-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Fedora Test Update Notification FEDORA-2004-1532 Bugzilla https://bugzilla.fedora.us/show_bug.cgi?id=1532 2004-06-17 - --------------------------------------------------------------------- Name : mozilla Version 7.3 : 1.4.2-2.1.0.legacy.1 Summary : Web browser and mail reader Description : Mozilla is an open-source web browser, designed for standards compliance, performance and portability. - --------------------------------------------------------------------- Update Information: CAN-2003-0564: Multiple vulnerabilities in multiple vendor implementations of the Secure/Multipurpose Internet Mail Extensions (S/MIME) protocol allow remote attackers to cause a denial of service and possibly execute arbitrary code via an S/MIME email message containing certain unexpected ASN.1 constructs, as demonstrated using the NISSC test suite. CAN-2003-0594: Mozilla allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Mozilla to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application. CAN-2004-0191: Mozilla before 1.4.2 executes Javascript events in the context of a new page while it is being loaded, allowing it to interact with the previous page (zombie document) and enable cross-domain and cross-site scripting (XSS) attacks, as demonstrated using onmousemove events. - --------------------------------------------------------------------- Changelog: 7.3: * Fri Jun 11 2004 Jesse Keating <jkeating@xxxxxxxxxxxxxxx> - - Added legacy and added gcc-c++ as a build-req * Wed Mar 24 2004 Chris Blizzard <blizzard@xxxxxxxxxx> 37:1.4.2-3.0.0.SNAP - - Update to a 1.4.2. - - Time for a new changelog. - --------------------------------------------------------------------- This update can be downloaded from: http://download.fedoralegacy.org/redhat/ 43f3c7ed5c1cb848478937cadab47bd5237c43dd 7.3/updates-testing/SRPMS/mozilla-1.4.2-2.1.0.legacy.1.src.rpm bac721ec26e0fe0a97ce17ca76a229f78e06f027 7.3/updates-testing/i386/mozilla-1.4.2-2.1.0.legacy.1.i386.rpm 7b6f4ae222a80e06940dd2fe6fa100f4d933e92c 7.3/updates-testing/i386/mozilla-chat-1.4.2-2.1.0.legacy.1.i386.rpm f0ae36c8710968fec5b81e1f7eb7c21ca3aae7eb 7.3/updates-testing/i386/mozilla-devel-1.4.2-2.1.0.legacy.1.i386.rpm 194ccdb868d8985f1e3b363229141ed69b1e1211 7.3/updates-testing/i386/mozilla-dom-inspector-1.4.2-2.1.0.legacy.1.i386.rpm 59171244d35d111f9543b45a7399333f7d66c61e 7.3/updates-testing/i386/mozilla-js-debugger-1.4.2-2.1.0.legacy.1.i386.rpm 3cee5e9e7f248d0d94161c2c3e27340a522825b2 7.3/updates-testing/i386/mozilla-mail-1.4.2-2.1.0.legacy.1.i386.rpm ea018091469857131f1c78e296e3e7d6619783bb 7.3/updates-testing/i386/mozilla-nspr-1.4.2-2.1.0.legacy.1.i386.rpm 163f47ff39ce8cad7ca7533c69fab1e213ef73b7 7.3/updates-testing/i386/mozilla-nspr-devel-1.4.2-2.1.0.legacy.1.i386.rpm b956f5a47f52d1ff830ce9f858d393742849c3df 7.3/updates-testing/i386/mozilla-nss-1.4.2-2.1.0.legacy.1.i386.rpm 326828da345d70c4c580c3403343124bed7eab1e 7.3/updates-testing/i386/mozilla-nss-devel-1.4.2-2.1.0.legacy.1.i386.rpm 80d131ed4d9194c22438288ace539c18027594e8 7.3/updates-testing/SRPMS/galeon-1.2.13-0.2.2.legacy.src.rpm f66de028a8b522e3a88dd338bfc6ea99a4f5a7c5 7.3/updates-testing/i386/galeon-1.2.13-0.2.2.legacy.i386.rpm Please note that this update is also available via yum and apt through the updates-testing channel. Many people find this an easier way to apply updates. - --------------------------------------------------------------------- - -- Jesse Keating RHCE (http://geek.j2solutions.net) Fedora Legacy Team (http://www.fedoralegacy.org) GPG Public Key (http://geek.j2solutions.net/jkeating.j2solutions.pub) Was I helpful? Let others know: http://svcs.affero.net/rm.php?r=jkeating -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFA0bF04v2HLvE71NURAs0iAJwMnZoB+Vbuzm/Sn1mN5IHr0HY44wCfb8yR OkDI8K3gHRTIOu8KPCFboQA= =/AXu -----END PGP SIGNATURE----- -- fedora-legacy-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-legacy-list
