Linux Security
Linux Security
Linux Security

Debian: DSA-2124-1: New Xulrunner packages fix several vulnerabilities

Date 01 Nov 2010
Posted By LinuxSecurity Advisories
Several vulnerabilities have been discovered in Xulrunner, the component that provides the core functionality of Iceweasel, Debian's variant of Mozilla's browser technology.
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-2124-1                  This email address is being protected from spambots. You need JavaScript enabled to view it.                           Florian Weimer
November 01, 2010           
- ------------------------------------------------------------------------

Package        : xulrunner
Vulnerability  : several
Problem type   : local (remote)
Debian-specific: no
CVE Id(s)      : CVE-2010-3765 CVE-2010-3174 CVE-2010-3176 CVE-2010-3177 CVE-2010-3178 CVE-2010-3179 CVE-2010-3180 CVE-2010-3183

Several vulnerabilities have been discovered in Xulrunner, the
component that provides the core functionality of Iceweasel, Debian's
variant of Mozilla's browser technology.

The Common Vulnerabilities and Exposures project identifies the
following problems:

	Xulrunner allows remote attackers to execute arbitrary code
	via vectors related to nsCSSFrameConstructor::ContentAppended,
	the appendChild method, incorrect index tracking, and the
	creation of multiple frames, which triggers memory corruption.

	Multiple unspecified vulnerabilities in the browser engine in
	Xulrunner allow remote attackers to cause a denial of service
	(memory corruption and application crash) or possibly execute
	arbitrary code via unknown vectors.

	Multiple cross-site scripting (XSS) vulnerabilities in the
	Gopher parser in Xulrunner allow remote attackers to inject
	arbitrary web script or HTML via a crafted name of a (1) file
	or (2) directory on a Gopher server.

	Xulrunner does not properly handle certain modal calls made by
	javascript: URLs in circumstances related to opening a new
	window and performing cross-domain navigation, which allows
	remote attackers to bypass the Same Origin Policy via a
	crafted HTML document.

	Stack-based buffer overflow in the text-rendering
	functionality in Xulrunner allows remote attackers to execute
	arbitrary code or cause a denial of service (memory corruption
	and application crash) via a long argument to the
	document.write method.

	Use-after-free vulnerability in the nsBarProp function in
	Xulrunner allows remote attackers to execute arbitrary code by
	accessing the locationbar property of a closed window.

	The LookupGetterOrSetter function in Xulrunner does not
	properly support window.__lookupGetter__ function calls that
	lack arguments, which allows remote attackers to execute
	arbitrary code or cause a denial of service (incorrect pointer
	dereference and application crash) via a crafted HTML

In addition, this security update includes corrections for regressions
caused by the fixes for CVE-2010-0654 and CVE-2010-2769 in DSA-2075-1
and DSA-2106-1.

For the stable distribution (lenny), these problems have been fixed in

For the unstable distribution (sid) and the upcoming stable
distribution (squeeze), these problems have been fixed in version
3.5.15-1 of the iceweasel package.

We recommend that you upgrade your Xulrunner packages.

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Source archives:
    Size/MD5 checksum:     1755 e07e9c6f05d92caf3c5a068b8cf249e1
    Size/MD5 checksum: 44174623 83667df1e46399960593fdd8832e958e
    Size/MD5 checksum:   176924 9ac56cbdededbd37f30b2fbf85724ba1

Architecture independent packages:
    Size/MD5 checksum:  1466740 4db5a3cb380642680fc8584bbd559c1c

alpha architecture (DEC Alpha)
    Size/MD5 checksum:   223584 461a28c6405acd4f9bb0576e2982da4e
    Size/MD5 checksum:  9491974 d636e29b64c83a2a43d7cf50231ef343
    Size/MD5 checksum:  3358362 08e9f79784ad3ba52a30aa1e71553d95
    Size/MD5 checksum:   113684 95e4be0c1b10b218859e810ded67ce0d
    Size/MD5 checksum: 51201246 ad06f952e5d32680b1739970c0af38d3
    Size/MD5 checksum:   165678 3336d43295e15ec246acb9d65aa1684b
    Size/MD5 checksum:   940892 45e2a60037bb7bff9c73c882d87d7dbc
    Size/MD5 checksum:    72724 742cc5e1c363163a192c6cb6fdb5205a
    Size/MD5 checksum:   433560 ea475e8ea28eef6f33881499cfe4179a

amd64 architecture (AMD x86_64 (AMD64))
    Size/MD5 checksum:    70560 9b6ee7fb354dae5d78b03911ee5de94c
    Size/MD5 checksum:   102210 3ec67b7e662e5a28228422676408138a
    Size/MD5 checksum:   891472 54b7b88accdfc1afe4f3e35669323c26
    Size/MD5 checksum:   375598 8c057b0858c9518ec39c64a9e378998c
    Size/MD5 checksum:   153740 d3803bab845ace63025958f0035cee51
    Size/MD5 checksum:  3298226 4832e7665e19a3301587f45657613c8a
    Size/MD5 checksum:   223568 f464b4aa584a79a5639d3c7361df8437
    Size/MD5 checksum: 50454656 0743e8ba1643eef745c87c59cc17c554
    Size/MD5 checksum:  7734448 c872c7bf80990a6d80e79d1147cf4701

arm architecture (ARM)
    Size/MD5 checksum:   351476 6b3d9c8fe879e8963523443c4c9a0741
    Size/MD5 checksum:    68742 41a546be60e4d7c1c5d03e9e994b89f9
    Size/MD5 checksum:   141078 99a1ca3e81b9b8d8769d044115f7e349
    Size/MD5 checksum:  3586576 9eccd861365ab77dc6ced37bf9430e58
    Size/MD5 checksum: 49403312 80ee2609ed8657844eb34d12096f17b0
    Size/MD5 checksum:    84422 242a44cfe822e79975f291553cf26d86
    Size/MD5 checksum:   815626 453e7cb1e3823a9196cf4a4338116834
    Size/MD5 checksum:  6807342 ff5e6f9aaeb25dff90ce89dd2cc60652
    Size/MD5 checksum:   222578 5bc459b6b8e2af17cac9b18dfc1b82e3

armel architecture (ARM EABI)
    Size/MD5 checksum:    71074 755a0a4267349287b1da5de5e9be0021
    Size/MD5 checksum: 50231752 b2bb2fbb6964339ea465f495a19dea81
    Size/MD5 checksum:   223724 ead62af874d36c771f1f25c146982d84
    Size/MD5 checksum:   353748 1606af72d97b8ca06792f90326f23b8d
    Size/MD5 checksum:    84326 9737260affb7e38ea553d72c07b4ecd2
    Size/MD5 checksum:   142212 973e6e0e3eba1bcb451fbf9519cb261b
    Size/MD5 checksum:  3583542 0c64d395a9b6d8295438e4163110bb58
    Size/MD5 checksum:  6967098 be90fb28695ebf960668af8787923749
    Size/MD5 checksum:   824452 b210f74f1d99e6c1d9adbfb5e55225cb

i386 architecture (Intel ia32)
    Size/MD5 checksum:  6614408 93c72cde788476b48dacd580a8f0f0b8
    Size/MD5 checksum:   143160 b5e3590ebdbf7223c0bac024af05b5f2
    Size/MD5 checksum: 49607238 0f4cd75a85c5ae2e17e340c52481cb77
    Size/MD5 checksum:   852434 78449aa7888666a397684634e96070d5
    Size/MD5 checksum:    69152 9e8724cdf374b7b228f534f04a631f72
    Size/MD5 checksum:    79750 c3e7e841531ea35242fe2a2d511ef704
    Size/MD5 checksum:   224634 51de208fab610ca69ae485c5621aca72
    Size/MD5 checksum:   352144 5b52b17bfdf01bf8f30305e4ed7e48b1
    Size/MD5 checksum:  3574880 c443390f8b9ef56b5e0ce7b4edfc91e0

ia64 architecture (Intel ia64)
    Size/MD5 checksum:   121966 55eb541ff1cce6c6f8edf6f8ed4d0ea2
    Size/MD5 checksum:   223578 c2bd9d8d641d2e57a31621613fa19fa7
    Size/MD5 checksum:  3401224 1f5b77b79cdd20fc741ed9fac2cffc87
    Size/MD5 checksum: 49791322 7cfc30611f2acaa91cabee8f0a7c6259
    Size/MD5 checksum:    76990 e59e3e9eadd95fb0a5cc6453bdaeff0b
    Size/MD5 checksum:   542938 17a363bae7a8fbc5973ce38e2d99b8ee
    Size/MD5 checksum:   180670 f1bfb87d0370d165254c7192d066764f
    Size/MD5 checksum:   811756 046cde5fd861d4fdae89b079726ce972
    Size/MD5 checksum: 11320366 9893c16ece56647f42702eb2e173e671

mips architecture (MIPS (Big Endian))
    Size/MD5 checksum:    96770 0fac3de71825c688751b5c40b95c8d98
    Size/MD5 checksum:    69814 8a8b34fedb2d35fcea5c281aa252c8ae
    Size/MD5 checksum:   222760 54aa507a287a89f2f395c46d10ced43b
    Size/MD5 checksum:   917958 27ac8e895138f658dd88fdadaef6d453
    Size/MD5 checksum:  7674738 68b41bbb0ade1076f3ff9d502e07e683
    Size/MD5 checksum:  3612480 bfe2fe243bc6a63445c8afed1d8f42f4
    Size/MD5 checksum: 51958928 caf4012f9054b5ddb9d1034d4f6a2310
    Size/MD5 checksum:   380340 607b465eab33052962ed2e2bf407b202
    Size/MD5 checksum:   144924 c668c26f27148096fdd00b4ccdf57603

mipsel architecture (MIPS (Little Endian))
    Size/MD5 checksum:   145522 d9ab5a31361170b1929e5e3fc8d3737f
    Size/MD5 checksum:   901150 93a76c67627dcede38ede95ef0dbab24
    Size/MD5 checksum:   379500 cdd76a729549920fa7c43ad34904876a
    Size/MD5 checksum:  3312100 42d95093bed6583e44f9ada333663b96
    Size/MD5 checksum:    97214 7ac3fe244d75bd86ed505057c88b38b5
    Size/MD5 checksum: 50087916 974829f5edf774ccad8a7960db5c504f
    Size/MD5 checksum:    70344 f53cab5743dd5d1909e5258715cd1086
    Size/MD5 checksum:  7389996 f1b3960ade2639292a0da9fcbd61f02c
    Size/MD5 checksum:   223582 edc6ad64cd525b4daae6fd999c8d19d7

powerpc architecture (PowerPC)
    Size/MD5 checksum:    94838 a4e8fa67eeaff37d5a446e77267258c9
    Size/MD5 checksum:   363960 2d4c97ca00e68f6bd6e27afd48de5f1f
    Size/MD5 checksum:  7310408 1d29190b38183dc74fa0875ff711ffd3
    Size/MD5 checksum:   153028 670b97cca442bed3a3e4650e2627009f
    Size/MD5 checksum: 51515576 c4c9a54f4a99ba7091101e110e28f017
    Size/MD5 checksum:    73840 becb987c75679d68d168a0cc48c74808
    Size/MD5 checksum:  3594708 66e0554415ceeebf5d82dce11fbc7085
    Size/MD5 checksum:   223610 a449f47ed74e8b0b63bea10db09a426d
    Size/MD5 checksum:   889260 a38eca26e981a4a6f3b6d4ee66a5844b

s390 architecture (IBM S/390)
    Size/MD5 checksum:  8428652 b9c392806759ca7581f0f145b99de35a
    Size/MD5 checksum:   223378 1be85952bf41e41bf5b54731b33a3ab6
    Size/MD5 checksum:  3609788 9487f101466ff241d70aae1fe3065833
    Size/MD5 checksum: 51305860 158c80447223be1274ba3989c40c9c66
    Size/MD5 checksum:   105898 710c5b7e247627f1b71d0f45fadc6f49
    Size/MD5 checksum:   909890 cc44415e624fb85ec0c15701ad9323f4
    Size/MD5 checksum:   155634 9bf9c3e1112b7e375c093344811ad80e
    Size/MD5 checksum:   407812 d8a32aaca5153e1a7b1a16eb845adeca
    Size/MD5 checksum:    73694 4c6e5f8fe51261b53bedf2c2a86c253b

sparc architecture (Sun SPARC/UltraSPARC)
    Size/MD5 checksum:   350814 3fca198c20594b5186c6af4374137441
    Size/MD5 checksum:  3573188 4e66692a21ba0b801e0738755622b32d
    Size/MD5 checksum:   822252 d8d12bad98ff28922292dd6ac0033d41
    Size/MD5 checksum:   143946 62c97e42c256b5f1b00a296929dca270
    Size/MD5 checksum:    69772 2589d7c12b722e1143a481c9f950830a
    Size/MD5 checksum:    88688 d8ad8c57f7a2323c56030ae63d2af1a3
    Size/MD5 checksum:  7185904 6decab3add2327b2e45f92b7fc11f607
    Size/MD5 checksum:   224374 ce1dc6ac823828c32fd31d440590d099
    Size/MD5 checksum: 49466464 5b94316f597a4c08377976e5075483c5

  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
Package info: `apt-cache show ' and


LinuxSecurity Poll

How frequently do you patch/update your system?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum 0 answer(s) and maximum 3 answer(s).
[{"id":"179","title":"As soon as patches\/updates are released - I track advisories for my distro(s) diligently","votes":"41","type":"x","order":"1","pct":83.67,"resources":[]},{"id":"180","title":"Every so often, when I think of it","votes":"4","type":"x","order":"2","pct":8.16,"resources":[]},{"id":"181","title":"Hardly ever","votes":"4","type":"x","order":"3","pct":8.16,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

Please vote first in order to view vote results.



bottom 200

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.