----------------------------------------------------------------------

Did you know that a change in our assessment rating, exploit code
availability, or if an updated patch is released by the vendor, is
not part of this mailing-list?

Click here to learn more:
http://secunia.com/advisories/business_solutions/

----------------------------------------------------------------------

TITLE:
Ubuntu update for firefox

SECUNIA ADVISORY ID:
SA33231

VERIFY ADVISORY:
http://secunia.com/advisories/33231/

CRITICAL:
Highly critical

IMPACT:
Security Bypass, Cross Site Scripting, Exposure of sensitive
information, System access

WHERE:
>From remote

OPERATING SYSTEM:
Ubuntu Linux 7.10
http://secunia.com/advisories/product/16251/

DESCRIPTION:
Ubuntu has issued an update for firefox. This fixes some
vulnerabilities, which can be exploited by malicious people to bypass
certain security restrictions, disclose sensitive information, conduct
cross-site scripting attacks, or potentially compromise a user's
system.

For more information:
SA33184

SOLUTION:
Apply updated packages.

-- Ubuntu 7.10 --

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.19+nobinonly1-0ubuntu0.7.10.1.diff.gz
Size/MD5: 193899 36adc1276acd43f74f72cfcc1ae3d0e9
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.19+nobinonly1-0ubuntu0.7.10.1.dsc
Size/MD5: 1667 191a120d310a4e50dc3890bc39dd5eb4
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.19+nobinonly1.orig.tar.gz
Size/MD5: 38003869 ef1cc2719a0d2e765e7395191917b0e1

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_2.0.0.19+nobinonly1-0ubuntu0.7.10.1_all.deb
Size/MD5: 200940 bb5074878422fcc2770502b9ccb0da27

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.19+nobinonly1-0ubuntu0.7.10.1_amd64.deb
Size/MD5: 78150706 95fdf710a1475b0bc9c2d05b93729e1d
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.19+nobinonly1-0ubuntu0.7.10.1_amd64.deb
Size/MD5: 3199474 a81af067e5cd04967c4b073e4ea88b3d
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.19+nobinonly1-0ubuntu0.7.10.1_amd64.deb
Size/MD5: 98272 a5da4c672ee9cdb9238827240a1fd8d4
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.19+nobinonly1-0ubuntu0.7.10.1_amd64.deb
Size/MD5: 67296 1867fa5365e1877b2991f0012a5a0508
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.19+nobinonly1-0ubuntu0.7.10.1_amd64.deb
Size/MD5: 10470700 e782eb0e3ee75833b54f6bf6eb7ad587

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.19+nobinonly1-0ubuntu0.7.10.1_i386.deb
Size/MD5: 77284164 a71bc30bc1337cf8f764c4e34c0225bc
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.19+nobinonly1-0ubuntu0.7.10.1_i386.deb
Size/MD5: 3187094 ac6687331ea182a211af874e78d6ed17
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.19+nobinonly1-0ubuntu0.7.10.1_i386.deb
Size/MD5: 91982 e940726ca92857100f60b40c0627ebe7
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.19+nobinonly1-0ubuntu0.7.10.1_i386.deb
Size/MD5: 66578 8b2d79255ed23faa29d212394bcba143
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.19+nobinonly1-0ubuntu0.7.10.1_i386.deb
Size/MD5: 9216882 bc3cbdf09eab1655725e7c6f6e702227

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/f/firefox/firefox-dbg_2.0.0.19+nobinonly1-0ubuntu0.7.10.1_lpia.deb
Size/MD5: 77568340 e0c635c7c94d02df21c3959245f82eae
http://ports.ubuntu.com/pool/main/f/firefox/firefox-dev_2.0.0.19+nobinonly1-0ubuntu0.7.10.1_lpia.deb
Size/MD5: 3184640 e8dbcad248acefdf2e67206fd9a99884
http://ports.ubuntu.com/pool/main/f/firefox/firefox-gnome-support_2.0.0.19+nobinonly1-0ubuntu0.7.10.1_lpia.deb
Size/MD5: 91636 54e13279350c153e6c86bc6f56c413ff
http://ports.ubuntu.com/pool/main/f/firefox/firefox-libthai_2.0.0.19+nobinonly1-0ubuntu0.7.10.1_lpia.deb
Size/MD5: 66524 ebc91a165868249a1d87a91727b7d2fd
http://ports.ubuntu.com/pool/main/f/firefox/firefox_2.0.0.19+nobinonly1-0ubuntu0.7.10.1_lpia.deb
Size/MD5: 9073898 5a46dfbb0577f2f590d6ba0b4e8427ae

powerpc architecture (Apple Macintosh G3/G4/G5):

http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.19+nobinonly1-0ubuntu0.7.10.1_powerpc.deb
Size/MD5: 80768006 e9ae877064a52623eb7e35814f9b34cc
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.19+nobinonly1-0ubuntu0.7.10.1_powerpc.deb
Size/MD5: 3202786 6e6b92b3b5e47bcc20e3803d6c967b0d
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.19+nobinonly1-0ubuntu0.7.10.1_powerpc.deb
Size/MD5: 96330 eac0521eb7d2d212869337a96576741b
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.19+nobinonly1-0ubuntu0.7.10.1_powerpc.deb
Size/MD5: 67580 9261fce133f2603c58f710cfb1c7e387
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.19+nobinonly1-0ubuntu0.7.10.1_powerpc.deb
Size/MD5: 10315794 2f30e74ebaf0e5bb0eed03669e67c7b7

sparc architecture (Sun SPARC/UltraSPARC):

http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0.19+nobinonly1-0ubuntu0.7.10.1_sparc.deb
Size/MD5: 78127352 ab6da326b1db0baf28f1041eff70e3e4
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0.19+nobinonly1-0ubuntu0.7.10.1_sparc.deb
Size/MD5: 3184440 74705617fd5764f9414756ecf9e2281c
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_2.0.0.19+nobinonly1-0ubuntu0.7.10.1_sparc.deb
Size/MD5: 91764 440f4a3bf1774945c2b93cd90948b7d2
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-libthai_2.0.0.19+nobinonly1-0ubuntu0.7.10.1_sparc.deb
Size/MD5: 66664 1f2b23c6612f07ee3f932ff0e294a123
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.19+nobinonly1-0ubuntu0.7.10.1_sparc.deb
Size/MD5: 9466814 70da09e753b9ab898be59a3bdd25a646

ORIGINAL ADVISORY:
http://www.ubuntu.com/usn/usn-690-2

OTHER REFERENCES:
SA33184:
http://secunia.com/advisories/33184/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------