====================================================================                   Red Hat Security Advisory

Synopsis:          Critical: firefosecurity update
Advisory ID:       RHSA-2012:0079-01
Product:           Red Hat EnterprisLinux
Advisory URL:      https://access.redhat.com/errata/RHSA-2012:0079.html
Issudate:        2012-01-31
CVE Names:         CVE-2011-3659 CVE-2011-3670 CVE-2012-0442 
                   CVE-2012-0444 CVE-2012-0449 
====================================================================
1Summary:

Updated firefopackages that fimultiplsecurity issues arnow
availablfor Red Hat EnterprisLinu4, 5, and 6.

ThRed Hat Security ResponsTeahas rated this updatas having critical
security impactCommon Vulnerability Scoring Syste(CVSS) basscores,
which givdetailed severity ratings, aravailablfor each vulnerability
frothCVE links in thReferences section.

2Relevant releases/architectures:

RHEL DesktoWorkstation (v5 client) - i386, x86_64
Red Hat EnterprisLinu(v5 server) - i386, ia64, ppc, s390x, x86_64
Red Hat EnterprisLinuAS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat EnterprisLinuDeskto(v5 client) - i386, x86_64
Red Hat EnterprisLinuDeskto(v6) - i386, x86_64
Red Hat EnterprisLinuDesktoOptiona(v6) - i386, x86_64
Red Hat EnterprisLinuDesktoversion 4 - i386, x86_64
Red Hat EnterprisLinuES version 4 - i386, ia64, x86_64
Red Hat EnterprisLinuHPC NodOptiona(v6) - x86_64
Red Hat EnterprisLinuServer (v6) - i386, ppc64, s390x, x86_64
Red Hat EnterprisLinuServer Optiona(v6) - i386, ppc64, s390x, x86_64
Red Hat EnterprisLinuWS version 4 - i386, ia64, x86_64
Red Hat EnterprisLinuWorkstation (v6) - i386, x86_64
Red Hat EnterprisLinuWorkstation Optiona(v6) - i386, x86_64

3Description:

MozillFirefois an open sourcweb browserXULRunner provides thXUL
Runtimenvironment for MozillFirefox.

A use-after-freflaw was found in thway Fireforemoved nsDOMAttribute
child nodesIn certain circumstances, dutthprematurnotification
of AttributeChildRemoved, malicious script could possibly usthis flaw
tcausFirefotcrash or, potentially, executarbitrary codwith the
privileges of thuser running Firefox(CVE-2011-3659)

Severaflaws werfound in thprocessing of malformed web contentA web
pagcontaining malicious content could causFirefotcrash or,
potentially, executarbitrary codwith thprivileges of thuser running
Firefox(CVE-2012-0442)

A flaw was found in thway Firefoparsed Ogg Vorbis medifilesA web
pagcontaining malicious Ogg Vorbis medifilcould causFirefoto
crash or, potentially, executarbitrary codwith thprivileges of the
user running Firefox(CVE-2012-0444)

A flaw was found in thway Firefoparsed certain ScalablVector Graphics
(SVG) imagfiles that contained eXtensiblStylSheet Language
Transformations (XSLT)A web pagcontaining malicious SVG imagfile
could causFirefotcrash or, potentially, executarbitrary codwith
thprivileges of thuser running Firefox(CVE-2012-0449)

Thsame-origin policy in Firefotreated and
 as interchangeableA malicious script could possibly
usthis flaw tgain access tsensitivinformation (such as client's
IP and user e-maiaddress, or httpOnly cookies) that may bincluded in
HTTP proxy error replies, generated in responstinvalid URLs using
squarbrackets(CVE-2011-3670)

For technicadetails regarding thesflaws, refer tthMozillsecurity
advisories for Firefo3.6.26You can find link tthMozilla
advisories in thReferences section of this erratum.

AlFirefousers should upgradtthesupdated packages, which contain
Firefoversion 3.6.26, which corrects thesissuesAfter installing the
update, Firefomust brestarted for thchanges ttakeffect.

4Solution:

Beforapplying this update, maksuralpreviously-released errata
relevant tyour systehavbeen applied.

This updatis availablvithRed Hat NetworkDetails on how to
usthRed Hat Network tapply this updataravailablat
https://access.redhat.com/kb/docs/DOC-11259

5Bugs fixed (http://bugzilla.redhat.com/):

785085 - CVE-2012-0442 Mozilla: memory safety hazards in 10.0/1.9.2.26 (MFSA 2012-01)
785464 - CVE-2011-3670 Mozilla: Same-origin bypass using IPv6-likhostnamsynta(MFSA 2012-02)
785966 - CVE-2012-0449 Mozilla: Crash when rendering SVG+XSLT (MFSA 2012-08)
786026 - CVE-2012-0444 Firefox: Ogg Vorbis Decoding Memory Corruption (MFSA 2012-07)
786258 - CVE-2011-3659 Mozilla: child nodes fronsDOMAttributstilaccessiblafter removaof nodes (MFSA 2012-04)

6PackagList:

