- ---------------------------------------------------------------------                   Red Hat Security Advisory

Synopsis:          Critical: firefox security update
Advisory ID:       RHSA-2007:0097-02
Advisory URL:      https://access.redhat.com/errata/RHSA-2007:0097.html
Issue date:        2007-03-14
Updated on:        2007-03-14
Product:           Red Hat Enterprise Linux
CVE Names:         CVE-2006-6077 CVE-2007-0008 CVE-2007-0009 
                   CVE-2007-0775 CVE-2007-0777 CVE-2007-0778 
                   CVE-2007-0779 CVE-2007-0780 CVE-2007-0800 
                   CVE-2007-0981 CVE-2007-0994 CVE-2007-0995 
                   CVE-2007-0996 
- ---------------------------------------------------------------------1. Summary:

Updated firefox packages that fix several security bugs are now available
for Red Hat Enterprise Linux 5.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64

3. Problem description:

Mozilla Firefox is an open source Web browser.

Flaws were found in the way Firefox executed malformed JavaScript code. A
malicious web page could cause Firefox to crash or allow arbitrary code 
to be executed as the user running Firefox. (CVE-2007-0775, CVE-2007-0777)

Cross-site scripting (XSS) flaws were found in Firefox.  A malicious web
page could display misleading information, allowing a user to unknowingly
divulge sensitive information, such as a password. (CVE-2006-6077, 
CVE-2007-0995, CVE-2007-0996)

A flaw was found in the way Firefox processed JavaScript contained in
certain tags.  A malicious web page could cause Firefox to execute
JavaScript code with the privileges of the user running Firefox.
(CVE-2007-0994)

A flaw was found in the way Firefox cached web pages on the local disk. A
malicious web page may have been able to inject arbitrary HTML into a
browsing session if the user reloaded a targeted site. (CVE-2007-0778)

Certain web content could overlay Firefox user interface elements such as
the hostname and security indicators.  A malicious web page could trick a
user into thinking they were visiting a different site. (CVE-2007-0779)

Two flaws were found in Firefox's displaying of blocked popup windows. If a
user could be convinced to open a blocked popup, it was possible to read
arbitrary local files, or conduct a cross-site scripting attack against the
user.
(CVE-2007-0780, CVE-2007-0800)

Two buffer overflow flaws were found in the Network Security Services (NSS)
code for processing the SSLv2 protocol. Connecting to a malicious secure
web server could cause the execution of arbitrary code as the user running
Firefox. (CVE-2007-0008, CVE-2007-0009)

A flaw was found in the way Firefox handled the "location.hostname" value.
 A malicious web page could set domain cookies for an arbitrary site, or
possibly perform a cross-site scripting attack. (CVE-2007-0981)
	
Users of Firefox are advised to upgrade to this erratum package, containing
Firefox version 1.5.0.10 which is not vulnerable to these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  

This update is available via Red Hat Network.  Details on how to use 
the Red Hat Network to apply this update are available at

5. Bug IDs fixed (http://bugzilla.redhat.com/):

230050 - CVE-2007-0775 Multiple Firefox flaws (CVE-2007-0777, CVE-2007-0994, CVE-2007-0995, CVE-2007-0996, CVE-2006-6077, CVE-2007-0778, CVE-2007-0779, CVE-2007-0780, CVE-2007-0800, CVE-2007-0008, CVE-2007-0009, CVE-2007-0981)

6. RPMs required:

Red Hat Enterprise Linux Desktop (v. 5 client):

SRPMS:
ecc6ccfcf4c2c08e941f72f5cfeaa55c  devhelp-0.12-10.0.1.el5.src.rpm
60cf3411d9e9b68bf0f25ac3541cf23a  firefox-1.5.0.10-2.el5.src.rpm
56ce5fe3b3776b01fc7886f65ef1404b  yelp-2.16.0-14.0.1.el5.src.rpm

i386:
0774d6e92c98fd2507952d9ce59ce891  devhelp-0.12-10.0.1.el5.i386.rpm
3acf940cc0301234390c98632c69da11  devhelp-debuginfo-0.12-10.0.1.el5.i386.rpm
39b98bd5460439dbdd1f0c495028fd33  firefox-1.5.0.10-2.el5.i386.rpm
4b0e34c319d80574f720840a04be6716  firefox-debuginfo-1.5.0.10-2.el5.i386.rpm
7ac3f70e9c5ba8e68a068946a66a3163  yelp-2.16.0-14.0.1.el5.i386.rpm
210a17a4c674ef1863bd30498fe91a38  yelp-debuginfo-2.16.0-14.0.1.el5.i386.rpm

x86_64:
0774d6e92c98fd2507952d9ce59ce891  devhelp-0.12-10.0.1.el5.i386.rpm
2c7791aad7d6e18b322f4834088f8708  devhelp-0.12-10.0.1.el5.x86_64.rpm
3acf940cc0301234390c98632c69da11  devhelp-debuginfo-0.12-10.0.1.el5.i386.rpm
b3bf53bcbd8f5e4bc254196496831e74  devhelp-debuginfo-0.12-10.0.1.el5.x86_64.rpm
39b98bd5460439dbdd1f0c495028fd33  firefox-1.5.0.10-2.el5.i386.rpm
a0ffe472bf6a3c517d41f0dc8900af86  firefox-1.5.0.10-2.el5.x86_64.rpm
4b0e34c319d80574f720840a04be6716  firefox-debuginfo-1.5.0.10-2.el5.i386.rpm
1ae549e2cab746aa1e2615a6b73c5e20  firefox-debuginfo-1.5.0.10-2.el5.x86_64.rpm
502e2b4dd68c59593652bf8f44d7dee4  yelp-2.16.0-14.0.1.el5.x86_64.rpm
0974ac1fd3c19e02765a750427efae46  yelp-debuginfo-2.16.0-14.0.1.el5.x86_64.rpm

RHEL Desktop Workstation (v. 5 client):

SRPMS:
ecc6ccfcf4c2c08e941f72f5cfeaa55c  devhelp-0.12-10.0.1.el5.src.rpm
60cf3411d9e9b68bf0f25ac3541cf23a  firefox-1.5.0.10-2.el5.src.rpm

i386:
3acf940cc0301234390c98632c69da11  devhelp-debuginfo-0.12-10.0.1.el5.i386.rpm
ede028c4f35108e54ded794f91d4f82e  devhelp-devel-0.12-10.0.1.el5.i386.rpm
4b0e34c319d80574f720840a04be6716  firefox-debuginfo-1.5.0.10-2.el5.i386.rpm
c334841929aae1eb36a71772f51d89da  firefox-devel-1.5.0.10-2.el5.i386.rpm

x86_64:
3acf940cc0301234390c98632c69da11  devhelp-debuginfo-0.12-10.0.1.el5.i386.rpm
b3bf53bcbd8f5e4bc254196496831e74  devhelp-debuginfo-0.12-10.0.1.el5.x86_64.rpm
ede028c4f35108e54ded794f91d4f82e  devhelp-devel-0.12-10.0.1.el5.i386.rpm
44f47bf9e6a7ecb39f7c907ca4a381d9  devhelp-devel-0.12-10.0.1.el5.x86_64.rpm
4b0e34c319d80574f720840a04be6716  firefox-debuginfo-1.5.0.10-2.el5.i386.rpm
1ae549e2cab746aa1e2615a6b73c5e20  firefox-debuginfo-1.5.0.10-2.el5.x86_64.rpm
c334841929aae1eb36a71772f51d89da  firefox-devel-1.5.0.10-2.el5.i386.rpm
5ba38c9a8e94ed9bb254e8b2010bdbbb  firefox-devel-1.5.0.10-2.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

SRPMS:
ecc6ccfcf4c2c08e941f72f5cfeaa55c  devhelp-0.12-10.0.1.el5.src.rpm
60cf3411d9e9b68bf0f25ac3541cf23a  firefox-1.5.0.10-2.el5.src.rpm
56ce5fe3b3776b01fc7886f65ef1404b  yelp-2.16.0-14.0.1.el5.src.rpm

i386:
0774d6e92c98fd2507952d9ce59ce891  devhelp-0.12-10.0.1.el5.i386.rpm
3acf940cc0301234390c98632c69da11  devhelp-debuginfo-0.12-10.0.1.el5.i386.rpm
ede028c4f35108e54ded794f91d4f82e  devhelp-devel-0.12-10.0.1.el5.i386.rpm
39b98bd5460439dbdd1f0c495028fd33  firefox-1.5.0.10-2.el5.i386.rpm
4b0e34c319d80574f720840a04be6716  firefox-debuginfo-1.5.0.10-2.el5.i386.rpm
c334841929aae1eb36a71772f51d89da  firefox-devel-1.5.0.10-2.el5.i386.rpm
7ac3f70e9c5ba8e68a068946a66a3163  yelp-2.16.0-14.0.1.el5.i386.rpm
210a17a4c674ef1863bd30498fe91a38  yelp-debuginfo-2.16.0-14.0.1.el5.i386.rpm

ia64:
0543d59be616203f72d6b46b33051ac2  devhelp-0.12-10.0.1.el5.ia64.rpm
acab03e92aa6c9cf472218bd698859de  devhelp-debuginfo-0.12-10.0.1.el5.ia64.rpm
f40918a968dd3425e534e589cda9b81b  devhelp-devel-0.12-10.0.1.el5.ia64.rpm
f22781eca58556113552b288dd7fe76b  firefox-1.5.0.10-2.el5.ia64.rpm
a6aaba32c9b8522a18526640c0f8d396  firefox-debuginfo-1.5.0.10-2.el5.ia64.rpm
56ea2d1debbf5c4d7a0f1ae3ebb3e741  firefox-devel-1.5.0.10-2.el5.ia64.rpm
250095927ac38854ab4b42a473a785f7  yelp-2.16.0-14.0.1.el5.ia64.rpm
5df4b3ff6b5cb315a97b7e7f7095cda8  yelp-debuginfo-2.16.0-14.0.1.el5.ia64.rpm

ppc:
576bd9205f61c07a8328ac3309c3cccd  devhelp-0.12-10.0.1.el5.ppc.rpm
dcaf49587708080277a2f10b346babd5  devhelp-debuginfo-0.12-10.0.1.el5.ppc.rpm
57b04a6c88b63d1227129f1509ecf8ae  devhelp-devel-0.12-10.0.1.el5.ppc.rpm
266c896a44c5818506058d3f43fb510a  firefox-1.5.0.10-2.el5.ppc.rpm
6dd9e1c3f0743ec8fb388f601badebcf  firefox-debuginfo-1.5.0.10-2.el5.ppc.rpm
81d6fd77e467137a6383ebd75aac7c38  firefox-devel-1.5.0.10-2.el5.ppc.rpm
cdd89632e1d496fdc00db638bbb85297  yelp-2.16.0-14.0.1.el5.ppc.rpm
9a033f9605570160561823425b547720  yelp-debuginfo-2.16.0-14.0.1.el5.ppc.rpm

s390x:
92415d0cd192d89b829d5cea4957ffd3  devhelp-0.12-10.0.1.el5.s390.rpm
249086f31984ef20db1edcc668769c64  devhelp-0.12-10.0.1.el5.s390x.rpm
dc724a4361cb4dd66381b4d82059c8d1  devhelp-debuginfo-0.12-10.0.1.el5.s390.rpm
97a65832a3dd2f76723e0d5d9b6a6d1f  devhelp-debuginfo-0.12-10.0.1.el5.s390x.rpm
3c659c50b265f059367e3572d5dc908c  devhelp-devel-0.12-10.0.1.el5.s390.rpm
8821c3e5f96844a0563ba7a773925ea4  devhelp-devel-0.12-10.0.1.el5.s390x.rpm
0c8ef9a9f6246dd277247fedcf65e2ef  firefox-1.5.0.10-2.el5.s390.rpm
1f2fc90bc59dc42e3068fb358aec67bd  firefox-1.5.0.10-2.el5.s390x.rpm
108ef308488056b3df8feb04fc535cee  firefox-debuginfo-1.5.0.10-2.el5.s390.rpm
539070e0ca79c624a07230ee7058aff7  firefox-debuginfo-1.5.0.10-2.el5.s390x.rpm
1364113945647fd64b1d2b2b42a40d52  firefox-devel-1.5.0.10-2.el5.s390.rpm
eda1b9d310aeeb22821a0c807794349c  firefox-devel-1.5.0.10-2.el5.s390x.rpm
73bb10b49cc143dce64fafea46b74081  yelp-2.16.0-14.0.1.el5.s390x.rpm
00255312f531140dee6d191dcffbce34  yelp-debuginfo-2.16.0-14.0.1.el5.s390x.rpm

x86_64:
0774d6e92c98fd2507952d9ce59ce891  devhelp-0.12-10.0.1.el5.i386.rpm
2c7791aad7d6e18b322f4834088f8708  devhelp-0.12-10.0.1.el5.x86_64.rpm
3acf940cc0301234390c98632c69da11  devhelp-debuginfo-0.12-10.0.1.el5.i386.rpm
b3bf53bcbd8f5e4bc254196496831e74  devhelp-debuginfo-0.12-10.0.1.el5.x86_64.rpm
ede028c4f35108e54ded794f91d4f82e  devhelp-devel-0.12-10.0.1.el5.i386.rpm
44f47bf9e6a7ecb39f7c907ca4a381d9  devhelp-devel-0.12-10.0.1.el5.x86_64.rpm
39b98bd5460439dbdd1f0c495028fd33  firefox-1.5.0.10-2.el5.i386.rpm
a0ffe472bf6a3c517d41f0dc8900af86  firefox-1.5.0.10-2.el5.x86_64.rpm
4b0e34c319d80574f720840a04be6716  firefox-debuginfo-1.5.0.10-2.el5.i386.rpm
1ae549e2cab746aa1e2615a6b73c5e20  firefox-debuginfo-1.5.0.10-2.el5.x86_64.rpm
c334841929aae1eb36a71772f51d89da  firefox-devel-1.5.0.10-2.el5.i386.rpm
5ba38c9a8e94ed9bb254e8b2010bdbbb  firefox-devel-1.5.0.10-2.el5.x86_64.rpm
502e2b4dd68c59593652bf8f44d7dee4  yelp-2.16.0-14.0.1.el5.x86_64.rpm
0974ac1fd3c19e02765a750427efae46  yelp-debuginfo-2.16.0-14.0.1.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6077
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0008
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0009
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0775
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0777
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0778
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0779
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0780
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0800
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0981
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0994
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0995
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0996
http://www.redhat.com/security/updates/classification/#critical

8. Contact:

The Red Hat security contact is .  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.

RedHat: Critical: firefox security update RHSA-2007:0097-02

Updated firefox packages that fix several security bugs are now available for Red Hat Enterprise Linux 5

Summary



Summary

Mozilla Firefox is an open source Web browser. Flaws were found in the way Firefox executed malformed JavaScript code. A malicious web page could cause Firefox to crash or allow arbitrary code to be executed as the user running Firefox. (CVE-2007-0775, CVE-2007-0777) Cross-site scripting (XSS) flaws were found in Firefox. A malicious web page could display misleading information, allowing a user to unknowingly divulge sensitive information, such as a password. (CVE-2006-6077, CVE-2007-0995, CVE-2007-0996) A flaw was found in the way Firefox processed JavaScript contained in certain tags. A malicious web page could cause Firefox to execute JavaScript code with the privileges of the user running Firefox. (CVE-2007-0994) A flaw was found in the way Firefox cached web pages on the local disk. A malicious web page may have been able to inject arbitrary HTML into a browsing session if the user reloaded a targeted site. (CVE-2007-0778) Certain web content could overlay Firefox user interface elements such as the hostname and security indicators. A malicious web page could trick a user into thinking they were visiting a different site. (CVE-2007-0779) Two flaws were found in Firefox's displaying of blocked popup windows. If a user could be convinced to open a blocked popup, it was possible to read arbitrary local files, or conduct a cross-site scripting attack against the user. (CVE-2007-0780, CVE-2007-0800) Two buffer overflow flaws were found in the Network Security Services (NSS) code for processing the SSLv2 protocol. Connecting to a malicious secure web server could cause the execution of arbitrary code as the user running Firefox. (CVE-2007-0008, CVE-2007-0009) A flaw was found in the way Firefox handled the "location.hostname" value. A malicious web page could set domain cookies for an arbitrary site, or possibly perform a cross-site scripting attack. (CVE-2007-0981) Users of Firefox are advised to upgrade to this erratum package, containing Firefox version 1.5.0.10 which is not vulnerable to these issues.


Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at
5. Bug IDs fixed (http://bugzilla.redhat.com/):
230050 - CVE-2007-0775 Multiple Firefox flaws (CVE-2007-0777, CVE-2007-0994, CVE-2007-0995, CVE-2007-0996, CVE-2006-6077, CVE-2007-0778, CVE-2007-0779, CVE-2007-0780, CVE-2007-0800, CVE-2007-0008, CVE-2007-0009, CVE-2007-0981)
6. RPMs required:
Red Hat Enterprise Linux Desktop (v. 5 client):
SRPMS: ecc6ccfcf4c2c08e941f72f5cfeaa55c devhelp-0.12-10.0.1.el5.src.rpm 60cf3411d9e9b68bf0f25ac3541cf23a firefox-1.5.0.10-2.el5.src.rpm 56ce5fe3b3776b01fc7886f65ef1404b yelp-2.16.0-14.0.1.el5.src.rpm
i386: 0774d6e92c98fd2507952d9ce59ce891 devhelp-0.12-10.0.1.el5.i386.rpm 3acf940cc0301234390c98632c69da11 devhelp-debuginfo-0.12-10.0.1.el5.i386.rpm 39b98bd5460439dbdd1f0c495028fd33 firefox-1.5.0.10-2.el5.i386.rpm 4b0e34c319d80574f720840a04be6716 firefox-debuginfo-1.5.0.10-2.el5.i386.rpm 7ac3f70e9c5ba8e68a068946a66a3163 yelp-2.16.0-14.0.1.el5.i386.rpm 210a17a4c674ef1863bd30498fe91a38 yelp-debuginfo-2.16.0-14.0.1.el5.i386.rpm
x86_64: 0774d6e92c98fd2507952d9ce59ce891 devhelp-0.12-10.0.1.el5.i386.rpm 2c7791aad7d6e18b322f4834088f8708 devhelp-0.12-10.0.1.el5.x86_64.rpm 3acf940cc0301234390c98632c69da11 devhelp-debuginfo-0.12-10.0.1.el5.i386.rpm b3bf53bcbd8f5e4bc254196496831e74 devhelp-debuginfo-0.12-10.0.1.el5.x86_64.rpm 39b98bd5460439dbdd1f0c495028fd33 firefox-1.5.0.10-2.el5.i386.rpm a0ffe472bf6a3c517d41f0dc8900af86 firefox-1.5.0.10-2.el5.x86_64.rpm 4b0e34c319d80574f720840a04be6716 firefox-debuginfo-1.5.0.10-2.el5.i386.rpm 1ae549e2cab746aa1e2615a6b73c5e20 firefox-debuginfo-1.5.0.10-2.el5.x86_64.rpm 502e2b4dd68c59593652bf8f44d7dee4 yelp-2.16.0-14.0.1.el5.x86_64.rpm 0974ac1fd3c19e02765a750427efae46 yelp-debuginfo-2.16.0-14.0.1.el5.x86_64.rpm
RHEL Desktop Workstation (v. 5 client):
SRPMS: ecc6ccfcf4c2c08e941f72f5cfeaa55c devhelp-0.12-10.0.1.el5.src.rpm 60cf3411d9e9b68bf0f25ac3541cf23a firefox-1.5.0.10-2.el5.src.rpm
i386: 3acf940cc0301234390c98632c69da11 devhelp-debuginfo-0.12-10.0.1.el5.i386.rpm ede028c4f35108e54ded794f91d4f82e devhelp-devel-0.12-10.0.1.el5.i386.rpm 4b0e34c319d80574f720840a04be6716 firefox-debuginfo-1.5.0.10-2.el5.i386.rpm c334841929aae1eb36a71772f51d89da firefox-devel-1.5.0.10-2.el5.i386.rpm
x86_64: 3acf940cc0301234390c98632c69da11 devhelp-debuginfo-0.12-10.0.1.el5.i386.rpm b3bf53bcbd8f5e4bc254196496831e74 devhelp-debuginfo-0.12-10.0.1.el5.x86_64.rpm ede028c4f35108e54ded794f91d4f82e devhelp-devel-0.12-10.0.1.el5.i386.rpm 44f47bf9e6a7ecb39f7c907ca4a381d9 devhelp-devel-0.12-10.0.1.el5.x86_64.rpm 4b0e34c319d80574f720840a04be6716 firefox-debuginfo-1.5.0.10-2.el5.i386.rpm 1ae549e2cab746aa1e2615a6b73c5e20 firefox-debuginfo-1.5.0.10-2.el5.x86_64.rpm c334841929aae1eb36a71772f51d89da firefox-devel-1.5.0.10-2.el5.i386.rpm 5ba38c9a8e94ed9bb254e8b2010bdbbb firefox-devel-1.5.0.10-2.el5.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
SRPMS: ecc6ccfcf4c2c08e941f72f5cfeaa55c devhelp-0.12-10.0.1.el5.src.rpm 60cf3411d9e9b68bf0f25ac3541cf23a firefox-1.5.0.10-2.el5.src.rpm 56ce5fe3b3776b01fc7886f65ef1404b yelp-2.16.0-14.0.1.el5.src.rpm
i386: 0774d6e92c98fd2507952d9ce59ce891 devhelp-0.12-10.0.1.el5.i386.rpm 3acf940cc0301234390c98632c69da11 devhelp-debuginfo-0.12-10.0.1.el5.i386.rpm ede028c4f35108e54ded794f91d4f82e devhelp-devel-0.12-10.0.1.el5.i386.rpm 39b98bd5460439dbdd1f0c495028fd33 firefox-1.5.0.10-2.el5.i386.rpm 4b0e34c319d80574f720840a04be6716 firefox-debuginfo-1.5.0.10-2.el5.i386.rpm c334841929aae1eb36a71772f51d89da firefox-devel-1.5.0.10-2.el5.i386.rpm 7ac3f70e9c5ba8e68a068946a66a3163 yelp-2.16.0-14.0.1.el5.i386.rpm 210a17a4c674ef1863bd30498fe91a38 yelp-debuginfo-2.16.0-14.0.1.el5.i386.rpm
ia64: 0543d59be616203f72d6b46b33051ac2 devhelp-0.12-10.0.1.el5.ia64.rpm acab03e92aa6c9cf472218bd698859de devhelp-debuginfo-0.12-10.0.1.el5.ia64.rpm f40918a968dd3425e534e589cda9b81b devhelp-devel-0.12-10.0.1.el5.ia64.rpm f22781eca58556113552b288dd7fe76b firefox-1.5.0.10-2.el5.ia64.rpm a6aaba32c9b8522a18526640c0f8d396 firefox-debuginfo-1.5.0.10-2.el5.ia64.rpm 56ea2d1debbf5c4d7a0f1ae3ebb3e741 firefox-devel-1.5.0.10-2.el5.ia64.rpm 250095927ac38854ab4b42a473a785f7 yelp-2.16.0-14.0.1.el5.ia64.rpm 5df4b3ff6b5cb315a97b7e7f7095cda8 yelp-debuginfo-2.16.0-14.0.1.el5.ia64.rpm
ppc: 576bd9205f61c07a8328ac3309c3cccd devhelp-0.12-10.0.1.el5.ppc.rpm dcaf49587708080277a2f10b346babd5 devhelp-debuginfo-0.12-10.0.1.el5.ppc.rpm 57b04a6c88b63d1227129f1509ecf8ae devhelp-devel-0.12-10.0.1.el5.ppc.rpm 266c896a44c5818506058d3f43fb510a firefox-1.5.0.10-2.el5.ppc.rpm 6dd9e1c3f0743ec8fb388f601badebcf firefox-debuginfo-1.5.0.10-2.el5.ppc.rpm 81d6fd77e467137a6383ebd75aac7c38 firefox-devel-1.5.0.10-2.el5.ppc.rpm cdd89632e1d496fdc00db638bbb85297 yelp-2.16.0-14.0.1.el5.ppc.rpm 9a033f9605570160561823425b547720 yelp-debuginfo-2.16.0-14.0.1.el5.ppc.rpm
s390x: 92415d0cd192d89b829d5cea4957ffd3 devhelp-0.12-10.0.1.el5.s390.rpm 249086f31984ef20db1edcc668769c64 devhelp-0.12-10.0.1.el5.s390x.rpm dc724a4361cb4dd66381b4d82059c8d1 devhelp-debuginfo-0.12-10.0.1.el5.s390.rpm 97a65832a3dd2f76723e0d5d9b6a6d1f devhelp-debuginfo-0.12-10.0.1.el5.s390x.rpm 3c659c50b265f059367e3572d5dc908c devhelp-devel-0.12-10.0.1.el5.s390.rpm 8821c3e5f96844a0563ba7a773925ea4 devhelp-devel-0.12-10.0.1.el5.s390x.rpm 0c8ef9a9f6246dd277247fedcf65e2ef firefox-1.5.0.10-2.el5.s390.rpm 1f2fc90bc59dc42e3068fb358aec67bd firefox-1.5.0.10-2.el5.s390x.rpm 108ef308488056b3df8feb04fc535cee firefox-debuginfo-1.5.0.10-2.el5.s390.rpm 539070e0ca79c624a07230ee7058aff7 firefox-debuginfo-1.5.0.10-2.el5.s390x.rpm 1364113945647fd64b1d2b2b42a40d52 firefox-devel-1.5.0.10-2.el5.s390.rpm eda1b9d310aeeb22821a0c807794349c firefox-devel-1.5.0.10-2.el5.s390x.rpm 73bb10b49cc143dce64fafea46b74081 yelp-2.16.0-14.0.1.el5.s390x.rpm 00255312f531140dee6d191dcffbce34 yelp-debuginfo-2.16.0-14.0.1.el5.s390x.rpm
