- ---------------------------------------------------------------------                   Red Hat Security Advisory

Synopsis:          Critical: firefox security update
Advisory ID:       RHSA-2007:0400-01
Advisory URL:      https://access.redhat.com/errata/RHSA-2007:0400.html
Issue date:        2007-05-30
Updated on:        2007-05-30
Product:           Red Hat Enterprise Linux
CVE Names:         CVE-2007-1362 CVE-2007-1562 CVE-2007-2867 
                   CVE-2007-2868 CVE-2007-2869 CVE-2007-2870 
                   CVE-2007-2871 
- ---------------------------------------------------------------------1. Summary:

Updated firefox packages that fix several security bugs are now available
for Red Hat Enterprise Linux 4 and 5.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64

3. Problem description:

Mozilla Firefox is an open source Web browser.

Several flaws were found in the way Firefox processed certain malformed
JavaScript code. A web page containing malicious JavaScript code could
cause Firefox to crash or potentially execute arbitrary code as the user
running Firefox. (CVE-2007-2867, CVE-2007-2868)

A flaw was found in the way Firefox handled certain FTP PASV commands. A
malicious FTP server could use this flaw to perform a rudimentary
port-scan of machines behind a user's firewall. (CVE-2007-1562)

Several denial of service flaws were found in the way Firefox handled
certain form and cookie data. A malicious web site that is able to set
arbitrary form and cookie data could prevent Firefox from
functioning properly. (CVE-2007-1362, CVE-2007-2869)

A flaw was found in the way Firefox handled the addEventListener
JavaScript method. A malicious web site could use this method to access or
modify sensitive data from another web site. (CVE-2007-2870)

A flaw was found in the way Firefox displayed certain web content. A
malicious web page could generate content that would overlay user
interface elements such as the hostname and security indicators, tricking 
users into thinking they are visiting a different site. (CVE-2007-2871)

Users of Firefox are advised to upgrade to these erratum packages, which
contain Firefox version 1.5.0.12 that corrects these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  

This update is available via Red Hat Network.  Details on how to use 
the Red Hat Network to apply this update are available at

5. Bug IDs fixed (http://bugzilla.redhat.com/):

241670 - CVE-2007-1362 Multiple Firefox flaws (CVE-2007-1562, CVE-2007-2867, CVE-2007-2868, CVE-2007-2869, CVE-2007-2870, CVE-2007-2871)

6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS:
b65c0e149c9a2a99e4dd19f127301bcc  firefox-1.5.0.12-0.1.el4.src.rpm

i386:
86978cc9d7fe03d6826c77516ebdadf0  firefox-1.5.0.12-0.1.el4.i386.rpm
47e44ab5f3aabbf46d4a49188ac5fef1  firefox-debuginfo-1.5.0.12-0.1.el4.i386.rpm

ia64:
91a38b7498a5e459ad2be38100282550  firefox-1.5.0.12-0.1.el4.ia64.rpm
aa1bc419ac3f56c05c5f617840610daf  firefox-debuginfo-1.5.0.12-0.1.el4.ia64.rpm

ppc:
30e7be931ea1331c2971df5e108e50eb  firefox-1.5.0.12-0.1.el4.ppc.rpm
c65a76732d020d804326e02dc67eda35  firefox-debuginfo-1.5.0.12-0.1.el4.ppc.rpm

s390:
efb2e30a6beedd50881f3ec66db89d48  firefox-1.5.0.12-0.1.el4.s390.rpm
6e804c9d97559d8c0d7a99d01d0f1d46  firefox-debuginfo-1.5.0.12-0.1.el4.s390.rpm

s390x:
7abeac347fe36f9b99c2da0e7297407b  firefox-1.5.0.12-0.1.el4.s390x.rpm
bed63c7079f11b11196881526b84bbd7  firefox-debuginfo-1.5.0.12-0.1.el4.s390x.rpm

x86_64:
99e6f6963881507969dfc748202452df  firefox-1.5.0.12-0.1.el4.x86_64.rpm
2577b656e6e3ac5b396985878d506040  firefox-debuginfo-1.5.0.12-0.1.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
b65c0e149c9a2a99e4dd19f127301bcc  firefox-1.5.0.12-0.1.el4.src.rpm

i386:
86978cc9d7fe03d6826c77516ebdadf0  firefox-1.5.0.12-0.1.el4.i386.rpm
47e44ab5f3aabbf46d4a49188ac5fef1  firefox-debuginfo-1.5.0.12-0.1.el4.i386.rpm

x86_64:
99e6f6963881507969dfc748202452df  firefox-1.5.0.12-0.1.el4.x86_64.rpm
2577b656e6e3ac5b396985878d506040  firefox-debuginfo-1.5.0.12-0.1.el4.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
b65c0e149c9a2a99e4dd19f127301bcc  firefox-1.5.0.12-0.1.el4.src.rpm

i386:
86978cc9d7fe03d6826c77516ebdadf0  firefox-1.5.0.12-0.1.el4.i386.rpm
47e44ab5f3aabbf46d4a49188ac5fef1  firefox-debuginfo-1.5.0.12-0.1.el4.i386.rpm

ia64:
91a38b7498a5e459ad2be38100282550  firefox-1.5.0.12-0.1.el4.ia64.rpm
aa1bc419ac3f56c05c5f617840610daf  firefox-debuginfo-1.5.0.12-0.1.el4.ia64.rpm

x86_64:
99e6f6963881507969dfc748202452df  firefox-1.5.0.12-0.1.el4.x86_64.rpm
2577b656e6e3ac5b396985878d506040  firefox-debuginfo-1.5.0.12-0.1.el4.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
b65c0e149c9a2a99e4dd19f127301bcc  firefox-1.5.0.12-0.1.el4.src.rpm

i386:
86978cc9d7fe03d6826c77516ebdadf0  firefox-1.5.0.12-0.1.el4.i386.rpm
47e44ab5f3aabbf46d4a49188ac5fef1  firefox-debuginfo-1.5.0.12-0.1.el4.i386.rpm

ia64:
91a38b7498a5e459ad2be38100282550  firefox-1.5.0.12-0.1.el4.ia64.rpm
aa1bc419ac3f56c05c5f617840610daf  firefox-debuginfo-1.5.0.12-0.1.el4.ia64.rpm

x86_64:
99e6f6963881507969dfc748202452df  firefox-1.5.0.12-0.1.el4.x86_64.rpm
2577b656e6e3ac5b396985878d506040  firefox-debuginfo-1.5.0.12-0.1.el4.x86_64.rpm

Red Hat Enterprise Linux Desktop (v. 5 client):

SRPMS:
85adab21471a9e46c5d0cb5816bbbcff  devhelp-0.12-11.el5.src.rpm
b0645efeba60c77ad740a212d465b453  firefox-1.5.0.12-1.el5.src.rpm
ed0f92a5a1721891f10cfadf08b3782f  yelp-2.16.0-15.el5.src.rpm

i386:
b7958042531e8f6b5931605a0f2d17fc  devhelp-0.12-11.el5.i386.rpm
ca85406a19b36f412dfdb129b29a71c9  devhelp-debuginfo-0.12-11.el5.i386.rpm
7b959d51178a768c437bdc1fd1dc3e3c  firefox-1.5.0.12-1.el5.i386.rpm
4d1671461afeb3ec1784d591ecb134f5  firefox-debuginfo-1.5.0.12-1.el5.i386.rpm
c0e883b6c8d47a1fbce33dc3133161de  yelp-2.16.0-15.el5.i386.rpm
165c0d376519fa7f46dfef9412dfbe6d  yelp-debuginfo-2.16.0-15.el5.i386.rpm

x86_64:
b7958042531e8f6b5931605a0f2d17fc  devhelp-0.12-11.el5.i386.rpm
47012533019d250c132ebbd97e87d227  devhelp-0.12-11.el5.x86_64.rpm
ca85406a19b36f412dfdb129b29a71c9  devhelp-debuginfo-0.12-11.el5.i386.rpm
b09ba06d46894a888f8ea6ae04cf416e  devhelp-debuginfo-0.12-11.el5.x86_64.rpm
7b959d51178a768c437bdc1fd1dc3e3c  firefox-1.5.0.12-1.el5.i386.rpm
244bb754d6039cc48c144c5f45052260  firefox-1.5.0.12-1.el5.x86_64.rpm
4d1671461afeb3ec1784d591ecb134f5  firefox-debuginfo-1.5.0.12-1.el5.i386.rpm
21bf5480e44a66710ba5f90eaef52294  firefox-debuginfo-1.5.0.12-1.el5.x86_64.rpm
35f3463a249179df63b98239cf4e3cbc  yelp-2.16.0-15.el5.x86_64.rpm
6fbdcb7e6b7586a7f7c2b4a17ab2e2fa  yelp-debuginfo-2.16.0-15.el5.x86_64.rpm

RHEL Desktop Workstation (v. 5 client):

SRPMS:
85adab21471a9e46c5d0cb5816bbbcff  devhelp-0.12-11.el5.src.rpm
b0645efeba60c77ad740a212d465b453  firefox-1.5.0.12-1.el5.src.rpm

i386:
ca85406a19b36f412dfdb129b29a71c9  devhelp-debuginfo-0.12-11.el5.i386.rpm
77fe09441514cd6482f4596362485343  devhelp-devel-0.12-11.el5.i386.rpm
4d1671461afeb3ec1784d591ecb134f5  firefox-debuginfo-1.5.0.12-1.el5.i386.rpm
fa39c7e1fd6232e62b3d9a4f53acbc9b  firefox-devel-1.5.0.12-1.el5.i386.rpm

x86_64:
ca85406a19b36f412dfdb129b29a71c9  devhelp-debuginfo-0.12-11.el5.i386.rpm
b09ba06d46894a888f8ea6ae04cf416e  devhelp-debuginfo-0.12-11.el5.x86_64.rpm
77fe09441514cd6482f4596362485343  devhelp-devel-0.12-11.el5.i386.rpm
141d1df1f9e83521808efafd42f944fc  devhelp-devel-0.12-11.el5.x86_64.rpm
4d1671461afeb3ec1784d591ecb134f5  firefox-debuginfo-1.5.0.12-1.el5.i386.rpm
21bf5480e44a66710ba5f90eaef52294  firefox-debuginfo-1.5.0.12-1.el5.x86_64.rpm
fa39c7e1fd6232e62b3d9a4f53acbc9b  firefox-devel-1.5.0.12-1.el5.i386.rpm
e048eb9adb9dd967d1630c1fe4778f98  firefox-devel-1.5.0.12-1.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

SRPMS:
85adab21471a9e46c5d0cb5816bbbcff  devhelp-0.12-11.el5.src.rpm
b0645efeba60c77ad740a212d465b453  firefox-1.5.0.12-1.el5.src.rpm
ed0f92a5a1721891f10cfadf08b3782f  yelp-2.16.0-15.el5.src.rpm

i386:
b7958042531e8f6b5931605a0f2d17fc  devhelp-0.12-11.el5.i386.rpm
ca85406a19b36f412dfdb129b29a71c9  devhelp-debuginfo-0.12-11.el5.i386.rpm
77fe09441514cd6482f4596362485343  devhelp-devel-0.12-11.el5.i386.rpm
7b959d51178a768c437bdc1fd1dc3e3c  firefox-1.5.0.12-1.el5.i386.rpm
4d1671461afeb3ec1784d591ecb134f5  firefox-debuginfo-1.5.0.12-1.el5.i386.rpm
fa39c7e1fd6232e62b3d9a4f53acbc9b  firefox-devel-1.5.0.12-1.el5.i386.rpm
c0e883b6c8d47a1fbce33dc3133161de  yelp-2.16.0-15.el5.i386.rpm
165c0d376519fa7f46dfef9412dfbe6d  yelp-debuginfo-2.16.0-15.el5.i386.rpm

ia64:
bb162cf991018497ba2107bd312acb48  devhelp-0.12-11.el5.ia64.rpm
570bd03ebe8669998c0b76df1a00bbcb  devhelp-debuginfo-0.12-11.el5.ia64.rpm
b565891923dc59b5d4d8d1e9261dba0b  devhelp-devel-0.12-11.el5.ia64.rpm
76e85b583ef60111b84983938e96004d  firefox-1.5.0.12-1.el5.ia64.rpm
382d26b8141480f8937a24216936d2ce  firefox-debuginfo-1.5.0.12-1.el5.ia64.rpm
035d9cf222fe66a807e63c1d346376ac  firefox-devel-1.5.0.12-1.el5.ia64.rpm
e1fc1489d821f1175b30f7af2bf80bb2  yelp-2.16.0-15.el5.ia64.rpm
b3318cd359029f8fb0ffb49d363cda96  yelp-debuginfo-2.16.0-15.el5.ia64.rpm

ppc:
71d19c30096ca87d8fbc8740652e9a00  devhelp-0.12-11.el5.ppc.rpm
12ca05b2dcbcc34dd8c51b8e6eaf3d0b  devhelp-debuginfo-0.12-11.el5.ppc.rpm
6aefe858236f2e1e1406cd5fea314d02  devhelp-devel-0.12-11.el5.ppc.rpm
88a37e6d10a175a50737a8b6c767c561  firefox-1.5.0.12-1.el5.ppc.rpm
26398c53bc44663d49e7dabf14c37100  firefox-debuginfo-1.5.0.12-1.el5.ppc.rpm
cf551a704d6cc2f33ce8086dcb6f4884  firefox-devel-1.5.0.12-1.el5.ppc.rpm
2fda60703e56ff7998740ce624c4157c  yelp-2.16.0-15.el5.ppc.rpm
829c9d72ece2a5fcd7d4be637d799d65  yelp-debuginfo-2.16.0-15.el5.ppc.rpm

s390x:
96802b267541ad3c0d5d8253eac7a0f6  devhelp-0.12-11.el5.s390.rpm
25fdb9f47687b447a85fdabdf9df80e5  devhelp-0.12-11.el5.s390x.rpm
9691ea4d3ca3db1eeeda64de5202bdc5  devhelp-debuginfo-0.12-11.el5.s390.rpm
4f18514595059a8e7dde34a42e0089e2  devhelp-debuginfo-0.12-11.el5.s390x.rpm
fa7ccd2ecc5ef946a26963e99fbb5ce1  devhelp-devel-0.12-11.el5.s390.rpm
b4f3cbab3249f5e63c659a4787f76af1  devhelp-devel-0.12-11.el5.s390x.rpm
7ea83a23a6e3de26b34d0585b7c12d10  firefox-1.5.0.12-1.el5.s390.rpm
bd45b8871ccbcbc35ff43b25a36210fa  firefox-1.5.0.12-1.el5.s390x.rpm
09e81d147f861ec7ed9bf0a7c4aa7a5b  firefox-debuginfo-1.5.0.12-1.el5.s390.rpm
b5172e50a9ceac771a47337f79e61751  firefox-debuginfo-1.5.0.12-1.el5.s390x.rpm
71196dd2cad1dc1b89b1354937abfa22  firefox-devel-1.5.0.12-1.el5.s390.rpm
fdb884e4d38b109868c6d7445b8c454b  firefox-devel-1.5.0.12-1.el5.s390x.rpm
1b84f778dcc83da7ca2a3fd4a92206a1  yelp-2.16.0-15.el5.s390x.rpm
e7b25ab33671e71edb7b57502738f55c  yelp-debuginfo-2.16.0-15.el5.s390x.rpm

x86_64:
b7958042531e8f6b5931605a0f2d17fc  devhelp-0.12-11.el5.i386.rpm
47012533019d250c132ebbd97e87d227  devhelp-0.12-11.el5.x86_64.rpm
ca85406a19b36f412dfdb129b29a71c9  devhelp-debuginfo-0.12-11.el5.i386.rpm
b09ba06d46894a888f8ea6ae04cf416e  devhelp-debuginfo-0.12-11.el5.x86_64.rpm
77fe09441514cd6482f4596362485343  devhelp-devel-0.12-11.el5.i386.rpm
141d1df1f9e83521808efafd42f944fc  devhelp-devel-0.12-11.el5.x86_64.rpm
7b959d51178a768c437bdc1fd1dc3e3c  firefox-1.5.0.12-1.el5.i386.rpm
244bb754d6039cc48c144c5f45052260  firefox-1.5.0.12-1.el5.x86_64.rpm
4d1671461afeb3ec1784d591ecb134f5  firefox-debuginfo-1.5.0.12-1.el5.i386.rpm
21bf5480e44a66710ba5f90eaef52294  firefox-debuginfo-1.5.0.12-1.el5.x86_64.rpm
fa39c7e1fd6232e62b3d9a4f53acbc9b  firefox-devel-1.5.0.12-1.el5.i386.rpm
e048eb9adb9dd967d1630c1fe4778f98  firefox-devel-1.5.0.12-1.el5.x86_64.rpm
35f3463a249179df63b98239cf4e3cbc  yelp-2.16.0-15.el5.x86_64.rpm
6fbdcb7e6b7586a7f7c2b4a17ab2e2fa  yelp-debuginfo-2.16.0-15.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1362
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1562
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2867
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2868
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2869
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2870
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2871
http://www.redhat.com/security/updates/classification/#critical

8. Contact:

The Red Hat security contact is .  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.

RedHat: Critical: firefox security update RHSA-2007:0400-01

Updated firefox packages that fix several security bugs are now available for Red Hat Enterprise Linux 4 and 5

Summary



Summary

Mozilla Firefox is an open source Web browser. Several flaws were found in the way Firefox processed certain malformed JavaScript code. A web page containing malicious JavaScript code could cause Firefox to crash or potentially execute arbitrary code as the user running Firefox. (CVE-2007-2867, CVE-2007-2868) A flaw was found in the way Firefox handled certain FTP PASV commands. A malicious FTP server could use this flaw to perform a rudimentary port-scan of machines behind a user's firewall. (CVE-2007-1562) Several denial of service flaws were found in the way Firefox handled certain form and cookie data. A malicious web site that is able to set arbitrary form and cookie data could prevent Firefox from functioning properly. (CVE-2007-1362, CVE-2007-2869) A flaw was found in the way Firefox handled the addEventListener JavaScript method. A malicious web site could use this method to access or modify sensitive data from another web site. (CVE-2007-2870) A flaw was found in the way Firefox displayed certain web content. A malicious web page could generate content that would overlay user interface elements such as the hostname and security indicators, tricking users into thinking they are visiting a different site. (CVE-2007-2871) Users of Firefox are advised to upgrade to these erratum packages, which contain Firefox version 1.5.0.12 that corrects these issues.


Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at
5. Bug IDs fixed (http://bugzilla.redhat.com/):
241670 - CVE-2007-1362 Multiple Firefox flaws (CVE-2007-1562, CVE-2007-2867, CVE-2007-2868, CVE-2007-2869, CVE-2007-2870, CVE-2007-2871)
6. RPMs required:
Red Hat Enterprise Linux AS version 4:
SRPMS: b65c0e149c9a2a99e4dd19f127301bcc firefox-1.5.0.12-0.1.el4.src.rpm
i386: 86978cc9d7fe03d6826c77516ebdadf0 firefox-1.5.0.12-0.1.el4.i386.rpm 47e44ab5f3aabbf46d4a49188ac5fef1 firefox-debuginfo-1.5.0.12-0.1.el4.i386.rpm
ia64: 91a38b7498a5e459ad2be38100282550 firefox-1.5.0.12-0.1.el4.ia64.rpm aa1bc419ac3f56c05c5f617840610daf firefox-debuginfo-1.5.0.12-0.1.el4.ia64.rpm
ppc: 30e7be931ea1331c2971df5e108e50eb firefox-1.5.0.12-0.1.el4.ppc.rpm c65a76732d020d804326e02dc67eda35 firefox-debuginfo-1.5.0.12-0.1.el4.ppc.rpm
s390: efb2e30a6beedd50881f3ec66db89d48 firefox-1.5.0.12-0.1.el4.s390.rpm 6e804c9d97559d8c0d7a99d01d0f1d46 firefox-debuginfo-1.5.0.12-0.1.el4.s390.rpm
s390x: 7abeac347fe36f9b99c2da0e7297407b firefox-1.5.0.12-0.1.el4.s390x.rpm bed63c7079f11b11196881526b84bbd7 firefox-debuginfo-1.5.0.12-0.1.el4.s390x.rpm
x86_64: 99e6f6963881507969dfc748202452df firefox-1.5.0.12-0.1.el4.x86_64.rpm 2577b656e6e3ac5b396985878d506040 firefox-debuginfo-1.5.0.12-0.1.el4.x86_64.rpm
Red Hat Enterprise Linux Desktop version 4:
SRPMS: b65c0e149c9a2a99e4dd19f127301bcc firefox-1.5.0.12-0.1.el4.src.rpm
i386: 86978cc9d7fe03d6826c77516ebdadf0 firefox-1.5.0.12-0.1.el4.i386.rpm 47e44ab5f3aabbf46d4a49188ac5fef1 firefox-debuginfo-1.5.0.12-0.1.el4.i386.rpm
x86_64: 99e6f6963881507969dfc748202452df firefox-1.5.0.12-0.1.el4.x86_64.rpm 2577b656e6e3ac5b396985878d506040 firefox-debuginfo-1.5.0.12-0.1.el4.x86_64.rpm
Red Hat Enterprise Linux ES version 4:
SRPMS: b65c0e149c9a2a99e4dd19f127301bcc firefox-1.5.0.12-0.1.el4.src.rpm
i386: 86978cc9d7fe03d6826c77516ebdadf0 firefox-1.5.0.12-0.1.el4.i386.rpm 47e44ab5f3aabbf46d4a49188ac5fef1 firefox-debuginfo-1.5.0.12-0.1.el4.i386.rpm
ia64: 91a38b7498a5e459ad2be38100282550 firefox-1.5.0.12-0.1.el4.ia64.rpm aa1bc419ac3f56c05c5f617840610daf firefox-debuginfo-1.5.0.12-0.1.el4.ia64.rpm
x86_64: 99e6f6963881507969dfc748202452df firefox-1.5.0.12-0.1.el4.x86_64.rpm 2577b656e6e3ac5b396985878d506040 firefox-debuginfo-1.5.0.12-0.1.el4.x86_64.rpm
Red Hat Enterprise Linux WS version 4:
SRPMS: b65c0e149c9a2a99e4dd19f127301bcc firefox-1.5.0.12-0.1.el4.src.rpm
i386: 86978cc9d7fe03d6826c77516ebdadf0 firefox-1.5.0.12-0.1.el4.i386.rpm 47e44ab5f3aabbf46d4a49188ac5fef1 firefox-debuginfo-1.5.0.12-0.1.el4.i386.rpm
ia64: 91a38b7498a5e459ad2be38100282550 firefox-1.5.0.12-0.1.el4.ia64.rpm aa1bc419ac3f56c05c5f617840610daf firefox-debuginfo-1.5.0.12-0.1.el4.ia64.rpm
x86_64: 99e6f6963881507969dfc748202452df firefox-1.5.0.12-0.1.el4.x86_64.rpm 2577b656e6e3ac5b396985878d506040 firefox-debuginfo-1.5.0.12-0.1.el4.x86_64.rpm
Red Hat Enterprise Linux Desktop (v. 5 client):
SRPMS: 85adab21471a9e46c5d0cb5816bbbcff devhelp-0.12-11.el5.src.rpm b0645efeba60c77ad740a212d465b453 firefox-1.5.0.12-1.el5.src.rpm ed0f92a5a1721891f10cfadf08b3782f yelp-2.16.0-15.el5.src.rpm
