Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora: 2009-6411 Moderate: Kazehakase Browser Security Fixes

fedora
Calendar Grey June 15, 2009
Dist Fedora Esm H88
A new release of Fedora 9 includes an updated version of Kazehakase, now enhanced for compatibility with Firefox 3.0.11, which incorporates various security improvements and bug corrections.
Update to new upstream Firefox version 3.0.11, fixing multiple security issues detailed in the upstream advisories: https://www.mozilla.org/en-US/security/known-vulnerabilities...

Summary

Kazehakase is a Web browser which aims to provide

a user interface that is truly user-friendly & fully customizable.

This package uses Gecko for HTML rendering engine.

Update Information:

Update to new upstream Firefox version 3.0.11, fixing multiple security issues detailed in the upstream advisories: https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-3.0/ Update also includes all packages depending on gecko-libs rebuild against new version of Firefox / XULRunner.

Topics%20covered

Topics Covered

security advisory Fedora browser fix Firefox update gecko rendering

Change Log

* Thu Jun 11 2009 Christopher Aillon - 0.5.6-4.3 - Rebuild against newer gecko * Mon Apr 27 2009 Christopher Aillon - 0.5.6-4.2 - Rebuild against newer gecko * Tue Apr 21 2009 Christopher Aillon - 0.5.6-4.1 - Rebuild against newer gecko * Fri Apr 17 2009 Mamoru Tasaka - 0.5.6-4 - Prevent crash even if no modules are installed (related to bug 444569) - Embed Vendor version information * Sun Apr 12 2009 Mamoru Tasaka - 0.5.6-3 - Fix crash when kazehakase-webkit only is installed (bug 444569) - Fix Group tag (bug 486452) * Fri Mar 27 2009 Christopher Aillon - 0.5.6-1.5 - Rebuild against newer gecko * Fri Mar 6 2009 Jan Horak - 0.5.6-1.4 - Rebuild against newer gecko * Wed Feb 4 2009 Christopher Aillon - 0.5.6-1.3 - Rebuild against newer gecko * Wed Dec 17 2008 Christopher Aillon - 0.5.6-1.2 - Rebuild against newer gecko * Wed Nov 12 2008 Christopher Aillon - 0.5.6-1.1 - Rebuild against newer gecko * Fri Oct 31 2008 Mamoru Tasaka - 0.5.6-1 - 0.5.6 - -UGTK_DISABLE_DEPRECATED hack removed (hack introduced in upstream) * Wed Sep 24 2008 Christopher Aillon - Rebuild against newer gecko (F-9/8) * Tue Aug 5 2008 Mamoru Tasaka - Try rev. 3509 * Wed Jul 30 2008 Mamoru Tasaka - 0.5.5-1 - 0.5.5 * Sat Jul 19 2008 Mamoru Tasaka - 0.5.4-7.svn3506_trunk - F-9+: relax gecko libs dependency (as GRE_GetGREPathWithProperties properly finds out GRE) - F-10+: add -UGTK_DISABLE_DEPRECATED temporarily * Tue Jul 15 2008 Christopher Aillon - Rebuild against newer gecko (F-8) * Wed Jul 2 2008 Christopher Aillon - Rebuild against newer gecko (F-8) * Sat Jun 28 2008 Mamoru Tasaka - 0.5.4-6.svn3506_trunk - Try rev 3506 - Workaround for bug 447444 (xulrunner vs hunspell conflict) (F-9+) * Wed Jun 25 2008 Mamoru Tasaka - 0.5.4-5 - Apply xulrunner related patches from debian by Mike Hommey (debian bug 480796, rh bug 402641) This time kazehakase actually works with xulrunner!

References


[ 1 ] Bug #503568 - CVE-2009-1392 Firefox browser engine crashes https://bugzilla.redhat.com/show_bug.cgi?id=503568 [ 2 ] Bug #503569 - CVE-2009-1832 Firefox double frame construction flaw https://bugzilla.redhat.com/show_bug.cgi?id=503569 [ 3 ] Bug #503570 - CVE-2009-1833 Firefox JavaScript engine crashes https://bugzilla.redhat.com/show_bug.cgi?id=503570 [ 4 ] Bug #503573 - CVE-2009-1834 Firefox URL spoofing with invalid unicode characters https://bugzilla.redhat.com/show_bug.cgi?id=503573 [ 5 ] Bug #503576 - CVE-2009-1835 Firefox Arbitrary domain cookie access by local file: resources https://bugzilla.redhat.com/show_bug.cgi?id=503576 [ 6 ] Bug #503578 - CVE-2009-1836 Firefox SSL tampering via non-200 responses to proxy CONNECT requests https://bugzilla.redhat.com/show_bug.cgi?id=503578 [ 7 ] Bug #503579 - CVE-2009-1837 Firefox Race condition while accessing the private data of a NPObject JS wrapper class object ...

Read the Full Advisory

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update kazehakase' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
important
Lowest
Low
Medium
High
Critical

Name: kazehakase
Product: Fedora 9
Version: 0.5.6
Release: 4.fc9.3
URL: Summary : Kazehakase browser using Gecko rendering engine

Topics%20covered

Topics Covered

security advisory Fedora browser fix Firefox update gecko rendering

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here