Secunia Security Advisory - Ubuntu has issued an update for firefox. This fixes some vulnerabilities, which can be exploited by malicious people to gain knowledge of certain information, conduct cross-site scripting attacks, and potentially compromise a user's system.
4c28ec70f09c40c36c8104921b18e702a647a0ae2aab97db58ee354724374990
----------------------------------------------------------------------
Secunia is proud to announce the availability of the Secunia Software
Inspector.
The Secunia Software Inspector is a free service that detects insecure
versions of software that you may have installed in your system. When
insecure versions are detected, the Secunia Software Inspector also
provides thorough guidelines for updating the software to the latest
secure version from the vendor.
Try it out online:
http://secunia.com/software_inspector/
----------------------------------------------------------------------
TITLE:
Ubuntu update for firefox
SECUNIA ADVISORY ID:
SA23589
VERIFY ADVISORY:
http://secunia.com/advisories/23589/
CRITICAL:
Highly critical
IMPACT:
Cross Site Scripting, Exposure of sensitive information, DoS, System
access
WHERE:
>From remote
OPERATING SYSTEM:
Ubuntu Linux 6.10
http://secunia.com/product/12470/
DESCRIPTION:
Ubuntu has issued an update for firefox. This fixes some
vulnerabilities, which can be exploited by malicious people to gain
knowledge of certain information, conduct cross-site scripting
attacks, and potentially compromise a user's system.
For more information:
SA23282
SOLUTION:
Apply updated packages.
-- Ubuntu 6.10 --
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.1+0dfsg-0ubuntu0.6.10.diff.gz
Size/MD5: 322554 79c04227229a107f0c9d45049605bd48
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.1+0dfsg-0ubuntu0.6.10.dsc
Size/MD5: 1218 6ce84b9960bdbb97c9ec6c3705653eae
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.1+0dfsg.orig.tar.gz
Size/MD5: 46670638 1cb13be9a35205af63fe70eeff14eb0e
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_2.0.0.1+0dfsg-0ubuntu0.6.10_all.deb
Size/MD5: 236456 9ed7043d22624085cffc10dc7cde8f26
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_2.0.0.1+0dfsg-0ubuntu0.6.10_all.deb
Size/MD5: 55270 2f8fde2f2488af7750e65e886493cd13
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dom-inspector_2.0.0.1+0dfsg-0ubuntu0.6.10_all.deb
Size/MD5: 55362 eb1b5c963f64a784e053bdeee6537481
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-gnome-support_2.0.0.1+0dfsg-0ubuntu0.6.10_all.deb
Size/MD5: 55378 dd6516fe8c1798d617bcf95b4fbd21c4
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox_2.0.0.1+0dfsg-0ubuntu0.6.10_all.deb
Size/MD5: 56176 eae029799af7b101a55a9bfdffc88330
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.1+0dfsg-0ubuntu0.6.10_amd64.deb
Size/MD5: 50310432 263fa952660d303d4320ac519836a1fb
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.1+0dfsg-0ubuntu0.6.10_amd64.deb
Size/MD5: 3119132 75d94b87d53efb786ffdf56ff6d6b075
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.1+0dfsg-0ubuntu0.6.10_amd64.deb
Size/MD5: 89652 913420b9f378f322c1ca1b02037f2677
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.1+0dfsg-0ubuntu0.6.10_amd64.deb
Size/MD5: 10387770 78104d3965f2bfbda5575574d9f755ba
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.1+0dfsg-0ubuntu0.6.10_amd64.deb
Size/MD5: 225036 ea87d34202b6d3223dbac099cf51c8df
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.1+0dfsg-0ubuntu0.6.10_amd64.deb
Size/MD5: 167466 55bbefb531652d568f02438aeed10f1d
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.1+0dfsg-0ubuntu0.6.10_amd64.deb
Size/MD5: 250348 1bbc07d9af10768ac6656d927000abcd
