linux user group brescia

Mer 16 Lug 2003 07:28:47 UTC

Mozilla 1.3.1 sara' gia' a posto?

  .Erix.

==========

Security Advisory - RHSA-2003:162-10
------------------------------------------------------------------------------
Summary:
Updated Mozilla packages fix security vulnerability

Updated Mozilla packages fixing various bugs and security issues are now
available.

Description:
Mozilla is an open source web browser.  

A heap-based buffer overflow in Netscape and Mozilla allows remote
attackers to execute arbitrary code via a jar: URL referencing a
malformed .jar file, which overflows a buffer during decompression.  This
issue affects versions Mozilla packages for Red Hat Linux 7.1, 7.2, 7.3,
and 8.0.

These errata packages upgrade Mozilla to version 1.0.2, which is not
vulnerable to this issue.  Mozilla 1.0.2 also contains a number of other
stability and security enhancements.

linux user group brescia

Archivio della mailing list

Mozilla-RH advisory