TITLE: Ubuntu update for firefox SECUNIA ADVISORY ID: SA19746 VERIFY ADVISORY: http://secunia.com/advisories/19746/ CRITICAL: Highly critical IMPACT: Security Bypass, Cross Site Scripting, Spoofing, Exposure of sensitive information, DoS, System access WHERE: >From remote OPERATING SYSTEM: Ubuntu Linux 4.10 http://secunia.com/product/4491/ Ubuntu Linux 5.04 http://secunia.com/product/5036/ Ubuntu Linux 5.10 http://secunia.com/product/6606/ DESCRIPTION: Ubuntu has issued an update for firefox. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), conduct cross-site scripting and phishing attacks, bypass certain security restrictions, disclose sensitive information, and potentially compromise a user's system. For more information: SA17934 SA18700 SA19631 SOLUTION: Apply updated packages. -- Ubuntu 4.10 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-firefox/mozilla-firefox_1.0.8-0ubuntu4.10.diff.gz Size/MD5: 235111 b2ebfed686a487adf1244307dfd266b9 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-firefox/mozilla-firefox_1.0.8-0ubuntu4.10.dsc Size/MD5: 987 c60705b0fd14c4ef6295d5ed001915d6 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-firefox/mozilla-firefox_1.0.8.orig.tar.gz Size/MD5: 41545571 74feb5a7af741bc5e24f1a622ce698c8 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.8-0ubuntu4.10_amd64.deb Size/MD5: 148312 62c914a0e040677be53af936bb3a17ed http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-firefox/mozilla-firefox_1.0.8-0ubuntu4.10_amd64.deb Size/MD5: 10677328 ad7cf73fd3f546291a959ddd5ffc96e9 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.8-0ubuntu4.10_i386.deb Size/MD5: 143192 9e442b0a7c2f3cc9e456e6afea8d0c60 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-firefox/mozilla-firefox_1.0.8-0ubuntu4.10_i386.deb Size/MD5: 9850946 79d68b23803a61cb330b849b15068f54 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.8-0ubuntu4.10_powerpc.deb Size/MD5: 141946 342abccbb3fa9cdd70495d7b8395eac2 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-firefox/mozilla-firefox_1.0.8-0ubuntu4.10_powerpc.deb Size/MD5: 9507830 0d44cda71daf7d14725daf34d6cfc175 -- Ubuntu 5.04 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-firefox/mozilla-firefox_1.0.8-0ubuntu5.04.diff.gz Size/MD5: 804535 00b1fc4d98dfa001442144c8d7745572 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-firefox/mozilla-firefox_1.0.8-0ubuntu5.04.dsc Size/MD5: 1060 a3c93f7d8fa6ce8dcd91aa2151a5f005 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-firefox/mozilla-firefox_1.0.8.orig.tar.gz Size/MD5: 41545571 74feb5a7af741bc5e24f1a622ce698c8 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-firefox/mozilla-firefox-dev_1.0.8-0ubuntu5.04_amd64.deb Size/MD5: 2633684 1ff190c377531df8542e3b02560d4536 http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.8-0ubuntu5.04_amd64.deb Size/MD5: 158486 604e2a6d94958224debffabf5d03a702 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.8-0ubuntu5.04_amd64.deb Size/MD5: 57812 8fb2a4a30727c03d5aa8016fbd4d38e7 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-firefox/mozilla-firefox_1.0.8-0ubuntu5.04_amd64.deb Size/MD5: 9771928 d438cbb1c473650c70f9b3b58e1b7613 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-firefox/mozilla-firefox-dev_1.0.8-0ubuntu5.04_i386.deb Size/MD5: 2633766 92c92229157c7549ad186cdf0e0c8733 http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.8-0ubuntu5.04_i386.deb Size/MD5: 153396 9d6b58b4ae7a631e1799f3c4bbe55db8 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.8-0ubuntu5.04_i386.deb Size/MD5: 54368 8dbd371b16cac675aa57ba815c97cdd1 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-firefox/mozilla-firefox_1.0.8-0ubuntu5.04_i386.deb Size/MD5: 8811088 2d2d0ff095a8e0f2bcc247cc8163faf4 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-firefox/mozilla-firefox-dev_1.0.8-0ubuntu5.04_powerpc.deb Size/MD5: 2633816 7548fe24b857258efe6670286676175b http://security.ubuntu.com/ubuntu/pool/universe/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.8-0ubuntu5.04_powerpc.deb Size/MD5: 152158 14b412512616688e2dcb85e121a91c95 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.8-0ubuntu5.04_powerpc.deb Size/MD5: 56994 c74044c7e7900c36ca55ac10f029a451 http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-firefox/mozilla-firefox_1.0.8-0ubuntu5.04_powerpc.deb Size/MD5: 8467096 1dd31ba1f4e37e3c6e7897f406f12598 -- Ubuntu 5.10 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.0.8-0ubuntu5.10.diff.gz Size/MD5: 835820 3d772aa08cb9de34e762ba49a24c4284 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.0.8-0ubuntu5.10.dsc Size/MD5: 994 fcf2db5ad6832da949ef1f71482bc8d9 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.0.8.orig.tar.gz Size/MD5: 41545571 74feb5a7af741bc5e24f1a622ce698c8 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_1.0.8-0ubuntu5.10_all.deb Size/MD5: 38558 bc004ea12dc5004b9f26778201e09f8d http://security.ubuntu.com/ubuntu/pool/main/f/firefox/mozilla-firefox_1.0.8-0ubuntu5.10_all.deb Size/MD5: 38556 6227eefa4309c2ec1d3c54923e5abd0d amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.0.8-0ubuntu5.10_amd64.deb Size/MD5: 2634278 cff91adda22099360cf518da9b7ee186 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.0.8-0ubuntu5.10_amd64.deb Size/MD5: 160646 5c34e657817242b4a9efa7308f78c257 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.0.8-0ubuntu5.10_amd64.deb Size/MD5: 77490 6a9ad84be837686547ec8e49a4165e20 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.0.8-0ubuntu5.10_amd64.deb Size/MD5: 9922114 e5b0ec7267bd9f2c07be238f20773c58 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.0.8-0ubuntu5.10_i386.deb Size/MD5: 2634250 b234de52409b3c358b75678e40399035 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.0.8-0ubuntu5.10_i386.deb Size/MD5: 153868 bc273cbad73071f2fd6f077d31ee0ba3 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.0.8-0ubuntu5.10_i386.deb Size/MD5: 69988 cbfb699307a6a8fb8b30de427329d77b http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.0.8-0ubuntu5.10_i386.deb Size/MD5: 8469524 ade9477dd6a0de72e025dde686b1719e powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.0.8-0ubuntu5.10_powerpc.deb Size/MD5: 2634298 5d7da09c807c39e7dfd5eb32b9944b85 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.0.8-0ubuntu5.10_powerpc.deb Size/MD5: 153894 514e1da7d177b865db4ecb45ed8b07dc http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.0.8-0ubuntu5.10_powerpc.deb Size/MD5: 75182 2cac974d914d112d13ff9611512f7a7d http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.0.8-0ubuntu5.10_powerpc.deb Size/MD5: 8602522 fcc3cb9722c48441bb8218140b8720ea ORIGINAL ADVISORY: http://www.ubuntu.com/usn/usn-271-1 OTHER REFERENCES: SA17934: http://secunia.com/advisories/17934/ SA18700: http://secunia.com/advisories/18700/ SA19631: http://secunia.com/advisories/19631/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------