Mozilla developers identified and fixed several memory safety bugs in the
browser engine used in Firefox and other Mozilla-based products. Some of
these bugs showed evidence of memory corruption under certain
circumstances, and we presume that with enough effort at least some of
these could be exploited to run arbitrary code.
Jesse Ruderman, David Anderson and Johnny Stenback reported memory safety
problems that affected Firefox 3.6 only.
This is now public: http://www.mozilla.org/security/announce/2010/mfsa2010-34.html
This issue has been addressed in following products:
Red Hat Enterprise Linux 4
Red Hat Enterprise Linux 5
Via RHSA-2010:0547 https://rhn.redhat.com/errata/RHSA-2010-0547.html
xulrunner-18.104.22.168-1.fc13, firefox-3.6.7-1.fc13, mozvoikko-1.0-12.fc13, gnome-web-photo-0.9-10.fc13, perl-Gtk2-MozEmbed-0.08-6.fc13.15, gnome-python2-extras-2.25.3-20.fc13, galeon-2.0.7-30.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.
thunderbird-3.1.1-1.fc13, sunbird-1.0-0.26.b2pre.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.