Ubuntu 728-3: Firefox vulnerabilities

    Date 05 Mar 2009
    126
    Posted By LinuxSecurity Advisories
    Jesse Ruderman and Gary Kwong discovered flaws in the browser engine.If a user were tricked into viewing a malicious website, a remoteattacker could cause a denial of service or possibly execute arbitrarycode with the privileges of the user invoking the program.(CVE-2009-0772, CVE-2009-0774) [More...]
    ===========================================================
    Ubuntu Security Notice USN-728-3             March 06, 2009
    firefox vulnerabilities
    CVE-2009-0772, CVE-2009-0774, CVE-2009-0776
    ===========================================================
    
    A security issue affects the following Ubuntu releases:
    
    Ubuntu 6.06 LTS
    
    This advisory also applies to the corresponding versions of
    Kubuntu, Edubuntu, and Xubuntu.
    
    The problem can be corrected by upgrading your system to the
    following package versions:
    
    Ubuntu 6.06 LTS:
      firefox                         1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1
    
    After a standard system upgrade you need to restart Firefox to effect the
    necessary changes.
    
    Details follow:
    
    Jesse Ruderman and Gary Kwong discovered flaws in the browser engine.
    If a user were tricked into viewing a malicious website, a remote
    attacker could cause a denial of service or possibly execute arbitrary
    code with the privileges of the user invoking the program.
    (CVE-2009-0772, CVE-2009-0774)
    
    Georgi Guninski discovered a flaw when Firefox performed a
    cross-domain redirect. An attacker could bypass the same-origin policy
    in Firefox by utilizing nsIRDFService and steal private data from
    users authenticated to the redirected website. (CVE-2009-0776)
    
    
    Updated packages for Ubuntu 6.06 LTS:
    
      Source archives:
    
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1.diff.gz
          Size/MD5:   184633 66352e9d64a82f556c3a6a80a19f3d29
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1.dsc
          Size/MD5:     1800 11a304a0a12f5ffa5e8e6c89405f0ccf
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080614k.orig.tar.gz
          Size/MD5: 48504132 171958941a2ca0562039add097278245
    
      Architecture independent packages:
    
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/mozilla-firefox_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_all.deb
          Size/MD5:    53670 3123a4a1f9077b5a51c46eba587e68bf
        https://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_all.deb
          Size/MD5:    52784 d86f4a07d9dafcd213f89007315bc570
    
      amd64 architecture (Athlon64, Opteron, EM64T Xeon):
    
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_amd64.deb
          Size/MD5: 47681086 1633516de506b657356e114a60219054
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_amd64.deb
          Size/MD5:  2858988 de3255d758b85b8ddff5aeb096639a65
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_amd64.deb
          Size/MD5:    86052 aa737609f9bbba04c98024122cb820ca
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_amd64.deb
          Size/MD5:  9494082 c5a3121fc6207e09fd5e41bd550cfe31
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_amd64.deb
          Size/MD5:   222334 cd9c95a7e5e4ed6038fdd6addc76666b
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_amd64.deb
          Size/MD5:   165902 228268688e54e1420b854532eb507b31
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_amd64.deb
          Size/MD5:   247854 db510520fff220c5a7b8049200e64a46
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_amd64.deb
          Size/MD5:   825532 0a4a8bf7843dac56766187dbc824e854
        https://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_amd64.deb
          Size/MD5:   218628 9f60d07857b5951e345e1b26112e30f6
    
      i386 architecture (x86 compatible Intel/AMD):
    
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_i386.deb
          Size/MD5: 44228382 552dd51d28d9fbe3f09860a4e1e46c83
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_i386.deb
          Size/MD5:  2858976 6f4aa57f6e13fb6df9ab28caa4128c9f
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_i386.deb
          Size/MD5:    78378 73827d529c5fef68e7dd77006a5de59c
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_i386.deb
          Size/MD5:  7997494 60a773cb9447589bf8a8cb0bae44b64f
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_i386.deb
          Size/MD5:   222336 813478fefd90c157b58db95d747f6b61
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_i386.deb
          Size/MD5:   150394 4be85ac8f7dc29177c0e5998abc534a7
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_i386.deb
          Size/MD5:   247884 df483e827d91307f3ce25ba630eee366
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_i386.deb
          Size/MD5:   717138 e7aec7b6ed703344d404c5cbacfa7061
        https://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_i386.deb
          Size/MD5:   211836 c39831e2e88a3379cba800116173b7b1
    
      powerpc architecture (Apple Macintosh G3/G4/G5):
    
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_powerpc.deb
          Size/MD5: 49085396 1cd175f124e1223ed8b00c2b9cec2683
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_powerpc.deb
          Size/MD5:  2859126 4fd279c45ce2a8493662058afee82d36
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_powerpc.deb
          Size/MD5:    81462 d288410a9e2b0d6c7fe879fc3a7dbb54
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_powerpc.deb
          Size/MD5:  9112954 513caae5fa2f96373730bc467d946621
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_powerpc.deb
          Size/MD5:   222342 b89115f5fc0255acf65d228fa675caf4
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_powerpc.deb
          Size/MD5:   163076 bf1936fcc3e612331dac28f2e778f58f
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_powerpc.deb
          Size/MD5:   247878 230f2215ef1b8b2eb8a46edd22f6cc79
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_powerpc.deb
          Size/MD5:   816126 10bb313b2d07cad5ddef2f49b6ea057d
        https://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_powerpc.deb
          Size/MD5:   215324 24e246ef9cdbb451098a2145e6498633
    
      sparc architecture (Sun SPARC/UltraSPARC):
    
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_sparc.deb
          Size/MD5: 45628614 29b319471a235125e5e335d81f0beada
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_sparc.deb
          Size/MD5:  2859040 4268ef900d93a54dd1b7bfc307e77fa5
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_sparc.deb
          Size/MD5:    79956 ebce0c213cd4fc28f958be5fa490edd6
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_sparc.deb
          Size/MD5:  8498912 ba2f4c60cdf7090101c7f12a3443cf08
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_sparc.deb
          Size/MD5:   222336 e4f87a7552f75ccf6549efc5c6dbb4e8
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_sparc.deb
          Size/MD5:   152982 bd0911e0ce85f59b842f6a62cb30d119
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_sparc.deb
          Size/MD5:   247868 06186f468e542265409e1f2c4cd7ff58
        https://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_sparc.deb
          Size/MD5:   727584 647c6022288f854b9bde5f521f354ec3
        https://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1_sparc.deb
          Size/MD5:   212788 4e83aae87efce872666cf3c2ff664af7
    

    LinuxSecurity Poll

    Do you feel that the Lawful Access to Encrypted Data Act, which aims to force encryption backdoors, is a threat to US citizens' privacy?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/30-do-you-feel-that-the-lawful-access-to-encrypted-data-act-which-aims-to-force-encryption-backdoors-is-a-threat-to-privacy?task=poll.vote&format=json
    30
    radio
    [{"id":"106","title":"Yes - I am a privacy advocate and I am strongly opposed to this bill.","votes":"19","type":"x","order":"1","pct":95,"resources":[]},{"id":"107","title":"I'm undecided - it has its pros and cons.","votes":"1","type":"x","order":"2","pct":5,"resources":[]},{"id":"108","title":"No - I support this bill and feel that it will help protect against crime and threats to our national security. ","votes":"0","type":"x","order":"3","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
    bottom 200

    Advisories

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.