1. Home
  2. Security Advisories
  3. Fedora
  4. FEDORA-2009-6366

[FEDORA-2009-6366] Fedora 10: firefox, xulrunner, epiphany, blam, epiphany-extensions & 14 more

Severity High
Affected Packages 19
CVEs 11
Info Packages References Vulnerabilities

Update to new upstream Firefox version 3.0.11, fixing multiple security issues
detailed in the upstream advisories: http://www.mozilla.org/security/known-
vulnerabilities/firefox30.html#firefox3.0.11 Update also includes all
packages depending on gecko-libs rebuild against new version of Firefox /
XULRunner.

Package Affected Version
pkg:rpm/fedora/yelp?distro=fedora-10 < 2.24.0.10.fc10
pkg:rpm/fedora/xulrunner?distro=fedora-10 < 1.9.0.11.1.fc10
pkg:rpm/fedora/ruby-gnome2?distro=fedora-10 < 0.18.1.5.fc10.3
pkg:rpm/fedora/perl-Gtk2-MozEmbed?distro=fedora-10 < 0.08.6.fc10.2
pkg:rpm/fedora/pcmanx-gtk2?distro=fedora-10 < 0.3.8.10.fc10
pkg:rpm/fedora/mugshot?distro=fedora-10 < 1.2.2.10.fc10
pkg:rpm/fedora/mozvoikko?distro=fedora-10 < 0.9.5.11.fc10
pkg:rpm/fedora/Miro?distro=fedora-10 < 2.0.3.5.fc10
pkg:rpm/fedora/kazehakase?distro=fedora-10 < 0.5.6.4.fc10.3
pkg:rpm/fedora/google-gadgets?distro=fedora-10 < 0.10.5.7.fc10
pkg:rpm/fedora/gnome-web-photo?distro=fedora-10 < 0.3.19.fc10
pkg:rpm/fedora/gnome-python2-extras?distro=fedora-10 < 2.19.1.31.fc10
pkg:rpm/fedora/gecko-sharp2?distro=fedora-10 < 0.13.9.fc10
pkg:rpm/fedora/galeon?distro=fedora-10 < 2.0.7.11.fc10
pkg:rpm/fedora/firefox?distro=fedora-10 < 3.0.11.1.fc10
pkg:rpm/fedora/epiphany?distro=fedora-10 < 2.24.3.7.fc10
pkg:rpm/fedora/epiphany-extensions?distro=fedora-10 < 2.24.3.2.fc10
pkg:rpm/fedora/devhelp?distro=fedora-10 < 0.22.9.fc10
pkg:rpm/fedora/blam?distro=fedora-10 < 1.8.5.11.fc10
ID
FEDORA-2009-6366
Severity
high
Severity from
CVE-2009-1392
URL
https://bodhi.fedoraproject.org/updates/FEDORA-2009-6366
Published
2009-06-16T02:20:19
(15 years ago)
Modified
2009-06-16T02:20:19
(15 years ago)
Rights
Copyright 2009 Red Hat, Inc.
Other Advisories
Source # ID Name URL
Bugzilla 503568 Bug #503568 - CVE-2009-1392 Firefox browser engine crashes https://bugzilla.redhat.com/show_bug.cgi?id=503568
Bugzilla 503580 Bug #503580 - CVE-2009-1838 Firefox arbitrary code execution flaw https://bugzilla.redhat.com/show_bug.cgi?id=503580
Bugzilla 503583 Bug #503583 - CVE-2009-1841 Firefox JavaScript arbitrary code execution https://bugzilla.redhat.com/show_bug.cgi?id=503583
Bugzilla 503570 Bug #503570 - CVE-2009-1833 Firefox JavaScript engine crashes https://bugzilla.redhat.com/show_bug.cgi?id=503570
Bugzilla 503581 Bug #503581 - CVE-2009-1839 Firefox information disclosure flaw https://bugzilla.redhat.com/show_bug.cgi?id=503581
Bugzilla 503573 Bug #503573 - CVE-2009-1834 Firefox URL spoofing with invalid unicode characters https://bugzilla.redhat.com/show_bug.cgi?id=503573
