--===============8788843725950952142==
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature";
 boundary="2/5bycvrmDh4d1IB"
Content-Disposition: inline


--2/5bycvrmDh4d1IB
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

===========================================================
Ubuntu Security Notice USN-717-3          February 11, 2009
firefox vulnerabilities
CVE-2008-5510, CVE-2009-0357
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  firefox                         1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1

After a standard system upgrade you need to restart Firefox to effect the
necessary changes.

Details follow:

Kojima Hajime discovered that Firefox did not properly handle an escaped null
character. An attacker may be able to exploit this flaw to bypass script
sanitization. (CVE-2008-5510)

Wladimir Palant discovered that Firefox did not restrict access to cookies in
HTTP response headers. If a user were tricked into opening a malicious web
page, a remote attacker could view sensitive information. (CVE-2009-0357)


Updated packages for Ubuntu 6.06 LTS:

  Source archives:

    firefox_1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1.diff.gz
      Size/MD5:   184569 201540f2560ee07d0a7b30d367ce41bd
    firefox_1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1.dsc
      Size/MD5:     1800 e8a6f2726dbc06dade12a0ebc19c7fae
    firefox_1.5.dfsg+1.5.0.15~prepatch080614j.orig.tar.gz
      Size/MD5: 48454140 496d1a74f2a98e8983737a874a9db29f

  Architecture independent packages:

    mozilla-firefox_1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_all.deb
      Size/MD5:    53638 9a18c7067527411eababced232354e7c
    mozilla-firefox-dev_1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_all.deb
      Size/MD5:    52746 fa9d687831d30b8f8ef39da07c7a1ff4

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    firefox-dbg_1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_amd64.deb
      Size/MD5: 47675616 d3b427dc0d4db0eebb5f3147ce3d29bb
    firefox-dev_1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_amd64.deb
      Size/MD5:  3045278 1683527a70cdf674f7b711ad559db6b4
    firefox-gnome-support_1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_amd64.deb
      Size/MD5:    85802 d88ad731cdfc825cb1f88ad91d8fbe2d
    firefox_1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_amd64.deb
      Size/MD5:  9522850 b6d18064354f4e733894ce40fe048be4
    libnspr-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_amd64.deb
      Size/MD5:   228116 90343b0a500020dd643c049164ba9c93
    libnspr4_1.firefox1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_amd64.deb
      Size/MD5:   165590 3c2be076fb6d9c61cb42d938a90b93d2
    libnss-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_amd64.deb
      Size/MD5:   254734 4198117776b43f20ca6d70b554b81db7
    libnss3_1.firefox1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_amd64.deb
      Size/MD5:   826298 b88f70f60cb48caa96add58750e5b4bd
    firefox-dom-inspector_1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_amd64.deb
      Size/MD5:   218730 e76dcc4583433117dbd7b81a77a858f5

  i386 architecture (x86 compatible Intel/AMD):

    firefox-dbg_1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_i386.deb
      Size/MD5: 44222898 8c37f41c90782d6f7a1bef130a33bebc
    firefox-dev_1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_i386.deb
      Size/MD5:  3042728 4542d11b7a0d330ba036246b518b7348
    firefox-gnome-support_1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_i386.deb
      Size/MD5:    78320 a09d5ac38d8656b09b02f61de4a3a848
    firefox_1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_i386.deb
      Size/MD5:  8031042 89edcd5c182b752bd4a81d53bb4fcf9c
    libnspr-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_i386.deb
      Size/MD5:   226174 0837e3ee67b4f6cde742c775e037f458
    libnspr4_1.firefox1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_i386.deb
      Size/MD5:   150976 6405eb0e815c96e8627f2b4d136eff11
    libnss-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_i386.deb
      Size/MD5:   255144 0e40cab26f0632c3d8687def727799c5
    libnss3_1.firefox1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_i386.deb
      Size/MD5:   716692 950b133f03721a6e850c39374211eed9
    firefox-dom-inspector_1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_i386.deb
      Size/MD5:   212318 32b6d850fe57e89ae8646adb606552df

  powerpc architecture (Apple Macintosh G3/G4/G5):

    firefox-dbg_1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_powerpc.deb
      Size/MD5: 49080148 8c660c35194a0d6ea0eaef04217fabee
    firefox-dev_1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_powerpc.deb
      Size/MD5:  2858774 459ccaa976dadf0a084d79a749a1117e
    firefox-gnome-support_1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_powerpc.deb
      Size/MD5:    81422 ebce34e5fbdc9f9512eb52ff4722ae5b
    firefox_1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_powerpc.deb
      Size/MD5:  9112744 6b2cda45169a8a9bb7b13afd2698a304
    libnspr-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_powerpc.deb
      Size/MD5:   222260 6aae274c9ced525cd99cc4995a893118
    libnspr4_1.firefox1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_powerpc.deb
      Size/MD5:   163044 390f958f20ee78f041342d934b67edcd
    libnss-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_powerpc.deb
      Size/MD5:   247834 3a4363d4e6b72e79826f46013328d975
    libnss3_1.firefox1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_powerpc.deb
      Size/MD5:   816088 69bf430f8f920576685682d684dd0159
    firefox-dom-inspector_1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_powerpc.deb
      Size/MD5:   215280 33d4ae48f71b7ac9c0b8a3ddaccbe9b9

  sparc architecture (Sun SPARC/UltraSPARC):

    firefox-dbg_1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_sparc.deb
      Size/MD5: 45627582 86289259deef3338488deff398981f8f
    firefox-dev_1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_sparc.deb
      Size/MD5:  2858786 b846d70d98da5c911c56175900f38561
    firefox-gnome-support_1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_sparc.deb
      Size/MD5:    79926 b001d774bd2f4eeba25abe99aaf806f1
    firefox_1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_sparc.deb
      Size/MD5:  8498570 191dac8aa9174eefd1a0bdfe212b453a
    libnspr-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_sparc.deb
      Size/MD5:   222282 2dc8e2df944c5d49c4e7a409077eb3ff
    libnspr4_1.firefox1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_sparc.deb
      Size/MD5:   152948 68af6ea71c2386cff897d0862f2025ab
    libnss-dev_1.firefox1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_sparc.deb
      Size/MD5:   247844 243fcbcde87e019f0e81748b9db25014
    libnss3_1.firefox1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_sparc.deb
      Size/MD5:   727550 dcb087f639cc1fe8be4fea51c4034d28
    firefox-dom-inspector_1.5.dfsg+1.5.0.15~prepatch080614j-0ubuntu1_sparc.deb
      Size/MD5:   212730 d74dc227e12ba13b96cb586edefe1c90



--2/5bycvrmDh4d1IB
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkmSLqsACgkQW0JvuRdL8BoB9ACfRrB1k6GemaCJb8OMJ1WWqBLh
CI4AnA/tghlJEgxkIr7jtuJYBc/q0ZtD
=kpCU
-----END PGP SIGNATURE-----

--2/5bycvrmDh4d1IB--


--===============8788843725950952142==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============8788843725950952142==--