1. Home
  2. Security Advisories
  3. Fedora
  4. FEDORA-2009-1398

[FEDORA-2009-1398] Fedora 10: xulrunner, firefox, epiphany-extensions, devhelp, epiphany & 14 more

Severity High
Affected Packages 19
CVEs 7
Info Packages References Vulnerabilities

Update to the new upstream Firefox 3.0.6 / XULRunner 1.9.0.6 fixing multiple
security issues: http://www.mozilla.org/security/known-
vulnerabilities/firefox30.html#firefox3.0.6 This update also contains new
builds of all applications depending on Gecko libraries, built against the new
version, including the latest google gadgets upstream release. See
http://code.google.com/p/google-gadgets-for-
linux/source/browse/trunk/ChangeLog?spec=svn1087&r=1087 for details. Note:
after the updated packages are installed, Firefox must be restarted for the
update to take effect.

Package Affected Version
pkg:rpm/fedora/yelp?distro=fedora-10 < 2.24.0.5.fc10
pkg:rpm/fedora/xulrunner?distro=fedora-10 < 1.9.0.6.1.fc10
pkg:rpm/fedora/ruby-gnome2?distro=fedora-10 < 0.18.1.3.fc10
pkg:rpm/fedora/pcmanx-gtk2?distro=fedora-10 < 0.3.8.5.fc10
pkg:rpm/fedora/mugshot?distro=fedora-10 < 1.2.2.5.fc10
pkg:rpm/fedora/mozvoikko?distro=fedora-10 < 0.9.5.6.fc10
pkg:rpm/fedora/Miro?distro=fedora-10 < 1.2.8.2.fc10
pkg:rpm/fedora/kazehakase?distro=fedora-10 < 0.5.6.1.fc10.3
pkg:rpm/fedora/google-gadgets?distro=fedora-10 < 0.10.5.2.fc10
pkg:rpm/fedora/gnome-web-photo?distro=fedora-10 < 0.3.14.fc10
pkg:rpm/fedora/gnome-python2-extras?distro=fedora-10 < 2.19.1.26.fc10
pkg:rpm/fedora/gecko-sharp2?distro=fedora-10 < 0.13.4.fc10
pkg:rpm/fedora/galeon?distro=fedora-10 < 2.0.7.5.fc10
pkg:rpm/fedora/firefox?distro=fedora-10 < 3.0.6.1.fc10
pkg:rpm/fedora/evolution-rss?distro=fedora-10 < 0.1.2.4.fc10
pkg:rpm/fedora/epiphany?distro=fedora-10 < 2.24.3.2.fc10
pkg:rpm/fedora/epiphany-extensions?distro=fedora-10 < 2.24.0.4.fc10
pkg:rpm/fedora/devhelp?distro=fedora-10 < 0.22.3.fc10
pkg:rpm/fedora/blam?distro=fedora-10 < 1.8.5.6.fc10
ID
FEDORA-2009-1398
Severity
high
Severity from
CVE-2009-0352
URL
https://bodhi.fedoraproject.org/updates/FEDORA-2009-1398
Published
2009-02-06T05:21:19
(15 years ago)
Modified
2009-02-06T05:21:19
(15 years ago)
Rights
Copyright 2009 Red Hat, Inc.
Other Advisories
Source # ID Name URL
Bugzilla 483141 Bug #483141 - CVE-2009-0353 Firefox javascript crashes with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=483141
Bugzilla 483145 Bug #483145 - CVE-2009-0357 Firefox XMLHttpRequest allows reading HTTPOnly cookies https://bugzilla.redhat.com/show_bug.cgi?id=483145
Bugzilla 483142 Bug #483142 - CVE-2009-0354 Firefox XSS using a chrome XBL method and window.eval https://bugzilla.redhat.com/show_bug.cgi?id=483142
Bugzilla 483144 Bug #483144 - CVE-2009-0356 Firefox Chrome privilege escalation via local .desktop files https://bugzilla.redhat.com/show_bug.cgi?id=483144
Bugzilla 483150 Bug #483150 - CVE-2009-0358 Firefox directives to not cache pages ignored https://bugzilla.redhat.com/show_bug.cgi?id=483150
Bugzilla 483143 Bug #483143 - CVE-2009-0355 Firefox local file stealing with SessionStore https://bugzilla.redhat.com/show_bug.cgi?id=483143
Bugzilla 483139 Bug #483139 - CVE-2009-0352 Firefox layout crashes with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=483139
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/fedora/yelp?distro=fedora-10 fedora yelp < 2.24.0.5.fc10 fedora-10
Affected pkg:rpm/fedora/xulrunner?distro=fedora-10 fedora xulrunner < 1.9.0.6.1.fc10 fedora-10
Affected pkg:rpm/fedora/ruby-gnome2?distro=fedora-10 fedora ruby-gnome2 < 0.18.1.3.fc10 fedora-10
Affected pkg:rpm/fedora/pcmanx-gtk2?distro=fedora-10 fedora pcmanx-gtk2 < 0.3.8.5.fc10 fedora-10
Affected pkg:rpm/fedora/mugshot?distro=fedora-10 fedora mugshot < 1.2.2.5.fc10 fedora-10
Affected pkg:rpm/fedora/mozvoikko?distro=fedora-10 fedora mozvoikko < 0.9.5.6.fc10 fedora-10
Affected pkg:rpm/fedora/Miro?distro=fedora-10 fedora Miro < 1.2.8.2.fc10 fedora-10
Affected pkg:rpm/fedora/kazehakase?distro=fedora-10 fedora kazehakase < 0.5.6.1.fc10.3 fedora-10
Affected pkg:rpm/fedora/google-gadgets?distro=fedora-10 fedora google-gadgets < 0.10.5.2.fc10 fedora-10
Affected pkg:rpm/fedora/gnome-web-photo?distro=fedora-10 fedora gnome-web-photo < 0.3.14.fc10 fedora-10
Affected pkg:rpm/fedora/gnome-python2-extras?distro=fedora-10 fedora gnome-python2-extras < 2.19.1.26.fc10 fedora-10
Affected pkg:rpm/fedora/gecko-sharp2?distro=fedora-10 fedora gecko-sharp2 < 0.13.4.fc10 fedora-10
Affected pkg:rpm/fedora/galeon?distro=fedora-10 fedora galeon < 2.0.7.5.fc10 fedora-10
Affected pkg:rpm/fedora/firefox?distro=fedora-10 fedora firefox < 3.0.6.1.fc10 fedora-10
Affected pkg:rpm/fedora/evolution-rss?distro=fedora-10 fedora evolution-rss < 0.1.2.4.fc10 fedora-10
Affected pkg:rpm/fedora/epiphany?distro=fedora-10 fedora epiphany < 2.24.3.2.fc10 fedora-10
Affected pkg:rpm/fedora/epiphany-extensions?distro=fedora-10 fedora epiphany-extensions < 2.24.0.4.fc10 fedora-10
Affected pkg:rpm/fedora/devhelp?distro=fedora-10 fedora devhelp < 0.22.3.fc10 fedora-10
Affected pkg:rpm/fedora/blam?distro=fedora-10 fedora blam < 1.8.5.6.fc10 fedora-10
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date