Updated mozilla packages are available for Red Hat Enterprise Linux 2.1 and 3
----------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Updated mozilla packages fix security issues
Advisory ID: RHSA-2004:486-01
Issue date: 2004-09-30
Updated on: 2004-09-30
Product: Red Hat Enterprise Linux
CVE Names: CAN-2004-0902 CAN-2004-0903 CAN-2004-0904 CAN-2004-0905 CAN-2004-0908
----------------------------------------------------------------------
1. Summary:
Updated mozilla packages that fix a number of security issues are now available.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
3. Problem description:
Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor.
Jesse Ruderman discovered a cross-domain scripting bug in Mozilla. If a user is tricked into dragging a javascript link into another frame or page, it becomes possible for an attacker to steal or modify sensitive information from that site. Additionally, if a user is tricked into dragging two links in sequence to another window (not frame), it is possible for the attacker to execute arbitrary commands. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0905 to this issue.
Gael Delalleau discovered an integer overflow which affects the BMP handling code inside Mozilla. An attacker could create a carefully crafted BMP file in such a way that it would cause Mozilla to crash or execute arbitrary code when the image is viewed. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0904 to this issue.
Georgi Guninski discovered a stack-based buffer overflow in the vCard display routines. An attacker could create a carefully crafted vCard file in such a way that it would cause Mozilla to crash or execute arbitrary code when viewed. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0903 to this issue.
Wladimir Palant discovered a flaw in the way javascript interacts with the clipboard. It is possible that an attacker could use malicious javascript code to steal sensitive data which has been copied into the clipboard. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0908 to this issue.
Georgi Guninski discovered a heap based buffer overflow in the "Send Page" feature. It is possible that an attacker could construct a link in such a way that a user attempting to forward it could result in a crash or arbitrary code execution. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0902 to this issue.
Users of Mozilla should update to these updated packages, which contain backported patches and are not vulnerable to these issues.
4. Solution:
Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system:
http://www.redhat.com/docs/manuals/enterprise/
5. Bug IDs fixed (http://bugzilla.redhat.com/ for more info):
133023 - CAN-2004-0902 "send page" heap based buffer overflow
133024 - CAN-2004-0902 "send page" heap based buffer overflow
133022 - CAN-2004-0908 javascript clipboard information leakage
133021 - CAN-2004-0908 javascript clipboard information leakage
133017 - CAN-2004-0903 VCard buffer overflow
133016 - CAN-2004-0903 VCard buffer overflow
133015 - CAN-2004-0904 BMP integer overflows
133014 - CAN-2004-0904 BMP integer overflows
133013 - CAN-2004-0905 javascript link dragging information leak
133012 - CAN-2004-0905 javascript link dragging information leak
6. RPMs required:
Red Hat Enterprise Linux AS (Advanced Server) version 2.1:
SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/galeon-1.2.13-5.2.1.src.rpm
38d208921a49cdba604bb43913abe051 galeon-1.2.13-5.2.1.src.rpm
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/mozilla-1.4.3-2.1.4.src.rpm
1df0013c48248d17778fc1551ff15dad mozilla-1.4.3-2.1.4.src.rpm
i386:
0113f2b2e33551ddae0b48ede67b31e6 galeon-1.2.13-5.2.1.i386.rpm
fea3285b8dd5da3a3bb611a7d5738d0b mozilla-1.4.3-2.1.4.i386.rpm
a89a3550a7773de347018c8a463027cb mozilla-chat-1.4.3-2.1.4.i386.rpm
b57acd6332cb88d652a3cc41b5f9c527 mozilla-devel-1.4.3-2.1.4.i386.rpm
8bea20265ab364b52d6fd361bf23d190 mozilla-dom-inspector-1.4.3-2.1.4.i386.rpm
4bfcd1dd7b588edf2052efc9e8f6326a mozilla-js-debugger-1.4.3-2.1.4.i386.rpm
9c512ae1ecc4c8efe7a9684465b8b871 mozilla-mail-1.4.3-2.1.4.i386.rpm
1e7977951fc2c8c69e03b50377f2398d mozilla-nspr-1.4.3-2.1.4.i386.rpm
c268cd8846a17b8cc7aee6a3d50f9c9c mozilla-nspr-devel-1.4.3-2.1.4.i386.rpm
69cc833f9d5a469b258a474e1ebc9ddf mozilla-nss-1.4.3-2.1.4.i386.rpm
891300626fafc05a8cd371f8b256dd15 mozilla-nss-devel-1.4.3-2.1.4.i386.rpm
ia64:
fcb96e9637ce3b6dfe17a0171d15a50c galeon-1.2.13-5.2.1.ia64.rpm
6c4a5d7e011e56e4aa1018ae7e705b57 mozilla-1.4.3-2.1.4.ia64.rpm
0eee8252025e7d702b91df5660ee34ef mozilla-chat-1.4.3-2.1.4.ia64.rpm
529225b13b9aae00118083bbef99834d mozilla-devel-1.4.3-2.1.4.ia64.rpm
0dcd345bd8163775000a77126668a4d8 mozilla-dom-inspector-1.4.3-2.1.4.ia64.rpm
17761fdf3bc78ededd68ca4c6e26ae2e mozilla-js-debugger-1.4.3-2.1.4.ia64.rpm
8f804d0ac0d0d2755b557226f488dca2 mozilla-mail-1.4.3-2.1.4.ia64.rpm
da89647961a2ebde1270b6789bca51b8 mozilla-nspr-1.4.3-2.1.4.ia64.rpm
870ae30ec76b4cb4eaa6bb2002c50b83 mozilla-nspr-devel-1.4.3-2.1.4.ia64.rpm
8a3ee63abfb58c99c0dd45c37bb0fffb mozilla-nss-1.4.3-2.1.4.ia64.rpm
