|
Family: Slackware Local Security Checks --> Category: infos
SSA-2004-223-01 Mozilla Vulnerability Scan
Vulnerability Scan Summary SSA-2004-223-01 Mozilla
Detailed Explanation for this Vulnerability Test
New Mozilla packages are available for Slackware 9.1, 10.0, and -current
to fix a number of security issues. Slackware 10.0 and -current were
upgraded to Mozilla 1.7.2, and Slackware 9.1 was upgraded to Mozilla 1.4.3.
As usual, new versions of Mozilla require new versions of things that link
with the Mozilla libraries, so for Slackware 10.0 and -current new versions
of epiphany, galeon, gaim, and mozilla-tests have also been provided.
There don't appear to be epiphany and galeon versions that are compatible
with Mozilla 1.4.3 and the GNOME in Slackware 9.1, so these are not
provided and Epiphany and Galeon will be broken on Slackware 9.1 if the
new Mozilla package is installed. Furthermore, earlier versions of
Mozilla (such as the 1.3 series) were not fixed upstream, so versions
of Slackware earlier than 9.1 will remain vulnerable to these browser
issues. If you still use Slackware 9.0 or earlier, you may want to
consider removing Mozilla or upgrading to a newer version.
More details about these issues may be found in the Common
Vulnerabilities and Exposures (CVE) database:
Issues fixed in Mozilla 1.7.2:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0597
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0598
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0599
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0763
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0758
Issues fixed in Mozilla 1.4.3:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0597
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0718
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0722
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0757
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0758
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0759
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0760
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0761
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0762
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0763
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0764
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0765
Click HERE for more information and discussions on this network vulnerability scan.
|