Skip to navigation

Security Advisory Mozilla security update

Advisory: RHSA-2005:384-11
Type: Security Advisory
Severity: Important
Issued on: 2005-04-28
Last updated on: 2005-04-28
Affected Products: Red Hat Desktop (v. 3)
Red Hat Enterprise Linux AS (v. 2.1)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux ES (v. 2.1)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux WS (v. 2.1)
Red Hat Enterprise Linux WS (v. 3)
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
CVEs (cve.mitre.org): CVE-2004-1156
CVE-2005-0142
CVE-2005-0143
CVE-2005-0146
CVE-2005-0231
CVE-2005-0232
CVE-2005-0233
CVE-2005-0401
CVE-2005-0527
CVE-2005-0578
CVE-2005-0584
CVE-2005-0585
CVE-2005-0586
CVE-2005-0588
CVE-2005-0590
CVE-2005-0591
CVE-2005-0593
CVE-2005-0989
CVE-2005-1153
CVE-2005-1154
CVE-2005-1155
CVE-2005-1156
CVE-2005-1157
CVE-2005-1159
CVE-2005-1160

Details

Updated Mozilla packages that fix various security bugs are now available.

This update has been rated as having Important security impact by the Red
Hat Security Response Team.

Mozilla is an open source Web browser, advanced email and newsgroup client,
IRC chat client, and HTML editor.

Several bugs were found with the way Mozilla displays the secure site icon.
It is possible that a malicious website could display the secure site icon
along with incorrect certificate information. (CAN-2005-0143 CAN-2005-0593)

A bug was found in the way Mozilla handles synthetic middle click events.
It is possible for a malicious web page to steal the contents of a victims
clipboard. (CAN-2005-0146)

Several bugs were found with the way Mozilla handles temporary files. A
local user could view sensitive temporary information or delete arbitrary
files. (CAN-2005-0142 CAN-2005-0578)

A bug was found in the way Mozilla handles pop-up windows. It is possible
for a malicious website to control the content in an unrelated site's
pop-up window. (CAN-2004-1156)

A flaw was found in the way Mozilla displays international domain names. It
is possible for an attacker to display a valid URL, tricking the user into
thinking they are viewing a legitimate webpage when they are not.
(CAN-2005-0233)

A bug was found in the way Mozilla processes XUL content. If a malicious
web page can trick a user into dragging an object, it is possible to load
malicious XUL content. (CAN-2005-0401)

A bug was found in the way Mozilla handles xsl:include and xsl:import
directives. It is possible for a malicious website to import XSLT
stylesheets from a domain behind a firewall, leaking information to an
attacker. (CAN-2005-0588)

Several bugs were found in the way Mozilla displays alert dialogs. It is
possible for a malicious webserver or website to trick a user into thinking
the dialog window is being generated from a trusted site. (CAN-2005-0586
CAN-2005-0591 CAN-2005-0585 CAN-2005-0590 CAN-2005-0584)

A bug was found in the Mozilla javascript security manager. If a user drags
a malicious link to a tab, the javascript security manager is bypassed,
which could result in remote code execution or information disclosure.
(CAN-2005-0231)

A bug was found in the way Mozilla allows plug-ins to load privileged
content into a frame. It is possible that a malicious webpage could trick a
user into clicking in certain places to modify configuration settings or
execute arbitrary code. (CAN-2005-0232 and CAN-2005-0527)

A bug was found in the way Mozilla handles anonymous functions during
regular expression string replacement. It is possible for a malicious web
page to capture a random block of browser memory. (CAN-2005-0989)

A bug was found in the way Mozilla displays pop-up windows. If a user
choses to open a pop-up window whose URL is malicious javascript, the
script will be executed with elevated privileges. (CAN-2005-1153)

A bug was found in the way Mozilla installed search plugins. If a user
chooses to install a search plugin from a malicious site, the new plugin
could silently overwrite an existing plugin. This could allow the malicious
plugin to execute arbitrary code and stealm sensitive information.
(CAN-2005-1156 CAN-2005-1157)

