TITLE: Debian update for mozilla-firefox SECUNIA ADVISORY ID: SA19862 VERIFY ADVISORY: http://secunia.com/advisories/19862/ CRITICAL: Highly critical IMPACT: Security Bypass, Cross Site Scripting, Spoofing, Exposure of sensitive information, DoS, System access WHERE: >From remote OPERATING SYSTEM: Debian GNU/Linux unstable alias sid http://secunia.com/product/530/ Debian GNU/Linux 3.1 http://secunia.com/product/5307/ DESCRIPTION: Debian has issued an update for mozilla-firefox. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and phishing attacks, bypass certain security restrictions, disclose sensitive information, cause a DoS (Denial of Service), and potentially compromise a user's system. For more information: SA17934 SA18700 SA19631 SOLUTION: Apply updated packages. -- Debian GNU/Linux 3.1 alias sarge -- Source archives: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge6.dsc Size/MD5 checksum: 1001 09c185f1a695fd7b01494c7612e123bf http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge6.diff.gz Size/MD5 checksum: 381739 0582bbb1766855b1e82c25a39109480a http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4.orig.tar.gz Size/MD5 checksum: 40212297 8e4ba81ad02c7986446d4e54e978409d Alpha architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge6_alpha.deb Size/MD5 checksum: 11171196 55e56e5a9306f5ea4d1508140836c042 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge6_alpha.deb Size/MD5 checksum: 168162 9c4d068815e6e6239970f3b248456622 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge6_alpha.deb Size/MD5 checksum: 60002 532591335d84fc3f28e8c91f829a33c5 AMD64 architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge6_amd64.deb Size/MD5 checksum: 9400894 d9033861dc839d0a763928271efb566d http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge6_amd64.deb Size/MD5 checksum: 162910 5dc9795fae9b8f6d2cc3cb790c6250e5 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge6_amd64.deb Size/MD5 checksum: 58514 c7964d89cec3da753c6a553e6695416a ARM architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge6_arm.deb Size/MD5 checksum: 8220344 30407a08ed75456e59317304f9f4f4cd http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge6_arm.deb Size/MD5 checksum: 154376 f298104e766dfc1f7ead3a82ca766093 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge6_arm.deb Size/MD5 checksum: 53836 1e0d26b5767112085ceaf3bb1a5e3167 Intel IA-32 architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge6_i386.deb Size/MD5 checksum: 8896526 b7a91a72476842c9b6798fceb791c20c http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge6_i386.deb Size/MD5 checksum: 158156 27b8ea4761567e6e71cb0f888995dc1c http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge6_i386.deb Size/MD5 checksum: 55380 88fe805a1c81b705d8146c3c11ba0540 Intel IA-64 architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge6_ia64.deb Size/MD5 checksum: 11628466 f42dffd9e863f7a373f14b0b7276239e http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge6_ia64.deb Size/MD5 checksum: 168490 ad2f05cc5e1b32113eb27b02623ab8d2 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge6_ia64.deb Size/MD5 checksum: 63188 cd0e85bb099ffebfa50cfa5db021a09b HP Precision architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge6_hppa.deb Size/MD5 checksum: 10272698 4465e59426f88dcfedbb8b46d9e9300a http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge6_hppa.deb Size/MD5 checksum: 165896 c58e73ec5b355a1848abeb60d643601c http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge6_hppa.deb Size/MD5 checksum: 58982 5366dbfa5e4fc8f1026c7a1c6ab107a5 Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge6_m68k.deb Size/MD5 checksum: 8171168 d7d08da028982a426d22eff0e2c3a19b http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge6_m68k.deb Size/MD5 checksum: 156990 44a55bef9f1b6788872460a887b2695d http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge6_m68k.deb Size/MD5 checksum: 54640 5b6b926264762bbd495369286ee781ee Big endian MIPS architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge6_mips.deb Size/MD5 checksum: 9927634 b0e37e95b1e41733b23e3f73b9c72405 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge6_mips.deb Size/MD5 checksum: 155916 5eea68906058e471cb2669052e544ace http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge6_mips.deb Size/MD5 checksum: 55650 a524a73fea4d1b3b90ca327fddb654cc Little endian MIPS architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge6_mipsel.deb Size/MD5 checksum: 9807332 cf96cd6abc99138cc29970da55e0b212 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge6_mipsel.deb Size/MD5 checksum: 155456 61affe2d665661bdcbea5675ecc6e997 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge6_mipsel.deb Size/MD5 checksum: 55466 204a01cd5700af9fe83f46a578e16137 PowerPC architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge6_powerpc.deb Size/MD5 checksum: 8567542 47ecafdf5d0546f37a93e607e5309ad9 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge6_powerpc.deb Size/MD5 checksum: 156574 a0e6cc0e9465b9514f890052fab979f6 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge6_powerpc.deb Size/MD5 checksum: 57758 76f1ce6caf3c5e43512567738cb1efbd IBM S/390 architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge6_s390.deb Size/MD5 checksum: 9639294 3ee16b1842014591a467ef4b728864e8 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge6_s390.deb Size/MD5 checksum: 163512 ff6eb1ff873acb224dedb28e4af99c0f http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge6_s390.deb Size/MD5 checksum: 57946 9ea184c5b5d433d0271a7f1a96f06234 Sun Sparc architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge6_sparc.deb Size/MD5 checksum: 8659558 4b91971c36927f498fb1f2b98d681bc6 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge6_sparc.deb Size/MD5 checksum: 156772 d9eb8881f510b007904587450ae44a61 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge6_sparc.deb Size/MD5 checksum: 54194 508ab5503cc83699296f707d2fd66026 -- Debian GNU/Linux unstable alias sid -- Fixed in version 1.5.dfsg+1.5.0.2-2. ORIGINAL ADVISORY: http://www.us.debian.org/security/2006/dsa-1044 OTHER REFERENCES: SA17934: http://secunia.com/advisories/17934/ SA18700: http://secunia.com/advisories/18700/ SA19631: http://secunia.com/advisories/19631/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------