Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 454
Alerts This Week
Warning Icon 1 454

Scientific Linux: SLSA-2013:1268-1 Critical Firefox Security Update

Scientific Large Esm H446
Critical: firefox security update
Date: Tue, 10 Sep 2013 11:15:06 -0500
Reply-To: Pat Riehecky 
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Subject: FASTBUGS for SL 6x i386, x86_64 now available
MIME-Version: 1.0

The following FASTBUGS have been uploaded to

i386:
krb5-devel-1.10.3-10.el6_4.6.i686.rpm
krb5-libs-1.10.3-10.el6_4.6.i686.rpm
krb5-pkinit-openssl-1.10.3-10.el6_4.6.i686.rpm
krb5-server-1.10.3-10.el6_4.6.i686.rpm
krb5-server-ldap-1.10.3-10.el6_4.6.i686.rpm
krb5-workstation-1.10.3-10.el6_4.6.i686.rpm
libsmbclient-3.6.9-151.el6_4.1.i686.rpm
libsmbclient-devel-3.6.9-151.el6_4.1.i686.rpm
microcode_ctl-1.17-15.el6_4.i686.rpm
rsyslog-5.8.10-7.el6_4.i686.rpm
rsyslog-gnutls-5.8.10-7.el6_4.i686.rpm
rsyslog-gssapi-5.8.10-7.el6_4.i686.rpm
rsyslog-mysql-5.8.10-7.el6_4.i686.rpm
rsyslog-pgsql-5.8.10-7.el6_4.i686.rpm
rsyslog-relp-5.8.10-7.el6_4.i686.rpm
rsyslog-snmp-5.8.10-7.el6_4.i686.rpm
samba-3.6.9-151.el6_4.1.i686.rpm
samba-client-3.6.9-151.el6_4.1.i686.rpm
samba-common-3.6.9-151.el6_4.1.i686.rpm
samba-doc-3.6.9-151.el6_4.1.i686.rpm
samba-domainjoin-gui-3.6.9-151.el6_4.1.i686.rpm
samba-swat-3.6.9-151.el6_4.1.i686.rpm
samba-winbind-3.6.9-151.el6_4.1.i686.rpm
samba-winbind-clients-3.6.9-151.el6_4.1.i686.rpm
samba-winbind-devel-3.6.9-151.el6_4.1.i686.rpm
samba-winbind-krb5-locator-3.6.9-151.el6_4.1.i686.rpm

x86_64:
krb5-devel-1.10.3-10.el6_4.6.i686.rpm
krb5-devel-1.10.3-10.el6_4.6.x86_64.rpm
krb5-libs-1.10.3-10.el6_4.6.i686.rpm
krb5-libs-1.10.3-10.el6_4.6.x86_64.rpm
krb5-pkinit-openssl-1.10.3-10.el6_4.6.x86_64.rpm
krb5-server-1.10.3-10.el6_4.6.x86_64.rpm
krb5-server-ldap-1.10.3-10.el6_4.6.i686.rpm
krb5-server-ldap-1.10.3-10.el6_4.6.x86_64.rpm
krb5-workstation-1.10.3-10.el6_4.6.x86_64.rpm
libsmbclient-3.6.9-151.el6_4.1.i686.rpm
libsmbclient-3.6.9-151.el6_4.1.x86_64.rpm
libsmbclient-devel-3.6.9-151.el6_4.1.i686.rpm
libsmbclient-devel-3.6.9-151.el6_4.1.x86_64.rpm
microcode_ctl-1.17-15.el6_4.x86_64.rpm
rsyslog-5.8.10-7.el6_4.x86_64.rpm
rsyslog-gnutls-5.8.10-7.el6_4.x86_64.rpm
rsyslog-gssapi-5.8.10-7.el6_4.x86_64.rpm
rsyslog-mysql-5.8.10-7.el6_4.x86_64.rpm
rsyslog-pgsql-5.8.10-7.el6_4.x86_64.rpm
rsyslog-relp-5.8.10-7.el6_4.x86_64.rpm
rsyslog-snmp-5.8.10-7.el6_4.x86_64.rpm
samba-3.6.9-151.el6_4.1.x86_64.rpm
samba-client-3.6.9-151.el6_4.1.x86_64.rpm
samba-common-3.6.9-151.el6_4.1.i686.rpm
samba-common-3.6.9-151.el6_4.1.x86_64.rpm
samba-doc-3.6.9-151.el6_4.1.x86_64.rpm
samba-domainjoin-gui-3.6.9-151.el6_4.1.x86_64.rpm
samba-swat-3.6.9-151.el6_4.1.x86_64.rpm
samba-winbind-3.6.9-151.el6_4.1.x86_64.rpm
samba-winbind-clients-3.6.9-151.el6_4.1.i686.rpm
samba-winbind-clients-3.6.9-151.el6_4.1.x86_64.rpm
samba-winbind-devel-3.6.9-151.el6_4.1.i686.rpm
samba-winbind-devel-3.6.9-151.el6_4.1.x86_64.rpm
samba-winbind-krb5-locator-3.6.9-151.el6_4.1.x86_64.rpm
Date: Tue, 17 Sep 2013 08:53:44 -0500
Reply-To: Pat Riehecky 
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Subject: FASTBUGS for SL 5x i386, x86_64 now available
MIME-Version: 1.0

The following FASTBUGS have been uploaded to

i386:
rgmanager-2.0.52-37.el5_9.4.i386.rpm

x86_64:
rgmanager-2.0.52-37.el5_9.4.x86_64.rpm
Date: Tue, 17 Sep 2013 08:54:26 -0500
Reply-To: Pat Riehecky 
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Subject: FASTBUGS for SL 6x i386, x86_64 now available
MIME-Version: 1.0

The following FASTBUGS have been uploaded to

i386:
db4-4.7.25-18.el6_4.i686.rpm
db4-cxx-4.7.25-18.el6_4.i686.rpm
db4-devel-4.7.25-18.el6_4.i686.rpm
db4-devel-static-4.7.25-18.el6_4.i686.rpm
db4-java-4.7.25-18.el6_4.i686.rpm
db4-tcl-4.7.25-18.el6_4.i686.rpm
db4-utils-4.7.25-18.el6_4.i686.rpm
dhclient-4.1.1-34.P1.el6_4.1.i686.rpm
dhcp-4.1.1-34.P1.el6_4.1.i686.rpm
dhcp-common-4.1.1-34.P1.el6_4.1.i686.rpm
dhcp-devel-4.1.1-34.P1.el6_4.1.i686.rpm
ipmitool-1.8.11-16.el6.i686.rpm
logwatch-7.3.6-52.el6.noarch.rpm
mdadm-3.2.5-4.el6_4.2.i686.rpm
xmlrpc-c-1.16.24-1210.1840.el6.i686.rpm
xmlrpc-c-apps-1.16.24-1210.1840.el6.i686.rpm
xmlrpc-c-c++-1.16.24-1210.1840.el6.i686.rpm
xmlrpc-c-client-1.16.24-1210.1840.el6.i686.rpm
xmlrpc-c-client++-1.16.24-1210.1840.el6.i686.rpm
xmlrpc-c-devel-1.16.24-1210.1840.el6.i686.rpm

x86_64:
db4-4.7.25-18.el6_4.i686.rpm
db4-4.7.25-18.el6_4.x86_64.rpm
db4-cxx-4.7.25-18.el6_4.i686.rpm
db4-cxx-4.7.25-18.el6_4.x86_64.rpm
db4-devel-4.7.25-18.el6_4.i686.rpm
db4-devel-4.7.25-18.el6_4.x86_64.rpm
db4-devel-static-4.7.25-18.el6_4.x86_64.rpm
db4-java-4.7.25-18.el6_4.x86_64.rpm
db4-tcl-4.7.25-18.el6_4.x86_64.rpm
db4-utils-4.7.25-18.el6_4.x86_64.rpm
dhclient-4.1.1-34.P1.el6_4.1.x86_64.rpm
dhcp-4.1.1-34.P1.el6_4.1.x86_64.rpm
dhcp-common-4.1.1-34.P1.el6_4.1.x86_64.rpm
dhcp-devel-4.1.1-34.P1.el6_4.1.i686.rpm
dhcp-devel-4.1.1-34.P1.el6_4.1.x86_64.rpm
ipmitool-1.8.11-16.el6.x86_64.rpm
logwatch-7.3.6-52.el6.noarch.rpm
mdadm-3.2.5-4.el6_4.2.x86_64.rpm
xmlrpc-c-1.16.24-1210.1840.el6.i686.rpm
xmlrpc-c-1.16.24-1210.1840.el6.x86_64.rpm
xmlrpc-c-apps-1.16.24-1210.1840.el6.x86_64.rpm
xmlrpc-c-c++-1.16.24-1210.1840.el6.i686.rpm
xmlrpc-c-c++-1.16.24-1210.1840.el6.x86_64.rpm
xmlrpc-c-client-1.16.24-1210.1840.el6.i686.rpm
xmlrpc-c-client++-1.16.24-1210.1840.el6.i686.rpm
xmlrpc-c-client-1.16.24-1210.1840.el6.x86_64.rpm
xmlrpc-c-client++-1.16.24-1210.1840.el6.x86_64.rpm
xmlrpc-c-devel-1.16.24-1210.1840.el6.i686.rpm
xmlrpc-c-devel-1.16.24-1210.1840.el6.x86_64.rpm
Date: Tue, 17 Sep 2013 20:59:28 +0000
Reply-To: scientific-linux-users@
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Subject: Security ERRATA Critical: firefox on SL5.x, SL6.x i386/srpm/x86_64
MIME-Version: 1.0

