[SECURITY] Fedora Core 6 Update: firefox-

Christopher Aillon caillon at redhat.com
Wed Dec 20 23:36:17 UTC 2006

Fedora Update Notification

Product     : Fedora Core 6
Name        : firefox
Version     :
Release     : 1.fc6
Summary     : Mozilla Firefox Web browser.
Description :
Mozilla Firefox is an open-source web browser, designed for standards
compliance, performance and portability.

Update Information:

Mozilla Firefox is an open source Web browser.

Several flaws were found in the way Firefox processes
certain malformed JavaScript code. A malicious web page
could cause the execution of JavaScript code in such a way
that could cause Firefox to crash or execute arbitrary code
as the user running Firefox. (CVE-2006-6498, CVE-2006-6501,
CVE-2006-6502, CVE-2006-6503, CVE-2006-6504)

Several flaws were found in the way Firefox renders web
pages. A malicious web page could cause the browser to crash
or possibly execute arbitrary code as the user running
Firefox. (CVE-2006-6497)

Users of Firefox are advised to upgrade to these erratum
packages, which contain Firefox version that
corrects these issues. 
* Tue Dec 19 2006 Christopher Aillon <caillon at redhat.com>
- Update to
* Tue Dec  5 2006 Christopher Aillon <caillon at redhat.com>
- Updated pango patches from behdad
- Fix a leak in liveconnect
- Fix a potential crash in CSS
- Let Firefox handle gcc warnings; it weeds out frequent offenders.

This update can be downloaded from:

e1fe5ef2c1156a06026b08a9023c05c0f43fd375  SRPMS/firefox-
e1fe5ef2c1156a06026b08a9023c05c0f43fd375  noarch/firefox-
0e1d89ab8417844327bf5a503e44eabed4b2989d  ppc/debug/firefox-debuginfo-
4d7214e03d8db9f236073bed272f584f70217c05  ppc/firefox-devel-
212166e344557d93cd340a52f246d7f17e28ac93  ppc/firefox-
ca2fb6249c633971b319363b5940702a4049fe71  x86_64/firefox-devel-
da7254f374f59aba18d466f025c7145181ba6c9b  x86_64/debug/firefox-debuginfo-
cfd3064e23d4c97c8bf0167c323b5163d2df97a0  x86_64/firefox-
03cc7fcdd387fa443b7d2e2b2e199c5af1e98ffd  i386/firefox-devel-
1b01573757dfddb260ce4a6f3e3e4e7e2e261f79  i386/debug/firefox-debuginfo-
156f9deca5f95a0dbd6770a11ddab7ecb88b6c29  i386/firefox-

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.

More information about the Fedora-package-announce mailing list