Ubuntu: Firefox and xulrunner regression

    Date25 Sep 2008
    CategoryUbuntu
    2878
    Posted ByLinuxSecurity Advisories
    USN-645-1 fixed vulnerabilities in Firefox and xulrunner. The upstream patches introduced a regression in the saved password handling. While password data was not lost, if a user had saved any passwords with non-ASCII characters, Firefox could not access the password database. This update fixes the problem.
    =========================================================== 
    Ubuntu Security Notice USN-645-3         September 25, 2008
    firefox-3.0, xulrunner-1.9 regression
    https://launchpad.net/bugs/270429
    ===========================================================
    
    A security issue affects the following Ubuntu releases:
    
    Ubuntu 8.04 LTS
    
    This advisory also applies to the corresponding versions of
    Kubuntu, Edubuntu, and Xubuntu.
    
    The problem can be corrected by upgrading your system to the
    following package versions:
    
    Ubuntu 8.04 LTS:
      firefox                         3.0.3+build1+nobinonly-0ubuntu0.8.04.1
      xulrunner-1.9                   1.9.0.3+build1+nobinonly-0ubuntu0.8.04.1
    
    After a standard system upgrade you need to restart Firefox and any
    applications that use xulrunner, such as Epiphany, to effect the
    necessary changes.
    
    Details follow:
    
    USN-645-1 fixed vulnerabilities in Firefox and xulrunner. The upstream
    patches introduced a regression in the saved password handling. While
    password data was not lost, if a user had saved any passwords with
    non-ASCII characters, Firefox could not access the password database.
    This update fixes the problem.
    
    We apologize for the inconvenience.
    
    Original advisory details:
    
     Justin Schuh, Tom Cross and Peter Williams discovered errors in the
     Firefox URL parsing routines. If a user were tricked into opening a
     crafted hyperlink, an attacker could overflow a stack buffer and
     execute arbitrary code. (CVE-2008-0016)
     
     It was discovered that the same-origin check in Firefox could be
     bypassed. If a user were tricked into opening a malicious website,
     an attacker may be able to execute JavaScript in the context of a
     different website. (CVE-2008-3835)
     
     Several problems were discovered in the JavaScript engine. This
     could allow an attacker to execute scripts from page content with
     chrome privileges. (CVE-2008-3836)
     
     Paul Nickerson discovered Firefox did not properly process mouse
     click events. If a user were tricked into opening a malicious web
     page, an attacker could move the content window, which could
     potentially be used to force a user to perform unintended drag and
     drop operations. (CVE-2008-3837)
     
     Several problems were discovered in the browser engine. This could
     allow an attacker to execute code with chrome privileges.
     (CVE-2008-4058, CVE-2008-4059, CVE-2008-4060)
     
     Drew Yao, David Maciejak and other Mozilla developers found several
     problems in the browser engine of Firefox. If a user were tricked
     into opening a malicious web page, an attacker could cause a denial
     of service or possibly execute arbitrary code with the privileges
     of the user invoking the program. (CVE-2008-4061, CVE-2008-4062,
     CVE-2008-4063, CVE-2008-4064)
     
     Dave Reed discovered a flaw in the JavaScript parsing code when
     processing certain BOM characters. An attacker could exploit this
     to bypass script filters and perform cross-site scripting attacks.
     (CVE-2008-4065)
     
     Gareth Heyes discovered a flaw in the HTML parser of Firefox. If a
     user were tricked into opening a malicious web page, an attacker
     could bypass script filtering and perform cross-site scripting
     attacks. (CVE-2008-4066)
     
     Boris Zbarsky and Georgi Guninski independently discovered flaws in
     the resource: protocol. An attacker could exploit this to perform
     directory traversal, read information about the system, and prompt
     the user to save information in a file. (CVE-2008-4067,
     CVE-2008-4068)
     
     Billy Hoffman discovered a problem in the XBM decoder. If a user were
     tricked into opening a malicious web page or XBM file, an attacker
     may be able to cause a denial of service via application crash.
     (CVE-2008-4069)
    
    
    Updated packages for Ubuntu 8.04 LTS:
    
      Source archives:
    
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.3+build1+nobinonly-0ubuntu0.8.04.1.diff.gz
          Size/MD5:   105898 8e9d91766d1673d85b4e2e60f09ffbb6
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.3+build1+nobinonly-0ubuntu0.8.04.1.dsc
          Size/MD5:     2760 57a929804f986040bc7227fe3009156c
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.3+build1+nobinonly.orig.tar.gz
          Size/MD5: 11573662 bcf09e18019b2f2cbb8517932c891485
        http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.3+build1+nobinonly-0ubuntu0.8.04.1.diff.gz
          Size/MD5:    77467 f5a62ff3d325e95c5120cc22bda2d554
        http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.3+build1+nobinonly-0ubuntu0.8.04.1.dsc
          Size/MD5:     2825 ab55f7ea35f9ee735528805831854977
        http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.3+build1+nobinonly.orig.tar.gz
          Size/MD5: 40164202 72a5e40dda74d050021677f1b3ebabcc
    
      Architecture independent packages:
    
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-dev_3.0.3+build1+nobinonly-0ubuntu0.8.04.1_all.deb
          Size/MD5:    65954 3f06a1b75554d1d2340afc44b78022ac
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-gnome-support_3.0.3+build1+nobinonly-0ubuntu0.8.04.1_all.deb
          Size/MD5:    65968 6d8a8e29f0a7c87d2c8f179f574d7aa6
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-granparadiso-dev_3.0.3+build1+nobinonly-0ubuntu0.8.04.1_all.deb
          Size/MD5:    65924 3ac2f3dfa932bdc940950c0a894b9080
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-trunk-dev_3.0.3+build1+nobinonly-0ubuntu0.8.04.1_all.deb
          Size/MD5:    65912 e9e9a4746bec14f42b2450bea8225057
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox_3.0.3+build1+nobinonly-0ubuntu0.8.04.1_all.deb
          Size/MD5:    66064 6775e8fa75a92e1f33cc8ae5bb7f9e8a
        http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-3.0-dom-inspector_3.0.3+build1+nobinonly-0ubuntu0.8.04.1_all.deb
          Size/MD5:    65974 751dd3d6688c6639e9d0ec0da761cc5c
        http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-3.0-venkman_3.0.3+build1+nobinonly-0ubuntu0.8.04.1_all.deb
          Size/MD5:    65924 cfb57e23eb08498e16a6bbef2ca4238e
        http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-dom-inspector_3.0.3+build1+nobinonly-0ubuntu0.8.04.1_all.deb
          Size/MD5:     8974 25f83a796d3169788d39ea68cd8635c6
        http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso-dom-inspector_3.0.3+build1+nobinonly-0ubuntu0.8.04.1_all.deb
          Size/MD5:     8962 01cc668f88c84f91e2fd886d42d92f13
        http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso-gnome-support_3.0.3+build1+nobinonly-0ubuntu0.8.04.1_all.deb
          Size/MD5:    65948 c4718d66cfe19443c59978f4e39e7e41
        http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso_3.0.3+build1+nobinonly-0ubuntu0.8.04.1_all.deb
          Size/MD5:    65914 71f6cddfc729e4018eefe95c79efd9df
        http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-libthai_3.0.3+build1+nobinonly-0ubuntu0.8.04.1_all.deb
          Size/MD5:    65906 97334f76bbbd654157c7c5aabf7e31c6
        http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk-dom-inspector_3.0.3+build1+nobinonly-0ubuntu0.8.04.1_all.deb
          Size/MD5:     8946 f9d779ba38a6e7732ad71bb751523a7a
        http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk-gnome-support_3.0.3+build1+nobinonly-0ubuntu0.8.04.1_all.deb
          Size/MD5:    65936 4fa1a2d88890b85d3bce5cb045ec792b
        http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk-venkman_3.0.3+build1+nobinonly-0ubuntu0.8.04.1_all.deb
          Size/MD5:     8936 700210f41bc608472f4fe88615dab81f
        http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk_3.0.3+build1+nobinonly-0ubuntu0.8.04.1_all.deb
          Size/MD5:    65902 d907072601c66ad491d706566c2824de
        http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9/xulrunner-1.9-dom-inspector_1.9.0.3+build1+nobinonly-0ubuntu0.8.04.1_all.deb
          Size/MD5:   125194 abdbdf7f8a7597a88c60af6d98ad3be3
        http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9/xulrunner-1.9-venkman_1.9.0.3+build1+nobinonly-0ubuntu0.8.04.1_all.deb
          Size/MD5:   235304 8c3f950ba19f57700fb82918f343bed3
    
      amd64 architecture (Athlon64, Opteron, EM64T Xeon):
    
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.3+build1+nobinonly-0ubuntu0.8.04.1_amd64.deb
          Size/MD5:     9028 45557a5d8f43797bebb0ee77783bdc87
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.0.3+build1+nobinonly-0ubuntu0.8.04.1_amd64.deb
          Size/MD5:    29576 78c9677804c24f5b6d95e0eb6c7a7f38
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.3+build1+nobinonly-0ubuntu0.8.04.1_amd64.deb
          Size/MD5:  1086672 7399df1205d00bd6124d03fc63cf6592
        http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9.0.3+build1+nobinonly-0ubuntu0.8.04.1_amd64.deb
          Size/MD5:  4035336 eaff46064356cea1e966ab221e45eb30
        http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-support_1.9.0.3+build1+nobinonly-0ubuntu0.8.04.1_amd64.deb
          Size/MD5:    48656 41dc8e708b4972e61b2e12ab54c0c4fc
        http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.3+build1+nobinonly-0ubuntu0.8.04.1_amd64.deb
          Size/MD5:  9031700 f608db020679c1a062deaf017d5defd2
    
      i386 architecture (x86 compatible Intel/AMD):
    
