Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Red Hat Enterprise Linux: RHSA-2007:0979-01 Critical: Firefox Exploit

red hat
Calendar Grey October 19, 2007
Dist Redhat Esm H88
Essential security patch for Firefox resolves various vulnerabilities affecting Red Hat Enterprise Linux versions 4 and 5. Update immediately.
Updated firefox packages that fix several security bugs are now available for Red Hat Enterprise Linux 4 and 5

Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at

5. Bug IDs fixed (http://bugzilla.redhat.com/):

246248 - firefox crashes when searching for word "do" 333991 - Mozilla products security update (CVE-2007-1095, CVE-2007-2292, CVE-2007-3511, CVE-2007-3844, CVE-2007-5334, CVE-2007-5337, CVE-2007-5338, CVE-2007-5339, CVE-2007-5340)

6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS: 14521bc61a8a3fae6f51e01b7397dcb6 firefox-1.5.0.12-0.7.el4.src.rpm

i386: a77fcb609b6967686ace6611ee46006b firefox-1.5.0.12-0.7.el4.i386.rpm a10903d25275b7f3b45b087f5075ac8d firefox-debuginfo-1.5.0.12-0.7.el4.i386.rpm

ia64: 22a57ce44aa809198be66d6eef97bb9c firefox-1.5.0.12-0.7.el4.ia64.rpm 94f312b4eadfa99165d44c573bec784d firefox-debuginfo-1.5.0.12-0.7.el4.ia64.rpm

ppc: a3067493f97b4921b3e4320516b09988 firefox-1.5.0.12-0.7.el4.ppc.rpm 767062821eba593df0116a7bfc8725b2 firefox-debuginfo-1.5.0.12-0.7.el4.ppc.rpm

s390: 304d4a73bbbc1691762caa56fbe751b1 firefox-1.5.0.12-0.7.el4.s390.rpm 91f1b89ec8f0feef079b546327b232dc firefox-debuginfo-1.5.0.12-0.7.el4.s390.rpm

s390x: 0536c7d1e6ce3c7147082020d126c546 firefox-1.5.0.12-0.7.el4.s390x.rpm 3d45b068acfd5cb48a047938cdf94339 firefox-debuginfo-1.5.0.12-0.7.el4.s390x.rpm

x86_64: 3ee97b00b1b1a207bed96c195fac7c32 firefox-1.5.0.12-0.7.el4.x86_64.rpm 774b51deb8e133d53cba92831f80d1c9 firefox-debuginfo-1.5.0.12-0.7.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS: 14521bc61a8a3fae6f51e01b7397dcb6 firefox-1.5.0.12-0.7.el4.src.rpm

i386: a77fcb609b6967686ace6611ee46006b firefox-1.5.0.12-0.7.el4.i386.rpm a10903d25275b7f3b45b087f5075ac8d firefox-debuginfo-1.5.0.12-0.7.el4.i386.rpm

x86_64: 3ee97b00b1b1a207bed96c195fac7c32 firefox-1.5.0.12-0.7.el4.x86_64.rpm 774b51deb8e133d53cba92831f80d1c9 firefox-debuginfo-1.5.0.12-0.7.el4.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS: 14521bc61a8a3fae6f51e01b7397dcb6 firefox-1.5.0.12-0.7.el4.src.rpm

i386: a77fcb609b6967686ace6611ee46006b firefox-1.5.0.12-0.7.el4.i386.rpm a10903d25275b7f3b45b087f5075ac8d firefox-debuginfo-1.5.0.12-0.7.el4.i386.rpm

ia64: 22a57ce44aa809198be66d6eef97bb9c firefox-1.5.0.12-0.7.el4.ia64.rpm 94f312b4eadfa99165d44c573bec784d firefox-debuginfo-1.5.0.12-0.7.el4.ia64.rpm

x86_64: 3ee97b00b1b1a207bed96c195fac7c32 firefox-1.5.0.12-0.7.el4.x86_64.rpm 774b51deb8e133d53cba92831f80d1c9 firefox-debuginfo-1.5.0.12-0.7.el4.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS: 14521bc61a8a3fae6f51e01b7397dcb6 firefox-1.5.0.12-0.7.el4.src.rpm

i386: a77fcb609b6967686ace6611ee46006b firefox-1.5.0.12-0.7.el4.i386.rpm a10903d25275b7f3b45b087f5075ac8d firefox-debuginfo-1.5.0.12-0.7.el4.i386.rpm

ia64: 22a57ce44aa809198be66d6eef97bb9c firefox-1.5.0.12-0.7.el4.ia64.rpm 94f312b4eadfa99165d44c573bec784d firefox-debuginfo-1.5.0.12-0.7.el4.ia64.rpm

x86_64: 3ee97b00b1b1a207bed96c195fac7c32 firefox-1.5.0.12-0.7.el4.x86_64.rpm 774b51deb8e133d53cba92831f80d1c9 firefox-debuginfo-1.5.0.12-0.7.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop (v. 5 client):

