drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in Firefox
Name: |
Mehrere Probleme in Firefox |
|
ID: |
USN-398-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 6.10 |
|
Datum: |
Mi, 3. Januar 2007, 04:04 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6497
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6498
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6499
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6501
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6502
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6503
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6504
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6506
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6507 |
|
Applikationen: |
Mozilla Firefox |
|
Originalnachricht |
--===============1413428115== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="5I6of5zJg18YgZEa" Content-Disposition: inline
--5I6of5zJg18YgZEa Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=20 Ubuntu Security Notice USN-398-1 January 02, 2007 firefox vulnerabilities CVE-2006-6497, CVE-2006-6498, CVE-2006-6499, CVE-2006-6501, CVE-2006-6502, CVE-2006-6503, CVE-2006-6504, CVE-2006-6506, CVE-2006-6507 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D
A security issue affects the following Ubuntu releases:
Ubuntu 6.10
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.10: firefox 2.0.0.1+0dfsg-0ubuntu0.6.10 firefox-dev 2.0.0.1+0dfsg-0ubuntu0.6.10 libnspr-dev 2.0.0.1+0dfsg-0ubuntu0.6.10 libnspr4 2.0.0.1+0dfsg-0ubuntu0.6.10 libnss-dev 2.0.0.1+0dfsg-0ubuntu0.6.10 libnss3 2.0.0.1+0dfsg-0ubuntu0.6.10
After a standard system upgrade you need to restart Firefox to effect=20 the necessary changes.
Details follow:
Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious web page containing JavaScript or SVG. (CVE-2006-6497,=20 CVE-2006-6498, CVE-2006-6499, CVE-2006-6501, CVE-2006-6502,=20 CVE-2006-6504)
Various flaws have been reported that allow an attacker to bypass=20 Firefox's internal XSS protections by tricking the user into opening a=20 malicious web page containing JavaScript. (CVE-2006-6503,=20 CVE-2006-6507)
Jared Breland discovered that the "Feed Preview" feature could leak=20 referrer information to remote servers. (CVE-2006-6506)
Updated packages for Ubuntu 6.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.1+0= dfsg-0ubuntu0.6.10.diff.gz Size/MD5: 322554 79c04227229a107f0c9d45049605bd48 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.1+0= dfsg-0ubuntu0.6.10.dsc Size/MD5: 1218 6ce84b9960bdbb97c9ec6c3705653eae http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.1+0= dfsg.orig.tar.gz Size/MD5: 46670638 1cb13be9a35205af63fe70eeff14eb0e
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-i= nspector_2.0.0.1+0dfsg-0ubuntu0.6.10_all.deb Size/MD5: 236456 9ed7043d22624085cffc10dc7cde8f26 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firef= ox-dev_2.0.0.1+0dfsg-0ubuntu0.6.10_all.deb Size/MD5: 55270 2f8fde2f2488af7750e65e886493cd13 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firef= ox-dom-inspector_2.0.0.1+0dfsg-0ubuntu0.6.10_all.deb Size/MD5: 55362 eb1b5c963f64a784e053bdeee6537481 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firef= ox-gnome-support_2.0.0.1+0dfsg-0ubuntu0.6.10_all.deb Size/MD5: 55378 dd6516fe8c1798d617bcf95b4fbd21c4 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firef= ox_2.0.0.1+0dfsg-0ubuntu0.6.10_all.deb Size/MD5: 56176 eae029799af7b101a55a9bfdffc88330
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0= =2E1+0dfsg-0ubuntu0.6.10_amd64.deb Size/MD5: 50310432 263fa952660d303d4320ac519836a1fb http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0= =2E1+0dfsg-0ubuntu0.6.10_amd64.deb Size/MD5: 3119132 75d94b87d53efb786ffdf56ff6d6b075 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-sup= port_2.0.0.1+0dfsg-0ubuntu0.6.10_amd64.deb Size/MD5: 89652 913420b9f378f322c1ca1b02037f2677 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.1+0= dfsg-0ubuntu0.6.10_amd64.deb Size/MD5: 10387770 78104d3965f2bfbda5575574d9f755ba http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.fir= efox2.0.0.1+0dfsg-0ubuntu0.6.10_amd64.deb Size/MD5: 225036 ea87d34202b6d3223dbac099cf51c8df http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefo= x2.0.0.1+0dfsg-0ubuntu0.6.10_amd64.deb Size/MD5: 167466 55bbefb531652d568f02438aeed10f1d http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.fire= fox2.0.0.1+0dfsg-0ubuntu0.6.10_amd64.deb Size/MD5: 250348 1bbc07d9af10768ac6656d927000abcd http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox= 2.0.0.1+0dfsg-0ubuntu0.6.10_amd64.deb Size/MD5: 861350 3fc1cbb4e1eb02995567cdec7b660bd2
