[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Redhat : RHN Errata Alert: Updated mozilla packages fix security issues

To: jsaska@dcs.nac.uci.edu
Subject: Redhat : RHN Errata Alert: Updated mozilla packages fix security issues
From: Distributed Computing Support <dcs@hydra.acs.uci.edu>
Date: Fri, 6 Aug 2004 09:30:17 -0700 (PDT)
Red Hat Network has determined that the following advisory is applicable to
one or more of the systems you have registered:

Complete information about this errata can be found at the following location:
     https://rhn.redhat.com/network/errata/errata_details.pxt?eid=2235

Security Advisory - RHSA-2004:421-17
------------------------------------------------------------------------------
Summary:
Updated mozilla packages fix security issues

Updated mozilla packages based on version 1.4.3 that fix a number of
security issues for Red Hat Enterprise Linux are now available.

Description:
Mozilla is an open source Web browser, advanced email and newsgroup
client, IRC chat client, and HTML editor.

A number of flaws have been found in Mozilla 1.4 that have been fixed in
the Mozilla 1.4.3 release: 

Zen Parse reported improper input validation to the SOAPParameter object
constructor leading to an integer overflow and controllable heap
corruption.  Malicious JavaScript could be written to utilize this flaw and
could allow arbitrary code execution.  The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2004-0722 to
this issue.

During a source code audit, Chris Evans discovered a buffer overflow and
integer overflows which affect the libpng code inside Mozilla. An attacker
could create a carefully crafted PNG file in such a way that it would cause
Mozilla to crash or execute arbitrary code when the image was viewed.
(CAN-2004-0597, CAN-2004-0599)

Zen Parse reported a flaw in the POP3 capability.  A malicious POP3 server
could send a carefully crafted response that would cause a heap overflow
and potentially allow execution of arbitrary code as the user running
Mozilla. (CAN-2004-0757)

Marcel Boesch found a flaw that allows a CA certificate to be imported with
a DN the same as that of the built-in CA root certificates, which can cause
a denial of service to SSL pages, as the malicious certificate is treated
as invalid. (CAN-2004-0758)

Met - Martin Hassman reported a flaw in Mozilla that could allow malicious
Javascript code to upload local files from a users machine without
requiring confirmation. (CAN-2004-0759)

Mindlock Security reported a flaw in ftp URI handling.  By using a NULL
character (%00) in a ftp URI, Mozilla can be confused into opening a
resource as a different MIME type. (CAN-2004-0760)

Mozilla does not properly prevent a frame in one domain from injecting
content into a frame that belongs to another domain, which facilitates
website spoofing and other attacks, also known as the frame injection
vulnerability.  (CAN-2004-0718)

Tolga Tarhan reported a flaw that can allow a malicious webpage to use a
redirect sequence to spoof the security lock icon that makes a webpage
appear to be encrypted.  (CAN-2004-0761)

Jesse Ruderman reported a security issue that affects a number of browsers
including Mozilla that could allow malicious websites to install arbitrary
extensions by using interactive events to manipulate the XPInstall Security
dialog box. (CAN-2004-0762)

Emmanouel Kellinis discovered a caching flaw in Mozilla which allows
malicious websites to spoof certificates of trusted websites via
redirects and Javascript that uses the "onunload" method. (CAN-2004-0763)

Mozilla allowed malicious websites to hijack the user interface via the
"chrome" flag and XML User Interface Language (XUL) files. (CAN-2004-0764)

The cert_TestHostName function in Mozilla only checks the hostname portion
of a certificate when the hostname portion of the URI is not a fully
qualified domain name (FQDN).  This flaw could be used for spoofing if an
attacker had control of machines on a default DNS search path. (CAN-2004-0765)

All users are advised to update to these erratum packages which contain a
snapshot of Mozilla 1.4.3 including backported fixes and are not vulnerable
to these issues.

References:
http://bugzilla.mozilla.org/show_bug.cgi?id=236618
http://bugzilla.mozilla.org/show_bug.cgi?id=251381
http://bugzilla.mozilla.org/show_bug.cgi?id=229374
http://bugzilla.mozilla.org/show_bug.cgi?id=249004
http://bugzilla.mozilla.org/show_bug.cgi?id=241924
http://bugzilla.mozilla.org/show_bug.cgi?id=250906
http://bugzilla.mozilla.org/show_bug.cgi?id=246448
http://bugzilla.mozilla.org/show_bug.cgi?id=240053
http://bugzilla.mozilla.org/show_bug.cgi?id=162020
http://bugzilla.mozilla.org/show_bug.cgi?id=253121
http://bugzilla.mozilla.org/show_bug.cgi?id=244965
http://bugzilla.mozilla.org/show_bug.cgi?id=234058
------------------------------------------------------------------------------

-------------
Taking Action
-------------
You may address the issues outlined in this advisory in two ways:

     - select your server name by clicking on its name from the list
       available at the following location, and then schedule an
       errata update for it:
           https://rhn.redhat.com/network/systemlist/system_list.pxt

     - run the Update Agent on each affected server.


---------------------------------
Changing Notification Preferences
---------------------------------
To enable/disable your Errata Alert preferences globally please log in to RHN
and navigate from "Your RHN" / "Your Account" to the "Preferences" tab.

        URL: https://rhn.redhat.com/network/my_account/my_prefs.pxt

You can also enable/disable notification on a per system basis by selecting an
individual system from the "Systems List". From the individual system view
click the "Details" tab.


---------------------
Affected Systems List
---------------------
This Errata Advisory may apply to the systems listed below. If you know that
this errata does not apply to a system listed, it might be possible that the
package profile for that server is out of date. In that case you should run
'up2date -p' as root on the system in question to refresh your software profile.

There are 10 affected systems registered in 'Your RHN' (only systems for
which you have explicitly enabled Errata Alerts are shown).

Release   Arch       Profile Name
--------  --------   ------------
3WS       x86_64     m33.ps.uci.edu                          
3AS       i686       dhcp2.reshsg.uci.edu                    
3WS       x86_64     bgcluster01                             
3WS       x86_64     bgcluster02                             
3WS       x86_64     bgcluster03                             
3AS       x86_64     dcs.nac.uci.edu                         
3AS       i686       loki.nac.uci.edu                        
3AS       i686       esmfgw.nac.uci.edu                      
3WS       i686       silico.acs.uci.edu                      
3AS       i686       bill.ps.uci.edu                         


The Red Hat Network Team

This message is being sent by Red Hat Network Alert to:
    RHN user login:        ucidcs
    Email address on file: <dcs@hydra.acs.uci.edu>

If you lost your RHN password, you can use the information above to
retrieve it by email from the following address:
    https://rhn.redhat.com/forgot_password.pxt

To cancel these notices, go to:
    https://rhn.redhat.com/oo.pxt?uid=3240338&oid=3699264
Prev by Date: Redhat : RHN Errata Alert: Updated libpng packages fix security issues
Next by Date: Redhat :RHN Errata Alert: Updated Ethereal packages fix security issues
Previous by thread: Redhat : RHN Errata Alert: Updated libpng packages fix security issues
Next by thread: Redhat :RHN Errata Alert: Updated Ethereal packages fix security issues
Index(es):
- Date
- Thread