Stay Vigilant with Timely Linux Security Advisories

Loading...

security advisoryupdatecritical

Fedora 10: 2009-7521 Urgent Chromium Patch for libgtkembedmm

Update to new upstream Firefox version 3.0.11, fixing multiple security issues detailed in the upstream advisories: https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-3.0/ Update also includes all packages depending on gecko-libs rebuild against new version of Firefox / XULRunner.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2009-6411 2009-06-15 22:07:28 -------------------------------------------------------------------------------- Name : gtkmozembedmm Product : Fedora 9 Version : 1.4.2.cvs20060817 Release : 30.fc9 URL : Summary : C++ wrapper for GtkMozembed Description : This package provides a C++/gtkmm wrapper for GtkMozEmbed from Mozilla 1.4.x to 1.7.x. The wrapper provides a convenient interface for C++ programmersto use the Gtkmozembed HTML-rendering widget inside their software. -------------------------------------------------------------------------------- Update Information: Update to new upstream Firefox version 3.0.11, fixing multiple security issues detailed in the upstream advisories: https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-3.0/ Update also includes all packages depending on gecko-libs rebuild against new version of Firefox / XULRunner. -------------------------------------------------------------------------------- ChangeLog: * Thu Jun 11 2009 Christopher Aillon - 1.4.2.cvs20060817-30 - Rebuild against newer gecko * Mon Apr 27 2009 Christopher Aillon - 1.4.2.cvs20060817-29 - Rebuild against newer gecko * Tue Apr 21 2009 Christopher Aillon - 1.4.2.cvs20060817-28 - Rebuild against newer gecko * Fri Mar 27 2009 Christopher Aillon - 1.4.2.cvs20060817-27 - Rebuild against newer gecko * Fri Mar 6 2009 Jan Horak - 1.4.2.cvs20060817-26 - Rebuild against newer gecko * Wed Feb 4 2009 Christopher Aillon - 1.4.2.cvs20060817-25 - Rebuild against newer gecko * Wed Dec 17 2008 Christopher Aillon - 1.4.2.cvs20060817-24 - Rebuildagainst newer gecko * Wed Dec 17 2008 Christopher Aillon - 1.4.2.cvs20060817-23 - Rebuild against newer gecko * Wed Nov 12 2008 Christopher Aillon - 1.4.2.cvs20060817-22 - Rebuild against newer gecko * Wed Sep 24 2008 Christopher Aillon - 1.4.2.cvs20060817-21 - Rebuild against newer gecko * Fri Jun 20 2008 Martin Stransky - 1.4.2.cvs20060817-20 - rebuild against new gecko-libs 1.9 (xulrunner) * Sat Apr 12 2008 Haïkel Guémar - 1.4.2.cvs20060817-19 - remove now useless sed one-liner. - fixed gtkmozembedmm-1.4.2.cvs20060817-xulrunner.patch - added gtkmozembedmm-1.4.2.cvs20060817-m4.patch * Mon Feb 18 2008 Fedora Release Engineering - 1.4.2.cvs20060817-18 - Autorebuild for GCC 4.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #503568 - CVE-2009-1392 Firefox browser engine crashes https://bugzilla.redhat.com/show_bug.cgi?id=503568 [ 2 ] Bug #503569 - CVE-2009-1832 Firefox double frame construction flaw https://bugzilla.redhat.com/show_bug.cgi?id=503569 [ 3 ] Bug #503570 - CVE-2009-1833 Firefox JavaScript engine crashes https://bugzilla.redhat.com/show_bug.cgi?id=503570 [ 4 ] Bug #503573 - CVE-2009-1834 Firefox URL spoofing with invalid unicode characters https://bugzilla.redhat.com/show_bug.cgi?id=503573 [ 5 ] Bug #503576 - CVE-2009-1835 Firefox Arbitrary domain cookie access by local file: resources https://bugzilla.redhat.com/show_bug.cgi?id=503576 [ 6 ] Bug #503578 - CVE-2009-1836 Firefox SSL tampering via non-200 responses to proxy CONNECT requests https://bugzilla.redhat.com/show_bug.cgi?id=503578 [ 7 ] Bug #503579 - CVE-2009-1837 Firefox Race condition while accessing the private data of a NPObject JS wrapper class object https://bugzilla.redhat.com/show_bug.cgi?id=503579 [ 8 ] Bug #503580 - CVE-2009-1838 Firefox arbitrary code execution flaw https://bugzilla.redhat.com/show_bug.cgi?id=503580 [ 9 ] Bug #503581 - CVE-2009-1839 Firefox information disclosureflaw https://bugzilla.redhat.com/show_bug.cgi?id=503581 [ 10 ] Bug #503582 - CVE-2009-1840 Firefox XUL scripts skip some security checks https://bugzilla.redhat.com/show_bug.cgi?id=503582 [ 11 ] Bug #503583 - CVE-2009-1841 Firefox JavaScript arbitrary code execution https://bugzilla.redhat.com/show_bug.cgi?id=503583 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update gtkmozembedmm' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . A new alert for Fedora 9 has been released, highlighting security patches in Firefox 3.0.11, including significant updates for gtkmozembedmm functionality.. Fedora Updates, Firefox Security, gtkmozembedmm Fixes. . Severity: Important. LinuxSecurity.com Team

