rPSA-2007-0062-2 firefox
rPath Update Announcements
announce-noreply at rpath.com
Wed Apr 4 16:46:52 EDT 2007
rPath Security Advisory: 2007-0062-2
Published: 2007-04-04
Updated:
2007-04-04 reference correct version of firefox
Products: rPath Linux 1
Rating: Minor
Exposure Level Classification:
Indirect User Deterministic Information Exposure
Updated Versions:
firefox=/conary.rpath.com at rpl:devel//1/1.5.0.11-0.1-1
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1562
https://issues.rpath.com/browse/RPL-1157
Description:
Previous versions of the firefox package are vulnerable to a minor
information exposure: when using passive FTP to connect to a
malicious FTP server, the server could determine which ports were
open on the client.
4 April 2007 Update: The initial release of this update referenced
a version of firefox without the update.
More information about the update-announce
mailing list