Fedora Test Update Notification: mozilla
Jesse Keating
jkeating at j2solutions.net
Thu Jun 17 14:57:56 UTC 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- ---------------------------------------------------------------------
Fedora Test Update Notification
FEDORA-2004-1532
Bugzilla https://bugzilla.fedora.us/show_bug.cgi?id=1532
2004-06-17
- ---------------------------------------------------------------------
Name : mozilla
Version 7.3 : 1.4.2-2.1.0.legacy.1
Summary : Web browser and mail reader
Description :
Mozilla is an open-source web browser, designed for standards
compliance, performance and portability.
- ---------------------------------------------------------------------
Update Information:
CAN-2003-0564:
Multiple vulnerabilities in multiple vendor implementations of the
Secure/Multipurpose Internet Mail Extensions (S/MIME) protocol allow
remote attackers to cause a denial of service and possibly execute
arbitrary code via an S/MIME email message containing certain unexpected
ASN.1 constructs, as demonstrated using the NISSC test suite.
CAN-2003-0594:
Mozilla allows remote attackers to bypass intended cookie access
restrictions on a web application via "%2e%2e" (encoded dot dot) directory
traversal sequences in a URL, which causes Mozilla to send the cookie
outside the specified URL subsets, e.g. to a vulnerable application that
runs on the same server as the target application.
CAN-2004-0191:
Mozilla before 1.4.2 executes Javascript events in the context of a new
page while it is being loaded, allowing it to interact with the previous
page (zombie document) and enable cross-domain and cross-site scripting
(XSS) attacks, as demonstrated using onmousemove events.
- ---------------------------------------------------------------------
Changelog:
7.3:
* Fri Jun 11 2004 Jesse Keating <jkeating at j2solutions.net>
- - Added legacy and added gcc-c++ as a build-req
* Wed Mar 24 2004 Chris Blizzard <blizzard at redhat.com> 37:1.4.2-3.0.0.SNAP
- - Update to a 1.4.2.
- - Time for a new changelog.
- ---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedoralegacy.org/redhat/
43f3c7ed5c1cb848478937cadab47bd5237c43dd
7.3/updates-testing/SRPMS/mozilla-1.4.2-2.1.0.legacy.1.src.rpm
bac721ec26e0fe0a97ce17ca76a229f78e06f027
7.3/updates-testing/i386/mozilla-1.4.2-2.1.0.legacy.1.i386.rpm
7b6f4ae222a80e06940dd2fe6fa100f4d933e92c
7.3/updates-testing/i386/mozilla-chat-1.4.2-2.1.0.legacy.1.i386.rpm
f0ae36c8710968fec5b81e1f7eb7c21ca3aae7eb
7.3/updates-testing/i386/mozilla-devel-1.4.2-2.1.0.legacy.1.i386.rpm
194ccdb868d8985f1e3b363229141ed69b1e1211
7.3/updates-testing/i386/mozilla-dom-inspector-1.4.2-2.1.0.legacy.1.i386.rpm
59171244d35d111f9543b45a7399333f7d66c61e
7.3/updates-testing/i386/mozilla-js-debugger-1.4.2-2.1.0.legacy.1.i386.rpm
3cee5e9e7f248d0d94161c2c3e27340a522825b2
7.3/updates-testing/i386/mozilla-mail-1.4.2-2.1.0.legacy.1.i386.rpm
ea018091469857131f1c78e296e3e7d6619783bb
7.3/updates-testing/i386/mozilla-nspr-1.4.2-2.1.0.legacy.1.i386.rpm
163f47ff39ce8cad7ca7533c69fab1e213ef73b7
7.3/updates-testing/i386/mozilla-nspr-devel-1.4.2-2.1.0.legacy.1.i386.rpm
b956f5a47f52d1ff830ce9f858d393742849c3df
7.3/updates-testing/i386/mozilla-nss-1.4.2-2.1.0.legacy.1.i386.rpm
326828da345d70c4c580c3403343124bed7eab1e
7.3/updates-testing/i386/mozilla-nss-devel-1.4.2-2.1.0.legacy.1.i386.rpm
80d131ed4d9194c22438288ace539c18027594e8
7.3/updates-testing/SRPMS/galeon-1.2.13-0.2.2.legacy.src.rpm
f66de028a8b522e3a88dd338bfc6ea99a4f5a7c5
7.3/updates-testing/i386/galeon-1.2.13-0.2.2.legacy.i386.rpm
Please note that this update is also available via yum and apt through
the updates-testing channel. Many people find this an easier
way to apply updates.
- ---------------------------------------------------------------------
- --
Jesse Keating RHCE (http://geek.j2solutions.net)
Fedora Legacy Team (http://www.fedoralegacy.org)
GPG Public Key (http://geek.j2solutions.net/jkeating.j2solutions.pub)
Was I helpful? Let others know:
http://svcs.affero.net/rm.php?r=jkeating
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFA0bF04v2HLvE71NURAs0iAJwMnZoB+Vbuzm/Sn1mN5IHr0HY44wCfb8yR
OkDI8K3gHRTIOu8KPCFboQA=
=/AXu
-----END PGP SIGNATURE-----
More information about the fedora-legacy-list
mailing list