=========================================================== Ubuntu Security Notice USN-398-4 January 27, 2007 firefox regression https://launchpad.net/bugs/77859 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.10 Ubuntu 6.06 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.10: firefox 1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1 Ubuntu 6.06 LTS: firefox 1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1 After a standard system upgrade you need to restart Firefox to effect the necessary changes. Details follow: USN-398-2 fixed vulnerabilities in Firefox 1.5. However, when auto-filling saved-password login forms without a username field, Firefox would crash. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious web page containing JavaScript or SVG. (CVE-2006-6497, CVE-2006-6498, CVE-2006-6499, CVE-2006-6501, CVE-2006-6502, CVE-2006-6504) Various flaws have been reported that allow an attacker to bypass Firefox's internal XSS protections by tricking the user into opening a malicious web page containing JavaScript. (CVE-2006-6503) Updated packages for Ubuntu 5.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1.diff.gz Size/MD5: 177581 9b53de9f6503f646717dd333edd8f147 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1.dsc Size/MD5: 1060 af80befe4baf6e7a63dd189278839480 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.9.orig.tar.gz Size/MD5: 44874639 3a812560d4b85bf878bba9ca961b26b7 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_all.deb Size/MD5: 49800 b5dbc793061e8f1203ed989ef2454bc7 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/mozilla-firefox_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_all.deb Size/MD5: 50688 01efc07ddbff2c5a3f8691aa91c5a4b8 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_amd64.deb Size/MD5: 3155128 95cfbd77ed46121ff914f9e9fa43623d http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_amd64.deb Size/MD5: 216710 6f467785b059d6eca05faff473189fe7 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_amd64.deb Size/MD5: 83018 d3d0aa27df9c2b3389e34a117e93886e http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_amd64.deb Size/MD5: 10236156 ef6ebdfd9e18a0a1629763dd7fc97517 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_i386.deb Size/MD5: 3155148 1c5c6876da0cc9f0edb80004b974d52a http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_i386.deb Size/MD5: 210246 186b27c34724e7d975c5e552883d39be http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_i386.deb Size/MD5: 75426 e146ac105edd51d0e02c694c70ea7ef2 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_i386.deb Size/MD5: 8665444 0be9969fa43f8b49960ae4a554bf4c04 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_powerpc.deb Size/MD5: 3155158 6e0b4c5e109aba254079bdf91fb8eb25 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_powerpc.deb Size/MD5: 213646 2fbfad91065c6b04ec01327068758cc0 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_powerpc.deb Size/MD5: 78624 42dc1282a625a1754283850475aa4e59 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_powerpc.deb Size/MD5: 9846152 c107484362ba9761e7214815f9b66711 sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_sparc.deb Size/MD5: 3155252 cb24c2658d83c77cbf2813fae8f2191f http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_sparc.deb Size/MD5: 211202 61fd3bfd2cc747787018e6832c814c7a http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_sparc.deb Size/MD5: 77010 dd5dd13d89c13fe44a3c2c76d3365a1c http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.9-0ubuntu0.5.10.1_sparc.deb Size/MD5: 9178540 64c37a67c934bad7d86076cab6a6f3a8 Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1.diff.gz Size/MD5: 177979 557c44cc6c2500d6f342450979cb6be1 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1.dsc Size/MD5: 1117 7e8096909dee45e293c4e0f673f5e9b0 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.9.orig.tar.gz Size/MD5: 44874639 3a812560d4b85bf878bba9ca961b26b7 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_all.deb Size/MD5: 49812 7854563947bbbc8195a11af9842946d8 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/mozilla-firefox_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_all.deb Size/MD5: 50700 e51a62b89a5fda6b195b708852e1e3b5 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_amd64.deb Size/MD5: 47406864 b113c262e59309c5a3dff2e0a7a61700 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_amd64.deb Size/MD5: 2801622 6a90a8ff153e6170557b01e3a489f22f http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_amd64.deb Size/MD5: 216748 9fc0e8b581e5d194d2152478cc4e4307 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_amd64.deb Size/MD5: 83002 c0a41cb329b58013302e62ecb9022df5 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_amd64.deb Size/MD5: 9428466 1c98bf4a993dcb8ea2c8c8c3e3863e62 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_amd64.deb Size/MD5: 219448 9b1e42b16e42881677c07a4db608804d http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_amd64.deb Size/MD5: 162498 c979e7f22686bcd42bffd149027ef922 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_amd64.deb Size/MD5: 236362 4572fca2f2df6fb5e77af2d6a3847cc6 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_amd64.deb Size/MD5: 758168 b30697faa7fb430f592bf1aa631d2d70 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_i386.deb Size/MD5: 43974030 6022783bbfbd8e3ecf2bcf6b8bc26f11 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_i386.deb Size/MD5: 2801710 125c6de5d86324b20f40b0f6c030a708 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_i386.deb Size/MD5: 210176 b06f333d8d415ce76350ecd7d95f4dcd http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_i386.deb Size/MD5: 75394 0af7777b392baf3a8a2fdc3b32e26c34 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_i386.deb Size/MD5: 7944252 550a36ee7add6b76d331f6295f92a147 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_i386.deb Size/MD5: 219432 ac902c9cf91abb32ceca32c93a52d846 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_i386.deb Size/MD5: 147164 c4fe716b77a16c342733d3120194dd5a http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_i386.deb Size/MD5: 236352 30ef069f2e662093ea0049f7d681ae7e http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_i386.deb Size/MD5: 670306 08a71565579c7c3995e110a7606e4f79 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_powerpc.deb Size/MD5: 48788298 c0be007419d054c8be7aa68a19ce5e53 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_powerpc.deb Size/MD5: 2801704 fe1800b652445cec3df20eddf04edd15 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_powerpc.deb Size/MD5: 213618 8a80d992e2145d4cacd89321cf4f633f http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_powerpc.deb Size/MD5: 78508 c970a49cc485e9b12114991956de790d http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_powerpc.deb Size/MD5: 9047878 24ae15763d644004d7637906eb0bd3c5 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_powerpc.deb Size/MD5: 219456 d74feee574b4066385d9231445869781 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_powerpc.deb Size/MD5: 159754 21f199b4e275624eb1fcf00be9f5f272 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_powerpc.deb Size/MD5: 236358 90b858e1a1a77f9c5798551f28dd0cb6 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_powerpc.deb Size/MD5: 769096 84de135a18e371c088ac3a58d4594916 sparc architecture (Sun SPARC/UltraSPARC) http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_sparc.deb Size/MD5: 45365336 e84c066990d9ad4dd8f45a21cdaf8d2a http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_sparc.deb Size/MD5: 2801624 cf0964e13b5372390553741809f4d8ea http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_sparc.deb Size/MD5: 211120 297ee23d36c2ce4ce592479d883c06f6 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_sparc.deb Size/MD5: 76954 d6f76f8bcd8b21178a8d90c741a69e3b http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_sparc.deb Size/MD5: 8437784 6e9a0809a6d7b19c8b97eaac03ece1e5 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_sparc.deb Size/MD5: 219446 1dba167ed97a25b5dbeb6e00b45f5db9 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_sparc.deb Size/MD5: 149678 b79bb4be820b2f8abfd95bd5f7629dfd http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_sparc.deb Size/MD5: 236364 97fee71d37edfa37e53ec9e9d935c4a6 http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.9-0ubuntu0.6.06.1_sparc.deb Size/MD5: 682392 31ac0ad91f371f542d2dd63275bbe411