Fixed in Firefox 3.5.6
MFSA 2009-71 GeckoActiveXObject exception messages can be used to enumerate installed COM objects
MFSA 2009-70 Privilege escalation via chrome window.opener
MFSA 2009-69 Location bar spoofing vulnerabilities
MFSA 2009-68 NTLM reflection vulnerability
MFSA 2009-67 Integer overflow, crash in libtheora video library
MFSA 2009-66 Memory safety fixes in liboggplay media library
MFSA 2009-65 Crashes with evidence of memory corruption (rv:188.8.131.52/ 184.108.40.206)
The last 3 are critical fixes. Currently Slackware has 3.5.5 if you have been following the Security-fixes, else 3.5.2 which comes in Slackware 13.0.
What you need to do is find the package cairo-1.8.6 and remove it.Slack64 users:
Then download and build the cairo-1.8.8 package. You can get the slackbuild script in your DVD in directory: /l
Then installpkg it. Now download the Firefox 3.5.6 source code from here and use the build script in /xap directory to build the Firefox3.5.6 package. Then:
NOTE: While using the Slackbuilds don’t forget to change the versions to the latest.
EDIT: Pycairo can be upgraded as well. It built without the pyCairo upgrade so I didn’t notice. Thanks to JokerBoy for bringing it to my notice. Source , slackbuilds can be found in /l like cairo.