Explore top 10 tips to secure your open-source projects now. Read More
×
This update provides compatible ubufox packages for the latest Firefox.
Software Description:
- ubufox: Ubuntu Firefox specific configuration defaults and apt support
Details:
USN-1638-1 fixed vulnerabilities in Firefox. This update provides an
updated ubufox package for use with the latest Firefox.
Original advisory details:
Gary Kwong, Jesse Ruderman, Christian Holler, Bob Clary, Kyle Huey, Ed
Morley, Chris Lord, Boris Zbarsky, Julian Seward, Bill McCloskey, and
Andrew McCreight discovered multiple memory safety issues affecting
Firefox. If the user were tricked into opening a specially crafted page, an
attacker could possibly exploit these to cause a denial of service via
application crash, or potentially execute code with the privileges of the
user invoking Firefox. (CVE-2012-5842, CVE-2012-5843)
Atte Kettunen discovered a buffer overflow while rendering GIF format
images. An attacker could exploit this to possibly execute arbitrary code
...
The problem can be corrected by updating your system to the following package versions: Ubuntu 12.10: xul-ext-ubufox 2.6-0ubuntu0.12.10.1 Ubuntu 12.04 LTS: xul-ext-ubufox 2.6-0ubuntu0.12.04.1 Ubuntu 11.10: xul-ext-ubufox 2.6-0ubuntu0.11.10.1 Ubuntu 10.04 LTS: xul-ext-ubufox 2.6-0ubuntu0.10.04.1 After a standard system update you need to restart Firefox to make all the necessary changes.
https://ubuntu.com/security/notices/USN-1638-2
https://ubuntu.com/security/notices/USN-1638-1
https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1080211
Get the latest Linux and open source security news straight to your inbox.