rPSA-2006-0206-1 firefox thunderbird

To: security-announce@xxxxxxxxxxxxxxx, update-announce@xxxxxxxxxxxxxxx
Subject: rPSA-2006-0206-1 firefox thunderbird
From: rPath Update Announcements <announce-noreply@xxxxxxxxx>
Date: Thu, 09 Nov 2006 16:53:39 -0500
Cc: full-disclosure@xxxxxxxxxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx, lwn@xxxxxxx
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
User-agent: nail 11.22 3/20/05

rPath Security Advisory: 2006-0206-1
Published: 2006-11-09
Products: rPath Linux 1
Rating: Severe
Exposure Level Classification:
    Remote User Deterministic Unauthorized Access
Updated Versions:
    firefox=/conary.rpath.com@rpl:devel//1/1.5.0.8-0.1-1
    thunderbird=/conary.rpath.com@rpl:devel//1/1.5.0.8-0.1-1

References:
    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5463
    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5464
    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5747
    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5748
    https://issues.rpath.com/browse/RPL-765

Description:
    Previous versions of the firefox and thunderbird packages are
    vulnerable to multiple attacks.  One vulnerability is in page
    rendering, and the remaining three vulnerabilities are in JavaScript.
    (JavaScript vulnerabilities do not affect thunderbird in the default,
    recommended configuration of not enabling JavaScript.)

Prev by Date: rPSA-2006-0205-1 php php-mysql php-pgsql
Next by Date: rPSA-2006-0207-1 openssh openssh-client openssh-server
Previous by thread: rPSA-2006-0205-1 php php-mysql php-pgsql
Next by thread: rPSA-2006-0207-1 openssh openssh-client openssh-server
Index(es):
- Date
- Thread