[ELSA-2013-1268] firefox security update

Severity Critical

Affected Packages 6

CVEs 8

firefox
[17.0.9-1.0.1.el6_4]
- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat ones

[17.0.9-1]
- Update to 17.0.9 ESR

[17.0.8-4]
- Added fix for mozbz#601442 - Support the extensions.getAddons.showPane
pref again in the Add-ons Manager UI, a part of rhbz#818636 fix.

[17.0.8-3]
- Fixed rhbz#818636 - Firefox allows install of addons,
disregarding xpinstall.enabled flag set as false.

[17.0.8-2]
- Updated manual page

xulrunner
[17.0.9-1.0.1.el6_4]
- Replaced xulrunner-redhat-default-prefs.js with xulrunner-oracle-default-prefs.js
- Removed XULRUNNER_VERSION from SOURCE21

[17.0.9-1]
- Update to 17.0.9 ESR

[17.0.8-5]
- Fixed mozbz#633001 - Cannot open ipv6 address with self-signed certificate

[17.0.8-4]
- Fixed rhbz#818636 - Firefox allows install of addons,
disregarding xpinstall.enabled flag set as false.

Package	Affected Version
pkg:rpm/oraclelinux/xulrunner?distro=oraclelinux-6.4	< 17.0.9-1.0.1.el6_4
pkg:rpm/oraclelinux/xulrunner?distro=oraclelinux-5.9	< 17.0.9-1.0.1.el5_9
pkg:rpm/oraclelinux/xulrunner-devel?distro=oraclelinux-6.4	< 17.0.9-1.0.1.el6_4
pkg:rpm/oraclelinux/xulrunner-devel?distro=oraclelinux-5.9	< 17.0.9-1.0.1.el5_9
pkg:rpm/oraclelinux/firefox?distro=oraclelinux-6.4	< 17.0.9-1.0.1.el6_4
pkg:rpm/oraclelinux/firefox?distro=oraclelinux-5.9	< 17.0.9-1.0.1.el5_9

ID

ELSA-2013-1268

Severity

critical

URL

https://linux.oracle.com/errata/ELSA-2013-1268.html

Published

2013-09-17T00:00:00
(11 years ago)

Modified

2013-09-17T00:00:00
(11 years ago)

Rights

Other Advisories

Source	# ID	URL
elsa	ELSA-2013-1268	http://linux.oracle.com/errata/ELSA-2013-1268.html
CVE	CVE-2013-1718	http://linux.oracle.com/cve/CVE-2013-1718
CVE	CVE-2013-1722	http://linux.oracle.com/cve/CVE-2013-1722
CVE	CVE-2013-1725	http://linux.oracle.com/cve/CVE-2013-1725
CVE	CVE-2013-1730	http://linux.oracle.com/cve/CVE-2013-1730
CVE	CVE-2013-1732	http://linux.oracle.com/cve/CVE-2013-1732
CVE	CVE-2013-1735	http://linux.oracle.com/cve/CVE-2013-1735
CVE	CVE-2013-1736	http://linux.oracle.com/cve/CVE-2013-1736
CVE	CVE-2013-1737	http://linux.oracle.com/cve/CVE-2013-1737

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform
Affected	pkg:rpm/oraclelinux/xulrunner?distro=oraclelinux-6.4	oraclelinux	xulrunner	< 17.0.9-1.0.1.el6_4	oraclelinux-6.4
Affected	pkg:rpm/oraclelinux/xulrunner?distro=oraclelinux-5.9	oraclelinux	xulrunner	< 17.0.9-1.0.1.el5_9	oraclelinux-5.9
Affected	pkg:rpm/oraclelinux/xulrunner-devel?distro=oraclelinux-6.4	oraclelinux	xulrunner-devel	< 17.0.9-1.0.1.el6_4	oraclelinux-6.4
Affected	pkg:rpm/oraclelinux/xulrunner-devel?distro=oraclelinux-5.9	oraclelinux	xulrunner-devel	< 17.0.9-1.0.1.el5_9	oraclelinux-5.9
Affected	pkg:rpm/oraclelinux/firefox?distro=oraclelinux-6.4	oraclelinux	firefox	< 17.0.9-1.0.1.el6_4	oraclelinux-6.4
Affected	pkg:rpm/oraclelinux/firefox?distro=oraclelinux-5.9	oraclelinux	firefox	< 17.0.9-1.0.1.el5_9	oraclelinux-5.9

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date