Security Advisory Critical: firefox security update

Advisory: RHSA-2008:0879-6
Type: Security Advisory
Severity: Critical
Issued on: 2008-09-23
Last updated on: 2008-09-23
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux AS (v. 4.7.z)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux ES (v. 4.7.z)
Red Hat Enterprise Linux EUS (v. 5.2.z server)
Red Hat Enterprise Linux WS (v. 4)
OVAL: com.redhat.rhsa-20080879.xml
CVEs (cve.mitre.org): CVE-2008-3837
CVE-2008-4058
CVE-2008-4060
CVE-2008-4061
CVE-2008-4062
CVE-2008-4063
CVE-2008-4064
CVE-2008-4065
CVE-2008-4067
CVE-2008-4068

Details

An updated firefox package that fixes various security issues is now
available for Red Hat Enterprise Linux 4 and 5.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

Mozilla Firefox is an open source Web browser.

Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause Firefox to crash or,
potentially, execute arbitrary code as the user running Firefox.
(CVE-2008-4058, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062,
CVE-2008-4063, CVE-2008-4064)

Several flaws were found in the way malformed web content was displayed. A
web page containing specially crafted content could potentially trick a
Firefox user into surrendering sensitive information. (CVE-2008-4067,
CVE-2008-4068)

A flaw was found in the way Firefox handles mouse click events. A web page
containing specially crafted JavaScript code could move the content window
while a mouse-button was pressed, causing any item under the pointer to be
dragged. This could, potentially, cause the user to perform an unsafe
drag-and-drop action. (CVE-2008-3837)

A flaw was found in Firefox that caused certain characters to be stripped
from JavaScript code. This flaw could allow malicious JavaScript to bypass
or evade script filters. (CVE-2008-4065)

For technical details regarding these flaws, please see the Mozilla
security advisories for Firefox 3.0.2. You can find a link to the Mozilla
advisories in the References section.

All firefox users should upgrade to this updated package, which contains
backported patches that correct these issues.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Updated packages

RHEL Desktop Workstation (v. 5 client)

SRPMS:
devhelp-0.12-19.el5.src.rpm
File outdated by:  RHSA-2008:0978
    0ccfcd11ff6f4d4a300f12a0e2d4d919
nss-3.12.1.1-1.el5.src.rpm
File outdated by:  RHSA-2009:0256
    51285e77aa3f2dc9b842be3f7135f7a0
xulrunner-1.9.0.2-5.el5.src.rpm
File outdated by:  RHSA-2009:1095
    c3a0509253bda951146ba9e2edcc2475
 
IA-32:
devhelp-devel-0.12-19.el5.i386.rpm
File outdated by:  RHSA-2008:0978
    fe2945c6113c9e4d89e3423056077c11
nss-devel-3.12.1.1-1.el5.i386.rpm
File outdated by:  RHSA-2009:0256
    d0a73bcf8817f74579f355d22d0b745a
nss-pkcs11-devel-3.12.1.1-1.el5.i386.rpm
File outdated by:  RHSA-2009:0256
    8efd670cc8d90275f8387099e1d92120
xulrunner-devel-1.9.0.2-5.el5.i386.rpm
File outdated by:  RHSA-2009:1095
    f7a98c64e0dc0e3845ad43d92ece0c69
xulrunner-devel-unstable-1.9.0.2-5.el5.i386.rpm
File outdated by:  RHSA-2009:1095
    42116a55b34d41c0aad86a05cc504818
 
x86_64:
devhelp-devel-0.12-19.el5.i386.rpm
File outdated by:  RHSA-2008:0978
    fe2945c6113c9e4d89e3423056077c11
devhelp-devel-0.12-19.el5.x86_64.rpm
File outdated by:  RHSA-2008:0978
    18c4d12a34abd6b7db8a09dc60bf172e
nss-devel-3.12.1.1-1.el5.i386.rpm
File outdated by:  RHSA-2009:0256
    d0a73bcf8817f74579f355d22d0b745a
nss-devel-3.12.1.1-1.el5.x86_64.rpm
File outdated by:  RHSA-2009:0256
    b2d2859782f31a8487f4ee96d5db772d
nss-pkcs11-devel-3.12.1.1-1.el5.i386.rpm
File outdated by:  RHSA-2009:0256
    8efd670cc8d90275f8387099e1d92120
nss-pkcs11-devel-3.12.1.1-1.el5.x86_64.rpm
File outdated by:  RHSA-2009:0256
    058ed931c0ec2110c837a035f4dcf34f
xulrunner-devel-1.9.0.2-5.el5.i386.rpm
File outdated by:  RHSA-2009:1095
    f7a98c64e0dc0e3845ad43d92ece0c69
xulrunner-devel-1.9.0.2-5.el5.x86_64.rpm
File outdated by:  RHSA-2009:1095
    fc0f3a691e74d7425e16d9658eda0684
xulrunner-devel-unstable-1.9.0.2-5.el5.x86_64.rpm
File outdated by:  RHSA-2009:1095
    6e96e9e905464f599b3ca92bc93a7d34
 
Red Hat Desktop (v. 4)

SRPMS:
firefox-3.0.2-3.el4.src.rpm
File outdated by:  RHSA-2009:1095
    49a212d901d93445e98e3abe05a1aa92
 
IA-32:
firefox-3.0.2-3.el4.i386.rpm
File outdated by:  RHSA-2009:1095
    cd158bb7e59108e7d122ec61245753fa
 
x86_64:
firefox-3.0.2-3.el4.x86_64.rpm
File outdated by:  RHSA-2009:1095
    d4e929e24ff38aced383d7267129337d
 
Red Hat Enterprise Linux (v. 5 server)

SRPMS:
devhelp-0.12-19.el5.src.rpm
File outdated by:  RHSA-2008:0978
    0ccfcd11ff6f4d4a300f12a0e2d4d919
firefox-3.0.2-3.el5.src.rpm
File outdated by:  RHSA-2008:1036
    36ef92df796da62e77e513a31ec42e8d
nss-3.12.1.1-1.el5.src.rpm
File outdated by:  RHSA-2009:0256
    51285e77aa3f2dc9b842be3f7135f7a0
xulrunner-1.9.0.2-5.el5.src.rpm
File outdated by:  RHSA-2009:1095
    c3a0509253bda951146ba9e2edcc2475
yelp-2.16.0-21.el5.src.rpm
File outdated by:  RHSA-2008:0978
    ab60ef44d3d6018c17fdb8146c515c23
 
IA-32:
devhelp-0.12-19.el5.i386.rpm
File outdated by:  RHSA-2008:0978
    610b8eba980495aeeb7606b743f04a10
devhelp-devel-0.12-19.el5.i386.rpm
File outdated by:  RHSA-2008:0978
    fe2945c6113c9e4d89e3423056077c11
firefox-3.0.2-3.el5.i386.rpm
File outdated by:  RHSA-2009:1095
    fddc262f8dd9bd7ffd3415a476c8184f
nss-3.12.1.1-1.el5.i386.rpm
File outdated by:  RHSA-2009:0256
    8374c8c85d32758059884f38498f178a
nss-devel-3.12.1.1-1.el5.i386.rpm
File outdated by:  RHSA-2009:0256
    d0a73bcf8817f74579f355d22d0b745a
nss-pkcs11-devel-3.12.1.1-1.el5.i386.rpm
File outdated by:  RHSA-2009:0256
    8efd670cc8d90275f8387099e1d92120
nss-tools-3.12.1.1-1.el5.i386.rpm
File outdated by:  RHSA-2009:0256
    867e304607e86069f5977f6b7816221d
xulrunner-1.9.0.2-5.el5.i386.rpm
File outdated by:  RHSA-2009:1095
    23e42bfeb8759c8393b1d53c74e857f6
xulrunner-devel-1.9.0.2-5.el5.i386.rpm
File outdated by:  RHSA-2009:1095
    f7a98c64e0dc0e3845ad43d92ece0c69
xulrunner-devel-unstable-1.9.0.2-5.el5.i386.rpm
File outdated by:  RHSA-2009:1095
    42116a55b34d41c0aad86a05cc504818
yelp-2.16.0-21.el5.i386.rpm
File outdated by:  RHSA-2008:0978
    6e2e41b58a5912af6cd28d193a50ec85
 
IA-64:
devhelp-0.12-19.el5.ia64.rpm
File outdated by:  RHSA-2008:0978
    f69921fb80bc813a5ee6cdf2a6c8aa1b
devhelp-devel-0.12-19.el5.ia64.rpm
File outdated by:  RHSA-2008:0978
    e86506c4597e0370d013c9d3c2457e91
firefox-3.0.2-3.el5.ia64.rpm
File outdated by:  RHSA-2009:1095
    5d25fc01b4acf051e30f1fe6e85c407d
nss-3.12.1.1-1.el5.i386.rpm
File outdated by:  RHSA-2009:0256
    8374c8c85d32758059884f38498f178a
nss-3.12.1.1-1.el5.ia64.rpm
File outdated by:  RHSA-2009:0256
    e6d5b1f40c698d1c25b4422be9588340
nss-devel-3.12.1.1-1.el5.ia64.rpm
File outdated by:  RHSA-2009:0256
    2ad545c38b9e6c8578bc1d1b1157a4fd
nss-pkcs11-devel-3.12.1.1-1.el5.ia64.rpm
File outdated by:  RHSA-2009:0256
    a1448dca0bdcfce0a30cfdb606d2e984
nss-tools-3.12.1.1-1.el5.ia64.rpm
File outdated by:  RHSA-2009:0256
    faac221f8f2d7ccdc92347a10880ae1d
xulrunner-1.9.0.2-5.el5.ia64.rpm
File outdated by:  RHSA-2009:1095
    331bbb838545a057565e21d494acea4f
xulrunner-devel-1.9.0.2-5.el5.ia64.rpm
File outdated by:  RHSA-2009:1095
    700490f335afb0645530f263b895f403
xulrunner-devel-unstable-1.9.0.2-5.el5.ia64.rpm
File outdated by:  RHSA-2009:1095
    bb3290c2cc64da83c0aa883c942225ee
yelp-2.16.0-21.el5.ia64.rpm
File outdated by:  RHSA-2008:0978
    79150174e4b0b8018d5984bda787766d
 
