Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 454
Alerts This Week
Warning Icon 1 454

Debian: DSA-1951-1 Critical: firefox-sage Cross-Site Scripting

debian
Calendar Grey December 15, 2009
Debian Logo
Ubuntu Security Notice USN-1234-1 deals with inadequate validation of user input in thunderbird-extensions. It is advised to update immediately.
It was discovered that firefox-sage, a lightweight RSS and Atom feed reader for Firefox, does not sanitise the RSS feed information correctly, which makes it prone to a cross-site ...

Summary


For the stable distribution (lenny), this problem has been fixed in
version 1.4.2-0.1+lenny1.

For the oldstable distribution (etch), this problem has been fixed in
version 1.3.6-4etch1.

For the testing distribution (squeeze) and the unstable distribution
(sid), this problem has been fixed in version 1.4.3-3.


We recommend that you upgrade your firefox-sage packages.


Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch

Debian (oldstable)
- ------------------

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

...

Read the Full Advisory

Severity
critical
Lowest
Low
Medium
High
Critical

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.