Skip to navigation

Security Advisory Critical: firefox security update

Advisory: RHSA-2009:1430-1
Type: Security Advisory
Severity: Critical
Issued on: 2009-09-09
Last updated on: 2009-09-09
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux AS (v. 4.8.z)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux ES (v. 4.8.z)
Red Hat Enterprise Linux EUS (v. 5.4.z server)
Red Hat Enterprise Linux WS (v. 4)
CVEs (cve.mitre.org): CVE-2009-2654
CVE-2009-3070
CVE-2009-3071
CVE-2009-3072
CVE-2009-3074
CVE-2009-3075
CVE-2009-3076
CVE-2009-3077
CVE-2009-3078
CVE-2009-3079

Details

Updated firefox packages that fix several security issues are now available
for Red Hat Enterprise Linux 4 and 5.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

Mozilla Firefox is an open source Web browser. XULRunner provides the XUL
Runtime environment for Mozilla Firefox. nspr provides the Netscape
Portable Runtime (NSPR).

Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause Firefox to crash or,
potentially, execute arbitrary code with the privileges of the user running
Firefox. (CVE-2009-3070, CVE-2009-3071, CVE-2009-3072, CVE-2009-3074,
CVE-2009-3075)

A use-after-free flaw was found in Firefox. An attacker could use this flaw
to crash Firefox or, potentially, execute arbitrary code with the
privileges of the user running Firefox. (CVE-2009-3077)

A flaw was found in the way Firefox handles malformed JavaScript. A website
with an object containing malicious JavaScript could execute that
JavaScript with the privileges of the user running Firefox. (CVE-2009-3079)

Descriptions in the dialogs when adding and removing PKCS #11 modules were
not informative. An attacker able to trick a user into installing a
malicious PKCS #11 module could use this flaw to install their own
Certificate Authority certificates on a user's machine, making it possible
to trick the user into believing they are viewing a trusted site or,
potentially, execute arbitrary code with the privileges of the user running
Firefox. (CVE-2009-3076)

A flaw was found in the way Firefox displays the address bar when
window.open() is called in a certain way. An attacker could use this flaw
to conceal a malicious URL, possibly tricking a user into believing they
are viewing a trusted site. (CVE-2009-2654)

A flaw was found in the way Firefox displays certain Unicode characters. An
attacker could use this flaw to conceal a malicious URL, possibly tricking
a user into believing they are viewing a trusted site. (CVE-2009-3078)

For technical details regarding these flaws, refer to the Mozilla security
advisories for Firefox 3.0.14. You can find a link to the Mozilla
advisories in the References section of this errata.

All Firefox users should upgrade to these updated packages, which contain
Firefox version 3.0.14, which corrects these issues. After installing the
update, Firefox must be restarted for the changes to take effect.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

RHEL Desktop Workstation (v. 5 client)
SRPMS:
nspr-4.7.5-1.el5_4.src.rpm
File outdated by:  RHSA-2013:0214		     MD5: f604984e1b21b7bb5386d197c886d243
xulrunner-1.9.0.14-1.el5_4.src.rpm
File outdated by:  RHSA-2013:0820		     MD5: 7779b4da8a3d06c768226918363b929d
 
IA-32:
nspr-devel-4.7.5-1.el5_4.i386.rpm
File outdated by:  RHSA-2013:0214		     MD5: 765b1e164d83af537f7e3b466522e374
xulrunner-devel-1.9.0.14-1.el5_4.i386.rpm
File outdated by:  RHSA-2013:0820		     MD5: 83a3779a1eebd7fb5f678e93c0402272
xulrunner-devel-unstable-1.9.0.14-1.el5_4.i386.rpm
File outdated by:  RHSA-2010:0332		     MD5: 357255ab0ebc2188b4e32dfed693f39a
 
x86_64:
nspr-devel-4.7.5-1.el5_4.i386.rpm
File outdated by:  RHSA-2013:0214		     MD5: 765b1e164d83af537f7e3b466522e374
nspr-devel-4.7.5-1.el5_4.x86_64.rpm
File outdated by:  RHSA-2013:0214		     MD5: 8fd69bb6d83b131278217221cd5b6574
xulrunner-devel-1.9.0.14-1.el5_4.i386.rpm
File outdated by:  RHSA-2013:0820		     MD5: 83a3779a1eebd7fb5f678e93c0402272
xulrunner-devel-1.9.0.14-1.el5_4.x86_64.rpm
File outdated by:  RHSA-2013:0820		     MD5: f2ef7344a2cd1040921f556b901cfe04
xulrunner-devel-unstable-1.9.0.14-1.el5_4.x86_64.rpm
File outdated by:  RHSA-2010:0332		     MD5: 0aea5c55b73a21dc6a1205afea3c7364
 
Red Hat Desktop (v. 4)
SRPMS:
firefox-3.0.14-1.el4.src.rpm
File outdated by:  RHSA-2012:0142		     MD5: 8ae5fdb1d95a9201ee6f433d1bb00216
nspr-4.7.5-1.el4_8.src.rpm
File outdated by:  RHSA-2011:1282		     MD5: e2eabfc4184abf30de020df02d2eb575
 
IA-32:
firefox-3.0.14-1.el4.i386.rpm
File outdated by:  RHSA-2012:0142		     MD5: 4e677e3edce253fcf8336ffdac718401
nspr-4.7.5-1.el4_8.i386.rpm
File outdated by:  RHSA-2011:1282		     MD5: b7303bee309f3f206405411413c0b401
nspr-devel-4.7.5-1.el4_8.i386.rpm
File outdated by:  RHSA-2011:1282		     MD5: f61a1ad87837153b2138b8cfa7f2751d
 
x86_64:
firefox-3.0.14-1.el4.x86_64.rpm
File outdated by:  RHSA-2012:0142		     MD5: 7572c3ebe59ff942b382eb0a063876bf
nspr-4.7.5-1.el4_8.i386.rpm
File outdated by:  RHSA-2011:1282		     MD5: b7303bee309f3f206405411413c0b401
nspr-4.7.5-1.el4_8.x86_64.rpm
File outdated by:  RHSA-2011:1282		     MD5: c78a416cb779b740572a0165b31c4435
nspr-devel-4.7.5-1.el4_8.x86_64.rpm
File outdated by:  RHSA-2011:1282		     MD5: 9c8085da397533a39daf55f2ad90b6b0
 
Red Hat Enterprise Linux (v. 5 server)
SRPMS:
firefox-3.0.14-1.el5_4.src.rpm
File outdated by:  RHSA-2010:0112		     MD5: 3fca68b400695a2501125e9d2bf49538
nspr-4.7.5-1.el5_4.src.rpm
File outdated by:  RHSA-2013:0214		     MD5: f604984e1b21b7bb5386d197c886d243
xulrunner-1.9.0.14-1.el5_4.src.rpm
File outdated by:  RHSA-2013:0820		     MD5: 7779b4da8a3d06c768226918363b929d
 
IA-32:
firefox-3.0.14-1.el5_4.i386.rpm
File outdated by:  RHSA-2013:0820		     MD5: 059efedb06506a18c07692d6b6383cbc
nspr-4.7.5-1.el5_4.i386.rpm
File outdated by:  RHSA-2013:0214		     MD5: 7b90cd941efc2bf718a885f10a8a6ebb
nspr-devel-4.7.5-1.el5_4.i386.rpm
File outdated by:  RHSA-2013:0214		     MD5: 765b1e164d83af537f7e3b466522e374
xulrunner-1.9.0.14-1.el5_4.i386.rpm
File outdated by:  RHSA-2013:0820		     MD5: 033ddfbc9be676f69872f9a1183e5a6b
xulrunner-devel-1.9.0.14-1.el5_4.i386.rpm
File outdated by:  RHSA-2013:0820		     MD5: 83a3779a1eebd7fb5f678e93c0402272
xulrunner-devel-unstable-1.9.0.14-1.el5_4.i386.rpm
File outdated by:  RHSA-2010:0332		     MD5: 357255ab0ebc2188b4e32dfed693f39a
 
IA-64:
firefox-3.0.14-1.el5_4.ia64.rpm
File outdated by:  RHSA-2013:0820		     MD5: 7367841be96f53b64c2182c92fbc9d50
nspr-4.7.5-1.el5_4.i386.rpm
File outdated by:  RHSA-2013:0214		     MD5: 7b90cd941efc2bf718a885f10a8a6ebb
nspr-4.7.5-1.el5_4.ia64.rpm
File outdated by:  RHSA-2013:0214		     MD5: d599189a11a10ff1a30908abc8ca836e
nspr-devel-4.7.5-1.el5_4.ia64.rpm
File outdated by:  RHSA-2013:0214		     MD5: 31df9b1d122f2fb26588d6ff2b2b5529
xulrunner-1.9.0.14-1.el5_4.ia64.rpm
File outdated by:  RHSA-2013:0820		     MD5: a5e4b28f7233b4d79052441c69adf454
xulrunner-devel-1.9.0.14-1.el5_4.ia64.rpm
File outdated by:  RHSA-2013:0820		     MD5: 1643b2f374b5d6edd9089c452688caab
xulrunner-devel-unstable-1.9.0.14-1.el5_4.ia64.rpm
File outdated by:  RHSA-2010:0332		     MD5: fd2c2717c52912d2d0f647d13df31c76
 
PPC:
firefox-3.0.14-1.el5_4.ppc.rpm
File outdated by:  RHSA-2013:0820		     MD5: c047d1041ced6aad55e5034523aad8c3
nspr-4.7.5-1.el5_4.ppc.rpm
File outdated by:  RHSA-2013:0214		     MD5: 38f40a03fad8b18be03cf1d438039c5e
nspr-4.7.5-1.el5_4.ppc64.rpm
File outdated by:  RHSA-2013:0214		     MD5: 1758c4dbaa498d8f9894bf51adfbbdc8
nspr-devel-4.7.5-1.el5_4.ppc.rpm
File outdated by:  RHSA-2013:0214		     MD5: ec54db62434bc2e40d1baf2b8a0e3751
nspr-devel-4.7.5-1.el5_4.ppc64.rpm
File outdated by:  RHSA-2013:0214		     MD5: 3af684fc60a8c66f84b61d2314e96242
xulrunner-1.9.0.14-1.el5_4.ppc.rpm
File outdated by:  RHSA-2013:0820		     MD5: 6b1ce961109c05c9765bec5e14b9639b
xulrunner-1.9.0.14-1.el5_4.ppc64.rpm
File outdated by:  RHSA-2013:0820		     MD5: 48cb18c9bc8aad80f48240bb2753a6a5
xulrunner-devel-1.9.0.14-1.el5_4.ppc.rpm
File outdated by:  RHSA-2013:0820		     MD5: f0aa0bb8966685f4104c2235495e5301
xulrunner-devel-1.9.0.14-1.el5_4.ppc64.rpm
File outdated by:  RHSA-2013:0820		     MD5: aedc889f855b5b7de4ac307229efb952
xulrunner-devel-unstable-1.9.0.14-1.el5_4.ppc.rpm
File outdated by:  RHSA-2010:0332		     MD5: 8c528ca233ef3655b4e35736bf5b7c1d
 
s390x:
firefox-3.0.14-1.el5_4.s390.rpm
File outdated by:  RHSA-2013:0820		     MD5: 567d17bfdbc2aefec6440e8d089dcceb
firefox-3.0.14-1.el5_4.s390x.rpm
File outdated by:  RHSA-2013:0820		     MD5: 90d8851042d8b329640db450275f9e29
nspr-4.7.5-1.el5_4.s390.rpm
File outdated by:  RHSA-2013:0214		     MD5: 15363d52bd54fc4d4f9e3b84b5a1e184
nspr-4.7.5-1.el5_4.s390x.rpm
File outdated by:  RHSA-2013:0214		     MD5: 2b4a49c7d22f8338f9340be41ce85a42
nspr-devel-4.7.5-1.el5_4.s390.rpm
File outdated by:  RHSA-2013:0214		     MD5: af1fa81fb94218d74625f077add16902
nspr-devel-4.7.5-1.el5_4.s390x.rpm
File outdated by:  RHSA-2013:0214		     MD5: 8cd56f639c03e322827bfe4f54b41cc5
xulrunner-1.9.0.14-1.el5_4.s390.rpm
File outdated by:  RHSA-2013:0820		     MD5: c3bfb1eec6eddeb6d139edc2ab6ca2f6
xulrunner-1.9.0.14-1.el5_4.s390x.rpm
File outdated by:  RHSA-2013:0820		     MD5: aa76aa4384f6a3271e92d50b79ebc525
xulrunner-devel-1.9.0.14-1.el5_4.s390.rpm
File outdated by:  RHSA-2013:0820		     MD5: 5d0429b3013559f9fe9d0ce51092aa07
xulrunner-devel-1.9.0.14-1.el5_4.s390x.rpm
File outdated by:  RHSA-2013:0820		     MD5: 6afc3df18b05e656c790aba188a33f56
xulrunner-devel-unstable-1.9.0.14-1.el5_4.s390x.rpm
File outdated by:  RHSA-2010:0332		     MD5: abeed19c94cf18039f17dd53b3b215ea
 
x86_64:
firefox-3.0.14-1.el5_4.i386.rpm
File outdated by:  RHSA-2013:0820		     MD5: 059efedb06506a18c07692d6b6383cbc
firefox-3.0.14-1.el5_4.x86_64.rpm
File outdated by:  RHSA-2013:0820		     MD5: 7f03da913883f83bb3a6566deccc458c
nspr-4.7.5-1.el5_4.i386.rpm
File outdated by:  RHSA-2013:0214		     MD5: 7b90cd941efc2bf718a885f10a8a6ebb
nspr-4.7.5-1.el5_4.x86_64.rpm
File outdated by:  RHSA-2013:0214		     MD5: 595ceb56b45099404071fb78ed488e05
nspr-devel-4.7.5-1.el5_4.i386.rpm
File outdated by:  RHSA-2013:0214		     MD5: 765b1e164d83af537f7e3b466522e374
nspr-devel-4.7.5-1.el5_4.x86_64.rpm
File outdated by:  RHSA-2013:0214		     MD5: 8fd69bb6d83b131278217221cd5b6574
xulrunner-1.9.0.14-1.el5_4.i386.rpm
File outdated by:  RHSA-2013:0820		     MD5: 033ddfbc9be676f69872f9a1183e5a6b
xulrunner-1.9.0.14-1.el5_4.x86_64.rpm
File outdated by:  RHSA-2013:0820		     MD5: b32fe033c2bbac0e2f16a10cb1c1e0a9
xulrunner-devel-1.9.0.14-1.el5_4.i386.rpm
File outdated by:  RHSA-2013:0820		     MD5: 83a3779a1eebd7fb5f678e93c0402272
xulrunner-devel-1.9.0.14-1.el5_4.x86_64.rpm
File outdated by:  RHSA-2013:0820		     MD5: f2ef7344a2cd1040921f556b901cfe04
xulrunner-devel-unstable-1.9.0.14-1.el5_4.x86_64.rpm
File outdated by:  RHSA-2010:0332		     MD5: 0aea5c55b73a21dc6a1205afea3c7364
 
Red Hat Enterprise Linux AS (v. 4)
SRPMS:
firefox-3.0.14-1.el4.src.rpm
File outdated by:  RHSA-2012:0142		     MD5: 8ae5fdb1d95a9201ee6f433d1bb00216
nspr-4.7.5-1.el4_8.src.rpm
File outdated by:  RHSA-2011:1282		     MD5: e2eabfc4184abf30de020df02d2eb575
 
IA-32:
firefox-3.0.14-1.el4.i386.rpm
File outdated by:  RHSA-2012:0142		     MD5: 4e677e3edce253fcf8336ffdac718401
nspr-4.7.5-1.el4_8.i386.rpm
File outdated by:  RHSA-2011:1282		     MD5: b7303bee309f3f206405411413c0b401
nspr-devel-4.7.5-1.el4_8.i386.rpm
File outdated by:  RHSA-2011:1282		     MD5: f61a1ad87837153b2138b8cfa7f2751d
 
