Alerts This Week
Warning Icon 1 525
Alerts This Week
Warning Icon 1 525

Red Hat 4 & 5: RHSA-2007:1082-01 Critical: firefox security update

Calendar Nov 26, 2007 User Avatar LinuxSecurity Advisories
5 - 9 min read
Redhat Large Esm H500
Topics%20covered

Topics Covered

security advisory cross-site scripting critical update Red Hat Enterprise firefox security
Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. A cross-site scripting flaw was found in the way Firefox handled the jar: URI scheme. It was possible for a malicious website to leverage this flaw and conduct a cross-site scripting attack against a user running Firefox 
- ---------------------------------------------------------------------                   Red Hat Security Advisory

Synopsis:          Critical: firefox security update
Advisory ID:       RHSA-2007:1082-01
Advisory URL:      https://access.redhat.com/errata/RHSA-2007:1082.html
Issue date:        2007-11-26
Updated on:        2007-11-26
Product:           Red Hat Enterprise Linux
CVE Names:         CVE-2007-5947 CVE-2007-5959 CVE-2007-5960 
- ---------------------------------------------------------------------1. Summary:

Updated firefox packages that fix several security issues are now available
for Red Hat Enterprise Linux 4 and 5.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux AS version 4.5.z - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux ES version 4.5.z - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64

3. Problem description:

Mozilla Firefox is an open source Web browser.

A cross-site scripting flaw was found in the way Firefox handled the
jar: URI scheme. It was possible for a malicious website to leverage this
flaw and conduct a cross-site scripting attack against a user running
Firefox. (CVE-2007-5947)

Several flaws were found in the way Firefox processed certain malformed web
content. A webpage containing malicious content could cause Firefox to
crash, or potentially execute arbitrary code as the user running Firefox.
(CVE-2007-5959)

A race condition existed when Firefox set the "window.location" property
for a webpage. This flaw could allow a webpage to set an arbitrary Referer
header, which may lead to a Cross-site Request Forgery (CSRF) attack
against websites that rely only on the Referer header for protection.
(CVE-2007-5960)

Users of Firefox are advised to upgrade to these updated packages, which
contain backported patches to resolve these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  

This update is available via Red Hat Network.  Details on how to use 
the Red Hat Network to apply this update are available at

5. Bug IDs fixed (https://bugzilla.redhat.com/):

394211 - CVE-2007-5947 Mozilla jar: protocol XSS
394241 - CVE-2007-5959 Multiple flaws in Firefox
394261 - CVE-2007-5960 Mozilla Cross-site Request Forgery flaw

6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS:
e2c978d4b14f9cf19a8e39de02583008  firefox-1.5.0.12-0.8.el4.src.rpm

i386:
7c65767dfdaed3f752ff8d2432bbbb87  firefox-1.5.0.12-0.8.el4.i386.rpm
f370caeea0a992722a3856d63da52b1f  firefox-debuginfo-1.5.0.12-0.8.el4.i386.rpm

ia64:
1cf6f4a4b1555f8da1c9f6a69ad7f51a  firefox-1.5.0.12-0.8.el4.ia64.rpm
82eb56cadb11007f53a485bb4278f13a  firefox-debuginfo-1.5.0.12-0.8.el4.ia64.rpm

ppc:
2849e6a776fe9d7427f373d2634051bd  firefox-1.5.0.12-0.8.el4.ppc.rpm
20e0e2ef9266025221beca008d75eaa0  firefox-debuginfo-1.5.0.12-0.8.el4.ppc.rpm

s390:
39c83103495fb726421799de80f8553d  firefox-1.5.0.12-0.8.el4.s390.rpm
d899e6879dbae602227a1326a78d92d2  firefox-debuginfo-1.5.0.12-0.8.el4.s390.rpm

s390x:
719c9da1a4d6c07b5ffa970859d687bf  firefox-1.5.0.12-0.8.el4.s390x.rpm
baa53ea0dd0d4e423acbdbbf06eb9363  firefox-debuginfo-1.5.0.12-0.8.el4.s390x.rpm

x86_64:
07ae1640a44aed479a5d6afb668ed6ee  firefox-1.5.0.12-0.8.el4.x86_64.rpm
bf2c92230f3dcd965145c900eac0e803  firefox-debuginfo-1.5.0.12-0.8.el4.x86_64.rpm

Red Hat Enterprise Linux AS version 4.5.z:

SRPMS:
e2c978d4b14f9cf19a8e39de02583008  firefox-1.5.0.12-0.8.el4.src.rpm

i386:
7c65767dfdaed3f752ff8d2432bbbb87  firefox-1.5.0.12-0.8.el4.i386.rpm
f370caeea0a992722a3856d63da52b1f  firefox-debuginfo-1.5.0.12-0.8.el4.i386.rpm

ia64:
1cf6f4a4b1555f8da1c9f6a69ad7f51a  firefox-1.5.0.12-0.8.el4.ia64.rpm
82eb56cadb11007f53a485bb4278f13a  firefox-debuginfo-1.5.0.12-0.8.el4.ia64.rpm

ppc:
2849e6a776fe9d7427f373d2634051bd  firefox-1.5.0.12-0.8.el4.ppc.rpm
20e0e2ef9266025221beca008d75eaa0  firefox-debuginfo-1.5.0.12-0.8.el4.ppc.rpm

s390:
39c83103495fb726421799de80f8553d  firefox-1.5.0.12-0.8.el4.s390.rpm
d899e6879dbae602227a1326a78d92d2  firefox-debuginfo-1.5.0.12-0.8.el4.s390.rpm

s390x:
719c9da1a4d6c07b5ffa970859d687bf  firefox-1.5.0.12-0.8.el4.s390x.rpm
baa53ea0dd0d4e423acbdbbf06eb9363  firefox-debuginfo-1.5.0.12-0.8.el4.s390x.rpm

x86_64:
07ae1640a44aed479a5d6afb668ed6ee  firefox-1.5.0.12-0.8.el4.x86_64.rpm
bf2c92230f3dcd965145c900eac0e803  firefox-debuginfo-1.5.0.12-0.8.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
e2c978d4b14f9cf19a8e39de02583008  firefox-1.5.0.12-0.8.el4.src.rpm

i386:
7c65767dfdaed3f752ff8d2432bbbb87  firefox-1.5.0.12-0.8.el4.i386.rpm
f370caeea0a992722a3856d63da52b1f  firefox-debuginfo-1.5.0.12-0.8.el4.i386.rpm

x86_64:
07ae1640a44aed479a5d6afb668ed6ee  firefox-1.5.0.12-0.8.el4.x86_64.rpm
bf2c92230f3dcd965145c900eac0e803  firefox-debuginfo-1.5.0.12-0.8.el4.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
e2c978d4b14f9cf19a8e39de02583008  firefox-1.5.0.12-0.8.el4.src.rpm

i386:
7c65767dfdaed3f752ff8d2432bbbb87  firefox-1.5.0.12-0.8.el4.i386.rpm
f370caeea0a992722a3856d63da52b1f  firefox-debuginfo-1.5.0.12-0.8.el4.i386.rpm

ia64:
1cf6f4a4b1555f8da1c9f6a69ad7f51a  firefox-1.5.0.12-0.8.el4.ia64.rpm
82eb56cadb11007f53a485bb4278f13a  firefox-debuginfo-1.5.0.12-0.8.el4.ia64.rpm

x86_64:
07ae1640a44aed479a5d6afb668ed6ee  firefox-1.5.0.12-0.8.el4.x86_64.rpm
bf2c92230f3dcd965145c900eac0e803  firefox-debuginfo-1.5.0.12-0.8.el4.x86_64.rpm

Red Hat Enterprise Linux ES version 4.5.z:

SRPMS:
e2c978d4b14f9cf19a8e39de02583008  firefox-1.5.0.12-0.8.el4.src.rpm

i386:
7c65767dfdaed3f752ff8d2432bbbb87  firefox-1.5.0.12-0.8.el4.i386.rpm
f370caeea0a992722a3856d63da52b1f  firefox-debuginfo-1.5.0.12-0.8.el4.i386.rpm

ia64:
1cf6f4a4b1555f8da1c9f6a69ad7f51a  firefox-1.5.0.12-0.8.el4.ia64.rpm
82eb56cadb11007f53a485bb4278f13a  firefox-debuginfo-1.5.0.12-0.8.el4.ia64.rpm

x86_64:
07ae1640a44aed479a5d6afb668ed6ee  firefox-1.5.0.12-0.8.el4.x86_64.rpm
bf2c92230f3dcd965145c900eac0e803  firefox-debuginfo-1.5.0.12-0.8.el4.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
e2c978d4b14f9cf19a8e39de02583008  firefox-1.5.0.12-0.8.el4.src.rpm

i386:
7c65767dfdaed3f752ff8d2432bbbb87  firefox-1.5.0.12-0.8.el4.i386.rpm
f370caeea0a992722a3856d63da52b1f  firefox-debuginfo-1.5.0.12-0.8.el4.i386.rpm

ia64:
1cf6f4a4b1555f8da1c9f6a69ad7f51a  firefox-1.5.0.12-0.8.el4.ia64.rpm
82eb56cadb11007f53a485bb4278f13a  firefox-debuginfo-1.5.0.12-0.8.el4.ia64.rpm

x86_64:
07ae1640a44aed479a5d6afb668ed6ee  firefox-1.5.0.12-0.8.el4.x86_64.rpm
bf2c92230f3dcd965145c900eac0e803  firefox-debuginfo-1.5.0.12-0.8.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop (v. 5 client):

SRPMS:
9e6f9f8659b25e6420a1f395bbe09896  firefox-1.5.0.12-7.el5.src.rpm

i386:
e1b690ba4dfdd41e20aacfbb9d8fbb9a  firefox-1.5.0.12-7.el5.i386.rpm
e576368db6ed9eb70c65a596d5d684aa  firefox-debuginfo-1.5.0.12-7.el5.i386.rpm

x86_64:
e1b690ba4dfdd41e20aacfbb9d8fbb9a  firefox-1.5.0.12-7.el5.i386.rpm
88f3e7c170437da320696055350436dc  firefox-1.5.0.12-7.el5.x86_64.rpm
e576368db6ed9eb70c65a596d5d684aa  firefox-debuginfo-1.5.0.12-7.el5.i386.rpm
bdddabfbc73567c7537291b931abee4c  firefox-debuginfo-1.5.0.12-7.el5.x86_64.rpm

RHEL Desktop Workstation (v. 5 client):

SRPMS:
9e6f9f8659b25e6420a1f395bbe09896  firefox-1.5.0.12-7.el5.src.rpm

i386:
e576368db6ed9eb70c65a596d5d684aa  firefox-debuginfo-1.5.0.12-7.el5.i386.rpm
06509ba586d9f37e71483107137f7843  firefox-devel-1.5.0.12-7.el5.i386.rpm

x86_64:
e576368db6ed9eb70c65a596d5d684aa  firefox-debuginfo-1.5.0.12-7.el5.i386.rpm
bdddabfbc73567c7537291b931abee4c  firefox-debuginfo-1.5.0.12-7.el5.x86_64.rpm
06509ba586d9f37e71483107137f7843  firefox-devel-1.5.0.12-7.el5.i386.rpm
ca90b71f3c70b0543a91cea11aec9b08  firefox-devel-1.5.0.12-7.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