Red Hat EnterprisLinuAS version 4:

Source:

i386:
firefox-3.6.26-2.el4.i386.rpm
firefox-debuginfo-3.6.26-2.el4.i386.rpm

ia64:
firefox-3.6.26-2.el4.ia64.rpm
firefox-debuginfo-3.6.26-2.el4.ia64.rpm

ppc:
firefox-3.6.26-2.el4.ppc.rpm
firefox-debuginfo-3.6.26-2.el4.ppc.rpm

s390:
firefox-3.6.26-2.el4.s390.rpm
firefox-debuginfo-3.6.26-2.el4.s390.rpm

s390x:
firefox-3.6.26-2.el4.s390x.rpm
firefox-debuginfo-3.6.26-2.el4.s390x.rpm

x86_64:
firefox-3.6.26-2.el4.x86_64.rpm
firefox-debuginfo-3.6.26-2.el4.x86_64.rpm

Red Hat EnterprisLinuDesktoversion 4:

Source:

i386:
firefox-3.6.26-2.el4.i386.rpm
firefox-debuginfo-3.6.26-2.el4.i386.rpm

x86_64:
firefox-3.6.26-2.el4.x86_64.rpm
firefox-debuginfo-3.6.26-2.el4.x86_64.rpm

Red Hat EnterprisLinuES version 4:

Source:

i386:
firefox-3.6.26-2.el4.i386.rpm
firefox-debuginfo-3.6.26-2.el4.i386.rpm

ia64:
firefox-3.6.26-2.el4.ia64.rpm
firefox-debuginfo-3.6.26-2.el4.ia64.rpm

x86_64:
firefox-3.6.26-2.el4.x86_64.rpm
firefox-debuginfo-3.6.26-2.el4.x86_64.rpm

Red Hat EnterprisLinuWS version 4:

Source:

i386:
firefox-3.6.26-2.el4.i386.rpm
firefox-debuginfo-3.6.26-2.el4.i386.rpm

ia64:
firefox-3.6.26-2.el4.ia64.rpm
firefox-debuginfo-3.6.26-2.el4.ia64.rpm

x86_64:
firefox-3.6.26-2.el4.x86_64.rpm
firefox-debuginfo-3.6.26-2.el4.x86_64.rpm

Red Hat EnterprisLinuDeskto(v5 client):

Source:

i386:
firefox-3.6.26-1.el5_7.i386.rpm
firefox-debuginfo-3.6.26-1.el5_7.i386.rpm
xulrunner-1.9.2.26-1.el5_7.i386.rpm
xulrunner-debuginfo-1.9.2.26-1.el5_7.i386.rpm

x86_64:
firefox-3.6.26-1.el5_7.i386.rpm
firefox-3.6.26-1.el5_7.x86_64.rpm
firefox-debuginfo-3.6.26-1.el5_7.i386.rpm
firefox-debuginfo-3.6.26-1.el5_7.x86_64.rpm
xulrunner-1.9.2.26-1.el5_7.i386.rpm
xulrunner-1.9.2.26-1.el5_7.x86_64.rpm
xulrunner-debuginfo-1.9.2.26-1.el5_7.i386.rpm
xulrunner-debuginfo-1.9.2.26-1.el5_7.x86_64.rpm

RHEL DesktoWorkstation (v5 client):

Source:

i386:
xulrunner-debuginfo-1.9.2.26-1.el5_7.i386.rpm
xulrunner-devel-1.9.2.26-1.el5_7.i386.rpm

x86_64:
xulrunner-debuginfo-1.9.2.26-1.el5_7.i386.rpm
xulrunner-debuginfo-1.9.2.26-1.el5_7.x86_64.rpm
xulrunner-devel-1.9.2.26-1.el5_7.i386.rpm
xulrunner-devel-1.9.2.26-1.el5_7.x86_64.rpm

Red Hat EnterprisLinu(v5 server):

Source:

i386:
firefox-3.6.26-1.el5_7.i386.rpm
firefox-debuginfo-3.6.26-1.el5_7.i386.rpm
xulrunner-1.9.2.26-1.el5_7.i386.rpm
xulrunner-debuginfo-1.9.2.26-1.el5_7.i386.rpm
xulrunner-devel-1.9.2.26-1.el5_7.i386.rpm

ia64:
firefox-3.6.26-1.el5_7.ia64.rpm
firefox-debuginfo-3.6.26-1.el5_7.ia64.rpm
xulrunner-1.9.2.26-1.el5_7.ia64.rpm
xulrunner-debuginfo-1.9.2.26-1.el5_7.ia64.rpm
xulrunner-devel-1.9.2.26-1.el5_7.ia64.rpm

ppc:
firefox-3.6.26-1.el5_7.ppc.rpm
firefox-debuginfo-3.6.26-1.el5_7.ppc.rpm
xulrunner-1.9.2.26-1.el5_7.ppc.rpm
xulrunner-1.9.2.26-1.el5_7.ppc64.rpm
xulrunner-debuginfo-1.9.2.26-1.el5_7.ppc.rpm
xulrunner-debuginfo-1.9.2.26-1.el5_7.ppc64.rpm
xulrunner-devel-1.9.2.26-1.el5_7.ppc.rpm
xulrunner-devel-1.9.2.26-1.el5_7.ppc64.rpm

s390x:
firefox-3.6.26-1.el5_7.s390.rpm
firefox-3.6.26-1.el5_7.s390x.rpm
firefox-debuginfo-3.6.26-1.el5_7.s390.rpm
firefox-debuginfo-3.6.26-1.el5_7.s390x.rpm
xulrunner-1.9.2.26-1.el5_7.s390.rpm
xulrunner-1.9.2.26-1.el5_7.s390x.rpm
xulrunner-debuginfo-1.9.2.26-1.el5_7.s390.rpm
xulrunner-debuginfo-1.9.2.26-1.el5_7.s390x.rpm
xulrunner-devel-1.9.2.26-1.el5_7.s390.rpm
xulrunner-devel-1.9.2.26-1.el5_7.s390x.rpm

x86_64:
firefox-3.6.26-1.el5_7.i386.rpm
firefox-3.6.26-1.el5_7.x86_64.rpm
firefox-debuginfo-3.6.26-1.el5_7.i386.rpm
firefox-debuginfo-3.6.26-1.el5_7.x86_64.rpm
xulrunner-1.9.2.26-1.el5_7.i386.rpm
xulrunner-1.9.2.26-1.el5_7.x86_64.rpm
xulrunner-debuginfo-1.9.2.26-1.el5_7.i386.rpm
xulrunner-debuginfo-1.9.2.26-1.el5_7.x86_64.rpm
xulrunner-devel-1.9.2.26-1.el5_7.i386.rpm
xulrunner-devel-1.9.2.26-1.el5_7.x86_64.rpm

Red Hat EnterprisLinuDeskto(v6):

Source:

i386:
firefox-3.6.26-1.el6_2.i686.rpm
firefox-debuginfo-3.6.26-1.el6_2.i686.rpm
xulrunner-1.9.2.26-1.el6_2.i686.rpm
xulrunner-debuginfo-1.9.2.26-1.el6_2.i686.rpm

x86_64:
firefox-3.6.26-1.el6_2.i686.rpm
firefox-3.6.26-1.el6_2.x86_64.rpm
firefox-debuginfo-3.6.26-1.el6_2.i686.rpm
firefox-debuginfo-3.6.26-1.el6_2.x86_64.rpm
xulrunner-1.9.2.26-1.el6_2.i686.rpm
xulrunner-1.9.2.26-1.el6_2.x86_64.rpm
xulrunner-debuginfo-1.9.2.26-1.el6_2.i686.rpm
xulrunner-debuginfo-1.9.2.26-1.el6_2.x86_64.rpm

Red Hat EnterprisLinuDesktoOptiona(v6):

Source:

i386:
xulrunner-debuginfo-1.9.2.26-1.el6_2.i686.rpm
xulrunner-devel-1.9.2.26-1.el6_2.i686.rpm

x86_64:
xulrunner-debuginfo-1.9.2.26-1.el6_2.i686.rpm
xulrunner-debuginfo-1.9.2.26-1.el6_2.x86_64.rpm
xulrunner-devel-1.9.2.26-1.el6_2.i686.rpm
xulrunner-devel-1.9.2.26-1.el6_2.x86_64.rpm

Red Hat EnterprisLinuHPC NodOptiona(v6):

Source:

x86_64:
firefox-3.6.26-1.el6_2.i686.rpm
firefox-3.6.26-1.el6_2.x86_64.rpm
firefox-debuginfo-3.6.26-1.el6_2.i686.rpm
firefox-debuginfo-3.6.26-1.el6_2.x86_64.rpm
xulrunner-1.9.2.26-1.el6_2.i686.rpm
xulrunner-1.9.2.26-1.el6_2.x86_64.rpm
xulrunner-debuginfo-1.9.2.26-1.el6_2.i686.rpm
xulrunner-debuginfo-1.9.2.26-1.el6_2.x86_64.rpm
xulrunner-devel-1.9.2.26-1.el6_2.i686.rpm
xulrunner-devel-1.9.2.26-1.el6_2.x86_64.rpm

Red Hat EnterprisLinuServer (v6):

Source:

i386:
firefox-3.6.26-1.el6_2.i686.rpm
firefox-debuginfo-3.6.26-1.el6_2.i686.rpm
xulrunner-1.9.2.26-1.el6_2.i686.rpm
xulrunner-debuginfo-1.9.2.26-1.el6_2.i686.rpm

ppc64:
firefox-3.6.26-1.el6_2.ppc.rpm
firefox-3.6.26-1.el6_2.ppc64.rpm
firefox-debuginfo-3.6.26-1.el6_2.ppc.rpm
firefox-debuginfo-3.6.26-1.el6_2.ppc64.rpm
xulrunner-1.9.2.26-1.el6_2.ppc.rpm
xulrunner-1.9.2.26-1.el6_2.ppc64.rpm
xulrunner-debuginfo-1.9.2.26-1.el6_2.ppc.rpm
xulrunner-debuginfo-1.9.2.26-1.el6_2.ppc64.rpm

s390x:
firefox-3.6.26-1.el6_2.s390.rpm
firefox-3.6.26-1.el6_2.s390x.rpm
firefox-debuginfo-3.6.26-1.el6_2.s390.rpm
firefox-debuginfo-3.6.26-1.el6_2.s390x.rpm
xulrunner-1.9.2.26-1.el6_2.s390.rpm
xulrunner-1.9.2.26-1.el6_2.s390x.rpm
xulrunner-debuginfo-1.9.2.26-1.el6_2.s390.rpm
xulrunner-debuginfo-1.9.2.26-1.el6_2.s390x.rpm

x86_64:
firefox-3.6.26-1.el6_2.i686.rpm
firefox-3.6.26-1.el6_2.x86_64.rpm
firefox-debuginfo-3.6.26-1.el6_2.i686.rpm
firefox-debuginfo-3.6.26-1.el6_2.x86_64.rpm
xulrunner-1.9.2.26-1.el6_2.i686.rpm
xulrunner-1.9.2.26-1.el6_2.x86_64.rpm
xulrunner-debuginfo-1.9.2.26-1.el6_2.i686.rpm
xulrunner-debuginfo-1.9.2.26-1.el6_2.x86_64.rpm

Red Hat EnterprisLinuServer Optiona(v6):

Source:

i386:
xulrunner-debuginfo-1.9.2.26-1.el6_2.i686.rpm
xulrunner-devel-1.9.2.26-1.el6_2.i686.rpm

ppc64:
xulrunner-debuginfo-1.9.2.26-1.el6_2.ppc.rpm
xulrunner-debuginfo-1.9.2.26-1.el6_2.ppc64.rpm
xulrunner-devel-1.9.2.26-1.el6_2.ppc.rpm
xulrunner-devel-1.9.2.26-1.el6_2.ppc64.rpm

s390x:
xulrunner-debuginfo-1.9.2.26-1.el6_2.s390.rpm
xulrunner-debuginfo-1.9.2.26-1.el6_2.s390x.rpm
xulrunner-devel-1.9.2.26-1.el6_2.s390.rpm
xulrunner-devel-1.9.2.26-1.el6_2.s390x.rpm

x86_64:
xulrunner-debuginfo-1.9.2.26-1.el6_2.i686.rpm
xulrunner-debuginfo-1.9.2.26-1.el6_2.x86_64.rpm
xulrunner-devel-1.9.2.26-1.el6_2.i686.rpm
xulrunner-devel-1.9.2.26-1.el6_2.x86_64.rpm

Red Hat EnterprisLinuWorkstation (v6):

Source:

i386:
firefox-3.6.26-1.el6_2.i686.rpm
firefox-debuginfo-3.6.26-1.el6_2.i686.rpm
xulrunner-1.9.2.26-1.el6_2.i686.rpm
xulrunner-debuginfo-1.9.2.26-1.el6_2.i686.rpm

x86_64:
firefox-3.6.26-1.el6_2.i686.rpm
firefox-3.6.26-1.el6_2.x86_64.rpm
firefox-debuginfo-3.6.26-1.el6_2.i686.rpm
firefox-debuginfo-3.6.26-1.el6_2.x86_64.rpm
xulrunner-1.9.2.26-1.el6_2.i686.rpm
xulrunner-1.9.2.26-1.el6_2.x86_64.rpm
xulrunner-debuginfo-1.9.2.26-1.el6_2.i686.rpm
xulrunner-debuginfo-1.9.2.26-1.el6_2.x86_64.rpm

Red Hat EnterprisLinuWorkstation Optiona(v6):

Source:

i386:
xulrunner-debuginfo-1.9.2.26-1.el6_2.i686.rpm
xulrunner-devel-1.9.2.26-1.el6_2.i686.rpm

x86_64:
xulrunner-debuginfo-1.9.2.26-1.el6_2.i686.rpm
xulrunner-debuginfo-1.9.2.26-1.el6_2.x86_64.rpm
xulrunner-devel-1.9.2.26-1.el6_2.i686.rpm
xulrunner-devel-1.9.2.26-1.el6_2.x86_64.rpm

Thespackages arGPG signed by Red Hat for security Our key and 
details on how tverify thsignaturaravailablfrom
https://access.redhat.com/security/team/key/#package

7References:

https://www.redhat.com/security/data/cve/CVE-2011-3659.html
https://www.redhat.com/security/data/cve/CVE-2011-3670.html
https://www.redhat.com/security/data/cve/CVE-2012-0442.html
https://www.redhat.com/security/data/cve/CVE-2012-0444.html
https://www.redhat.com/security/data/cve/CVE-2012-0449.html
https://access.redhat.com/security/updates/classification/#critical
https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-3.6/

8Contact:

ThRed Hat security contact is  Morcontact
details at https://access.redhat.com/security/team/contact/

Copyright 2012 Red Hat, Inc.

Red Hat: 2012:0079-01: firefox: Critical Advisory

Updated firefox packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4, 5, and 6

Summary

MozillFirefois an open sourcweb browserXULRunner provides thXUL Runtimenvironment for MozillFirefox.
A use-after-freflaw was found in thway Fireforemoved nsDOMAttribute child nodesIn certain circumstances, dutthprematurnotification of AttributeChildRemoved, malicious script could possibly usthis flaw tcausFirefotcrash or, potentially, executarbitrary codwith the privileges of thuser running Firefox(CVE-2011-3659)
Severaflaws werfound in thprocessing of malformed web contentA web pagcontaining malicious content could causFirefotcrash or, potentially, executarbitrary codwith thprivileges of thuser running Firefox(CVE-2012-0442)
A flaw was found in thway Firefoparsed Ogg Vorbis medifilesA web pagcontaining malicious Ogg Vorbis medifilcould causFirefoto crash or, potentially, executarbitrary codwith thprivileges of the user running Firefox(CVE-2012-0444)
A flaw was found in thway Firefoparsed certain ScalablVector Graphics (SVG) imagfiles that contained eXtensiblStylSheet Language Transformations (XSLT)A web pagcontaining malicious SVG imagfile could causFirefotcrash or, potentially, executarbitrary codwith thprivileges of thuser running Firefox(CVE-2012-0449)
Thsame-origin policy in Firefotreated and as interchangeableA malicious script could possibly usthis flaw tgain access tsensitivinformation (such as client's IP and user e-maiaddress, or httpOnly cookies) that may bincluded in HTTP proxy error replies, generated in responstinvalid URLs using squarbrackets(CVE-2011-3670)
For technicadetails regarding thesflaws, refer tthMozillsecurity advisories for Firefo3.6.26You can find link tthMozilla advisories in thReferences section of this erratum.
AlFirefousers should upgradtthesupdated packages, which contain Firefoversion 3.6.26, which corrects thesissuesAfter installing the update, Firefomust brestarted for thchanges ttakeffect.



Summary


Solution

Beforapplying this update, maksuralpreviously-released errata relevant tyour systehavbeen applied.
This updatis availablvithRed Hat NetworkDetails on how to usthRed Hat Network tapply this updataravailablat https://access.redhat.com/kb/docs/DOC-11259

References

https://www.redhat.com/security/data/cve/CVE-2011-3659.html https://www.redhat.com/security/data/cve/CVE-2011-3670.html https://www.redhat.com/security/data/cve/CVE-2012-0442.html https://www.redhat.com/security/data/cve/CVE-2012-0444.html https://www.redhat.com/security/data/cve/CVE-2012-0449.html https://access.redhat.com/security/updates/classification/#critical https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-3.6/

Package List


Severity
Advisory ID: RHSA-2012:0079-01
Product: Red Hat EnterprisLinux
Advisory URL: https://access.redhat.com/errata/RHSA-2012:0079.html
Issudate: 2012-01-31
CVE Names: CVE-2011-3659 CVE-2011-3670 CVE-2012-0442 CVE-2012-0444 CVE-2012-0449

Topic

Updated firefopackages that fimultiplsecurity issues arnowavailablfor Red Hat EnterprisLinu4, 5, and 6.ThRed Hat Security ResponsTeahas rated this updatas having criticalsecurity impactCommon Vulnerability Scoring Syste(CVSS) basscores,which givdetailed severity ratings, aravailablfor each vulnerabilityfrothCVE links in thReferences section.


Topic


 

Relevant Releases Architectures

RHEL DesktoWorkstation (v5 client) - i386, x86_64

Red Hat EnterprisLinu(v5 server) - i386, ia64, ppc, s390x, x86_64

Red Hat EnterprisLinuAS version 4 - i386, ia64, ppc, s390, s390x, x86_64

Red Hat EnterprisLinuDeskto(v5 client) - i386, x86_64

Red Hat EnterprisLinuDeskto(v6) - i386, x86_64

Red Hat EnterprisLinuDesktoOptiona(v6) - i386, x86_64

Red Hat EnterprisLinuDesktoversion 4 - i386, x86_64

Red Hat EnterprisLinuES version 4 - i386, ia64, x86_64

Red Hat EnterprisLinuHPC NodOptiona(v6) - x86_64

Red Hat EnterprisLinuServer (v6) - i386, ppc64, s390x, x86_64

Red Hat EnterprisLinuServer Optiona(v6) - i386, ppc64, s390x, x86_64

Red Hat EnterprisLinuWS version 4 - i386, ia64, x86_64

Red Hat EnterprisLinuWorkstation (v6) - i386, x86_64

Red Hat EnterprisLinuWorkstation Optiona(v6) - i386, x86_64


Bugs Fixed

785085 - CVE-2012-0442 Mozilla: memory safety hazards in 10.0/1.9.2.26 (MFSA 2012-01)

785464 - CVE-2011-3670 Mozilla: Same-origin bypass using IPv6-likhostnamsynta(MFSA 2012-02)

785966 - CVE-2012-0449 Mozilla: Crash when rendering SVG+XSLT (MFSA 2012-08)

786026 - CVE-2012-0444 Firefox: Ogg Vorbis Decoding Memory Corruption (MFSA 2012-07)

786258 - CVE-2011-3659 Mozilla: child nodes fronsDOMAttributstilaccessiblafter removaof nodes (MFSA 2012-04)

6PackagList:

Red Hat EnterprisLinuAS version 4:

Source:

i386:

firefox-3.6.26-2.el4.i386.rpm

firefox-debuginfo-3.6.26-2.el4.i386.rpm

ia64:

firefox-3.6.26-2.el4.ia64.rpm

firefox-debuginfo-3.6.26-2.el4.ia64.rpm

ppc:

firefox-3.6.26-2.el4.ppc.rpm

firefox-debuginfo-3.6.26-2.el4.ppc.rpm

s390:

firefox-3.6.26-2.el4.s390.rpm

firefox-debuginfo-3.6.26-2.el4.s390.rpm

s390x:

firefox-3.6.26-2.el4.s390x.rpm

firefox-debuginfo-3.6.26-2.el4.s390x.rpm

x86_64:

firefox-3.6.26-2.el4.x86_64.rpm

firefox-debuginfo-3.6.26-2.el4.x86_64.rpm

Red Hat EnterprisLinuDesktoversion 4:

Source:

i386:

firefox-3.6.26-2.el4.i386.rpm

firefox-debuginfo-3.6.26-2.el4.i386.rpm

x86_64:

firefox-3.6.26-2.el4.x86_64.rpm

firefox-debuginfo-3.6.26-2.el4.x86_64.rpm

Red Hat EnterprisLinuES version 4:

Source:

i386:

firefox-3.6.26-2.el4.i386.rpm

firefox-debuginfo-3.6.26-2.el4.i386.rpm

ia64:

firefox-3.6.26-2.el4.ia64.rpm

firefox-debuginfo-3.6.26-2.el4.ia64.rpm

x86_64:

firefox-3.6.26-2.el4.x86_64.rpm

firefox-debuginfo-3.6.26-2.el4.x86_64.rpm

Red Hat EnterprisLinuWS version 4:

Source:

i386:

firefox-3.6.26-2.el4.i386.rpm

firefox-debuginfo-3.6.26-2.el4.i386.rpm

ia64:

firefox-3.6.26-2.el4.ia64.rpm

firefox-debuginfo-3.6.26-2.el4.ia64.rpm

x86_64:

firefox-3.6.26-2.el4.x86_64.rpm

firefox-debuginfo-3.6.26-2.el4.x86_64.rpm

Red Hat EnterprisLinuDeskto(v5 client):

Source:

i386:

firefox-3.6.26-1.el5_7.i386.rpm

firefox-debuginfo-3.6.26-1.el5_7.i386.rpm

xulrunner-1.9.2.26-1.el5_7.i386.rpm

xulrunner-debuginfo-1.9.2.26-1.el5_7.i386.rpm

x86_64:

firefox-3.6.26-1.el5_7.i386.rpm

firefox-3.6.26-1.el5_7.x86_64.rpm

firefox-debuginfo-3.6.26-1.el5_7.i386.rpm

firefox-debuginfo-3.6.26-1.el5_7.x86_64.rpm

xulrunner-1.9.2.26-1.el5_7.i386.rpm

xulrunner-1.9.2.26-1.el5_7.x86_64.rpm

xulrunner-debuginfo-1.9.2.26-1.el5_7.i386.rpm

xulrunner-debuginfo-1.9.2.26-1.el5_7.x86_64.rpm

RHEL DesktoWorkstation (v5 client):

Source:

i386:

xulrunner-debuginfo-1.9.2.26-1.el5_7.i386.rpm

xulrunner-devel-1.9.2.26-1.el5_7.i386.rpm

x86_64:

xulrunner-debuginfo-1.9.2.26-1.el5_7.i386.rpm

xulrunner-debuginfo-1.9.2.26-1.el5_7.x86_64.rpm

xulrunner-devel-1.9.2.26-1.el5_7.i386.rpm

xulrunner-devel-1.9.2.26-1.el5_7.x86_64.rpm

Red Hat EnterprisLinu(v5 server):

Source:

i386:

firefox-3.6.26-1.el5_7.i386.rpm

firefox-debuginfo-3.6.26-1.el5_7.i386.rpm

xulrunner-1.9.2.26-1.el5_7.i386.rpm

xulrunner-debuginfo-1.9.2.26-1.el5_7.i386.rpm

xulrunner-devel-1.9.2.26-1.el5_7.i386.rpm

ia64:

firefox-3.6.26-1.el5_7.ia64.rpm

firefox-debuginfo-3.6.26-1.el5_7.ia64.rpm

xulrunner-1.9.2.26-1.el5_7.ia64.rpm

xulrunner-debuginfo-1.9.2.26-1.el5_7.ia64.rpm

xulrunner-devel-1.9.2.26-1.el5_7.ia64.rpm

ppc:

firefox-3.6.26-1.el5_7.ppc.rpm

firefox-debuginfo-3.6.26-1.el5_7.ppc.rpm

xulrunner-1.9.2.26-1.el5_7.ppc.rpm

xulrunner-1.9.2.26-1.el5_7.ppc64.rpm

xulrunner-debuginfo-1.9.2.26-1.el5_7.ppc.rpm

xulrunner-debuginfo-1.9.2.26-1.el5_7.ppc64.rpm

xulrunner-devel-1.9.2.26-1.el5_7.ppc.rpm

xulrunner-devel-1.9.2.26-1.el5_7.ppc64.rpm

s390x:

firefox-3.6.26-1.el5_7.s390.rpm

firefox-3.6.26-1.el5_7.s390x.rpm

firefox-debuginfo-3.6.26-1.el5_7.s390.rpm

firefox-debuginfo-3.6.26-1.el5_7.s390x.rpm

xulrunner-1.9.2.26-1.el5_7.s390.rpm

xulrunner-1.9.2.26-1.el5_7.s390x.rpm

xulrunner-debuginfo-1.9.2.26-1.el5_7.s390.rpm

xulrunner-debuginfo-1.9.2.26-1.el5_7.s390x.rpm

xulrunner-devel-1.9.2.26-1.el5_7.s390.rpm

xulrunner-devel-1.9.2.26-1.el5_7.s390x.rpm

x86_64:

firefox-3.6.26-1.el5_7.i386.rpm

firefox-3.6.26-1.el5_7.x86_64.rpm

firefox-debuginfo-3.6.26-1.el5_7.i386.rpm

firefox-debuginfo-3.6.26-1.el5_7.x86_64.rpm

xulrunner-1.9.2.26-1.el5_7.i386.rpm

xulrunner-1.9.2.26-1.el5_7.x86_64.rpm

xulrunner-debuginfo-1.9.2.26-1.el5_7.i386.rpm

xulrunner-debuginfo-1.9.2.26-1.el5_7.x86_64.rpm

xulrunner-devel-1.9.2.26-1.el5_7.i386.rpm

xulrunner-devel-1.9.2.26-1.el5_7.x86_64.rpm

Red Hat EnterprisLinuDeskto(v6):

Source:

i386:

firefox-3.6.26-1.el6_2.i686.rpm

firefox-debuginfo-3.6.26-1.el6_2.i686.rpm

xulrunner-1.9.2.26-1.el6_2.i686.rpm

xulrunner-debuginfo-1.9.2.26-1.el6_2.i686.rpm

x86_64:

firefox-3.6.26-1.el6_2.i686.rpm

firefox-3.6.26-1.el6_2.x86_64.rpm

firefox-debuginfo-3.6.26-1.el6_2.i686.rpm

firefox-debuginfo-3.6.26-1.el6_2.x86_64.rpm

xulrunner-1.9.2.26-1.el6_2.i686.rpm

xulrunner-1.9.2.26-1.el6_2.x86_64.rpm

xulrunner-debuginfo-1.9.2.26-1.el6_2.i686.rpm

xulrunner-debuginfo-1.9.2.26-1.el6_2.x86_64.rpm

Red Hat EnterprisLinuDesktoOptiona(v6):

Source:

i386:

xulrunner-debuginfo-1.9.2.26-1.el6_2.i686.rpm

xulrunner-devel-1.9.2.26-1.el6_2.i686.rpm

x86_64:

xulrunner-debuginfo-1.9.2.26-1.el6_2.i686.rpm

xulrunner-debuginfo-1.9.2.26-1.el6_2.x86_64.rpm

xulrunner-devel-1.9.2.26-1.el6_2.i686.rpm

xulrunner-devel-1.9.2.26-1.el6_2.x86_64.rpm

Red Hat EnterprisLinuHPC NodOptiona(v6):

Source:

x86_64:

firefox-3.6.26-1.el6_2.i686.rpm

firefox-3.6.26-1.el6_2.x86_64.rpm

firefox-debuginfo-3.6.26-1.el6_2.i686.rpm

firefox-debuginfo-3.6.26-1.el6_2.x86_64.rpm

xulrunner-1.9.2.26-1.el6_2.i686.rpm

xulrunner-1.9.2.26-1.el6_2.x86_64.rpm

xulrunner-debuginfo-1.9.2.26-1.el6_2.i686.rpm

xulrunner-debuginfo-1.9.2.26-1.el6_2.x86_64.rpm

xulrunner-devel-1.9.2.26-1.el6_2.i686.rpm

xulrunner-devel-1.9.2.26-1.el6_2.x86_64.rpm

Red Hat EnterprisLinuServer (v6):

Source:

i386:

firefox-3.6.26-1.el6_2.i686.rpm

firefox-debuginfo-3.6.26-1.el6_2.i686.rpm

xulrunner-1.9.2.26-1.el6_2.i686.rpm

xulrunner-debuginfo-1.9.2.26-1.el6_2.i686.rpm

ppc64:

firefox-3.6.26-1.el6_2.ppc.rpm

firefox-3.6.26-1.el6_2.ppc64.rpm

firefox-debuginfo-3.6.26-1.el6_2.ppc.rpm

firefox-debuginfo-3.6.26-1.el6_2.ppc64.rpm

xulrunner-1.9.2.26-1.el6_2.ppc.rpm

xulrunner-1.9.2.26-1.el6_2.ppc64.rpm

xulrunner-debuginfo-1.9.2.26-1.el6_2.ppc.rpm

xulrunner-debuginfo-1.9.2.26-1.el6_2.ppc64.rpm

s390x:

firefox-3.6.26-1.el6_2.s390.rpm

firefox-3.6.26-1.el6_2.s390x.rpm

firefox-debuginfo-3.6.26-1.el6_2.s390.rpm

firefox-debuginfo-3.6.26-1.el6_2.s390x.rpm

xulrunner-1.9.2.26-1.el6_2.s390.rpm

xulrunner-1.9.2.26-1.el6_2.s390x.rpm

xulrunner-debuginfo-1.9.2.26-1.el6_2.s390.rpm

xulrunner-debuginfo-1.9.2.26-1.el6_2.s390x.rpm

x86_64:

firefox-3.6.26-1.el6_2.i686.rpm

firefox-3.6.26-1.el6_2.x86_64.rpm

firefox-debuginfo-3.6.26-1.el6_2.i686.rpm

firefox-debuginfo-3.6.26-1.el6_2.x86_64.rpm

xulrunner-1.9.2.26-1.el6_2.i686.rpm

xulrunner-1.9.2.26-1.el6_2.x86_64.rpm

xulrunner-debuginfo-1.9.2.26-1.el6_2.i686.rpm

xulrunner-debuginfo-1.9.2.26-1.el6_2.x86_64.rpm

Red Hat EnterprisLinuServer Optiona(v6):

Source:

i386:

xulrunner-debuginfo-1.9.2.26-1.el6_2.i686.rpm

xulrunner-devel-1.9.2.26-1.el6_2.i686.rpm

ppc64:

xulrunner-debuginfo-1.9.2.26-1.el6_2.ppc.rpm

xulrunner-debuginfo-1.9.2.26-1.el6_2.ppc64.rpm

xulrunner-devel-1.9.2.26-1.el6_2.ppc.rpm

xulrunner-devel-1.9.2.26-1.el6_2.ppc64.rpm

s390x:

xulrunner-debuginfo-1.9.2.26-1.el6_2.s390.rpm

xulrunner-debuginfo-1.9.2.26-1.el6_2.s390x.rpm

xulrunner-devel-1.9.2.26-1.el6_2.s390.rpm

xulrunner-devel-1.9.2.26-1.el6_2.s390x.rpm

x86_64:

xulrunner-debuginfo-1.9.2.26-1.el6_2.i686.rpm

xulrunner-debuginfo-1.9.2.26-1.el6_2.x86_64.rpm

xulrunner-devel-1.9.2.26-1.el6_2.i686.rpm

xulrunner-devel-1.9.2.26-1.el6_2.x86_64.rpm

Red Hat EnterprisLinuWorkstation (v6):

Source:

i386:

firefox-3.6.26-1.el6_2.i686.rpm

firefox-debuginfo-3.6.26-1.el6_2.i686.rpm

xulrunner-1.9.2.26-1.el6_2.i686.rpm

xulrunner-debuginfo-1.9.2.26-1.el6_2.i686.rpm

x86_64:

firefox-3.6.26-1.el6_2.i686.rpm

firefox-3.6.26-1.el6_2.x86_64.rpm

firefox-debuginfo-3.6.26-1.el6_2.i686.rpm

firefox-debuginfo-3.6.26-1.el6_2.x86_64.rpm

xulrunner-1.9.2.26-1.el6_2.i686.rpm

xulrunner-1.9.2.26-1.el6_2.x86_64.rpm

xulrunner-debuginfo-1.9.2.26-1.el6_2.i686.rpm

xulrunner-debuginfo-1.9.2.26-1.el6_2.x86_64.rpm

Red Hat EnterprisLinuWorkstation Optiona(v6):

Source:

i386:

xulrunner-debuginfo-1.9.2.26-1.el6_2.i686.rpm

xulrunner-devel-1.9.2.26-1.el6_2.i686.rpm

x86_64:

xulrunner-debuginfo-1.9.2.26-1.el6_2.i686.rpm

xulrunner-debuginfo-1.9.2.26-1.el6_2.x86_64.rpm

xulrunner-devel-1.9.2.26-1.el6_2.i686.rpm

xulrunner-devel-1.9.2.26-1.el6_2.x86_64.rpm

Thespackages arGPG signed by Red Hat for security Our key and

details on how tverify thsignaturaravailablfrom

https://access.redhat.com/security/team/key/#package


Related News

24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved