[USN-626-1] Firefox and xulrunner vulnerabilities
Date: Mon, 28 Jul 2008 19:29:38 -0400
From: Jamie Strandboge <jamie@canonical.com.>
To: [email protected]
Subject: [USN-626-1] Firefox and xulrunner vulnerabilities
Message-ID: <20080728232937.GE1413@severus.strandboge.com.>
Reply-To: Jamie Strandboge <jamie@canonical.com.>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="lc9FT7cWel8HagAv"
Content-Disposition: inline
User-Agent: Mutt/1.5.17+20080114 (2008-01-14)
X-Virus-Scanned: antivirus-gw at tyumen.ru
--lc9FT7cWel8HagAv
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=20
Ubuntu Security Notice USN-626-1 July 29, 2008
firefox-3.0, xulrunner-1.9 vulnerabilities
CVE-2008-2785, CVE-2008-2933, CVE-2008-2934
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D
A security issue affects the following Ubuntu releases:
Ubuntu 8.04 LTS
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 8.04 LTS:
firefox-3.0 3.0.1+build1+nobinonly-0ubuntu0.8.04.3
xulrunner-1.9 1.9.0.1+build1+nobinonly-0ubuntu0.8.04.3
After a standard system upgrade you need to restart Firefox and any
applications that use xulrunner, such as Epiphany, to effect the
necessary changes.
Details follow:
A flaw was discovered in the browser engine. A variable could be made to
overflow causing the browser to crash. If a user were tricked into opening
a malicious web page, an attacker could cause a denial of service or
possibly execute arbitrary code with the privileges of the user invoking
the program. (CVE-2008-2785)
Billy Rios discovered that Firefox and xulrunner, as used by browsers
such as Epiphany, did not properly perform URI splitting with pipe
symbols when passed a command-line URI. If Firefox or xulrunner were
passed a malicious URL, an attacker may be able to execute local
content with chrome privileges. (CVE-2008-2933)
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3=
=2E0.1+build1+nobinonly-0ubuntu0.8.04.3.diff.gz
Size/MD5: 105875 20bf75de131b805b31602d03f76edcdb
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3=
=2E0.1+build1+nobinonly-0ubuntu0.8.04.3.dsc
Size/MD5: 1605 0a4c85fb6f3771e494cb2596eb174f42
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3=
=2E0.1+build1+nobinonly.orig.tar.gz
Size/MD5: 10830088 546304d00e486587023418bef4c8c17e
http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1=
=2E9_1.9.0.1+build1+nobinonly-0ubuntu0.8.04.3.diff.gz
Size/MD5: 77642 dd673f6d7523c5129df6775c369f55b1
http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1=
=2E9_1.9.0.1+build1+nobinonly-0ubuntu0.8.04.3.dsc
Size/MD5: 1669 7fbd2e794a99288141e6c5fd6ca7bb8b
http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1=
=2E9_1.9.0.1+build1+nobinonly.orig.tar.gz
Size/MD5: 40083410 802b0c07675ba0d1cc1819a6dac22c94
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-dev_3=
=2E0.1+build1+nobinonly-0ubuntu0.8.04.3_all.deb
Size/MD5: 65808 9fb1bd4f57c4ddaf255dec745cfb6394
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-gnome=
-support_3.0.1+build1+nobinonly-0ubuntu0.8.04.3_all.deb
Size/MD5: 65824 9352e1cba510bcaed37478516413e41a
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-granp=
aradiso-dev_3.0.1+build1+nobinonly-0ubuntu0.8.04.3_all.deb
Size/MD5: 65784 3ef3e033acca41bf431e196289ff3075
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-trunk=
-dev_3.0.1+build1+nobinonly-0ubuntu0.8.04.3_all.deb
Size/MD5: 65776 30a60ceed5a490065dddb86dcbc44917
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox_3.0.1=
+build1+nobinonly-0ubuntu0.8.04.3_all.deb
Size/MD5: 65926 093d9772c250695694846c4a862151e4
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-3=
=2E0-dom-inspector_3.0.1+build1+nobinonly-0ubuntu0.8.04.3_all.deb
Size/MD5: 65832 2f47d1abc1cfee76a537e665c2a961e3
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-3=
=2E0-venkman_3.0.1+build1+nobinonly-0ubuntu0.8.04.3_all.deb
Size/MD5: 65782 852eac738d3bf243f6f3ab707cab7de1
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-d=
om-inspector_3.0.1+build1+nobinonly-0ubuntu0.8.04.3_all.deb
Size/MD5: 8978 4ee6943368ba1582827914b014aa0b12
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-g=
ranparadiso-dom-inspector_3.0.1+build1+nobinonly-0ubuntu0.8.04.3_all.deb
Size/MD5: 8964 9df1e05f125072a41decae2f03ed796d
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-g=
ranparadiso-gnome-support_3.0.1+build1+nobinonly-0ubuntu0.8.04.3_all.deb
Size/MD5: 65808 4cdc3a9a27af41bd6fadf4f9f1271af0
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-g=
ranparadiso_3.0.1+build1+nobinonly-0ubuntu0.8.04.3_all.deb
Size/MD5: 65774 a12883abab5cdc8fd1be41abec1d2553
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-l=
ibthai_3.0.1+build1+nobinonly-0ubuntu0.8.04.3_all.deb
Size/MD5: 65768 d30e21a3afcf4897450a2220b0448c52
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-t=
runk-dom-inspector_3.0.1+build1+nobinonly-0ubuntu0.8.04.3_all.deb
Size/MD5: 8944 ddb77e423b0d2fa01775998de6d16074
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-t=
runk-gnome-support_3.0.1+build1+nobinonly-0ubuntu0.8.04.3_all.deb
Size/MD5: 65792 662c3740f2451030de9dbeef8915cd53
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-t=
runk-venkman_3.0.1+build1+nobinonly-0ubuntu0.8.04.3_all.deb
Size/MD5: 8938 19647a69ea1a19fb20c3d832efb3f667
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-t=
runk_3.0.1+build1+nobinonly-0ubuntu0.8.04.3_all.deb
Size/MD5: 65762 2948beefbc937ce8014246761aa5c42f
http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9/xulrunn=
er-1.9-dom-inspector_1.9.0.1+build1+nobinonly-0ubuntu0.8.04.3_all.deb
Size/MD5: 125048 61ddef6346ed04823e4e08cb8b5915ad
http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9/xulrunn=
er-1.9-venkman_1.9.0.1+build1+nobinonly-0ubuntu0.8.04.3_all.deb
Size/MD5: 235166 7dcc225d1e6a35d1c72d83478b264b03
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-d=
ev_3.0.1+build1+nobinonly-0ubuntu0.8.04.3_amd64.deb
Size/MD5: 9030 51c56b6eb17a90596664e5de1efcfaf0
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-g=
nome-support_3.0.1+build1+nobinonly-0ubuntu0.8.04.3_amd64.deb
Size/MD5: 29598 bdb8fd33fbb551fba94829b6de8f48c8
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3=
=2E0.1+build1+nobinonly-0ubuntu0.8.04.3_amd64.deb
Size/MD5: 1086692 9e85d93762021da9663079eb43a806ec
http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1=
=2E9-dev_1.9.0.1+build1+nobinonly-0ubuntu0.8.04.3_amd64.deb
Size/MD5: 4034992 ded5cd52011190445b8cdbbc387dbb0e
http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1=
=2E9-gnome-support_1.9.0.1+build1+nobinonly-0ubuntu0.8.04.3_amd64.deb
Size/MD5: 48708 63a365a1ed33bdd9f3e86c704639c54b
http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1=
=2E9_1.9.0.1+build1+nobinonly-0ubuntu0.8.04.3_amd64.deb
Size/MD5: 9020046 ce8df3e6a4d09ac7c1429f63a69bb164
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-d=
ev_3.0.1+build1+nobinonly-0ubuntu0.8.04.3_i386.deb
Size/MD5: 9032 9655df6f35d580fcd316fdbe35b25c44
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-g=
nome-support_3.0.1+build1+nobinonly-0ubuntu0.8.04.3_i386.deb
Size/MD5: 25740 b449c8c524b7cb50e05a5092bb1692ad
http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3=
=2E0.1+build1+nobinonly-0ubuntu0.8.04.3_i386.deb
Size/MD5: 1064456 58ffa05cc64086c5c51ff694beca780d
http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1=
=2E9-dev_1.9.0.1+build1+nobinonly-0ubuntu0.8.04.3_i386.deb
Size/MD5: 4016584 3c8e123c09ff04f63cde52effc867f0d
http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1=
=2E9-gnome-support_1.9.0.1+build1+nobinonly-0ubuntu0.8.04.3_i386.deb
Size/MD5: 38500 8934fc3c6cdfa988ad9dee140be7373d
http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1=
=2E9_1.9.0.1+build1+nobinonly-0ubuntu0.8.04.3_i386.deb
Size/MD5: 7749536 7ef6da6f25b7e0878419acccc052da3f
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.1+b=
uild1+nobinonly-0ubuntu0.8.04.3_lpia.deb
Size/MD5: 9028 fdd61fb530a3339c1fffbd9ece833d8e
http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-gnome-suppo=
rt_3.0.1+build1+nobinonly-0ubuntu0.8.04.3_lpia.deb
Size/MD5: 25344 7666413c6a56eb14c3708ad2e16470c7
http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0_3.0.1+build=
1+nobinonly-0ubuntu0.8.04.3_lpia.deb
Size/MD5: 1062684 ec46a573876b24eb4748bd01a2bb5435
http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9=
=2E0.1+build1+nobinonly-0ubuntu0.8.04.3_lpia.deb
Size/MD5: 4012106 243d516f2dc244758d3568e4ead4839f
http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-s=
upport_1.9.0.1+build1+nobinonly-0ubuntu0.8.04.3_lpia.deb
Size/MD5: 37592 d9c551a6e990c7e63b457d7c6166113a
http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.1=
+build1+nobinonly-0ubuntu0.8.04.3_lpia.deb
Size/MD5: 7639310 ff4c7144795f6fa0a38b0f065c04db8e
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.1+b=
uild1+nobinonly-0ubuntu0.8.04.3_powerpc.deb
Size/MD5: 9032 5ffb1ce496a65cc0cfa57405a249426c
http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-gnome-suppo=
rt_3.0.1+build1+nobinonly-0ubuntu0.8.04.3_powerpc.deb
Size/MD5: 27506 ee4f59f65df53fdf3e09fa271e290dbc
http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0_3.0.1+build=
1+nobinonly-0ubuntu0.8.04.3_powerpc.deb
Size/MD5: 1078404 8ee97515994e3deac2fe7aabbbbe15ab
http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9=
=2E0.1+build1+nobinonly-0ubuntu0.8.04.3_powerpc.deb
Size/MD5: 4023136 5342ffc1f46ff68174dca7b3621eeab0
http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-s=
upport_1.9.0.1+build1+nobinonly-0ubuntu0.8.04.3_powerpc.deb
Size/MD5: 43654 649fa96e5214857fff22b53455e99bac
http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.1=
+build1+nobinonly-0ubuntu0.8.04.3_powerpc.deb
Size/MD5: 8595530 7a92e064fe96a000b0d9a507c0827555
--lc9FT7cWel8HagAv
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFIjlZhW0JvuRdL8BoRArfgAJ0eP5QTw9jQ4o4F1vN9mB8rJDiZrgCfVDS6
p6/Z5Mz+ue5Weyk69SIFiuI=
=VbJk
-----END PGP SIGNATURE-----
--lc9FT7cWel8HagAv--