e5b52d933f797a5fb5b815bc75427b2e mozilla-nss-devel-1.4.3-2.1.4.ia64.rpm
Red Hat Linux Advanced Workstation 2.1:
SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/galeon-1.2.13-5.2.1.src.rpm
38d208921a49cdba604bb43913abe051 galeon-1.2.13-5.2.1.src.rpm
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/mozilla-1.4.3-2.1.4.src.rpm
1df0013c48248d17778fc1551ff15dad mozilla-1.4.3-2.1.4.src.rpm
ia64:
fcb96e9637ce3b6dfe17a0171d15a50c galeon-1.2.13-5.2.1.ia64.rpm
6c4a5d7e011e56e4aa1018ae7e705b57 mozilla-1.4.3-2.1.4.ia64.rpm
0eee8252025e7d702b91df5660ee34ef mozilla-chat-1.4.3-2.1.4.ia64.rpm
529225b13b9aae00118083bbef99834d mozilla-devel-1.4.3-2.1.4.ia64.rpm
0dcd345bd8163775000a77126668a4d8 mozilla-dom-inspector-1.4.3-2.1.4.ia64.rpm
17761fdf3bc78ededd68ca4c6e26ae2e mozilla-js-debugger-1.4.3-2.1.4.ia64.rpm
8f804d0ac0d0d2755b557226f488dca2 mozilla-mail-1.4.3-2.1.4.ia64.rpm
da89647961a2ebde1270b6789bca51b8 mozilla-nspr-1.4.3-2.1.4.ia64.rpm
870ae30ec76b4cb4eaa6bb2002c50b83 mozilla-nspr-devel-1.4.3-2.1.4.ia64.rpm
8a3ee63abfb58c99c0dd45c37bb0fffb mozilla-nss-1.4.3-2.1.4.ia64.rpm
e5b52d933f797a5fb5b815bc75427b2e mozilla-nss-devel-1.4.3-2.1.4.ia64.rpm
Red Hat Enterprise Linux ES version 2.1:
SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/galeon-1.2.13-5.2.1.src.rpm
38d208921a49cdba604bb43913abe051 galeon-1.2.13-5.2.1.src.rpm
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/mozilla-1.4.3-2.1.4.src.rpm
1df0013c48248d17778fc1551ff15dad mozilla-1.4.3-2.1.4.src.rpm
i386:
0113f2b2e33551ddae0b48ede67b31e6 galeon-1.2.13-5.2.1.i386.rpm
fea3285b8dd5da3a3bb611a7d5738d0b mozilla-1.4.3-2.1.4.i386.rpm
a89a3550a7773de347018c8a463027cb mozilla-chat-1.4.3-2.1.4.i386.rpm
b57acd6332cb88d652a3cc41b5f9c527 mozilla-devel-1.4.3-2.1.4.i386.rpm
8bea20265ab364b52d6fd361bf23d190 mozilla-dom-inspector-1.4.3-2.1.4.i386.rpm
4bfcd1dd7b588edf2052efc9e8f6326a mozilla-js-debugger-1.4.3-2.1.4.i386.rpm
9c512ae1ecc4c8efe7a9684465b8b871 mozilla-mail-1.4.3-2.1.4.i386.rpm
1e7977951fc2c8c69e03b50377f2398d mozilla-nspr-1.4.3-2.1.4.i386.rpm
c268cd8846a17b8cc7aee6a3d50f9c9c mozilla-nspr-devel-1.4.3-2.1.4.i386.rpm
69cc833f9d5a469b258a474e1ebc9ddf mozilla-nss-1.4.3-2.1.4.i386.rpm
891300626fafc05a8cd371f8b256dd15 mozilla-nss-devel-1.4.3-2.1.4.i386.rpm
Red Hat Enterprise Linux WS version 2.1:
SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/galeon-1.2.13-5.2.1.src.rpm
38d208921a49cdba604bb43913abe051 galeon-1.2.13-5.2.1.src.rpm
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/mozilla-1.4.3-2.1.4.src.rpm
1df0013c48248d17778fc1551ff15dad mozilla-1.4.3-2.1.4.src.rpm
i386:
0113f2b2e33551ddae0b48ede67b31e6 galeon-1.2.13-5.2.1.i386.rpm
fea3285b8dd5da3a3bb611a7d5738d0b mozilla-1.4.3-2.1.4.i386.rpm
a89a3550a7773de347018c8a463027cb mozilla-chat-1.4.3-2.1.4.i386.rpm
b57acd6332cb88d652a3cc41b5f9c527 mozilla-devel-1.4.3-2.1.4.i386.rpm
8bea20265ab364b52d6fd361bf23d190 mozilla-dom-inspector-1.4.3-2.1.4.i386.rpm
4bfcd1dd7b588edf2052efc9e8f6326a mozilla-js-debugger-1.4.3-2.1.4.i386.rpm
9c512ae1ecc4c8efe7a9684465b8b871 mozilla-mail-1.4.3-2.1.4.i386.rpm
1e7977951fc2c8c69e03b50377f2398d mozilla-nspr-1.4.3-2.1.4.i386.rpm
c268cd8846a17b8cc7aee6a3d50f9c9c mozilla-nspr-devel-1.4.3-2.1.4.i386.rpm
69cc833f9d5a469b258a474e1ebc9ddf mozilla-nss-1.4.3-2.1.4.i386.rpm
891300626fafc05a8cd371f8b256dd15 mozilla-nss-devel-1.4.3-2.1.4.i386.rpm
Red Hat Enterprise Linux AS version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/mozilla-1.4.3-3.0.4.src.rpm
c8db78ffe83ebd4a0e935a4c5287a509 mozilla-1.4.3-3.0.4.src.rpm
i386:
ed34cad577e7a2ec43b73155662c3823 mozilla-1.4.3-3.0.4.i386.rpm
30035e1900b293f3c01f5441e5b3486d mozilla-chat-1.4.3-3.0.4.i386.rpm
e2f44df2fa7ac76f50c419ad7415c898 mozilla-devel-1.4.3-3.0.4.i386.rpm
fe6c46344d57ac89a453edab1e2a249a mozilla-dom-inspector-1.4.3-3.0.4.i386.rpm
0ae9c284917a0813202d13977ebc23d8 mozilla-js-debugger-1.4.3-3.0.4.i386.rpm
9682e260d658b97c748b34bb5a52c1ee mozilla-mail-1.4.3-3.0.4.i386.rpm
dfa30f1286bab6f24603e1947314567f mozilla-nspr-1.4.3-3.0.4.i386.rpm
488703befef51e466079b462c02094c7 mozilla-nspr-devel-1.4.3-3.0.4.i386.rpm
b3165005cd23d7cb33024f67de209cc1 mozilla-nss-1.4.3-3.0.4.i386.rpm
0daea4b62934c4825267bdfa57121d9d mozilla-nss-devel-1.4.3-3.0.4.i386.rpm
ia64:
764f44795fae70df98eb784cfc24cb61 mozilla-1.4.3-3.0.4.ia64.rpm
498f1bc992269627837acfd9fb5c1c16 mozilla-chat-1.4.3-3.0.4.ia64.rpm
3c0e32e6dfd33b5b42d6ceecfc0e5d5a mozilla-devel-1.4.3-3.0.4.ia64.rpm
4a67ebbcb89f5e8add363f47a657d6df mozilla-dom-inspector-1.4.3-3.0.4.ia64.rpm
445ed37eb27214ef386114fe97d15ef9 mozilla-js-debugger-1.4.3-3.0.4.ia64.rpm
618d5c39e66f2ff6a2ca461647b91fa2 mozilla-mail-1.4.3-3.0.4.ia64.rpm
5927274883eaa60f10ec714085d22a48 mozilla-nspr-1.4.3-3.0.4.ia64.rpm
83f18ec8692a9f309737efbb502ae5b9 mozilla-nspr-devel-1.4.3-3.0.4.ia64.rpm
dcd233f7708eb136a18ab6070d028592 mozilla-nss-1.4.3-3.0.4.ia64.rpm
9e7b9754a77d136636c6d35f932fcc86 mozilla-nss-devel-1.4.3-3.0.4.ia64.rpm
ppc:
7cced64ddef3f5f449bc93bf1d2fe2de mozilla-1.4.3-3.0.4.ppc.rpm
4c1754389a897376b33f4eedfc307fbd mozilla-chat-1.4.3-3.0.4.ppc.rpm
781272325efec348c82bf9f13f2b1c01 mozilla-devel-1.4.3-3.0.4.ppc.rpm
21bca14e1c7debc4517762c42ea0af18 mozilla-dom-inspector-1.4.3-3.0.4.ppc.rpm
267b1669158b9ae70d8a216bedd8ab3d mozilla-js-debugger-1.4.3-3.0.4.ppc.rpm
fe897ea969605ea7b7b8c65cfbca5837 mozilla-mail-1.4.3-3.0.4.ppc.rpm
850877d573ac4c3c246be7bac1d0ae9e mozilla-nspr-1.4.3-3.0.4.ppc.rpm
736e608b4ff8802fa2ff156149399b79 mozilla-nspr-devel-1.4.3-3.0.4.ppc.rpm
1e0c30c752fff593fb0b7ccc56d72a3b mozilla-nss-1.4.3-3.0.4.ppc.rpm
e23c2cd94df856a5a852c090a5f935b9 mozilla-nss-devel-1.4.3-3.0.4.ppc.rpm
s390:
f509c61bed2d17bb777e26c362dc7d3c mozilla-1.4.3-3.0.4.s390.rpm
2adcad1473851141f73d847b9ea8658b mozilla-chat-1.4.3-3.0.4.s390.rpm
aa87922bcf00504f4433b05f08c9880a mozilla-devel-1.4.3-3.0.4.s390.rpm
bd57c23e7c4348f05ab7e3d8d1a209c3 mozilla-dom-inspector-1.4.3-3.0.4.s390.rpm
f1827ae1bfb53d7e334b0f50351d2733 mozilla-js-debugger-1.4.3-3.0.4.s390.rpm
f4013dbd4fb1fdb5d66f2d059aeeaf65 mozilla-mail-1.4.3-3.0.4.s390.rpm
e8f1f5dff953ad3e4bebeb3720034870 mozilla-nspr-1.4.3-3.0.4.s390.rpm
7b7073e954a3806af5190c6022a33846 mozilla-nspr-devel-1.4.3-3.0.4.s390.rpm
34bf96dc6d7c74e118eca502d639619f mozilla-nss-1.4.3-3.0.4.s390.rpm
995dd5f501ce1849843b4b0b8b7e362e mozilla-nss-devel-1.4.3-3.0.4.s390.rpm
s390x:
42e7bbd941624c0d5f78a2daaef77a36 mozilla-1.4.3-3.0.4.s390x.rpm
452d26a8fe47ce1ae6519a3fe0f69fd6 mozilla-chat-1.4.3-3.0.4.s390x.rpm
9107c76c5feba6761df5eb0c05e361e6 mozilla-devel-1.4.3-3.0.4.s390x.rpm
2d2bcee4e192763a6fa6e1b9c0020e46 mozilla-dom-inspector-1.4.3-3.0.4.s390x.rpm
4b314a8025478ceea7643f1afbcbc3d4 mozilla-js-debugger-1.4.3-3.0.4.s390x.rpm
2ec20f1e7645e5e3a5bf9774dfcbcb9a mozilla-mail-1.4.3-3.0.4.s390x.rpm
08a8ad7f957bf7758f0eb25de18cdae3 mozilla-nspr-1.4.3-3.0.4.s390x.rpm
7e8b974544b0f496a76cb69464b87c22 mozilla-nspr-devel-1.4.3-3.0.4.s390x.rpm
2df9052e3d468aae9fec4a87c5ec1fab mozilla-nss-1.4.3-3.0.4.s390x.rpm
46568a244360960aa670751c2feab9d7 mozilla-nss-devel-1.4.3-3.0.4.s390x.rpm
x86_64:
02f35e9307a780aaf4394db84c924fe7 mozilla-1.4.3-3.0.4.x86_64.rpm
ed34cad577e7a2ec43b73155662c3823 mozilla-1.4.3-3.0.4.i386.rpm
eba11930db2fd0105bd960970db013db mozilla-chat-1.4.3-3.0.4.x86_64.rpm
76e5e88cc598f0a7e4507beeb519290c mozilla-devel-1.4.3-3.0.4.x86_64.rpm
e7e8dcc47f550d61e3cef3d350726c4b mozilla-dom-inspector-1.4.3-3.0.4.x86_64.rpm
df5183bafcdb220fa4ed9ce7bad36f5a mozilla-js-debugger-1.4.3-3.0.4.x86_64.rpm
4e15297548c9b21f595fe6bbd3e51e48 mozilla-mail-1.4.3-3.0.4.x86_64.rpm
38e9db5a3bc1092e83bb2f8820235100 mozilla-nspr-1.4.3-3.0.4.x86_64.rpm
dfa30f1286bab6f24603e1947314567f mozilla-nspr-1.4.3-3.0.4.i386.rpm
96f6b2eca2afe2fa512f494d138fa327 mozilla-nspr-devel-1.4.3-3.0.4.x86_64.rpm
13aae14a38c165a32b123b2e84af5ee7 mozilla-nss-1.4.3-3.0.4.x86_64.rpm
b3165005cd23d7cb33024f67de209cc1 mozilla-nss-1.4.3-3.0.4.i386.rpm
c679a873dad6b08eb47f69c871bb04b9 mozilla-nss-devel-1.4.3-3.0.4.x86_64.rpm
Red Hat Desktop version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/mozilla-1.4.3-3.0.4.src.rpm
c8db78ffe83ebd4a0e935a4c5287a509 mozilla-1.4.3-3.0.4.src.rpm
i386:
ed34cad577e7a2ec43b73155662c3823 mozilla-1.4.3-3.0.4.i386.rpm
30035e1900b293f3c01f5441e5b3486d mozilla-chat-1.4.3-3.0.4.i386.rpm
e2f44df2fa7ac76f50c419ad7415c898 mozilla-devel-1.4.3-3.0.4.i386.rpm
fe6c46344d57ac89a453edab1e2a249a mozilla-dom-inspector-1.4.3-3.0.4.i386.rpm
0ae9c284917a0813202d13977ebc23d8 mozilla-js-debugger-1.4.3-3.0.4.i386.rpm
9682e260d658b97c748b34bb5a52c1ee mozilla-mail-1.4.3-3.0.4.i386.rpm
dfa30f1286bab6f24603e1947314567f mozilla-nspr-1.4.3-3.0.4.i386.rpm
488703befef51e466079b462c02094c7 mozilla-nspr-devel-1.4.3-3.0.4.i386.rpm
b3165005cd23d7cb33024f67de209cc1 mozilla-nss-1.4.3-3.0.4.i386.rpm
0daea4b62934c4825267bdfa57121d9d mozilla-nss-devel-1.4.3-3.0.4.i386.rpm
x86_64:
02f35e9307a780aaf4394db84c924fe7 mozilla-1.4.3-3.0.4.x86_64.rpm
ed34cad577e7a2ec43b73155662c3823 mozilla-1.4.3-3.0.4.i386.rpm
eba11930db2fd0105bd960970db013db mozilla-chat-1.4.3-3.0.4.x86_64.rpm
76e5e88cc598f0a7e4507beeb519290c mozilla-devel-1.4.3-3.0.4.x86_64.rpm
e7e8dcc47f550d61e3cef3d350726c4b mozilla-dom-inspector-1.4.3-3.0.4.x86_64.rpm
df5183bafcdb220fa4ed9ce7bad36f5a mozilla-js-debugger-1.4.3-3.0.4.x86_64.rpm
4e15297548c9b21f595fe6bbd3e51e48 mozilla-mail-1.4.3-3.0.4.x86_64.rpm
38e9db5a3bc1092e83bb2f8820235100 mozilla-nspr-1.4.3-3.0.4.x86_64.rpm
dfa30f1286bab6f24603e1947314567f mozilla-nspr-1.4.3-3.0.4.i386.rpm
96f6b2eca2afe2fa512f494d138fa327 mozilla-nspr-devel-1.4.3-3.0.4.x86_64.rpm
13aae14a38c165a32b123b2e84af5ee7 mozilla-nss-1.4.3-3.0.4.x86_64.rpm
b3165005cd23d7cb33024f67de209cc1 mozilla-nss-1.4.3-3.0.4.i386.rpm
c679a873dad6b08eb47f69c871bb04b9 mozilla-nss-devel-1.4.3-3.0.4.x86_64.rpm
Red Hat Enterprise Linux ES version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/mozilla-1.4.3-3.0.4.src.rpm
c8db78ffe83ebd4a0e935a4c5287a509 mozilla-1.4.3-3.0.4.src.rpm
i386:
ed34cad577e7a2ec43b73155662c3823 mozilla-1.4.3-3.0.4.i386.rpm
30035e1900b293f3c01f5441e5b3486d mozilla-chat-1.4.3-3.0.4.i386.rpm
e2f44df2fa7ac76f50c419ad7415c898 mozilla-devel-1.4.3-3.0.4.i386.rpm
fe6c46344d57ac89a453edab1e2a249a mozilla-dom-inspector-1.4.3-3.0.4.i386.rpm
