Updated Mozilla packages fixing various bugs and security issues are now available. [Updated 18 July 2003] Our Mozilla packages were found to be incompatible with Galeon. Updated versions of Galeon are now included for Red Hat Linux 7.2, 7.3, and 8.0. In addition new builds of Mozilla for Red Hat Linux 8.0 are included as the previous packages were built with the wrong compiler. [Updated 31 July 2003] Added packages for Red Hat Linux on IBM iSeries and pSeries systems.
Mozilla is an open source Web browser. A heap-based buffer overflow in Netscape and Mozilla allows remote attackers to execute arbitrary code via a jar: URL referencing a malformed .jar file, which overflows a buffer during decompression. This issue affects versions Mozilla packages for Red Hat Linux 7.1, 7.2, 7.3, and 8.0. These errata packages upgrade Mozilla to version 1.0.2, which is not vulnerable to this issue. Mozilla 1.0.2 also contains a number of other stability and security enhancements.