[SECURITY] Fedora 8 Update: epiphany-extensions-2.20.1-4.fc8
updates at fedoraproject.org
updates at fedoraproject.org
Thu Nov 29 01:48:08 UTC 2007
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-3962
2007-11-29 01:46:57.290638
--------------------------------------------------------------------------------
Name : epiphany-extensions
Product : Fedora 8
Version : 2.20.1
Release : 4.fc8
URL : http://www.gnome.org/projects/epiphany/extensions
Summary : Extensions for Epiphany, the GNOME web browser
Description :
Epiphany Extensions is a collection of extensions for Epiphany, the
GNOME web browser.
--------------------------------------------------------------------------------
Update Information:
Updated firefox packages that fix several security issues are now available for Fedora 8.
This update has been rated as having critical security impact by the Fedora Security Response Team.
Mozilla Firefox is an open source Web browser.
A cross-site scripting flaw was found in the way Firefox handled the jar: URI scheme. It was possible for a malicious website to leverage this flaw and conduct a cross-site scripting attack against a user running Firefox. (CVE-2007-5947)
Several flaws were found in the way Firefox processed certain malformed web content. A webpage containing malicious content could cause Firefox to crash, or potentially execute arbitrary code as the user running Firefox. (CVE-2007-5959)
A race condition existed when Firefox set the "window.location" property for a webpage. This flaw could allow a webpage to set an arbitrary Referer header, which may lead to a Cross-site Request Forgery (CSRF) attack against websites that rely only on the Referer header for protection. (CVE-2007-5960)
Users of Firefox are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 27 2007 Christopher Aillon <caillon at redhat.com> - 2.20.1-3
- Rebuild against newer gecko
* Tue Nov 6 2007 Peter Gordon <peter at thecodergeek.com> - 2.20.1-2
- Rebuild for new Gecko (Firefox 2.0.0.9)
--------------------------------------------------------------------------------
Updated packages:
5c74d446894e51b1b03b67e6fd82cc7b1edb9103 epiphany-extensions-2.20.1-4.fc8.ppc64.rpm
85dca3d20ac5b401efc9d73efe7708072b6cee37 epiphany-extensions-debuginfo-2.20.1-4.fc8.ppc64.rpm
81ef833a486afccf70f4b177e51cc648dd1efba2 epiphany-extensions-debuginfo-2.20.1-4.fc8.i386.rpm
ffdb7aa6d08d0f58d82de2cad2d584be5ff91798 epiphany-extensions-2.20.1-4.fc8.i386.rpm
1cf66288986e866e0292ff8150268179d610061d epiphany-extensions-debuginfo-2.20.1-4.fc8.x86_64.rpm
0d4d56023bda2f6fda7c166f51ab7b6f998edc09 epiphany-extensions-2.20.1-4.fc8.x86_64.rpm
255666835cc276e4f68434ee4de59000f884be43 epiphany-extensions-debuginfo-2.20.1-4.fc8.ppc.rpm
aaba9c5380820ee26c37e4216ba3ac134ea90151 epiphany-extensions-2.20.1-4.fc8.ppc.rpm
e5519305d8cae2f6eee6f977abfa8ca1f38bfd64 epiphany-extensions-2.20.1-4.fc8.src.rpm
This update can be installed with the "yum" update program. Use
su -c 'yum update epiphany-extensions'
at the command line. For more information, refer to "Managing Software
with yum", available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------
More information about the package-announce
mailing list