Synopsis:    Important: firefox security update
Issue Date:  2011-08-31


Mozilla Firefox is an open source web browser. XULRunner provides the 
XUL Runtime environment for Mozilla Firefox.

It was found that a Certificate Authority (CA) issued a fraudulent HTTPS
certificate. This update renders any HTTPS certificates signed by that
CA as untrusted, except for a select few. The now untrusted certificates
that were issued before July 1, 2011 can be manually re-enabled and used
again at your own risk in Firefox; however, affected certificates issued
after this date cannot be re-enabled or used.

All Firefox users should upgrade to these updated packages, which 
contain a backported patch. After installing the update, Firefox must be 
restarted for the changes to take effect.

SL4:
   i386
      firefox-3.6.20-3.el4.i386.rpm
      firefox-debuginfo-3.6.20-3.el4.i386.rpm
   x86_64
      firefox-debuginfo-3.6.20-3.el4.x86_64.rpm
      firefox-3.6.20-3.el4.x86_64.rpm
SL5:
   i386
      xulrunner-1.9.2.20-3.el5_7.i386.rpm
      xulrunner-debuginfo-1.9.2.20-3.el5_7.i386.rpm
      xulrunner-devel-1.9.2.20-3.el5_7.i386.rpm
   x86_64
      xulrunner-debuginfo-1.9.2.20-3.el5_7.x86_64.rpm
      xulrunner-devel-1.9.2.20-3.el5_7.i386.rpm
      xulrunner-devel-1.9.2.20-3.el5_7.x86_64.rpm
      xulrunner-debuginfo-1.9.2.20-3.el5_7.i386.rpm
      xulrunner-1.9.2.20-3.el5_7.x86_64.rpm
      xulrunner-1.9.2.20-3.el5_7.i386.rpm
SL6:
   i386
      xulrunner-devel-1.9.2.20-3.el6_1.i686.rpm
      xulrunner-1.9.2.20-3.el6_1.i686.rpm
      xulrunner-debuginfo-1.9.2.20-3.el6_1.i686.rpm
   x86_64
      xulrunner-1.9.2.20-3.el6_1.i686.rpm
      xulrunner-devel-1.9.2.20-3.el6_1.i686.rpm
      xulrunner-debuginfo-1.9.2.20-3.el6_1.x86_64.rpm
      xulrunner-debuginfo-1.9.2.20-3.el6_1.i686.rpm
      xulrunner-1.9.2.20-3.el6_1.x86_64.rpm
      xulrunner-devel-1.9.2.20-3.el6_1.x86_64.rpm

- Scientific Linux Development Team