PPC:
devhelp-0.12-19.el5.ppc.rpm
File outdated by:  RHSA-2008:0978
    356fa3315a32cf1a3323717749da6c94
devhelp-devel-0.12-19.el5.ppc.rpm
File outdated by:  RHSA-2008:0978
    db5c1072d9f006c23f43b0d6ff436149
firefox-3.0.2-3.el5.ppc.rpm
File outdated by:  RHSA-2009:1095
    854a7d069b5625e15c7a8e0b13bc1529
nss-3.12.1.1-1.el5.ppc.rpm
File outdated by:  RHSA-2009:0256
    16ee55b30291d05580b339489d3646d6
nss-3.12.1.1-1.el5.ppc64.rpm
File outdated by:  RHSA-2009:0256
    e5a17d0006acf1b015f0bac76dfeb257
nss-devel-3.12.1.1-1.el5.ppc.rpm
File outdated by:  RHSA-2009:0256
    68b06c489eda31a7d007bda3c2ed9a83
nss-devel-3.12.1.1-1.el5.ppc64.rpm
File outdated by:  RHSA-2009:0256
    7e2c8d6ac04c01c3781ed34dc4e9037f
nss-pkcs11-devel-3.12.1.1-1.el5.ppc.rpm
File outdated by:  RHSA-2009:0256
    fdc64c62a3f2e86e4456ac0401591d76
nss-pkcs11-devel-3.12.1.1-1.el5.ppc64.rpm
File outdated by:  RHSA-2009:0256
    d4accde3e5eea886ab2c9e14fbeb3346
nss-tools-3.12.1.1-1.el5.ppc.rpm
File outdated by:  RHSA-2009:0256
    f1fc56cdff0615b3c0c8fd038c819ef4
xulrunner-1.9.0.2-5.el5.ppc.rpm
File outdated by:  RHSA-2009:1095
    3da69f55c3a7a628115f81dd704cdcaa
xulrunner-1.9.0.2-5.el5.ppc64.rpm
File outdated by:  RHSA-2009:1095
    67384f1c0ff72d0a3bed4a544f4ec396
xulrunner-devel-1.9.0.2-5.el5.ppc.rpm
File outdated by:  RHSA-2009:1095
    37e072ebc952209f70dfff52901fc1f0
xulrunner-devel-1.9.0.2-5.el5.ppc64.rpm
File outdated by:  RHSA-2009:1095
    9b5da9552b75843a33cd86daca592893
xulrunner-devel-unstable-1.9.0.2-5.el5.ppc.rpm
File outdated by:  RHSA-2009:1095
    11bff156e6629aa0294868837eede033
yelp-2.16.0-21.el5.ppc.rpm
File outdated by:  RHSA-2008:0978
    8c5c8c098a91096af59afbe89e14fac2
 
s390x:
devhelp-0.12-19.el5.s390.rpm
File outdated by:  RHSA-2008:0978
    601d51341dda03ba9a8c0631e3d7cf25
devhelp-0.12-19.el5.s390x.rpm
File outdated by:  RHSA-2008:0978
    8134b9486f851a7dfce93518a9d0f48e
devhelp-devel-0.12-19.el5.s390.rpm
File outdated by:  RHSA-2008:0978
    7ef7796a43a699662320adc9868c1078
devhelp-devel-0.12-19.el5.s390x.rpm
File outdated by:  RHSA-2008:0978
    37ed739c1269003a18f477a5ffe12734
firefox-3.0.2-3.el5.s390.rpm
File outdated by:  RHSA-2009:1095
    ea1c80e1cf8b2f81ebde090a6692c801
firefox-3.0.2-3.el5.s390x.rpm
File outdated by:  RHSA-2009:1095
    cf8081de1f7229a48bf5571c98ee1382
nss-3.12.1.1-1.el5.s390.rpm
File outdated by:  RHSA-2009:0256
    9d3250889601c5c450a70049f68dd142
nss-3.12.1.1-1.el5.s390x.rpm
File outdated by:  RHSA-2009:0256
    3ab46d2f06d7a87e49e6cb3f182e4d26
nss-devel-3.12.1.1-1.el5.s390.rpm
File outdated by:  RHSA-2009:0256
    5e7f2fd71cb9f6e67290632bf7068223
nss-devel-3.12.1.1-1.el5.s390x.rpm
File outdated by:  RHSA-2009:0256
    60a8b12e5e46d42a634583e50fc441a0
nss-pkcs11-devel-3.12.1.1-1.el5.s390.rpm
File outdated by:  RHSA-2009:0256
    a841421d0ea7069225954b81c0b88f5e
nss-pkcs11-devel-3.12.1.1-1.el5.s390x.rpm
File outdated by:  RHSA-2009:0256
    3966cce6d512ccfaebfbc5d6c744c868
nss-tools-3.12.1.1-1.el5.s390x.rpm
File outdated by:  RHSA-2009:0256
    f85ccd4df8057051c2e3d100f61c4faa
xulrunner-1.9.0.2-5.el5.s390.rpm
File outdated by:  RHSA-2009:1095
    311278ae616185cee2ca64803e4c5dd1
xulrunner-1.9.0.2-5.el5.s390x.rpm
File outdated by:  RHSA-2009:1095
    4cb196b868ba215fb4b104d578aad156
xulrunner-devel-1.9.0.2-5.el5.s390.rpm
File outdated by:  RHSA-2009:1095
    1baf6b9b535bf7b1e3ca648ac64e69ea
xulrunner-devel-1.9.0.2-5.el5.s390x.rpm
File outdated by:  RHSA-2009:1095
    7aa572c95202639d027c2328103c30f5
xulrunner-devel-unstable-1.9.0.2-5.el5.s390x.rpm
File outdated by:  RHSA-2009:1095
    f6b097f46ab36a839336600ae0a70922
yelp-2.16.0-21.el5.s390x.rpm
File outdated by:  RHSA-2008:0978
    4b33a5f5deb51da1a222247c920efc08
 