Synopsis: Critical: firefox security update
Advisory ID: SLSA-2013:1268-1
Issue Date: 2013-09-17
CVE Numbers: CVE-2013-1718
 CVE-2013-1725
 CVE-2013-1730
 CVE-2013-1736
 CVE-2013-1737
 CVE-2013-1735
 CVE-2013-1732
 CVE-2013-1722
--

Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause Firefox to crash or,
potentially, execute arbitrary code with the privileges of the user
running Firefox. (CVE-2013-1718, CVE-2013-1722, CVE-2013-1725,
CVE-2013-1730, CVE-2013-1732, CVE-2013-1735, CVE-2013-1736)

A flaw was found in the way Firefox handled certain DOM JavaScript
objects. An attacker could use this flaw to make JavaScript client or add-
on code make incorrect, security sensitive decisions. (CVE-2013-1737)

After installing the update, Firefox must be restarted for the changes to
take effect.
--

SL5
 x86_64
 xulrunner-devel-17.0.9-1.el5_9.x86_64.rpm
 firefox-17.0.9-1.el5_9.x86_64.rpm
 firefox-17.0.9-1.el5_9.i386.rpm
 xulrunner-17.0.9-1.el5_9.i386.rpm
 xulrunner-17.0.9-1.el5_9.x86_64.rpm
 xulrunner-devel-17.0.9-1.el5_9.i386.rpm
 firefox-debuginfo-17.0.9-1.el5_9.i386.rpm
 firefox-debuginfo-17.0.9-1.el5_9.x86_64.rpm
 xulrunner-debuginfo-17.0.9-1.el5_9.i386.rpm
 xulrunner-debuginfo-17.0.9-1.el5_9.x86_64.rpm
 i386
 xulrunner-devel-17.0.9-1.el5_9.i386.rpm
 firefox-17.0.9-1.el5_9.i386.rpm
 xulrunner-17.0.9-1.el5_9.i386.rpm
 firefox-debuginfo-17.0.9-1.el5_9.i386.rpm
 xulrunner-debuginfo-17.0.9-1.el5_9.i386.rpm
 srpm
 firefox-17.0.9-1.el5_9.src.rpm
 xulrunner-17.0.9-1.el5_9.src.rpm
 noarch
 xulrunner-debuginfo-17.0.9-1.el5_9.i386.rpm
 firefox-debuginfo-17.0.9-1.el5_9.x86_64.rpm
 firefox-debuginfo-17.0.9-1.el5_9.i386.rpm
 xulrunner-debuginfo-17.0.9-1.el5_9.x86_64.rpm
SL6
 x86_64
 xulrunner-devel-17.0.9-1.el6_4.x86_64.rpm
 firefox-17.0.9-1.el6_4.i686.rpm
 firefox-17.0.9-1.el6_4.x86_64.rpm
 xulrunner-17.0.9-1.el6_4.i686.rpm
 xulrunner-17.0.9-1.el6_4.x86_64.rpm
 xulrunner-devel-17.0.9-1.el6_4.i686.rpm
 firefox-debuginfo-17.0.9-1.el6_4.i686.rpm
 firefox-debuginfo-17.0.9-1.el6_4.x86_64.rpm
 xulrunner-debuginfo-17.0.9-1.el6_4.i686.rpm
 xulrunner-debuginfo-17.0.9-1.el6_4.x86_64.rpm
 srpm
 firefox-17.0.9-1.el6_4.src.rpm
 xulrunner-17.0.9-1.el6_4.src.rpm
 i386
 xulrunner-devel-17.0.9-1.el6_4.i686.rpm
 firefox-17.0.9-1.el6_4.i686.rpm
 xulrunner-17.0.9-1.el6_4.i686.rpm
 firefox-debuginfo-17.0.9-1.el6_4.i686.rpm
 xulrunner-debuginfo-17.0.9-1.el6_4.i686.rpm
 noarch
 firefox-debuginfo-17.0.9-1.el6_4.x86_64.rpm
 firefox-debuginfo-17.0.9-1.el6_4.i686.rpm
 xulrunner-debuginfo-17.0.9-1.el6_4.x86_64.rpm
 xulrunner-debuginfo-17.0.9-1.el6_4.i686.rpm

- Scientific Linux Development Team