i386: b7958042531e8f6b5931605a0f2d17fc devhelp-0.12-11.el5.i386.rpm ca85406a19b36f412dfdb129b29a71c9 devhelp-debuginfo-0.12-11.el5.i386.rpm 7b959d51178a768c437bdc1fd1dc3e3c firefox-1.5.0.12-1.el5.i386.rpm 4d1671461afeb3ec1784d591ecb134f5 firefox-debuginfo-1.5.0.12-1.el5.i386.rpm c0e883b6c8d47a1fbce33dc3133161de yelp-2.16.0-15.el5.i386.rpm 165c0d376519fa7f46dfef9412dfbe6d yelp-debuginfo-2.16.0-15.el5.i386.rpm
x86_64: b7958042531e8f6b5931605a0f2d17fc devhelp-0.12-11.el5.i386.rpm 47012533019d250c132ebbd97e87d227 devhelp-0.12-11.el5.x86_64.rpm ca85406a19b36f412dfdb129b29a71c9 devhelp-debuginfo-0.12-11.el5.i386.rpm b09ba06d46894a888f8ea6ae04cf416e devhelp-debuginfo-0.12-11.el5.x86_64.rpm 7b959d51178a768c437bdc1fd1dc3e3c firefox-1.5.0.12-1.el5.i386.rpm 244bb754d6039cc48c144c5f45052260 firefox-1.5.0.12-1.el5.x86_64.rpm 4d1671461afeb3ec1784d591ecb134f5 firefox-debuginfo-1.5.0.12-1.el5.i386.rpm 21bf5480e44a66710ba5f90eaef52294 firefox-debuginfo-1.5.0.12-1.el5.x86_64.rpm 35f3463a249179df63b98239cf4e3cbc yelp-2.16.0-15.el5.x86_64.rpm 6fbdcb7e6b7586a7f7c2b4a17ab2e2fa yelp-debuginfo-2.16.0-15.el5.x86_64.rpm
RHEL Desktop Workstation (v. 5 client):
SRPMS: 85adab21471a9e46c5d0cb5816bbbcff devhelp-0.12-11.el5.src.rpm b0645efeba60c77ad740a212d465b453 firefox-1.5.0.12-1.el5.src.rpm
i386: ca85406a19b36f412dfdb129b29a71c9 devhelp-debuginfo-0.12-11.el5.i386.rpm 77fe09441514cd6482f4596362485343 devhelp-devel-0.12-11.el5.i386.rpm 4d1671461afeb3ec1784d591ecb134f5 firefox-debuginfo-1.5.0.12-1.el5.i386.rpm fa39c7e1fd6232e62b3d9a4f53acbc9b firefox-devel-1.5.0.12-1.el5.i386.rpm
x86_64: ca85406a19b36f412dfdb129b29a71c9 devhelp-debuginfo-0.12-11.el5.i386.rpm b09ba06d46894a888f8ea6ae04cf416e devhelp-debuginfo-0.12-11.el5.x86_64.rpm 77fe09441514cd6482f4596362485343 devhelp-devel-0.12-11.el5.i386.rpm 141d1df1f9e83521808efafd42f944fc devhelp-devel-0.12-11.el5.x86_64.rpm 4d1671461afeb3ec1784d591ecb134f5 firefox-debuginfo-1.5.0.12-1.el5.i386.rpm 21bf5480e44a66710ba5f90eaef52294 firefox-debuginfo-1.5.0.12-1.el5.x86_64.rpm fa39c7e1fd6232e62b3d9a4f53acbc9b firefox-devel-1.5.0.12-1.el5.i386.rpm e048eb9adb9dd967d1630c1fe4778f98 firefox-devel-1.5.0.12-1.el5.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
SRPMS: 85adab21471a9e46c5d0cb5816bbbcff devhelp-0.12-11.el5.src.rpm b0645efeba60c77ad740a212d465b453 firefox-1.5.0.12-1.el5.src.rpm ed0f92a5a1721891f10cfadf08b3782f yelp-2.16.0-15.el5.src.rpm
i386: b7958042531e8f6b5931605a0f2d17fc devhelp-0.12-11.el5.i386.rpm ca85406a19b36f412dfdb129b29a71c9 devhelp-debuginfo-0.12-11.el5.i386.rpm 77fe09441514cd6482f4596362485343 devhelp-devel-0.12-11.el5.i386.rpm 7b959d51178a768c437bdc1fd1dc3e3c firefox-1.5.0.12-1.el5.i386.rpm 4d1671461afeb3ec1784d591ecb134f5 firefox-debuginfo-1.5.0.12-1.el5.i386.rpm fa39c7e1fd6232e62b3d9a4f53acbc9b firefox-devel-1.5.0.12-1.el5.i386.rpm c0e883b6c8d47a1fbce33dc3133161de yelp-2.16.0-15.el5.i386.rpm 165c0d376519fa7f46dfef9412dfbe6d yelp-debuginfo-2.16.0-15.el5.i386.rpm
ia64: bb162cf991018497ba2107bd312acb48 devhelp-0.12-11.el5.ia64.rpm 570bd03ebe8669998c0b76df1a00bbcb devhelp-debuginfo-0.12-11.el5.ia64.rpm b565891923dc59b5d4d8d1e9261dba0b devhelp-devel-0.12-11.el5.ia64.rpm 76e85b583ef60111b84983938e96004d firefox-1.5.0.12-1.el5.ia64.rpm 382d26b8141480f8937a24216936d2ce firefox-debuginfo-1.5.0.12-1.el5.ia64.rpm 035d9cf222fe66a807e63c1d346376ac firefox-devel-1.5.0.12-1.el5.ia64.rpm e1fc1489d821f1175b30f7af2bf80bb2 yelp-2.16.0-15.el5.ia64.rpm b3318cd359029f8fb0ffb49d363cda96 yelp-debuginfo-2.16.0-15.el5.ia64.rpm