x86_64:
devhelp-0.12-19.el5.i386.rpm
File outdated by:  RHSA-2008:0978
    610b8eba980495aeeb7606b743f04a10
devhelp-0.12-19.el5.x86_64.rpm
File outdated by:  RHSA-2008:0978
    f08d5737240a6bc5e4f9b23c0ac2f882
devhelp-devel-0.12-19.el5.i386.rpm
File outdated by:  RHSA-2008:0978
    fe2945c6113c9e4d89e3423056077c11
devhelp-devel-0.12-19.el5.x86_64.rpm
File outdated by:  RHSA-2008:0978
    18c4d12a34abd6b7db8a09dc60bf172e
firefox-3.0.2-3.el5.i386.rpm
File outdated by:  RHSA-2009:1095
    fddc262f8dd9bd7ffd3415a476c8184f
firefox-3.0.2-3.el5.x86_64.rpm
File outdated by:  RHSA-2009:1095
    a7333f522fbd077cd9668dbb49f56632
nss-3.12.1.1-1.el5.i386.rpm
File outdated by:  RHSA-2009:0256
    8374c8c85d32758059884f38498f178a
nss-3.12.1.1-1.el5.x86_64.rpm
File outdated by:  RHSA-2009:0256
    a8fbfa585f597f0c8194ddc66b2e562a
nss-devel-3.12.1.1-1.el5.i386.rpm
File outdated by:  RHSA-2009:0256
    d0a73bcf8817f74579f355d22d0b745a
nss-devel-3.12.1.1-1.el5.x86_64.rpm
File outdated by:  RHSA-2009:0256
    b2d2859782f31a8487f4ee96d5db772d
nss-pkcs11-devel-3.12.1.1-1.el5.i386.rpm
File outdated by:  RHSA-2009:0256
    8efd670cc8d90275f8387099e1d92120
nss-pkcs11-devel-3.12.1.1-1.el5.x86_64.rpm
File outdated by:  RHSA-2009:0256
    058ed931c0ec2110c837a035f4dcf34f
nss-tools-3.12.1.1-1.el5.x86_64.rpm
File outdated by:  RHSA-2009:0256
    47ca2528d57e43ef2f55683ba96dc98a
xulrunner-1.9.0.2-5.el5.i386.rpm
File outdated by:  RHSA-2009:1095
    23e42bfeb8759c8393b1d53c74e857f6
xulrunner-1.9.0.2-5.el5.x86_64.rpm
File outdated by:  RHSA-2009:1095
    769070ceb6b63073e20d021bbc16ce93
xulrunner-devel-1.9.0.2-5.el5.i386.rpm
File outdated by:  RHSA-2009:1095
    f7a98c64e0dc0e3845ad43d92ece0c69
xulrunner-devel-1.9.0.2-5.el5.x86_64.rpm
File outdated by:  RHSA-2009:1095
    fc0f3a691e74d7425e16d9658eda0684
xulrunner-devel-unstable-1.9.0.2-5.el5.x86_64.rpm
File outdated by:  RHSA-2009:1095
    6e96e9e905464f599b3ca92bc93a7d34
yelp-2.16.0-21.el5.x86_64.rpm
File outdated by:  RHSA-2008:0978
    908edef0541e4defe41b9356aba3f3af
 
Red Hat Enterprise Linux AS (v. 4)

SRPMS:
firefox-3.0.2-3.el4.src.rpm
File outdated by:  RHSA-2009:1095
    49a212d901d93445e98e3abe05a1aa92
 
IA-32:
firefox-3.0.2-3.el4.i386.rpm
File outdated by:  RHSA-2009:1095
    cd158bb7e59108e7d122ec61245753fa
 
IA-64:
firefox-3.0.2-3.el4.ia64.rpm
File outdated by:  RHSA-2009:1095
    0860d9af59d7c9d508eb91ed602fe289
 
PPC:
firefox-3.0.2-3.el4.ppc.rpm
File outdated by:  RHSA-2009:1095
    cd0d0a3a91c5d75b5e351630dab115ce
 
s390:
firefox-3.0.2-3.el4.s390.rpm
File outdated by:  RHSA-2009:1095
    d49c6d6ecf5e8ea716eb79a143bdb88f
 
s390x:
firefox-3.0.2-3.el4.s390x.rpm
File outdated by:  RHSA-2009:1095
    5f15af080979ff976d27a202d015bc83
 
x86_64:
firefox-3.0.2-3.el4.x86_64.rpm
File outdated by:  RHSA-2009:1095
    d4e929e24ff38aced383d7267129337d
 
Red Hat Enterprise Linux AS (v. 4.7.z)

SRPMS:
firefox-3.0.2-3.el4.src.rpm
File outdated by:  RHSA-2009:1095
    49a212d901d93445e98e3abe05a1aa92
 
IA-32:
firefox-3.0.2-3.el4.i386.rpm
File outdated by:  RHSA-2009:0449
    cd158bb7e59108e7d122ec61245753fa
 
