Slackware alert SSA:2005-135-01 (mozilla)
| From: | Slackware Security Team <security@slackware.com> | |
| To: | slackware-security@slackware.com | |
| Subject: | [slackware-security] Mozilla/Firefox (SSA:2005-135-01) | |
| Date: | Sun, 15 May 2005 23:54:22 -0700 (PDT) |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] Mozilla/Firefox (SSA:2005-135-01) New Mozilla packages are available for Slackware 10.0, 10.1, and -current to fix various security issues and bugs. See the Mozilla site for a complete list of the issues patched: http://www.mozilla.org/projects/security/known-vulnerabil... Also updated is Firefox in Slackware -current. New versions of the mozilla-plugins symlink creation package are also out for Slackware 10.0 and 10.1, and a new version of the jre-symlink package for Slackware -current. Here are the details from the Slackware 10.1 ChangeLog: +--------------------------+ patches/packages/mozilla-plugins-1.7.8-noarch-1.tgz: Upgraded Java(TM) symlink for Mozilla. patches/packages/mozilla-1.7.8-i486-1.tgz: Upgraded to mozilla-1.7.8. Two vulnerabilities found in Mozilla Firefox 1.0.3 when combined allow an attacker to run arbitrary code. The Mozilla Suite version 1.7.7 is only partially vulnerable. For more details, see: http://www.mozilla.org/security/announce/mfsa2005-42.html (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Updated packages for Slackware 10.0: ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patc... ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patc... Updated packages for Slackware 10.1: ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patc... ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patc... Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/s... ftp://ftp.slackware.com/pub/slackware/slackware-current/s... ftp://ftp.slackware.com/pub/slackware/slackware-current/s... MD5 signatures: +-------------+ Slackware 10.0 packages: fa412bdee8c1f1971f710c87e9a6fc94 mozilla-1.7.8-i486-1.tgz a70a4e7e5c0e7e3bf916eebfb25a4e99 mozilla-plugins-1.7.8-noarch-1.tgz Slackware 10.1 packages: e3c9c5acdd01db0cda3f73e7bea1e4ad mozilla-1.7.8-i486-1.tgz 12df49ed6bab71e4ad8ec27781477609 mozilla-plugins-1.7.8-noarch-1.tgz Slackware -current packages: 40f9f9f2c048dede809698042b801784 jre-symlink-1.0.4-noarch-1.tgz e510ab3d049bc31877e49efa7dcb668c mozilla-1.7.8-i486-1.tgz e62f390e7f4fdc1d46352fbb90a7580c mozilla-firefox-1.0.4-i686-1.tgz Installation instructions: +------------------------+ Upgrade the packages as root: # upgradepkg mozilla-1.7.8-i486-1.tgz mozilla-plugins-1.7.8-noarch-1.tgz +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. | +------------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.7 (GNU/Linux) iD4DBQFCiDkIakRjwEAQIjMRAj/AAJjfPa/ARLm9e+KgAhNoV2heMdoLAJ0XbbNx ORt9A/fzUC5qYZqicLHQUA== =TPsj -----END PGP SIGNATURE-----