SRPMS: 8751dd10ea3396a563771e436a3eb1d1 firefox-1.5.0.12-6.el5.src.rpm

i386: e6d7cc39fef9cd508408ebc48d56509f firefox-1.5.0.12-6.el5.i386.rpm 999ed30a8fbb750206abbb6fabf13583 firefox-debuginfo-1.5.0.12-6.el5.i386.rpm

x86_64: e6d7cc39fef9cd508408ebc48d56509f firefox-1.5.0.12-6.el5.i386.rpm a3025709096696676df09a4b2125b2e1 firefox-1.5.0.12-6.el5.x86_64.rpm 999ed30a8fbb750206abbb6fabf13583 firefox-debuginfo-1.5.0.12-6.el5.i386.rpm 3d9792bf0c4946b4e901608ff70a2731 firefox-debuginfo-1.5.0.12-6.el5.x86_64.rpm

RHEL Desktop Workstation (v. 5 client):

SRPMS: 8751dd10ea3396a563771e436a3eb1d1 firefox-1.5.0.12-6.el5.src.rpm

i386: 999ed30a8fbb750206abbb6fabf13583 firefox-debuginfo-1.5.0.12-6.el5.i386.rpm f307deb5f1cca86fe342f99eef6a0400 firefox-devel-1.5.0.12-6.el5.i386.rpm

x86_64: 999ed30a8fbb750206abbb6fabf13583 firefox-debuginfo-1.5.0.12-6.el5.i386.rpm 3d9792bf0c4946b4e901608ff70a2731 firefox-debuginfo-1.5.0.12-6.el5.x86_64.rpm f307deb5f1cca86fe342f99eef6a0400 firefox-devel-1.5.0.12-6.el5.i386.rpm a512569a312536720d54a60b123974c1 firefox-devel-1.5.0.12-6.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

SRPMS: 8751dd10ea3396a563771e436a3eb1d1 firefox-1.5.0.12-6.el5.src.rpm

i386: e6d7cc39fef9cd508408ebc48d56509f firefox-1.5.0.12-6.el5.i386.rpm 999ed30a8fbb750206abbb6fabf13583 firefox-debuginfo-1.5.0.12-6.el5.i386.rpm f307deb5f1cca86fe342f99eef6a0400 firefox-devel-1.5.0.12-6.el5.i386.rpm

ia64: 2ca6057ea5a0d1cc04128558d4c85069 firefox-1.5.0.12-6.el5.ia64.rpm eeb360a59d2d93916944ad8f77b0c8a3 firefox-debuginfo-1.5.0.12-6.el5.ia64.rpm 83e887e01be14575bddb90b27fd12046 firefox-devel-1.5.0.12-6.el5.ia64.rpm

ppc: 513389cac0f34e73c6ea7268d4105a47 firefox-1.5.0.12-6.el5.ppc.rpm 874161d6167c4fec200ab3c0cc5354ea firefox-debuginfo-1.5.0.12-6.el5.ppc.rpm 6d043336dbfbac647ed0b356b2c0b9a6 firefox-devel-1.5.0.12-6.el5.ppc.rpm

s390x: e94181f34bdbf029e08afd540f4788da firefox-1.5.0.12-6.el5.s390.rpm fddf399d5ec6d03d8b8d8e5deec8ff93 firefox-1.5.0.12-6.el5.s390x.rpm b7c23f1cc8a0e93f4363d2a6af5a4981 firefox-debuginfo-1.5.0.12-6.el5.s390.rpm 0110422f2449199de04754571ab3acec firefox-debuginfo-1.5.0.12-6.el5.s390x.rpm 40acebdc1765435c854d4ffb6e74733c firefox-devel-1.5.0.12-6.el5.s390.rpm 09ad411554d856053321d42f590187b4 firefox-devel-1.5.0.12-6.el5.s390x.rpm

x86_64: e6d7cc39fef9cd508408ebc48d56509f firefox-1.5.0.12-6.el5.i386.rpm a3025709096696676df09a4b2125b2e1 firefox-1.5.0.12-6.el5.x86_64.rpm 999ed30a8fbb750206abbb6fabf13583 firefox-debuginfo-1.5.0.12-6.el5.i386.rpm 3d9792bf0c4946b4e901608ff70a2731 firefox-debuginfo-1.5.0.12-6.el5.x86_64.rpm f307deb5f1cca86fe342f99eef6a0400 firefox-devel-1.5.0.12-6.el5.i386.rpm a512569a312536720d54a60b123974c1 firefox-devel-1.5.0.12-6.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package

Summary

References

https://www.cve.org/CVERecord?id=CVE-2007-1095 https://www.cve.org/CVERecord?id=CVE-2007-2292 https://www.cve.org/CVERecord?id=CVE-2007-3511 https://www.cve.org/CVERecord?id=CVE-2007-3844 https://www.cve.org/CVERecord?id=CVE-2007-5334 https://www.cve.org/CVERecord?id=CVE-2007-5337 https://www.cve.org/CVERecord?id=CVE-2007-5338 https://www.cve.org/CVERecord?id=CVE-2007-5339 https://www.cve.org/CVERecord?id=CVE-2007-5340 https://en.wikipedia.org/wiki/HTTP_response_splitting https://access.redhat.com/security/updates/classification#critical

Package List


Severity
critical
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2007:0979-01
Issue date: 2007-10-19
Updated on: 2007-10-19
Product: Red Hat Enterprise Linux

Topic

Relevant Releases Architectures

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64

Red Hat Enterprise Linux Desktop version 4 - i386, x86_64

Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64

Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64

RHEL Desktop Workstation (v. 5 client) - i386, x86_64

Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here