Several bugs were found in the Mozilla javascript engine. A malicious web
page could leverage these issues to execute javascript with elevated
privileges or steal sensitive information. (CAN-2005-1154 CAN-2005-1155
CAN-2005-1159 CAN-2005-1160)

Users of Mozilla are advised to upgrade to this updated package which
contains Mozilla version 1.7.7 to correct these issues.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

Updated packages

Red Hat Desktop (v. 3)

SRPMS:
mozilla-1.7.7-1.1.3.4.src.rpm
File outdated by:  RHSA-2006:0329
    MD5: 525e2ee941a69669a06b2522e3806f19
 
IA-32:
mozilla-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 7c50a099153179bd7e827078bf14c83e
mozilla-chat-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 670951ea2ecd2c7b5d1f25f731128e88
mozilla-devel-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 43b9801777c7b6bc7864a21cb8ab4152
mozilla-dom-inspector-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: e0adc24c19a8ed053e83160639075b81
mozilla-js-debugger-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: a6841f7b1d18f2c896dd9487996f62cb
mozilla-mail-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 0c84662fa8f1e47a643c57df3da44030
mozilla-nspr-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 883d4402fc93a9d7bc625770a283d50a
mozilla-nspr-devel-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 33471adde84e88497d856dfa3dffc92d
mozilla-nss-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 2de53f7f4895fb721497434e005a3d55
mozilla-nss-devel-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 87ea0f26e60f94d7af5cfb163136582e
 
x86_64:
mozilla-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 7c50a099153179bd7e827078bf14c83e
mozilla-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: ed19956043c95bec234e018203544860
mozilla-chat-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 5677542c97ad598ebfc6df1889820e74
mozilla-devel-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 8aa3920fbb6d18630efb9d03aa645e89
mozilla-dom-inspector-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 168c85ac07b7b4c5f264c08d5dd38181
mozilla-js-debugger-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 9d8f08e81e14ddacb3b5da8c713cf853
mozilla-mail-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 91dfca37aa00624af1fed85f366a8536
mozilla-nspr-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 883d4402fc93a9d7bc625770a283d50a
mozilla-nspr-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 87250e5cf971736d8351f246a51398ca
mozilla-nspr-devel-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: cf03afb1121b772e306548f225c05c10
mozilla-nss-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 2de53f7f4895fb721497434e005a3d55
mozilla-nss-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 75eb06b5cb399d672708d614d610e748
mozilla-nss-devel-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: c84d40146508befb92293ca2e922a5cc
 
Red Hat Enterprise Linux AS (v. 2.1)

SRPMS:
mozilla-1.7.7-1.1.2.1.src.rpm
File outdated by:  RHSA-2006:0329
    MD5: 4b4ed11ca58571c793c613c4bdddb6cc
 
IA-32:
galeon-1.2.14-1.2.3.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: b1666209547c01469430edc30ad56eca
mozilla-1.7.7-1.1.2.1.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 9c657d56f41bdf683c6e32ee7725f80e
mozilla-chat-1.7.7-1.1.2.1.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 2790d364098c4967ccaaa2e066910f4d
mozilla-devel-1.7.7-1.1.2.1.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 2d962e0048ee7bf28fe46b10ff4f7995
mozilla-dom-inspector-1.7.7-1.1.2.1.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: cb841f2bca59e91836fb9fc789e71b7d
mozilla-js-debugger-1.7.7-1.1.2.1.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 3065f5bbddfe2847d5086ec7a9fecf25
mozilla-mail-1.7.7-1.1.2.1.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 11a5bebb1e5a2bb03c91bc4af799c63f
mozilla-nspr-1.7.7-1.1.2.1.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 3ff3a556dbeb5e230cfea37a09758a18
mozilla-nspr-devel-1.7.7-1.1.2.1.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 75596eac1b481ecbb2cec1b1395f9430
mozilla-nss-1.7.7-1.1.2.1.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 283e705b2bf5b614bb2c06406bb3912d
mozilla-nss-devel-1.7.7-1.1.2.1.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 8f1be6c41914a462802a7d08f9964dce
 
