USN-1123-1: Xulrunner vulnerabilities
30 April 2011
Multiple xulrunner-1.9.1 vulnerabilities
Releases
Packages
- xulrunner-1.9.1 - XUL + XPCOM application runner
Details
A large number of security issues were discovered in the Gecko rendering
engine. If a user were tricked into viewing a malicious website, a remote
attacker could exploit a variety of issues related to web browser security,
including cross-site scripting attacks, denial of service attacks, and
arbitrary code execution.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 9.10
After a standard system update you need to restart any applications which
use Xulrunner to make all the necessary changes.
References
- CVE-2011-0077
- CVE-2011-0065
- CVE-2011-0066
- CVE-2010-3776
- CVE-2010-3778
- CVE-2011-0067
- CVE-2011-0073
- CVE-2011-0074
- CVE-2011-0071
- CVE-2011-0080
- CVE-2011-0078
- CVE-2011-0075
- CVE-2011-0072
- CVE-2011-0070
- CVE-2011-0069
- CVE-2011-0053
- CVE-2011-0062
- CVE-2011-0051
- CVE-2011-0055
- CVE-2011-0054
- CVE-2011-0056
- CVE-2011-0057
- CVE-2011-0058
- CVE-2010-1585
- CVE-2011-0059
- CVE-2011-1202
Related notices
- USN-1112-1: firefox-3.5, firefox, xulrunner-1.9.2, firefox-3.0
- USN-1122-1: thunderbird
- USN-1122-2: thunderbird
- USN-1020-1: thunderbird, thunderbird-locales
- USN-1019-1: xulrunner-1.9.2, firefox-3.5, firefox, abrowser, xulrunner-1.9.1, firefox-3.0
- USN-1121-1: firefox
- USN-1049-1: firefox-3.5, firefox, xulrunner-1.9.2, firefox-3.0
- USN-1050-1: thunderbird
- USN-1595-1: libxslt, libxslt1.1