| ||||||||||||||||
Ubuntu alert USN-361-1 (mozilla)
=========================================================== Ubuntu Security Notice USN-361-1 October 10, 2006 mozilla vulnerabilities CVE-2006-2788, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3811, CVE-2006-4340, CVE-2006-4565, CVE-2006-4568, CVE-2006-4570, CVE-2006-4571 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.04 Ubuntu 5.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.04: libnspr4 2:1.7.13-0ubuntu05.04.2 libnss3 2:1.7.13-0ubuntu05.04.2 mozilla-browser 2:1.7.13-0ubuntu05.04.2 mozilla-mailnews 2:1.7.13-0ubuntu05.04.2 mozilla-psm 2:1.7.13-0ubuntu05.04.2 Ubuntu 5.10: libnspr4 2:1.7.13-0ubuntu5.10.2 libnss3 2:1.7.13-0ubuntu5.10.2 mozilla-browser 2:1.7.13-0ubuntu5.10.2 mozilla-mailnews 2:1.7.13-0ubuntu5.10.2 mozilla-psm 2:1.7.13-0ubuntu5.10.2 After a standard system upgrade you need to restart Mozilla to effect the necessary changes. Details follow: Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious URL. (CVE-2006-2788, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3809, CVE-2006-3811, CVE-2006-4565, CVE-2006-4568, CVE-2006-4571) A bug was found in the script handler for automatic proxy configuration. A malicious proxy could send scripts which could execute arbitrary code with the user's privileges. (CVE-2006-3808) The NSS library did not sufficiently check the padding of PKCS #1 v1.5 signatures if the exponent of the public key is 3 (which is widely used for CAs). This could be exploited to forge valid signatures without the need of the secret key. (CVE-2006-4340) Georgi Guninski discovered that even with JavaScript disabled, a malicous email could still execute JavaScript when the message is viewed, replied to, or forwarded by putting the script in a remote XBL file loaded by the message. (CVE-2006-4570) Updated packages for Ubuntu 5.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/moz... Size/MD5: 403767 ad89e14a1a7063ffd40c7966f66f63e6 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/moz... Size/MD5: 1140 62f9aae0950ae23ab127ed0c608a6cd0 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/moz... Size/MD5: 38788839 db906560b5abe488286ad1edc21d52b6 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/lib... Size/MD5: 168066 099a54a14163f7ffe0308530d7f513e8 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/lib... Size/MD5: 142106 f8c747f219197d2fc62c7be7532dd09e http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/lib... Size/MD5: 184956 80462134e344661ebcdb10668703c8cf http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/lib... Size/MD5: 711066 2b27ce520e6e2c519145592da529d67c http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/moz... Size/MD5: 10618640 187ac84d04bad5af52788263ce85516f http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 403276 72d272889c297249f811744536aece56 http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 158328 1f81850675d5eb5df3c925b5b1b597ba http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/moz... Size/MD5: 3352872 63a790924643bed33c08e1a461978462 http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 121184 1cd6cd71393fad002ac4835bd4d77bc9 http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 204162 87a317642b4ecce9677cd0ed24efab5a http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 1935960 adb803a894fa3a15852d0733afc74d4c http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/moz... Size/MD5: 204574 b3469c0df25b7aab832b7980141c5d37 http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 1036 7e85f8a2bb24b7b598af457fa837a5d9 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/lib... Size/MD5: 168072 c7690f437e4bd147259cda6352735c39 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/lib... Size/MD5: 128792 e6b46d8085bb71e0a02bf4df562d5304 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/lib... Size/MD5: 184958 e577ec3493ceece312868c1b1525a15f http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/lib... Size/MD5: 640944 58e1b7fa33efd64fc7e76882644d4043 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/moz... Size/MD5: 9633508 d1e37ae68a659971781656f6538990a5 http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 403276 e50f3bbac2e41bb104eb5cc295faaa6a http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 158324 80ee24d10d7096535ca385c31e6c3e15 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/moz... Size/MD5: 3345344 6fabf6cc2e004b1198e020955dd8ae8d http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 115828 914b74534f1f1acc7ef824213e183207 http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 204166 ef89a748349c8b6d8d34669299826c72 http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 1780872 46d444ebdc9275f2f6af5e44386fda3a http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/moz... Size/MD5: 188690 fccd761b19b934c65b85692f48c1762f http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 1040 7e8d5ad979310554776283e3214e3fca powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/lib... Size/MD5: 168068 df3bd44e30b8879676bc16add8f8f8d7 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/lib... Size/MD5: 127516 7581cd6555ad4361a5c71712ef033a3b http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/lib... Size/MD5: 184962 f4acb756cb1e06d318dd47fa116ceb95 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/lib... Size/MD5: 715266 eba1496eaefd0d5518fbf760f2ab797d http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/moz... Size/MD5: 9185774 7ffeea84795d0e04d0c8f322986a93bc http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 403266 1a4b5095e6189487f92759c56538a249 http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 158326 f451a11b17886ab40ffc5a6318a1c3ed http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/moz... Size/MD5: 3340928 84ad67e980f33f3851be557e3925d117 http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 114572 f0b66f845fa37fb4fe8446390a9febe2 http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 204162 dbc4ea2f92922d2c4e971f93c0654a8b http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 1643070 50861039ddbc58e3af7ea190a3741bc2 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/moz... Size/MD5: 175956 c2ee0dd5fe36227e6ba889f536572404 http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 1042 294f7978e129035d0ddd01d5c80a28b7 Updated packages for Ubuntu 5.