[SECURITY] Fedora 8 Update: blam-1.8.3-18.fc8

updates at fedoraproject.org updates at fedoraproject.org
Sun Sep 28 18:40:57 UTC 2008


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-8399
2008-09-27 03:03:19
--------------------------------------------------------------------------------

Name        : blam
Product     : Fedora 8
Version     : 1.8.3
Release     : 18.fc8
URL         : http://www.cmartin.tk/blam.html
Summary     : An RSS/RDF feed reader
Description :
Blam is a tool that helps you keep track of the growing
number of news feeds distributed as RSS. Blam lets you
subscribe to any number of feeds and provides an easy to
use and clean interface to stay up to date

--------------------------------------------------------------------------------
Update Information:

Mozilla Firefox is an open source Web browser.    Several flaws were found in
the processing of malformed web content. A web page containing malicious content
could cause Firefox to crash or, potentially, execute arbitrary code as the user
running Firefox. (CVE-2008-4058, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062,
CVE-2008-4063, CVE-2008-4064)    Several flaws were found in the way malformed
web content was displayed. A web page containing specially crafted content could
potentially trick a Firefox user into surrendering sensitive information.
(CVE-2008-4067, CVE-2008-4068)    A flaw was found in the way Firefox handles
mouse click events. A web page containing specially crafted JavaScript code
could move the content window while a mouse-button was pressed, causing any item
under the pointer to be dragged. This could, potentially, cause the user to
perform an unsafe drag-and-drop action. (CVE-2008-3837)    A flaw was found in
Firefox that caused certain characters to be stripped from JavaScript code. This
flaw could allow malicious JavaScript to bypass or evade script filters.
(CVE-2008-4065)    For technical details regarding these flaws, please see the
Mozilla security advisories for Firefox 3.0.2.[1]    All Firefox users should
upgrade to these updated packages, which contain patches that correct these
issues.    [1] http://www.mozilla.org/security/known-
vulnerabilities/firefox30.html#firefox3.0.2
--------------------------------------------------------------------------------
ChangeLog:

* Tue Sep 23 2008 Christopher Aillon <caillon at redhat.com> - 1.8.3-18
- Rebuild against newer gecko
* Tue Jul 15 2008 Christopher Aillon <caillon at redhat.com> - 1.8.3-17
- Rebuild against newer gecko
* Wed Jul  2 2008 Christopher Aillon <caillon at redhat.com> - 1.8.3-16
- Rebuild against newer gecko
* Wed Apr 16 2008 Christopher Aillon <caillon at redhat.com> - 1.8.3-15
- Rebuild against newer gecko
* Tue Mar 25 2008 Christopher Aillon <caillon at redhat.com> - 1.8.3-14
- Rebuild against newer gecko
* Fri Feb  8 2008 Christopher Aillon <caillon at redhat.com> - 1.8.3-13
- Rebuild against newer gecko
* Tue Nov 27 2007 Christopher Aillon <caillon at redhat.com> - 1.8.3-12
- Rebuild against newer gecko
* Thu Nov 22 2007 Peter Gordon <peter at thecodergeek.com> - 1.8.3-11
- Fix CVE-2005-4790 (bug 252294).
* Tue Nov 13 2007 Peter Gordon <peter at thecodergeek.com> - 1.8.3-10
- Rebuild for new Gecko (Firefox 2.0.0.9).
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update blam' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------




More information about the Fedora-package-announce mailing list