IA-64:
galeon-1.2.14-1.2.3.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 24355dff0a64b0e3db3b8dcb42fb0d9f
mozilla-1.7.7-1.1.2.1.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 13ed50f691e34fd5c4589731edb3b68c
mozilla-chat-1.7.7-1.1.2.1.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 6cd0cc13580862862fd2ed20739f50f0
mozilla-devel-1.7.7-1.1.2.1.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: ec70a66a20196c8bc164f1edbc0ecaad
mozilla-dom-inspector-1.7.7-1.1.2.1.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 4ddbb18866e5744e53049967d4072e8f
mozilla-js-debugger-1.7.7-1.1.2.1.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 7b8583815c6bd27fc6614a9e8d299e22
mozilla-mail-1.7.7-1.1.2.1.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 9e43b191a19de44c30651a6b7cf435b4
mozilla-nspr-1.7.7-1.1.2.1.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 1f76d9355ebb0ff70160f3f10d865c61
mozilla-nspr-devel-1.7.7-1.1.2.1.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 19e27678ace617f22e73c886a56f4c6a
mozilla-nss-1.7.7-1.1.2.1.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: b173b8a89edc37dfab359f1d20c2efa8
mozilla-nss-devel-1.7.7-1.1.2.1.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: d1700e681b74e1653684bd079b8d8bd0
 
Red Hat Enterprise Linux AS (v. 3)

SRPMS:
mozilla-1.7.7-1.1.3.4.src.rpm
File outdated by:  RHSA-2006:0329
    MD5: 525e2ee941a69669a06b2522e3806f19
 
IA-32:
mozilla-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 7c50a099153179bd7e827078bf14c83e
mozilla-chat-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 670951ea2ecd2c7b5d1f25f731128e88
mozilla-devel-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 43b9801777c7b6bc7864a21cb8ab4152
mozilla-dom-inspector-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: e0adc24c19a8ed053e83160639075b81
mozilla-js-debugger-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: a6841f7b1d18f2c896dd9487996f62cb
mozilla-mail-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 0c84662fa8f1e47a643c57df3da44030
mozilla-nspr-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 883d4402fc93a9d7bc625770a283d50a
mozilla-nspr-devel-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 33471adde84e88497d856dfa3dffc92d
mozilla-nss-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 2de53f7f4895fb721497434e005a3d55
mozilla-nss-devel-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 87ea0f26e60f94d7af5cfb163136582e
 
IA-64:
mozilla-1.7.7-1.1.3.4.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 9684baa99edfe6fc6f916ec9b5f28b50
mozilla-chat-1.7.7-1.1.3.4.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: c33f36bcbc038317150e760f67e41d3c
mozilla-devel-1.7.7-1.1.3.4.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: cd5961bd88a27043d983af13e1c5cef2
mozilla-dom-inspector-1.7.7-1.1.3.4.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: d92e4f6402ff510254c35989d10c2089
mozilla-js-debugger-1.7.7-1.1.3.4.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: c858591aadf8c93e39fdf90fdef231a0
mozilla-mail-1.7.7-1.1.3.4.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 33788ff7918c7f8f5d9fcfd460021145
mozilla-nspr-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 883d4402fc93a9d7bc625770a283d50a
mozilla-nspr-1.7.7-1.1.3.4.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 52d0b70455ae9b8048f8c4b3c46d9118
mozilla-nspr-devel-1.7.7-1.1.3.4.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 4ebb3bac874ee388f192613e89d534ea
mozilla-nss-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 2de53f7f4895fb721497434e005a3d55
mozilla-nss-1.7.7-1.1.3.4.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: d6605e746509e017cd1567eadc74c122
mozilla-nss-devel-1.7.7-1.1.3.4.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 815c377c2b59e835043f6bf07e7f19fa
 