SRPMS:
9e6f9f8659b25e6420a1f395bbe09896  firefox-1.5.0.12-7.el5.src.rpm

i386:
e1b690ba4dfdd41e20aacfbb9d8fbb9a  firefox-1.5.0.12-7.el5.i386.rpm
e576368db6ed9eb70c65a596d5d684aa  firefox-debuginfo-1.5.0.12-7.el5.i386.rpm
06509ba586d9f37e71483107137f7843  firefox-devel-1.5.0.12-7.el5.i386.rpm

ia64:
695649f81669a4bafb978c88c642a39d  firefox-1.5.0.12-7.el5.ia64.rpm
ca793f2ebcfc331a8e268959ee4d6eb4  firefox-debuginfo-1.5.0.12-7.el5.ia64.rpm
e83a2c4bbf2b8a8047eff54a92c73cf0  firefox-devel-1.5.0.12-7.el5.ia64.rpm

ppc:
2cd4f2936f18ce3aadc7738dcd1f64a5  firefox-1.5.0.12-7.el5.ppc.rpm
07bde30423e53504cac2c903b98f166d  firefox-debuginfo-1.5.0.12-7.el5.ppc.rpm
f974e753a4a1406e0f2c765bd1c6a903  firefox-devel-1.5.0.12-7.el5.ppc.rpm

s390x:
275ec90ac2e5119ef3a368f3635a6bed  firefox-1.5.0.12-7.el5.s390.rpm
f555a92ba6d9ccdab5b4f02dc6e0d486  firefox-1.5.0.12-7.el5.s390x.rpm
801eeef24bc79972ffeac00345bc4826  firefox-debuginfo-1.5.0.12-7.el5.s390.rpm
ddeb88632059d8fde675a8bbcb81bb0f  firefox-debuginfo-1.5.0.12-7.el5.s390x.rpm
6047f5e8ba382cca4e49bd203382ff33  firefox-devel-1.5.0.12-7.el5.s390.rpm
9ecba47676489b65b5975f32c3332d0f  firefox-devel-1.5.0.12-7.el5.s390x.rpm

x86_64:
e1b690ba4dfdd41e20aacfbb9d8fbb9a  firefox-1.5.0.12-7.el5.i386.rpm
88f3e7c170437da320696055350436dc  firefox-1.5.0.12-7.el5.x86_64.rpm
e576368db6ed9eb70c65a596d5d684aa  firefox-debuginfo-1.5.0.12-7.el5.i386.rpm
bdddabfbc73567c7537291b931abee4c  firefox-debuginfo-1.5.0.12-7.el5.x86_64.rpm
06509ba586d9f37e71483107137f7843  firefox-devel-1.5.0.12-7.el5.i386.rpm
ca90b71f3c70b0543a91cea11aec9b08  firefox-devel-1.5.0.12-7.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://access.redhat.com/security/team/key#package

7. References:

https://www.cve.org/CVERecord?id=CVE-2007-5947
https://www.cve.org/CVERecord?id=CVE-2007-5959
https://www.cve.org/CVERecord?id=CVE-2007-5960
https://access.redhat.com/security/updates/classification#critical

8. Contact:

The Red Hat security contact is .  More contact
details at https://access.redhat.com/security/team/contact

Copyright 2007 Red Hat, Inc.

Red Hat 4 & 5: RHSA-2007:1082-01 Critical: firefox security update

red hat
Calendar Grey November 26, 2007
Dist Redhat Esm H88
Essential Red Hat security patch for chrome mitigates cross-site scripting vulnerabilities and assorted issues. Act promptly!
Updated firefox packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by...

Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at

5. Bug IDs fixed (https://bugzilla.redhat.com/):

394211 - CVE-2007-5947 Mozilla jar: protocol XSS 394241 - CVE-2007-5959 Multiple flaws in Firefox 394261 - CVE-2007-5960 Mozilla Cross-site Request Forgery flaw

6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS: e2c978d4b14f9cf19a8e39de02583008 firefox-1.5.0.12-0.8.el4.src.rpm

i386: 7c65767dfdaed3f752ff8d2432bbbb87 firefox-1.5.0.12-0.8.el4.i386.rpm f370caeea0a992722a3856d63da52b1f firefox-debuginfo-1.5.0.12-0.8.el4.i386.rpm

ia64: 1cf6f4a4b1555f8da1c9f6a69ad7f51a firefox-1.5.0.12-0.8.el4.ia64.rpm 82eb56cadb11007f53a485bb4278f13a firefox-debuginfo-1.5.0.12-0.8.el4.ia64.rpm

ppc: 2849e6a776fe9d7427f373d2634051bd firefox-1.5.0.12-0.8.el4.ppc.rpm 20e0e2ef9266025221beca008d75eaa0 firefox-debuginfo-1.5.0.12-0.8.el4.ppc.rpm

s390: 39c83103495fb726421799de80f8553d firefox-1.5.0.12-0.8.el4.s390.rpm d899e6879dbae602227a1326a78d92d2 firefox-debuginfo-1.5.0.12-0.8.el4.s390.rpm

s390x: 719c9da1a4d6c07b5ffa970859d687bf firefox-1.5.0.12-0.8.el4.s390x.rpm baa53ea0dd0d4e423acbdbbf06eb9363 firefox-debuginfo-1.5.0.12-0.8.el4.s390x.rpm

x86_64: 07ae1640a44aed479a5d6afb668ed6ee firefox-1.5.0.12-0.8.el4.x86_64.rpm bf2c92230f3dcd965145c900eac0e803 firefox-debuginfo-1.5.0.12-0.8.el4.x86_64.rpm

Red Hat Enterprise Linux AS version 4.5.z:

SRPMS: e2c978d4b14f9cf19a8e39de02583008 firefox-1.5.0.12-0.8.el4.src.rpm

i386: 7c65767dfdaed3f752ff8d2432bbbb87 firefox-1.5.0.12-0.8.el4.i386.rpm f370caeea0a992722a3856d63da52b1f firefox-debuginfo-1.5.0.12-0.8.el4.i386.rpm

ia64: 1cf6f4a4b1555f8da1c9f6a69ad7f51a firefox-1.5.0.12-0.8.el4.ia64.rpm 82eb56cadb11007f53a485bb4278f13a firefox-debuginfo-1.5.0.12-0.8.el4.ia64.rpm

ppc: 2849e6a776fe9d7427f373d2634051bd firefox-1.5.0.12-0.8.el4.ppc.rpm 20e0e2ef9266025221beca008d75eaa0 firefox-debuginfo-1.5.0.12-0.8.el4.ppc.rpm

s390: 39c83103495fb726421799de80f8553d firefox-1.5.0.12-0.8.el4.s390.rpm d899e6879dbae602227a1326a78d92d2 firefox-debuginfo-1.5.0.12-0.8.el4.s390.rpm

s390x: 719c9da1a4d6c07b5ffa970859d687bf firefox-1.5.0.12-0.8.el4.s390x.rpm baa53ea0dd0d4e423acbdbbf06eb9363 firefox-debuginfo-1.5.0.12-0.8.el4.s390x.rpm

x86_64: 07ae1640a44aed479a5d6afb668ed6ee firefox-1.5.0.12-0.8.el4.x86_64.rpm bf2c92230f3dcd965145c900eac0e803 firefox-debuginfo-1.5.0.12-0.8.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS: e2c978d4b14f9cf19a8e39de02583008 firefox-1.5.0.12-0.8.el4.src.rpm

i386: 7c65767dfdaed3f752ff8d2432bbbb87 firefox-1.5.0.12-0.8.el4.i386.rpm f370caeea0a992722a3856d63da52b1f firefox-debuginfo-1.5.0.12-0.8.el4.i386.rpm

x86_64: 07ae1640a44aed479a5d6afb668ed6ee firefox-1.5.0.12-0.8.el4.x86_64.rpm bf2c92230f3dcd965145c900eac0e803 firefox-debuginfo-1.5.0.12-0.8.el4.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS: e2c978d4b14f9cf19a8e39de02583008 firefox-1.5.0.12-0.8.el4.src.rpm

i386: 7c65767dfdaed3f752ff8d2432bbbb87 firefox-1.5.0.12-0.8.el4.i386.rpm f370caeea0a992722a3856d63da52b1f firefox-debuginfo-1.5.0.12-0.8.el4.i386.rpm

ia64: 1cf6f4a4b1555f8da1c9f6a69ad7f51a firefox-1.5.0.12-0.8.el4.ia64.rpm 82eb56cadb11007f53a485bb4278f13a firefox-debuginfo-1.5.0.12-0.8.el4.ia64.rpm

x86_64: 07ae1640a44aed479a5d6afb668ed6ee firefox-1.5.0.12-0.8.el4.x86_64.rpm bf2c92230f3dcd965145c900eac0e803 firefox-debuginfo-1.5.0.12-0.8.el4.x86_64.rpm

Red Hat Enterprise Linux ES version 4.5.z:

SRPMS: e2c978d4b14f9cf19a8e39de02583008 firefox-1.5.0.12-0.8.el4.src.rpm

i386: 7c65767dfdaed3f752ff8d2432bbbb87 firefox-1.5.0.12-0.8.el4.i386.rpm f370caeea0a992722a3856d63da52b1f firefox-debuginfo-1.5.0.12-0.8.el4.i386.rpm

ia64: 1cf6f4a4b1555f8da1c9f6a69ad7f51a firefox-1.5.0.12-0.8.el4.ia64.rpm 82eb56cadb11007f53a485bb4278f13a firefox-debuginfo-1.5.0.12-0.8.el4.ia64.rpm

x86_64: 07ae1640a44aed479a5d6afb668ed6ee firefox-1.5.0.12-0.8.el4.x86_64.rpm bf2c92230f3dcd965145c900eac0e803 firefox-debuginfo-1.5.0.12-0.8.el4.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS: e2c978d4b14f9cf19a8e39de02583008 firefox-1.5.0.12-0.8.el4.src.rpm

i386: 7c65767dfdaed3f752ff8d2432bbbb87 firefox-1.5.0.12-0.8.el4.i386.rpm f370caeea0a992722a3856d63da52b1f firefox-debuginfo-1.5.0.12-0.8.el4.i386.rpm

ia64: 1cf6f4a4b1555f8da1c9f6a69ad7f51a firefox-1.5.0.12-0.8.el4.ia64.rpm 82eb56cadb11007f53a485bb4278f13a firefox-debuginfo-1.5.0.12-0.8.el4.ia64.rpm

x86_64: 07ae1640a44aed479a5d6afb668ed6ee firefox-1.5.0.12-0.8.el4.x86_64.rpm bf2c92230f3dcd965145c900eac0e803 firefox-debuginfo-1.5.0.12-0.8.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop (v. 5 client):

SRPMS: 9e6f9f8659b25e6420a1f395bbe09896 firefox-1.5.0.12-7.el5.src.rpm

i386: e1b690ba4dfdd41e20aacfbb9d8fbb9a firefox-1.5.0.12-7.el5.i386.rpm e576368db6ed9eb70c65a596d5d684aa firefox-debuginfo-1.5.0.12-7.el5.i386.rpm

x86_64: e1b690ba4dfdd41e20aacfbb9d8fbb9a firefox-1.5.0.12-7.el5.i386.rpm 88f3e7c170437da320696055350436dc firefox-1.5.0.12-7.el5.x86_64.rpm e576368db6ed9eb70c65a596d5d684aa firefox-debuginfo-1.5.0.12-7.el5.i386.rpm bdddabfbc73567c7537291b931abee4c firefox-debuginfo-1.5.0.12-7.el5.x86_64.rpm

RHEL Desktop Workstation (v. 5 client):

SRPMS: 9e6f9f8659b25e6420a1f395bbe09896 firefox-1.5.0.12-7.el5.src.rpm

i386: e576368db6ed9eb70c65a596d5d684aa firefox-debuginfo-1.5.0.12-7.el5.i386.rpm 06509ba586d9f37e71483107137f7843 firefox-devel-1.5.0.12-7.el5.i386.rpm

x86_64: e576368db6ed9eb70c65a596d5d684aa firefox-debuginfo-1.5.0.12-7.el5.i386.rpm bdddabfbc73567c7537291b931abee4c firefox-debuginfo-1.5.0.12-7.el5.x86_64.rpm 06509ba586d9f37e71483107137f7843 firefox-devel-1.5.0.12-7.el5.i386.rpm ca90b71f3c70b0543a91cea11aec9b08 firefox-devel-1.5.0.12-7.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

SRPMS: 9e6f9f8659b25e6420a1f395bbe09896 firefox-1.5.0.12-7.el5.src.rpm

i386: e1b690ba4dfdd41e20aacfbb9d8fbb9a firefox-1.5.0.12-7.el5.i386.rpm e576368db6ed9eb70c65a596d5d684aa firefox-debuginfo-1.5.0.12-7.el5.i386.rpm 06509ba586d9f37e71483107137f7843 firefox-devel-1.5.0.12-7.el5.i386.rpm

ia64: 695649f81669a4bafb978c88c642a39d firefox-1.5.0.12-7.el5.ia64.rpm ca793f2ebcfc331a8e268959ee4d6eb4 firefox-debuginfo-1.5.0.12-7.el5.ia64.rpm e83a2c4bbf2b8a8047eff54a92c73cf0 firefox-devel-1.5.0.12-7.el5.ia64.rpm

ppc: 2cd4f2936f18ce3aadc7738dcd1f64a5 firefox-1.5.0.12-7.el5.ppc.rpm 07bde30423e53504cac2c903b98f166d firefox-debuginfo-1.5.0.12-7.el5.ppc.rpm f974e753a4a1406e0f2c765bd1c6a903 firefox-devel-1.5.0.12-7.el5.ppc.rpm

s390x: 275ec90ac2e5119ef3a368f3635a6bed firefox-1.5.0.12-7.el5.s390.rpm f555a92ba6d9ccdab5b4f02dc6e0d486 firefox-1.5.0.12-7.el5.s390x.rpm 801eeef24bc79972ffeac00345bc4826 firefox-debuginfo-1.5.0.12-7.el5.s390.rpm ddeb88632059d8fde675a8bbcb81bb0f firefox-debuginfo-1.5.0.12-7.el5.s390x.rpm 6047f5e8ba382cca4e49bd203382ff33 firefox-devel-1.5.0.12-7.el5.s390.rpm 9ecba47676489b65b5975f32c3332d0f firefox-devel-1.5.0.12-7.el5.s390x.rpm

x86_64: e1b690ba4dfdd41e20aacfbb9d8fbb9a firefox-1.5.0.12-7.el5.i386.rpm 88f3e7c170437da320696055350436dc firefox-1.5.0.12-7.el5.x86_64.rpm e576368db6ed9eb70c65a596d5d684aa firefox-debuginfo-1.5.0.12-7.el5.i386.rpm bdddabfbc73567c7537291b931abee4c firefox-debuginfo-1.5.0.12-7.el5.x86_64.rpm 06509ba586d9f37e71483107137f7843 firefox-devel-1.5.0.12-7.el5.i386.rpm ca90b71f3c70b0543a91cea11aec9b08 firefox-devel-1.5.0.12-7.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package

Summary

Topics%20covered

Topics Covered

security advisory cross-site scripting critical update Red Hat Enterprise firefox security

References

https://www.cve.org/CVERecord?id=CVE-2007-5947 https://www.cve.org/CVERecord?id=CVE-2007-5959 https://www.cve.org/CVERecord?id=CVE-2007-5960 https://access.redhat.com/security/updates/classification#critical

Package List


Severity
critical
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2007:1082-01
Advisory URL: https://access.redhat.com/errata/RHSA-2007:1082.html
Issue date: 2007-11-26
Updated on: 2007-11-26
Product: Red Hat Enterprise Linux

Topic

Topics%20covered

Topics Covered

security advisory cross-site scripting critical update Red Hat Enterprise firefox security

Relevant Releases Architectures

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64

Red Hat Enterprise Linux AS version 4.5.z - i386, ia64, ppc, s390, s390x, x86_64

Red Hat Enterprise Linux Desktop version 4 - i386, x86_64

Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64

Red Hat Enterprise Linux ES version 4.5.z - i386, ia64, x86_64

Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64

RHEL Desktop Workstation (v. 5 client) - i386, x86_64

Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here