Linux Security
Linux Security
Linux Security

Debian: icedove fix several vulnerabilities DSA-1574-1

Date 12 May 2008
Posted By LinuxSecurity Advisories
Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client. The Common Vulnerabilities and Exposures project identifies the following problems:
- ------------------------------------------------------------------------
Debian Security Advisory DSA-1574-1                  This email address is being protected from spambots. You need JavaScript enabled to view it.                       Moritz Muehlenhoff
May 12, 2008                
- ------------------------------------------------------------------------

Package        : icedove
Vulnerability  : several
Problem-Type   : remote
Debian-specific: no
CVE ID         : CVE-2008-1233 CVE-2008-1234 CVE-2008-1235 CVE-2008-1236 CVE-2008-1237

Several remote vulnerabilities have been discovered in the Icedove mail
client, an unbranded version of the Thunderbird client. The Common
Vulnerabilities and Exposures project identifies the following problems:


    "moz_bug_r_a4" discovered that variants of CVE-2007-3738 and
    CVE-2007-5338 allow the execution of arbitrary code through


    "moz_bug_r_a4" discovered that insecure handling of event
    handlers could lead to cross-site scripting.

    Boris Zbarsky, Johnny Stenback, and "moz_bug_r_a4" discovered
    that incorrect principal handling can lead to cross-site
    scripting and the execution of arbitrary code.


    Tom Ferris, Seth Spitzer, Martin Wargers, John Daggett and Mats
    Palmgren discovered crashes in the layout engine, which might
    allow the execution of arbitrary code.


    "georgi", "tgirmann" and Igor Bukanov discovered crashes in the
    Javascript engine, which might allow the execution of arbitrary

For the stable distribution (etch), these problems have been fixed in

We recommend that you upgrade your icedove packages.

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian 4.0 (stable)
- -------------------

Stable updates are available for alpha, amd64, arm, hppa, i386, mipsel, powerpc, s390 and sparc.

Source archives:
    Size/MD5 checksum:     1982 750841a80bc12a55c8714049c8e2f102
    Size/MD5 checksum: 33904847 5533bdceb008204723782f850283be45
    Size/MD5 checksum:   640408 27408941d140932f9197f0547d7bb31d

Architecture independent packages:
    Size/MD5 checksum:    29250 21e65cf10c096d64a9d691d6f1e6cfec
    Size/MD5 checksum:    29242 276f8b7ae7bbaa8ec030e642fbb448c9
    Size/MD5 checksum:    29268 b67489e95d0d6b661377c98771a44155
    Size/MD5 checksum:    29276 35896da05ba12ac6acc6b24c6d509fd3
    Size/MD5 checksum:    29260 04188b5c68812ecf191d199a7429b492
    Size/MD5 checksum:    29264 4e27be46c0eab33d785e43dd19f8019c
    Size/MD5 checksum:    29254 15fec611ffe69560ff13f63177b8f257
    Size/MD5 checksum:    29272 b7e77da68082710c4421c0e411a8355f
    Size/MD5 checksum:    29246 63246087e1548ab3328052b93137a193
    Size/MD5 checksum:    29232 806bc19f2cc731028f9d10a614de3451

alpha architecture (DEC Alpha)
    Size/MD5 checksum: 52441922 19d7a51478aeb2356795355b28fd341e
    Size/MD5 checksum:   199552 bd9c6a981d4743d78498afc0c160b286
    Size/MD5 checksum:  3960108 44b30c24eff6c09076d80bc50bcb7ecb
    Size/MD5 checksum:    53710 35fa9294193939b1cfef617f214ea717
    Size/MD5 checksum: 13475852 797d32eeb2959e5f81537825e6400e25
    Size/MD5 checksum:    64472 7bb0141a1b699dbc26d3f0c43d1cda96

amd64 architecture (AMD x86_64 (AMD64))
    Size/MD5 checksum:  3679760 2be74437d2161071e69adeb9ae7ca909
    Size/MD5 checksum:    61718 d2c224bfe36b28b56999b84eb025b63a
    Size/MD5 checksum:    52682 6b320c569ff44560fa3debca9fc61199
    Size/MD5 checksum:   196280 a1b59bbc12dce9c50800805b1536497a
    Size/MD5 checksum: 51521766 26f926056b590c362c48c45419134e23
    Size/MD5 checksum: 12183028 9687de9ed8b52bc3b2f94c120d27b570

arm architecture (ARM)
    Size/MD5 checksum:   190322 45e6393607c33f4ecd17ac97ae3a1a71
    Size/MD5 checksum:    59394 01561cf45d17871fc09d1c8b71c278f9
    Size/MD5 checksum:  3923352 8d586d550bb46a0e718594ee40403a0c
    Size/MD5 checksum:    47616 cd497c92f494924ee0864615f909a35a
    Size/MD5 checksum: 10899636 aa73849db3b476f28bc1df10e85197a8
    Size/MD5 checksum: 50884498 77b1e9686fe268e8697305d00a7ddcfd

hppa architecture (HP PA RISC)
    Size/MD5 checksum:   200908 bf43001b7ea36ac2017fed0d5995abb4
    Size/MD5 checksum: 13645256 879dc4dafce6426453ff633ccbbed914
    Size/MD5 checksum:    53970 22c7fb95f0c09664eeebd79c99642fd0
    Size/MD5 checksum:    66264 9ff1df9182a8046ba3eb2a678d5df984
    Size/MD5 checksum: 52342386 c89a7aef07d1394f858f6f86e02267bf
    Size/MD5 checksum:  3958194 55eb990e93fece41ca1ba5008bdefe23

i386 architecture (Intel ia32)
    Size/MD5 checksum:   191326 044b8b6462f4f97ed794f8bb68c2f978
    Size/MD5 checksum:    58688 454b45fbd716656110858eac1f726ec4
    Size/MD5 checksum: 10915630 259b08e1e1d11463a8ef801b65a38866
    Size/MD5 checksum:    48678 3c9c56c959bfda5fcc8af67218f2d46f
    Size/MD5 checksum:  3676688 d1d32c190cb2ee48750f339e2158924c
    Size/MD5 checksum: 50792070 854983df69868204fda6ff5e2364d605

mipsel architecture (MIPS (Little Endian))
    Size/MD5 checksum:    49632 1a8803705eeabb9cc0271dbc92622d02
    Size/MD5 checksum:  3684240 603373481c8417f2cc1e5c1fefda4dbe
    Size/MD5 checksum: 51720194 3b00fd8f263a42dd063dfd0182628a0c
    Size/MD5 checksum:    59310 21fe1260c554ba22b7287a0097030df6
    Size/MD5 checksum:   192632 a0d990027ce888c6c4551d2e2912017e
    Size/MD5 checksum: 11364440 44c5674b80a8e91cceb80d3609ec9774

powerpc architecture (PowerPC)
    Size/MD5 checksum:  3679326 931cba187bccd68bbd374f7cfe9849b3
    Size/MD5 checksum: 53339970 d9984f24c76c765a4da7e479effde4f9
    Size/MD5 checksum: 11811386 b3e9e0f72162e51538667a29b7fde72e
    Size/MD5 checksum:    61092 2d7aefceabded3d7377ccd93e9984187
    Size/MD5 checksum:   193330 ee0580a84886eebdb24f4ccf26f5d4bc
    Size/MD5 checksum:    50240 d76bb7b61a861111841b558bd0d62124

s390 architecture (IBM S/390)
    Size/MD5 checksum: 52198524 1d4e2d10c96095ece6e5ef72e510167a
    Size/MD5 checksum:    53296 dd0b4567cddf2bb2059024a59fac71a2
    Size/MD5 checksum:  3682976 0e8fd8898a51d592259339c4815728f1
    Size/MD5 checksum:    62876 0c621aace4e543c3d563d6c9eda96482
    Size/MD5 checksum: 12844796 eb48aef48c73789e99af63593ab5cc99
    Size/MD5 checksum:   198050 b724ab8ffad1da2516b787bbd08ee5ab

sparc architecture (Sun SPARC/UltraSPARC)
    Size/MD5 checksum: 11122980 b9529ccfbaba2d55842700bcedf3e5a7
    Size/MD5 checksum: 50676676 e003473e7d4b16d51c82ec5a41c6c24a
    Size/MD5 checksum:    58758 32fd31881fc16d9b63fedfd67d181877
    Size/MD5 checksum:  3673632 a010187bf5fcb8915270f01e2625c444
    Size/MD5 checksum:   190856 964eefa305fbed0c638d338cd61efbd3
    Size/MD5 checksum:    48764 26d5a91f26d267f69e7fd3aa1cf1ffc9

  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.

LinuxSecurity Poll

How frequently do you patch/update your system?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum 0 answer(s) and maximum 3 answer(s).
[{"id":"179","title":"As soon as patches\/updates are released - I track advisories for my distro(s) diligently","votes":"47","type":"x","order":"1","pct":79.66,"resources":[]},{"id":"180","title":"Every so often, when I think of it","votes":"7","type":"x","order":"2","pct":11.86,"resources":[]},{"id":"181","title":"Hardly ever","votes":"5","type":"x","order":"3","pct":8.47,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

Please vote first in order to view vote results.



bottom 200

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.