[FEDORA-2010-18773] Fedora 14: firefox, perl-Gtk2-MozEmbed, gnome-web-photo, galeon, mozvoikko & 2 more
Severity
High
Affected Packages
7
CVEs
12
Update to new upstream Firefox version 3.6.13, fixing multiple security issues detailed in the upstream advisories:
http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.13
Update also includes all packages depending on gecko-libs rebuilt against new version of Firefox / XULRunner.
Package | Affected Version |
---|---|
pkg:rpm/fedora/xulrunner?distro=fedora-14 | < 1.9.2.13.1.fc14 |
pkg:rpm/fedora/perl-Gtk2-MozEmbed?distro=fedora-14 | < 0.08.6.fc14.22 |
pkg:rpm/fedora/mozvoikko?distro=fedora-14 | < 1.0.17.fc14.1 |
pkg:rpm/fedora/gnome-web-photo?distro=fedora-14 | < 0.9.16.fc14.1 |
pkg:rpm/fedora/gnome-python2-extras?distro=fedora-14 | < 2.25.3.26.fc14.1 |
pkg:rpm/fedora/galeon?distro=fedora-14 | < 2.0.7.36.fc14.1 |
pkg:rpm/fedora/firefox?distro=fedora-14 | < 3.6.13.1.fc14 |
- ID
- FEDORA-2010-18773
- Severity
- high
- Severity from
- CVE-2010-3766
- URL
- https://bodhi.fedoraproject.org/updates/FEDORA-2010-18773
- Published
-
2010-12-10T20:27:49
(13 years ago) - Modified
-
2010-12-10T20:27:49
(13 years ago) - Rights
- Copyright 2010 Red Hat, Inc.
- Other Advisories
Source | # ID | Name | URL |
---|---|---|---|
Bugzilla | 660415 | Bug #660415 - CVE-2010-3777 Mozilla miscellaneous memory safety hazards (MFSA 2010-74) | https://bugzilla.redhat.com/show_bug.cgi?id=660415 |
Bugzilla | 660431 | Bug #660431 - CVE-2010-3767 Mozilla integer overflow vulnerability in NewIdArray (MFSA 2010-81) | https://bugzilla.redhat.com/show_bug.cgi?id=660431 |
Bugzilla | 660429 | Bug #660429 - CVE-2010-3766 Mozilla use-after-free error with nsDOMAttribute MutationObserver (MFSA 2010-80) | https://bugzilla.redhat.com/show_bug.cgi?id=660429 |
Bugzilla | 660438 | Bug #660438 - CVE-2010-3774 Mozilla location bar SSL spoofing using network error page (MFSA 2010-83) | https://bugzilla.redhat.com/show_bug.cgi?id=660438 |
Bugzilla | 660420 | Bug #660420 - CVE-2010-3768 Mozilla add support for OTS font sanitizer (MFSA 2010-78) | https://bugzilla.redhat.com/show_bug.cgi?id=660420 |
Bugzilla | 660408 | Bug #660408 - CVE-2010-3776 Mozilla miscellaneous memory safety hazards (MFSA 2010-74) | https://bugzilla.redhat.com/show_bug.cgi?id=660408 |
Bugzilla | 660439 | Bug #660439 - CVE-2010-3770 Mozilla XSS hazard in multiple character encodings (MFSA 2010-84) | https://bugzilla.redhat.com/show_bug.cgi?id=660439 |
Bugzilla | 660417 | Bug #660417 - CVE-2010-3771 Mozilla Chrome privilege escalation with window.open and <isindex> element (MFSA 2010-76) | https://bugzilla.redhat.com/show_bug.cgi?id=660417 |
Bugzilla | 660435 | Bug #660435 - CVE-2010-3773 Mozilla incomplete fix for CVE-2010-0179 (MFSA 2010-82) | https://bugzilla.redhat.com/show_bug.cgi?id=660435 |
Bugzilla | 660419 | Bug #660419 - CVE-2010-3772 Mozilla crash and remote code execution using HTML tags inside a XUL tree (MFSA 2010-77) | https://bugzilla.redhat.com/show_bug.cgi?id=660419 |
Bugzilla | 660422 | Bug #660422 - CVE-2010-3775 Mozilla Java security bypass from LiveConnect loaded via data: URL meta refresh (MFSA 2010-79) | https://bugzilla.redhat.com/show_bug.cgi?id=660422 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/fedora/xulrunner?distro=fedora-14 | fedora | xulrunner | < 1.9.2.13.1.fc14 | fedora-14 | ||
Affected | pkg:rpm/fedora/perl-Gtk2-MozEmbed?distro=fedora-14 | fedora | perl-Gtk2-MozEmbed | < 0.08.6.fc14.22 | fedora-14 | ||
Affected | pkg:rpm/fedora/mozvoikko?distro=fedora-14 | fedora | mozvoikko | < 1.0.17.fc14.1 | fedora-14 | ||
Affected | pkg:rpm/fedora/gnome-web-photo?distro=fedora-14 | fedora | gnome-web-photo | < 0.9.16.fc14.1 | fedora-14 | ||
Affected | pkg:rpm/fedora/gnome-python2-extras?distro=fedora-14 | fedora | gnome-python2-extras | < 2.25.3.26.fc14.1 | fedora-14 | ||
Affected | pkg:rpm/fedora/galeon?distro=fedora-14 | fedora | galeon | < 2.0.7.36.fc14.1 | fedora-14 | ||
Affected | pkg:rpm/fedora/firefox?distro=fedora-14 | fedora | firefox | < 3.6.13.1.fc14 | fedora-14 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |