Linux Security
    Linux Security
    Linux Security

    Debian: DSA-1751-1: New xulrunner packages fix several vulnerabilities

    Date 22 Mar 2009
    Posted By LinuxSecurity Advisories
    Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems:
    Hash: SHA1
    - ------------------------------------------------------------------------
    Debian Security Advisory DSA-1751-1                  This email address is being protected from spambots. You need JavaScript enabled to view it.                       Moritz Muehlenhoff
    March 22, 2009              
    - ------------------------------------------------------------------------
    Package        : xulrunner
    Vulnerability  : several
    Problem-Type   : remote
    Debian-specific: no
    CVE ID         : CVE-2009-0771 CVE-2009-0772 CVE-2009-0773 CVE-2009-0774 CVE-2009-0775 CVE-2009-0776
    Several remote vulnerabilities have been discovered in Xulrunner, a 
    runtime environment for XUL applications, such as the Iceweasel web
    browser. The Common Vulnerabilities and Exposures project identifies
    the following problems:
        Martijn Wargers, Jesse Ruderman and Josh Soref discovered crashes
        in the layout engine, which might allow the execution of arbitrary
        Jesse Ruderman discovered crashes in the layout engine, which
        might allow the execution of arbitrary code.
        Gary Kwong, and Timothee Groleau discovered crashes in the
        Javascript engine, which might allow the execution of arbitrary code.
        Gary Kwong discovered crashes in the Javascript engine, which
        might allow the execution of arbitrary code. 
        It was discovered that incorrect memory management in the DOM
        element handling may lead to the execution of arbitrary code.
        Georgi Guninski discovered a violation of the same-origin policy
        through RDFXMLDataSource and cross-domain redirects.
    For the stable distribution (lenny), these problems have been fixed
    in version
    As indicated in the Etch release notes, security support for the
    Mozilla products in the oldstable distribution needed to be stopped
    before the end of the regular Etch security maintenance life cycle.
    You are strongly encouraged to upgrade to stable or switch to a still
    supported browser.
    For the unstable distribution (sid), these problems have been fixed in
    We recommend that you upgrade your xulrunner packages.
    Upgrade instructions
    - --------------------
    wget url
            will fetch the file for you
    dpkg -i file.deb
            will install the referenced file.
    If you are using the apt-get package manager, use the line for
    sources.list as given below:
    apt-get update
            will update the internal database
    apt-get upgrade
            will install corrected packages
    You may use an automated update by adding the resources from the
    footer to the proper configuration.
    Debian (stable)
    - ---------------
    Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
    Source archives:
        Size/MD5 checksum:   115363 a077fce4011900bca3eb9e29d28eb156
        Size/MD5 checksum:     1777 126e1707100d3ece9b99a02a81513b4d
        Size/MD5 checksum: 43683292 f49b66c10e021debdfd9cd3705847d9b
    Architecture independent packages:
        Size/MD5 checksum:  1480194 620fc7b640eb5c63f49faf6d0273700f
    alpha architecture (DEC Alpha)
        Size/MD5 checksum:   164564 c0fd815c4bc62979145b677ce27b80b9
        Size/MD5 checksum: 50856168 1cfd2129fdc1ca3a315bc2535ffff1d4
        Size/MD5 checksum:   931396 b3d0b53f040d6eca7df0aedd0be3b1c4
        Size/MD5 checksum:    71264 3020f67741813bc7bad96ec40e4a29ba
        Size/MD5 checksum:  9454574 983086d1b4955ad7f4005a18b88cae03
        Size/MD5 checksum:   112468 4b09f161e1e14636b3e1c35bb90c3cb7
        Size/MD5 checksum:   222116 9f061216f1515d1fec49bf1518514345
        Size/MD5 checksum:   429174 cda6eafe993cba8eea7c2c5542e51d07
        Size/MD5 checksum:  3350056 68af1a8546c0c057992982e56d723183
    amd64 architecture (AMD x86_64 (AMD64))
        Size/MD5 checksum:  3585686 9cf3e7a022eef14cd6ad4cbf045187bf
        Size/MD5 checksum:  7725014 d2c6f63ffb8f4f7e64334922c4a6f6a7
        Size/MD5 checksum:   222938 f5ab6707450239cf8b174f152bd6bb5c
        Size/MD5 checksum:   884738 e40c8d2a2124f432dd563fd5a125a474
        Size/MD5 checksum:   372702 09f6a6b6b26810e2d2d2300cea4214c2
        Size/MD5 checksum:   100906 9740761c3310e359b835750393d9bff3
        Size/MD5 checksum: 50089312 7bed62ba6c681f8471349067b49a21e2
        Size/MD5 checksum:   150788 ee0af9ae8d7d0de977519ade100816de
        Size/MD5 checksum:    69536 0ff41a18d4f5882ceda600df64824986
    arm architecture (ARM)
        Size/MD5 checksum:  3577066 27719e4f71eb2e5b481fa0f3d7912bce
        Size/MD5 checksum:    66984 8c679ebba32b1384af3a5750465320c7
        Size/MD5 checksum:   222462 f4a7d49354a748f8830294948a7b8f04
        Size/MD5 checksum: 49032344 0c05d7175e9eb22094469fc9de6f2a98
        Size/MD5 checksum:   348220 b0927e0140c489f5c3f4b09564133af9
        Size/MD5 checksum:    83276 2004387ddc73135e25a67c138317d7cb
        Size/MD5 checksum:   814128 eecb02f7ef826ad4741a713765f2440e
        Size/MD5 checksum:   141012 7f077dcd313b0f640d1e7340ce8b774a
        Size/MD5 checksum:  6786524 5fafacbb4dde702dcc1c1773bb199d50
    armel architecture (ARM EABI)
        Size/MD5 checksum:   142040 2c1eae7a96c613fee3732c913b43adac
        Size/MD5 checksum:   350054 cb36bc0c50f0dffc791e427adbb2f8ff
        Size/MD5 checksum:  6936596 927276975d4714ab8520f7cb945f1cf1
        Size/MD5 checksum:    83708 7ed5af9fe74ffcfa9a71cc85021c3b69
        Size/MD5 checksum:    69486 ec64732e668c780f8ccb4f78ac7f64c0
        Size/MD5 checksum:  3566506 a33c277b7d635b7043218bb2ce05e190
        Size/MD5 checksum:   819682 f783514a4de2459f49390e42b6d6447b
        Size/MD5 checksum:   222460 17f2114e6163b4791f961686fe89a31d
        Size/MD5 checksum: 49868760 5c75352b7ef5316a34b6e67d11e9d8e1
    hppa architecture (HP PA RISC)
        Size/MD5 checksum:    70404 4760f85c0f04f072eede4b4c993dc038
        Size/MD5 checksum:   105120 59fcbdf19602eadde509c857c6611511
        Size/MD5 checksum: 50962534 4e2122f350c3899f0e33c174aa65e064
        Size/MD5 checksum:   220312 6730d3f02bd85e667578eff3ba3f7880
        Size/MD5 checksum:   409572 6507c866cd3041722cce0e7207430267
        Size/MD5 checksum:  9489732 ccc8bd8c33552249db59ab482b2fc85b
        Size/MD5 checksum:   158444 02479aa20123f80bf84e733a88740a46
        Size/MD5 checksum:   900116 f43a05fce0c6f737050f2787bc4176d1
        Size/MD5 checksum:  3612456 69480768a70e8c513056a1632d715719
    i386 architecture (Intel ia32)
        Size/MD5 checksum: 49253286 a8efd19e7bb8008e42bcab702f49ac65
        Size/MD5 checksum:  3560196 c8f88642731a342281e4abac8159969d
        Size/MD5 checksum:  6584450 1adc7a600221da6e0313b5df52ac4b99
        Size/MD5 checksum:    78424 7584ebab2c66bde81cf2de1cd2a60a65
        Size/MD5 checksum:   347690 3d7d9e4d22c025474b02b25f01a10ce4
        Size/MD5 checksum:   222096 beaca0c2e1ed1686e5934aeee0924fd4
        Size/MD5 checksum:   847956 4441b1303937f9c7b3a4144a301e9ac3
        Size/MD5 checksum:    67116 7d6fed955ffe93aa0d5c3c9185de6d19
        Size/MD5 checksum:   140758 d0a9d5b44c672873895dfd46acdd71df
    ia64 architecture (Intel ia64)
        Size/MD5 checksum:    75374 1d9263ff70da1e02ae9349915511851e
        Size/MD5 checksum:  3391498 3f2cd5e728ec8554791f9bef836766a4
        Size/MD5 checksum:   222110 0c00014265961c8949e23fb96d0dfc09
        Size/MD5 checksum: 49419014 87248376eab071d07031f24688b91145
        Size/MD5 checksum: 11270906 42ca2d74d8831d3cd1e8e19f48bc6389
        Size/MD5 checksum:   808954 707431b1a1267703425dbace2e5c1a28
        Size/MD5 checksum:   538408 ab19b31e20be1fa77dc349402eeed551
        Size/MD5 checksum:   120858 ced6b90e73cf3e7cc27a92fc39e9c75a
        Size/MD5 checksum:   179372 c4a804f4971b1b3a72b4894d6233081a
    mips architecture (MIPS (Big Endian))
        Size/MD5 checksum:    96414 6c8171ad03a06a3bc1123c9fe2c5d08d
        Size/MD5 checksum:   222124 c9675f735e3acb3b2a0ac7115a7fc2c5
        Size/MD5 checksum:    68950 41e83fca37a1226743255a58a5d74c97
        Size/MD5 checksum:  3301768 3ba5887b03da79d395279a116eae5950
        Size/MD5 checksum: 51597006 03323bff63d234839d8379372e76a7ee
        Size/MD5 checksum:   377204 9431e3f1eed2875724ce3a1ce4109a7a
        Size/MD5 checksum:   914694 225f03925a4854fd44c40c963c1c7220
        Size/MD5 checksum:   144624 5a3164adbed9b29bca8d357e34f020a9
        Size/MD5 checksum:  7628860 f246218eaa05b3b68bc6e4c24508fefc
    mipsel architecture (MIPS (Little Endian))
        Size/MD5 checksum: 49718234 fd08349c08f096d10c17dcd4f6940c6c
        Size/MD5 checksum:   896428 7e82b46f300f734a3752a74829553a01
        Size/MD5 checksum:   222118 4bde9aa0bc7cde7cfc42c50cf2c4da9e
        Size/MD5 checksum:   144338 1dfe2f8820685451187c3f9e5569b668
        Size/MD5 checksum:   374968 4147d27ebd79a8aaf964e77dd37c3cf7
        Size/MD5 checksum:  7359526 3677db2270e5af3a0db404d19b01f02e
        Size/MD5 checksum:    96098 5e1934cd40bdc304e981e9d51c7ed2fb
        Size/MD5 checksum:  3302942 10093ab41c2ed71435fdf06096c72574
        Size/MD5 checksum:    68868 d59f630146380712affa185d33efa3e2
    powerpc architecture (PowerPC)
        Size/MD5 checksum:  3278568 9d8f127a1e2f32ae90733a10aef5fb45
        Size/MD5 checksum:    94100 02b51a465ecfde9f6f9d2805318d7b7c
        Size/MD5 checksum:   884998 ab510619eaf290934542966cdcd581ba
        Size/MD5 checksum: 51145988 83afaf73dda95ceb31712648e0ea4294
        Size/MD5 checksum:   359528 cd54efa7739fa3444d0c20732bcdf1b0
        Size/MD5 checksum:   222128 1cfc1b60f237b96ea119905285904977
        Size/MD5 checksum:    72050 cdc63404724032b6ea9d4a502cff0c8f
        Size/MD5 checksum:   151550 b466d593850fbacdb8234226a6dd0023
        Size/MD5 checksum:  7259288 21a4fabd2ce581b0b34a329cf6a2ec04
    s390 architecture (IBM S/390)
        Size/MD5 checksum:    71864 f0f904e2919c3279a99f87af3bcb3ebd
        Size/MD5 checksum: 50926048 9b248f7c28fb69fa7ef4861d2bfc46c5
        Size/MD5 checksum:   155472 4de500c06c47686624e0d600835081c4
        Size/MD5 checksum:   906128 e3130f9710b58ecd94989678a8de0efb
        Size/MD5 checksum:  8371282 5ce14c488364cdbd5b8fc21f82c7ba8f
        Size/MD5 checksum:   104890 8923ecdec8fa88f5160d5a89d0822d70
        Size/MD5 checksum:   222110 85e754f75f041290b0f145a90b5e8b14
        Size/MD5 checksum:   404008 2eb7ce2a970e1b80daf8b39a9544dc01
        Size/MD5 checksum:  3300828 79a033d7507ad304763da2f0eace04eb
    sparc architecture (Sun SPARC/UltraSPARC)
        Size/MD5 checksum:   222126 b916ccb55d2025e57c4a5c9a0cc0e36b
        Size/MD5 checksum:  7129850 d098285d531f5b079500df87b92ae2c8
        Size/MD5 checksum:    87528 9cef0ff7237588817ffee311cd8ee309
        Size/MD5 checksum: 49113068 44ecb5d08a583cdc1452a51607f0d86c
        Size/MD5 checksum:   347092 5db06002270413ee9a3a83cf6e3b7f74
        Size/MD5 checksum:  3267612 36ebb254a0061d52d214a351fff218b2
        Size/MD5 checksum:   142674 4a10eae4fa6ba4a1d69485cdf845cf73
        Size/MD5 checksum:    68892 7d76094b0617f2170009171da49476aa
        Size/MD5 checksum:   818644 17d2ad45f42c1dc0e73f85e6da5ce138
      These files will probably be moved into the stable distribution on
      its next update.
    - ---------------------------------------------------------------------------------
    For apt-get: deb stable/updates main
    For dpkg-ftp: dists/stable/updates/main
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    Package info: `apt-cache show ' and


    LinuxSecurity Poll

    I agree with Linus Torvalds - Apple's new M1-powered laptops should run on Linux.

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    [{"id":"158","title":"True","votes":"17","type":"x","order":"1","pct":3.32,"resources":[]},{"id":"159","title":"False","votes":"495","type":"x","order":"2","pct":96.68,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.