Fedora 10 : Miro-2.0.5-2.fc10 / blam-1.8.5-12.fc10 / devhelp-0.22-10.fc10 / epiphany-2.24.3-8.fc10 / etc (2009-7961)

critical Nessus Plugin ID 40358

Synopsis

The remote Fedora host is missing one or more security updates.

Description

Update to new upstream Firefox version 3.0.12, fixing multiple security issues detailed in the upstream advisories:
http://www.mozilla.org/security/known- vulnerabilities/firefox30.html#firefox3.0.12 Update also includes all packages depending on gecko-libs rebuilt against new version of Firefox / XULRunner.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected packages.

See Also

https://www.mozilla.org/en-US/security/known-

https://bugzilla.redhat.com/show_bug.cgi?id=512128

https://bugzilla.redhat.com/show_bug.cgi?id=512131

https://bugzilla.redhat.com/show_bug.cgi?id=512133

https://bugzilla.redhat.com/show_bug.cgi?id=512135

https://bugzilla.redhat.com/show_bug.cgi?id=512136

https://bugzilla.redhat.com/show_bug.cgi?id=512137

https://bugzilla.redhat.com/show_bug.cgi?id=512142

https://bugzilla.redhat.com/show_bug.cgi?id=512146

https://bugzilla.redhat.com/show_bug.cgi?id=512147

http://www.nessus.org/u?a9dd026a

http://www.nessus.org/u?4244bed7

http://www.nessus.org/u?81496686

http://www.nessus.org/u?9dd95c64

http://www.nessus.org/u?af86fc95

http://www.nessus.org/u?6bf4edb3

http://www.nessus.org/u?acc83ba7

http://www.nessus.org/u?b2604ba8

http://www.nessus.org/u?70f0f671

http://www.nessus.org/u?40146428

http://www.nessus.org/u?8a6cbcfa

http://www.nessus.org/u?4cf0b532

http://www.nessus.org/u?78440d72

http://www.nessus.org/u?c6c01baf

http://www.nessus.org/u?411702c7

http://www.nessus.org/u?b58dabbd

http://www.nessus.org/u?3d1a96ef

http://www.nessus.org/u?0e609dc6

Plugin Details

Severity: Critical

ID: 40358

File Name: fedora_2009-7961.nasl

Version: 1.21

Type: local

Agent: unix

Published: 7/24/2009

Updated: 1/11/2021

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:blam, cpe:/o:fedoraproject:fedora:10, p-cpe:/a:fedoraproject:fedora:yelp, p-cpe:/a:fedoraproject:fedora:miro, p-cpe:/a:fedoraproject:fedora:pcmanx-gtk2, p-cpe:/a:fedoraproject:fedora:xulrunner, p-cpe:/a:fedoraproject:fedora:evolution-rss, p-cpe:/a:fedoraproject:fedora:devhelp, p-cpe:/a:fedoraproject:fedora:galeon, p-cpe:/a:fedoraproject:fedora:gecko-sharp2, p-cpe:/a:fedoraproject:fedora:mugshot, p-cpe:/a:fedoraproject:fedora:gnome-python2-extras, p-cpe:/a:fedoraproject:fedora:epiphany, p-cpe:/a:fedoraproject:fedora:ruby-gnome2, p-cpe:/a:fedoraproject:fedora:google-gadgets, p-cpe:/a:fedoraproject:fedora:kazehakase, p-cpe:/a:fedoraproject:fedora:gnome-web-photo, p-cpe:/a:fedoraproject:fedora:mozvoikko, p-cpe:/a:fedoraproject:fedora:firefox

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 7/23/2009

Vulnerability Publication Date: 7/22/2009

Reference Information

CVE: CVE-2009-2462, CVE-2009-2463, CVE-2009-2464, CVE-2009-2465, CVE-2009-2466, CVE-2009-2467, CVE-2009-2469, CVE-2009-2471, CVE-2009-2472

CWE: 189, 399, 79

FEDORA: 2009-7961