PPC:
mozilla-1.7.7-1.1.3.4.ppc.rpm
File outdated by:  RHSA-2006:0329
    MD5: 82ce3674b9d9db22222a8b72dd34061d
mozilla-chat-1.7.7-1.1.3.4.ppc.rpm
File outdated by:  RHSA-2006:0329
    MD5: 056b8f52aac99b70d84ded1620c95418
mozilla-devel-1.7.7-1.1.3.4.ppc.rpm
File outdated by:  RHSA-2006:0329
    MD5: 082833ec7036f4cb47d6b8ed7814fb54
mozilla-dom-inspector-1.7.7-1.1.3.4.ppc.rpm
File outdated by:  RHSA-2006:0329
    MD5: 9b5a4c1c00a8ef9fb9aa63cc175384d6
mozilla-js-debugger-1.7.7-1.1.3.4.ppc.rpm
File outdated by:  RHSA-2006:0329
    MD5: f36d4cec9b4ac80f9e2fd785be5b6b23
mozilla-mail-1.7.7-1.1.3.4.ppc.rpm
File outdated by:  RHSA-2006:0329
    MD5: 61106e7cb958bcd8a55e10589c8f1e29
mozilla-nspr-1.7.7-1.1.3.4.ppc.rpm
File outdated by:  RHSA-2006:0329
    MD5: f41cb54d95bbcc44bfdf8a2dbf79b5d5
mozilla-nspr-devel-1.7.7-1.1.3.4.ppc.rpm
File outdated by:  RHSA-2006:0329
    MD5: cb6ff101259cdf151f0f822f8ca7d44d
mozilla-nss-1.7.7-1.1.3.4.ppc.rpm
File outdated by:  RHSA-2006:0329
    MD5: 7981a23fee3e9ef832e597e0dce30998
mozilla-nss-devel-1.7.7-1.1.3.4.ppc.rpm
File outdated by:  RHSA-2006:0329
    MD5: c6661a837e3d72bec2b71c29cd71b8b9
 
s390:
mozilla-1.7.7-1.1.3.4.s390.rpm
File outdated by:  RHSA-2006:0329
    MD5: af2e3f29e3ea2b4bb148eecde6bcbbad
mozilla-chat-1.7.7-1.1.3.4.s390.rpm
File outdated by:  RHSA-2006:0329
    MD5: 8020d607c3d895e4df7f95727081b86c
mozilla-devel-1.7.7-1.1.3.4.s390.rpm
File outdated by:  RHSA-2006:0329
    MD5: f0eb5fdee9ae6b5cc4f7b963442b2f03
mozilla-dom-inspector-1.7.7-1.1.3.4.s390.rpm
File outdated by:  RHSA-2006:0329
    MD5: 12c83501adae55a1566f7c30e621ca66
mozilla-js-debugger-1.7.7-1.1.3.4.s390.rpm
File outdated by:  RHSA-2006:0329
    MD5: ff17631810875a25fc7c6830e9fe0a91
mozilla-mail-1.7.7-1.1.3.4.s390.rpm
File outdated by:  RHSA-2006:0329
    MD5: 66f9bb37047ffeb94d10e3f2097b9f2e
mozilla-nspr-1.7.7-1.1.3.4.s390.rpm
File outdated by:  RHSA-2006:0329
    MD5: 7712acaf8bbf1dd5358f8cc320cf65a0
mozilla-nspr-devel-1.7.7-1.1.3.4.s390.rpm
File outdated by:  RHSA-2006:0329
    MD5: 486f77b46386a97165388dc783fb39d0
mozilla-nss-1.7.7-1.1.3.4.s390.rpm
File outdated by:  RHSA-2006:0329
    MD5: 5e2c404600d52830bd877f43ebee10b1
mozilla-nss-devel-1.7.7-1.1.3.4.s390.rpm
File outdated by:  RHSA-2006:0329
    MD5: c986626308a59c958bae9c57cdc41976
 
