Skip to navigation

Security Advisory Critical: firefox security update

Advisory: RHSA-2010:0332-1
Type: Security Advisory
Severity: Critical
Issued on: 2010-03-30
Last updated on: 2010-03-30
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux AS (v. 4.8.z)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux ES (v. 4.8.z)
Red Hat Enterprise Linux WS (v. 4)
CVEs (cve.mitre.org): CVE-2010-0174
CVE-2010-0175
CVE-2010-0176
CVE-2010-0177
CVE-2010-0178
CVE-2010-0179

Details

Updated firefox packages that fix several security issues are now available
for Red Hat Enterprise Linux 4 and 5.

The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

Mozilla Firefox is an open source Web browser. XULRunner provides the XUL
Runtime environment for Mozilla Firefox.

Several use-after-free flaws were found in Firefox. Visiting a web page
containing malicious content could result in Firefox executing arbitrary
code with the privileges of the user running Firefox. (CVE-2010-0175,
CVE-2010-0176, CVE-2010-0177)

A flaw was found in Firefox that could allow an applet to generate a drag
and drop action from a mouse click. Such an action could be used to execute
arbitrary JavaScript with the privileges of the user running Firefox.
(CVE-2010-0178)

A privilege escalation flaw was found in Firefox when the Firebug add-on is
in use. The XMLHttpRequestSpy module in the Firebug add-on exposes a Chrome
privilege escalation flaw that could be used to execute arbitrary
JavaScript with the privileges of the user running Firefox. (CVE-2010-0179)

Several flaws were found in the processing of malformed web content. A web
page containing malicious content could cause Firefox to crash or,
potentially, execute arbitrary code with the privileges of the user running
Firefox. (CVE-2010-0174)

For technical details regarding these flaws, refer to the Mozilla security
advisories for Firefox 3.0.19. You can find a link to the Mozilla
advisories in the References section of this erratum.

All Firefox users should upgrade to these updated packages, which contain
Firefox version 3.0.19, which corrects these issues. After installing the
update, Firefox must be restarted for the changes to take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

RHEL Desktop Workstation (v. 5 client)
SRPMS:
xulrunner-1.9.0.19-1.el5_5.src.rpm
File outdated by:  RHSA-2013:0820		     MD5: dc54934bc64621982b08381a0544c73c
SHA-256: 9beef5813e9a42ccb561fd3f916e0e3b4845b26985072fdd437d80fffcf6ca4c
 
IA-32:
xulrunner-devel-1.9.0.19-1.el5_5.i386.rpm
File outdated by:  RHSA-2013:0820		     MD5: e19b518c7c65bec5b7327e8161b824dc
SHA-256: cb5125853c213f18e29cba73a8a179351f8dd4fa184764994f7decd9b1eec6ad
xulrunner-devel-unstable-1.9.0.19-1.el5_5.i386.rpm     MD5: e013c8b045905f222fed401b8dfbb754
SHA-256: 669aff7f232efb0999415f884e7604a52dc4eaf78728a75b1efe279f4a11b41f
 
x86_64:
xulrunner-devel-1.9.0.19-1.el5_5.i386.rpm
File outdated by:  RHSA-2013:0820		     MD5: e19b518c7c65bec5b7327e8161b824dc
SHA-256: cb5125853c213f18e29cba73a8a179351f8dd4fa184764994f7decd9b1eec6ad
xulrunner-devel-1.9.0.19-1.el5_5.x86_64.rpm
File outdated by:  RHSA-2013:0820		     MD5: 87f6e995c33cd8681aad842e9c0632f5
SHA-256: 08cc7bceb992170bbc8394b33c7f2cbeb4f6ee4e52540f3a976755eb5257f767
xulrunner-devel-unstable-1.9.0.19-1.el5_5.x86_64.rpm     MD5: 5fcef664665a410c0640b16b8179ff15
SHA-256: 89e55b714e0e291d923e5570c77884269a19b143e69abb259f25587d33bc4fec
 
Red Hat Desktop (v. 4)
SRPMS:
firefox-3.0.19-1.el4.src.rpm
File outdated by:  RHSA-2012:0142		     MD5: db4c74f1573ce287f760df9d008fe788
SHA-256: 5c3ffb211fae51a6b3e4ad0416b85aea8c901fa57a7d6792a7b2b349dfde1209
 
IA-32:
firefox-3.0.19-1.el4.i386.rpm
File outdated by:  RHSA-2012:0142		     MD5: a38a5597d2d67f83553c81e1c51bafdd
SHA-256: fce7b1a4f00097365f81f512659e24cdd859680b6d7aa50fbd77c5f4beb592f8
 
x86_64:
firefox-3.0.19-1.el4.x86_64.rpm
File outdated by:  RHSA-2012:0142		     MD5: a8c3c5aa81423e1065f960aba0b54285
SHA-256: 995d161e3669fcc4fad16391d0afaf7288395fffbdf18f5732c7077a8ed2e437
 
Red Hat Enterprise Linux (v. 5 server)
SRPMS:
firefox-3.0.19-1.el5_5.src.rpm
File outdated by:  RHSA-2013:0820		     MD5: 13823879ed420a70f6b26fed4b653ea0
SHA-256: 4d6cd71558efdc9f0cedb43888c7353314009498e5665c6fc8c5ce2b1eaea6e2
xulrunner-1.9.0.19-1.el5_5.src.rpm
File outdated by:  RHSA-2013:0820		     MD5: dc54934bc64621982b08381a0544c73c
SHA-256: 9beef5813e9a42ccb561fd3f916e0e3b4845b26985072fdd437d80fffcf6ca4c
 
IA-32:
firefox-3.0.19-1.el5_5.i386.rpm
File outdated by:  RHSA-2013:0820		     MD5: 9092711218e0450ebf42f27a6897cb29
SHA-256: 6dafa752aaf49cba0ddd4a3dda6592373b7d5197a122e390ca2e7d369cc96449
xulrunner-1.9.0.19-1.el5_5.i386.rpm
File outdated by:  RHSA-2013:0820		     MD5: 223ebc66f337396078f195ab96a91b52
SHA-256: 6f66f88a90c1dcfe0b9795eb6734c4ae417ca69f768f01fdec51d654aa1a0a01
xulrunner-devel-1.9.0.19-1.el5_5.i386.rpm
File outdated by:  RHSA-2013:0820		     MD5: e19b518c7c65bec5b7327e8161b824dc
SHA-256: cb5125853c213f18e29cba73a8a179351f8dd4fa184764994f7decd9b1eec6ad
xulrunner-devel-unstable-1.9.0.19-1.el5_5.i386.rpm     MD5: e013c8b045905f222fed401b8dfbb754
SHA-256: 669aff7f232efb0999415f884e7604a52dc4eaf78728a75b1efe279f4a11b41f
 
IA-64:
firefox-3.0.19-1.el5_5.ia64.rpm
File outdated by:  RHSA-2013:0820		     MD5: 95f59215aa8c59105678fa946426d865
SHA-256: c4eaad6ee01efafed0b9469330d8fde56bd1cad5ec49eba04a6678715d2a6739
xulrunner-1.9.0.19-1.el5_5.ia64.rpm
File outdated by:  RHSA-2013:0820		     MD5: 4524890414a25b8296502885f60cecae
SHA-256: 1ec706a9e097bf525f3e3930f6d5e9275b297f6a0dc5313b92a92940be426ed2
xulrunner-devel-1.9.0.19-1.el5_5.ia64.rpm
File outdated by:  RHSA-2013:0820		     MD5: 8147fccd5830843bdddee6c07e557b5b
SHA-256: 10b91b9267279db230f4f0a0fc78db77c7c39ff102662c1a538f321c08d1ed02
xulrunner-devel-unstable-1.9.0.19-1.el5_5.ia64.rpm     MD5: 3884e94d25043815f86394ea7b4991fb
SHA-256: b7bf74599861152d95eb2a027a6fd9126d844182635f28398c7a7a4790d0d4b5
 
PPC:
firefox-3.0.19-1.el5_5.ppc.rpm
File outdated by:  RHSA-2013:0820		     MD5: 6d3a9bd8cecb329c3c582092bcd701d9
SHA-256: 2b5baafa849539b2d11501882cfffdd6459e12ee27da6fc61879ad69d7e45d7a
xulrunner-1.9.0.19-1.el5_5.ppc.rpm
File outdated by:  RHSA-2013:0820		     MD5: b85d72d6f301c936b63683238d6826df
SHA-256: 47c1a6189ef9f725b696c695c769731823b40aba2136b00b8dbb6fadc829a4e3
xulrunner-1.9.0.19-1.el5_5.ppc64.rpm
File outdated by:  RHSA-2013:0820		     MD5: 8cbb6e9a4e386fafd228e5f425aa0fba
SHA-256: 20bed91fd2db5d8f4326cf7476ec62dbad38803596743ef4806500bd0dd95146
xulrunner-devel-1.9.0.19-1.el5_5.ppc.rpm
File outdated by:  RHSA-2013:0820		     MD5: badb2069581731c6c00b2b39546a4deb
SHA-256: b693b5722c56cc409734d52ed108700d8239f1fec583ff42c860f67f302fb9f6
xulrunner-devel-1.9.0.19-1.el5_5.ppc64.rpm
File outdated by:  RHSA-2013:0820		     MD5: a6a331826b783a33b1e2d764f3f72e57
SHA-256: 6dcf26fc3b00b84fe9b3887c150583bb233c89c1204b59c43d047e8a9dcd6143
xulrunner-devel-unstable-1.9.0.19-1.el5_5.ppc.rpm     MD5: 5a1f4a6d4dd3e12fac1149fab3518779
SHA-256: 5e17e904923c2a55c06fb4eeb42f500d4d2fcc5adb76b26540a7cfdfaed66445
 
s390x:
firefox-3.0.19-1.el5_5.s390.rpm
File outdated by:  RHSA-2013:0820		     MD5: e72239a287022fd8e5d31134ea5c97b7
SHA-256: afb26c126f91d1381efdbbbfe4e649ef2dfcfdb906a16ab3cd6c79ed0b8abe7d
firefox-3.0.19-1.el5_5.s390x.rpm
File outdated by:  RHSA-2013:0820		     MD5: c7b27f6fdf60dd8d1c6a26158c5d30ba
SHA-256: 19c5d0061b6f6c5663b0494562c0eb86e7cdb05df2f87df9fa5549065898ae35
xulrunner-1.9.0.19-1.el5_5.s390.rpm
File outdated by:  RHSA-2013:0820		     MD5: 2458e95f7dfd2a436c3f80de27658714
SHA-256: 65fa65c23a42883fd55012acb9f72723d3e035da8512e5a2612371470781f5bc
xulrunner-1.9.0.19-1.el5_5.s390x.rpm
File outdated by:  RHSA-2013:0820		     MD5: 7e4cc408852ac1506c59f284f99ff534
SHA-256: 527b04b6cb8f8568d4198966a229c68b2bbb8fff423df91ad6a9ee5d2158901b
xulrunner-devel-1.9.0.19-1.el5_5.s390.rpm
File outdated by:  RHSA-2013:0820		     MD5: 19732edfc0243b37345e44d96d04c6b3
SHA-256: 9333506d33bbbb5bf74e75b7e0ccd6605819cb7d6ad7bb51b764cf71c0a58660
xulrunner-devel-1.9.0.19-1.el5_5.s390x.rpm
File outdated by:  RHSA-2013:0820		     MD5: 5fb0e0a579a07e229fa7f62a69f2f5c4
SHA-256: 7b1ab831715db8056fab7f5977404442175bc89d14773795f6d4d2d25fe82395
xulrunner-devel-unstable-1.9.0.19-1.el5_5.s390x.rpm     MD5: 15ca6e52542afc11012e67846eba3f54
SHA-256: 46a4acdf92ab3f0f3546385fb9166e99008f658443947d3dcb861a47a80a9b17
 
x86_64:
firefox-3.0.19-1.el5_5.i386.rpm
File outdated by:  RHSA-2013:0820		     MD5: 9092711218e0450ebf42f27a6897cb29
SHA-256: 6dafa752aaf49cba0ddd4a3dda6592373b7d5197a122e390ca2e7d369cc96449
firefox-3.0.19-1.el5_5.x86_64.rpm
File outdated by:  RHSA-2013:0820		     MD5: ad005c73d95749d6d1ed9a5d095a4b14
SHA-256: 79077f5ec602e805c11f27a8600e089bb38ebd49390253485df4ad9b43c4aebd
xulrunner-1.9.0.19-1.el5_5.i386.rpm
File outdated by:  RHSA-2013:0820		     MD5: 223ebc66f337396078f195ab96a91b52
SHA-256: 6f66f88a90c1dcfe0b9795eb6734c4ae417ca69f768f01fdec51d654aa1a0a01
xulrunner-1.9.0.19-1.el5_5.x86_64.rpm
File outdated by:  RHSA-2013:0820		     MD5: 6a690ae3d912dc8632338c02598d3e9c
SHA-256: 081ce96f30dc2f45096a4ae27bf8383b641e3e4feb53a6ba968131af2f7a3f14
xulrunner-devel-1.9.0.19-1.el5_5.i386.rpm
File outdated by:  RHSA-2013:0820		     MD5: e19b518c7c65bec5b7327e8161b824dc
SHA-256: cb5125853c213f18e29cba73a8a179351f8dd4fa184764994f7decd9b1eec6ad
xulrunner-devel-1.9.0.19-1.el5_5.x86_64.rpm
File outdated by:  RHSA-2013:0820		     MD5: 87f6e995c33cd8681aad842e9c0632f5
SHA-256: 08cc7bceb992170bbc8394b33c7f2cbeb4f6ee4e52540f3a976755eb5257f767
xulrunner-devel-unstable-1.9.0.19-1.el5_5.x86_64.rpm     MD5: 5fcef664665a410c0640b16b8179ff15
SHA-256: 89e55b714e0e291d923e5570c77884269a19b143e69abb259f25587d33bc4fec
 
Red Hat Enterprise Linux AS (v. 4)
SRPMS:
firefox-3.0.19-1.el4.src.rpm
File outdated by:  RHSA-2012:0142		     MD5: db4c74f1573ce287f760df9d008fe788
SHA-256: 5c3ffb211fae51a6b3e4ad0416b85aea8c901fa57a7d6792a7b2b349dfde1209
 
IA-32:
firefox-3.0.19-1.el4.i386.rpm
File outdated by:  RHSA-2012:0142		     MD5: a38a5597d2d67f83553c81e1c51bafdd
SHA-256: fce7b1a4f00097365f81f512659e24cdd859680b6d7aa50fbd77c5f4beb592f8
 
IA-64:
firefox-3.0.19-1.el4.ia64.rpm
File outdated by:  RHSA-2012:0142		     MD5: 05489b14250ecf4d560dacdd648a5e1d
SHA-256: 4853acbc7a8b664b4d024350c66a4a4b8079a5ba744d594966d4898dba929188
 
PPC:
firefox-3.0.19-1.el4.ppc.rpm
File outdated by:  RHSA-2012:0142		     MD5: c1143207783a7c6893203ad6dfd70a3e
SHA-256: 32130ea0d666aef915005af21005fcf036bd75560425237b82ffafb244406999
 
s390:
firefox-3.0.19-1.el4.s390.rpm
File outdated by:  RHSA-2012:0142		     MD5: 1f18b32cca3cd360ff4ea2437e69ac20
SHA-256: 6b125477f861fe59a4d6e801d258c2aca24b7c1ae694a815bd294449e535982b
 
s390x:
firefox-3.0.19-1.el4.s390x.rpm
File outdated by:  RHSA-2012:0142		     MD5: 51dbe6abe2acdfdae46a6f0c80739256
SHA-256: 77fe6ad98841c34e1616cb6d6f59396be5ff98d9d31b8dee9c86a35f97219093
 
x86_64:
firefox-3.0.19-1.el4.x86_64.rpm
File outdated by:  RHSA-2012:0142		     MD5: a8c3c5aa81423e1065f960aba0b54285
SHA-256: 995d161e3669fcc4fad16391d0afaf7288395fffbdf18f5732c7077a8ed2e437
 
Red Hat Enterprise Linux AS (v. 4.8.z)
SRPMS:
firefox-3.0.19-1.el4.src.rpm
File outdated by:  RHSA-2012:0142		     MD5: db4c74f1573ce287f760df9d008fe788
SHA-256: 5c3ffb211fae51a6b3e4ad0416b85aea8c901fa57a7d6792a7b2b349dfde1209
 
IA-32:
firefox-3.0.19-1.el4.i386.rpm
File outdated by:  RHSA-2011:0885		     MD5: a38a5597d2d67f83553c81e1c51bafdd
SHA-256: fce7b1a4f00097365f81f512659e24cdd859680b6d7aa50fbd77c5f4beb592f8
 
IA-64:
firefox-3.0.19-1.el4.ia64.rpm
File outdated by:  RHSA-2011:0885		     MD5: 05489b14250ecf4d560dacdd648a5e1d
SHA-256: 4853acbc7a8b664b4d024350c66a4a4b8079a5ba744d594966d4898dba929188
 
