Product : Fedora Core 5
Name : thunderbird
Version : 1.5.0.9
Release : 2.fc5
Summary : Mozilla Thunderbird mail/newsgroup client
Description :
Mozilla Thunderbird is a standalone mail and newsgroup client.
Update Information:
Mozilla Thunderbird is a standalone mail and newsgroup
client.
Several flaws were found in the way Thunderbird processes
certain malformed JavaScript code. A malicious web page could cause
the execution of JavaScript code in such a way that could cause
Thunderbird to crash or execute arbitrary code as the user running
Thunderbird. JavaScript support is disabled by default in
Thunderbird; this issue is not exploitable without enabling
JavaScript. (CVE-2006-6498, CVE-2006-6501, CVE-2006-6502,
CVE-2006-6503, CVE-2006-6504)
Several flaws were found in the way Thunderbird renders web
pages. A malicious web page could cause the browser to crash or
possibly execute arbitrary code as the user running Thunderbird.
(CVE-2006-6497)
A heap based buffer overflow flaw was found in the way
Thunderbird parses the Content-Type mail header. A malicious mail
message could cause the Thunderbird client to crash or possibly
execute arbitrary code as the user running Thunderbird.
(CVE-2006-6505)
Users of Thunderbird are advised to apply this update, which
contains Thunderbird version 1.5.0.9 that corrects these
issues.
Tue Dec 19 2006 Matthias Clasen <mclasen@redhat.com>
1.5.0.9-2
Add a Requires: launchmail (#219884)
Tue Dec 19 2006 Christopher Aillon <caillon@redhat.com>
1.5.0.9-1
Update to 1.5.0.9
Take firefox's pango fixes
Don't offer to import...nothing.
Tue Nov 7 2006 Christopher Aillon <caillon@redhat.com>
1.5.0.8-1
Update to 1.5.0.8
Allow choosing of download directory
Take the user to the correct directory from the Download
Manager.
Patch to add support for printing via pango from Behdad.
Sun Oct 8 2006 Christopher Aillon <caillon@redhat.com> -
1.5.0.7-4
Default to use of system colors
Wed Oct 4 2006 Christopher Aillon <caillon@redhat.com> -
1.5.0.7-3
Bring the invisible character to parity with GTK+
Wed Sep 27 2006 Christopher Aillon <caillon@redhat.com> -
1.5.0.7-2
Fix crash when changing gtk key theme
Prevent UI freezes while changing GNOME theme
Remove verbiage about pango; no longer required by
upstream.
Wed Sep 13 2006 Christopher Aillon <caillon@redhat.com> -
1.5.0.7-1
Update to 1.5.0.7
Thu Sep 7 2006 Christopher Aillon <caillon@redhat.com> -
1.5.0.5-8
Shuffle order of the install phase around
Thu Sep 7 2006 Christopher Aillon <caillon@redhat.com> -
1.5.0.5-7
Let there be art for Alt+Tab again
s/tbdir/mozappdir/g
Wed Sep 6 2006 Christopher Aillon <caillon@redhat.com> -
1.5.0.5-6
Fix for cursor position in editor widgets by tagoh and behdad
(#198759)
Tue Sep 5 2006 Christopher Aillon <caillon@redhat.com> -
1.5.0.5-5
Update nopangoxft.patch
Fix rendering of MathML thanks to Behdad Esfahbod.
Update start page text to reflect the MathML fixes.
This update can be installed with the 'yum' update program. Use
'yum update package-name' at the command line. For more
information, refer to 'Managing Software with yum,' available at
http://fedora.redhat.com/docs/yum/.
Package : libmodplug
Date : January 2, 2007
Affected: 2007.0
Problem Description:
Multiple buffer overflows in MODPlug Tracker (OpenMPT)
1.17.02.43 and earlier and libmodplug 0.8 and earlier allow
user-assisted remote attackers to execute arbitrary code via (1)
long strings in ITP files used by the CSoundFile::ReadITProject
function in soundlib/Load_it.cpp and (2) crafted modules used by
the CSoundFile::ReadSample function in soundlib/Sndfile.cpp, as
demonstrated by crafted AMF files.
Updated packages are patched to address this issue.
Package : kernel
Date : January 2, 2007
Affected: 2007.0
Problem Description:
Some vulnerabilities were discovered and corrected in the Linux
2.6 kernel:
The Linux kernel does not properly save or restore EFLAGS during
a context switch, or reset the flags when creating new threads,
which could allow a local user to cause a Denial of Service
(process crash) (CVE-2006-5173).
The seqfile handling in the 2.6 kernel up to 2.6.18 allows local
users to cause a DoS (hang or oops) via unspecified manipulations
that trigger an infinite loop while searching for flowlabels
(CVE-2006-5619).
An integer overflow in the 2.6 kernel prior to 2.6.18.4 could
allow a local user to execute arbitrary code via a large maxnum
value in an ioctl request (CVE-2006-5751).
A race condition in the ISO9660 filesystem handling could allow
a local user to cause a DoS (infinite loop) by mounting a crafted
ISO9660 filesystem containing malformed data structures
(CVE-2006-5757).
A vulnerability in the bluetooth support could allow for
overwriting internal CMTP and CAPI data structures via malformed
packets (CVE-2006-6106).
The provided packages are patched to fix these vulnerabilities.
All users are encouraged to upgrade to these updated kernels
immediately and reboot to effect the fixes.
In addition to these security fixes, other fixes have been
included such as:
added the marvell IDE driver - use a specific driver Jmicron
chipsets rather than using a generic one - updated the sky2 driver
to fix some network hang issues
To update your kernel, please follow the directions located
at:
Previous versions of the firefox package are vulnerable to
multiple types of attacks, including one that enables an attacker
to run arbitrary attacker-provided executable code if JavaScript is
enabled.
29 December 2006 Update: The thunderbird package has also been
updated to address the same vulnerabilities.