Ubuntu: Firefox regression

    Date26 Jan 2007
    CategoryUbuntu
    3853
    Posted ByLinuxSecurity Advisories
    USN-398-2 fixed vulnerabilities in Firefox 1.5. However, when auto-filling saved-password login forms without a username field, Firefox would crash. This update fixes the problem. We apologize for the inconvenience.
    =========================================================== 
    Ubuntu Security Notice USN-398-4           January 27, 2007
    firefox regression
    https://launchpad.net/bugs/77859
    ===========================================================
    
    A security issue affects the following Ubuntu releases:
    
    Ubuntu 5.10
    Ubuntu 6.06 LTS
    
    This advisory also applies to the corresponding versions of
    Kubuntu, Edubuntu, and Xubuntu.
    
    The problem can be corrected by upgrading your system to the
    following package versions:
    
    Ubuntu 5.10:
      firefox                                  1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1
    
    Ubuntu 6.06 LTS:
      firefox                                  1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1
    
    After a standard system upgrade you need to restart Firefox to effect 
    the necessary changes.
    
    Details follow:
    
    USN-398-2 fixed vulnerabilities in Firefox 1.5.  However, when 
    auto-filling saved-password login forms without a username field, 
    Firefox would crash.  This update fixes the problem.
    
    We apologize for the inconvenience.
    
    Original advisory details:
    
     Various flaws have been reported that allow an attacker to execute
     arbitrary code with user privileges by tricking the user into opening
     a malicious web page containing JavaScript or SVG.  (CVE-2006-6497, 
     CVE-2006-6498, CVE-2006-6499, CVE-2006-6501, CVE-2006-6502, 
     CVE-2006-6504)
    
     Various flaws have been reported that allow an attacker to bypass 
     Firefox's internal XSS protections by tricking the user into opening a 
     malicious web page containing JavaScript.  (CVE-2006-6503)
    
    
    Updated packages for Ubuntu 5.10:
    
      Source archives:
    
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1.diff.gz
          Size/MD5:   177581 9b53de9f6503f646717dd333edd8f147
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1.dsc
          Size/MD5:     1060 af80befe4baf6e7a63dd189278839480
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.9.orig.tar.gz
          Size/MD5: 44874639 3a812560d4b85bf878bba9ca961b26b7
    
      Architecture independent packages:
    
        http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_all.deb
          Size/MD5:    49800 b5dbc793061e8f1203ed989ef2454bc7
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/mozilla-firefox_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_all.deb
          Size/MD5:    50688 01efc07ddbff2c5a3f8691aa91c5a4b8
    
      amd64 architecture (Athlon64, Opteron, EM64T Xeon)
    
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_amd64.deb
          Size/MD5:  3155128 95cfbd77ed46121ff914f9e9fa43623d
        http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_amd64.deb
          Size/MD5:   216710 6f467785b059d6eca05faff473189fe7
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_amd64.deb
          Size/MD5:    83018 d3d0aa27df9c2b3389e34a117e93886e
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_amd64.deb
          Size/MD5: 10236156 ef6ebdfd9e18a0a1629763dd7fc97517
    
      i386 architecture (x86 compatible Intel/AMD)
    
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_i386.deb
          Size/MD5:  3155148 1c5c6876da0cc9f0edb80004b974d52a
        http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_i386.deb
          Size/MD5:   210246 186b27c34724e7d975c5e552883d39be
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_i386.deb
          Size/MD5:    75426 e146ac105edd51d0e02c694c70ea7ef2
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_i386.deb
          Size/MD5:  8665444 0be9969fa43f8b49960ae4a554bf4c04
    
      powerpc architecture (Apple Macintosh G3/G4/G5)
    
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_powerpc.deb
          Size/MD5:  3155158 6e0b4c5e109aba254079bdf91fb8eb25
        http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_powerpc.deb
          Size/MD5:   213646 2fbfad91065c6b04ec01327068758cc0
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_powerpc.deb
          Size/MD5:    78624 42dc1282a625a1754283850475aa4e59
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_powerpc.deb
          Size/MD5:  9846152 c107484362ba9761e7214815f9b66711
    
      sparc architecture (Sun SPARC/UltraSPARC)
    
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_sparc.deb
          Size/MD5:  3155252 cb24c2658d83c77cbf2813fae8f2191f
        http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_sparc.deb
          Size/MD5:   211202 61fd3bfd2cc747787018e6832c814c7a
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_sparc.deb
          Size/MD5:    77010 dd5dd13d89c13fe44a3c2c76d3365a1c
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_sparc.deb
          Size/MD5:  9178540 64c37a67c934bad7d86076cab6a6f3a8
    
    Updated packages for Ubuntu 6.06 LTS:
    
      Source archives:
    
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1.diff.gz
          Size/MD5:   177979 557c44cc6c2500d6f342450979cb6be1
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1.dsc
          Size/MD5:     1117 7e8096909dee45e293c4e0f673f5e9b0
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.9.orig.tar.gz
          Size/MD5: 44874639 3a812560d4b85bf878bba9ca961b26b7
    
      Architecture independent packages:
    
        http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_all.deb
          Size/MD5:    49812 7854563947bbbc8195a11af9842946d8
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/mozilla-firefox_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_all.deb
          Size/MD5:    50700 e51a62b89a5fda6b195b708852e1e3b5
    
      amd64 architecture (Athlon64, Opteron, EM64T Xeon)
    
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_amd64.deb
          Size/MD5: 47406864 b113c262e59309c5a3dff2e0a7a61700
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_amd64.deb
          Size/MD5:  2801622 6a90a8ff153e6170557b01e3a489f22f
        http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_amd64.deb
          Size/MD5:   216748 9fc0e8b581e5d194d2152478cc4e4307
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_amd64.deb
          Size/MD5:    83002 c0a41cb329b58013302e62ecb9022df5
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_amd64.deb
          Size/MD5:  9428466 1c98bf4a993dcb8ea2c8c8c3e3863e62
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_amd64.deb
          Size/MD5:   219448 9b1e42b16e42881677c07a4db608804d
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_amd64.deb
          Size/MD5:   162498 c979e7f22686bcd42bffd149027ef922
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_amd64.deb
          Size/MD5:   236362 4572fca2f2df6fb5e77af2d6a3847cc6
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_amd64.deb
          Size/MD5:   758168 b30697faa7fb430f592bf1aa631d2d70
    
      i386 architecture (x86 compatible Intel/AMD)
    
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_i386.deb
          Size/MD5: 43974030 6022783bbfbd8e3ecf2bcf6b8bc26f11
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_i386.deb
          Size/MD5:  2801710 125c6de5d86324b20f40b0f6c030a708
        http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_i386.deb
          Size/MD5:   210176 b06f333d8d415ce76350ecd7d95f4dcd
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_i386.deb
          Size/MD5:    75394 0af7777b392baf3a8a2fdc3b32e26c34
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_i386.deb
          Size/MD5:  7944252 550a36ee7add6b76d331f6295f92a147
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_i386.deb
          Size/MD5:   219432 ac902c9cf91abb32ceca32c93a52d846
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_i386.deb
          Size/MD5:   147164 c4fe716b77a16c342733d3120194dd5a
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_i386.deb
          Size/MD5:   236352 30ef069f2e662093ea0049f7d681ae7e
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_i386.deb
          Size/MD5:   670306 08a71565579c7c3995e110a7606e4f79
    
      powerpc architecture (Apple Macintosh G3/G4/G5)
    
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_powerpc.deb
          Size/MD5: 48788298 c0be007419d054c8be7aa68a19ce5e53
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_powerpc.deb
          Size/MD5:  2801704 fe1800b652445cec3df20eddf04edd15
        http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_powerpc.deb
          Size/MD5:   213618 8a80d992e2145d4cacd89321cf4f633f
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_powerpc.deb
          Size/MD5:    78508 c970a49cc485e9b12114991956de790d
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_powerpc.deb
          Size/MD5:  9047878 24ae15763d644004d7637906eb0bd3c5
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_powerpc.deb
          Size/MD5:   219456 d74feee574b4066385d9231445869781
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_powerpc.deb
          Size/MD5:   159754 21f199b4e275624eb1fcf00be9f5f272
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_powerpc.deb
          Size/MD5:   236358 90b858e1a1a77f9c5798551f28dd0cb6
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_powerpc.deb
          Size/MD5:   769096 84de135a18e371c088ac3a58d4594916
    
      sparc architecture (Sun SPARC/UltraSPARC)
    
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_sparc.deb
          Size/MD5: 45365336 e84c066990d9ad4dd8f45a21cdaf8d2a
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_sparc.deb
          Size/MD5:  2801624 cf0964e13b5372390553741809f4d8ea
        http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_sparc.deb
          Size/MD5:   211120 297ee23d36c2ce4ce592479d883c06f6
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_sparc.deb
          Size/MD5:    76954 d6f76f8bcd8b21178a8d90c741a69e3b
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_sparc.deb
          Size/MD5:  8437784 6e9a0809a6d7b19c8b97eaac03ece1e5
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_sparc.deb
          Size/MD5:   219446 1dba167ed97a25b5dbeb6e00b45f5db9
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_sparc.deb
          Size/MD5:   149678 b79bb4be820b2f8abfd95bd5f7629dfd
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_sparc.deb
          Size/MD5:   236364 97fee71d37edfa37e53ec9e9d935c4a6
        http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_sparc.deb
          Size/MD5:   682392 31ac0ad91f371f542d2dd63275bbe411
    
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"23","type":"x","order":"1","pct":53.49,"resources":[]},{"id":"88","title":"Should be more technical","votes":"5","type":"x","order":"2","pct":11.63,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"15","type":"x","order":"3","pct":34.88,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.