s390x:
mozilla-1.7.7-1.1.3.4.s390x.rpm
File outdated by:  RHSA-2006:0329
    MD5: cc71398c2c966c772557e475d7c1c87f
mozilla-chat-1.7.7-1.1.3.4.s390x.rpm
File outdated by:  RHSA-2006:0329
    MD5: 1c2d3e25a90bcfc349323755ded97980
mozilla-devel-1.7.7-1.1.3.4.s390x.rpm
File outdated by:  RHSA-2006:0329
    MD5: a628dee5c31f9751649a35c4e27d433a
mozilla-dom-inspector-1.7.7-1.1.3.4.s390x.rpm
File outdated by:  RHSA-2006:0329
    MD5: 960fcdabcba69c0c5f522ebf595602ef
mozilla-js-debugger-1.7.7-1.1.3.4.s390x.rpm
File outdated by:  RHSA-2006:0329
    MD5: 85d780a2fcbddbd801a66199ad1b9963
mozilla-mail-1.7.7-1.1.3.4.s390x.rpm
File outdated by:  RHSA-2006:0329
    MD5: d7ca7fdafffd021e48b5bb0b96f796fb
mozilla-nspr-1.7.7-1.1.3.4.s390.rpm
File outdated by:  RHSA-2006:0329
    MD5: 7712acaf8bbf1dd5358f8cc320cf65a0
mozilla-nspr-1.7.7-1.1.3.4.s390x.rpm
File outdated by:  RHSA-2006:0329
    MD5: a64c95f8bd0a75495fe80e3aae854a8e
mozilla-nspr-devel-1.7.7-1.1.3.4.s390x.rpm
File outdated by:  RHSA-2006:0329
    MD5: a1722ffbd1b54fa6afafce7715810e00
mozilla-nss-1.7.7-1.1.3.4.s390.rpm
File outdated by:  RHSA-2006:0329
    MD5: 5e2c404600d52830bd877f43ebee10b1
mozilla-nss-1.7.7-1.1.3.4.s390x.rpm
File outdated by:  RHSA-2006:0329
    MD5: 15f771ca3258ae5960ed88971fc5b068
mozilla-nss-devel-1.7.7-1.1.3.4.s390x.rpm
File outdated by:  RHSA-2006:0329
    MD5: 2614becf48fa3034c34b817a9dfbb05e
 
x86_64:
mozilla-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 7c50a099153179bd7e827078bf14c83e
mozilla-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: ed19956043c95bec234e018203544860
mozilla-chat-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 5677542c97ad598ebfc6df1889820e74
mozilla-devel-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 8aa3920fbb6d18630efb9d03aa645e89
mozilla-dom-inspector-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 168c85ac07b7b4c5f264c08d5dd38181
mozilla-js-debugger-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 9d8f08e81e14ddacb3b5da8c713cf853
mozilla-mail-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 91dfca37aa00624af1fed85f366a8536
mozilla-nspr-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 883d4402fc93a9d7bc625770a283d50a
mozilla-nspr-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 87250e5cf971736d8351f246a51398ca
mozilla-nspr-devel-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: cf03afb1121b772e306548f225c05c10
mozilla-nss-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 2de53f7f4895fb721497434e005a3d55
mozilla-nss-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 75eb06b5cb399d672708d614d610e748
mozilla-nss-devel-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: c84d40146508befb92293ca2e922a5cc
 
Red Hat Enterprise Linux ES (v. 2.1)

SRPMS:
mozilla-1.7.7-1.1.2.1.src.rpm
File outdated by:  RHSA-2006:0329
    MD5: 4b4ed11ca58571c793c613c4bdddb6cc
 
IA-32:
galeon-1.2.14-1.2.3.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: b1666209547c01469430edc30ad56eca
mozilla-1.7.7-1.1.2.1.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 9c657d56f41bdf683c6e32ee7725f80e
mozilla-chat-1.7.7-1.1.2.1.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 2790d364098c4967ccaaa2e066910f4d
mozilla-devel-1.7.7-1.1.2.1.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 2d962e0048ee7bf28fe46b10ff4f7995
mozilla-dom-inspector-1.7.7-1.1.2.1.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: cb841f2bca59e91836fb9fc789e71b7d
mozilla-js-debugger-1.7.7-1.1.2.1.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 3065f5bbddfe2847d5086ec7a9fecf25
mozilla-mail-1.7.7-1.1.2.1.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 11a5bebb1e5a2bb03c91bc4af799c63f
mozilla-nspr-1.7.7-1.1.2.1.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 3ff3a556dbeb5e230cfea37a09758a18
mozilla-nspr-devel-1.7.7-1.1.2.1.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 75596eac1b481ecbb2cec1b1395f9430
mozilla-nss-1.7.7-1.1.2.1.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 283e705b2bf5b614bb2c06406bb3912d
mozilla-nss-devel-1.7.7-1.1.2.1.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 8f1be6c41914a462802a7d08f9964dce
 
Red Hat Enterprise Linux ES (v. 3)

SRPMS:
mozilla-1.7.7-1.1.3.4.src.rpm
File outdated by:  RHSA-2006:0329
    MD5: 525e2ee941a69669a06b2522e3806f19
 
IA-32:
mozilla-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 7c50a099153179bd7e827078bf14c83e
mozilla-chat-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 670951ea2ecd2c7b5d1f25f731128e88
mozilla-devel-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 43b9801777c7b6bc7864a21cb8ab4152
mozilla-dom-inspector-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: e0adc24c19a8ed053e83160639075b81
mozilla-js-debugger-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: a6841f7b1d18f2c896dd9487996f62cb
mozilla-mail-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 0c84662fa8f1e47a643c57df3da44030
mozilla-nspr-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 883d4402fc93a9d7bc625770a283d50a
mozilla-nspr-devel-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 33471adde84e88497d856dfa3dffc92d
mozilla-nss-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 2de53f7f4895fb721497434e005a3d55
mozilla-nss-devel-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 87ea0f26e60f94d7af5cfb163136582e
 
IA-64:
mozilla-1.7.7-1.1.3.4.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 9684baa99edfe6fc6f916ec9b5f28b50
mozilla-chat-1.7.7-1.1.3.4.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: c33f36bcbc038317150e760f67e41d3c
mozilla-devel-1.7.7-1.1.3.4.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: cd5961bd88a27043d983af13e1c5cef2
mozilla-dom-inspector-1.7.7-1.1.3.4.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: d92e4f6402ff510254c35989d10c2089
mozilla-js-debugger-1.7.7-1.1.3.4.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: c858591aadf8c93e39fdf90fdef231a0
mozilla-mail-1.7.7-1.1.3.4.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 33788ff7918c7f8f5d9fcfd460021145
mozilla-nspr-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 883d4402fc93a9d7bc625770a283d50a
mozilla-nspr-1.7.7-1.1.3.4.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 52d0b70455ae9b8048f8c4b3c46d9118
mozilla-nspr-devel-1.7.7-1.1.3.4.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 4ebb3bac874ee388f192613e89d534ea
mozilla-nss-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 2de53f7f4895fb721497434e005a3d55
mozilla-nss-1.7.7-1.1.3.4.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: d6605e746509e017cd1567eadc74c122
mozilla-nss-devel-1.7.7-1.1.3.4.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 815c377c2b59e835043f6bf07e7f19fa
 
x86_64:
mozilla-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 7c50a099153179bd7e827078bf14c83e
mozilla-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: ed19956043c95bec234e018203544860
mozilla-chat-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 5677542c97ad598ebfc6df1889820e74
mozilla-devel-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 8aa3920fbb6d18630efb9d03aa645e89
mozilla-dom-inspector-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 168c85ac07b7b4c5f264c08d5dd38181
mozilla-js-debugger-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 9d8f08e81e14ddacb3b5da8c713cf853
mozilla-mail-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 91dfca37aa00624af1fed85f366a8536
mozilla-nspr-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 883d4402fc93a9d7bc625770a283d50a
mozilla-nspr-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 87250e5cf971736d8351f246a51398ca
mozilla-nspr-devel-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: cf03afb1121b772e306548f225c05c10
mozilla-nss-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 2de53f7f4895fb721497434e005a3d55
mozilla-nss-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 75eb06b5cb399d672708d614d610e748
mozilla-nss-devel-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: c84d40146508befb92293ca2e922a5cc
 
Red Hat Enterprise Linux WS (v. 2.1)

SRPMS:
mozilla-1.7.7-1.1.2.1.src.rpm
File outdated by:  RHSA-2006:0329
    MD5: 4b4ed11ca58571c793c613c4bdddb6cc
 
IA-32:
galeon-1.2.14-1.2.3.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: b1666209547c01469430edc30ad56eca
mozilla-1.7.7-1.1.2.1.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 9c657d56f41bdf683c6e32ee7725f80e
mozilla-chat-1.7.7-1.1.2.1.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 2790d364098c4967ccaaa2e066910f4d
mozilla-devel-1.7.7-1.1.2.1.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 2d962e0048ee7bf28fe46b10ff4f7995
mozilla-dom-inspector-1.7.7-1.1.2.1.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: cb841f2bca59e91836fb9fc789e71b7d
mozilla-js-debugger-1.7.7-1.1.2.1.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 3065f5bbddfe2847d5086ec7a9fecf25
mozilla-mail-1.7.7-1.1.2.1.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 11a5bebb1e5a2bb03c91bc4af799c63f
mozilla-nspr-1.7.7-1.1.2.1.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 3ff3a556dbeb5e230cfea37a09758a18
mozilla-nspr-devel-1.7.7-1.1.2.1.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 75596eac1b481ecbb2cec1b1395f9430
mozilla-nss-1.7.7-1.1.2.1.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 283e705b2bf5b614bb2c06406bb3912d
mozilla-nss-devel-1.7.7-1.1.2.1.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 8f1be6c41914a462802a7d08f9964dce
 
Red Hat Enterprise Linux WS (v. 3)

SRPMS:
mozilla-1.7.7-1.1.3.4.src.rpm
File outdated by:  RHSA-2006:0329
    MD5: 525e2ee941a69669a06b2522e3806f19
 
IA-32:
mozilla-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 7c50a099153179bd7e827078bf14c83e
mozilla-chat-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 670951ea2ecd2c7b5d1f25f731128e88
mozilla-devel-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 43b9801777c7b6bc7864a21cb8ab4152
mozilla-dom-inspector-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: e0adc24c19a8ed053e83160639075b81
mozilla-js-debugger-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: a6841f7b1d18f2c896dd9487996f62cb
mozilla-mail-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 0c84662fa8f1e47a643c57df3da44030
mozilla-nspr-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 883d4402fc93a9d7bc625770a283d50a
mozilla-nspr-devel-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 33471adde84e88497d856dfa3dffc92d
mozilla-nss-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 2de53f7f4895fb721497434e005a3d55
mozilla-nss-devel-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 87ea0f26e60f94d7af5cfb163136582e
 
IA-64:
mozilla-1.7.7-1.1.3.4.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 9684baa99edfe6fc6f916ec9b5f28b50
mozilla-chat-1.7.7-1.1.3.4.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: c33f36bcbc038317150e760f67e41d3c
mozilla-devel-1.7.7-1.1.3.4.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: cd5961bd88a27043d983af13e1c5cef2
mozilla-dom-inspector-1.7.7-1.1.3.4.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: d92e4f6402ff510254c35989d10c2089
mozilla-js-debugger-1.7.7-1.1.3.4.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: c858591aadf8c93e39fdf90fdef231a0
mozilla-mail-1.7.7-1.1.3.4.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 33788ff7918c7f8f5d9fcfd460021145
mozilla-nspr-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 883d4402fc93a9d7bc625770a283d50a
mozilla-nspr-1.7.7-1.1.3.4.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 52d0b70455ae9b8048f8c4b3c46d9118
mozilla-nspr-devel-1.7.7-1.1.3.4.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 4ebb3bac874ee388f192613e89d534ea
mozilla-nss-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 2de53f7f4895fb721497434e005a3d55
mozilla-nss-1.7.7-1.1.3.4.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: d6605e746509e017cd1567eadc74c122
mozilla-nss-devel-1.7.7-1.1.3.4.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 815c377c2b59e835043f6bf07e7f19fa
 
