---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: Ubuntu update for thunderbird SECUNIA ADVISORY ID: SA35536 VERIFY ADVISORY: http://secunia.com/advisories/35536/ DESCRIPTION: Ubuntu has issued an update for thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct spoofing attacks, conduct cross-site scripting and cross-site request forgery attacks, and potentially to compromise a user's system. For more information: SA34780 SA35440 SOLUTION: Apply updated packages. -- Ubuntu 8.04 LTS -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1.diff.gz Size/MD5: 129375 50f163cb84ce93993d4e3a7b2f11ef64 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1.dsc Size/MD5: 2368 8038ba3ba27520e380f39b989a57130c http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.22+build1+nobinonly.orig.tar.gz Size/MD5: 37790894 f04e5745655a0720ba5f37a968df290d Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/mozilla-thunderbird-dev_2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 60564 63b6eee61fce05ac62c1735b99580458 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/mozilla-thunderbird_2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 60550 98653777b440983e0a5d8764d42a0cea amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-dev_2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1_amd64.deb Size/MD5: 3783728 842547585887a63ca7dc6e4fdf1984b3 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1_amd64.deb Size/MD5: 85448 0697d17c399e80f613775dae2a6490d5 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1_amd64.deb Size/MD5: 12412834 2c41d864fb6889e149c2c39a61717e4f i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-dev_2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1_i386.deb Size/MD5: 3770530 e3ede36cc0599b0586d47f637879db44 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1_i386.deb Size/MD5: 80840 0658a9fad40b9678fc7c37a06bf9aec6 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1_i386.deb Size/MD5: 10982636 4cd6e3b52bb41302f4fab065dfdbb6f9 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-dev_2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1_lpia.deb Size/MD5: 3768330 277a47cf856821877f6a7f903c16095c http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1_lpia.deb Size/MD5: 80576 781b6b72a98046251ebcc69e29a07f1a http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird_2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1_lpia.deb Size/MD5: 10829794 b38988dbaa2e055ce2167ca7c3ede57d powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-dev_2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1_powerpc.deb Size/MD5: 3787538 30525ea17b19ca6a3037510521fa62d2 http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1_powerpc.deb Size/MD5: 83848 45727a77365efa4979e02e8421a2c75d http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird_2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1_powerpc.deb Size/MD5: 12255960 eba7111f498e268fd316d3b10243c58e sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-dev_2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1_sparc.deb Size/MD5: 3768722 2b2e0ac937b14f1718a2b03e6e8f8a4e http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1_sparc.deb Size/MD5: 80296 bc51f99b9c9ccba11af3c233581a51df http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird_2.0.0.22+build1+nobinonly-0ubuntu0.8.04.1_sparc.deb Size/MD5: 11257500 93fd35a33bf02271c9c1d0c42159f2e3 -- Ubuntu 8.10 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1.diff.gz Size/MD5: 130171 fffd1290f2a94ea1af6e09aae28a45b3 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1.dsc Size/MD5: 2350 ed418b42a976a5b90236858b3c0ab4e3 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.22+build1+nobinonly.orig.tar.gz Size/MD5: 37790894 f04e5745655a0720ba5f37a968df290d Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/mozilla-thunderbird-dev_2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 60872 c208ef55c11bb1415c38eac776712a8c http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/mozilla-thunderbird_2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 60860 f968fe3507cdbabe971dae4145240d79 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-dev_2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1_amd64.deb Size/MD5: 3737230 9b97e87156258d87953df9e6889c9a17 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1_amd64.deb Size/MD5: 85616 fc687f588f4c2749bbe0800699fe0f3d http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1_amd64.deb Size/MD5: 12439672 2af5289f2761ba39bbc4c965407347f0 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-dev_2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1_i386.deb Size/MD5: 3721796 75c2d7d1e1729b402971ebfc3ba83319 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1_i386.deb Size/MD5: 81208 6c827e62a1b407b2e9e96821bfc547b5 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1_i386.deb Size/MD5: 11044694 6dd9d9f06e06c6fb57869837e0566f5a lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-dev_2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1_lpia.deb Size/MD5: 3718302 9c07e471cd961e2ec86a9d3125f49eed http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1_lpia.deb Size/MD5: 80918 0051146fc0ea1aef32c69a1aad623b61 http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird_2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1_lpia.deb Size/MD5: 10866146 59641fc3c2e8d571c24a70a6314d6b39 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-dev_2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1_powerpc.deb Size/MD5: 3736442 0b810be2b1d3b694d8c70827defa624b http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1_powerpc.deb Size/MD5: 84084 3ede09a9a37de7c8a7f4044ff23aca64 http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird_2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1_powerpc.deb Size/MD5: 12217834 fee3c22defa9a1d25c87ea2e7364bd5a sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-dev_2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1_sparc.deb Size/MD5: 3724330 67c1ea90443b28a318c09db29b2166bf http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1_sparc.deb Size/MD5: 80926 f27dafba64ee8bee5a95c5a0ed46cf47 http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird_2.0.0.22+build1+nobinonly-0ubuntu0.8.10.1_sparc.deb Size/MD5: 11193104 d2b4ed46e5b2852177f34a58bca294b7 -- Ubuntu 9.04 -- Source archives: http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1.diff.gz Size/MD5: 131710 8e09ef4040310a7210d044d883b2d0c8 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1.dsc Size/MD5: 2350 cccc236d2e73384d0676e321d6aad10d http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.22+build1+nobinonly.orig.tar.gz Size/MD5: 37790894 f04e5745655a0720ba5f37a968df290d Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/mozilla-thunderbird-dev_2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 61254 f1dc248f2e11b00e25112d6662aa11d4 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/mozilla-thunderbird_2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1_all.deb Size/MD5: 61244 6ce3e8cd57e5af79261006a99d598934 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-dev_2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1_amd64.deb Size/MD5: 3737488 8c17faee20cdb33cfca540818f62612d http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1_amd64.deb Size/MD5: 85966 b2b4d31d20b9d204147e09d234fcb052 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1_amd64.deb Size/MD5: 12440604 241c0db68fe894a68f9b05f6bdf72c00 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-dev_2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1_i386.deb Size/MD5: 3722372 675b0a247e184abe0a6045b6709a1f29 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1_i386.deb Size/MD5: 81624 ece46402338cef56dfc45f9cba30f819 http://security.ubuntu.com/ubuntu/pool/main/t/thunderbird/thunderbird_2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1_i386.deb Size/MD5: 11046758 f0e857e8a54259ee33869904f49d22a0 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-dev_2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1_lpia.deb Size/MD5: 3718718 04d49b21a51e00ba9c59dbe9c4d6c6eb http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1_lpia.deb Size/MD5: 81346 578d2de932e11e2227d424aa0e209d37 http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird_2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1_lpia.deb Size/MD5: 10866580 a885ed7a9dd993ff857f076a22c1493c powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-dev_2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1_powerpc.deb Size/MD5: 3736688 950f25db3b3f0f2bf1bd744379915eba http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1_powerpc.deb Size/MD5: 84464 3e50b5d4dd0cd869830c7785bbe38eb9 http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird_2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1_powerpc.deb Size/MD5: 12218566 3d25deedfb55e218320e8a3f378b6bf8 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-dev_2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1_sparc.deb Size/MD5: 3724916 f925b4c5b5d3ff19525c6a650bc1ec8d http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird-gnome-support_2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1_sparc.deb Size/MD5: 81232 ea70b7b8c8670f1797e73267f2e42540 http://ports.ubuntu.com/pool/main/t/thunderbird/thunderbird_2.0.0.22+build1+nobinonly-0ubuntu0.9.04.1_sparc.deb Size/MD5: 11191552 dd69cd928c72ee2f6d45955cebaf8d7f ORIGINAL ADVISORY: USN-782-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2009-June/000924.html OTHER REFERENCES: SA34780: http://secunia.com/advisories/34780/ SA35440: http://secunia.com/advisories/35440/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------