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.1+0dfsg-0ubuntu0.6.10_amd64.deb
Size/MD5: 861350 3fc1cbb4e1eb02995567cdec7b660bd2
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.1+0dfsg-0ubuntu0.6.10_i386.deb
Size/MD5: 49457428 a30d035ca9fd1819091c1c6b48d325b1
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.1+0dfsg-0ubuntu0.6.10_i386.deb
Size/MD5: 3109488 e86991da3947ee093b840abd83cf07b2
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.1+0dfsg-0ubuntu0.6.10_i386.deb
Size/MD5: 83386 77793d13bf5a26f0c43962ac5fbd186c
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.1+0dfsg-0ubuntu0.6.10_i386.deb
Size/MD5: 9207840 8dcf11221cfef75bf7f51422dcf60dd7
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.1+0dfsg-0ubuntu0.6.10_i386.deb
Size/MD5: 225046 90012c5f90396f6a5db7705b243e2521
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.1+0dfsg-0ubuntu0.6.10_i386.deb
Size/MD5: 156952 80817ef1fbd45ddfbdfdf75279275c34
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.1+0dfsg-0ubuntu0.6.10_i386.deb
Size/MD5: 250336 655f2f4a30dae71ec29bf96cfb7f0229
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.1+0dfsg-0ubuntu0.6.10_i386.deb
Size/MD5: 785180 131a2623fa95997b99085884204fd89a
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.1+0dfsg-0ubuntu0.6.10_powerpc.deb
Size/MD5: 51980774 4865d18b50b3a10dfd1b228e11ac0435
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.1+0dfsg-0ubuntu0.6.10_powerpc.deb
Size/MD5: 3115886 c6f8efcab8edfd7b83453ee041a24612
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.1+0dfsg-0ubuntu0.6.10_powerpc.deb
Size/MD5: 85272 b66da0f160a453b1f3ee18f5b1722e8d
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.1+0dfsg-0ubuntu0.6.10_powerpc.deb
Size/MD5: 10056020 9102c8484c7c71186fd0b970a610e7e4
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.1+0dfsg-0ubuntu0.6.10_powerpc.deb
Size/MD5: 225038 4f83154583b4a058a123a3a8586ab0f2
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.1+0dfsg-0ubuntu0.6.10_powerpc.deb
Size/MD5: 166288 6190cda57dbebe29c65c1ca97daba292
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.1+0dfsg-0ubuntu0.6.10_powerpc.deb
Size/MD5: 250334 b3f846f1dafbf1a990ab27df8258b9e1
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.1+0dfsg-0ubuntu0.6.10_powerpc.deb
Size/MD5: 860068 d0f2e68e9d1ca8be8d9914e6fcdf1bff
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.1+0dfsg-0ubuntu0.6.10_sparc.deb
Size/MD5: 49511534 d0e1bad8c05a69231dfee2db6b34b990
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.1+0dfsg-0ubuntu0.6.10_sparc.deb
Size/MD5: 3106194 1adc42b08102dca85285244139d312da
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.1+0dfsg-0ubuntu0.6.10_sparc.deb
Size/MD5: 83086 ef47b587d79afdce14ec47b2e13ce89c
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.1+0dfsg-0ubuntu0.6.10_sparc.deb
Size/MD5: 9485274 13146d26d590e4981281cf21957cfb61
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox2.0.0.1+0dfsg-0ubuntu0.6.10_sparc.deb
Size/MD5: 225036 b72f082c255cd9510435cd0c0912a5bc
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox2.0.0.1+0dfsg-0ubuntu0.6.10_sparc.deb
Size/MD5: 155116 9d629deae12ea27812081b13bb0216ba
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox2.0.0.1+0dfsg-0ubuntu0.6.10_sparc.deb
Size/MD5: 250332 c3e90b969d3c3de2fe47c4942f8dc96f
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox2.0.0.1+0dfsg-0ubuntu0.6.10_sparc.deb
Size/MD5: 766060 a32f928bcb9a7cd2d601b2aafbec6bef
ORIGINAL ADVISORY:
http://www.ubuntu.com/usn/usn-398-1
OTHER REFERENCES:
SA23282:
http://secunia.com/advisories/23282/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------