----------------------------------------------------------------------

Did you know that a change in our assessment rating, exploit code
availability, or if an updated patch is released by the vendor, is
not part of this mailing-list?

Click here to learn more:
http://secunia.com/advisories/business_solutions/

----------------------------------------------------------------------

TITLE:
Ubuntu update for thunderbird

SECUNIA ADVISORY ID:
SA33415

VERIFY ADVISORY:
http://secunia.com/advisories/33415/

CRITICAL:
Highly critical

IMPACT:
Security Bypass, Cross Site Scripting, Exposure of sensitive
information, System access

WHERE:
>From remote

OPERATING SYSTEM:
Ubuntu Linux 6.06
http://secunia.com/advisories/product/10611/

DESCRIPTION:
Ubuntu has issued an update for thunderbird. This fixes some
vulnerabilities, which can be exploited by malicious people to bypass
certain security restrictions, disclose sensitive information, conduct
cross-site scripting attacks, or potentially compromise a user's
system.

For more information:
SA33205

SOLUTION:
Apply updated packages.

-- Ubuntu 6.06 LTS --

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080614i-0ubuntu0.6.06.1.diff.gz
Size/MD5: 457871 6708c462f15f2f2a6baff4e29c89f30a
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080614i-0ubuntu0.6.06.1.dsc
Size/MD5: 1050 afa2249f6dc30aab41be123a9dc4ee37
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080614i.orig.tar.gz
Size/MD5: 38496066 4cfc246095c4d0aed823957286b3d78e

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15~prepatch080614i-0ubuntu0.6.06.1_amd64.deb
Size/MD5: 3594116 be08ab02c9d79056d6633df8204ac697
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15~prepatch080614i-0ubuntu0.6.06.1_amd64.deb
Size/MD5: 195036 3388af5706c609fd857af0b4c83baaaf
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15~prepatch080614i-0ubuntu0.6.06.1_amd64.deb
Size/MD5: 60284 e48244b6f33777de63390a186f00a587
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080614i-0ubuntu0.6.06.1_amd64.deb
Size/MD5: 12121434 1874cff31d6f97f46d44b7912d8a209e

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15~prepatch080614i-0ubuntu0.6.06.1_i386.deb
Size/MD5: 3587984 87ca4cd810a3aef5f0031f87fe2b4093
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15~prepatch080614i-0ubuntu0.6.06.1_i386.deb
Size/MD5: 188476 6067997901bf2298f86f154ed75605de
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15~prepatch080614i-0ubuntu0.6.06.1_i386.deb
Size/MD5: 55808 9223b79d4b57a4288723fb9247f09016
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080614i-0ubuntu0.6.06.1_i386.deb
Size/MD5: 10391474 2dae030db3d78d5eeea2d2b262017083

powerpc architecture (Apple Macintosh G3/G4/G5):

http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15~prepatch080614i-0ubuntu0.6.06.1_powerpc.deb
Size/MD5: 3593172 2ca154973ea6df8fb00cac0f50e791a8
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15~prepatch080614i-0ubuntu0.6.06.1_powerpc.deb
Size/MD5: 191762 81d133d1bfeb70d377692fd49d5ea9c1
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15~prepatch080614i-0ubuntu0.6.06.1_powerpc.deb
Size/MD5: 59440 bbc9361554b79c69d08ac62b79508199
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080614i-0ubuntu0.6.06.1_powerpc.deb
Size/MD5: 11676430 300ce0fabdf9530f0a4a748755deb9be

sparc architecture (Sun SPARC/UltraSPARC):

http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.5.0.13+1.5.0.15~prepatch080614i-0ubuntu0.6.06.1_sparc.deb
Size/MD5: 3589802 4851d549ab3f7b89eb130435941b145a
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.5.0.13+1.5.0.15~prepatch080614i-0ubuntu0.6.06.1_sparc.deb
Size/MD5: 189224 6f81dcb50c903107106edf511564f82b
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.5.0.13+1.5.0.15~prepatch080614i-0ubuntu0.6.06.1_sparc.deb
Size/MD5: 57298 06ba7f5f613f0d28457ac9c89366e4a5
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.5.0.13+1.5.0.15~prepatch080614i-0ubuntu0.6.06.1_sparc.deb
Size/MD5: 10869132 496a8efbcdbdf4e709c58aa4101d2d62

ORIGINAL ADVISORY:
USN-701-2:
https://lists.ubuntu.com/archives/ubuntu-security-announce/2009-January/000821.html

OTHER REFERENCES:
SA33205:
http://secunia.com/advisories/33205/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------