Ubuntu 728-3: Firefox vulnerabilities

    Date05 Mar 2009
    CategoryUbuntu
    65
    Posted ByLinuxSecurity Advisories
    Jesse Ruderman and Gary Kwong discovered flaws in the browser engine.If a user were tricked into viewing a malicious website, a remoteattacker could cause a denial of service or possibly execute arbitrarycode with the privileges of the user invoking the program.(CVE-2009-0772, CVE-2009-0774) [More...]
    ===========================================================
    Ubuntu Security Notice USN-728-3             March 06, 2009
    firefox vulnerabilities
    CVE-2009-0772, CVE-2009-0774, CVE-2009-0776
    ===========================================================
    
    A security issue affects the following Ubuntu releases:
    
    Ubuntu 6.06 LTS
    
    This advisory also applies to the corresponding versions of
    Kubuntu, Edubuntu, and Xubuntu.
    
    The problem can be corrected by upgrading your system to the
    following package versions:
    
    Ubuntu 6.06 LTS:
      firefox                         1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1
    
    After a standard system upgrade you need to restart Firefox to effect the
    necessary changes.
    
    Details follow:
    
    Jesse Ruderman and Gary Kwong discovered flaws in the browser engine.
    If a user were tricked into viewing a malicious website, a remote
    attacker could cause a denial of service or possibly execute arbitrary
    code with the privileges of the user invoking the program.
    (CVE-2009-0772, CVE-2009-0774)
    
    Georgi Guninski discovered a flaw when Firefox performed a
    cross-domain redirect. An attacker could bypass the same-origin policy
    in Firefox by utilizing nsIRDFService and steal private data from
    users authenticated to the redirected website. (CVE-2009-0776)
    
    
    Updated packages for Ubuntu 6.06 LTS:
    
      Source archives:
    
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1.diff.gz
          Size/MD5:   184633 66352e9d64a82f556c3a6a80a19f3d29
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1.dsc
          Size/MD5:     1800 11a304a0a12f5ffa5e8e6c89405f0ccf
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080614k.orig.tar.gz
          Size/MD5: 48504132 171958941a2ca0562039add097278245
    
      Architecture independent packages:
    
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/mozilla-firefox_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_all.deb
          Size/MD5:    53670 3123a4a1f9077b5a51c46eba587e68bf
        http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_all.deb
          Size/MD5:    52784 d86f4a07d9dafcd213f89007315bc570
    
      amd64 architecture (Athlon64, Opteron, EM64T Xeon):
    
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_amd64.deb
          Size/MD5: 47681086 1633516de506b657356e114a60219054
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_amd64.deb
          Size/MD5:  2858988 de3255d758b85b8ddff5aeb096639a65
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_amd64.deb
          Size/MD5:    86052 aa737609f9bbba04c98024122cb820ca
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_amd64.deb
          Size/MD5:  9494082 c5a3121fc6207e09fd5e41bd550cfe31
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_amd64.deb
          Size/MD5:   222334 cd9c95a7e5e4ed6038fdd6addc76666b
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_amd64.deb
          Size/MD5:   165902 228268688e54e1420b854532eb507b31
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_amd64.deb
          Size/MD5:   247854 db510520fff220c5a7b8049200e64a46
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_amd64.deb
          Size/MD5:   825532 0a4a8bf7843dac56766187dbc824e854
        http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_amd64.deb
          Size/MD5:   218628 9f60d07857b5951e345e1b26112e30f6
    
      i386 architecture (x86 compatible Intel/AMD):
    
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_i386.deb
          Size/MD5: 44228382 552dd51d28d9fbe3f09860a4e1e46c83
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_i386.deb
          Size/MD5:  2858976 6f4aa57f6e13fb6df9ab28caa4128c9f
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_i386.deb
          Size/MD5:    78378 73827d529c5fef68e7dd77006a5de59c
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_i386.deb
          Size/MD5:  7997494 60a773cb9447589bf8a8cb0bae44b64f
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_i386.deb
          Size/MD5:   222336 813478fefd90c157b58db95d747f6b61
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_i386.deb
          Size/MD5:   150394 4be85ac8f7dc29177c0e5998abc534a7
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_i386.deb
          Size/MD5:   247884 df483e827d91307f3ce25ba630eee366
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_i386.deb
          Size/MD5:   717138 e7aec7b6ed703344d404c5cbacfa7061
        http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_i386.deb
          Size/MD5:   211836 c39831e2e88a3379cba800116173b7b1
    
      powerpc architecture (Apple Macintosh G3/G4/G5):
    
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_powerpc.deb
          Size/MD5: 49085396 1cd175f124e1223ed8b00c2b9cec2683
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_powerpc.deb
          Size/MD5:  2859126 4fd279c45ce2a8493662058afee82d36
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_powerpc.deb
          Size/MD5:    81462 d288410a9e2b0d6c7fe879fc3a7dbb54
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_powerpc.deb
          Size/MD5:  9112954 513caae5fa2f96373730bc467d946621
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_powerpc.deb
          Size/MD5:   222342 b89115f5fc0255acf65d228fa675caf4
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_powerpc.deb
          Size/MD5:   163076 bf1936fcc3e612331dac28f2e778f58f
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_powerpc.deb
          Size/MD5:   247878 230f2215ef1b8b2eb8a46edd22f6cc79
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_powerpc.deb
          Size/MD5:   816126 10bb313b2d07cad5ddef2f49b6ea057d
        http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_powerpc.deb
          Size/MD5:   215324 24e246ef9cdbb451098a2145e6498633
    
      sparc architecture (Sun SPARC/UltraSPARC):
    
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_sparc.deb
          Size/MD5: 45628614 29b319471a235125e5e335d81f0beada
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_sparc.deb
          Size/MD5:  2859040 4268ef900d93a54dd1b7bfc307e77fa5
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_sparc.deb
          Size/MD5:    79956 ebce0c213cd4fc28f958be5fa490edd6
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_sparc.deb
          Size/MD5:  8498912 ba2f4c60cdf7090101c7f12a3443cf08
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_sparc.deb
          Size/MD5:   222336 e4f87a7552f75ccf6549efc5c6dbb4e8
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_sparc.deb
          Size/MD5:   152982 bd0911e0ce85f59b842f6a62cb30d119
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_sparc.deb
          Size/MD5:   247868 06186f468e542265409e1f2c4cd7ff58
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_sparc.deb
          Size/MD5:   727584 647c6022288f854b9bde5f521f354ec3
        http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_sparc.deb
          Size/MD5:   212788 4e83aae87efce872666cf3c2ff664af7
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"39","type":"x","order":"1","pct":50,"resources":[]},{"id":"88","title":"Should be more technical","votes":"11","type":"x","order":"2","pct":14.1,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"28","type":"x","order":"3","pct":35.9,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.