IA-64:
firefox-3.0.2-3.el4.ia64.rpm
File outdated by:  RHSA-2009:0449
    0860d9af59d7c9d508eb91ed602fe289
 
PPC:
firefox-3.0.2-3.el4.ppc.rpm
File outdated by:  RHSA-2009:0449
    cd0d0a3a91c5d75b5e351630dab115ce
 
s390:
firefox-3.0.2-3.el4.s390.rpm
File outdated by:  RHSA-2009:0449
    d49c6d6ecf5e8ea716eb79a143bdb88f
 
s390x:
firefox-3.0.2-3.el4.s390x.rpm
File outdated by:  RHSA-2009:0449
    5f15af080979ff976d27a202d015bc83
 
x86_64:
firefox-3.0.2-3.el4.x86_64.rpm
File outdated by:  RHSA-2009:0449
    d4e929e24ff38aced383d7267129337d
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
devhelp-0.12-19.el5.src.rpm
File outdated by:  RHSA-2008:0978
    0ccfcd11ff6f4d4a300f12a0e2d4d919
firefox-3.0.2-3.el5.src.rpm
File outdated by:  RHSA-2008:1036
    36ef92df796da62e77e513a31ec42e8d
nss-3.12.1.1-1.el5.src.rpm
File outdated by:  RHSA-2009:0256
    51285e77aa3f2dc9b842be3f7135f7a0
xulrunner-1.9.0.2-5.el5.src.rpm
File outdated by:  RHSA-2009:1095
    c3a0509253bda951146ba9e2edcc2475
yelp-2.16.0-21.el5.src.rpm
File outdated by:  RHSA-2008:0978
    ab60ef44d3d6018c17fdb8146c515c23
 
IA-32:
devhelp-0.12-19.el5.i386.rpm
File outdated by:  RHSA-2008:0978
    610b8eba980495aeeb7606b743f04a10
firefox-3.0.2-3.el5.i386.rpm
File outdated by:  RHSA-2009:1095
    fddc262f8dd9bd7ffd3415a476c8184f
nss-3.12.1.1-1.el5.i386.rpm
File outdated by:  RHSA-2009:0256
    8374c8c85d32758059884f38498f178a
nss-tools-3.12.1.1-1.el5.i386.rpm
File outdated by:  RHSA-2009:0256
    867e304607e86069f5977f6b7816221d
xulrunner-1.9.0.2-5.el5.i386.rpm
File outdated by:  RHSA-2009:1095
    23e42bfeb8759c8393b1d53c74e857f6
yelp-2.16.0-21.el5.i386.rpm
File outdated by:  RHSA-2008:0978
    6e2e41b58a5912af6cd28d193a50ec85
 
x86_64:
devhelp-0.12-19.el5.i386.rpm
File outdated by:  RHSA-2008:0978
    610b8eba980495aeeb7606b743f04a10
devhelp-0.12-19.el5.x86_64.rpm
File outdated by:  RHSA-2008:0978
    f08d5737240a6bc5e4f9b23c0ac2f882
firefox-3.0.2-3.el5.i386.rpm
File outdated by:  RHSA-2009:1095
    fddc262f8dd9bd7ffd3415a476c8184f
firefox-3.0.2-3.el5.x86_64.rpm
File outdated by:  RHSA-2009:1095
    a7333f522fbd077cd9668dbb49f56632
nss-3.12.1.1-1.el5.i386.rpm
File outdated by:  RHSA-2009:0256
    8374c8c85d32758059884f38498f178a
nss-3.12.1.1-1.el5.x86_64.rpm
File outdated by:  RHSA-2009:0256
    a8fbfa585f597f0c8194ddc66b2e562a
nss-tools-3.12.1.1-1.el5.x86_64.rpm
File outdated by:  RHSA-2009:0256
    47ca2528d57e43ef2f55683ba96dc98a
xulrunner-1.9.0.2-5.el5.i386.rpm
File outdated by:  RHSA-2009:1095
    23e42bfeb8759c8393b1d53c74e857f6
xulrunner-1.9.0.2-5.el5.x86_64.rpm
File outdated by:  RHSA-2009:1095
    769070ceb6b63073e20d021bbc16ce93
yelp-2.16.0-21.el5.x86_64.rpm
File outdated by:  RHSA-2008:0978
    908edef0541e4defe41b9356aba3f3af
 
Red Hat Enterprise Linux ES (v. 4)

SRPMS:
firefox-3.0.2-3.el4.src.rpm
File outdated by:  RHSA-2009:1095
    49a212d901d93445e98e3abe05a1aa92
 
IA-32:
firefox-3.0.2-3.el4.i386.rpm
File outdated by:  RHSA-2009:1095
    cd158bb7e59108e7d122ec61245753fa
 
IA-64:
firefox-3.0.2-3.el4.ia64.rpm
File outdated by:  RHSA-2009:1095
    0860d9af59d7c9d508eb91ed602fe289
 
x86_64:
firefox-3.0.2-3.el4.x86_64.rpm
File outdated by:  RHSA-2009:1095
    d4e929e24ff38aced383d7267129337d
 
Red Hat Enterprise Linux ES (v. 4.7.z)

SRPMS:
firefox-3.0.2-3.el4.src.rpm
File outdated by:  RHSA-2009:1095
    49a212d901d93445e98e3abe05a1aa92
 
IA-32:
firefox-3.0.2-3.el4.i386.rpm
File outdated by:  RHSA-2009:0449
    cd158bb7e59108e7d122ec61245753fa
 
IA-64:
firefox-3.0.2-3.el4.ia64.rpm
File outdated by:  RHSA-2009:0449
    0860d9af59d7c9d508eb91ed602fe289
 
x86_64:
firefox-3.0.2-3.el4.x86_64.rpm
File outdated by:  RHSA-2009:0449
    d4e929e24ff38aced383d7267129337d
 
Red Hat Enterprise Linux EUS (v. 5.2.z server)

SRPMS:
devhelp-0.12-19.el5.src.rpm
File outdated by:  RHSA-2008:0978
    0ccfcd11ff6f4d4a300f12a0e2d4d919
firefox-3.0.2-3.el5.src.rpm
File outdated by:  RHSA-2008:1036
    36ef92df796da62e77e513a31ec42e8d
nss-3.12.1.1-1.el5.src.rpm
File outdated by:  RHSA-2009:0256
    51285e77aa3f2dc9b842be3f7135f7a0
xulrunner-1.9.0.2-5.el5.src.rpm
File outdated by:  RHSA-2009:1095
    c3a0509253bda951146ba9e2edcc2475
yelp-2.16.0-21.el5.src.rpm
File outdated by:  RHSA-2008:0978
    ab60ef44d3d6018c17fdb8146c515c23
 
IA-32:
devhelp-0.12-19.el5.i386.rpm
File outdated by:  RHSA-2008:0978
    610b8eba980495aeeb7606b743f04a10
devhelp-devel-0.12-19.el5.i386.rpm
File outdated by:  RHSA-2008:0978
    fe2945c6113c9e4d89e3423056077c11
firefox-3.0.2-3.el5.i386.rpm
File outdated by:  RHSA-2008:1036
    fddc262f8dd9bd7ffd3415a476c8184f
nss-3.12.1.1-1.el5.i386.rpm
File outdated by:  RHSA-2008:1036
    8374c8c85d32758059884f38498f178a
nss-devel-3.12.1.1-1.el5.i386.rpm
File outdated by:  RHSA-2008:1036
    d0a73bcf8817f74579f355d22d0b745a
nss-pkcs11-devel-3.12.1.1-1.el5.i386.rpm
File outdated by:  RHSA-2008:1036
    8efd670cc8d90275f8387099e1d92120
nss-tools-3.12.1.1-1.el5.i386.rpm
File outdated by:  RHSA-2008:1036
    867e304607e86069f5977f6b7816221d
xulrunner-1.9.0.2-5.el5.i386.rpm
File outdated by:  RHSA-2008:1036
    23e42bfeb8759c8393b1d53c74e857f6
xulrunner-devel-1.9.0.2-5.el5.i386.rpm
File outdated by:  RHSA-2008:1036
    f7a98c64e0dc0e3845ad43d92ece0c69
xulrunner-devel-unstable-1.9.0.2-5.el5.i386.rpm
File outdated by:  RHSA-2008:1036
    42116a55b34d41c0aad86a05cc504818
yelp-2.16.0-21.el5.i386.rpm
File outdated by:  RHSA-2008:0978
    6e2e41b58a5912af6cd28d193a50ec85
 
IA-64:
devhelp-0.12-19.el5.ia64.rpm
File outdated by:  RHSA-2008:0978
    f69921fb80bc813a5ee6cdf2a6c8aa1b
devhelp-devel-0.12-19.el5.ia64.rpm
File outdated by:  RHSA-2008:0978
    e86506c4597e0370d013c9d3c2457e91
firefox-3.0.2-3.el5.ia64.rpm
File outdated by:  RHSA-2008:1036
    5d25fc01b4acf051e30f1fe6e85c407d
nss-3.12.1.1-1.el5.i386.rpm
File outdated by:  RHSA-2008:1036
    8374c8c85d32758059884f38498f178a
nss-3.12.1.1-1.el5.ia64.rpm
File outdated by:  RHSA-2008:1036
    e6d5b1f40c698d1c25b4422be9588340
nss-devel-3.12.1.1-1.el5.ia64.rpm
File outdated by:  RHSA-2008:1036
    2ad545c38b9e6c8578bc1d1b1157a4fd
nss-pkcs11-devel-3.12.1.1-1.el5.ia64.rpm
File outdated by:  RHSA-2008:1036
    a1448dca0bdcfce0a30cfdb606d2e984
nss-tools-3.12.1.1-1.el5.ia64.rpm
File outdated by:  RHSA-2008:1036
    faac221f8f2d7ccdc92347a10880ae1d
xulrunner-1.9.0.2-5.el5.ia64.rpm
File outdated by:  RHSA-2008:1036
    331bbb838545a057565e21d494acea4f
xulrunner-devel-1.9.0.2-5.el5.ia64.rpm
File outdated by:  RHSA-2008:1036
    700490f335afb0645530f263b895f403
xulrunner-devel-unstable-1.9.0.2-5.el5.ia64.rpm
File outdated by:  RHSA-2008:1036
    bb3290c2cc64da83c0aa883c942225ee
yelp-2.16.0-21.el5.ia64.rpm
File outdated by:  RHSA-2008:0978
    79150174e4b0b8018d5984bda787766d
 
PPC:
devhelp-0.12-19.el5.ppc.rpm
File outdated by:  RHSA-2008:0978
    356fa3315a32cf1a3323717749da6c94
devhelp-devel-0.12-19.el5.ppc.rpm
File outdated by:  RHSA-2008:0978
    db5c1072d9f006c23f43b0d6ff436149
firefox-3.0.2-3.el5.ppc.rpm
File outdated by:  RHSA-2008:1036
    854a7d069b5625e15c7a8e0b13bc1529
nss-3.12.1.1-1.el5.ppc.rpm
File outdated by:  RHSA-2008:1036
    16ee55b30291d05580b339489d3646d6
nss-3.12.1.1-1.el5.ppc64.rpm
File outdated by:  RHSA-2008:1036
    e5a17d0006acf1b015f0bac76dfeb257
nss-devel-3.12.1.1-1.el5.ppc.rpm
File outdated by:  RHSA-2008:1036
    68b06c489eda31a7d007bda3c2ed9a83
nss-devel-3.12.1.1-1.el5.ppc64.rpm
File outdated by:  RHSA-2008:1036
    7e2c8d6ac04c01c3781ed34dc4e9037f
nss-pkcs11-devel-3.12.1.1-1.el5.ppc.rpm
File outdated by:  RHSA-2008:1036
    fdc64c62a3f2e86e4456ac0401591d76
nss-pkcs11-devel-3.12.1.1-1.el5.ppc64.rpm
File outdated by:  RHSA-2008:1036
    d4accde3e5eea886ab2c9e14fbeb3346
nss-tools-3.12.1.1-1.el5.ppc.rpm
File outdated by:  RHSA-2008:1036
    f1fc56cdff0615b3c0c8fd038c819ef4
xulrunner-1.9.0.2-5.el5.ppc.rpm
File outdated by:  RHSA-2008:1036
    3da69f55c3a7a628115f81dd704cdcaa
xulrunner-1.9.0.2-5.el5.ppc64.rpm
File outdated by:  RHSA-2008:1036
    67384f1c0ff72d0a3bed4a544f4ec396
xulrunner-devel-1.9.0.2-5.el5.ppc.rpm
File outdated by:  RHSA-2008:1036
    37e072ebc952209f70dfff52901fc1f0
xulrunner-devel-1.9.0.2-5.el5.ppc64.rpm
File outdated by:  RHSA-2008:1036
    9b5da9552b75843a33cd86daca592893
xulrunner-devel-unstable-1.9.0.2-5.el5.ppc.rpm
File outdated by:  RHSA-2008:1036
    11bff156e6629aa0294868837eede033
yelp-2.16.0-21.el5.ppc.rpm
File outdated by:  RHSA-2008:0978
    8c5c8c098a91096af59afbe89e14fac2
 
s390x:
devhelp-0.12-19.el5.s390.rpm
File outdated by:  RHSA-2008:0978
    601d51341dda03ba9a8c0631e3d7cf25
devhelp-0.12-19.el5.s390x.rpm
File outdated by:  RHSA-2008:0978
    8134b9486f851a7dfce93518a9d0f48e
devhelp-devel-0.12-19.el5.s390.rpm
File outdated by:  RHSA-2008:0978
    7ef7796a43a699662320adc9868c1078
devhelp-devel-0.12-19.el5.s390x.rpm
File outdated by:  RHSA-2008:0978
    37ed739c1269003a18f477a5ffe12734
firefox-3.0.2-3.el5.s390.rpm
File outdated by:  RHSA-2008:1036
    ea1c80e1cf8b2f81ebde090a6692c801
firefox-3.0.2-3.el5.s390x.rpm
File outdated by:  RHSA-2008:1036
    cf8081de1f7229a48bf5571c98ee1382
nss-3.12.1.1-1.el5.s390.rpm
File outdated by:  RHSA-2008:1036
    9d3250889601c5c450a70049f68dd142
nss-3.12.1.1-1.el5.s390x.rpm
File outdated by:  RHSA-2008:1036
    3ab46d2f06d7a87e49e6cb3f182e4d26
nss-devel-3.12.1.1-1.el5.s390.rpm
File outdated by:  RHSA-2008:1036
    5e7f2fd71cb9f6e67290632bf7068223
nss-devel-3.12.1.1-1.el5.s390x.rpm
File outdated by:  RHSA-2008:1036
    60a8b12e5e46d42a634583e50fc441a0
nss-pkcs11-devel-3.12.1.1-1.el5.s390.rpm
File outdated by:  RHSA-2008:1036
    a841421d0ea7069225954b81c0b88f5e
nss-pkcs11-devel-3.12.1.1-1.el5.s390x.rpm
File outdated by:  RHSA-2008:1036
    3966cce6d512ccfaebfbc5d6c744c868
nss-tools-3.12.1.1-1.el5.s390x.rpm
File outdated by:  RHSA-2008:1036
    f85ccd4df8057051c2e3d100f61c4faa
xulrunner-1.9.0.2-5.el5.s390.rpm
File outdated by:  RHSA-2008:1036
    311278ae616185cee2ca64803e4c5dd1
xulrunner-1.9.0.2-5.el5.s390x.rpm
File outdated by:  RHSA-2008:1036
    4cb196b868ba215fb4b104d578aad156
xulrunner-devel-1.9.0.2-5.el5.s390.rpm
File outdated by:  RHSA-2008:1036
    1baf6b9b535bf7b1e3ca648ac64e69ea
xulrunner-devel-1.9.0.2-5.el5.s390x.rpm
File outdated by:  RHSA-2008:1036
    7aa572c95202639d027c2328103c30f5
xulrunner-devel-unstable-1.9.0.2-5.el5.s390x.rpm
File outdated by:  RHSA-2008:1036
    f6b097f46ab36a839336600ae0a70922
yelp-2.16.0-21.el5.s390x.rpm
File outdated by:  RHSA-2008:0978
    4b33a5f5deb51da1a222247c920efc08
 
x86_64:
devhelp-0.12-19.el5.i386.rpm
File outdated by:  RHSA-2008:0978
    610b8eba980495aeeb7606b743f04a10
devhelp-0.12-19.el5.x86_64.rpm
File outdated by:  RHSA-2008:0978
    f08d5737240a6bc5e4f9b23c0ac2f882
devhelp-devel-0.12-19.el5.i386.rpm
File outdated by:  RHSA-2008:0978
    fe2945c6113c9e4d89e3423056077c11
devhelp-devel-0.12-19.el5.x86_64.rpm
File outdated by:  RHSA-2008:0978
    18c4d12a34abd6b7db8a09dc60bf172e
firefox-3.0.2-3.el5.i386.rpm
File outdated by:  RHSA-2008:1036
    fddc262f8dd9bd7ffd3415a476c8184f
firefox-3.0.2-3.el5.x86_64.rpm
File outdated by:  RHSA-2008:1036
    a7333f522fbd077cd9668dbb49f56632
nss-3.12.1.1-1.el5.i386.rpm
File outdated by:  RHSA-2008:1036
    8374c8c85d32758059884f38498f178a
nss-3.12.1.1-1.el5.x86_64.rpm
File outdated by:  RHSA-2008:1036
    a8fbfa585f597f0c8194ddc66b2e562a
nss-devel-3.12.1.1-1.el5.i386.rpm
File outdated by:  RHSA-2008:1036
    d0a73bcf8817f74579f355d22d0b745a
nss-devel-3.12.1.1-1.el5.x86_64.rpm
File outdated by:  RHSA-2008:1036
    b2d2859782f31a8487f4ee96d5db772d
nss-pkcs11-devel-3.12.1.1-1.el5.i386.rpm
File outdated by:  RHSA-2008:1036
    8efd670cc8d90275f8387099e1d92120
nss-pkcs11-devel-3.12.1.1-1.el5.x86_64.rpm
File outdated by:  RHSA-2008:1036
    058ed931c0ec2110c837a035f4dcf34f
nss-tools-3.12.1.1-1.el5.x86_64.rpm
File outdated by:  RHSA-2008:1036
    47ca2528d57e43ef2f55683ba96dc98a
xulrunner-1.9.0.2-5.el5.i386.rpm
File outdated by:  RHSA-2008:1036
    23e42bfeb8759c8393b1d53c74e857f6
xulrunner-1.9.0.2-5.el5.x86_64.rpm
File outdated by:  RHSA-2008:1036
    769070ceb6b63073e20d021bbc16ce93
xulrunner-devel-1.9.0.2-5.el5.i386.rpm
File outdated by:  RHSA-2008:1036
    f7a98c64e0dc0e3845ad43d92ece0c69
xulrunner-devel-1.9.0.2-5.el5.x86_64.rpm
File outdated by:  RHSA-2008:1036
    fc0f3a691e74d7425e16d9658eda0684
xulrunner-devel-unstable-1.9.0.2-5.el5.x86_64.rpm
File outdated by:  RHSA-2008:1036
    6e96e9e905464f599b3ca92bc93a7d34
yelp-2.16.0-21.el5.x86_64.rpm
File outdated by:  RHSA-2008:0978
    908edef0541e4defe41b9356aba3f3af
 
Red Hat Enterprise Linux WS (v. 4)

SRPMS:
firefox-3.0.2-3.el4.src.rpm
File outdated by:  RHSA-2009:1095
    49a212d901d93445e98e3abe05a1aa92
 
IA-32:
firefox-3.0.2-3.el4.i386.rpm
File outdated by:  RHSA-2009:1095
    cd158bb7e59108e7d122ec61245753fa
 
IA-64:
firefox-3.0.2-3.el4.ia64.rpm
File outdated by:  RHSA-2009:1095
    0860d9af59d7c9d508eb91ed602fe289
 
x86_64:
firefox-3.0.2-3.el4.x86_64.rpm
File outdated by:  RHSA-2009:1095
    d4e929e24ff38aced383d7267129337d
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

463189 - CVE-2008-3837 Forced mouse drag
463190 - CVE-2008-4058 Mozilla privilege escalation via XPCnativeWrapper pollution
463198 - CVE-2008-4060 Mozilla privilege escalation via XPCnativeWrapper pollution
463199 - CVE-2008-4061 Mozilla layout engine crash
463201 - CVE-2008-4062 Mozilla crashes with evidence of memory corruption
463203 - CVE-2008-4063 Mozilla crashes with evidence of memory corruption
463204 - CVE-2008-4064 Mozilla crashes with evidence of memory corruption
463234 - CVE-2008-4065 Mozilla BOM characters stripped from JavaScript before execution
463246 - CVE-2008-4067 Mozilla resource: traversal vulnerability
463248 - CVE-2008-4068 Mozilla local HTML file recource: bypass


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/