1. Home
  2. Security Advisories
  3. Fedora
  4. FEDORA-2009-13366

[FEDORA-2009-13366] Fedora 12: gnome-python2-extras, mozvoikko, Miro, firefox, galeon & 4 more

Severity High
Affected Packages 9
CVEs 9
Info Packages References Vulnerabilities

Update to new upstream Firefox version 3.5.6, fixing multiple security issues
detailed in the upstream advisories: http://www.mozilla.org/security/known-
vulnerabilities/firefox35.html#firefox3.5.6 Update also includes all packages
depending on gecko-libs rebuilt against new version of Firefox / XULRunner.
CVE-2009-3979 CVE-2009-3980 CVE-2009-3982 CVE-2009-3983 CVE-2009-3984
CVE-2009-3985 CVE-2009-3986 CVE-2009-3388 CVE-2009-3389

Package Affected Version
pkg:rpm/fedora/xulrunner?distro=fedora-12 < 1.9.1.6.1.fc12
pkg:rpm/fedora/perl-Gtk2-MozEmbed?distro=fedora-12 < 0.08.6.fc12.10
pkg:rpm/fedora/mozvoikko?distro=fedora-12 < 1.0.7.fc12
pkg:rpm/fedora/Miro?distro=fedora-12 < 2.5.2.7.fc12
pkg:rpm/fedora/gnome-web-photo?distro=fedora-12 < 0.9.4.fc12
pkg:rpm/fedora/gnome-python2-extras?distro=fedora-12 < 2.25.3.14.fc12
pkg:rpm/fedora/galeon?distro=fedora-12 < 2.0.7.19.fc12
pkg:rpm/fedora/firefox?distro=fedora-12 < 3.5.6.1.fc12
pkg:rpm/fedora/blam?distro=fedora-12 < 1.8.5.21.fc12
ID
FEDORA-2009-13366
Severity
high
Severity from
CVE-2009-3979
URL
https://bodhi.fedoraproject.org/updates/FEDORA-2009-13366
Published
2009-12-18T04:38:06
(14 years ago)
Modified
2009-12-18T04:38:06
(14 years ago)
Rights
Copyright 2009 Red Hat, Inc.
Other Advisories
Source # ID Name URL
Bugzilla 546724 Bug #546724 - CVE-2009-3986 Mozilla Chrome privilege escalation via window.opener https://bugzilla.redhat.com/show_bug.cgi?id=546724
Bugzilla 546694 Bug #546694 - CVE-2009-3979 Mozilla crash with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=546694
Bugzilla 546722 Bug #546722 - CVE-2009-3984 Mozilla SSL spoofing with document.location and empty SSL response page https://bugzilla.redhat.com/show_bug.cgi?id=546722
Bugzilla 546720 Bug #546720 - CVE-2009-3983 Mozilla NTLM reflection vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=546720
Bugzilla 546726 Bug #546726 - CVE-2009-3985 Mozilla URL spoofing via invalid document.location https://bugzilla.redhat.com/show_bug.cgi?id=546726
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/fedora/xulrunner?distro=fedora-12 fedora xulrunner < 1.9.1.6.1.fc12 fedora-12
Affected pkg:rpm/fedora/perl-Gtk2-MozEmbed?distro=fedora-12 fedora perl-Gtk2-MozEmbed < 0.08.6.fc12.10 fedora-12
Affected pkg:rpm/fedora/mozvoikko?distro=fedora-12 fedora mozvoikko < 1.0.7.fc12 fedora-12
Affected pkg:rpm/fedora/Miro?distro=fedora-12 fedora Miro < 2.5.2.7.fc12 fedora-12
Affected pkg:rpm/fedora/gnome-web-photo?distro=fedora-12 fedora gnome-web-photo < 0.9.4.fc12 fedora-12
Affected pkg:rpm/fedora/gnome-python2-extras?distro=fedora-12 fedora gnome-python2-extras < 2.25.3.14.fc12 fedora-12
Affected pkg:rpm/fedora/galeon?distro=fedora-12 fedora galeon < 2.0.7.19.fc12 fedora-12
Affected pkg:rpm/fedora/firefox?distro=fedora-12 fedora firefox < 3.5.6.1.fc12 fedora-12
Affected pkg:rpm/fedora/blam?distro=fedora-12 fedora blam < 1.8.5.21.fc12 fedora-12
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date