Ubuntu: Firefox vulnerabilities USN-398-1

=========================================================== 
Ubuntu Security Notice USN-398-1           January 02, 2007
firefox vulnerabilities
CVE-2006-6497, CVE-2006-6498, CVE-2006-6499, CVE-2006-6501,
CVE-2006-6502, CVE-2006-6503, CVE-2006-6504, CVE-2006-6506,
CVE-2006-6507
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 6.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.10:
  firefox                                  2.0.0.1+0dfsg-0ubuntu0.6.10
  firefox-dev                              2.0.0.1+0dfsg-0ubuntu0.6.10
  libnspr-dev                              2.0.0.1+0dfsg-0ubuntu0.6.10
  libnspr4                                 2.0.0.1+0dfsg-0ubuntu0.6.10
  libnss-dev                               2.0.0.1+0dfsg-0ubuntu0.6.10
  libnss3                                  2.0.0.1+0dfsg-0ubuntu0.6.10

After a standard system upgrade you need to restart Firefox to effect 
the necessary changes.

Details follow:

Various flaws have been reported that allow an attacker to execute
arbitrary code with user privileges by tricking the user into opening
a malicious web page containing JavaScript or SVG.  (CVE-2006-6497, 
CVE-2006-6498, CVE-2006-6499, CVE-2006-6501, CVE-2006-6502, 
CVE-2006-6504)

Various flaws have been reported that allow an attacker to bypass 
Firefox's internal XSS protections by tricking the user into opening a 
malicious web page containing JavaScript.  (CVE-2006-6503, 
CVE-2006-6507)

Jared Breland discovered that the "Feed Preview" feature could leak 
referrer information to remote servers.  (CVE-2006-6506)


Updated packages for Ubuntu 6.10:

  Source archives:

          Size/MD5:   322554 79c04227229a107f0c9d45049605bd48
          Size/MD5:     1218 6ce84b9960bdbb97c9ec6c3705653eae
          Size/MD5: 46670638 1cb13be9a35205af63fe70eeff14eb0e

  Architecture independent packages:

          Size/MD5:   236456 9ed7043d22624085cffc10dc7cde8f26
          Size/MD5:    55270 2f8fde2f2488af7750e65e886493cd13
          Size/MD5:    55362 eb1b5c963f64a784e053bdeee6537481
          Size/MD5:    55378 dd6516fe8c1798d617bcf95b4fbd21c4
          Size/MD5:    56176 eae029799af7b101a55a9bfdffc88330

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

          Size/MD5: 50310432 263fa952660d303d4320ac519836a1fb
          Size/MD5:  3119132 75d94b87d53efb786ffdf56ff6d6b075
          Size/MD5:    89652 913420b9f378f322c1ca1b02037f2677
          Size/MD5: 10387770 78104d3965f2bfbda5575574d9f755ba
          Size/MD5:   225036 ea87d34202b6d3223dbac099cf51c8df
          Size/MD5:   167466 55bbefb531652d568f02438aeed10f1d
          Size/MD5:   250348 1bbc07d9af10768ac6656d927000abcd
          Size/MD5:   861350 3fc1cbb4e1eb02995567cdec7b660bd2

  i386 architecture (x86 compatible Intel/AMD)

          Size/MD5: 49457428 a30d035ca9fd1819091c1c6b48d325b1
          Size/MD5:  3109488 e86991da3947ee093b840abd83cf07b2
          Size/MD5:    83386 77793d13bf5a26f0c43962ac5fbd186c
          Size/MD5:  9207840 8dcf11221cfef75bf7f51422dcf60dd7
          Size/MD5:   225046 90012c5f90396f6a5db7705b243e2521
          Size/MD5:   156952 80817ef1fbd45ddfbdfdf75279275c34
          Size/MD5:   250336 655f2f4a30dae71ec29bf96cfb7f0229
          Size/MD5:   785180 131a2623fa95997b99085884204fd89a

  powerpc architecture (Apple Macintosh G3/G4/G5)

          Size/MD5: 51980774 4865d18b50b3a10dfd1b228e11ac0435
          Size/MD5:  3115886 c6f8efcab8edfd7b83453ee041a24612
          Size/MD5:    85272 b66da0f160a453b1f3ee18f5b1722e8d
          Size/MD5: 10056020 9102c8484c7c71186fd0b970a610e7e4
          Size/MD5:   225038 4f83154583b4a058a123a3a8586ab0f2
          Size/MD5:   166288 6190cda57dbebe29c65c1ca97daba292
          Size/MD5:   250334 b3f846f1dafbf1a990ab27df8258b9e1
          Size/MD5:   860068 d0f2e68e9d1ca8be8d9914e6fcdf1bff

  sparc architecture (Sun SPARC/UltraSPARC)

          Size/MD5: 49511534 d0e1bad8c05a69231dfee2db6b34b990
          Size/MD5:  3106194 1adc42b08102dca85285244139d312da
          Size/MD5:    83086 ef47b587d79afdce14ec47b2e13ce89c
          Size/MD5:  9485274 13146d26d590e4981281cf21957cfb61
          Size/MD5:   225036 b72f082c255cd9510435cd0c0912a5bc
          Size/MD5:   155116 9d629deae12ea27812081b13bb0216ba
          Size/MD5:   250332 c3e90b969d3c3de2fe47c4942f8dc96f
          Size/MD5:   766060 a32f928bcb9a7cd2d601b2aafbec6bef
Ubuntu: Firefox vulnerabilities USN-398-1

Summary

Update Instructions

References

Package Information

Related News

Get the Latest News & Insights

News

Advisories

HOWTOs

Features

About Us

Powered By
