/perl-Gtk2-MozEmbed?distro=fedora-11	< 0.08.6.fc11.6
pkg:rpm/fedora/pcmanx-gtk2?distro=fedora-11	< 0.3.8.9.fc11
pkg:rpm/fedora/mozvoikko?distro=fedora-11	< 0.9.7.0.8.rc1.fc11
pkg:rpm/fedora/monodevelop?distro=fedora-11	< 2.0.6.fc11
pkg:rpm/fedora/Miro?distro=fedora-11	< 2.5.2.5.fc11
pkg:rpm/fedora/kazehakase?distro=fedora-11	< 0.5.8.2.fc11.1
pkg:rpm/fedora/hulahop?distro=fedora-11	< 0.4.9.9.fc11
pkg:rpm/fedora/google-gadgets?distro=fedora-11	< 0.11.1.2.fc11
pkg:rpm/fedora/gnome-web-photo?distro=fedora-11	< 0.7.7.fc11
pkg:rpm/fedora/gnome-python2-extras?distro=fedora-11	< 2.25.3.8.fc11
pkg:rpm/fedora/galeon?distro=fedora-11	< 2.0.7.17.fc11
pkg:rpm/fedora/firefox?distro=fedora-11	< 3.5.4.1.fc11
pkg:rpm/fedora/evolution-rss?distro=fedora-11	< 0.1.4.5.fc11
pkg:rpm/fedora/epiphany?distro=fedora-11	< 2.26.3.5.fc11
pkg:rpm/fedora/epiphany-extensions?distro=fedora-11	< 2.26.1.7.fc11
pkg:rpm/fedora/eclipse?distro=fedora-11	< 3.4.2.17.fc11
pkg:rpm/fedora/chmsee?distro=fedora-11	< 1.0.1.12.fc11
pkg:rpm/fedora/blam?distro=fedora-11	< 1.8.5.15.fc11

ID

FEDORA-2009-10878

Severity

high

Severity from

CVE-2009-3380

URL

https://bodhi.fedoraproject.org/updates/FEDORA-2009-10878

Published

2009-10-29T02:59:35
(15 years ago)

Modified

2009-10-29T02:59:35
(15 years ago)

Rights

Other Advisories

Source	# ID	Name	URL
Bugzilla	530157	Bug #530157 - CVE-2009-3374 Firefox chrome privilege escalation in XPCVariant::VariantDataToJS()	https://bugzilla.redhat.com/show_bug.cgi?id=530157
Bugzilla	530167	Bug #530167 - CVE-2009-3375 Firefox cross-origin data theft through document.getSelection()	https://bugzilla.redhat.com/show_bug.cgi?id=530167
Bugzilla	530567	Bug #530567 - CVE-2009-3380 Firefox crashes with evidence of memory corruption	https://bugzilla.redhat.com/show_bug.cgi?id=530567
Bugzilla	530151	Bug #530151 - CVE-2009-3370 Firefox form history vulnerable to stealing	https://bugzilla.redhat.com/show_bug.cgi?id=530151
Bugzilla	530156	Bug #530156 - CVE-2009-3373 Firefox heap buffer overflow in GIF color map parser	https://bugzilla.redhat.com/show_bug.cgi?id=530156
Bugzilla	530155	Bug #530155 - CVE-2009-3372 Firefox crash in proxy auto-configuration regexp parsing	https://bugzilla.redhat.com/show_bug.cgi?id=530155
Bugzilla	524815	Bug #524815 - CVE-2009-3274 Firefox: Predictable /tmp pathname use	https://bugzilla.redhat.com/show_bug.cgi?id=524815
Bugzilla	530168	Bug #530168 - CVE-2009-3376 Firefox download filename spoofing with RTL override	https://bugzilla.redhat.com/show_bug.cgi?id=530168
Bugzilla	530162	Bug #530162 - CVE-2009-1563 Firefox heap buffer overflow in string to number conversion	https://bugzilla.redhat.com/show_bug.cgi?id=530162

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform
Affected	pkg:rpm/fedora/yelp?distro=fedora-11	fedora	yelp	< 2.26.0.8.fc11	fedora-11
Affected	pkg:rpm/fedora/xulrunner?distro=fedora-11	fedora	xulrunner	< 1.9.1.4.1.fc11	fedora-11
Affected	pkg:rpm/fedora/seahorse-plugins?distro=fedora-11	fedora	seahorse-plugins	< 2.26.2.7.fc11	fedora-11
Affected	pkg:rpm/fedora/ruby-gnome2?distro=fedora-11	fedora	ruby-gnome2	< 0.19.3.3.fc11	fedora-11
Affected	pkg:rpm/fedora/perl-Gtk2-MozEmbed?distro=fedora-11	fedora	perl-Gtk2-MozEmbed	< 0.08.6.fc11.6	fedora-11
Affected	pkg:rpm/fedora/pcmanx-gtk2?distro=fedora-11	fedora	pcmanx-gtk2	< 0.3.8.9.fc11	fedora-11
Affected	pkg:rpm/fedora/mozvoikko?distro=fedora-11	fedora	mozvoikko	< 0.9.7.0.8.rc1.fc11	fedora-11
Affected	pkg:rpm/fedora/monodevelop?distro=fedora-11	fedora	monodevelop	< 2.0.6.fc11	fedora-11
Affected	pkg:rpm/fedora/Miro?distro=fedora-11	fedora	Miro	< 2.5.2.5.fc11	fedora-11
Affected	pkg:rpm/fedora/kazehakase?distro=fedora-11	fedora	kazehakase	< 0.5.8.2.fc11.1	fedora-11
Affected	pkg:rpm/fedora/hulahop?distro=fedora-11	fedora	hulahop	< 0.4.9.9.fc11	fedora-11
Affected	pkg:rpm/fedora/google-gadgets?distro=fedora-11	fedora	google-gadgets	< 0.11.1.2.fc11	fedora-11
Affected	pkg:rpm/fedora/gnome-web-photo?distro=fedora-11	fedora	gnome-web-photo	< 0.7.7.fc11	fedora-11
Affected	pkg:rpm/fedora/gnome-python2-extras?distro=fedora-11	fedora	gnome-python2-extras	< 2.25.3.8.fc11	fedora-11
Affected	pkg:rpm/fedora/galeon?distro=fedora-11	fedora	galeon	< 2.0.7.17.fc11	fedora-11
Affected	pkg:rpm/fedora/firefox?distro=fedora-11	fedora	firefox	< 3.5.4.1.fc11	fedora-11
Affected	pkg:rpm/fedora/evolution-rss?distro=fedora-11	fedora	evolution-rss	< 0.1.4.5.fc11	fedora-11
Affected	pkg:rpm/fedora/epiphany?distro=fedora-11	fedora	epiphany	< 2.26.3.5.fc11	fedora-11
Affected	pkg:rpm/fedora/epiphany-extensions?distro=fedora-11	fedora	epiphany-extensions	< 2.26.1.7.fc11	fedora-11
Affected	pkg:rpm/fedora/eclipse?distro=fedora-11	fedora	eclipse	< 3.4.2.17.fc11	fedora-11
Affected	pkg:rpm/fedora/chmsee?distro=fedora-11	fedora	chmsee	< 1.0.1.12.fc11	fedora-11
Affected	pkg:rpm/fedora/blam?distro=fedora-11	fedora	blam	< 1.8.5.15.fc11	fedora-11

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date