Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Critical Firefox Security Patch Update for Scientific Linux 5 and 6

Scientific Large Esm H446
Critical: firefox security update
Date: Tue, 8 Jan 2013 08:51:36 -0600
Reply-To: Pat Riehecky 
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Organization: Fermilab
Subject: FASTBUGS for SL 6x i386, x86_64 now available
MIME-Version: 1.0

The following FASTBUGS have been uploaded to

i386:
biosdevname-0.3.11-1.el6_3.1.i686.rpm
tomcat6-6.0.24-48.el6_3.noarch.rpm
tomcat6-admin-webapps-6.0.24-48.el6_3.noarch.rpm
tomcat6-docs-webapp-6.0.24-48.el6_3.noarch.rpm
tomcat6-el-2.1-api-6.0.24-48.el6_3.noarch.rpm
tomcat6-javadoc-6.0.24-48.el6_3.noarch.rpm
tomcat6-jsp-2.1-api-6.0.24-48.el6_3.noarch.rpm
tomcat6-lib-6.0.24-48.el6_3.noarch.rpm
tomcat6-servlet-2.5-api-6.0.24-48.el6_3.noarch.rpm
tomcat6-webapps-6.0.24-48.el6_3.noarch.rpm

x86_64:
biosdevname-0.3.11-1.el6_3.1.x86_64.rpm
qemu-guest-agent-0.12.1.2-2.295.el6_3.5.x86_64.rpm
qemu-img-0.12.1.2-2.295.el6_3.5.x86_64.rpm
qemu-kvm-0.12.1.2-2.295.el6_3.5.x86_64.rpm
qemu-kvm-tools-0.12.1.2-2.295.el6_3.5.x86_64.rpm
tomcat6-6.0.24-48.el6_3.noarch.rpm
tomcat6-admin-webapps-6.0.24-48.el6_3.noarch.rpm
tomcat6-docs-webapp-6.0.24-48.el6_3.noarch.rpm
tomcat6-el-2.1-api-6.0.24-48.el6_3.noarch.rpm
tomcat6-javadoc-6.0.24-48.el6_3.noarch.rpm
tomcat6-jsp-2.1-api-6.0.24-48.el6_3.noarch.rpm
tomcat6-lib-6.0.24-48.el6_3.noarch.rpm
tomcat6-servlet-2.5-api-6.0.24-48.el6_3.noarch.rpm
tomcat6-webapps-6.0.24-48.el6_3.noarch.rpm
Date: Tue, 8 Jan 2013 08:51:37 -0600
Reply-To: Pat Riehecky 
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Organization: Fermilab
Subject: FASTBUGS for SL 5x i386, x86_64 now available
MIME-Version: 1.0

The following FASTBUGS have been uploaded to

i386:
bind-9.3.6-20.P1.el5_8.6.i386.rpm
bind97-9.7.0-10.P2.el5_8.5.i386.rpm
bind97-chroot-9.7.0-10.P2.el5_8.5.i386.rpm
bind97-devel-9.7.0-10.P2.el5_8.5.i386.rpm
bind97-libs-9.7.0-10.P2.el5_8.5.i386.rpm
bind97-utils-9.7.0-10.P2.el5_8.5.i386.rpm
bind-chroot-9.3.6-20.P1.el5_8.6.i386.rpm
bind-devel-9.3.6-20.P1.el5_8.6.i386.rpm
bind-libbind-devel-9.3.6-20.P1.el5_8.6.i386.rpm
bind-libs-9.3.6-20.P1.el5_8.6.i386.rpm
bind-sdb-9.3.6-20.P1.el5_8.6.i386.rpm
bind-utils-9.3.6-20.P1.el5_8.6.i386.rpm
caching-nameserver-9.3.6-20.P1.el5_8.6.i386.rpm
device-mapper-multipath-0.4.7-48.el5_8.2.i386.rpm
gtk2-2.10.4-23.el5_8.i386.rpm
gtk2-devel-2.10.4-23.el5_8.i386.rpm
kpartx-0.4.7-48.el5_8.2.i386.rpm

