Security Advisory Critical: firefox security update

Advisory: RHSA-2009:0397-1
Type: Security Advisory
Severity: Critical
Issued on: 2009-03-27
Last updated on: 2009-03-27
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux AS (v. 4.7.z)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux ES (v. 4.7.z)
Red Hat Enterprise Linux EUS (v. 5.3.z server)
Red Hat Enterprise Linux WS (v. 4)
OVAL: com.redhat.rhsa-20090397.xml
CVEs (cve.mitre.org): CVE-2009-1044
CVE-2009-1169

Details

Updated firefox packages that fix two security issues are now available for
Red Hat Enterprise Linux 4 and 5.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

Mozilla Firefox is an open source Web browser. XULRunner provides the XUL
Runtime environment for Mozilla Firefox.

A memory corruption flaw was discovered in the way Firefox handles XML
files containing an XSLT transform. A remote attacker could use this flaw
to crash Firefox or, potentially, execute arbitrary code as the user
running Firefox. (CVE-2009-1169)

A flaw was discovered in the way Firefox handles certain XUL garbage
collection events. A remote attacker could use this flaw to crash Firefox
or, potentially, execute arbitrary code as the user running Firefox.
(CVE-2009-1044)

For technical details regarding these flaws, refer to the Mozilla security
advisories. You can find a link to the Mozilla advisories in the References
section of this errata.

Firefox users should upgrade to these updated packages, which resolve these
issues. For Red Hat Enterprise Linux 4, they contain backported patches to
the firefox package. For Red Hat Enterprise Linux 5, they contain
backported patches to the xulrunner packages. After installing the update,
Firefox must be restarted for the changes to take effect.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

RHEL Desktop Workstation (v. 5 client)
SRPMS:
xulrunner-1.9.0.7-3.el5.src.rpm
File outdated by:  RHSA-2009:1530		     174ddee258f6e2033de63993fe184ca6
 
IA-32:
xulrunner-devel-1.9.0.7-3.el5.i386.rpm
File outdated by:  RHSA-2009:1530		     c9bbe802c0bbd09a01db3acca383a2a9
xulrunner-devel-unstable-1.9.0.7-3.el5.i386.rpm
File outdated by:  RHSA-2009:1530		     f04febd0a7fe3ad90df078ceb215bd51
 
x86_64:
xulrunner-devel-1.9.0.7-3.el5.i386.rpm
File outdated by:  RHSA-2009:1530		     c9bbe802c0bbd09a01db3acca383a2a9
xulrunner-devel-1.9.0.7-3.el5.x86_64.rpm
File outdated by:  RHSA-2009:1530		     9c3c622f26e7ef56dfd8080738efb8f9
xulrunner-devel-unstable-1.9.0.7-3.el5.x86_64.rpm
File outdated by:  RHSA-2009:1530		     8e662856939d314b888d5d75ddd42da0
 
Red Hat Desktop (v. 4)
SRPMS:
firefox-3.0.7-3.el4.src.rpm
File outdated by:  RHSA-2009:1530		     976ef646a96e04edeff19eb97a72ef0d
 
IA-32:
firefox-3.0.7-3.el4.i386.rpm
File outdated by:  RHSA-2009:1530		     a66b4ecd1bc925108acd03381c14d12c
 
x86_64:
firefox-3.0.7-3.el4.x86_64.rpm
File outdated by:  RHSA-2009:1530		     09a108223f8f308f999ccd95594e85e7
 
Red Hat Enterprise Linux (v. 5 server)
SRPMS:
xulrunner-1.9.0.7-3.el5.src.rpm
File outdated by:  RHSA-2009:1530		     174ddee258f6e2033de63993fe184ca6
 
IA-32:
xulrunner-1.9.0.7-3.el5.i386.rpm
File outdated by:  RHSA-2009:1530		     ff411c1008c240dcd3a5618ac0a00ea8
xulrunner-devel-1.9.0.7-3.el5.i386.rpm
File outdated by:  RHSA-2009:1530		     c9bbe802c0bbd09a01db3acca383a2a9
xulrunner-devel-unstable-1.9.0.7-3.el5.i386.rpm
File outdated by:  RHSA-2009:1530		     f04febd0a7fe3ad90df078ceb215bd51
 