0ae9c284917a0813202d13977ebc23d8 mozilla-js-debugger-1.4.3-3.0.4.i386.rpm
9682e260d658b97c748b34bb5a52c1ee mozilla-mail-1.4.3-3.0.4.i386.rpm
dfa30f1286bab6f24603e1947314567f mozilla-nspr-1.4.3-3.0.4.i386.rpm
488703befef51e466079b462c02094c7 mozilla-nspr-devel-1.4.3-3.0.4.i386.rpm
b3165005cd23d7cb33024f67de209cc1 mozilla-nss-1.4.3-3.0.4.i386.rpm
0daea4b62934c4825267bdfa57121d9d mozilla-nss-devel-1.4.3-3.0.4.i386.rpm
ia64:
764f44795fae70df98eb784cfc24cb61 mozilla-1.4.3-3.0.4.ia64.rpm
498f1bc992269627837acfd9fb5c1c16 mozilla-chat-1.4.3-3.0.4.ia64.rpm
3c0e32e6dfd33b5b42d6ceecfc0e5d5a mozilla-devel-1.4.3-3.0.4.ia64.rpm
4a67ebbcb89f5e8add363f47a657d6df mozilla-dom-inspector-1.4.3-3.0.4.ia64.rpm
445ed37eb27214ef386114fe97d15ef9 mozilla-js-debugger-1.4.3-3.0.4.ia64.rpm
618d5c39e66f2ff6a2ca461647b91fa2 mozilla-mail-1.4.3-3.0.4.ia64.rpm
5927274883eaa60f10ec714085d22a48 mozilla-nspr-1.4.3-3.0.4.ia64.rpm
83f18ec8692a9f309737efbb502ae5b9 mozilla-nspr-devel-1.4.3-3.0.4.ia64.rpm
dcd233f7708eb136a18ab6070d028592 mozilla-nss-1.4.3-3.0.4.ia64.rpm
9e7b9754a77d136636c6d35f932fcc86 mozilla-nss-devel-1.4.3-3.0.4.ia64.rpm
x86_64:
02f35e9307a780aaf4394db84c924fe7 mozilla-1.4.3-3.0.4.x86_64.rpm
ed34cad577e7a2ec43b73155662c3823 mozilla-1.4.3-3.0.4.i386.rpm
eba11930db2fd0105bd960970db013db mozilla-chat-1.4.3-3.0.4.x86_64.rpm
76e5e88cc598f0a7e4507beeb519290c mozilla-devel-1.4.3-3.0.4.x86_64.rpm
e7e8dcc47f550d61e3cef3d350726c4b mozilla-dom-inspector-1.4.3-3.0.4.x86_64.rpm
df5183bafcdb220fa4ed9ce7bad36f5a mozilla-js-debugger-1.4.3-3.0.4.x86_64.rpm
4e15297548c9b21f595fe6bbd3e51e48 mozilla-mail-1.4.3-3.0.4.x86_64.rpm
38e9db5a3bc1092e83bb2f8820235100 mozilla-nspr-1.4.3-3.0.4.x86_64.rpm
dfa30f1286bab6f24603e1947314567f mozilla-nspr-1.4.3-3.0.4.i386.rpm
96f6b2eca2afe2fa512f494d138fa327 mozilla-nspr-devel-1.4.3-3.0.4.x86_64.rpm
13aae14a38c165a32b123b2e84af5ee7 mozilla-nss-1.4.3-3.0.4.x86_64.rpm
b3165005cd23d7cb33024f67de209cc1 mozilla-nss-1.4.3-3.0.4.i386.rpm
c679a873dad6b08eb47f69c871bb04b9 mozilla-nss-devel-1.4.3-3.0.4.x86_64.rpm
Red Hat Enterprise Linux WS version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/mozilla-1.4.3-3.0.4.src.rpm
c8db78ffe83ebd4a0e935a4c5287a509 mozilla-1.4.3-3.0.4.src.rpm
i386:
ed34cad577e7a2ec43b73155662c3823 mozilla-1.4.3-3.0.4.i386.rpm
30035e1900b293f3c01f5441e5b3486d mozilla-chat-1.4.3-3.0.4.i386.rpm
e2f44df2fa7ac76f50c419ad7415c898 mozilla-devel-1.4.3-3.0.4.i386.rpm
fe6c46344d57ac89a453edab1e2a249a mozilla-dom-inspector-1.4.3-3.0.4.i386.rpm
0ae9c284917a0813202d13977ebc23d8 mozilla-js-debugger-1.4.3-3.0.4.i386.rpm
9682e260d658b97c748b34bb5a52c1ee mozilla-mail-1.4.3-3.0.4.i386.rpm
dfa30f1286bab6f24603e1947314567f mozilla-nspr-1.4.3-3.0.4.i386.rpm
488703befef51e466079b462c02094c7 mozilla-nspr-devel-1.4.3-3.0.4.i386.rpm
b3165005cd23d7cb33024f67de209cc1 mozilla-nss-1.4.3-3.0.4.i386.rpm
0daea4b62934c4825267bdfa57121d9d mozilla-nss-devel-1.4.3-3.0.4.i386.rpm
ia64:
764f44795fae70df98eb784cfc24cb61 mozilla-1.4.3-3.0.4.ia64.rpm
498f1bc992269627837acfd9fb5c1c16 mozilla-chat-1.4.3-3.0.4.ia64.rpm
3c0e32e6dfd33b5b42d6ceecfc0e5d5a mozilla-devel-1.4.3-3.0.4.ia64.rpm
4a67ebbcb89f5e8add363f47a657d6df mozilla-dom-inspector-1.4.3-3.0.4.ia64.rpm
445ed37eb27214ef386114fe97d15ef9 mozilla-js-debugger-1.4.3-3.0.4.ia64.rpm
618d5c39e66f2ff6a2ca461647b91fa2 mozilla-mail-1.4.3-3.0.4.ia64.rpm
5927274883eaa60f10ec714085d22a48 mozilla-nspr-1.4.3-3.0.4.ia64.rpm
83f18ec8692a9f309737efbb502ae5b9 mozilla-nspr-devel-1.4.3-3.0.4.ia64.rpm
dcd233f7708eb136a18ab6070d028592 mozilla-nss-1.4.3-3.0.4.ia64.rpm
9e7b9754a77d136636c6d35f932fcc86 mozilla-nss-devel-1.4.3-3.0.4.ia64.rpm
x86_64:
02f35e9307a780aaf4394db84c924fe7 mozilla-1.4.3-3.0.4.x86_64.rpm
ed34cad577e7a2ec43b73155662c3823 mozilla-1.4.3-3.0.4.i386.rpm
eba11930db2fd0105bd960970db013db mozilla-chat-1.4.3-3.0.4.x86_64.rpm
76e5e88cc598f0a7e4507beeb519290c mozilla-devel-1.4.3-3.0.4.x86_64.rpm
e7e8dcc47f550d61e3cef3d350726c4b mozilla-dom-inspector-1.4.3-3.0.4.x86_64.rpm
df5183bafcdb220fa4ed9ce7bad36f5a mozilla-js-debugger-1.4.3-3.0.4.x86_64.rpm
4e15297548c9b21f595fe6bbd3e51e48 mozilla-mail-1.4.3-3.0.4.x86_64.rpm
38e9db5a3bc1092e83bb2f8820235100 mozilla-nspr-1.4.3-3.0.4.x86_64.rpm
dfa30f1286bab6f24603e1947314567f mozilla-nspr-1.4.3-3.0.4.i386.rpm
96f6b2eca2afe2fa512f494d138fa327 mozilla-nspr-devel-1.4.3-3.0.4.x86_64.rpm
13aae14a38c165a32b123b2e84af5ee7 mozilla-nss-1.4.3-3.0.4.x86_64.rpm
b3165005cd23d7cb33024f67de209cc1 mozilla-nss-1.4.3-3.0.4.i386.rpm
c679a873dad6b08eb47f69c871bb04b9 mozilla-nss-devel-1.4.3-3.0.4.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key.html#package
7. References:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3
http://secunia.com/advisories/12526/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0902
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0903
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0904
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0905
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0908
8. Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://www.redhat.com/security/team/contact.html
Copyright 2004 Red Hat, Inc.