x86_64:
bind-9.3.6-20.P1.el5_8.6.x86_64.rpm
bind97-9.7.0-10.P2.el5_8.5.x86_64.rpm
bind97-chroot-9.7.0-10.P2.el5_8.5.x86_64.rpm
bind97-devel-9.7.0-10.P2.el5_8.5.i386.rpm
bind97-devel-9.7.0-10.P2.el5_8.5.x86_64.rpm
bind97-libs-9.7.0-10.P2.el5_8.5.i386.rpm
bind97-libs-9.7.0-10.P2.el5_8.5.x86_64.rpm
bind97-utils-9.7.0-10.P2.el5_8.5.x86_64.rpm
bind-chroot-9.3.6-20.P1.el5_8.6.x86_64.rpm
bind-devel-9.3.6-20.P1.el5_8.6.i386.rpm
bind-devel-9.3.6-20.P1.el5_8.6.x86_64.rpm
bind-libbind-devel-9.3.6-20.P1.el5_8.6.i386.rpm
bind-libbind-devel-9.3.6-20.P1.el5_8.6.x86_64.rpm
bind-libs-9.3.6-20.P1.el5_8.6.i386.rpm
bind-libs-9.3.6-20.P1.el5_8.6.x86_64.rpm
bind-sdb-9.3.6-20.P1.el5_8.6.x86_64.rpm
bind-utils-9.3.6-20.P1.el5_8.6.x86_64.rpm
caching-nameserver-9.3.6-20.P1.el5_8.6.x86_64.rpm
device-mapper-multipath-0.4.7-48.el5_8.2.x86_64.rpm
gtk2-2.10.4-23.el5_8.i386.rpm
gtk2-2.10.4-23.el5_8.x86_64.rpm
gtk2-devel-2.10.4-23.el5_8.i386.rpm
gtk2-devel-2.10.4-23.el5_8.x86_64.rpm
kpartx-0.4.7-48.el5_8.2.x86_64.rpm
Date: Thu, 10 Jan 2013 10:02:22 -0600
Reply-To: Pat Riehecky 
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Organization: Fermilab
Subject: Security ERRATA Critical: firefox on SL5.x, SL6.x i386/x86_64
MIME-Version: 1.0

Synopsis: Critical: firefox security update
Issue Date: 2013-01-08
CVE Numbers: CVE-2013-0769
 CVE-2013-0762
 CVE-2013-0766
 CVE-2013-0767
 CVE-2013-0759
 CVE-2013-0744
 CVE-2013-0746
 CVE-2013-0748
 CVE-2013-0750
 CVE-2013-0758
 CVE-2013-0753
 CVE-2013-0754
--

Several flaws were found in the processing of malformed web content. A
web page
containing malicious content could cause Firefox to crash or, potentially,
execute arbitrary code with the privileges of the user running Firefox.
(CVE-2013-0744, CVE-2013-0746, CVE-2013-0750, CVE-2013-0753, CVE-2013-0754,
CVE-2013-0762, CVE-2013-0766, CVE-2013-0767, CVE-2013-0769)

A flaw was found in the way Chrome Object Wrappers were implemented.
Malicious
content could be used to cause Firefox to execute arbitrary code via
plug-ins
installed in Firefox. (CVE-2013-0758)

A flaw in the way Firefox displayed URL values in the address bar could
allow a
malicious site or user to perform a phishing attack. (CVE-2013-0759)

An information disclosure flaw was found in the way certain JavaScript
functions were implemented in Firefox. An attacker could use this flaw to
bypass Address Space Layout Randomization (ASLR) and other security
restrictions. (CVE-2013-0748)

After installing the update, Firefox must be restarted for the changes to
take effect.
--

SL5
 x86_64
 firefox-10.0.12-1.el5_9.i386.rpm
 firefox-10.0.12-1.el5_9.x86_64.rpm
 firefox-debuginfo-10.0.12-1.el5_9.i386.rpm
 firefox-debuginfo-10.0.12-1.el5_9.x86_64.rpm
 xulrunner-10.0.12-1.el5_9.i386.rpm
 xulrunner-10.0.12-1.el5_9.x86_64.rpm
 xulrunner-debuginfo-10.0.12-1.el5_9.i386.rpm
 xulrunner-debuginfo-10.0.12-1.el5_9.x86_64.rpm
 xulrunner-devel-10.0.12-1.el5_9.i386.rpm
 xulrunner-devel-10.0.12-1.el5_9.x86_64.rpm
 i386
 firefox-10.0.12-1.el5_9.i386.rpm
 firefox-debuginfo-10.0.12-1.el5_9.i386.rpm
 xulrunner-10.0.12-1.el5_9.i386.rpm
 xulrunner-debuginfo-10.0.12-1.el5_9.i386.rpm
 xulrunner-devel-10.0.12-1.el5_9.i386.rpm
SL6
 x86_64
 firefox-10.0.12-1.el6_3.i686.rpm
 firefox-10.0.12-1.el6_3.x86_64.rpm
 firefox-debuginfo-10.0.12-1.el6_3.i686.rpm
 firefox-debuginfo-10.0.12-1.el6_3.x86_64.rpm
 xulrunner-10.0.12-1.el6_3.i686.rpm
 xulrunner-10.0.12-1.el6_3.x86_64.rpm
 xulrunner-debuginfo-10.0.12-1.el6_3.i686.rpm
 xulrunner-debuginfo-10.0.12-1.el6_3.x86_64.rpm
 xulrunner-devel-10.0.12-1.el6_3.i686.rpm
 xulrunner-devel-10.0.12-1.el6_3.x86_64.rpm
 i386
 firefox-10.0.12-1.el6_3.i686.rpm
 firefox-debuginfo-10.0.12-1.el6_3.i686.rpm
 xulrunner-10.0.12-1.el6_3.i686.rpm
 xulrunner-debuginfo-10.0.12-1.el6_3.i686.rpm
 xulrunner-devel-10.0.12-1.el6_3.i686.rpm

- Scientific Linux Development Team
Your message here