4

Ubuntu: 930-4: Firefox and Xulrunner vulnerabilities

view full story
linux-howto

http://www.linuxsecurity.com – LinuxSecurity.com: USN-930-1 fixed vulnerabilities in Firefox and Xulrunner. This updateprovides the corresponding updates for Ubuntu 9.04 and 9.10, along withadditional updates affecting Firefox 3.6.6. [More...] (Security)

jiqi2's picture
Submitted by jiqi2 on 07/23/2010 – Made popular on 07/23/2010

Stories similar to Ubuntu: 930-4: Firefox and Xulrunner vulnerabilities

Army wrote:Just look at the filesize of the new firefox in the repos. It used to be very small, because almost everything was included in the xulrunner package. Now firefox is much bigger, so xulrunner must be included in it.The only thing I'm wondering is, that the filesizes don't add up. Old firefox + xulrunner is much bigger than new firefox.

Referenced CVEs: 

CVE-2009-2654

Description: 

=========================================================== Ubuntu Security Notice USN-811-1 August 05, 2009 firefox-3.0, xulrunner-1.9 vulnerability CVE-2009-2654 ===========================================================

LinuxSecurity.com: Several flaws were discovered in the browser engine of Firefox. If a userwere tricked into viewing a malicious site, a remote attacker could usethis to crash the browser or possibly run arbitrary code as the userinvoking the program. (CVE-2010-1208, CVE-2010-1209, CVE-2010-1211,CVE-2010-1212) [More...]

I am running Fedora 17, 64 bit version.

Firefox won't start.

Referenced CVEs: 

CVE-2009-3979, CVE-2009-3981, CVE-2009-3983, CVE-2009-3984, CVE-2009-3985, CVE-2009-3986

Description: 

=========================================================== Ubuntu Security Notice USN-873-1 December 18, 2009 firefox-3.0, xulrunner-1.9 vulnerabiliti

Firefox 16 fails on fedora17 32 weeks 1 day ago

I've just updated firefox from 15 to 16 version with no problems, but couldn't start it because of error: /usr/lib/firefox/firefox: symbol lookup error: /usr/lib/xulrunner/libxul.so: undefined symbol: PR_SetCurrentThreadName

I had to downgrade to 12 version: yum downgrade firefox xulrunner

Description: 

=========================================================== Ubuntu Security Notice USN-877-1 January 08, 2010 firefox-3.0, xulrunner-1.9 regression https://launchpad.net/bugs/504516 ===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 8.04 LTS Ubuntu 8.

Referenced CVEs: 

CVE-2009-1571, CVE-2009-3988, CVE-2010-0159, CVE-2010-0160, CVE-2010-0162

Description: 

=========================================================== Ubuntu Security Notice USN-895-1 February 17, 2010 firefox-3.0, xulrunner-1.9 vulnerabilities CVE-2009-157

Canonical published in a security notice details about Firefox vulnerabilities for its Ubuntu 12.04 LTS, Ubuntu 11.10, Ubuntu 11.04, and Ubuntu 10.04 LTS operating systems.

According to Canonical, several security issues were fixed in Mozilla Firefox.