PPC:
firefox-3.0.19-1.el4.ppc.rpm
File outdated by:  RHSA-2011:0885		     MD5: c1143207783a7c6893203ad6dfd70a3e
SHA-256: 32130ea0d666aef915005af21005fcf036bd75560425237b82ffafb244406999
 
s390:
firefox-3.0.19-1.el4.s390.rpm
File outdated by:  RHSA-2011:0885		     MD5: 1f18b32cca3cd360ff4ea2437e69ac20
SHA-256: 6b125477f861fe59a4d6e801d258c2aca24b7c1ae694a815bd294449e535982b
 
s390x:
firefox-3.0.19-1.el4.s390x.rpm
File outdated by:  RHSA-2011:0885		     MD5: 51dbe6abe2acdfdae46a6f0c80739256
SHA-256: 77fe6ad98841c34e1616cb6d6f59396be5ff98d9d31b8dee9c86a35f97219093
 
x86_64:
firefox-3.0.19-1.el4.x86_64.rpm
File outdated by:  RHSA-2011:0885		     MD5: a8c3c5aa81423e1065f960aba0b54285
SHA-256: 995d161e3669fcc4fad16391d0afaf7288395fffbdf18f5732c7077a8ed2e437
 
Red Hat Enterprise Linux Desktop (v. 5 client)
SRPMS:
firefox-3.0.19-1.el5_5.src.rpm
File outdated by:  RHSA-2013:0820		     MD5: 13823879ed420a70f6b26fed4b653ea0
SHA-256: 4d6cd71558efdc9f0cedb43888c7353314009498e5665c6fc8c5ce2b1eaea6e2
xulrunner-1.9.0.19-1.el5_5.src.rpm
File outdated by:  RHSA-2013:0820		     MD5: dc54934bc64621982b08381a0544c73c
SHA-256: 9beef5813e9a42ccb561fd3f916e0e3b4845b26985072fdd437d80fffcf6ca4c
 
IA-32:
firefox-3.0.19-1.el5_5.i386.rpm
File outdated by:  RHSA-2013:0820		     MD5: 9092711218e0450ebf42f27a6897cb29
SHA-256: 6dafa752aaf49cba0ddd4a3dda6592373b7d5197a122e390ca2e7d369cc96449
xulrunner-1.9.0.19-1.el5_5.i386.rpm
File outdated by:  RHSA-2013:0820		     MD5: 223ebc66f337396078f195ab96a91b52
SHA-256: 6f66f88a90c1dcfe0b9795eb6734c4ae417ca69f768f01fdec51d654aa1a0a01
 
x86_64:
firefox-3.0.19-1.el5_5.i386.rpm
File outdated by:  RHSA-2013:0820		     MD5: 9092711218e0450ebf42f27a6897cb29
SHA-256: 6dafa752aaf49cba0ddd4a3dda6592373b7d5197a122e390ca2e7d369cc96449
firefox-3.0.19-1.el5_5.x86_64.rpm
File outdated by:  RHSA-2013:0820		     MD5: ad005c73d95749d6d1ed9a5d095a4b14
SHA-256: 79077f5ec602e805c11f27a8600e089bb38ebd49390253485df4ad9b43c4aebd
xulrunner-1.9.0.19-1.el5_5.i386.rpm
File outdated by:  RHSA-2013:0820		     MD5: 223ebc66f337396078f195ab96a91b52
SHA-256: 6f66f88a90c1dcfe0b9795eb6734c4ae417ca69f768f01fdec51d654aa1a0a01
xulrunner-1.9.0.19-1.el5_5.x86_64.rpm
File outdated by:  RHSA-2013:0820		     MD5: 6a690ae3d912dc8632338c02598d3e9c
SHA-256: 081ce96f30dc2f45096a4ae27bf8383b641e3e4feb53a6ba968131af2f7a3f14
 
Red Hat Enterprise Linux ES (v. 4)
SRPMS:
firefox-3.0.19-1.el4.src.rpm
File outdated by:  RHSA-2012:0142		     MD5: db4c74f1573ce287f760df9d008fe788
SHA-256: 5c3ffb211fae51a6b3e4ad0416b85aea8c901fa57a7d6792a7b2b349dfde1209
 
IA-32:
firefox-3.0.19-1.el4.i386.rpm
File outdated by:  RHSA-2012:0142		     MD5: a38a5597d2d67f83553c81e1c51bafdd
SHA-256: fce7b1a4f00097365f81f512659e24cdd859680b6d7aa50fbd77c5f4beb592f8
 
IA-64:
firefox-3.0.19-1.el4.ia64.rpm
File outdated by:  RHSA-2012:0142		     MD5: 05489b14250ecf4d560dacdd648a5e1d
SHA-256: 4853acbc7a8b664b4d024350c66a4a4b8079a5ba744d594966d4898dba929188
 
x86_64:
firefox-3.0.19-1.el4.x86_64.rpm
File outdated by:  RHSA-2012:0142		     MD5: a8c3c5aa81423e1065f960aba0b54285
SHA-256: 995d161e3669fcc4fad16391d0afaf7288395fffbdf18f5732c7077a8ed2e437
 
Red Hat Enterprise Linux ES (v. 4.8.z)
SRPMS:
firefox-3.0.19-1.el4.src.rpm
File outdated by:  RHSA-2012:0142		     MD5: db4c74f1573ce287f760df9d008fe788
SHA-256: 5c3ffb211fae51a6b3e4ad0416b85aea8c901fa57a7d6792a7b2b349dfde1209
 
IA-32:
firefox-3.0.19-1.el4.i386.rpm
File outdated by:  RHSA-2011:0885		     MD5: a38a5597d2d67f83553c81e1c51bafdd
SHA-256: fce7b1a4f00097365f81f512659e24cdd859680b6d7aa50fbd77c5f4beb592f8
 
IA-64:
firefox-3.0.19-1.el4.ia64.rpm
File outdated by:  RHSA-2011:0885		     MD5: 05489b14250ecf4d560dacdd648a5e1d
SHA-256: 4853acbc7a8b664b4d024350c66a4a4b8079a5ba744d594966d4898dba929188
 
x86_64:
firefox-3.0.19-1.el4.x86_64.rpm
File outdated by:  RHSA-2011:0885		     MD5: a8c3c5aa81423e1065f960aba0b54285
SHA-256: 995d161e3669fcc4fad16391d0afaf7288395fffbdf18f5732c7077a8ed2e437
 
Red Hat Enterprise Linux WS (v. 4)
SRPMS:
firefox-3.0.19-1.el4.src.rpm
File outdated by:  RHSA-2012:0142		     MD5: db4c74f1573ce287f760df9d008fe788
SHA-256: 5c3ffb211fae51a6b3e4ad0416b85aea8c901fa57a7d6792a7b2b349dfde1209
 
IA-32:
firefox-3.0.19-1.el4.i386.rpm
File outdated by:  RHSA-2012:0142		     MD5: a38a5597d2d67f83553c81e1c51bafdd
SHA-256: fce7b1a4f00097365f81f512659e24cdd859680b6d7aa50fbd77c5f4beb592f8
 
IA-64:
firefox-3.0.19-1.el4.ia64.rpm
File outdated by:  RHSA-2012:0142		     MD5: 05489b14250ecf4d560dacdd648a5e1d
SHA-256: 4853acbc7a8b664b4d024350c66a4a4b8079a5ba744d594966d4898dba929188
 
x86_64:
firefox-3.0.19-1.el4.x86_64.rpm
File outdated by:  RHSA-2012:0142		     MD5: a8c3c5aa81423e1065f960aba0b54285
SHA-256: 995d161e3669fcc4fad16391d0afaf7288395fffbdf18f5732c7077a8ed2e437
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

578147 - CVE-2010-0174 Mozilla crashes with evidence of memory corruption
578149 - CVE-2010-0175 Mozilla remote code execution with use-after-free in nsTreeSelection
578150 - CVE-2010-0176 Mozilla Dangling pointer vulnerability in nsTreeContentView
578152 - CVE-2010-0177 Mozilla Dangling pointer vulnerability in nsPluginArray
578154 - CVE-2010-0178 Firefox Chrome privilege escalation via forced URL drag and drop
578155 - CVE-2010-0179 Firefox Arbitrary code execution with Firebug XMLHttpRequestSpy


References

https://www.redhat.com/security/data/cve/CVE-2010-0174.html
https://www.redhat.com/security/data/cve/CVE-2010-0175.html
https://www.redhat.com/security/data/cve/CVE-2010-0176.html
https://www.redhat.com/security/data/cve/CVE-2010-0177.html
https://www.redhat.com/security/data/cve/CVE-2010-0178.html
https://www.redhat.com/security/data/cve/CVE-2010-0179.html
http://www.redhat.com/security/updates/classification/#critical
http://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.19

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/