Multiple flaws fixed during Mozilla update of December 20 2011: =============================================================== * MFSA 2011-59 .jar not treated as executable in Firefox 3.6 on Mac Affects Mac OS * MFSA 2011-58 Crash scaling <video> to extreme sizes Affects Firefox and Thunderbird 8, fixed in Firefox and Thunderbird 9 * MFSA 2011-57 Crash when plugin removes itself on Mac OS X Affects Firefox and Thunderbird 8, fixed in Firefox and Thunderbird 9 on MAC OS * MFSA 2011-56 Key detection without JavaScript via SVG animation Affects Firefox and Thunderbird 8, fixed in Firefox and Thunderbird 9 * MFSA 2011-55 nsSVGValue out-of-bounds access Affects Firefox and Thunderbird 8, fixed in Firefox and Thunderbird 9 * MFSA 2011-54 Potentially exploitable crash in the YARR regular expression library Affects Firefox and Thunderbird 8, fixed in Firefox and Thunderbird 9 * MFSA 2011-53 Miscellaneous memory safety hazards (rv:9.0) Affects Firefox and Thunderbird 8, fixed in Firefox and Thunderbird 9
Statement: This issue did not affect the version of firefox and thunderbird packages as shipped with Red Hat Enterprise Linux 4, 5 and 6. This issue did not affect the version of seamonkey package as shipped with Red Hat Enterprise Linux 4.
References: http://www.mozilla.org/security/known-vulnerabilities/firefox.html#firefox9 http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.25