What Are You Looking For?

Sign Up
--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2009-1399
2009-02-06 04:16:47
--------------------------------------------------------------------------------Name        : firefox
Product     : Fedora 9
Version     : 3.0.6
Release     : 1.fc9
URL         : Summary     : Mozilla Firefox Web browser
Description :
Mozilla Firefox is an open-source web browser, designed for standards
compliance, performance and portability.

--------------------------------------------------------------------------------Update Information:

Update to the new upstream Firefox 3.0.6 / XULRunner 1.9.0.6 fixing multiple
security issues:  https://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.6    This update also contains new
builds of all applications depending on Gecko libraries, built against the new
version.    Note: after the updated packages are installed, Firefox must be
restarted for the update to take effect.
--------------------------------------------------------------------------------ChangeLog:

* Wed Feb  4 2009 Christopher Aillon  - 3.0.6-1
- Update to 3.0.6
* Wed Jan  7 2009 Jan Horak  - 3.0.5-2
- Fixed wrong LANG and LC_MESSAGES variables interpretation (#441973) 
  in startup script.
* Tue Dec 16 2008 Christopher Aillon  3.0.5-1
- Update to 3.0.5
* Thu Nov 13 2008 Jan Horak  3.0.4-2
- Removed firefox-2.0-getstartpage.patch patch 
- Start page is set by different way
* Wed Nov 12 2008 Christopher Aillon  3.0.4-1
- Update to 3.0.4
* Tue Sep 23 2008 Christopher Aillon  3.0.2-1
- Update to 3.0.2
* Wed Jul 16 2008 Christopher Aillon  3.0.1-1
- Update to 3.0.1
* Tue Jun 17 2008 Christopher Aillon  3.0-1
- Firefox 3 Final
* Thu May  8 2008 Colin Walters  3.0-0.61
- Rebuild to pick up new xulrunner (bug #445543)
--------------------------------------------------------------------------------References:

  [ 1 ] Bug #483141 - CVE-2009-0353 Firefox javascript crashes with evidence of memory corruption
        https://bugzilla.redhat.com/show_bug.cgi?id=483141
  [ 2 ] Bug #483143 - CVE-2009-0355 Firefox local file stealing with SessionStore
        https://bugzilla.redhat.com/show_bug.cgi?id=483143
  [ 3 ] Bug #483145 - CVE-2009-0357 Firefox XMLHttpRequest allows reading HTTPOnly cookies
        https://bugzilla.redhat.com/show_bug.cgi?id=483145
  [ 4 ] Bug #483139 - CVE-2009-0352 Firefox layout crashes with evidence of memory corruption
        https://bugzilla.redhat.com/show_bug.cgi?id=483139
  [ 5 ] Bug #483142 - CVE-2009-0354 Firefox XSS using a chrome XBL method and window.eval
        https://bugzilla.redhat.com/show_bug.cgi?id=483142
  [ 6 ] Bug #483144 - CVE-2009-0356 Firefox Chrome privilege escalation via local .desktop files
        https://bugzilla.redhat.com/show_bug.cgi?id=483144
  [ 7 ] Bug #483150 - CVE-2009-0358 Firefox directives to not cache pages ignored
        https://bugzilla.redhat.com/show_bug.cgi?id=483150
--------------------------------------------------------------------------------This update can be installed with the "yum" update program.  Use 
su -c 'yum update firefox' at the command line.
For more information, refer to "Managing Software with yum",
available at .

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-package-announce

Fedora 9 Update: firefox-3.0.6-1.fc9

February 6, 2009
Update to the new upstream Firefox 3.0.6 / XULRunner 1.9.0.6 fixing multiple security issues.

Summary

Mozilla Firefox is an open-source web browser, designed for standards

compliance, performance and portability.

Update to the new upstream Firefox 3.0.6 / XULRunner 1.9.0.6 fixing multiple

security issues: https://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.6 This update also contains new

builds of all applications depending on Gecko libraries, built against the new

version. Note: after the updated packages are installed, Firefox must be

restarted for the update to take effect.

* Wed Feb 4 2009 Christopher Aillon - 3.0.6-1

- Update to 3.0.6

* Wed Jan 7 2009 Jan Horak - 3.0.5-2

- Fixed wrong LANG and LC_MESSAGES variables interpretation (#441973)

in startup script.

* Tue Dec 16 2008 Christopher Aillon 3.0.5-1

- Update to 3.0.5

* Thu Nov 13 2008 Jan Horak 3.0.4-2

- Removed firefox-2.0-getstartpage.patch patch

- Start page is set by different way

* Wed Nov 12 2008 Christopher Aillon 3.0.4-1

- Update to 3.0.4

* Tue Sep 23 2008 Christopher Aillon 3.0.2-1

- Update to 3.0.2

* Wed Jul 16 2008 Christopher Aillon 3.0.1-1

- Update to 3.0.1

* Tue Jun 17 2008 Christopher Aillon 3.0-1

- Firefox 3 Final

* Thu May 8 2008 Colin Walters 3.0-0.61

- Rebuild to pick up new xulrunner (bug #445543)

[ 1 ] Bug #483141 - CVE-2009-0353 Firefox javascript crashes with evidence of memory corruption

https://bugzilla.redhat.com/show_bug.cgi?id=483141

[ 2 ] Bug #483143 - CVE-2009-0355 Firefox local file stealing with SessionStore

https://bugzilla.redhat.com/show_bug.cgi?id=483143

[ 3 ] Bug #483145 - CVE-2009-0357 Firefox XMLHttpRequest allows reading HTTPOnly cookies

https://bugzilla.redhat.com/show_bug.cgi?id=483145

[ 4 ] Bug #483139 - CVE-2009-0352 Firefox layout crashes with evidence of memory corruption

https://bugzilla.redhat.com/show_bug.cgi?id=483139

[ 5 ] Bug #483142 - CVE-2009-0354 Firefox XSS using a chrome XBL method and window.eval

https://bugzilla.redhat.com/show_bug.cgi?id=483142

[ 6 ] Bug #483144 - CVE-2009-0356 Firefox Chrome privilege escalation via local .desktop files

https://bugzilla.redhat.com/show_bug.cgi?id=483144

[ 7 ] Bug #483150 - CVE-2009-0358 Firefox directives to not cache pages ignored

https://bugzilla.redhat.com/show_bug.cgi?id=483150

su -c 'yum update firefox' at the command line.

For more information, refer to "Managing Software with yum",

available at .

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/keys

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

https://www.redhat.com/mailman/listinfo/fedora-package-announce

FEDORA-2009-1399 2009-02-06 04:16:47 Product : Fedora 9 Version : 3.0.6 Release : 1.fc9 URL : Summary : Mozilla Firefox Web browser Description : Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Update to the new upstream Firefox 3.0.6 / XULRunner 1.9.0.6 fixing multiple security issues: https://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.6 This update also contains new builds of all applications depending on Gecko libraries, built against the new version. Note: after the updated packages are installed, Firefox must be restarted for the update to take effect. * Wed Feb 4 2009 Christopher Aillon - 3.0.6-1 - Update to 3.0.6 * Wed Jan 7 2009 Jan Horak - 3.0.5-2 - Fixed wrong LANG and LC_MESSAGES variables interpretation (#441973) in startup script. * Tue Dec 16 2008 Christopher Aillon 3.0.5-1 - Update to 3.0.5 * Thu Nov 13 2008 Jan Horak 3.0.4-2 - Removed firefox-2.0-getstartpage.patch patch - Start page is set by different way * Wed Nov 12 2008 Christopher Aillon 3.0.4-1 - Update to 3.0.4 * Tue Sep 23 2008 Christopher Aillon 3.0.2-1 - Update to 3.0.2 * Wed Jul 16 2008 Christopher Aillon 3.0.1-1 - Update to 3.0.1 * Tue Jun 17 2008 Christopher Aillon 3.0-1 - Firefox 3 Final * Thu May 8 2008 Colin Walters 3.0-0.61 - Rebuild to pick up new xulrunner (bug #445543) [ 1 ] Bug #483141 - CVE-2009-0353 Firefox javascript crashes with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=483141 [ 2 ] Bug #483143 - CVE-2009-0355 Firefox local file stealing with SessionStore https://bugzilla.redhat.com/show_bug.cgi?id=483143 [ 3 ] Bug #483145 - CVE-2009-0357 Firefox XMLHttpRequest allows reading HTTPOnly cookies https://bugzilla.redhat.com/show_bug.cgi?id=483145 [ 4 ] Bug #483139 - CVE-2009-0352 Firefox layout crashes with evidence of memory corruption https://bugzilla.redhat.com/show_bug.cgi?id=483139 [ 5 ] Bug #483142 - CVE-2009-0354 Firefox XSS using a chrome XBL method and window.eval https://bugzilla.redhat.com/show_bug.cgi?id=483142 [ 6 ] Bug #483144 - CVE-2009-0356 Firefox Chrome privilege escalation via local .desktop files https://bugzilla.redhat.com/show_bug.cgi?id=483144 [ 7 ] Bug #483150 - CVE-2009-0358 Firefox directives to not cache pages ignored https://bugzilla.redhat.com/show_bug.cgi?id=483150 su -c 'yum update firefox' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys Fedora-package-announce mailing list Fedora-package-announce@redhat.com https://www.redhat.com/mailman/listinfo/fedora-package-announce

Change Log

References

Update Instructions

Severity
Product : Fedora 9
Version : 3.0.6
Release : 1.fc9
URL : Summary : Mozilla Firefox Web browser

Related News

Kubernetes Security on AWS: A Practical Guide

Nov 18, 2023

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

Nov 25, 2023

Nitrux 3.2.0 Linux Distro Released with Enhanced Security and New Features

Nov 28, 2023

Severe Firefox, Thunderbird Bugs Could Lead to System Takeover

Dec 2, 2023

News

Advisories

HOWTOs

Features

Using Open Source to Ensure Compliance & Data Integrity through Data Governance
Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024

About Us

Powered By

Footer Logo