-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2008-11511 2008-12-21 00:43:22 --------------------------------------------------------------------------------
Name : google-gadgets Product : Fedora 10 Version : 0.10.3 Release : 2.fc10 URL : http://code.google.com/p/google-gadgets-for-linux/ Summary : Google Gadgets for Linux Description : Google Gadgets for Linux provides a platform for running desktop gadgets under Linux, catering to the unique needs of Linux users. It can run, without modification, many Google Desktop gadgets as well as the Universal Gadgets on iGoogle. -------------------------------------------------------------------------------- Update Information: Update to the new upstream Firefox 3.0.5 / XULRunner 1.9.0.5 fixing multiple security issues: http://www.mozilla.org/security/known- vulnerabilities/firefox30.html#firefox3.0.5 This update also contains new builds of all applications depending on Gecko libraries, built against new version. Note: after the updated packages are installed, Firefox must be restarted for the update to take effect. -------------------------------------------------------------------------------- ChangeLog: * Wed Dec 17 2008 Christopher Aillon <cail...@redhat.com> - 0.10.3-2 - Rebuild against newer gecko * Sun Nov 23 2008 Michel Salim <sali...@fedoraproject.org> - 0.10.3-1 - Update to 0.10.3 -------------------------------------------------------------------------------- References: [ 1 ] Bug #476266 - CVE-2008-5500 Layout engine crashes - Firefox 2 and 3 https://bugzilla.redhat.com/show_bug.cgi?id=476266 [ 2 ] Bug #476280 - CVE-2008-5507 Firefox Cross-domain data theft via script redirect error message https://bugzilla.redhat.com/show_bug.cgi?id=476280 [ 3 ] Bug #476278 - CVE-2008-5506 Firefox XMLHttpRequest 302 response disclosure https://bugzilla.redhat.com/show_bug.cgi?id=476278 [ 4 ] Bug #476267 - CVE-2008-5501 Layout engine crash - Firefox 3 only https://bugzilla.redhat.com/show_bug.cgi?id=476267 [ 5 ] Bug #476289 - CVE-2008-5513 Firefox XSS vulnerabilities in SessionStore https://bugzilla.redhat.com/show_bug.cgi?id=476289 [ 6 ] Bug #476269 - CVE-2008-5502 JavaScript engine crash - Firefox 3 only https://bugzilla.redhat.com/show_bug.cgi?id=476269 [ 7 ] Bug #476287 - CVE-2008-5512 Firefox JavaScript privilege escalation https://bugzilla.redhat.com/show_bug.cgi?id=476287 [ 8 ] Bug #476285 - CVE-2008-5511 Firefox XSS via XBL bindings to unloaded document https://bugzilla.redhat.com/show_bug.cgi?id=476285 [ 9 ] Bug #476274 - CVE-2008-5505 Firefox 3 User tracking via XUL persist attribute https://bugzilla.redhat.com/show_bug.cgi?id=476274 [ 10 ] Bug #476283 - CVE-2008-5510 Firefox null characters ignored by CSS parser https://bugzilla.redhat.com/show_bug.cgi?id=476283 [ 11 ] Bug #476281 - CVE-2008-5508 Firefox errors parsing URLs with control characters https://bugzilla.redhat.com/show_bug.cgi?id=476281 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update google-gadgets' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce