Fedora 11 Security Update: firefox-3.5.6-1.fc11, et. al.

50
Article Source Fedora 11 Security Updates
December 17, 2009, 7:17 pm

Resolved Bugs
546694 – CVE-2009-3979 Mozilla crash with evidence of memory corruption
546720 – CVE-2009-3983 Mozilla NTLM reflection vulnerability
546722 – CVE-2009-3984 Mozilla SSL spoofing with document.location and empty SSL response page
546726 – CVE-2009-3985 Mozilla URL spoofing via invalid document.location
546724 – CVE-2009-3986 Mozilla Chrome privilege escalation via window.opener

Update to new upstream Firefox version 3.5.6, fixing multiple security issues detailed in the upstream advisories: http://www.mozilla.org/security/known-vulnerabilities/firefox35.html#firefox3.5.6 Update also includes all packages depending on gecko-libs rebuilt against new version of Firefox / XULRunner. CVE-2009-3979 CVE-2009-3980 CVE-2009-3982 CVE-2009-3983 CVE-2009-3984 CVE-2009-3985 CVE-2009-3986 CVE-2009-3388 CVE-2009-3389…

Read More