x86_64:
mozilla-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 7c50a099153179bd7e827078bf14c83e
mozilla-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: ed19956043c95bec234e018203544860
mozilla-chat-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 5677542c97ad598ebfc6df1889820e74
mozilla-devel-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 8aa3920fbb6d18630efb9d03aa645e89
mozilla-dom-inspector-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 168c85ac07b7b4c5f264c08d5dd38181
mozilla-js-debugger-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 9d8f08e81e14ddacb3b5da8c713cf853
mozilla-mail-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 91dfca37aa00624af1fed85f366a8536
mozilla-nspr-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 883d4402fc93a9d7bc625770a283d50a
mozilla-nspr-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 87250e5cf971736d8351f246a51398ca
mozilla-nspr-devel-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: cf03afb1121b772e306548f225c05c10
mozilla-nss-1.7.7-1.1.3.4.i386.rpm
File outdated by:  RHSA-2006:0329
    MD5: 2de53f7f4895fb721497434e005a3d55
mozilla-nss-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 75eb06b5cb399d672708d614d610e748
mozilla-nss-devel-1.7.7-1.1.3.4.x86_64.rpm
File outdated by:  RHSA-2006:0329
    MD5: c84d40146508befb92293ca2e922a5cc
 
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor

SRPMS:
mozilla-1.7.7-1.1.2.1.src.rpm
File outdated by:  RHSA-2006:0329
    MD5: 4b4ed11ca58571c793c613c4bdddb6cc
 
IA-64:
galeon-1.2.14-1.2.3.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 24355dff0a64b0e3db3b8dcb42fb0d9f
mozilla-1.7.7-1.1.2.1.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 13ed50f691e34fd5c4589731edb3b68c
mozilla-chat-1.7.7-1.1.2.1.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 6cd0cc13580862862fd2ed20739f50f0
mozilla-devel-1.7.7-1.1.2.1.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: ec70a66a20196c8bc164f1edbc0ecaad
mozilla-dom-inspector-1.7.7-1.1.2.1.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 4ddbb18866e5744e53049967d4072e8f
mozilla-js-debugger-1.7.7-1.1.2.1.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 7b8583815c6bd27fc6614a9e8d299e22
mozilla-mail-1.7.7-1.1.2.1.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 9e43b191a19de44c30651a6b7cf435b4
mozilla-nspr-1.7.7-1.1.2.1.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 1f76d9355ebb0ff70160f3f10d865c61
mozilla-nspr-devel-1.7.7-1.1.2.1.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: 19e27678ace617f22e73c886a56f4c6a
mozilla-nss-1.7.7-1.1.2.1.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: b173b8a89edc37dfab359f1d20c2efa8
mozilla-nss-devel-1.7.7-1.1.2.1.ia64.rpm
File outdated by:  RHSA-2006:0329
    MD5: d1700e681b74e1653684bd079b8d8bd0
 

Bugs fixed (see bugzilla for more information)

142390 - CAN-2004-1156 Frame injection vulnerability.
144080 - CAN-2005-0585 download dialog URL spoofing
145606 - CAN-2005-0142 Opened attachments are temporarily saved world-readable
145607 - CAN-2005-0143 Secure site lock can be spoofed with a binary download
145613 - CAN-2005-0146 Synthetic middle-click event can steal clipboard contents
147397 - homograph spoofing
152580 - CAN-2005-0578 Mozilla issues (CAN-2005-0232 CAN-2005-0527 CAN-2005-0231 CAN-2005-0584 CAN-2005-0585 CAN-2005-0586 CAN-2005-0588 CAN-2005-0590 CAN-2005-0591 CAN-2005-0593)
155117 - CAN-2005-0989 Multiple Mozilla issues. (CAN-2005-1153 CAN-2005-1154 CAN-2005-1155 CAN-2005-1156 CAN-2005-1157 CAN-2005-1159 CAN-2005-1160)


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/