[FEDORA-2009-6411] Fedora 9: firefox, epiphany-extensions, xulrunner, epiphany, blam & 15 more

Severity High

Affected Packages 20

CVEs 11

Update to new upstream Firefox version 3.0.11, fixing multiple security issues
detailed in the upstream advisories: http://www.mozilla.org/security/known-
vulnerabilities/firefox30.html#firefox3.0.11 Update also includes all
packages depending on gecko-libs rebuild against new version of Firefox /
XULRunner.

Package	Affected Version
pkg:rpm/fedora/yelp?distro=fedora-9	< 2.22.1.13.fc9
pkg:rpm/fedora/xulrunner?distro=fedora-9	< 1.9.0.11.1.fc9
pkg:rpm/fedora/totem?distro=fedora-9	< 2.23.2.17.fc9
pkg:rpm/fedora/ruby-gnome2?distro=fedora-9	< 0.17.0.10.fc9
pkg:rpm/fedora/mugshot?distro=fedora-9	< 1.2.2.10.fc9
pkg:rpm/fedora/mozvoikko?distro=fedora-9	< 0.9.5.11.fc9
pkg:rpm/fedora/Miro?distro=fedora-9	< 2.0.3.5.fc9
pkg:rpm/fedora/kazehakase?distro=fedora-9	< 0.5.6.4.fc9.3
pkg:rpm/fedora/gtkmozembedmm?distro=fedora-9	< 1.4.2.cvs20060817.30.fc9
pkg:rpm/fedora/google-gadgets?distro=fedora-9	< 0.10.5.7.fc9
pkg:rpm/fedora/gnome-web-photo?distro=fedora-9	< 0.3.22.fc9
pkg:rpm/fedora/gnome-python2-extras?distro=fedora-9	< 2.19.1.28.fc9
pkg:rpm/fedora/galeon?distro=fedora-9	< 2.0.7.11.fc9
pkg:rpm/fedora/firefox?distro=fedora-9	< 3.0.11.1.fc9
pkg:rpm/fedora/evolution-rss?distro=fedora-9	< 0.1.0.12.fc9
pkg:rpm/fedora/epiphany?distro=fedora-9	< 2.22.2.12.fc9
pkg:rpm/fedora/epiphany-extensions?distro=fedora-9	< 2.22.1.12.fc9
pkg:rpm/fedora/devhelp?distro=fedora-9	< 0.19.1.13.fc9
pkg:rpm/fedora/chmsee?distro=fedora-9	< 1.0.1.13.fc9
pkg:rpm/fedora/blam?distro=fedora-9	< 1.8.5.10.fc9.1

ID

FEDORA-2009-6411

Severity

high

Severity from

CVE-2009-1392

URL

https://bodhi.fedoraproject.org/updates/FEDORA-2009-6411

Published

2009-06-16T02:33:47
(15 years ago)

Modified

2009-06-16T02:33:47
(15 years ago)

Rights

Other Advisories

Source	# ID	Name	URL
Bugzilla	503570	Bug #503570 - CVE-2009-1833 Firefox JavaScript engine crashes	https://bugzilla.redhat.com/show_bug.cgi?id=503570
Bugzilla	503583	Bug #503583 - CVE-2009-1841 Firefox JavaScript arbitrary code execution	https://bugzilla.redhat.com/show_bug.cgi?id=503583
Bugzilla	503581	Bug #503581 - CVE-2009-1839 Firefox information disclosure flaw	https://bugzilla.redhat.com/show_bug.cgi?id=503581
Bugzilla	503580	Bug #503580 - CVE-2009-1838 Firefox arbitrary code execution flaw	https://bugzilla.redhat.com/show_bug.cgi?id=503580
Bugzilla	503568	Bug #503568 - CVE-2009-1392 Firefox browser engine crashes	https://bugzilla.redhat.com/show_bug.cgi?id=503568
Bugzilla	503578	Bug #503578 - CVE-2009-1836 Firefox SSL tampering via non-200 responses to proxy CONNECT requests	https://bugzilla.redhat.com/show_bug.cgi?id=503578
Bugzilla	503579	Bug #503579 - CVE-2009-1837 Firefox Race condition while accessing the private data of a NPObject JS wrapper class object	https://bugzilla.redhat.com/show_bug.cgi?id=503579
Bugzilla	503576	Bug #503576 - CVE-2009-1835 Firefox Arbitrary domain cookie access by local file: resources	https://bugzilla.redhat.com/show_bug.cgi?id=503576
Bugzilla	503582	Bug #503582 - CVE-2009-1840 Firefox XUL scripts skip some security checks	https://bugzilla.redhat.com/show_bug.cgi?id=503582
Bugzilla	503569	Bug #503569 - CVE-2009-1832 Firefox double frame construction flaw	https://bugzilla.redhat.com/show_bug.cgi?id=503569
Bugzilla	503573	Bug #503573 - CVE-2009-1834 Firefox URL spoofing with invalid unicode characters	https://bugzilla.redhat.com/show_bug.cgi?id=503573

