A new update is available for Fedora Core - [SECURITY] Fedora Core 4 Update: mozilla-1.7.10-1.5.2. Here the announcement:
Fedora Update Notification
FEDORA-2005-873
2005-09-10
---------------------------------------------------------------------
Product : Fedora Core 4
Name : mozilla
Version : 1.7.10
Release : 1.5.2
Summary : A Web browser.
Description :
Mozilla is an open-source Web browser, designed for standards
compliance, performance, and portability.
---------------------------------------------------------------------
Update Information:
An updated mozilla package that fixes a security bug is now
available for Fedora Core 4.
This update has been rated as having critical security
impact by the Fedora Security Response Team.
Mozilla is an open source Web browser, advanced email and
newsgroup client, IRC chat client, and HTML editor.
A bug was found in the way Mozilla processes certain
international domain names. An attacker could create a
specially crafted HTML file, which when viewed by the victim
would cause Mozilla to crash or possibly execute arbitrary
code. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2005-2871 to this
issue.
Users of Mozilla are advised to upgrade to this updated
package that contains a backported patch and is not
vulnerable to this issue.
---------------------------------------------------------------------
* Fri Sep 9 2005 Christopher Aillon <caillon@redhat.com> 37:1.7.10-1.5.2
- Fix for CAN-2005-2871
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
1d6b02e9261710f5e616b72cb3fbdf4b SRPMS/mozilla-1.7.10-1.5.2.src.rpm
5e194697142bc226ed1ce0c41a5ddda0 ppc/mozilla-1.7.10-1.5.2.ppc.rpm
31d53f89d85f6fc3d8d60ad98c6568b0 ppc/mozilla-nspr-1.7.10-1.5.2.ppc.rpm
2b4dbf64efb561e84d8134b3af1e3a0a ppc/mozilla-nspr-devel-1.7.10-1.5.2.ppc.rpm
8be61c121fda6b13f73fd555cf420506 ppc/mozilla-nss-1.7.10-1.5.2.ppc.rpm
662a531f38a64f67c419c3a0763aaf3c ppc/mozilla-nss-devel-1.7.10-1.5.2.ppc.rpm
0aaebac17278c986fac95e1c47c0b956 ppc/mozilla-devel-1.7.10-1.5.2.ppc.rpm
7ada3163823634334efaf2f27cc3776e ppc/mozilla-mail-1.7.10-1.5.2.ppc.rpm
a3da6d543b8710aa486da1c063661fa1 ppc/mozilla-chat-1.7.10-1.5.2.ppc.rpm
09143e44abe449408641e899a663f413 ppc/mozilla-js-debugger-1.7.10-1.5.2.ppc.rpm
d584b675a9a2822d54cae26e8419d13f ppc/mozilla-dom-inspector-1.7.10-1.5.2.ppc.rpm
03ad29822cb3a905971b9256d34b9c54 ppc/debug/mozilla-debuginfo-1.7.10-1.5.2.ppc.rpm
777e16069910a62c8c924dbd69dd15f9 x86_64/mozilla-1.7.10-1.5.2.x86_64.rpm
5081128320f7eed4e51cd65c6ce4aec5 x86_64/mozilla-nspr-1.7.10-1.5.2.x86_64.rpm
9af31723823ab0318b4d824e119769aa x86_64/mozilla-nspr-devel-1.7.10-1.5.2.x86_64.rpm
ad2712e72e7d00c3a4d04803fbeb11d3 x86_64/mozilla-nss-1.7.10-1.5.2.x86_64.rpm
26922858fe93126d4195bbe4c6ea8f37 x86_64/mozilla-nss-devel-1.7.10-1.5.2.x86_64.rpm
488cddf6ee8b8c460ea236071db19d2e x86_64/mozilla-devel-1.7.10-1.5.2.x86_64.rpm
5fad9772204d9dc041edf878d9aea8ec x86_64/mozilla-mail-1.7.10-1.5.2.x86_64.rpm
24399336a0c068b632e82d3cfd77464d x86_64/mozilla-chat-1.7.10-1.5.2.x86_64.rpm
07260782b92a8421211122d9b4d57ab6 x86_64/mozilla-js-debugger-1.7.10-1.5.2.x86_64.rpm
a5c70168463c4bee098d452aa57f56ef x86_64/mozilla-dom-inspector-1.7.10-1.5.2.x86_64.rpm
d97a582f6d709d87c9a8f751de3d9e24 x86_64/debug/mozilla-debuginfo-1.7.10-1.5.2.x86_64.rpm
68181cf3f0c2d04edfb0ac3d6bdbc9e1 x86_64/mozilla-nspr-1.7.10-1.5.2.i386.rpm
2a273cc86ab79cb35f75b125364f3435 x86_64/mozilla-nss-1.7.10-1.5.2.i386.rpm
79bcb2d3ccbcd172e139e84bc1561711 i386/mozilla-1.7.10-1.5.2.i386.rpm
68181cf3f0c2d04edfb0ac3d6bdbc9e1 i386/mozilla-nspr-1.7.10-1.5.2.i386.rpm
0c08b231ed117ed1f44b26821a83fda4 i386/mozilla-nspr-devel-1.7.10-1.5.2.i386.rpm
2a273cc86ab79cb35f75b125364f3435 i386/mozilla-nss-1.7.10-1.5.2.i386.rpm
b6c56269e7770b542f8f378720d4f947 i386/mozilla-nss-devel-1.7.10-1.5.2.i386.rpm
353254b90d373794ca2832530abaa8cc i386/mozilla-devel-1.7.10-1.5.2.i386.rpm
c0a7c67c2dd49e7ee1bc598532d8ed30 i386/mozilla-mail-1.7.10-1.5.2.i386.rpm
16bac1eef7fa4abf022390c7d83f129e i386/mozilla-chat-1.7.10-1.5.2.i386.rpm
df29a03ebd9c0e0b3c7863f71d8f63dc i386/mozilla-js-debugger-1.7.10-1.5.2.i386.rpm
a04ce07f139d9bb62c9a9e5ddbfb0dca i386/mozilla-dom-inspector-1.7.10-1.5.2.i386.rpm
4741343dc1e022f88b230af69976a42c i386/debug/mozilla-debuginfo-1.7.10-1.5.2.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.