Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora: FEDORA-2006-1199 Critical: Firefox Javascript Execution Flaws

fedora
Calendar Grey November 9, 2006
Dist Fedora Esm H88
Update Firefox to release 1.5.0.8 to address multiple vulnerabilities linked to Javascript bugs and avoid potential crashes.
Mozilla Firefox is an open source Web browser

Summary

Mozilla Firefox is an open-source web browser, designed for standards

compliance, performance and portability.

Mozilla Firefox is an open source Web browser.

Several flaws were found in the way Firefox processes

certain malformed Javascript code. A malicious web page

could cause the execution of Javascript code in such a way

that could cause Firefox to crash or execute arbitrary code

as the user running Firefox. (CVE-2006-5463, CVE-2006-5747,

CVE-2006-5748)

Several flaws were found in the way Firefox renders web

pages. A malicious web page could cause the browser to crash

or possibly execute arbitrary code as the user running

Firefox. (CVE-2006-5464)

Users of Firefox are advised to upgrade to this update,

which contains Firefox version 1.5.0.8 that corrects these

issues.

- Update to 1.5.0.8

- Fix up a few items in the download manager

- Use the bullet character for password fields.

- Add pango printing patch from Behdad.

* Wed Sep 13 2006 Christopher Aillon - 1.5.0.7-1

- Update to 1.5.0.7

- Bring in pango patches from rawhide to fix MathML and cursor positioning

* Tue Aug 8 2006 Jesse Keating - 1.5.0.6-2

- Use dist tag

- rebuild

* Thu Aug 3 2006 Kai Engert - 1.5.0.6-1.1.fc5

- Update to 1.5.0.6

* Thu Jul 27 2006 Christopher Aillon - 1.5.0.5-1.1.fc5

- Update to 1.5.0.5

* Wed Jun 14 2006 Kai Engert - 1.5.0.4-1.2.fc5

- Force "gmake -j1" on ppc ppc64 s390 s390x

* Mon Jun 12 2006 Kai Engert - 1.5.0.4-1.1.fc5

- Firefox 1.5.0.4

b8d3fca6c30bf410c74a4dca8cc85c6fcbf30e4a SRPMS/firefox-1.5.0.8-1.fc5.src.rpm

b8d3fca6c30bf410c74a4dca8cc85c6fcbf30e4a noarch/firefox-1.5.0.8-1.fc5.src.rpm

c26fe331a598955189ea3e452bacc4f044eb5c34 ppc/firefox-1.5.0.8-1.fc5.ppc.rpm

faa991ef07e67828f24306773c73181184cc1488 ppc/debug/firefox-debuginfo-1.5.0.8-1.fc5.ppc.rpm

74fc091227fa98163013d436982dbb4d02f8842c x86_64/debug/firefox-debuginfo-1.5.0.8-1.fc5.x86_64.rpm

669fdce7d244158cbe9c54edb0bd5ea61662144a x86_64/firefox-1.5.0.8-1.fc5.x86_64.rpm

0591cb8aa48870f4d3aa5606c2a2bd6d523df24a i386/debug/firefox-debuginfo-1.5.0.8-1.fc5.i386.rpm

9ddc8e80fcac191ee926c063c097117662ec5b7b i386/firefox-1.5.0.8-1.fc5.i386.rpm

This update can be installed with the 'yum' update program. Use 'yum update

package-name' at the command line. For more information, refer to 'Managing

Software with yum,' available at .

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Topics%20covered

Topics Covered

security advisory critical issue fedora firefox malicious code web browser

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Name: firefox
Version: 1.5.0.8
Release: 1.fc5
Summary: Mozilla Firefox Web browser.

Topics%20covered

Topics Covered

security advisory critical issue fedora firefox malicious code web browser

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here