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform
Affected	pkg:rpm/fedora/yelp?distro=fedora-9	fedora	yelp	< 2.22.1.13.fc9	fedora-9
Affected	pkg:rpm/fedora/xulrunner?distro=fedora-9	fedora	xulrunner	< 1.9.0.11.1.fc9	fedora-9
Affected	pkg:rpm/fedora/totem?distro=fedora-9	fedora	totem	< 2.23.2.17.fc9	fedora-9
Affected	pkg:rpm/fedora/ruby-gnome2?distro=fedora-9	fedora	ruby-gnome2	< 0.17.0.10.fc9	fedora-9
Affected	pkg:rpm/fedora/mugshot?distro=fedora-9	fedora	mugshot	< 1.2.2.10.fc9	fedora-9
Affected	pkg:rpm/fedora/mozvoikko?distro=fedora-9	fedora	mozvoikko	< 0.9.5.11.fc9	fedora-9
Affected	pkg:rpm/fedora/Miro?distro=fedora-9	fedora	Miro	< 2.0.3.5.fc9	fedora-9
Affected	pkg:rpm/fedora/kazehakase?distro=fedora-9	fedora	kazehakase	< 0.5.6.4.fc9.3	fedora-9
Affected	pkg:rpm/fedora/gtkmozembedmm?distro=fedora-9	fedora	gtkmozembedmm	< 1.4.2.cvs20060817.30.fc9	fedora-9
Affected	pkg:rpm/fedora/google-gadgets?distro=fedora-9	fedora	google-gadgets	< 0.10.5.7.fc9	fedora-9
Affected	pkg:rpm/fedora/gnome-web-photo?distro=fedora-9	fedora	gnome-web-photo	< 0.3.22.fc9	fedora-9
Affected	pkg:rpm/fedora/gnome-python2-extras?distro=fedora-9	fedora	gnome-python2-extras	< 2.19.1.28.fc9	fedora-9
Affected	pkg:rpm/fedora/galeon?distro=fedora-9	fedora	galeon	< 2.0.7.11.fc9	fedora-9
Affected	pkg:rpm/fedora/firefox?distro=fedora-9	fedora	firefox	< 3.0.11.1.fc9	fedora-9
Affected	pkg:rpm/fedora/evolution-rss?distro=fedora-9	fedora	evolution-rss	< 0.1.0.12.fc9	fedora-9
Affected	pkg:rpm/fedora/epiphany?distro=fedora-9	fedora	epiphany	< 2.22.2.12.fc9	fedora-9
Affected	pkg:rpm/fedora/epiphany-extensions?distro=fedora-9	fedora	epiphany-extensions	< 2.22.1.12.fc9	fedora-9
Affected	pkg:rpm/fedora/devhelp?distro=fedora-9	fedora	devhelp	< 0.19.1.13.fc9	fedora-9
Affected	pkg:rpm/fedora/chmsee?distro=fedora-9	fedora	chmsee	< 1.0.1.13.fc9	fedora-9
Affected	pkg:rpm/fedora/blam?distro=fedora-9	fedora	blam	< 1.8.5.10.fc9.1	fedora-9

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date