rPSA-2007-0112-1 firefox thunderbird

[rPath Update Announcements <announce-noreply@xxxxxxxxx>]

rPath Security Advisory: 2007-0112-1
Published: 2007-05-31
Products: rPath Linux 1
Rating: Major
Exposure Level Classification:
    Indirect User Deterministic Unauthorized Access
Updated Versions:
    firefox=/conary.rpath.com@rpl:devel//1/1.5.0.12-0.1-1
    thunderbird=/conary.rpath.com@rpl:devel//1/1.5.0.12-0.1-1

References:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1362
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1562
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2867
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2868
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2869
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2870
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2871
    https://issues.rpath.com/browse/RPL-1424

Description:
    Previous versions of the firefox and thunderbird packages are vulnerable
    to several types of attacks, some of which are understood to allow
    compromised or malicious sites to run arbitrary code as the user running
    the vulnerable application.

Copyright 2007 rPath, Inc.
This file is distributed under the terms of the MIT License.
A copy is available at http://www.rpath.com/permanent/mit-license.html