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0= =2E1+0dfsg-0ubuntu0.6.10_i386.deb Size/MD5: 49457428 a30d035ca9fd1819091c1c6b48d325b1 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0= =2E1+0dfsg-0ubuntu0.6.10_i386.deb Size/MD5: 3109488 e86991da3947ee093b840abd83cf07b2 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-sup= port_2.0.0.1+0dfsg-0ubuntu0.6.10_i386.deb Size/MD5: 83386 77793d13bf5a26f0c43962ac5fbd186c http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.1+0= dfsg-0ubuntu0.6.10_i386.deb Size/MD5: 9207840 8dcf11221cfef75bf7f51422dcf60dd7 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.fir= efox2.0.0.1+0dfsg-0ubuntu0.6.10_i386.deb Size/MD5: 225046 90012c5f90396f6a5db7705b243e2521 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefo= x2.0.0.1+0dfsg-0ubuntu0.6.10_i386.deb Size/MD5: 156952 80817ef1fbd45ddfbdfdf75279275c34 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.fire= fox2.0.0.1+0dfsg-0ubuntu0.6.10_i386.deb Size/MD5: 250336 655f2f4a30dae71ec29bf96cfb7f0229 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox= 2.0.0.1+0dfsg-0ubuntu0.6.10_i386.deb Size/MD5: 785180 131a2623fa95997b99085884204fd89a
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0= =2E1+0dfsg-0ubuntu0.6.10_powerpc.deb Size/MD5: 51980774 4865d18b50b3a10dfd1b228e11ac0435 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0= =2E1+0dfsg-0ubuntu0.6.10_powerpc.deb Size/MD5: 3115886 c6f8efcab8edfd7b83453ee041a24612 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-sup= port_2.0.0.1+0dfsg-0ubuntu0.6.10_powerpc.deb Size/MD5: 85272 b66da0f160a453b1f3ee18f5b1722e8d http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.1+0= dfsg-0ubuntu0.6.10_powerpc.deb Size/MD5: 10056020 9102c8484c7c71186fd0b970a610e7e4 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.fir= efox2.0.0.1+0dfsg-0ubuntu0.6.10_powerpc.deb Size/MD5: 225038 4f83154583b4a058a123a3a8586ab0f2 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefo= x2.0.0.1+0dfsg-0ubuntu0.6.10_powerpc.deb Size/MD5: 166288 6190cda57dbebe29c65c1ca97daba292 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.fire= fox2.0.0.1+0dfsg-0ubuntu0.6.10_powerpc.deb Size/MD5: 250334 b3f846f1dafbf1a990ab27df8258b9e1 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox= 2.0.0.1+0dfsg-0ubuntu0.6.10_powerpc.deb Size/MD5: 860068 d0f2e68e9d1ca8be8d9914e6fcdf1bff
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_2.0.0= =2E1+0dfsg-0ubuntu0.6.10_sparc.deb Size/MD5: 49511534 d0e1bad8c05a69231dfee2db6b34b990 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_2.0.0= =2E1+0dfsg-0ubuntu0.6.10_sparc.deb Size/MD5: 3106194 1adc42b08102dca85285244139d312da http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-sup= port_2.0.0.1+0dfsg-0ubuntu0.6.10_sparc.deb Size/MD5: 83086 ef47b587d79afdce14ec47b2e13ce89c http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_2.0.0.1+0= dfsg-0ubuntu0.6.10_sparc.deb Size/MD5: 9485274 13146d26d590e4981281cf21957cfb61 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.fir= efox2.0.0.1+0dfsg-0ubuntu0.6.10_sparc.deb Size/MD5: 225036 b72f082c255cd9510435cd0c0912a5bc http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefo= x2.0.0.1+0dfsg-0ubuntu0.6.10_sparc.deb Size/MD5: 155116 9d629deae12ea27812081b13bb0216ba http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.fire= fox2.0.0.1+0dfsg-0ubuntu0.6.10_sparc.deb Size/MD5: 250332 c3e90b969d3c3de2fe47c4942f8dc96f http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox= 2.0.0.1+0dfsg-0ubuntu0.6.10_sparc.deb Size/MD5: 766060 a32f928bcb9a7cd2d601b2aafbec6bef
--5I6of5zJg18YgZEa Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFFmxfiH/9LqRcGPm0RAjr3AJ0RpQhi53Zqe32INjEfuDWn0DVCyQCeMRv7 djgl/+mFLSJXQ57GYa7KGgI= =LTup -----END PGP SIGNATURE-----
--5I6of5zJg18YgZEa--
--===============1413428115== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============1413428115==--
|
|
|
|