IA-64:
xulrunner-1.9.0.7-3.el5.ia64.rpm
File outdated by:  RHSA-2009:1530		     4c82d2ab39c44bedc1cb1095f4ecd302
xulrunner-devel-1.9.0.7-3.el5.ia64.rpm
File outdated by:  RHSA-2009:1530		     d543e25191ed94b51a4ff9bd3ad762e8
xulrunner-devel-unstable-1.9.0.7-3.el5.ia64.rpm
File outdated by:  RHSA-2009:1530		     e4b12267b0b83e55398c23c8eae9a4b0
 
PPC:
xulrunner-1.9.0.7-3.el5.ppc.rpm
File outdated by:  RHSA-2009:1530		     0d4877375524fbe28c5a7d3b3e50f300
xulrunner-1.9.0.7-3.el5.ppc64.rpm
File outdated by:  RHSA-2009:1530		     0da0bf104f508a4e478ba7eb6a1efaff
xulrunner-devel-1.9.0.7-3.el5.ppc.rpm
File outdated by:  RHSA-2009:1530		     258c49f3f14145757650f7d0b5ba4faf
xulrunner-devel-1.9.0.7-3.el5.ppc64.rpm
File outdated by:  RHSA-2009:1530		     ddf2c18b541f5090b733b5c44a4f4602
xulrunner-devel-unstable-1.9.0.7-3.el5.ppc.rpm
File outdated by:  RHSA-2009:1530		     6ff492eb0f758b20d2cac193614ec0f3
 
s390x:
xulrunner-1.9.0.7-3.el5.s390.rpm
File outdated by:  RHSA-2009:1530		     98d229ddc2023ee6a7fce4fe089e4bd2
xulrunner-1.9.0.7-3.el5.s390x.rpm
File outdated by:  RHSA-2009:1530		     0ae5afa983dd5aa69256074d556ed304
xulrunner-devel-1.9.0.7-3.el5.s390.rpm
File outdated by:  RHSA-2009:1530		     9d9586538d8ee26f30b7536b0dc18cde
xulrunner-devel-1.9.0.7-3.el5.s390x.rpm
File outdated by:  RHSA-2009:1530		     f123649b286883f55de910d11fd8e5d1
xulrunner-devel-unstable-1.9.0.7-3.el5.s390x.rpm
File outdated by:  RHSA-2009:1530		     59d50f030a4dce148e673aca68a76843
 
x86_64:
xulrunner-1.9.0.7-3.el5.i386.rpm
File outdated by:  RHSA-2009:1530		     ff411c1008c240dcd3a5618ac0a00ea8
xulrunner-1.9.0.7-3.el5.x86_64.rpm
File outdated by:  RHSA-2009:1530		     80b59eb5258b2f608de5a902c0dd1888
xulrunner-devel-1.9.0.7-3.el5.i386.rpm
File outdated by:  RHSA-2009:1530		     c9bbe802c0bbd09a01db3acca383a2a9
xulrunner-devel-1.9.0.7-3.el5.x86_64.rpm
File outdated by:  RHSA-2009:1530		     9c3c622f26e7ef56dfd8080738efb8f9
xulrunner-devel-unstable-1.9.0.7-3.el5.x86_64.rpm
File outdated by:  RHSA-2009:1530		     8e662856939d314b888d5d75ddd42da0
 
Red Hat Enterprise Linux AS (v. 4)
SRPMS:
firefox-3.0.7-3.el4.src.rpm
File outdated by:  RHSA-2009:1530		     976ef646a96e04edeff19eb97a72ef0d
 
IA-32:
firefox-3.0.7-3.el4.i386.rpm
File outdated by:  RHSA-2009:1530		     a66b4ecd1bc925108acd03381c14d12c
 
IA-64:
firefox-3.0.7-3.el4.ia64.rpm
File outdated by:  RHSA-2009:1530		     2da85b7bf98fed5f5e52285895d789f8
 
PPC:
firefox-3.0.7-3.el4.ppc.rpm
File outdated by:  RHSA-2009:1530		     b0be5d23c748defde7a9ce971264bef3
 
s390:
firefox-3.0.7-3.el4.s390.rpm
File outdated by:  RHSA-2009:1530		     8ec0b665d29d2cd6914cd9dee0da7394
 
s390x:
firefox-3.0.7-3.el4.s390x.rpm
File outdated by:  RHSA-2009:1530		     518d5d901d624d4305c16e2d254a49a1
 
x86_64:
firefox-3.0.7-3.el4.x86_64.rpm
File outdated by:  RHSA-2009:1530		     09a108223f8f308f999ccd95594e85e7
 
Red Hat Enterprise Linux AS (v. 4.7.z)
SRPMS:
firefox-3.0.7-3.el4.src.rpm
File outdated by:  RHSA-2009:1530		     976ef646a96e04edeff19eb97a72ef0d
 
IA-32:
firefox-3.0.7-3.el4.i386.rpm
File outdated by:  RHSA-2009:0449		     a66b4ecd1bc925108acd03381c14d12c
 
IA-64:
firefox-3.0.7-3.el4.ia64.rpm
File outdated by:  RHSA-2009:0449		     2da85b7bf98fed5f5e52285895d789f8
 
PPC:
firefox-3.0.7-3.el4.ppc.rpm
File outdated by:  RHSA-2009:0449		     b0be5d23c748defde7a9ce971264bef3
 
s390:
firefox-3.0.7-3.el4.s390.rpm
File outdated by:  RHSA-2009:0449		     8ec0b665d29d2cd6914cd9dee0da7394
 
s390x:
firefox-3.0.7-3.el4.s390x.rpm
File outdated by:  RHSA-2009:0449		     518d5d901d624d4305c16e2d254a49a1
 
x86_64:
firefox-3.0.7-3.el4.x86_64.rpm
File outdated by:  RHSA-2009:0449		     09a108223f8f308f999ccd95594e85e7
 
Red Hat Enterprise Linux Desktop (v. 5 client)
SRPMS:
xulrunner-1.9.0.7-3.el5.src.rpm
File outdated by:  RHSA-2009:1530		     174ddee258f6e2033de63993fe184ca6
 
IA-32:
xulrunner-1.9.0.7-3.el5.i386.rpm
File outdated by:  RHSA-2009:1530		     ff411c1008c240dcd3a5618ac0a00ea8
 
x86_64:
xulrunner-1.9.0.7-3.el5.i386.rpm
File outdated by:  RHSA-2009:1530		     ff411c1008c240dcd3a5618ac0a00ea8
xulrunner-1.9.0.7-3.el5.x86_64.rpm
File outdated by:  RHSA-2009:1530		     80b59eb5258b2f608de5a902c0dd1888
 
Red Hat Enterprise Linux ES (v. 4)
SRPMS:
firefox-3.0.7-3.el4.src.rpm
File outdated by:  RHSA-2009:1530		     976ef646a96e04edeff19eb97a72ef0d
 
IA-32:
firefox-3.0.7-3.el4.i386.rpm
File outdated by:  RHSA-2009:1530		     a66b4ecd1bc925108acd03381c14d12c
 
IA-64:
firefox-3.0.7-3.el4.ia64.rpm
File outdated by:  RHSA-2009:1530		     2da85b7bf98fed5f5e52285895d789f8
 
x86_64:
firefox-3.0.7-3.el4.x86_64.rpm
File outdated by:  RHSA-2009:1530		     09a108223f8f308f999ccd95594e85e7
 
Red Hat Enterprise Linux ES (v. 4.7.z)
SRPMS:
firefox-3.0.7-3.el4.src.rpm
File outdated by:  RHSA-2009:1530		     976ef646a96e04edeff19eb97a72ef0d
 
IA-32:
firefox-3.0.7-3.el4.i386.rpm
File outdated by:  RHSA-2009:0449		     a66b4ecd1bc925108acd03381c14d12c
 
IA-64:
firefox-3.0.7-3.el4.ia64.rpm
File outdated by:  RHSA-2009:0449		     2da85b7bf98fed5f5e52285895d789f8
 
x86_64:
firefox-3.0.7-3.el4.x86_64.rpm
File outdated by:  RHSA-2009:0449		     09a108223f8f308f999ccd95594e85e7
 
Red Hat Enterprise Linux EUS (v. 5.3.z server)
SRPMS:
xulrunner-1.9.0.7-3.el5.src.rpm
File outdated by:  RHSA-2009:1530		     174ddee258f6e2033de63993fe184ca6
 
IA-32:
xulrunner-1.9.0.7-3.el5.i386.rpm
File outdated by:  RHSA-2009:1162		     ff411c1008c240dcd3a5618ac0a00ea8
xulrunner-devel-1.9.0.7-3.el5.i386.rpm
File outdated by:  RHSA-2009:1162		     c9bbe802c0bbd09a01db3acca383a2a9
xulrunner-devel-unstable-1.9.0.7-3.el5.i386.rpm
File outdated by:  RHSA-2009:1162		     f04febd0a7fe3ad90df078ceb215bd51
 
IA-64:
xulrunner-1.9.0.7-3.el5.ia64.rpm
File outdated by:  RHSA-2009:1162		     4c82d2ab39c44bedc1cb1095f4ecd302
xulrunner-devel-1.9.0.7-3.el5.ia64.rpm
File outdated by:  RHSA-2009:1162		     d543e25191ed94b51a4ff9bd3ad762e8
xulrunner-devel-unstable-1.9.0.7-3.el5.ia64.rpm
File outdated by:  RHSA-2009:1162		     e4b12267b0b83e55398c23c8eae9a4b0
 
PPC:
xulrunner-1.9.0.7-3.el5.ppc.rpm
File outdated by:  RHSA-2009:1162		     0d4877375524fbe28c5a7d3b3e50f300
xulrunner-1.9.0.7-3.el5.ppc64.rpm
File outdated by:  RHSA-2009:1162		     0da0bf104f508a4e478ba7eb6a1efaff
xulrunner-devel-1.9.0.7-3.el5.ppc.rpm
File outdated by:  RHSA-2009:1162		     258c49f3f14145757650f7d0b5ba4faf
xulrunner-devel-1.9.0.7-3.el5.ppc64.rpm
File outdated by:  RHSA-2009:1162		     ddf2c18b541f5090b733b5c44a4f4602
xulrunner-devel-unstable-1.9.0.7-3.el5.ppc.rpm
File outdated by:  RHSA-2009:1162		     6ff492eb0f758b20d2cac193614ec0f3
 
s390x:
xulrunner-1.9.0.7-3.el5.s390.rpm
File outdated by:  RHSA-2009:1162		     98d229ddc2023ee6a7fce4fe089e4bd2
xulrunner-1.9.0.7-3.el5.s390x.rpm
File outdated by:  RHSA-2009:1162		     0ae5afa983dd5aa69256074d556ed304
xulrunner-devel-1.9.0.7-3.el5.s390.rpm
File outdated by:  RHSA-2009:1162		     9d9586538d8ee26f30b7536b0dc18cde
xulrunner-devel-1.9.0.7-3.el5.s390x.rpm
File outdated by:  RHSA-2009:1162		     f123649b286883f55de910d11fd8e5d1
xulrunner-devel-unstable-1.9.0.7-3.el5.s390x.rpm
File outdated by:  RHSA-2009:1162		     59d50f030a4dce148e673aca68a76843
 
x86_64:
xulrunner-1.9.0.7-3.el5.i386.rpm
File outdated by:  RHSA-2009:1162		     ff411c1008c240dcd3a5618ac0a00ea8
xulrunner-1.9.0.7-3.el5.x86_64.rpm
File outdated by:  RHSA-2009:1162		     80b59eb5258b2f608de5a902c0dd1888
xulrunner-devel-1.9.0.7-3.el5.i386.rpm
File outdated by:  RHSA-2009:1162		     c9bbe802c0bbd09a01db3acca383a2a9
xulrunner-devel-1.9.0.7-3.el5.x86_64.rpm
File outdated by:  RHSA-2009:1162		     9c3c622f26e7ef56dfd8080738efb8f9
xulrunner-devel-unstable-1.9.0.7-3.el5.x86_64.rpm
File outdated by:  RHSA-2009:1162		     8e662856939d314b888d5d75ddd42da0
 
Red Hat Enterprise Linux WS (v. 4)
SRPMS:
firefox-3.0.7-3.el4.src.rpm
File outdated by:  RHSA-2009:1530		     976ef646a96e04edeff19eb97a72ef0d
 
IA-32:
firefox-3.0.7-3.el4.i386.rpm
File outdated by:  RHSA-2009:1530		     a66b4ecd1bc925108acd03381c14d12c
 
IA-64:
firefox-3.0.7-3.el4.ia64.rpm
File outdated by:  RHSA-2009:1530		     2da85b7bf98fed5f5e52285895d789f8
 
x86_64:
firefox-3.0.7-3.el4.x86_64.rpm
File outdated by:  RHSA-2009:1530		     09a108223f8f308f999ccd95594e85e7
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

492211 - CVE-2009-1169 Firefox XSLT memory corruption issue
492212 - CVE-2009-1044 Firefox XUL garbage collection issue (cansecwest pwn2own)


References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1044
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1169
http://www.redhat.com/security/updates/classification/#critical
http://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.8

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/