ppc: 71d19c30096ca87d8fbc8740652e9a00 devhelp-0.12-11.el5.ppc.rpm 12ca05b2dcbcc34dd8c51b8e6eaf3d0b devhelp-debuginfo-0.12-11.el5.ppc.rpm 6aefe858236f2e1e1406cd5fea314d02 devhelp-devel-0.12-11.el5.ppc.rpm 88a37e6d10a175a50737a8b6c767c561 firefox-1.5.0.12-1.el5.ppc.rpm 26398c53bc44663d49e7dabf14c37100 firefox-debuginfo-1.5.0.12-1.el5.ppc.rpm cf551a704d6cc2f33ce8086dcb6f4884 firefox-devel-1.5.0.12-1.el5.ppc.rpm 2fda60703e56ff7998740ce624c4157c yelp-2.16.0-15.el5.ppc.rpm 829c9d72ece2a5fcd7d4be637d799d65 yelp-debuginfo-2.16.0-15.el5.ppc.rpm
s390x: 96802b267541ad3c0d5d8253eac7a0f6 devhelp-0.12-11.el5.s390.rpm 25fdb9f47687b447a85fdabdf9df80e5 devhelp-0.12-11.el5.s390x.rpm 9691ea4d3ca3db1eeeda64de5202bdc5 devhelp-debuginfo-0.12-11.el5.s390.rpm 4f18514595059a8e7dde34a42e0089e2 devhelp-debuginfo-0.12-11.el5.s390x.rpm fa7ccd2ecc5ef946a26963e99fbb5ce1 devhelp-devel-0.12-11.el5.s390.rpm b4f3cbab3249f5e63c659a4787f76af1 devhelp-devel-0.12-11.el5.s390x.rpm 7ea83a23a6e3de26b34d0585b7c12d10 firefox-1.5.0.12-1.el5.s390.rpm bd45b8871ccbcbc35ff43b25a36210fa firefox-1.5.0.12-1.el5.s390x.rpm 09e81d147f861ec7ed9bf0a7c4aa7a5b firefox-debuginfo-1.5.0.12-1.el5.s390.rpm b5172e50a9ceac771a47337f79e61751 firefox-debuginfo-1.5.0.12-1.el5.s390x.rpm 71196dd2cad1dc1b89b1354937abfa22 firefox-devel-1.5.0.12-1.el5.s390.rpm fdb884e4d38b109868c6d7445b8c454b firefox-devel-1.5.0.12-1.el5.s390x.rpm 1b84f778dcc83da7ca2a3fd4a92206a1 yelp-2.16.0-15.el5.s390x.rpm e7b25ab33671e71edb7b57502738f55c yelp-debuginfo-2.16.0-15.el5.s390x.rpm
x86_64: b7958042531e8f6b5931605a0f2d17fc devhelp-0.12-11.el5.i386.rpm 47012533019d250c132ebbd97e87d227 devhelp-0.12-11.el5.x86_64.rpm ca85406a19b36f412dfdb129b29a71c9 devhelp-debuginfo-0.12-11.el5.i386.rpm b09ba06d46894a888f8ea6ae04cf416e devhelp-debuginfo-0.12-11.el5.x86_64.rpm 77fe09441514cd6482f4596362485343 devhelp-devel-0.12-11.el5.i386.rpm 141d1df1f9e83521808efafd42f944fc devhelp-devel-0.12-11.el5.x86_64.rpm 7b959d51178a768c437bdc1fd1dc3e3c firefox-1.5.0.12-1.el5.i386.rpm 244bb754d6039cc48c144c5f45052260 firefox-1.5.0.12-1.el5.x86_64.rpm 4d1671461afeb3ec1784d591ecb134f5 firefox-debuginfo-1.5.0.12-1.el5.i386.rpm 21bf5480e44a66710ba5f90eaef52294 firefox-debuginfo-1.5.0.12-1.el5.x86_64.rpm fa39c7e1fd6232e62b3d9a4f53acbc9b firefox-devel-1.5.0.12-1.el5.i386.rpm e048eb9adb9dd967d1630c1fe4778f98 firefox-devel-1.5.0.12-1.el5.x86_64.rpm 35f3463a249179df63b98239cf4e3cbc yelp-2.16.0-15.el5.x86_64.rpm 6fbdcb7e6b7586a7f7c2b4a17ab2e2fa yelp-debuginfo-2.16.0-15.el5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1362 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1562 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2867 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2868 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2869 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2870 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2871 http://www.redhat.com/security/updates/classification/#critical

Package List


Severity
Advisory ID: RHSA-2007:0400-01
Advisory URL: https://access.redhat.com/errata/RHSA-2007:0400.html
Issued Date: : 2007-05-30
Updated on: 2007-05-30
Product: Red Hat Enterprise Linux
CVE Names: CVE-2007-1362 CVE-2007-1562 CVE-2007-2867 CVE-2007-2868 CVE-2007-2869 CVE-2007-2870 CVE-2007-2871 Updated firefox packages that fix several security bugs are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team.

Topic


Topic


 

Relevant Releases Architectures

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64

Red Hat Enterprise Linux Desktop version 4 - i386, x86_64

Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64

Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64

RHEL Desktop Workstation (v. 5 client) - i386, x86_64

Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64


Bugs Fixed


Related News

4.Lock AbstractDigital Esm H320
1 - 2 min read
Nmap 7.95 introduces myriad enhancements, primarily focusing on OS and service detection signatures. This reflects the dedication of the Nmap
5.ShakingHands Esm H320
3 - 5 min read
There has been a promising shift in the tech industry, with major companies pledging to release products with built-in security features. This
18.WifiCutout Landscape Esm H320
2 - 3 min read
A novel attack called TunnelVision has been discovered. It compromises the security of virtually all VPN apps, rendering their purpose useless. The
21.Globe RadiatingCode Esm H320
2 - 3 min read
The recent discovery of a backdoor in XZ Utils , a widely used Linux tool, raises concerns about the security of the open-source ecosystem. While
13.Lock StylizedMotherboard Esm H320
1 - 2 min read
Spiral Linux is a Debian-based distribution that offers a range of desktop environments, making it stand out from other Linux distributions. In
32.Lock Code Circular Esm H320
2 - 3 min read
Two critical security vulnerabilities were found in pgAdmin, the open-source administration tool for PostgreSQL . The vulnerabilities assigned
1.Penguin Landscape Esm H320
2 - 3 min read
The recent release of AlmaLinux 9.4 , closely aligned with Red Hat Enterprise Linux (RHEL) 9.4 , presents Linux admins and infosec professionals
11.Locks IsometricPattern Esm H320
2 - 3 min read
The upcoming release of Linux Mint 22 will introduce significant changes, particularly in handling XApp , GNOME applications, and the Software

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved