[SECURITY] Fedora 8 Update: epiphany-2.20.1-6.fc8
updates at fedoraproject.org
updates at fedoraproject.org
Thu Nov 29 01:48:08 UTC 2007
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-3962
2007-11-29 01:46:57.290638
--------------------------------------------------------------------------------
Name : epiphany
Product : Fedora 8
Version : 2.20.1
Release : 6.fc8
URL : http://www.gnome.org/projects/epiphany/
Summary : GNOME web browser based on the Mozilla rendering engine
Description :
epiphany is a simple GNOME web browser based on the Mozilla rendering
engine.
--------------------------------------------------------------------------------
Update Information:
Updated firefox packages that fix several security issues are now available for Fedora 8.
This update has been rated as having critical security impact by the Fedora Security Response Team.
Mozilla Firefox is an open source Web browser.
A cross-site scripting flaw was found in the way Firefox handled the jar: URI scheme. It was possible for a malicious website to leverage this flaw and conduct a cross-site scripting attack against a user running Firefox. (CVE-2007-5947)
Several flaws were found in the way Firefox processed certain malformed web content. A webpage containing malicious content could cause Firefox to crash, or potentially execute arbitrary code as the user running Firefox. (CVE-2007-5959)
A race condition existed when Firefox set the "window.location" property for a webpage. This flaw could allow a webpage to set an arbitrary Referer header, which may lead to a Cross-site Request Forgery (CSRF) attack against websites that rely only on the Referer header for protection. (CVE-2007-5960)
Users of Firefox are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 27 2007 Christopher Aillon <caillon at redhat.com> - 2.20.1-6
- Rebuild against newer gecko
* Mon Nov 19 2007 Martin Stransky <stransky at redhat.com> - 2.20.1-5
- Updated wrapper patch
* Mon Nov 5 2007 Martin Stransky <stransky at redhat.com> - 2.20.1-4
- Rebuild against new firefox
--------------------------------------------------------------------------------
Updated packages:
6ebbc88d17dc9a942cd960f671be4f34a34268e7 epiphany-devel-2.20.1-6.fc8.ppc64.rpm
3747ad508ecb969ae8faf46301c765d576e72c24 epiphany-2.20.1-6.fc8.ppc64.rpm
bd545d2ac069b8141372ee7449d20c87202f65d4 epiphany-debuginfo-2.20.1-6.fc8.ppc64.rpm
b0cae51892818fe5472137d4c2f561f915cf6345 epiphany-devel-2.20.1-6.fc8.i386.rpm
5ddbda747bf074e99cd742d9a0f46b607f458249 epiphany-2.20.1-6.fc8.i386.rpm
72c3e2996dd5beeb9b690d37e291b60707de74c8 epiphany-debuginfo-2.20.1-6.fc8.i386.rpm
7a58ad9b9d68911341743bbaaabfc6ad14f4dc9f epiphany-devel-2.20.1-6.fc8.x86_64.rpm
b488f41252180ca9754f4421bae9e6a741707b1f epiphany-debuginfo-2.20.1-6.fc8.x86_64.rpm
dc606fb7c23e1e781cb0343caa6a109bb68ea824 epiphany-2.20.1-6.fc8.x86_64.rpm
1fb01cc3d0716cc551ee5f903a8d29f9d459bb86 epiphany-debuginfo-2.20.1-6.fc8.ppc.rpm
2a4c108de45cd1221ad47a6ee16d62c8f12b9ea0 epiphany-devel-2.20.1-6.fc8.ppc.rpm
776db393eb2a7e0b7be452d0e0af06f93f4e7021 epiphany-2.20.1-6.fc8.ppc.rpm
32aba352b4827327c8e83265cfb74e98b4efd087 epiphany-2.20.1-6.fc8.src.rpm
This update can be installed with the "yum" update program. Use
su -c 'yum update epiphany'
at the command line. For more information, refer to "Managing Software
with yum", available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------
More information about the package-announce
mailing list