----------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Updated mozilla packages fix security issues
Advisory ID: RHSA-2004:486-01
Issue date: 2004-09-30
Updated on: 2004-09-30
Product: Red Hat Enterprise Linux
CVE Names: CAN-2004-0902 CAN-2004-0903 CAN-2004-0904 CAN-2004-0905 CAN-2004-0908
----------------------------------------------------------------------
1. Summary:
Updated mozilla packages that fix a number of security issues are now available.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
3. Problem description:
Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor.
Jesse Ruderman discovered a cross-domain scripting bug in Mozilla. If a user is tricked into dragging a javascript link into another frame or page, it becomes possible for an attacker to steal or modify sensitive information from that site. Additionally, if a user is tricked into dragging two links in sequence to another window (not frame), it is possible for the attacker to execute arbitrary commands. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0905 to this issue.
Gael Delalleau discovered an integer overflow which affects the BMP handling code inside Mozilla. An attacker could create a carefully crafted BMP file in such a way that it would cause Mozilla to crash or execute arbitrary code when the image is viewed. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0904 to this issue.
Georgi Guninski discovered a stack-based buffer overflow in the vCard display routines. An attacker could create a carefully crafted vCard file in such a way that it would cause Mozilla to crash or execute arbitrary code when viewed. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0903 to this issue.
Wladimir Palant discovered a flaw in the way javascript interacts with the clipboard. It is possible that an attacker could use malicious javascript code to steal sensitive data which has been copied into the clipboard. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0908 to this issue.
Georgi Guninski discovered a heap based buffer overflow in the "Send Page" feature. It is possible that an attacker could construct a link in such a way that a user attempting to forward it could result in a crash or arbitrary code execution. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0902 to this issue.
Users of Mozilla should update to these updated packages, which contain backported patches and are not vulnerable to these issues.
4. Solution:
Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system:
http://www.redhat.com/docs/manuals/enterprise/
5. Bug IDs fixed (http://bugzilla.redhat.com/ for more info):
133023 - CAN-2004-0902 "send page" heap based buffer overflow
133024 - CAN-2004-0902 "send page" heap based buffer overflow
133022 - CAN-2004-0908 javascript clipboard information leakage
133021 - CAN-2004-0908 javascript clipboard information leakage
133017 - CAN-2004-0903 VCard buffer overflow
133016 - CAN-2004-0903 VCard buffer overflow
133015 - CAN-2004-0904 BMP integer overflows
133014 - CAN-2004-0904 BMP integer overflows
133013 - CAN-2004-0905 javascript link dragging information leak
133012 - CAN-2004-0905 javascript link dragging information leak
6. RPMs required:
Red Hat Enterprise Linux AS (Advanced Server) version 2.1:
SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/galeon-1.2.13-5.2.1.src.rpm
38d208921a49cdba604bb43913abe051 galeon-1.2.13-5.2.1.src.rpm
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/mozilla-1.4.3-2.1.4.src.rpm
1df0013c48248d17778fc1551ff15dad mozilla-1.4.3-2.1.4.src.rpm
i386:
0113f2b2e33551ddae0b48ede67b31e6 galeon-1.2.13-5.2.1.i386.rpm
fea3285b8dd5da3a3bb611a7d5738d0b mozilla-1.4.3-2.1.4.i386.rpm
a89a3550a7773de347018c8a463027cb mozilla-chat-1.4.3-2.1.4.i386.rpm
b57acd6332cb88d652a3cc41b5f9c527 mozilla-devel-1.4.3-2.1.4.i386.rpm
8bea20265ab364b52d6fd361bf23d190 mozilla-dom-inspector-1.4.3-2.1.4.i386.rpm
4bfcd1dd7b588edf2052efc9e8f6326a mozilla-js-debugger-1.4.3-2.1.4.i386.rpm
9c512ae1ecc4c8efe7a9684465b8b871 mozilla-mail-1.4.3-2.1.4.i386.rpm
1e7977951fc2c8c69e03b50377f2398d mozilla-nspr-1.4.3-2.1.4.i386.rpm
c268cd8846a17b8cc7aee6a3d50f9c9c mozilla-nspr-devel-1.4.3-2.1.4.i386.rpm
69cc833f9d5a469b258a474e1ebc9ddf mozilla-nss-1.4.3-2.1.4.i386.rpm
891300626fafc05a8cd371f8b256dd15 mozilla-nss-devel-1.4.3-2.1.4.i386.rpm
ia64:
fcb96e9637ce3b6dfe17a0171d15a50c galeon-1.2.13-5.2.1.ia64.rpm
6c4a5d7e011e56e4aa1018ae7e705b57 mozilla-1.4.3-2.1.4.ia64.rpm
0eee8252025e7d702b91df5660ee34ef mozilla-chat-1.4.3-2.1.4.ia64.rpm
529225b13b9aae00118083bbef99834d mozilla-devel-1.4.3-2.1.4.ia64.rpm
0dcd345bd8163775000a77126668a4d8 mozilla-dom-inspector-1.4.3-2.1.4.ia64.rpm
17761fdf3bc78ededd68ca4c6e26ae2e mozilla-js-debugger-1.4.3-2.1.4.ia64.rpm
8f804d0ac0d0d2755b557226f488dca2 mozilla-mail-1.4.3-2.1.4.ia64.rpm
da89647961a2ebde1270b6789bca51b8 mozilla-nspr-1.4.3-2.1.4.ia64.rpm
870ae30ec76b4cb4eaa6bb2002c50b83 mozilla-nspr-devel-1.4.3-2.1.4.ia64.rpm
8a3ee63abfb58c99c0dd45c37bb0fffb mozilla-nss-1.4.3-2.1.4.ia64.rpm
e5b52d933f797a5fb5b815bc75427b2e mozilla-nss-devel-1.4.3-2.1.4.ia64.rpm
Red Hat Linux Advanced Workstation 2.1:
SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/galeon-1.2.13-5.2.1.src.rpm
38d208921a49cdba604bb43913abe051 galeon-1.2.13-5.2.1.src.rpm
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/mozilla-1.4.3-2.1.4.src.rpm
1df0013c48248d17778fc1551ff15dad mozilla-1.4.3-2.1.4.src.rpm
ia64:
fcb96e9637ce3b6dfe17a0171d15a50c galeon-1.2.13-5.2.1.ia64.rpm
6c4a5d7e011e56e4aa1018ae7e705b57 mozilla-1.4.3-2.1.4.ia64.rpm
0eee8252025e7d702b91df5660ee34ef mozilla-chat-1.4.3-2.1.4.ia64.rpm
529225b13b9aae00118083bbef99834d mozilla-devel-1.4.3-2.1.4.ia64.rpm
0dcd345bd8163775000a77126668a4d8 mozilla-dom-inspector-1.4.3-2.1.4.ia64.rpm
17761fdf3bc78ededd68ca4c6e26ae2e mozilla-js-debugger-1.4.3-2.1.4.ia64.rpm
8f804d0ac0d0d2755b557226f488dca2 mozilla-mail-1.4.3-2.1.4.ia64.rpm
da89647961a2ebde1270b6789bca51b8 mozilla-nspr-1.4.3-2.1.4.ia64.rpm
870ae30ec76b4cb4eaa6bb2002c50b83 mozilla-nspr-devel-1.4.3-2.1.4.ia64.rpm
8a3ee63abfb58c99c0dd45c37bb0fffb mozilla-nss-1.4.3-2.1.4.ia64.rpm
e5b52d933f797a5fb5b815bc75427b2e mozilla-nss-devel-1.4.3-2.1.4.ia64.rpm
Red Hat Enterprise Linux ES version 2.1:
SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/galeon-1.2.13-5.2.1.src.rpm
38d208921a49cdba604bb43913abe051 galeon-1.2.13-5.2.1.src.rpm
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/mozilla-1.4.3-2.1.4.src.rpm
1df0013c48248d17778fc1551ff15dad mozilla-1.4.3-2.1.4.src.rpm
i386:
0113f2b2e33551ddae0b48ede67b31e6 galeon-1.2.13-5.2.1.i386.rpm
fea3285b8dd5da3a3bb611a7d5738d0b mozilla-1.4.3-2.1.4.i386.rpm
a89a3550a7773de347018c8a463027cb mozilla-chat-1.4.3-2.1.4.i386.rpm
b57acd6332cb88d652a3cc41b5f9c527 mozilla-devel-1.4.3-2.1.4.i386.rpm
8bea20265ab364b52d6fd361bf23d190 mozilla-dom-inspector-1.4.3-2.1.4.i386.rpm
4bfcd1dd7b588edf2052efc9e8f6326a mozilla-js-debugger-1.4.3-2.1.4.i386.rpm
9c512ae1ecc4c8efe7a9684465b8b871 mozilla-mail-1.4.3-2.1.4.i386.rpm
1e7977951fc2c8c69e03b50377f2398d mozilla-nspr-1.4.3-2.1.4.i386.rpm
c268cd8846a17b8cc7aee6a3d50f9c9c mozilla-nspr-devel-1.4.3-2.1.4.i386.rpm
69cc833f9d5a469b258a474e1ebc9ddf mozilla-nss-1.4.3-2.1.4.i386.rpm
891300626fafc05a8cd371f8b256dd15 mozilla-nss-devel-1.4.3-2.1.4.i386.rpm
Red Hat Enterprise Linux WS version 2.1:
SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/galeon-1.2.13-5.2.1.src.rpm
38d208921a49cdba604bb43913abe051 galeon-1.2.13-5.2.1.src.rpm
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/mozilla-1.4.3-2.1.4.src.rpm
1df0013c48248d17778fc1551ff15dad mozilla-1.4.3-2.1.4.src.rpm
i386:
0113f2b2e33551ddae0b48ede67b31e6 galeon-1.2.13-5.2.1.i386.rpm
fea3285b8dd5da3a3bb611a7d5738d0b mozilla-1.4.3-2.1.4.i386.rpm
a89a3550a7773de347018c8a463027cb mozilla-chat-1.4.3-2.1.4.i386.rpm
b57acd6332cb88d652a3cc41b5f9c527 mozilla-devel-1.4.3-2.1.4.i386.rpm
8bea20265ab364b52d6fd361bf23d190 mozilla-dom-inspector-1.4.3-2.1.4.i386.rpm
4bfcd1dd7b588edf2052efc9e8f6326a mozilla-js-debugger-1.4.3-2.1.4.i386.rpm
9c512ae1ecc4c8efe7a9684465b8b871 mozilla-mail-1.4.3-2.1.4.i386.rpm
1e7977951fc2c8c69e03b50377f2398d mozilla-nspr-1.4.3-2.1.4.i386.rpm
c268cd8846a17b8cc7aee6a3d50f9c9c mozilla-nspr-devel-1.4.3-2.1.4.i386.rpm
69cc833f9d5a469b258a474e1ebc9ddf mozilla-nss-1.4.3-2.1.4.i386.rpm
891300626fafc05a8cd371f8b256dd15 mozilla-nss-devel-1.4.3-2.1.4.i386.rpm
Red Hat Enterprise Linux AS version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/mozilla-1.4.3-3.0.4.src.rpm
c8db78ffe83ebd4a0e935a4c5287a509 mozilla-1.4.3-3.0.4.src.rpm
i386:
ed34cad577e7a2ec43b73155662c3823 mozilla-1.4.3-3.0.4.i386.rpm
30035e1900b293f3c01f5441e5b3486d mozilla-chat-1.4.3-3.0.4.i386.rpm
e2f44df2fa7ac76f50c419ad7415c898 mozilla-devel-1.4.3-3.0.4.i386.rpm
fe6c46344d57ac89a453edab1e2a249a mozilla-dom-inspector-1.4.3-3.0.4.i386.rpm
0ae9c284917a0813202d13977ebc23d8 mozilla-js-debugger-1.4.3-3.0.4.i386.rpm
9682e260d658b97c748b34bb5a52c1ee mozilla-mail-1.4.3-3.0.4.i386.rpm
dfa30f1286bab6f24603e1947314567f mozilla-nspr-1.4.3-3.0.4.i386.rpm
488703befef51e466079b462c02094c7 mozilla-nspr-devel-1.4.3-3.0.4.i386.rpm
b3165005cd23d7cb33024f67de209cc1 mozilla-nss-1.4.3-3.0.4.i386.rpm
0daea4b62934c4825267bdfa57121d9d mozilla-nss-devel-1.4.3-3.0.4.i386.rpm
ia64:
764f44795fae70df98eb784cfc24cb61 mozilla-1.4.3-3.0.4.ia64.rpm
498f1bc992269627837acfd9fb5c1c16 mozilla-chat-1.4.3-3.0.4.ia64.rpm
3c0e32e6dfd33b5b42d6ceecfc0e5d5a mozilla-devel-1.4.3-3.0.4.ia64.rpm
4a67ebbcb89f5e8add363f47a657d6df mozilla-dom-inspector-1.4.3-3.0.4.ia64.rpm
445ed37eb27214ef386114fe97d15ef9 mozilla-js-debugger-1.4.3-3.0.4.ia64.rpm
618d5c39e66f2ff6a2ca461647b91fa2 mozilla-mail-1.4.3-3.0.4.ia64.rpm
5927274883eaa60f10ec714085d22a48 mozilla-nspr-1.4.3-3.0.4.ia64.rpm
83f18ec8692a9f309737efbb502ae5b9 mozilla-nspr-devel-1.4.3-3.0.4.ia64.rpm
dcd233f7708eb136a18ab6070d028592 mozilla-nss-1.4.3-3.0.4.ia64.rpm
9e7b9754a77d136636c6d35f932fcc86 mozilla-nss-devel-1.4.3-3.0.4.ia64.rpm
ppc:
7cced64ddef3f5f449bc93bf1d2fe2de mozilla-1.4.3-3.0.4.ppc.rpm
4c1754389a897376b33f4eedfc307fbd mozilla-chat-1.4.3-3.0.4.ppc.rpm
781272325efec348c82bf9f13f2b1c01 mozilla-devel-1.4.3-3.0.4.ppc.rpm
21bca14e1c7debc4517762c42ea0af18 mozilla-dom-inspector-1.4.3-3.0.4.ppc.rpm
267b1669158b9ae70d8a216bedd8ab3d mozilla-js-debugger-1.4.3-3.0.4.ppc.rpm
fe897ea969605ea7b7b8c65cfbca5837 mozilla-mail-1.4.3-3.0.4.ppc.rpm
850877d573ac4c3c246be7bac1d0ae9e mozilla-nspr-1.4.3-3.0.4.ppc.rpm
736e608b4ff8802fa2ff156149399b79 mozilla-nspr-devel-1.4.3-3.0.4.ppc.rpm
1e0c30c752fff593fb0b7ccc56d72a3b mozilla-nss-1.4.3-3.0.4.ppc.rpm
e23c2cd94df856a5a852c090a5f935b9 mozilla-nss-devel-1.4.3-3.0.4.ppc.rpm
s390:
f509c61bed2d17bb777e26c362dc7d3c mozilla-1.4.3-3.0.4.s390.rpm
2adcad1473851141f73d847b9ea8658b mozilla-chat-1.4.3-3.0.4.s390.rpm
aa87922bcf00504f4433b05f08c9880a mozilla-devel-1.4.3-3.0.4.s390.rpm
bd57c23e7c4348f05ab7e3d8d1a209c3 mozilla-dom-inspector-1.4.3-3.0.4.s390.rpm
f1827ae1bfb53d7e334b0f50351d2733 mozilla-js-debugger-1.4.3-3.0.4.s390.rpm
f4013dbd4fb1fdb5d66f2d059aeeaf65 mozilla-mail-1.4.3-3.0.4.s390.rpm
e8f1f5dff953ad3e4bebeb3720034870 mozilla-nspr-1.4.3-3.0.4.s390.rpm
7b7073e954a3806af5190c6022a33846 mozilla-nspr-devel-1.4.3-3.0.4.s390.rpm
34bf96dc6d7c74e118eca502d639619f mozilla-nss-1.4.3-3.0.4.s390.rpm
995dd5f501ce1849843b4b0b8b7e362e mozilla-nss-devel-1.4.3-3.0.4.s390.rpm
s390x:
42e7bbd941624c0d5f78a2daaef77a36 mozilla-1.4.3-3.0.4.s390x.rpm
452d26a8fe47ce1ae6519a3fe0f69fd6 mozilla-chat-1.4.3-3.0.4.s390x.rpm
9107c76c5feba6761df5eb0c05e361e6 mozilla-devel-1.4.3-3.0.4.s390x.rpm
2d2bcee4e192763a6fa6e1b9c0020e46 mozilla-dom-inspector-1.4.3-3.0.4.s390x.rpm
4b314a8025478ceea7643f1afbcbc3d4 mozilla-js-debugger-1.4.3-3.0.4.s390x.rpm
2ec20f1e7645e5e3a5bf9774dfcbcb9a mozilla-mail-1.4.3-3.0.4.s390x.rpm
08a8ad7f957bf7758f0eb25de18cdae3 mozilla-nspr-1.4.3-3.0.4.s390x.rpm
7e8b974544b0f496a76cb69464b87c22 mozilla-nspr-devel-1.4.3-3.0.4.s390x.rpm
2df9052e3d468aae9fec4a87c5ec1fab mozilla-nss-1.4.3-3.0.4.s390x.rpm
46568a244360960aa670751c2feab9d7 mozilla-nss-devel-1.4.3-3.0.4.s390x.rpm
x86_64:
02f35e9307a780aaf4394db84c924fe7 mozilla-1.4.3-3.0.4.x86_64.rpm
ed34cad577e7a2ec43b73155662c3823 mozilla-1.4.3-3.0.4.i386.rpm
eba11930db2fd0105bd960970db013db mozilla-chat-1.4.3-3.0.4.x86_64.rpm
76e5e88cc598f0a7e4507beeb519290c mozilla-devel-1.4.3-3.0.4.x86_64.rpm
e7e8dcc47f550d61e3cef3d350726c4b mozilla-dom-inspector-1.4.3-3.0.4.x86_64.rpm
df5183bafcdb220fa4ed9ce7bad36f5a mozilla-js-debugger-1.4.3-3.0.4.x86_64.rpm
4e15297548c9b21f595fe6bbd3e51e48 mozilla-mail-1.4.3-3.0.4.x86_64.rpm
38e9db5a3bc1092e83bb2f8820235100 mozilla-nspr-1.4.3-3.0.4.x86_64.rpm
dfa30f1286bab6f24603e1947314567f mozilla-nspr-1.4.3-3.0.4.i386.rpm
96f6b2eca2afe2fa512f494d138fa327 mozilla-nspr-devel-1.4.3-3.0.4.x86_64.rpm
13aae14a38c165a32b123b2e84af5ee7 mozilla-nss-1.4.3-3.0.4.x86_64.rpm
b3165005cd23d7cb33024f67de209cc1 mozilla-nss-1.4.3-3.0.4.i386.rpm
c679a873dad6b08eb47f69c871bb04b9 mozilla-nss-devel-1.4.3-3.0.4.x86_64.rpm
Red Hat Desktop version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/mozilla-1.4.3-3.0.4.src.rpm
c8db78ffe83ebd4a0e935a4c5287a509 mozilla-1.4.3-3.0.4.src.rpm
i386:
ed34cad577e7a2ec43b73155662c3823 mozilla-1.4.3-3.0.4.i386.rpm
30035e1900b293f3c01f5441e5b3486d mozilla-chat-1.4.3-3.0.4.i386.rpm
e2f44df2fa7ac76f50c419ad7415c898 mozilla-devel-1.4.3-3.0.4.i386.rpm
fe6c46344d57ac89a453edab1e2a249a mozilla-dom-inspector-1.4.3-3.0.4.i386.rpm
0ae9c284917a0813202d13977ebc23d8 mozilla-js-debugger-1.4.3-3.0.4.i386.rpm
9682e260d658b97c748b34bb5a52c1ee mozilla-mail-1.4.3-3.0.4.i386.rpm
dfa30f1286bab6f24603e1947314567f mozilla-nspr-1.4.3-3.0.4.i386.rpm
488703befef51e466079b462c02094c7 mozilla-nspr-devel-1.4.3-3.0.4.i386.rpm
b3165005cd23d7cb33024f67de209cc1 mozilla-nss-1.4.3-3.0.4.i386.rpm
0daea4b62934c4825267bdfa57121d9d mozilla-nss-devel-1.4.3-3.0.4.i386.rpm
x86_64:
02f35e9307a780aaf4394db84c924fe7 mozilla-1.4.3-3.0.4.x86_64.rpm
ed34cad577e7a2ec43b73155662c3823 mozilla-1.4.3-3.0.4.i386.rpm
eba11930db2fd0105bd960970db013db mozilla-chat-1.4.3-3.0.4.x86_64.rpm
76e5e88cc598f0a7e4507beeb519290c mozilla-devel-1.4.3-3.0.4.x86_64.rpm
e7e8dcc47f550d61e3cef3d350726c4b mozilla-dom-inspector-1.4.3-3.0.4.x86_64.rpm
df5183bafcdb220fa4ed9ce7bad36f5a mozilla-js-debugger-1.4.3-3.0.4.x86_64.rpm
4e15297548c9b21f595fe6bbd3e51e48 mozilla-mail-1.4.3-3.0.4.x86_64.rpm
38e9db5a3bc1092e83bb2f8820235100 mozilla-nspr-1.4.3-3.0.4.x86_64.rpm
dfa30f1286bab6f24603e1947314567f mozilla-nspr-1.4.3-3.0.4.i386.rpm
96f6b2eca2afe2fa512f494d138fa327 mozilla-nspr-devel-1.4.3-3.0.4.x86_64.rpm
13aae14a38c165a32b123b2e84af5ee7 mozilla-nss-1.4.3-3.0.4.x86_64.rpm
b3165005cd23d7cb33024f67de209cc1 mozilla-nss-1.4.3-3.0.4.i386.rpm
c679a873dad6b08eb47f69c871bb04b9 mozilla-nss-devel-1.4.3-3.0.4.x86_64.rpm
Red Hat Enterprise Linux ES version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/mozilla-1.4.3-3.0.4.src.rpm
c8db78ffe83ebd4a0e935a4c5287a509 mozilla-1.4.3-3.0.4.src.rpm
i386:
ed34cad577e7a2ec43b73155662c3823 mozilla-1.4.3-3.0.4.i386.rpm
30035e1900b293f3c01f5441e5b3486d mozilla-chat-1.4.3-3.0.4.i386.rpm
e2f44df2fa7ac76f50c419ad7415c898 mozilla-devel-1.4.3-3.0.4.i386.rpm
fe6c46344d57ac89a453edab1e2a249a mozilla-dom-inspector-1.4.3-3.0.4.i386.rpm
0ae9c284917a0813202d13977ebc23d8 mozilla-js-debugger-1.4.3-3.0.4.i386.rpm
9682e260d658b97c748b34bb5a52c1ee mozilla-mail-1.4.3-3.0.4.i386.rpm
dfa30f1286bab6f24603e1947314567f mozilla-nspr-1.4.3-3.0.4.i386.rpm
488703befef51e466079b462c02094c7 mozilla-nspr-devel-1.4.3-3.0.4.i386.rpm
b3165005cd23d7cb33024f67de209cc1 mozilla-nss-1.4.3-3.0.4.i386.rpm
0daea4b62934c4825267bdfa57121d9d mozilla-nss-devel-1.4.3-3.0.4.i386.rpm
ia64:
764f44795fae70df98eb784cfc24cb61 mozilla-1.4.3-3.0.4.ia64.rpm
498f1bc992269627837acfd9fb5c1c16 mozilla-chat-1.4.3-3.0.4.ia64.rpm
3c0e32e6dfd33b5b42d6ceecfc0e5d5a mozilla-devel-1.4.3-3.0.4.ia64.rpm
4a67ebbcb89f5e8add363f47a657d6df mozilla-dom-inspector-1.4.3-3.0.4.ia64.rpm
445ed37eb27214ef386114fe97d15ef9 mozilla-js-debugger-1.4.3-3.0.4.ia64.rpm
618d5c39e66f2ff6a2ca461647b91fa2 mozilla-mail-1.4.3-3.0.4.ia64.rpm
5927274883eaa60f10ec714085d22a48 mozilla-nspr-1.4.3-3.0.4.ia64.rpm
83f18ec8692a9f309737efbb502ae5b9 mozilla-nspr-devel-1.4.3-3.0.4.ia64.rpm
dcd233f7708eb136a18ab6070d028592 mozilla-nss-1.4.3-3.0.4.ia64.rpm
9e7b9754a77d136636c6d35f932fcc86 mozilla-nss-devel-1.4.3-3.0.4.ia64.rpm
x86_64:
02f35e9307a780aaf4394db84c924fe7 mozilla-1.4.3-3.0.4.x86_64.rpm
ed34cad577e7a2ec43b73155662c3823 mozilla-1.4.3-3.0.4.i386.rpm
eba11930db2fd0105bd960970db013db mozilla-chat-1.4.3-3.0.4.x86_64.rpm
76e5e88cc598f0a7e4507beeb519290c mozilla-devel-1.4.3-3.0.4.x86_64.rpm
e7e8dcc47f550d61e3cef3d350726c4b mozilla-dom-inspector-1.4.3-3.0.4.x86_64.rpm
df5183bafcdb220fa4ed9ce7bad36f5a mozilla-js-debugger-1.4.3-3.0.4.x86_64.rpm
4e15297548c9b21f595fe6bbd3e51e48 mozilla-mail-1.4.3-3.0.4.x86_64.rpm
38e9db5a3bc1092e83bb2f8820235100 mozilla-nspr-1.4.3-3.0.4.x86_64.rpm
dfa30f1286bab6f24603e1947314567f mozilla-nspr-1.4.3-3.0.4.i386.rpm
96f6b2eca2afe2fa512f494d138fa327 mozilla-nspr-devel-1.4.3-3.0.4.x86_64.rpm
13aae14a38c165a32b123b2e84af5ee7 mozilla-nss-1.4.3-3.0.4.x86_64.rpm
b3165005cd23d7cb33024f67de209cc1 mozilla-nss-1.4.3-3.0.4.i386.rpm
c679a873dad6b08eb47f69c871bb04b9 mozilla-nss-devel-1.4.3-3.0.4.x86_64.rpm
Red Hat Enterprise Linux WS version 3:
SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/mozilla-1.4.3-3.0.4.src.rpm
c8db78ffe83ebd4a0e935a4c5287a509 mozilla-1.4.3-3.0.4.src.rpm
i386:
ed34cad577e7a2ec43b73155662c3823 mozilla-1.4.3-3.0.4.i386.rpm
30035e1900b293f3c01f5441e5b3486d mozilla-chat-1.4.3-3.0.4.i386.rpm
e2f44df2fa7ac76f50c419ad7415c898 mozilla-devel-1.4.3-3.0.4.i386.rpm
fe6c46344d57ac89a453edab1e2a249a mozilla-dom-inspector-1.4.3-3.0.4.i386.rpm
0ae9c284917a0813202d13977ebc23d8 mozilla-js-debugger-1.4.3-3.0.4.i386.rpm
9682e260d658b97c748b34bb5a52c1ee mozilla-mail-1.4.3-3.0.4.i386.rpm
dfa30f1286bab6f24603e1947314567f mozilla-nspr-1.4.3-3.0.4.i386.rpm
488703befef51e466079b462c02094c7 mozilla-nspr-devel-1.4.3-3.0.4.i386.rpm
b3165005cd23d7cb33024f67de209cc1 mozilla-nss-1.4.3-3.0.4.i386.rpm
0daea4b62934c4825267bdfa57121d9d mozilla-nss-devel-1.4.3-3.0.4.i386.rpm
ia64:
764f44795fae70df98eb784cfc24cb61 mozilla-1.4.3-3.0.4.ia64.rpm
498f1bc992269627837acfd9fb5c1c16 mozilla-chat-1.4.3-3.0.4.ia64.rpm
3c0e32e6dfd33b5b42d6ceecfc0e5d5a mozilla-devel-1.4.3-3.0.4.ia64.rpm
4a67ebbcb89f5e8add363f47a657d6df mozilla-dom-inspector-1.4.3-3.0.4.ia64.rpm
445ed37eb27214ef386114fe97d15ef9 mozilla-js-debugger-1.4.3-3.0.4.ia64.rpm
618d5c39e66f2ff6a2ca461647b91fa2 mozilla-mail-1.4.3-3.0.4.ia64.rpm
5927274883eaa60f10ec714085d22a48 mozilla-nspr-1.4.3-3.0.4.ia64.rpm
83f18ec8692a9f309737efbb502ae5b9 mozilla-nspr-devel-1.4.3-3.0.4.ia64.rpm
dcd233f7708eb136a18ab6070d028592 mozilla-nss-1.4.3-3.0.4.ia64.rpm
9e7b9754a77d136636c6d35f932fcc86 mozilla-nss-devel-1.4.3-3.0.4.ia64.rpm
x86_64:
02f35e9307a780aaf4394db84c924fe7 mozilla-1.4.3-3.0.4.x86_64.rpm
ed34cad577e7a2ec43b73155662c3823 mozilla-1.4.3-3.0.4.i386.rpm
eba11930db2fd0105bd960970db013db mozilla-chat-1.4.3-3.0.4.x86_64.rpm
76e5e88cc598f0a7e4507beeb519290c mozilla-devel-1.4.3-3.0.4.x86_64.rpm
e7e8dcc47f550d61e3cef3d350726c4b mozilla-dom-inspector-1.4.3-3.0.4.x86_64.rpm
df5183bafcdb220fa4ed9ce7bad36f5a mozilla-js-debugger-1.4.3-3.0.4.x86_64.rpm
4e15297548c9b21f595fe6bbd3e51e48 mozilla-mail-1.4.3-3.0.4.x86_64.rpm
38e9db5a3bc1092e83bb2f8820235100 mozilla-nspr-1.4.3-3.0.4.x86_64.rpm
dfa30f1286bab6f24603e1947314567f mozilla-nspr-1.4.3-3.0.4.i386.rpm
96f6b2eca2afe2fa512f494d138fa327 mozilla-nspr-devel-1.4.3-3.0.4.x86_64.rpm
13aae14a38c165a32b123b2e84af5ee7 mozilla-nss-1.4.3-3.0.4.x86_64.rpm
b3165005cd23d7cb33024f67de209cc1 mozilla-nss-1.4.3-3.0.4.i386.rpm
c679a873dad6b08eb47f69c871bb04b9 mozilla-nss-devel-1.4.3-3.0.4.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key.html#package
7. References:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3
http://secunia.com/advisories/12526/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0902
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0903
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0904
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0905
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0908
8. Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://www.redhat.com/security/team/contact.html
Copyright 2004 Red Hat, Inc.
