Red Hat Bugzilla – Bug 155117
CAN-2005-0989 Multiple Mozilla issues. (CAN-2005-1153 CAN-2005-1154 CAN-2005-1155 CAN-2005-1156 CAN-2005-1157 CAN-2005-1159 CAN-2005-1160)
Last modified: 2007-11-30 17:07:07 EST
+++ This bug was initially created as a clone of Bug #155116 +++
Mozilla 1.7.7 has been released, it fixes the following issues:
MFSA 2005-36 Cross-site scripting through global scope pollution
MFSA 2005-38 Search plugin cross-site scripting
MFSA 2005-40 Missing Install object instance checks
MFSA 2005-41 Privilege escalation via DOM property overrides
These issues also affect RHEL2.1
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.
The SRPM referenced in RHSA-2005:384-01 does not exist on ftp.redhat.com.
The SRPM should be there now.