Bugzilla 503582 Bug #503582 - CVE-2009-1840 Firefox XUL scripts skip some security checks https://bugzilla.redhat.com/show_bug.cgi?id=503582
Bugzilla 503569 Bug #503569 - CVE-2009-1832 Firefox double frame construction flaw https://bugzilla.redhat.com/show_bug.cgi?id=503569
Bugzilla 503579 Bug #503579 - CVE-2009-1837 Firefox Race condition while accessing the private data of a NPObject JS wrapper class object https://bugzilla.redhat.com/show_bug.cgi?id=503579
Bugzilla 503576 Bug #503576 - CVE-2009-1835 Firefox Arbitrary domain cookie access by local file: resources https://bugzilla.redhat.com/show_bug.cgi?id=503576
Bugzilla 503578 Bug #503578 - CVE-2009-1836 Firefox SSL tampering via non-200 responses to proxy CONNECT requests https://bugzilla.redhat.com/show_bug.cgi?id=503578
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/fedora/yelp?distro=fedora-10 fedora yelp < 2.24.0.10.fc10 fedora-10
Affected pkg:rpm/fedora/xulrunner?distro=fedora-10 fedora xulrunner < 1.9.0.11.1.fc10 fedora-10
Affected pkg:rpm/fedora/ruby-gnome2?distro=fedora-10 fedora ruby-gnome2 < 0.18.1.5.fc10.3 fedora-10
Affected pkg:rpm/fedora/perl-Gtk2-MozEmbed?distro=fedora-10 fedora perl-Gtk2-MozEmbed < 0.08.6.fc10.2 fedora-10
Affected pkg:rpm/fedora/pcmanx-gtk2?distro=fedora-10 fedora pcmanx-gtk2 < 0.3.8.10.fc10 fedora-10
Affected pkg:rpm/fedora/mugshot?distro=fedora-10 fedora mugshot < 1.2.2.10.fc10 fedora-10
Affected pkg:rpm/fedora/mozvoikko?distro=fedora-10 fedora mozvoikko < 0.9.5.11.fc10 fedora-10
Affected pkg:rpm/fedora/Miro?distro=fedora-10 fedora Miro < 2.0.3.5.fc10 fedora-10
Affected pkg:rpm/fedora/kazehakase?distro=fedora-10 fedora kazehakase < 0.5.6.4.fc10.3 fedora-10
Affected pkg:rpm/fedora/google-gadgets?distro=fedora-10 fedora google-gadgets < 0.10.5.7.fc10 fedora-10
Affected pkg:rpm/fedora/gnome-web-photo?distro=fedora-10 fedora gnome-web-photo < 0.3.19.fc10 fedora-10
Affected pkg:rpm/fedora/gnome-python2-extras?distro=fedora-10 fedora gnome-python2-extras < 2.19.1.31.fc10 fedora-10
Affected pkg:rpm/fedora/gecko-sharp2?distro=fedora-10 fedora gecko-sharp2 < 0.13.9.fc10 fedora-10
Affected pkg:rpm/fedora/galeon?distro=fedora-10 fedora galeon < 2.0.7.11.fc10 fedora-10
Affected pkg:rpm/fedora/firefox?distro=fedora-10 fedora firefox < 3.0.11.1.fc10 fedora-10
Affected pkg:rpm/fedora/epiphany?distro=fedora-10 fedora epiphany < 2.24.3.7.fc10 fedora-10
Affected pkg:rpm/fedora/epiphany-extensions?distro=fedora-10 fedora epiphany-extensions < 2.24.3.2.fc10 fedora-10
Affected pkg:rpm/fedora/devhelp?distro=fedora-10 fedora devhelp < 0.22.9.fc10 fedora-10
Affected pkg:rpm/fedora/blam?distro=fedora-10 fedora blam < 1.8.5.11.fc10 fedora-10
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date