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.3+build1+nobinonly-0ubuntu0.8.04.1_i386.deb
          Size/MD5:     9028 a8fd22201b420b5b0fa11fab1c9466d3
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.0.3+build1+nobinonly-0ubuntu0.8.04.1_i386.deb
          Size/MD5:    25726 823066888e006035bbe5f1eb790eccfa
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.0.3+build1+nobinonly-0ubuntu0.8.04.1_i386.deb
          Size/MD5:  1065018 32827a47e8cd521d89391879a3d84d5c
        http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9.0.3+build1+nobinonly-0ubuntu0.8.04.1_i386.deb
          Size/MD5:  4016914 4285536cc152b65fa881946890b44185
        http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-support_1.9.0.3+build1+nobinonly-0ubuntu0.8.04.1_i386.deb
          Size/MD5:    38514 04869df4ca726ad6c59d2e43383bf4f6
        http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.3+build1+nobinonly-0ubuntu0.8.04.1_i386.deb
          Size/MD5:  7763786 685dc1eb5dce09d60c56ffa1c059735b
    
      lpia architecture (Low Power Intel Architecture):
    
        http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.3+build1+nobinonly-0ubuntu0.8.04.1_lpia.deb
          Size/MD5:     9028 2de0d8feb75644816867deec8668ec34
        http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.0.3+build1+nobinonly-0ubuntu0.8.04.1_lpia.deb
          Size/MD5:    25342 5e70051d1c36fa4115ad1b569a57b290
        http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0_3.0.3+build1+nobinonly-0ubuntu0.8.04.1_lpia.deb
          Size/MD5:  1063126 4e9a3f4c3adaacb731b9d715e38fd3e2
        http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9.0.3+build1+nobinonly-0ubuntu0.8.04.1_lpia.deb
          Size/MD5:  4012342 92f97468c8260b9980d348024b3b6971
        http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-support_1.9.0.3+build1+nobinonly-0ubuntu0.8.04.1_lpia.deb
          Size/MD5:    37610 88681831e70f2c7ab81da01928fcf09f
        http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.3+build1+nobinonly-0ubuntu0.8.04.1_lpia.deb
          Size/MD5:  7650950 80ab78a657265b9cad8ec759ac8864e9
    
      powerpc architecture (Apple Macintosh G3/G4/G5):
    
        http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.3+build1+nobinonly-0ubuntu0.8.04.1_powerpc.deb
          Size/MD5:     9026 c90a944ecbc4366a54001c769d29e35b
        http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.0.3+build1+nobinonly-0ubuntu0.8.04.1_powerpc.deb
          Size/MD5:    27502 d140872135657f26a214585501d48c8c
        http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0_3.0.3+build1+nobinonly-0ubuntu0.8.04.1_powerpc.deb
          Size/MD5:  1079210 2594afd5cad19bc4bee8f0bad4483c5c
        http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9.0.3+build1+nobinonly-0ubuntu0.8.04.1_powerpc.deb
          Size/MD5:  4023426 cb239f374f28f6b90ae9289240acf871
        http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-support_1.9.0.3+build1+nobinonly-0ubuntu0.8.04.1_powerpc.deb
          Size/MD5:    43686 d176b974055a33ede0065b4c9f2047fd
        http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.3+build1+nobinonly-0ubuntu0.8.04.1_powerpc.deb
          Size/MD5:  8609908 8e66fdbd3106ee310b9e8591d5fc35ad
    
    
    
    --Fba/0zbH8Xs+Fj9o
    Content-Type: application/pgp-signature; name="signature.asc"
    Content-Description: Digital signature
    Content-Disposition: inline
    
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.6 (GNU/Linux)
    
    iD8DBQFI29kjW0JvuRdL8BoRAkXfAKCfhJfZscIqOOc2vRx0MxXxzznO4wCePwxU
    +im4TJCKqO3mDNtpkmtZLsw=uAlq
    -----END PGP SIGNATURE-----
    
    --Fba/0zbH8Xs+Fj9o--
    
    
    --==============w51258102108683811=Content-Type: text/plain; charset="us-ascii"
    MIME-Version: 1.0
    Content-Transfer-Encoding: 7bit
    Content-Disposition: inline
    
    --
    ubuntu-security-announce mailing list
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
    
    --==============w51258102108683811==--
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"39","type":"x","order":"1","pct":50,"resources":[]},{"id":"88","title":"Should be more technical","votes":"11","type":"x","order":"2","pct":14.1,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"28","type":"x","order":"3","pct":35.9,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.