Binary package hint: xulrunner
Please update xulrunner to 1.8.1.16 version.
From Firefox Security Advisory:
+ Fixed in Firefox 2.0.0.16
- MFSA 2008-35 Command-line URLs launch multiple tabs when Firefox not running
- MFSA 2008-34 Remote code execution by overflowing CSS reference counter
+ Fixed in Firefox 2.0.0.15
- MFSA 2008-33 Crash and remote code execution in block reflow
- MFSA 2008-32 Remote site run as local file via Windows URL shortcut
- MFSA 2008-31 Peer-trusted certs can use alt names to spoof
- MFSA 2008-30 File location URL in directory listings not escaped properly
- MFSA 2008-29 Faulty .properties file results in uninitialized memory being used
- MFSA 2008-28 Arbitrary socket connections with Java LiveConnect on Mac OS X
- MFSA 2008-27 Arbitrary file upload via originalTarget and DOM Range
- MFSA 2008-25 Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript()
- MFSA 2008-24 Chrome script loading from fastload file
- MFSA 2008-23 Signed JAR tampering
- MFSA 2008-22 XSS through JavaScript same-origin violation
- MFSA 2008-21 Crashes with evidence of memory corruption (rv:1.8.1.15)
From Thunderbird Security Advisory:
+ Fixed in Thunderbird 2.0.0.16
- MFSA 2008-34 Remote code execution by overflowing CSS reference counter
- MFSA 2008-33 Crash and remote code execution in block reflow
- MFSA 2008-31 Peer-trusted certs can use alt names to spoof
- MFSA 2008-29 Faulty .properties file results in uninitialized memory being used
- MFSA 2008-26 Buffer length checks in MIME processing
- MFSA 2008-25 Arbitrary code execution in mozIJSSubScriptLoader.loadSubScript()
- MFSA 2008-24 Chrome script loading from fastload file
- MFSA 2008-21 Crashes with evidence of memory corruption (rv:1.8.1.15)
I'm working on this.