Ubuntu: Firefox vulnerabilities
January 3, 2007
USN-398-1 fixed vulnerabilities in Firefox 2.0
Summary
Update Instructions
References
Severity
Ubuntu Security Notice USN-398-2 January 03, 2007
Package Information
===========================================================
Ubuntu Security Notice USN-398-2 January 03, 2007
firefox vulnerabilities
CVE-2006-6497, CVE-2006-6498, CVE-2006-6499, CVE-2006-6501,
CVE-2006-6502, CVE-2006-6503, CVE-2006-6504
==========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 5.10
Ubuntu 6.06 LTS
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 5.10:
firefox 1.5.dfsg+1.5.0.9-0ubuntu0.5.10
firefox-dev 1.5.dfsg+1.5.0.9-0ubuntu0.5.10
Ubuntu 6.06 LTS:
firefox 1.5.dfsg+1.5.0.9-0ubuntu0.6.06
firefox-dev 1.5.dfsg+1.5.0.9-0ubuntu0.6.06
libnspr-dev 1.5.dfsg+1.5.0.9-0ubuntu0.6.06
libnspr4 1.5.dfsg+1.5.0.9-0ubuntu0.6.06
libnss-dev 1.5.dfsg+1.5.0.9-0ubuntu0.6.06
libnss3 1.5.dfsg+1.5.0.9-0ubuntu0.6.06
After a standard system upgrade you need to restart Firefox to effect
the necessary changes.
Details follow:
USN-398-1 fixed vulnerabilities in Firefox 2.0. This update provides
the corresponding updates for Firefox 1.5.
Various flaws have been reported that allow an attacker to execute
arbitrary code with user privileges by tricking the user into opening
a malicious web page containing JavaScript or SVG. (CVE-2006-6497,
CVE-2006-6498, CVE-2006-6499, CVE-2006-6501, CVE-2006-6502,
CVE-2006-6504)
Various flaws have been reported that allow an attacker to bypass
Firefox's internal XSS protections by tricking the user into opening a
malicious web page containing JavaScript. (CVE-2006-6503)
Updated packages for Ubuntu 5.10:
Source archives:
Size/MD5: 177350 f25badcde69aee85eb82330d0daf4417
Size/MD5: 1056 9ae774570929de1c68168e410e608e3a
Size/MD5: 44874639 3a812560d4b85bf878bba9ca961b26b7
Architecture independent packages:
Size/MD5: 49746 84497ea1bbd2840a37503b5e38886d67
Size/MD5: 50632 9639b6c6241c35e840384a5ecd0d057d
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
Size/MD5: 3155112 e5f077de48261c34807f677bc662091e
Size/MD5: 216646 f1c933298c42c3b66ffb04f7bc2d7ea1
Size/MD5: 82948 83870eb321a81a8dad6a0a6f2d3d8e1a
Size/MD5: 10236150 c17e84ae66c45ac0fbcbda65c7c2f42e
i386 architecture (x86 compatible Intel/AMD)
Size/MD5: 3155084 d0a3d80a4f31162766cdf9fc1a7efd6d
Size/MD5: 210186 2f367ee0291586942ce9f59d98f7819f
Size/MD5: 75374 a09eb76531b5ae26b885ac81d3474aa1
Size/MD5: 8665274 5751674cb5ba9b5834d1fc25dea64f19
powerpc architecture (Apple Macintosh G3/G4/G5)
Size/MD5: 3155162 d6a5c0576de5c87dd4efe14decd72b64
Size/MD5: 213588 3aa264bcd755a87de5482218a58fa8da
Size/MD5: 78570 f640333523dd410eb9c48e67da42d223
Size/MD5: 9846102 127532fa6ba779840ef82f644f682f26
sparc architecture (Sun SPARC/UltraSPARC)
Size/MD5: 3155148 8a43a11a33232ec238084cfb2f10d8a2
Size/MD5: 211138 6d7ffa6baa8b66dd62537f7fe2212fb9
Size/MD5: 76946 b848074711b2db139bedfbf21a0b222b
Size/MD5: 9178266 7c0dc78fb50b1f49d5410f774e112e92
Updated packages for Ubuntu 6.06 LTS:
Source archives:
Size/MD5: 177734 bb37d65ee1e10592a985b10c7212bc2b
Size/MD5: 1113 57c738f08983536c35222d634a19c54f
Size/MD5: 44874639 3a812560d4b85bf878bba9ca961b26b7
Architecture independent packages:
Size/MD5: 49760 722b1406fca3ce894b8d2a99aeef1c4d
Size/MD5: 50646 fddb4ef03e948f9d1f831ebd10f82ff7
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
Size/MD5: 47406762 81e1e328d3132ae6b6e689e7dc6e925c
Size/MD5: 2801586 fc5564e969c5f124d4d1caa0c7729587
Size/MD5: 216702 4cbd97efd2e01a06aa8eec24e0d3ccae
Size/MD5: 82932 509cea191c58287577c416468438420b
Size/MD5: 9428520 a5ef3bf48aacd88d37db5c1f0b042ac2
Size/MD5: 219376 d599f9cf370e33e07a777e383a4aea59
Size/MD5: 162426 595ca13ae337bc0d80fbef0c617cfb3d
Size/MD5: 236304 6333f01d8320b203213891bfc1aea045
Size/MD5: 758106 479c1e43b140959ce0253ccbd5931186
i386 architecture (x86 compatible Intel/AMD)
Size/MD5: 43973946 cbc8c149302cd85aa3340f1c6fb6556a
Size/MD5: 2801606 fe19bd6f5f497621eab0b8fee4f9156f
Size/MD5: 210120 3518227623d7d06342ab07ea67dcbcc0
Size/MD5: 75348 dbeffcf2a2c58201eed2f1a84d6cb617
Size/MD5: 7944068 9f02d1712680eadfd058c4590c26d173
Size/MD5: 219386 1501d84bd496b41dba93e406e5568eef
Size/MD5: 147126 cbb87b272c50e7a3e646d2460a40d974
Size/MD5: 236296 0746795b91d883f50fb8b280c58658ab
Size/MD5: 670250 4639cb05497532e4117bd1955f9c21db
powerpc architecture (Apple Macintosh G3/G4/G5)
Size/MD5: 48787984 efb1774fb5bba3d9714647571c8591fe
Size/MD5: 2801640 2e62374f3c50fead822f01e9712fcf5f
Size/MD5: 213568 9197ba5be37eb905fe72b6768e7db181
Size/MD5: 78456 b5eda90c93ca5b64cf32e87aeb2001c0
Size/MD5: 9047798 3f69986dc6b187c8818604a02a60d1a3
Size/MD5: 219386 e217097185da1e749b462096958dc159
Size/MD5: 159720 a026903f12a1bb284125d3844277ab3f
Size/MD5: 236290 39f0a869a3f24dd5fe7d443f59af29d9
Size/MD5: 769050 0cd9d7fd052b5da45529447c39dec812
sparc architecture (Sun SPARC/UltraSPARC)
Size/MD5: 45364958 6feca8379273bfcd93509d273c80bb3d
Size/MD5: 2801706 bcc563e78b0f45de039730d1cd1518e8
Size/MD5: 211060 e7c737cd2fbf96ca80fe3b5da8ab265c
Size/MD5: 76914 42d57032d8a2f5428b2026597fa50957
Size/MD5: 8437612 48829e7c5fd375db1debd36b2d929efd
Size/MD5: 219398 b0a9ee505873fbf1c1f1b9839b8ff4a2
Size/MD5: 149624 0b21b6362773ee675bef15dd04cf289c
Size/MD5: 236290 93a968fc6b14988b4ed9ea53fbddaabe
Size/MD5: 682330 88de775e621fa00e144797d8512c8dad
--PMULwz+zIGJzpDN9
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFFnBW6H/9LqRcGPm0RAsjhAJ9SmdLLVgSYCO5IYNJ4bDGTHIAHKgCdHZtg
W7u4tfqj2qKt9FF6p7K+wjw=2PBU
-----END PGP SIGNATURE-------PMULwz+zIGJzpDN9--
--==============14315672=Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
--ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--==============14315672==-- 