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/moz... Size/MD5: 405485 13b07818d2a9c3a822a3ca8401a7bae1 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/moz... Size/MD5: 1080 0a4ccbdb5a99be291f96831b89518c40 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/moz... Size/MD5: 38788839 db906560b5abe488286ad1edc21d52b6 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/lib... Size/MD5: 168034 7519d27e8092bb5580b1247f2fc5b5d2 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/lib... Size/MD5: 144144 a6dc385f53c79685e2b279cb9e36b5d9 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/lib... Size/MD5: 184944 7bf1d7cc91284ea519b7b12294ba06f6 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/lib... Size/MD5: 719760 d8ad4ba840f6228d44721c4d6659bf03 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/moz... Size/MD5: 10677284 95caf43274622ca4d152b69e41794768 http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 403240 36bd0aa4b881b5b5ab233398b94c4b6c http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 158304 fdb8c415490ed55058213509bef937a4 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/moz... Size/MD5: 3348658 b9a541dee238a3ae69187d3fc2f86a99 http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 122354 3bccc7529278385f8a08218911cb4941 http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 204136 604e32b34b597cae8e6f5bb467adf760 http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 1962890 9f389ecdb51eae26a216239cc41f7472 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/moz... Size/MD5: 204424 8eb5609b154d3316f93c885869d256af http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 1030 3a99313ff3bda75788f3c53a98703568 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/lib... Size/MD5: 168032 0ac1e3dcf83ed167c4dd5b753fc3f86e http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/lib... Size/MD5: 129510 288838a25b84ab3ef0ce8abb78826a70 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/lib... Size/MD5: 184926 3739546c136ef47131c0c56f215f13b8 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/lib... Size/MD5: 635804 f3a85be693448a98f32ade7ccf0d572a http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/moz... Size/MD5: 9192548 87ce9472ff327ee15c061ca894f4c502 http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 403242 e10c7357c9abe4ff1c65b98ef04d8cca http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 158306 da45278e8bbb9df31482e44355bb3022 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/moz... Size/MD5: 3338184 2dc446ab7c26e4e16c06f39e4181b2d6 http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 115300 969aeb4a686fe1706d62cac1a55c88ee http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 204136 5c6604b2af81921b94dee9d6ab25fef4 http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 1691542 a26eea78868e8b914fdeb244e0a5ce99 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/moz... Size/MD5: 179006 478f4d4935d60cf5b540bbf2b9584015 http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 1032 b0690b4026428358310227b62e86a201 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/lib... Size/MD5: 168044 4b49416501a5cf3dde11c85bca9d4003 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/lib... Size/MD5: 131208 8ae16b24d772df785f7ac7b45994bf81 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/lib... Size/MD5: 184944 c605f3e46e6eec714c52bdca024bf5cd http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/lib... Size/MD5: 697346 57c40323da49beb71ee92e628c513412 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/moz... Size/MD5: 9271350 ab423ec59fdc70062f5475abdf224450 http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 403248 638114d07b0e92e0dbf53889a93db2e9 http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 158316 82cf9eec804814c40b80743cfaa40c0c http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/moz... Size/MD5: 3337212 c77a728d100e4a814292c1ebf058b206 http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 115338 ee431929c1d42fea57deed6af5821222 http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 204132 d320df4c82bec0dbea9e23eac86e0c52 http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 1671452 6cfcd9843412b61bb38cc8b6e6347d36 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/moz... Size/MD5: 175960 445a0a66e665dd7fa1e19b17ebbc68e7 http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 1030 2f1b913bfec084dce97507bcb316184c sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/lib... Size/MD5: 168044 b0283b659cac7e9fda0a52903183cc1a http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/lib... Size/MD5: 127776 dc6a2efef62c01494a86ce8d1db0cf0d http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/lib... Size/MD5: 184934 216d6c3730e6814bb553319b2c38a4a5 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/lib... Size/MD5: 631150 18932e443011e4d18ab953eab47fb9b9 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/moz... Size/MD5: 9017638 35b2c93ab3e9f139971fc78230d8caf6 http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 403236 89978443b4a64d64da69b7d771baa4b1 http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 158310 f8a4927cb65d95afa9a700214d98cf6d http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/moz... Size/MD5: 3336676 0d0b547f174249216f06176b06e6ca1b http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 113838 a676537e1727286d1cdbe93072d120d2 http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 204134 678ada2642462d3267403d1459e77b54 http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 1629864 ee75fea2ad24654db58d59a72a4a0086 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla/moz... Size/MD5: 170498 95c70a127d1b1c63e8530d1804e71cf2 http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla... Size/MD5: 1038 0e2e0a04322e4f24d7982cd10e16669d -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-security... (Log in to post comments)
|
||||||||||||||||