IA-64:
firefox-3.0.14-1.el4.ia64.rpm
File outdated by:  RHSA-2012:0142		     MD5: 50858b546b6e812343214beffd44ba87
nspr-4.7.5-1.el4_8.i386.rpm
File outdated by:  RHSA-2011:1282		     MD5: b7303bee309f3f206405411413c0b401
nspr-4.7.5-1.el4_8.ia64.rpm
File outdated by:  RHSA-2011:1282		     MD5: 4a7d6364a2cced80d84d915286d94cc5
nspr-devel-4.7.5-1.el4_8.ia64.rpm
File outdated by:  RHSA-2011:1282		     MD5: 2ed80046b57165cdbd4725d14dc9892d
 
PPC:
firefox-3.0.14-1.el4.ppc.rpm
File outdated by:  RHSA-2012:0142		     MD5: dfe88d38f2964a493bcefce30918a329
nspr-4.7.5-1.el4_8.ppc.rpm
File outdated by:  RHSA-2011:1282		     MD5: 1f97ab642e998ca91849cd3c418f2921
nspr-4.7.5-1.el4_8.ppc64.rpm
File outdated by:  RHSA-2011:1282		     MD5: 7bce5db640827c631b7df7b69a02e32b
nspr-devel-4.7.5-1.el4_8.ppc.rpm
File outdated by:  RHSA-2011:1282		     MD5: 0d5301aa562f6560a442912e44472c30
 
s390:
firefox-3.0.14-1.el4.s390.rpm
File outdated by:  RHSA-2012:0142		     MD5: 134ac72cc6cc8addb76f29476461fe6f
nspr-4.7.5-1.el4_8.s390.rpm
File outdated by:  RHSA-2011:1282		     MD5: deafe806e4a34ef867f111d973ed93c6
nspr-devel-4.7.5-1.el4_8.s390.rpm
File outdated by:  RHSA-2011:1282		     MD5: e04a121a6376b3bdb54673b6e5170a7e
 
s390x:
firefox-3.0.14-1.el4.s390x.rpm
File outdated by:  RHSA-2012:0142		     MD5: 8e3298cab4c27bc170390116555c6b4f
nspr-4.7.5-1.el4_8.s390.rpm
File outdated by:  RHSA-2011:1282		     MD5: deafe806e4a34ef867f111d973ed93c6
nspr-4.7.5-1.el4_8.s390x.rpm
File outdated by:  RHSA-2011:1282		     MD5: 6cdf0fa7061fdb371e6069eb5715f9a2
nspr-devel-4.7.5-1.el4_8.s390x.rpm
File outdated by:  RHSA-2011:1282		     MD5: db3315e2e9f3fc1bcbd157add60ad629
 
x86_64:
firefox-3.0.14-1.el4.x86_64.rpm
File outdated by:  RHSA-2012:0142		     MD5: 7572c3ebe59ff942b382eb0a063876bf
nspr-4.7.5-1.el4_8.i386.rpm
File outdated by:  RHSA-2011:1282		     MD5: b7303bee309f3f206405411413c0b401
nspr-4.7.5-1.el4_8.x86_64.rpm
File outdated by:  RHSA-2011:1282		     MD5: c78a416cb779b740572a0165b31c4435
nspr-devel-4.7.5-1.el4_8.x86_64.rpm
File outdated by:  RHSA-2011:1282		     MD5: 9c8085da397533a39daf55f2ad90b6b0
 
Red Hat Enterprise Linux AS (v. 4.8.z)
SRPMS:
firefox-3.0.14-1.el4.src.rpm
File outdated by:  RHSA-2012:0142		     MD5: 8ae5fdb1d95a9201ee6f433d1bb00216
nspr-4.7.5-1.el4_8.src.rpm
File outdated by:  RHSA-2011:1282		     MD5: e2eabfc4184abf30de020df02d2eb575
 
IA-32:
firefox-3.0.14-1.el4.i386.rpm
File outdated by:  RHSA-2011:0885		     MD5: 4e677e3edce253fcf8336ffdac718401
nspr-4.7.5-1.el4_8.i386.rpm
File outdated by:  RHSA-2010:0681		     MD5: b7303bee309f3f206405411413c0b401
nspr-devel-4.7.5-1.el4_8.i386.rpm
File outdated by:  RHSA-2010:0681		     MD5: f61a1ad87837153b2138b8cfa7f2751d
 
IA-64:
firefox-3.0.14-1.el4.ia64.rpm
File outdated by:  RHSA-2011:0885		     MD5: 50858b546b6e812343214beffd44ba87
nspr-4.7.5-1.el4_8.i386.rpm
File outdated by:  RHSA-2010:0681		     MD5: b7303bee309f3f206405411413c0b401
nspr-4.7.5-1.el4_8.ia64.rpm
File outdated by:  RHSA-2010:0681		     MD5: 4a7d6364a2cced80d84d915286d94cc5
nspr-devel-4.7.5-1.el4_8.ia64.rpm
File outdated by:  RHSA-2010:0681		     MD5: 2ed80046b57165cdbd4725d14dc9892d
 
PPC:
firefox-3.0.14-1.el4.ppc.rpm
File outdated by:  RHSA-2011:0885		     MD5: dfe88d38f2964a493bcefce30918a329
nspr-4.7.5-1.el4_8.ppc.rpm
File outdated by:  RHSA-2010:0681		     MD5: 1f97ab642e998ca91849cd3c418f2921
nspr-4.7.5-1.el4_8.ppc64.rpm
File outdated by:  RHSA-2010:0681		     MD5: 7bce5db640827c631b7df7b69a02e32b
nspr-devel-4.7.5-1.el4_8.ppc.rpm
File outdated by:  RHSA-2010:0681		     MD5: 0d5301aa562f6560a442912e44472c30
 
s390:
firefox-3.0.14-1.el4.s390.rpm
File outdated by:  RHSA-2011:0885		     MD5: 134ac72cc6cc8addb76f29476461fe6f
nspr-4.7.5-1.el4_8.s390.rpm
File outdated by:  RHSA-2010:0681		     MD5: deafe806e4a34ef867f111d973ed93c6
nspr-devel-4.7.5-1.el4_8.s390.rpm
File outdated by:  RHSA-2010:0681		     MD5: e04a121a6376b3bdb54673b6e5170a7e
 
s390x:
firefox-3.0.14-1.el4.s390x.rpm
File outdated by:  RHSA-2011:0885		     MD5: 8e3298cab4c27bc170390116555c6b4f
nspr-4.7.5-1.el4_8.s390.rpm
File outdated by:  RHSA-2010:0681		     MD5: deafe806e4a34ef867f111d973ed93c6
nspr-4.7.5-1.el4_8.s390x.rpm
File outdated by:  RHSA-2010:0681		     MD5: 6cdf0fa7061fdb371e6069eb5715f9a2
nspr-devel-4.7.5-1.el4_8.s390x.rpm
File outdated by:  RHSA-2010:0681		     MD5: db3315e2e9f3fc1bcbd157add60ad629
 
x86_64:
firefox-3.0.14-1.el4.x86_64.rpm
File outdated by:  RHSA-2011:0885		     MD5: 7572c3ebe59ff942b382eb0a063876bf
nspr-4.7.5-1.el4_8.i386.rpm
File outdated by:  RHSA-2010:0681		     MD5: b7303bee309f3f206405411413c0b401
nspr-4.7.5-1.el4_8.x86_64.rpm
File outdated by:  RHSA-2010:0681		     MD5: c78a416cb779b740572a0165b31c4435
nspr-devel-4.7.5-1.el4_8.x86_64.rpm
File outdated by:  RHSA-2010:0681		     MD5: 9c8085da397533a39daf55f2ad90b6b0
 
Red Hat Enterprise Linux Desktop (v. 5 client)
SRPMS:
firefox-3.0.14-1.el5_4.src.rpm
File outdated by:  RHSA-2010:0112		     MD5: 3fca68b400695a2501125e9d2bf49538
nspr-4.7.5-1.el5_4.src.rpm
File outdated by:  RHSA-2013:0214		     MD5: f604984e1b21b7bb5386d197c886d243
xulrunner-1.9.0.14-1.el5_4.src.rpm
File outdated by:  RHSA-2013:0820		     MD5: 7779b4da8a3d06c768226918363b929d
 
IA-32:
firefox-3.0.14-1.el5_4.i386.rpm
File outdated by:  RHSA-2013:0820		     MD5: 059efedb06506a18c07692d6b6383cbc
nspr-4.7.5-1.el5_4.i386.rpm
File outdated by:  RHSA-2013:0214		     MD5: 7b90cd941efc2bf718a885f10a8a6ebb
xulrunner-1.9.0.14-1.el5_4.i386.rpm
File outdated by:  RHSA-2013:0820		     MD5: 033ddfbc9be676f69872f9a1183e5a6b
 
x86_64:
firefox-3.0.14-1.el5_4.i386.rpm
File outdated by:  RHSA-2013:0820		     MD5: 059efedb06506a18c07692d6b6383cbc
firefox-3.0.14-1.el5_4.x86_64.rpm
File outdated by:  RHSA-2013:0820		     MD5: 7f03da913883f83bb3a6566deccc458c
nspr-4.7.5-1.el5_4.i386.rpm
File outdated by:  RHSA-2013:0214		     MD5: 7b90cd941efc2bf718a885f10a8a6ebb
nspr-4.7.5-1.el5_4.x86_64.rpm
File outdated by:  RHSA-2013:0214		     MD5: 595ceb56b45099404071fb78ed488e05
xulrunner-1.9.0.14-1.el5_4.i386.rpm
File outdated by:  RHSA-2013:0820		     MD5: 033ddfbc9be676f69872f9a1183e5a6b
xulrunner-1.9.0.14-1.el5_4.x86_64.rpm
File outdated by:  RHSA-2013:0820		     MD5: b32fe033c2bbac0e2f16a10cb1c1e0a9
 
Red Hat Enterprise Linux ES (v. 4)
SRPMS:
firefox-3.0.14-1.el4.src.rpm
File outdated by:  RHSA-2012:0142		     MD5: 8ae5fdb1d95a9201ee6f433d1bb00216
nspr-4.7.5-1.el4_8.src.rpm
File outdated by:  RHSA-2011:1282		     MD5: e2eabfc4184abf30de020df02d2eb575
 
IA-32:
firefox-3.0.14-1.el4.i386.rpm
File outdated by:  RHSA-2012:0142		     MD5: 4e677e3edce253fcf8336ffdac718401
nspr-4.7.5-1.el4_8.i386.rpm
File outdated by:  RHSA-2011:1282		     MD5: b7303bee309f3f206405411413c0b401
nspr-devel-4.7.5-1.el4_8.i386.rpm
File outdated by:  RHSA-2011:1282		     MD5: f61a1ad87837153b2138b8cfa7f2751d
 
IA-64:
firefox-3.0.14-1.el4.ia64.rpm
File outdated by:  RHSA-2012:0142		     MD5: 50858b546b6e812343214beffd44ba87
nspr-4.7.5-1.el4_8.i386.rpm
File outdated by:  RHSA-2011:1282		     MD5: b7303bee309f3f206405411413c0b401
nspr-4.7.5-1.el4_8.ia64.rpm
File outdated by:  RHSA-2011:1282		     MD5: 4a7d6364a2cced80d84d915286d94cc5
nspr-devel-4.7.5-1.el4_8.ia64.rpm
File outdated by:  RHSA-2011:1282		     MD5: 2ed80046b57165cdbd4725d14dc9892d
 
x86_64:
firefox-3.0.14-1.el4.x86_64.rpm
File outdated by:  RHSA-2012:0142		     MD5: 7572c3ebe59ff942b382eb0a063876bf
nspr-4.7.5-1.el4_8.i386.rpm
File outdated by:  RHSA-2011:1282		     MD5: b7303bee309f3f206405411413c0b401
nspr-4.7.5-1.el4_8.x86_64.rpm
File outdated by:  RHSA-2011:1282		     MD5: c78a416cb779b740572a0165b31c4435
nspr-devel-4.7.5-1.el4_8.x86_64.rpm
File outdated by:  RHSA-2011:1282		     MD5: 9c8085da397533a39daf55f2ad90b6b0
 
Red Hat Enterprise Linux ES (v. 4.8.z)
SRPMS:
firefox-3.0.14-1.el4.src.rpm
File outdated by:  RHSA-2012:0142		     MD5: 8ae5fdb1d95a9201ee6f433d1bb00216
nspr-4.7.5-1.el4_8.src.rpm
File outdated by:  RHSA-2011:1282		     MD5: e2eabfc4184abf30de020df02d2eb575
 
IA-32:
firefox-3.0.14-1.el4.i386.rpm
File outdated by:  RHSA-2011:0885		     MD5: 4e677e3edce253fcf8336ffdac718401
nspr-4.7.5-1.el4_8.i386.rpm
File outdated by:  RHSA-2010:0681		     MD5: b7303bee309f3f206405411413c0b401
nspr-devel-4.7.5-1.el4_8.i386.rpm
File outdated by:  RHSA-2010:0681		     MD5: f61a1ad87837153b2138b8cfa7f2751d
 
IA-64:
firefox-3.0.14-1.el4.ia64.rpm
File outdated by:  RHSA-2011:0885		     MD5: 50858b546b6e812343214beffd44ba87
nspr-4.7.5-1.el4_8.i386.rpm
File outdated by:  RHSA-2010:0681		     MD5: b7303bee309f3f206405411413c0b401
nspr-4.7.5-1.el4_8.ia64.rpm
File outdated by:  RHSA-2010:0681		     MD5: 4a7d6364a2cced80d84d915286d94cc5
nspr-devel-4.7.5-1.el4_8.ia64.rpm
File outdated by:  RHSA-2010:0681		     MD5: 2ed80046b57165cdbd4725d14dc9892d
 
x86_64:
firefox-3.0.14-1.el4.x86_64.rpm
File outdated by:  RHSA-2011:0885		     MD5: 7572c3ebe59ff942b382eb0a063876bf
nspr-4.7.5-1.el4_8.i386.rpm
File outdated by:  RHSA-2010:0681		     MD5: b7303bee309f3f206405411413c0b401
nspr-4.7.5-1.el4_8.x86_64.rpm
File outdated by:  RHSA-2010:0681		     MD5: c78a416cb779b740572a0165b31c4435
nspr-devel-4.7.5-1.el4_8.x86_64.rpm
File outdated by:  RHSA-2010:0681		     MD5: 9c8085da397533a39daf55f2ad90b6b0
 
Red Hat Enterprise Linux EUS (v. 5.4.z server)
SRPMS:
firefox-3.0.14-1.el5_4.src.rpm
File outdated by:  RHSA-2010:0112		     MD5: 3fca68b400695a2501125e9d2bf49538
nspr-4.7.5-1.el5_4.src.rpm
File outdated by:  RHSA-2013:0214		     MD5: f604984e1b21b7bb5386d197c886d243
xulrunner-1.9.0.14-1.el5_4.src.rpm
File outdated by:  RHSA-2013:0820		     MD5: 7779b4da8a3d06c768226918363b929d
 
IA-32:
firefox-3.0.14-1.el5_4.i386.rpm
File outdated by:  RHSA-2010:0112		     MD5: 059efedb06506a18c07692d6b6383cbc
nspr-4.7.5-1.el5_4.i386.rpm
File outdated by:  RHSA-2010:0165		     MD5: 7b90cd941efc2bf718a885f10a8a6ebb
nspr-devel-4.7.5-1.el5_4.i386.rpm
File outdated by:  RHSA-2010:0165		     MD5: 765b1e164d83af537f7e3b466522e374
xulrunner-1.9.0.14-1.el5_4.i386.rpm
File outdated by:  RHSA-2010:0112		     MD5: 033ddfbc9be676f69872f9a1183e5a6b
xulrunner-devel-1.9.0.14-1.el5_4.i386.rpm
File outdated by:  RHSA-2010:0112		     MD5: 83a3779a1eebd7fb5f678e93c0402272
xulrunner-devel-unstable-1.9.0.14-1.el5_4.i386.rpm
File outdated by:  RHSA-2010:0112		     MD5: 357255ab0ebc2188b4e32dfed693f39a
 
IA-64:
firefox-3.0.14-1.el5_4.ia64.rpm
File outdated by:  RHSA-2010:0112		     MD5: 7367841be96f53b64c2182c92fbc9d50
nspr-4.7.5-1.el5_4.i386.rpm
File outdated by:  RHSA-2010:0165		     MD5: 7b90cd941efc2bf718a885f10a8a6ebb
nspr-4.7.5-1.el5_4.ia64.rpm
File outdated by:  RHSA-2010:0165		     MD5: d599189a11a10ff1a30908abc8ca836e
nspr-devel-4.7.5-1.el5_4.ia64.rpm
File outdated by:  RHSA-2010:0165		     MD5: 31df9b1d122f2fb26588d6ff2b2b5529
xulrunner-1.9.0.14-1.el5_4.ia64.rpm
File outdated by:  RHSA-2010:0112		     MD5: a5e4b28f7233b4d79052441c69adf454
xulrunner-devel-1.9.0.14-1.el5_4.ia64.rpm
File outdated by:  RHSA-2010:0112		     MD5: 1643b2f374b5d6edd9089c452688caab
xulrunner-devel-unstable-1.9.0.14-1.el5_4.ia64.rpm
File outdated by:  RHSA-2010:0112		     MD5: fd2c2717c52912d2d0f647d13df31c76
 
PPC:
firefox-3.0.14-1.el5_4.ppc.rpm
File outdated by:  RHSA-2010:0112		     MD5: c047d1041ced6aad55e5034523aad8c3
nspr-4.7.5-1.el5_4.ppc.rpm
File outdated by:  RHSA-2010:0165		     MD5: 38f40a03fad8b18be03cf1d438039c5e
nspr-4.7.5-1.el5_4.ppc64.rpm
File outdated by:  RHSA-2010:0165		     MD5: 1758c4dbaa498d8f9894bf51adfbbdc8
nspr-devel-4.7.5-1.el5_4.ppc.rpm
File outdated by:  RHSA-2010:0165		     MD5: ec54db62434bc2e40d1baf2b8a0e3751
nspr-devel-4.7.5-1.el5_4.ppc64.rpm
File outdated by:  RHSA-2010:0165		     MD5: 3af684fc60a8c66f84b61d2314e96242
xulrunner-1.9.0.14-1.el5_4.ppc.rpm
File outdated by:  RHSA-2010:0112		     MD5: 6b1ce961109c05c9765bec5e14b9639b
xulrunner-1.9.0.14-1.el5_4.ppc64.rpm
File outdated by:  RHSA-2010:0112		     MD5: 48cb18c9bc8aad80f48240bb2753a6a5
xulrunner-devel-1.9.0.14-1.el5_4.ppc.rpm
File outdated by:  RHSA-2010:0112		     MD5: f0aa0bb8966685f4104c2235495e5301
xulrunner-devel-1.9.0.14-1.el5_4.ppc64.rpm
File outdated by:  RHSA-2010:0112		     MD5: aedc889f855b5b7de4ac307229efb952
xulrunner-devel-unstable-1.9.0.14-1.el5_4.ppc.rpm
File outdated by:  RHSA-2010:0112		     MD5: 8c528ca233ef3655b4e35736bf5b7c1d
 
s390x:
firefox-3.0.14-1.el5_4.s390.rpm
File outdated by:  RHSA-2010:0112		     MD5: 567d17bfdbc2aefec6440e8d089dcceb
firefox-3.0.14-1.el5_4.s390x.rpm
File outdated by:  RHSA-2010:0112		     MD5: 90d8851042d8b329640db450275f9e29
nspr-4.7.5-1.el5_4.s390.rpm
File outdated by:  RHSA-2010:0165		     MD5: 15363d52bd54fc4d4f9e3b84b5a1e184
nspr-4.7.5-1.el5_4.s390x.rpm
File outdated by:  RHSA-2010:0165		     MD5: 2b4a49c7d22f8338f9340be41ce85a42
nspr-devel-4.7.5-1.el5_4.s390.rpm
File outdated by:  RHSA-2010:0165		     MD5: af1fa81fb94218d74625f077add16902
nspr-devel-4.7.5-1.el5_4.s390x.rpm
File outdated by:  RHSA-2010:0165		     MD5: 8cd56f639c03e322827bfe4f54b41cc5
xulrunner-1.9.0.14-1.el5_4.s390.rpm
File outdated by:  RHSA-2010:0112		     MD5: c3bfb1eec6eddeb6d139edc2ab6ca2f6
xulrunner-1.9.0.14-1.el5_4.s390x.rpm
File outdated by:  RHSA-2010:0112		     MD5: aa76aa4384f6a3271e92d50b79ebc525
xulrunner-devel-1.9.0.14-1.el5_4.s390.rpm
File outdated by:  RHSA-2010:0112		     MD5: 5d0429b3013559f9fe9d0ce51092aa07
xulrunner-devel-1.9.0.14-1.el5_4.s390x.rpm
File outdated by:  RHSA-2010:0112		     MD5: 6afc3df18b05e656c790aba188a33f56
xulrunner-devel-unstable-1.9.0.14-1.el5_4.s390x.rpm
File outdated by:  RHSA-2010:0112		     MD5: abeed19c94cf18039f17dd53b3b215ea
 
x86_64:
firefox-3.0.14-1.el5_4.i386.rpm
File outdated by:  RHSA-2010:0112		     MD5: 059efedb06506a18c07692d6b6383cbc
firefox-3.0.14-1.el5_4.x86_64.rpm
File outdated by:  RHSA-2010:0112		     MD5: 7f03da913883f83bb3a6566deccc458c
nspr-4.7.5-1.el5_4.i386.rpm
File outdated by:  RHSA-2010:0165		     MD5: 7b90cd941efc2bf718a885f10a8a6ebb
nspr-4.7.5-1.el5_4.x86_64.rpm
File outdated by:  RHSA-2010:0165		     MD5: 595ceb56b45099404071fb78ed488e05
nspr-devel-4.7.5-1.el5_4.i386.rpm
File outdated by:  RHSA-2010:0165		     MD5: 765b1e164d83af537f7e3b466522e374
nspr-devel-4.7.5-1.el5_4.x86_64.rpm
File outdated by:  RHSA-2010:0165		     MD5: 8fd69bb6d83b131278217221cd5b6574
xulrunner-1.9.0.14-1.el5_4.i386.rpm
File outdated by:  RHSA-2010:0112		     MD5: 033ddfbc9be676f69872f9a1183e5a6b
xulrunner-1.9.0.14-1.el5_4.x86_64.rpm
File outdated by:  RHSA-2010:0112		     MD5: b32fe033c2bbac0e2f16a10cb1c1e0a9
xulrunner-devel-1.9.0.14-1.el5_4.i386.rpm
File outdated by:  RHSA-2010:0112		     MD5: 83a3779a1eebd7fb5f678e93c0402272
xulrunner-devel-1.9.0.14-1.el5_4.x86_64.rpm
File outdated by:  RHSA-2010:0112		     MD5: f2ef7344a2cd1040921f556b901cfe04
xulrunner-devel-unstable-1.9.0.14-1.el5_4.x86_64.rpm
File outdated by:  RHSA-2010:0112		     MD5: 0aea5c55b73a21dc6a1205afea3c7364
 
Red Hat Enterprise Linux WS (v. 4)
SRPMS:
firefox-3.0.14-1.el4.src.rpm
File outdated by:  RHSA-2012:0142		     MD5: 8ae5fdb1d95a9201ee6f433d1bb00216
nspr-4.7.5-1.el4_8.src.rpm
File outdated by:  RHSA-2011:1282		     MD5: e2eabfc4184abf30de020df02d2eb575
 
IA-32:
firefox-3.0.14-1.el4.i386.rpm
File outdated by:  RHSA-2012:0142		     MD5: 4e677e3edce253fcf8336ffdac718401
nspr-4.7.5-1.el4_8.i386.rpm
File outdated by:  RHSA-2011:1282		     MD5: b7303bee309f3f206405411413c0b401
nspr-devel-4.7.5-1.el4_8.i386.rpm
File outdated by:  RHSA-2011:1282		     MD5: f61a1ad87837153b2138b8cfa7f2751d
 
IA-64:
firefox-3.0.14-1.el4.ia64.rpm
File outdated by:  RHSA-2012:0142		     MD5: 50858b546b6e812343214beffd44ba87
nspr-4.7.5-1.el4_8.i386.rpm
File outdated by:  RHSA-2011:1282		     MD5: b7303bee309f3f206405411413c0b401
nspr-4.7.5-1.el4_8.ia64.rpm
File outdated by:  RHSA-2011:1282		     MD5: 4a7d6364a2cced80d84d915286d94cc5
nspr-devel-4.7.5-1.el4_8.ia64.rpm
File outdated by:  RHSA-2011:1282		     MD5: 2ed80046b57165cdbd4725d14dc9892d
 
x86_64:
firefox-3.0.14-1.el4.x86_64.rpm
File outdated by:  RHSA-2012:0142		     MD5: 7572c3ebe59ff942b382eb0a063876bf
nspr-4.7.5-1.el4_8.i386.rpm
File outdated by:  RHSA-2011:1282		     MD5: b7303bee309f3f206405411413c0b401
nspr-4.7.5-1.el4_8.x86_64.rpm
File outdated by:  RHSA-2011:1282		     MD5: c78a416cb779b740572a0165b31c4435
nspr-devel-4.7.5-1.el4_8.x86_64.rpm
File outdated by:  RHSA-2011:1282		     MD5: 9c8085da397533a39daf55f2ad90b6b0
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

521311 - CVE-2009-2654 firefox: URL bar spoofing vulnerability
521686 - CVE-2009-3070 Firefox 3.5 3.0.14 browser engine crashes
521687 - CVE-2009-3071 Firefox 3.5.2 3.0.14 browser engine crashes
521688 - CVE-2009-3072 Firefox 3.5.3 3.0.14 browser engine crashes
521690 - CVE-2009-3074 Firefox 3.5 3.0.14 JavaScript engine crashes
521691 - CVE-2009-3075 Firefox 3.5.2 3.0.14 JavaScript engine crashes
521692 - CVE-2009-3076 Firefox 3.0.14 Insufficient warning for PKCS11 module installation and removal
521693 - CVE-2009-3077 Firefox 3.5.3 3.0.14 TreeColumns dangling pointer vulnerability
521694 - CVE-2009-3078 Firefox 3.5.3 3.0.14 Location bar spoofing via tall line-height Unicode characters
521695 - CVE-2009-3079 Firefox 3.5.3 3.0.14 Chrome privilege escalation with FeedWriter


References

https://www.redhat.com/security/data/cve/CVE-2009-2654.html
https://www.redhat.com/security/data/cve/CVE-2009-3070.html
https://www.redhat.com/security/data/cve/CVE-2009-3071.html
https://www.redhat.com/security/data/cve/CVE-2009-3072.html
https://www.redhat.com/security/data/cve/CVE-2009-3074.html
https://www.redhat.com/security/data/cve/CVE-2009-3075.html
https://www.redhat.com/security/data/cve/CVE-2009-3076.html
https://www.redhat.com/security/data/cve/CVE-2009-3077.html
https://www.redhat.com/security/data/cve/CVE-2009-3078.html
https://www.redhat.com/security/data/cve/CVE-2009-3079.html
http://www.redhat.com/security/updates/classification/#critical
http://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.14

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/