x86_64: 0774d6e92c98fd2507952d9ce59ce891 devhelp-0.12-10.0.1.el5.i386.rpm 2c7791aad7d6e18b322f4834088f8708 devhelp-0.12-10.0.1.el5.x86_64.rpm 3acf940cc0301234390c98632c69da11 devhelp-debuginfo-0.12-10.0.1.el5.i386.rpm b3bf53bcbd8f5e4bc254196496831e74 devhelp-debuginfo-0.12-10.0.1.el5.x86_64.rpm ede028c4f35108e54ded794f91d4f82e devhelp-devel-0.12-10.0.1.el5.i386.rpm 44f47bf9e6a7ecb39f7c907ca4a381d9 devhelp-devel-0.12-10.0.1.el5.x86_64.rpm 39b98bd5460439dbdd1f0c495028fd33 firefox-1.5.0.10-2.el5.i386.rpm a0ffe472bf6a3c517d41f0dc8900af86 firefox-1.5.0.10-2.el5.x86_64.rpm 4b0e34c319d80574f720840a04be6716 firefox-debuginfo-1.5.0.10-2.el5.i386.rpm 1ae549e2cab746aa1e2615a6b73c5e20 firefox-debuginfo-1.5.0.10-2.el5.x86_64.rpm c334841929aae1eb36a71772f51d89da firefox-devel-1.5.0.10-2.el5.i386.rpm 5ba38c9a8e94ed9bb254e8b2010bdbbb firefox-devel-1.5.0.10-2.el5.x86_64.rpm 502e2b4dd68c59593652bf8f44d7dee4 yelp-2.16.0-14.0.1.el5.x86_64.rpm 0974ac1fd3c19e02765a750427efae46 yelp-debuginfo-2.16.0-14.0.1.el5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6077 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0008 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0009 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0775 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0777 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0778 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0779 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0780 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0981 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0994 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0995 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0996 http://www.redhat.com/security/updates/classification/#critical

Package List


Severity
Advisory ID: RHSA-2007:0097-02
Advisory URL: https://access.redhat.com/errata/RHSA-2007:0097.html
Issued Date: : 2007-03-14
Updated on: 2007-03-14
Product: Red Hat Enterprise Linux
CVE Names: CVE-2006-6077 CVE-2007-0008 CVE-2007-0009 CVE-2007-0775 CVE-2007-0777 CVE-2007-0778 CVE-2007-0779 CVE-2007-0780 CVE-2007-0800 CVE-2007-0981 CVE-2007-0994 CVE-2007-0995 CVE-2007-0996 Updated firefox packages that fix several security bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having critical security impact by the Red Hat Security Response Team.

Topic


Topic


 

Relevant Releases Architectures

Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64

RHEL Desktop Workstation (v. 5 client) - i386, x86_64

Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64


Bugs Fixed


Related News

19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved