[FEDORA-2010-10344] Fedora 12: firefox, mozvoikko, galeon, xulrunner, gnome-web-photo & 2 more
Severity
High
Affected Packages
7
CVEs
11
Update to new upstream Firefox version 3.5.10, fixing a security issue detailed
in the upstream advisory: http://www.mozilla.org/security/known-
vulnerabilities/firefox36.html#firefox3.5.10 Update also includes packages
depending on gecko-libs rebuilt against new version of Firefox / XULRunner.
CVE-2010-1121 CVE-2010-1200 CVE-2010-1201 CVE-2010-1202 CVE-2010-0183
CVE-2010-1198 CVE-2010-1196 CVE-2010-1199 CVE-2010-1125 CVE-2010-1197
CVE-2008-5913
Package | Affected Version |
---|---|
pkg:rpm/fedora/xulrunner?distro=fedora-12 | < 1.9.1.10.1.fc12 |
pkg:rpm/fedora/perl-Gtk2-MozEmbed?distro=fedora-12 | < 0.08.6.fc12.13 |
pkg:rpm/fedora/mozvoikko?distro=fedora-12 | < 1.0.10.fc12 |
pkg:rpm/fedora/gnome-web-photo?distro=fedora-12 | < 0.9.7.fc12 |
pkg:rpm/fedora/gnome-python2-extras?distro=fedora-12 | < 2.25.3.18.fc12 |
pkg:rpm/fedora/galeon?distro=fedora-12 | < 2.0.7.23.fc12 |
pkg:rpm/fedora/firefox?distro=fedora-12 | < 3.5.10.1.fc12 |
- ID
- FEDORA-2010-10344
- Severity
- high
- Severity from
- CVE-2010-1121
- URL
- https://bodhi.fedoraproject.org/updates/FEDORA-2010-10344
- Published
-
2010-06-24T16:26:47
(14 years ago) - Modified
-
2010-06-24T16:26:47
(14 years ago) - Rights
- Copyright 2010 Red Hat, Inc.
- Other Advisories
Source | # ID | Name | URL |
---|---|---|---|
Bugzilla | 590810 | Bug #590810 - CVE-2010-1202 Mozilla Crashes with evidence of memory corruption | https://bugzilla.redhat.com/show_bug.cgi?id=590810 |
Bugzilla | 590822 | Bug #590822 - CVE-2010-0183 Mozilla Use-after-free error in nsCycleCollector::MarkRoots() | https://bugzilla.redhat.com/show_bug.cgi?id=590822 |
Bugzilla | 480938 | Bug #480938 - CVE-2008-5913 mozilla: in-session phishing attack | https://bugzilla.redhat.com/show_bug.cgi?id=480938 |
Bugzilla | 590828 | Bug #590828 - CVE-2010-1198 Mozilla Freed object reuse across plugin instances | https://bugzilla.redhat.com/show_bug.cgi?id=590828 |
Bugzilla | 590804 | Bug #590804 - CVE-2010-1200 Mozilla Crashes with evidence of memory corruption | https://bugzilla.redhat.com/show_bug.cgi?id=590804 |
Bugzilla | 590850 | Bug #590850 - CVE-2010-1197 Mozilla Content-Disposition: attachment ignored if Content-Type: multipart also present | https://bugzilla.redhat.com/show_bug.cgi?id=590850 |
Bugzilla | 590830 | Bug #590830 - CVE-2010-1196 Mozilla Heap buffer overflow in nsGenericDOMDataNode::SetTextInternal | https://bugzilla.redhat.com/show_bug.cgi?id=590830 |
Bugzilla | 577584 | Bug #577584 - CVE-2010-1125 firefox: keystrokes sent to hidden frame rather than visible frame due to javascript flaw | https://bugzilla.redhat.com/show_bug.cgi?id=577584 |
Bugzilla | 590833 | Bug #590833 - CVE-2010-1199 Mozilla Integer Overflow in XSLT Node Sorting | https://bugzilla.redhat.com/show_bug.cgi?id=590833 |
Bugzilla | 577029 | Bug #577029 - CVE-2010-1121 firefox: arbitrary code execution via memory corruption | https://bugzilla.redhat.com/show_bug.cgi?id=577029 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/fedora/xulrunner?distro=fedora-12 | fedora | xulrunner | < 1.9.1.10.1.fc12 | fedora-12 | ||
Affected | pkg:rpm/fedora/perl-Gtk2-MozEmbed?distro=fedora-12 | fedora | perl-Gtk2-MozEmbed | < 0.08.6.fc12.13 | fedora-12 | ||
Affected | pkg:rpm/fedora/mozvoikko?distro=fedora-12 | fedora | mozvoikko | < 1.0.10.fc12 | fedora-12 | ||
Affected | pkg:rpm/fedora/gnome-web-photo?distro=fedora-12 | fedora | gnome-web-photo | < 0.9.7.fc12 | fedora-12 | ||
Affected | pkg:rpm/fedora/gnome-python2-extras?distro=fedora-12 | fedora | gnome-python2-extras | < 2.25.3.18.fc12 | fedora-12 | ||
Affected | pkg:rpm/fedora/galeon?distro=fedora-12 | fedora | galeon | < 2.0.7.23.fc12 | fedora-12 | ||
Affected | pkg:rpm/fedora/firefox?distro=fedora-12 | fedora | firefox | < 3.5.10.1.fc12 | fedora-12 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |