The OpenNET Project
 
Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY
LINKS NEWS MAN DOCUMENTATION


[USN-728-2] Firefox vulnerabilities


<< Previous INDEX Search src / Print Next >>
Date: Thu, 5 Mar 2009 18:36:13 -0600
From: Jamie Strandboge <jamie@canonical.com.>
To: [email protected]
Subject: [USN-728-2] Firefox vulnerabilities
Message-ID: <20090306003613.GB8444@severus.strandboge.com.>
Reply-To: Jamie Strandboge <jamie@canonical.com.>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
        protocol="application/pgp-signature"; boundary="kXdP64Ggrk/fb43R"
Content-Disposition: inline
User-Agent: Mutt/1.5.18 (2008-05-17)
X-Virus-Scanned: antivirus-gw at tyumen.ru


--kXdP64Ggrk/fb43R
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline


Ubuntu Security Notice USN-728-2 March 06, 2009 firefox vulnerabilities CVE-2009-0772, CVE-2009-0774, CVE-2009-0776
A security issue affects the following Ubuntu releases: Ubuntu 7.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 7.10: firefox 2.0.0.21~tb.21+nobinonly-0ubuntu0.7.10.1 After a standard system upgrade you need to restart Firefox to effect the necessary changes. Details follow: Jesse Ruderman and Gary Kwong discovered flaws in the browser engine. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-0772, CVE-2009-0774) Georgi Guninski discovered a flaw when Firefox performed a cross-domain redirect. An attacker could bypass the same-origin policy in Firefox by utilizing nsIRDFService and steal private data from users authenticated to the redirected website. (CVE-2009-0776) Updated packages for Ubuntu 7.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.21~tb.21+nobinonly-0ubuntu0.7.10.1.diff.gz Size/MD5: 194047 099271c2ea597d2a115b3be40995b2c7 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.21~tb.21+nobinonly-0ubuntu0.7.10.1.dsc Size/MD5: 2340 63a3a1d155642b593de0ea6f4e7692de http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.21~tb.21+nobinonly.orig.tar.gz Size/MD5: 37774008 b2ba5de5a4123fb7e9a796cf790e8315 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_2.0.0.21~tb.21+nobinonly-0ubuntu0.7.10.1_all.deb Size/MD5: 201048 c24401e053bc602c592bd8a6dfe919c5 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.21~tb.21+nobinonly-0ubuntu0.7.10.1_amd64.deb Size/MD5: 78166004 07ac094a00f59264c33d5ef3010016e1 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.21~tb.21+nobinonly-0ubuntu0.7.10.1_amd64.deb Size/MD5: 3203128 8afc60d5fc1e8b9975648a0b29adbcc7 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.21~tb.21+nobinonly-0ubuntu0.7.10.1_amd64.deb Size/MD5: 98360 efde6e650c8e51c0cc18691a3a5c6fcd http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.21~tb.21+nobinonly-0ubuntu0.7.10.1_amd64.deb Size/MD5: 67414 c5901a62027583b17b0e9ad3206dc97b http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.21~tb.21+nobinonly-0ubuntu0.7.10.1_amd64.deb Size/MD5: 10469312 8eea2241465336d5ea9d41eefecec737 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.21~tb.21+nobinonly-0ubuntu0.7.10.1_i386.deb Size/MD5: 77309416 0338ce165f4a8491a962489b8e71ae4f http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.21~tb.21+nobinonly-0ubuntu0.7.10.1_i386.deb Size/MD5: 3191016 08e9a1379c006a822f728b480c81d5ca http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.21~tb.21+nobinonly-0ubuntu0.7.10.1_i386.deb Size/MD5: 92086 9af96f24ebe279862df72a913d4d8f7b http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.21~tb.21+nobinonly-0ubuntu0.7.10.1_i386.deb Size/MD5: 66690 5a02205c5307f59398ad670273b415d7 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.21~tb.21+nobinonly-0ubuntu0.7.10.1_i386.deb Size/MD5: 9210704 dcec421746059ebdbdaae9dd1cf0ff43 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/f/firefox/firefox-dbg_2.0.0.21~tb.21+nobinonly-0ubuntu0.7.10.1_lpia.deb Size/MD5: 77579288 00f0752dc0e48c926e61ed3043234cf9 http://ports.ubuntu.com/pool/main/f/firefox/firefox-dev_2.0.0.21~tb.21+nobinonly-0ubuntu0.7.10.1_lpia.deb Size/MD5: 3188640 11596823330f193c75d84e9065052f1d http://ports.ubuntu.com/pool/main/f/firefox/firefox-gnome-support_2.0.0.21~tb.21+nobinonly-0ubuntu0.7.10.1_lpia.deb Size/MD5: 91748 f063e011410244eeb33f64d9504ad4a0 http://ports.ubuntu.com/pool/main/f/firefox/firefox-libthai_2.0.0.21~tb.21+nobinonly-0ubuntu0.7.10.1_lpia.deb Size/MD5: 66636 bed3e1795c9b6cf073dc5d4b21ac0866 http://ports.ubuntu.com/pool/main/f/firefox/firefox_2.0.0.21~tb.21+nobinonly-0ubuntu0.7.10.1_lpia.deb Size/MD5: 9071204 dda4ba5582f1013f0447dd6084dbc4b8 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.21~tb.21+nobinonly-0ubuntu0.7.10.1_powerpc.deb Size/MD5: 80777664 2f86b2bbf427f5cd9ad4230f87aab6a1 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.21~tb.21+nobinonly-0ubuntu0.7.10.1_powerpc.deb Size/MD5: 3206352 e4adf960e211dbe93c7cb70a3d8cae75 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.21~tb.21+nobinonly-0ubuntu0.7.10.1_powerpc.deb Size/MD5: 96424 c005071737505b567f60f1d453baae1a http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.21~tb.21+nobinonly-0ubuntu0.7.10.1_powerpc.deb Size/MD5: 67694 b0af3582bb18d21a1f4b8a9ab8337fcd http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.21~tb.21+nobinonly-0ubuntu0.7.10.1_powerpc.deb Size/MD5: 10313582 ab429fc180c403c804ed6b387de9427c sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.21~tb.21+nobinonly-0ubuntu0.7.10.1_sparc.deb Size/MD5: 78135176 6c21f46463479bd7ee265bdfda6c56f7 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.21~tb.21+nobinonly-0ubuntu0.7.10.1_sparc.deb Size/MD5: 3188258 d64a8e32dc28d89b27acf203718a18eb http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.21~tb.21+nobinonly-0ubuntu0.7.10.1_sparc.deb Size/MD5: 91868 8f1982672a49fc6a3b4c143f908a323b http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.21~tb.21+nobinonly-0ubuntu0.7.10.1_sparc.deb Size/MD5: 66766 72ea8ae2a21540c480e979b65d971ba8 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.21~tb.21+nobinonly-0ubuntu0.7.10.1_sparc.deb Size/MD5: 9464780 66cd0a187121b63fbc050c52e1b9e59c --kXdP64Ggrk/fb43R Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkmwb/0ACgkQW0JvuRdL8BrNGgCcCDQapZWGFDN5kDNBbyizkuDq mBkAoJjPHEYKYg4eW7uaZBUYboqUI+yj =HWDu -----END PGP SIGNATURE----- --kXdP64Ggrk/fb43R--

<< Previous INDEX Search src / Print Next >>



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей
Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру