-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-3952 2007-11-29 01:44:21.449766 --------------------------------------------------------------------------------
Name : devhelp Product : Fedora 7 Version : 0.13 Release : 12.fc7 URL : http://developer.imendio.com/projects/devhelp Summary : API document browser Description : An API document browser for GNOME 2. -------------------------------------------------------------------------------- Update Information: Updated firefox packages that fix several security issues are now available for Fedora 7. This update has been rated as having critical security impact by the Fedora Security Response Team. Mozilla Firefox is an open source Web browser. A cross-site scripting flaw was found in the way Firefox handled the jar: URI scheme. It was possible for a malicious website to leverage this flaw and conduct a cross-site scripting attack against a user running Firefox. (CVE-2007-5947) Several flaws were found in the way Firefox processed certain malformed web content. A webpage containing malicious content could cause Firefox to crash, or potentially execute arbitrary code as the user running Firefox. (CVE-2007-5959) A race condition existed when Firefox set the "window.location" property for a webpage. This flaw could allow a webpage to set an arbitrary Referer header, which may lead to a Cross-site Request Forgery (CSRF) attack against websites that rely only on the Referer header for protection. (CVE-2007-5960) Users of Firefox are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. -------------------------------------------------------------------------------- ChangeLog: * Tue Nov 27 2007 Christopher Aillon <[EMAIL PROTECTED]> - 0.13-12 - Rebuild against newer gecko * Mon Nov 5 2007 Martin Stransky <[EMAIL PROTECTED]> - 0.13-11 - Rebuild against newer gecko * Fri Oct 19 2007 Christopher Aillon <[EMAIL PROTECTED]> - 0.13-10 - Rebuild against newer gecko * Wed Jul 18 2007 Kai Engert <[EMAIL PROTECTED]> - 0.13-9 - Rebuild against newer gecko * Fri May 25 2007 Christopher Aillon <[EMAIL PROTECTED]> - 0.13-8 - Rebuild against newer gecko * Mon Apr 23 2007 Matthew Barnes <[EMAIL PROTECTED]> - 0.13-7.fc7 - Add patch for RH bug #230837 (initialize GThread). * Sat Apr 21 2007 Matthias Clasen <[EMAIL PROTECTED]> - 0.13-6 - Don't install INSTALL -------------------------------------------------------------------------------- Updated packages: 6879dde28a6d411ca6d05f6dc46ad958ebe92337 devhelp-0.13-12.fc7.ppc64.rpm e6f1127dedc826e56e41b032b504e7f6d3c44787 devhelp-devel-0.13-12.fc7.ppc64.rpm aa0ce4dbfd000d0af55b727169a970f5f4bc047a devhelp-debuginfo-0.13-12.fc7.ppc64.rpm 3c579a6b78907721b4a3f2ee5f77c519b2ff5d59 devhelp-0.13-12.fc7.i386.rpm 9d708fab29f8fd1d13314baf4ca7067886f6c888 devhelp-devel-0.13-12.fc7.i386.rpm 3bc5ac0cc62cf68fd77fb9f897d927d40b0ca31a devhelp-debuginfo-0.13-12.fc7.i386.rpm e03e752de427c189fb825274c8805793659b5810 devhelp-devel-0.13-12.fc7.x86_64.rpm cebde82d6fc003edd7eb41a42431fdfd5ee3d503 devhelp-0.13-12.fc7.x86_64.rpm 66587ade46affd29a3dba21fe3df8cfe92caf819 devhelp-debuginfo-0.13-12.fc7.x86_64.rpm d9ec343a3c37cefd88899813fe7f4c7572835709 devhelp-0.13-12.fc7.ppc.rpm 00322c3c319ef548f6686d2d4e5452372d723745 devhelp-debuginfo-0.13-12.fc7.ppc.rpm 3ee9419e7fa7137d43e2388b8f8f1a1c7108e878 devhelp-devel-0.13-12.fc7.ppc.rpm 7685fe4f15ffc60ab05f69a5c2880843f0091078 devhelp-0.13-12.fc7.src.rpm This update can be installed with the "yum" update program. Use su -c 'yum update devhelp' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce