1. Home
  2. Security Advisories
  3. Fedora
  4. FEDORA-2010-16885

[FEDORA-2010-16885] Fedora 12: firefox, galeon, gnome-python2-extras, xulrunner, perl-Gtk2-MozEmbed & 2 more

Severity High
Affected Packages 7
CVEs 9
Info Packages References Vulnerabilities

Update to new upstream Firefox version 3.5.15, fixing multiple security issues detailed in the upstream advisories:

Update also includes packages depending on gecko-libs rebuilt against new version of Firefox / XULRunner.

Package Affected Version
pkg:rpm/fedora/xulrunner?distro=fedora-12 < 1.9.1.15.1.fc12
pkg:rpm/fedora/perl-Gtk2-MozEmbed?distro=fedora-12 < 0.08.6.fc12.17
pkg:rpm/fedora/mozvoikko?distro=fedora-12 < 1.0.14.fc12
pkg:rpm/fedora/gnome-web-photo?distro=fedora-12 < 0.9.11.fc12
pkg:rpm/fedora/gnome-python2-extras?distro=fedora-12 < 2.25.3.22.fc12
pkg:rpm/fedora/galeon?distro=fedora-12 < 2.0.7.27.fc12
pkg:rpm/fedora/firefox?distro=fedora-12 < 3.5.15.1.fc12
ID
FEDORA-2010-16885
Severity
high
Severity from
CVE-2010-3175
URL
https://bodhi.fedoraproject.org/updates/FEDORA-2010-16885
Published
2010-10-30T23:43:33
(14 years ago)
Modified
2010-10-30T23:43:33
(14 years ago)
Rights
Copyright 2010 Red Hat, Inc.
Other Advisories
Source # ID Name URL
Bugzilla 642277 Bug #642277 - CVE-2010-3179 Mozilla buffer overflow and memory corruption using document.write https://bugzilla.redhat.com/show_bug.cgi?id=642277
Bugzilla 642283 Bug #642283 - CVE-2010-3180 Mozilla use-after-free error in nsBarProp https://bugzilla.redhat.com/show_bug.cgi?id=642283
Bugzilla 642272 Bug #642272 - CVE-2010-3176 Mozilla miscellaneous memory safety hazards https://bugzilla.redhat.com/show_bug.cgi?id=642272
Bugzilla 642300 Bug #642300 - CVE-2010-3182 Mozilla unsafe library loading flaw https://bugzilla.redhat.com/show_bug.cgi?id=642300
Bugzilla 642290 Bug #642290 - CVE-2010-3177 Mozilla XSS in gopher parser when parsing hrefs https://bugzilla.redhat.com/show_bug.cgi?id=642290
Bugzilla 642286 Bug #642286 - CVE-2010-3183 Mozilla dangling pointer vulnerability in LookupGetterOrSetter https://bugzilla.redhat.com/show_bug.cgi?id=642286
Bugzilla 642294 Bug #642294 - CVE-2010-3178 Mozilla cross-site information disclosure via modal calls https://bugzilla.redhat.com/show_bug.cgi?id=642294
Bugzilla 642275 Bug #642275 - CVE-2010-3175 Mozilla miscellaneous memory safety hazards https://bugzilla.redhat.com/show_bug.cgi?id=642275
Bugzilla 646997 Bug #646997 - CVE-2010-3765 Firefox race condition flaw (MFSA 2010-73) https://bugzilla.redhat.com/show_bug.cgi?id=646997
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/fedora/xulrunner?distro=fedora-12 fedora xulrunner < 1.9.1.15.1.fc12 fedora-12
Affected pkg:rpm/fedora/perl-Gtk2-MozEmbed?distro=fedora-12 fedora perl-Gtk2-MozEmbed < 0.08.6.fc12.17 fedora-12
Affected pkg:rpm/fedora/mozvoikko?distro=fedora-12 fedora mozvoikko < 1.0.14.fc12 fedora-12
Affected pkg:rpm/fedora/gnome-web-photo?distro=fedora-12 fedora gnome-web-photo < 0.9.11.fc12 fedora-12
Affected pkg:rpm/fedora/gnome-python2-extras?distro=fedora-12 fedora gnome-python2-extras < 2.25.3.22.fc12 fedora-12
Affected pkg:rpm/fedora/galeon?distro=fedora-12 fedora galeon < 2.0.7.27.fc12 fedora-12
Affected pkg:rpm/fedora/firefox?distro=fedora-12 fedora firefox < 3.5.15.1.fc12 fedora-12
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date