Jun 15, 2009 •Important Fedora

security advisorymoderatesecurity issue

Fedora 9: Firefox 3.0.10 Important Browser Crash Fix 2009-4078

Update to Firefox 3.0.10 fixing one security issue: https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-3.0/ Depending packages rebuilt against new Firefox are also included in this update. Additional bugs fixed in other packages: - totem: Fix YouTube plugin following web site changes. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2009-4078 2009-04-28 00:41:54 -------------------------------------------------------------------------------- Name : gtkmozembedmm Product : Fedora 9 Version : 1.4.2.cvs20060817 Release : 29.fc9 URL : https://sourceforge.net/directory/software-development/mac/ Summary : C++ wrapper for GtkMozembed Description : This package provides a C++/gtkmm wrapper for GtkMozEmbed from Mozilla 1.4.x to 1.7.x. The wrapper provides a convenient interface for C++ programmersto use the Gtkmozembed HTML-rendering widget inside their software. -------------------------------------------------------------------------------- Update Information: Update to Firefox 3.0.10 fixing one security issue: https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-3.0/ Depending packages rebuilt against new Firefox are also included in this update. Additional bugs fixed in other packages: - totem: Fix YouTube plugin following web site changes -------------------------------------------------------------------------------- ChangeLog: * Mon Apr 27 2009 Christopher Aillon - 1.4.2.cvs20060817-29 - Rebuild against newer gecko * Tue Apr 21 2009 Christopher Aillon - 1.4.2.cvs20060817-28 - Rebuild against newer gecko * Fri Mar 27 2009 Christopher Aillon - 1.4.2.cvs20060817-27 - Rebuild against newer gecko * Fri Mar 6 2009 Jan Horak - 1.4.2.cvs20060817-26 - Rebuild against newer gecko * Wed Feb 4 2009 Christopher Aillon - 1.4.2.cvs20060817-25 - Rebuild against newer gecko * Wed Dec 17 2008 Christopher Aillon - 1.4.2.cvs20060817-24 - Rebuild against newer gecko * Wed Dec17 2008 Christopher Aillon - 1.4.2.cvs20060817-23 - Rebuild against newer gecko * Wed Nov 12 2008 Christopher Aillon - 1.4.2.cvs20060817-22 - Rebuild against newer gecko * Wed Sep 24 2008 Christopher Aillon - 1.4.2.cvs20060817-21 - Rebuild against newer gecko * Fri Jun 20 2008 Martin Stransky - 1.4.2.cvs20060817-20 - rebuild against new gecko-libs 1.9 (xulrunner) * Sat Apr 12 2008 Haïkel Guémar - 1.4.2.cvs20060817-19 - remove now useless sed one-liner. - fixed gtkmozembedmm-1.4.2.cvs20060817-xulrunner.patch - added gtkmozembedmm-1.4.2.cvs20060817-m4.patch * Mon Feb 18 2008 Fedora Release Engineering - 1.4.2.cvs20060817-18 - Autorebuild for GCC 4.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #497447 - CVE-2009-1313 Firefox crash in nsTextFrame::ClearTextRun() https://bugzilla.redhat.com/show_bug.cgi?id=497447 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update gtkmozembedmm' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Fedora has released an update that resolves a security vulnerability found in Firefox 3.0.10, alongside several related package adjustments.. Firefox Security,Fedora 9 Update,Gtkmozembedmm Package,Vulnerability Fixes. . Severity: Important. LinuxSecurity.com Team

Apr 27, 2009 •Important Fedora

Banner 2 1028x280 1708121730 1 1771599631

security advisorysecurity issuecritical

Fedora 9: 2009-3875 Critical: gtkmozembedmm Rendering Flaws

https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-3.0/. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2009-3875 2009-04-22 19:42:15 -------------------------------------------------------------------------------- Name : gtkmozembedmm Product : Fedora 9 Version : 1.4.2.cvs20060817 Release : 28.fc9 URL : Summary : C++ wrapper for GtkMozembed Description : This package provides a C++/gtkmm wrapper for GtkMozEmbed from Mozilla 1.4.x to 1.7.x. The wrapper provides a convenient interface for C++ programmersto use the Gtkmozembed HTML-rendering widget inside their software. -------------------------------------------------------------------------------- Update Information: https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-3.0/ -------------------------------------------------------------------------------- ChangeLog: * Tue Apr 21 2009 Christopher Aillon - 1.4.2.cvs20060817-28 - Rebuild against newer gecko * Fri Mar 27 2009 Christopher Aillon - 1.4.2.cvs20060817-27 - Rebuild against newer gecko * Fri Mar 6 2009 Jan Horak - 1.4.2.cvs20060817-26 - Rebuild against newer gecko * Wed Feb 4 2009 Christopher Aillon - 1.4.2.cvs20060817-25 - Rebuild against newer gecko * Wed Dec 17 2008 Christopher Aillon - 1.4.2.cvs20060817-24 - Rebuild against newer gecko * Wed Dec 17 2008 Christopher Aillon - 1.4.2.cvs20060817-23 - Rebuild against newer gecko * Wed Nov 12 2008 Christopher Aillon - 1.4.2.cvs20060817-22 - Rebuild against newer gecko * Wed Sep 24 2008 Christopher Aillon - 1.4.2.cvs20060817-21 - Rebuild against newer gecko * Fri Jun 20 2008 Martin Stransky - 1.4.2.cvs20060817-20 - rebuild against new gecko-libs 1.9 (xulrunner) * Sat Apr 12 2008 Haïkel Guémar - 1.4.2.cvs20060817-19 - remove now useless sed one-liner. - fixed gtkmozembedmm-1.4.2.cvs20060817-xulrunner.patch - added gtkmozembedmm-1.4.2.cvs20060817-m4.patch * Mon Feb 18 2008 Fedora Release Engineering - 1.4.2.cvs20060817-18 - Autorebuild for GCC 4.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #496252 - CVE-2009-1302 Firefox 3 Layout engine crashes https://bugzilla.redhat.com/show_bug.cgi?id=496252 [ 2 ] Bug #496253 - CVE-2009-1303 Firefox 2 and 3 Layout engine crash https://bugzilla.redhat.com/show_bug.cgi?id=496253 [ 3 ] Bug #496255 - CVE-2009-1304 Firefox 3 JavaScript engine crashes https://bugzilla.redhat.com/show_bug.cgi?id=496255 [ 4 ] Bug #496256 - CVE-2009-1305 Firefox 2 and 3 JavaScript engine crash https://bugzilla.redhat.com/show_bug.cgi?id=496256 [ 5 ] Bug #486704 - CVE-2009-0652 firefox: does not properly prevent the literal rendering of homoglyph characters in IDN domain names (spoof URLs and conduct phishing attacks) https://bugzilla.redhat.com/show_bug.cgi?id=486704 [ 6 ] Bug #496262 - CVE-2009-1306 Firefox jar: scheme ignores the content-disposition: header on the inner URI https://bugzilla.redhat.com/show_bug.cgi?id=496262 [ 7 ] Bug #496263 - CVE-2009-1307 Firefox Same-origin violations when Adobe Flash loaded via view-source: protocol https://bugzilla.redhat.com/show_bug.cgi?id=496263 [ 8 ] Bug #496266 - CVE-2009-1308 Firefox XSS hazard using third-party stylesheets and XBL bindings https://bugzilla.redhat.com/show_bug.cgi?id=496266 [ 9 ] Bug #496267 - CVE-2009-1309 Firefox Same-origin violations in XMLHttpRequest and XPCNativeWrapper.toString https://bugzilla.redhat.com/show_bug.cgi?id=496267 [ 10 ] Bug #496270 - CVE-2009-1310 Firefox Malicious search plugins can inject code into arbitrary sites https://bugzilla.redhat.com/show_bug.cgi?id=496270 [ 11 ] Bug #496271 - CVE-2009-1311 Firefox POST data sent to wrong site when saving web page with embedded frame https://bugzilla.redhat.com/show_bug.cgi?id=496271 [ 12 ] Bug #496274 - CVE-2009-1312 Firefox allows Refresh header to redirect to javascript: URIs https://bugzilla.redhat.com/show_bug.cgi?id=496274 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update gtkmozembedmm' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . The latest update for gtkmozembedmm on Fedora resolves significant concerns linked to the display of HTML content and plugged security holes.. Fedora, gtkmozembedmm, HTML Rendering, Update, Critical Fix. . Severity: Critical. LinuxSecurity.com Team

Apr 23, 2009 •Critical Fedora

security advisoryFedoraapplication update

Fedora 9: 2009-3099 Critical: Firefox Memory Flaws & Exploits

Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A memory corruption flaw was discovered in the way Firefox handles XML files containing an XSLT transform. A remote attacker could use this flaw to crash Firefox or, potentially, execute arbitrary code as the user running Firefox. (CVE-2009-1169) A flaw was discovered in the way Firefox handles certain XUL garbage collection events. A remote attacker could use this flaw to crash Firefox or, potentially, execute arbitrary code as the user running Firefox. (CVE-2009-1044) This update also provides depending packages rebuilt against new Firefox version. Miro updates to upstream 2.0.3. Provides new features and fixes various bugs in 1.2.x series. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2009-3099 2009-03-28 00:57:36 --------------------------------------------------------------------------------Name : gtkmozembedmm Product : Fedora 9 Version : 1.4.2.cvs20060817 Release : 27.fc9 URL : Summary : C++ wrapper for GtkMozembed Description : This package provides a C++/gtkmm wrapper for GtkMozEmbed from Mozilla 1.4.x to 1.7.x. The wrapper provides a convenient interface for C++ programmers to use the Gtkmozembed HTML-rendering widget inside their software. --------------------------------------------------------------------------------Update Information: Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A memory corruption flaw was discovered in the way Firefox handles XML files containing an XSLT transform. A remote attacker could use this flaw to crash Firefox or, potentially, execute arbitrary code as the user running Firefox. (CVE-2009-1169) A flaw was discovered in the way Firefox handles certain XUL garbage collection events. A remote attacker could use this flaw to crash Firefox or,potentially, execute arbitrary code as the user running Firefox. (CVE-2009-1044) This update also provides depending packages rebuilt against new Firefox version. Miro updates to upstream 2.0.3. Provides new features and fixes various bugs in 1.2.x series --------------------------------------------------------------------------------ChangeLog: * Fri Mar 27 2009 Christopher Aillon - 1.4.2.cvs20060817-27 - Rebuild against newer gecko * Fri Mar 6 2009 Jan Horak - 1.4.2.cvs20060817-26 - Rebuild against newer gecko * Wed Feb 4 2009 Christopher Aillon - 1.4.2.cvs20060817-25 - Rebuild against newer gecko * Wed Dec 17 2008 Christopher Aillon - 1.4.2.cvs20060817-24 - Rebuild against newer gecko * Wed Dec 17 2008 Christopher Aillon - 1.4.2.cvs20060817-23 - Rebuild against newer gecko * Wed Nov 12 2008 Christopher Aillon - 1.4.2.cvs20060817-22 - Rebuild against newer gecko * Wed Sep 24 2008 Christopher Aillon - 1.4.2.cvs20060817-21 - Rebuild against newer gecko * Fri Jun 20 2008 Martin Stransky - 1.4.2.cvs20060817-20 - rebuild against new gecko-libs 1.9 (xulrunner) * Sat Apr 12 2008 Haïkel Guémar - 1.4.2.cvs20060817-19 - remove now useless sed one-liner. - fixed gtkmozembedmm-1.4.2.cvs20060817-xulrunner.patch - added gtkmozembedmm-1.4.2.cvs20060817-m4.patch * Mon Feb 18 2008 Fedora Release Engineering - 1.4.2.cvs20060817-18 - Autorebuild for GCC 4.3 --------------------------------------------------------------------------------This update can be installed with the "yum" update program. Use su -c 'yum update gtkmozembedmm' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ Fedora-package-announce mailinglist This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Security vulnerabilities in Firefox expose users to potential crashes or unauthorized code execution. An update for Fedora 9 addresses these critical security concerns.. Firefox Security Flaw, Fedora Update, Memory Exploit Fix. . Severity: Critical. LinuxSecurity.com Team

Mar 28, 2009 •Critical Fedora

security advisoryfedoraremote code execution

Fedora 9 Update: 2009-3099 Critical Firefox RCE and Memory Flaws

Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A memory corruption flaw was discovered in the way Firefox handles XML files containing an XSLT transform. A remote attacker could use this flaw to crash Firefox or, potentially, execute arbitrary code as the user running Firefox. (CVE-2009-1169) A flaw was discovered in the way Firefox handles certain XUL garbage collection events. A remote attacker could use this flaw to crash Firefox or, potentially, execute arbitrary code as the user running Firefox. (CVE-2009-1044) This update also provides depending packages rebuilt against new Firefox version. Miro updates to upstream 2.0.3. Provides new features and fixes various bugs in 1.2.x series. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2009-3099 2009-03-28 00:57:36 --------------------------------------------------------------------------------Name : gtkmozembedmm Product : Fedora 9 Version : 1.4.2.cvs20060817 Release : 27.fc9 URL : Summary : C++ wrapper for GtkMozembed Description : This package provides a C++/gtkmm wrapper for GtkMozEmbed from Mozilla 1.4.x to 1.7.x. The wrapper provides a convenient interface for C++ programmers to use the Gtkmozembed HTML-rendering widget inside their software. --------------------------------------------------------------------------------Update Information: Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A memory corruption flaw was discovered in the way Firefox handles XML files containing an XSLT transform. A remote attacker could use this flaw to crash Firefox or, potentially, execute arbitrary code as the user running Firefox. (CVE-2009-1169) A flaw was discovered in the way Firefox handles certain XUL garbage collection events. A remote attacker could use this flaw to crash Firefox or,potentially, execute arbitrary code as the user running Firefox. (CVE-2009-1044) This update also provides depending packages rebuilt against new Firefox version. Miro updates to upstream 2.0.3. Provides new features and fixes various bugs in 1.2.x series --------------------------------------------------------------------------------ChangeLog: * Fri Mar 27 2009 Christopher Aillon - 1.4.2.cvs20060817-27 - Rebuild against newer gecko * Fri Mar 6 2009 Jan Horak - 1.4.2.cvs20060817-26 - Rebuild against newer gecko * Wed Feb 4 2009 Christopher Aillon - 1.4.2.cvs20060817-25 - Rebuild against newer gecko * Wed Dec 17 2008 Christopher Aillon - 1.4.2.cvs20060817-24 - Rebuild against newer gecko * Wed Dec 17 2008 Christopher Aillon - 1.4.2.cvs20060817-23 - Rebuild against newer gecko * Wed Nov 12 2008 Christopher Aillon - 1.4.2.cvs20060817-22 - Rebuild against newer gecko * Wed Sep 24 2008 Christopher Aillon - 1.4.2.cvs20060817-21 - Rebuild against newer gecko * Fri Jun 20 2008 Martin Stransky - 1.4.2.cvs20060817-20 - rebuild against new gecko-libs 1.9 (xulrunner) * Sat Apr 12 2008 Haïkel Guémar - 1.4.2.cvs20060817-19 - remove now useless sed one-liner. - fixed gtkmozembedmm-1.4.2.cvs20060817-xulrunner.patch - added gtkmozembedmm-1.4.2.cvs20060817-m4.patch * Mon Feb 18 2008 Fedora Release Engineering - 1.4.2.cvs20060817-18 - Autorebuild for GCC 4.3 --------------------------------------------------------------------------------This update can be installed with the "yum" update program. Use su -c 'yum update gtkmozembedmm' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ Fedora-package-announce mailinglist This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . The latest patch for gtkmozembedmm tackles significant memory vulnerabilities in Firefox, bolstering both security and reliability for users in Fedora.. Firefox Security Update, gtkmozembedmm Patch, Fedora Software Update. . Severity: Critical. LinuxSecurity.com Team

Mar 27, 2009 •Critical Fedora

security advisoryfedoraupdate

Fedora 9: 2009-2421 Critical: gtkmozembedmm Fix for Firefox Security Issues

Update to the new upstream Firefox 3.0.7 / XULRunner 1.9.0.7 fixing multiple security issues: https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-3.0/ This update also contains new builds of all applications depending on Gecko libraries, built against the new version. Note: after the updated packages are installed, Firefox must be restarted for the update to take effect.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2009-2421 2009-03-08 06:09:09 --------------------------------------------------------------------------------Name : gtkmozembedmm Product : Fedora 9 Version : 1.4.2.cvs20060817 Release : 26.fc9 URL : Summary : C++ wrapper for GtkMozembed Description : This package provides a C++/gtkmm wrapper for GtkMozEmbed from Mozilla 1.4.x to 1.7.x. The wrapper provides a convenient interface for C++ programmers to use the Gtkmozembed HTML-rendering widget inside their software. --------------------------------------------------------------------------------Update Information: Update to the new upstream Firefox 3.0.7 / XULRunner 1.9.0.7 fixing multiple security issues: https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox-3.0/ This update also contains new builds of all applications depending on Gecko libraries, built against the new version. Note: after the updated packages are installed, Firefox must be restarted for the update to take effect. --------------------------------------------------------------------------------ChangeLog: * Fri Mar 6 2009 Jan Horak - 1.4.2.cvs20060817-26 - Rebuild against newer gecko * Wed Feb 4 2009 Christopher Aillon - 1.4.2.cvs20060817-25 - Rebuild against newer gecko * Wed Dec 17 2008 Christopher Aillon - 1.4.2.cvs20060817-24 - Rebuild against newer gecko * Wed Dec 17 2008 Christopher Aillon - 1.4.2.cvs20060817-23 - Rebuild against newer gecko * Wed Nov 12 2008 Christopher Aillon -1.4.2.cvs20060817-22 - Rebuild against newer gecko * Wed Sep 24 2008 Christopher Aillon - 1.4.2.cvs20060817-21 - Rebuild against newer gecko * Fri Jun 20 2008 Martin Stransky - 1.4.2.cvs20060817-20 - rebuild against new gecko-libs 1.9 (xulrunner) * Sat Apr 12 2008 Haïkel Guémar - 1.4.2.cvs20060817-19 - remove now useless sed one-liner. - fixed gtkmozembedmm-1.4.2.cvs20060817-xulrunner.patch - added gtkmozembedmm-1.4.2.cvs20060817-m4.patch * Mon Feb 18 2008 Fedora Release Engineering - 1.4.2.cvs20060817-18 - Autorebuild for GCC 4.3 --------------------------------------------------------------------------------References: [ 1 ] Bug #488272 - CVE-2009-0771 Firefox 3 Layout Engine Crashes https://bugzilla.redhat.com/show_bug.cgi?id=488272 [ 2 ] Bug #488273 - CVE-2009-0772 Firefox 2 and 3 - Layout engine crashes https://bugzilla.redhat.com/show_bug.cgi?id=488273 [ 3 ] Bug #488276 - CVE-2009-0773 Firefox 3 crashes in the JavaScript engine https://bugzilla.redhat.com/show_bug.cgi?id=488276 [ 4 ] Bug #488283 - CVE-2009-0774 Firefox 2 and 3 crashes in the JavaScript engine https://bugzilla.redhat.com/show_bug.cgi?id=488283 [ 5 ] Bug #488287 - CVE-2009-0775 Firefox XUL Linked Clones Double Free Vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=488287 [ 6 ] Bug #488290 - CVE-2009-0776 Firefox XML data theft via RDFXMLDataSource and cross-domain redirect https://bugzilla.redhat.com/show_bug.cgi?id=488290 [ 7 ] Bug #488292 - CVE-2009-0777 Firefox URL spoofing with invisible control characters https://bugzilla.redhat.com/show_bug.cgi?id=488292 --------------------------------------------------------------------------------This update can be installed with the "yum" update program. Use su -c 'yum update gtkmozembedmm' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keysused by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ Fedora-package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Debian Security Advisory regarding urgent patches in libglibmm, improving stability for GIMP and other applications.. gtkmozembedmm Security Fix, Firefox Update, Fedora Patch. . Severity: Critical. LinuxSecurity.com Team

Mar 08, 2009 •Critical Fedora

Stay Secure with the Latest Linux Advisories

openSUSE Security Notice 2026-2328-1 Significant Updates on Four Xen Risks

openSUSE 2026-2328-1 Xen Important Buffer Overflow Patch

openSUSE Leap 15.6 Important Xen Denial of Service Fix SUSE-SU-2026-2329-1

openSUSE Important xen Patch for Multiple Threats SUSE-2026-2329-1

SUSE MariaDB Critical Security Fix 12 Vulnerabilities 2026-2330-1

Ubuntu 22.04 LTS Exim4 Moderate Regression CVE-2023-42117

SUSE StrongSwan Important Double-Free CVE-2026-47895 Advisory 2026-2312-1

SUSE vim Important Command Injection Buffer Overflow Update 2026-2313-1

openSUSE libsoup Critical HTTP Vulnerabilities Addressed in 2026-2314-1

Refine advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Ubuntu 22.04 OpenSSH Important Remote Access Issues USN-8222-1

Explore Latest Linux Security advisories

Fedora 10: 2009-7521 Urgent Chromium Patch for libgtkembedmm

Fedora 9: Firefox 3.0.10 Important Browser Crash Fix 2009-4078

Fedora 9: 2009-3875 Critical: gtkmozembedmm Rendering Flaws

Fedora 9: 2009-3099 Critical: Firefox Memory Flaws & Exploits

Fedora 9 Update: 2009-3099 Critical Firefox RCE and Memory Flaws

Fedora 9: 2009-2421 Critical: gtkmozembedmm Fix for Firefox Security Issues

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Ubuntu 22.04 OpenSSH Important Remote Access Issues USN-8222-1

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Stay Secure with the Latest Linux Advisories

openSUSE Security Notice 2026-2328-1 Significant Updates on Four Xen Risks

openSUSE 2026-2328-1 Xen Important Buffer Overflow Patch

openSUSE Leap 15.6 Important Xen Denial of Service Fix SUSE-SU-2026-2329-1

openSUSE Important xen Patch for Multiple Threats SUSE-2026-2329-1

SUSE MariaDB Critical Security Fix 12 Vulnerabilities 2026-2330-1

Ubuntu 22.04 LTS Exim4 Moderate Regression CVE-2023-42117

SUSE StrongSwan Important Double-Free CVE-2026-47895 Advisory 2026-2312-1

SUSE vim Important Command Injection Buffer Overflow Update 2026-2313-1

openSUSE libsoup Critical HTTP Vulnerabilities Addressed in 2026-2314-1

Refine advisories

severity

Topics

Distro

Published Date

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Explore Latest Linux Security advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Search Topics

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!