Various security issues recently got fixed in Firefox and Mozilla that we did
not backport to our RHEL security updates as the backported fixes would be too
risky. These will get fixed with an update to 1.7.6.
MFSA 2005-28 CAN-2005-0578 Unsafe /tmp/plugtmp directory exploitable
to erase user's files
MFSA 2005-27 CAN-2005-0232, CAN-2005-0527 Plugins can be used to load
MFSA 2005-26 CAN-2005-0231 Cross-site scripting by dropping
MFSA 2005-24 CAN-2005-0584 HTTP auth prompt tab spoofing
* caillon says too hard to backport.
MFSA 2005-23 CAN-2005-0585 Download dialog source spoofing
MFSA 2005-22 CAN-2005-0586 Download dialog spoofing using
MFSA 2005-20 CAN-2005-0588 XSLT can include stylesheets from arbitrary
MFSA 2005-17 CAN-2005-0590 Install source spoofing with user:pass@host
MFSA 2005-16 CAN-2005-0591 Spoofing download and security dialogs with
MFSA 2005-14 CAN-2005-0593 SSL "secure site" indicator spoofing
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.