--------------------------------------------------------------------- Fedora Legacy Test Update Notification FEDORALEGACY-2006-189137-1 Bugzilla https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189137 2006-05-15 --------------------------------------------------------------------- Name : mozilla Versions : rh7.3: mozilla-1.7.13-0.73.1.legacy Versions : rh9: mozilla-1.7.13-0.90.1.legacy Versions : fc1: mozilla-1.7.13-1.1.1.legacy Versions : fc2: mozilla-1.7.13-1.2.1.legacy Versions : fc3: mozilla-1.7.13-1.3.1.legacy Summary : A Web browser. Description : Mozilla is an open-source Web browser, designed for standards compliance, performance, and portability. --------------------------------------------------------------------- Update Information: Updated mozilla packages that fix several security bugs are now available. Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several bugs were found in the way Mozilla processes malformed javascript. A malicious web page could modify the content of a different open web page, possibly stealing sensitive information or conducting a cross-site scripting attack. (CVE-2006-1731, CVE-2006-1732, CVE-2006-1741) Several bugs were found in the way Mozilla processes certain javascript actions. A malicious web page could execute arbitrary javascript instructions with the permissions of "chrome", allowing the page to steal sensitive information or install browser malware. (CVE-2006-1727, CVE-2006-1728, CVE-2006-1733, CVE-2006-1734, CVE-2006-1735, CVE-2006-1742) Several bugs were found in the way Mozilla processes malformed web pages. A carefully crafted malicious web page could cause the execution of arbitrary code as the user running Mozilla. (CVE-2006-0748, CVE-2006-0749, CVE-2006-1730, CVE-2006-1737, CVE-2006-1738, CVE-2006-1739, CVE-2006-1790) A bug was found in the way Mozilla displays the secure site icon. If a browser is configured to display the non-default secure site modal warning dialog, it may be possible to trick a user into believing they are viewing a secure site. (CVE-2006-1740) A bug was found in the way Mozilla allows javascript mutation events on "input" form elements. A malicious web page could be created in such a way that when a user submits a form, an arbitrary file could be uploaded to the attacker. (CVE-2006-1729) A bug was found in the way Mozilla executes in-line mail forwarding. If a user can be tricked into forwarding a maliciously crafted mail message as in-line content, it is possible for the message to execute javascript with the permissions of "chrome". (CVE-2006-0884) Users of Mozilla are advised to upgrade to these updated packages containing Mozilla version 1.7.13 which corrects these issues. --------------------------------------------------------------------- Changelogs rh7.3: * Sat Apr 22 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 37:1.7.13-0.73.1.legacy - Updated to 1.7.13 to fix security issues rh9: * Sat Apr 22 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 37:1.7.13-0.90.1.legacy - Updated to 1.7.13 to fix security issues fc1: * Fri Apr 21 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 37:1.7.13-1.1.1.legacy - Updated to 1.7.13 to fix security issues fc2: * Fri Apr 21 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 37:1.7.13-1.2.1.legacy - Updated to 1.7.13 to fix security issues fc3: * Fri Apr 21 2006 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 37:1.7.13-1.3.1.legacy - Updated to 1.7.13 to fix security issues --------------------------------------------------------------------- This update can be downloaded from: http://download.fedoralegacy.org/ (sha1sums) rh7.3: b7616c52ee2776f3577fcda0a0628c5ec6cffae7 redhat/7.3/updates-testing/i386/mozilla-1.7.13-0.73.1.legacy.i386.rpm a6234bd3b89616ce5b924a36c95ba1421b6b8ecf redhat/7.3/updates-testing/i386/mozilla-chat-1.7.13-0.73.1.legacy.i386.rpm 3d7b92d47b825f5a936c54ca63679916f428917e redhat/7.3/updates-testing/i386/mozilla-devel-1.7.13-0.73.1.legacy.i386.rpm 2b4c765543b3f4fc5ac04127ca70c70a33fddaec redhat/7.3/updates-testing/i386/mozilla-dom-inspector-1.7.13-0.73.1.legacy.i386.rpm c15eceb55105a87f8d5dc0db24b9cf95e815a5a2 redhat/7.3/updates-testing/i386/mozilla-js-debugger-1.7.13-0.73.1.legacy.i386.rpm 09dcdb176779a013efc6b1819e5391854d94a751 redhat/7.3/updates-testing/i386/mozilla-mail-1.7.13-0.73.1.legacy.i386.rpm 5126d56d8ff98dfdcd69ed6864821120fc959c55 redhat/7.3/updates-testing/i386/mozilla-nspr-1.7.13-0.73.1.legacy.i386.rpm d2db357f5fe0d1ffce22db18f7d95c96dcfcffa3 redhat/7.3/updates-testing/i386/mozilla-nspr-devel-1.7.13-0.73.1.legacy.i386.rpm 7b3a403f4981d5ffa676aa38e5699fca9e7c2f18 redhat/7.3/updates-testing/i386/mozilla-nss-1.7.13-0.73.1.legacy.i386.rpm 3eea1812fa6a6ef13ed8826cd7734bd266c9b0fb redhat/7.3/updates-testing/i386/mozilla-nss-devel-1.7.13-0.73.1.legacy.i386.rpm 46393b4afb72fcd8100de2c61b6531d9ffe1dbf5 redhat/7.3/updates-testing/i386/galeon-1.2.14-0.73.6.legacy.i386.rpm d7222582e0c6d2cb635e07d91f6ffd4f85d36a49 redhat/7.3/updates-testing/SRPMS/mozilla-1.7.13-0.73.1.legacy.src.rpm b437ce5a3b53a11730c42590f28f8a8437622a2f redhat/7.3/updates-testing/SRPMS/galeon-1.2.14-0.73.6.legacy.src.rpm rh9: 624c5f90520fba704ad4f66dbf90b1f1c957b13c redhat/9/updates-testing/i386/mozilla-1.7.13-0.90.1.legacy.i386.rpm d774d70acfa13e6fdfaed04fe99dc72f6d2ff9e8 redhat/9/updates-testing/i386/mozilla-chat-1.7.13-0.90.1.legacy.i386.rpm c97b2a1d23cdcec966ad0f578ae7ed54298e0539 redhat/9/updates-testing/i386/mozilla-devel-1.7.13-0.90.1.legacy.i386.rpm 494506d66fe98871e624009969ac642c98a1f812 redhat/9/updates-testing/i386/mozilla-dom-inspector-1.7.13-0.90.1.legacy.i386.rpm b844468a52354d6e9233a3f2b423c21879c7ca2f redhat/9/updates-testing/i386/mozilla-js-debugger-1.7.13-0.90.1.legacy.i386.rpm 2313fc46b0f7192d2e50675b978a6132fef9c7e3 redhat/9/updates-testing/i386/mozilla-mail-1.7.13-0.90.1.legacy.i386.rpm c37ce58b4bc86d84585e53c97ef63f3733ffa038 redhat/9/updates-testing/i386/mozilla-nspr-1.7.13-0.90.1.legacy.i386.rpm c99c3912597d83cdb161c1e2d4476985ebbe301f redhat/9/updates-testing/i386/mozilla-nspr-devel-1.7.13-0.90.1.legacy.i386.rpm 82f292d71571e66844a0b6b59252271bcf26c5a9 redhat/9/updates-testing/i386/mozilla-nss-1.7.13-0.90.1.legacy.i386.rpm 8da1e54eed9099c2dbb4c04e97157bf742128488 redhat/9/updates-testing/i386/mozilla-nss-devel-1.7.13-0.90.1.legacy.i386.rpm 99041c948b0fb28092be0b817e2f631b76a05614 redhat/9/updates-testing/i386/galeon-1.2.14-0.90.6.legacy.i386.rpm d20d8e1985145c55a185f67e4209a01f1654c0ac redhat/9/updates-testing/SRPMS/mozilla-1.7.13-0.90.1.legacy.src.rpm aa35ab30634d4f5018e3f3e7bb4c290a23e8b1f0 redhat/9/updates-testing/SRPMS/galeon-1.2.14-0.90.6.legacy.src.rpm fc1: 3d510a0a221fd0af801d32075cfec02b54e07422 fedora/1/updates-testing/i386/mozilla-1.7.13-1.1.1.legacy.i386.rpm becd9c7a44a82ccfbe3cf6b03f051ecd4a273131 fedora/1/updates-testing/i386/mozilla-chat-1.7.13-1.1.1.legacy.i386.rpm 1ba6d5e1f14397c25baebb208b3f94de04d46131 fedora/1/updates-testing/i386/mozilla-devel-1.7.13-1.1.1.legacy.i386.rpm bc3d9984f60bbe6794c205e3222c9ea2335bd42e fedora/1/updates-testing/i386/mozilla-dom-inspector-1.7.13-1.1.1.legacy.i386.rpm 27b23b8f5be8a15c8294a1a40b62aafd0c8b8da8 fedora/1/updates-testing/i386/mozilla-js-debugger-1.7.13-1.1.1.legacy.i386.rpm fac226fb8ed3c08bd5c38729ca4bdcb7cbfa7155 fedora/1/updates-testing/i386/mozilla-mail-1.7.13-1.1.1.legacy.i386.rpm 50de7263571cfdca103af679b2b4824cf5e4b733 fedora/1/updates-testing/i386/mozilla-nspr-1.7.13-1.1.1.legacy.i386.rpm 6864171e9ad26571bc9fae8c22d9b713e790e217 fedora/1/updates-testing/i386/mozilla-nspr-devel-1.7.13-1.1.1.legacy.i386.rpm 231222af647baca7cf8ad3aa70102baf065844ea fedora/1/updates-testing/i386/mozilla-nss-1.7.13-1.1.1.legacy.i386.rpm b2a45de48fd072f61c4887c9fb7b1e28d5ceb724 fedora/1/updates-testing/i386/mozilla-nss-devel-1.7.13-1.1.1.legacy.i386.rpm 4278190ae02b1ba55ab8f7bff797aa0b7c6367cf fedora/1/updates-testing/i386/epiphany-1.0.8-1.fc1.6.legacy.i386.rpm d7698a730ded9bf23f9cf50af0b311344d6a32c9 fedora/1/updates-testing/SRPMS/mozilla-1.7.13-1.1.1.legacy.src.rpm 98e8156234d0d70503b2e35958b6c16fd6af9839 fedora/1/updates-testing/SRPMS/epiphany-1.0.8-1.fc1.6.legacy.src.rpm fc2: 159c63cf7ea9fdc986cea0e5f5385dfb5b6305b4 fedora/2/updates-testing/i386/mozilla-1.7.13-1.2.1.legacy.i386.rpm f407853505e31c18da4b7f6cb381eda08f92e95a fedora/2/updates-testing/i386/mozilla-chat-1.7.13-1.2.1.legacy.i386.rpm 34b9bfcbadd11a46d9c8e83bb74cadb20f5e4923 fedora/2/updates-testing/i386/mozilla-devel-1.7.13-1.2.1.legacy.i386.rpm dee1265fd2e11184729411971ebbf78cb563a0e5 fedora/2/updates-testing/i386/mozilla-dom-inspector-1.7.13-1.2.1.legacy.i386.rpm c04910085005cd7e6df6f94ef59c97df8825c07b fedora/2/updates-testing/i386/mozilla-js-debugger-1.7.13-1.2.1.legacy.i386.rpm 4d7705a6ca92e8508dfc129f9d230b655fcaf1d5 fedora/2/updates-testing/i386/mozilla-mail-1.7.13-1.2.1.legacy.i386.rpm a77cbd95adaf8033fd41a79c8fa5834f5bf6966b fedora/2/updates-testing/i386/mozilla-nspr-1.7.13-1.2.1.legacy.i386.rpm bac22ca27bd47b5568016b836655c0205f412f07 fedora/2/updates-testing/i386/mozilla-nspr-devel-1.7.13-1.2.1.legacy.i386.rpm a2a5c35a60ce9a77776ca68f85540f4b36a5d687 fedora/2/updates-testing/i386/mozilla-nss-1.7.13-1.2.1.legacy.i386.rpm bc9bed78a37a55ee2c7c0447e28454117d75b2f5 fedora/2/updates-testing/i386/mozilla-nss-devel-1.7.13-1.2.1.legacy.i386.rpm 82050caf931b8f86483430536d1044ca0e18e26c fedora/2/updates-testing/i386/epiphany-1.2.10-0.2.7.legacy.i386.rpm fd3a6e7733046ab57d5d0578942b63039f60549f fedora/2/updates-testing/i386/devhelp-0.9.1-0.2.10.legacy.i386.rpm dbfc536e2d5fb26ae710550517d00eb7b5c1c425 fedora/2/updates-testing/i386/devhelp-devel-0.9.1-0.2.10.legacy.i386.rpm 7d3714941a249cf2706860c80d5fdd2f6f9d6a49 fedora/2/updates-testing/SRPMS/mozilla-1.7.13-1.2.1.legacy.src.rpm b63f40f2d2c84c6a23ba9668a0ad523600208b88 fedora/2/updates-testing/SRPMS/epiphany-1.2.10-0.2.7.legacy.src.rpm e0d504c88489904fe8c94cf552ba4c91ba78dd69 fedora/2/updates-testing/SRPMS/devhelp-0.9.1-0.2.10.legacy.src.rpm fc3: fc30ba78ef98ffc0f4d7830a293a5a45532487a1 fedora/3/updates-testing/i386/mozilla-1.7.13-1.3.1.legacy.i386.rpm 6046bfef309c48de5545ded1dff026bda82aa12a fedora/3/updates-testing/i386/mozilla-chat-1.7.13-1.3.1.legacy.i386.rpm 2cb20e33c2931ce7f12a0149b8a2f1992ff47459 fedora/3/updates-testing/i386/mozilla-devel-1.7.13-1.3.1.legacy.i386.rpm 182a9e1a32e9d354b6ffedb5b7be7dd49192b119 fedora/3/updates-testing/i386/mozilla-dom-inspector-1.7.13-1.3.1.legacy.i386.rpm fbac943985224c5bdbbce8b83157614f48f2c11d fedora/3/updates-testing/i386/mozilla-js-debugger-1.7.13-1.3.1.legacy.i386.rpm dc733cb3312c3d105e4414bf969e84ddfa5ff435 fedora/3/updates-testing/i386/mozilla-mail-1.7.13-1.3.1.legacy.i386.rpm fd7ef3c6ab771fd368c81bd1925c0194c0503dc7 fedora/3/updates-testing/i386/mozilla-nspr-1.7.13-1.3.1.legacy.i386.rpm 6ca450fb3bda3d9acc3e9dcd86c7480fda7c881b fedora/3/updates-testing/i386/mozilla-nspr-devel-1.7.13-1.3.1.legacy.i386.rpm 25d618ca1f740e9ce6a8d18878dcef447f0dcfbe fedora/3/updates-testing/i386/mozilla-nss-1.7.13-1.3.1.legacy.i386.rpm f61c46c5e3a6bbfcd84c1d1db0948ad351568cfb fedora/3/updates-testing/i386/mozilla-nss-devel-1.7.13-1.3.1.legacy.i386.rpm 3d0a3210e82fe5059d4dd97dfad797522a8dd566 fedora/3/updates-testing/i386/epiphany-1.4.9-1.1.legacy.i386.rpm 9e1b3c5029b1da72303b87566d0fe98ae80316ad fedora/3/updates-testing/i386/epiphany-devel-1.4.9-1.1.legacy.i386.rpm 2700c95dbed803c53f4a632d818df4e6045abede fedora/3/updates-testing/i386/devhelp-0.9.2-2.3.7.legacy.i386.rpm 0635473154c90a0654938e15eea3e0fab24cbcee fedora/3/updates-testing/i386/devhelp-devel-0.9.2-2.3.7.legacy.i386.rpm 2b9902cc94ef38dac784342d1330cdb34a0308c2 fedora/3/updates-testing/x86_64/mozilla-1.7.13-1.3.1.legacy.x86_64.rpm d6c6635c7a9004b90a20ff32330f3e2aef755e7e fedora/3/updates-testing/x86_64/mozilla-chat-1.7.13-1.3.1.legacy.x86_64.rpm ec5ca5851ea31e60f5211d4f308b2d4eae65e97b fedora/3/updates-testing/x86_64/mozilla-devel-1.7.13-1.3.1.legacy.x86_64.rpm 74ac4472c45fecb4562fe73c1aba2c8fbc381da6 fedora/3/updates-testing/x86_64/mozilla-dom-inspector-1.7.13-1.3.1.legacy.x86_64.rpm 0b136eb099b9262271d29d1c55f08e3623fd9b9e fedora/3/updates-testing/x86_64/mozilla-js-debugger-1.7.13-1.3.1.legacy.x86_64.rpm 45aaade65400ab18d12525de0949a96d06c1d784 fedora/3/updates-testing/x86_64/mozilla-mail-1.7.13-1.3.1.legacy.x86_64.rpm fd7ef3c6ab771fd368c81bd1925c0194c0503dc7 fedora/3/updates-testing/x86_64/mozilla-nspr-1.7.13-1.3.1.legacy.i386.rpm 19919ed666049efdb10a571441b32733e3a928c9 fedora/3/updates-testing/x86_64/mozilla-nspr-1.7.13-1.3.1.legacy.x86_64.rpm 2020bad33430a1c9cf6e9298fb3ea8f264262e23 fedora/3/updates-testing/x86_64/mozilla-nspr-devel-1.7.13-1.3.1.legacy.x86_64.rpm 25d618ca1f740e9ce6a8d18878dcef447f0dcfbe fedora/3/updates-testing/x86_64/mozilla-nss-1.7.13-1.3.1.legacy.i386.rpm 1c9d432246665f03ad4c24c7a21ed2d40eea736c fedora/3/updates-testing/x86_64/mozilla-nss-1.7.13-1.3.1.legacy.x86_64.rpm 2e47b9e82c433533cd3e39c2380c511e03e9b320 fedora/3/updates-testing/x86_64/mozilla-nss-devel-1.7.13-1.3.1.legacy.x86_64.rpm 8e763b21f9289a454484fa65ed27053f87b83527 fedora/3/updates-testing/x86_64/epiphany-1.4.9-1.1.legacy.x86_64.rpm a5b5f6d6dbbb2385a13d8b5290d92c119c837c43 fedora/3/updates-testing/x86_64/epiphany-devel-1.4.9-1.1.legacy.x86_64.rpm 54b0234a8abf2b04f45b8062806bc500347a0ce2 fedora/3/updates-testing/x86_64/devhelp-0.9.2-2.3.7.legacy.x86_64.rpm 18374065d2a67b4d0838e4c63bff44d25658ff53 fedora/3/updates-testing/x86_64/devhelp-devel-0.9.2-2.3.7.legacy.x86_64.rpm 5a9ebd563c86b57673ee717a777b2b828cb6f7ae fedora/3/updates-testing/SRPMS/mozilla-1.7.13-1.3.1.legacy.src.rpm 9b7f3d9405d50fb5f52931ef8f18d9e1f2b4fe58 fedora/3/updates-testing/SRPMS/epiphany-1.4.9-1.1.legacy.src.rpm 71a4112fbd0411c57a8b37ba2179b7ec5b8f024e fedora/3/updates-testing/SRPMS/devhelp-0.9.2-2.3.7.legacy.src.rpm --------------------------------------------------------------------- Please test and comment in bugzilla.
Attachment:
signature.asc
Description: OpenPGP digital signature
-- fedora-legacy-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-legacy-list