-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2009:111-1 http://www.mandriva.com/security/ _______________________________________________________________________ Package : firefox Date : May 13, 2009 Affected: 2009.0 _______________________________________________________________________ Problem Description: Security vulnerabilities have been discovered in previous versions, and corrected in the latest Mozilla Firefox 3.x, version 3.0.10. (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305, CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1310, CVE-2009-1311, CVE-2009-1312, CVE-2009-1313) This update provides the latest Mozilla Firefox 3.x to correct these issues. Additionally, some packages which require so, have been rebuilt and are being provided as updates. Update: The recent Mozilla Firefox update missed the Firefox language packs for Mandriva Linux 2009. This update provides them, fixing the issue. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1302 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1303 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1304 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1305 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0652 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1306 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1307 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1308 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1309 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1310 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1311 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1312 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1313 http://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.10 _______________________________________________________________________ Updated Packages: Mandriva Linux 2009.0: 428c63f10fadf9d563ec2842125955eb 2009.0/i586/firefox-af-3.0.10-0.1mdv2009.0.i586.rpm fabdad0d8036a5dc9d8e6cd0d6f587ef 2009.0/i586/firefox-ar-3.0.10-0.1mdv2009.0.i586.rpm 8dba866bf456bf6e8076a2e0fb1e45a2 2009.0/i586/firefox-be-3.0.10-0.1mdv2009.0.i586.rpm 6ee779a9d993a4c04650e0a23d681601 2009.0/i586/firefox-bg-3.0.10-0.1mdv2009.0.i586.rpm c36835a0e2e9ff4e6b43defbeab6f787 2009.0/i586/firefox-bn-3.0.10-0.1mdv2009.0.i586.rpm c440e6dbcf73db73403d08278be48936 2009.0/i586/firefox-ca-3.0.10-0.1mdv2009.0.i586.rpm ac843b5e22e0e29094f3d6d059896850 2009.0/i586/firefox-cs-3.0.10-0.1mdv2009.0.i586.rpm d524e266442215bd69577532b29848dd 2009.0/i586/firefox-cy-3.0.10-0.1mdv2009.0.i586.rpm 2cac493126fc4f6e50de0c9428303aac 2009.0/i586/firefox-da-3.0.10-0.1mdv2009.0.i586.rpm 1c288234043f76e349200d6650afd4a1 2009.0/i586/firefox-de-3.0.10-0.1mdv2009.0.i586.rpm 28a974d0e09b7d6eddecbf6ac7cf3fff 2009.0/i586/firefox-el-3.0.10-0.1mdv2009.0.i586.rpm d2bb49a40f9626fe443ef5f2c73a4063 2009.0/i586/firefox-en_GB-3.0.10-0.1mdv2009.0.i586.rpm 7c94bab7d47bba06200b253408b922ab 2009.0/i586/firefox-eo-3.0.10-0.1mdv2009.0.i586.rpm d98276d0f1a26ee892bd845b9ae66762 2009.0/i586/firefox-es_AR-3.0.10-0.1mdv2009.0.i586.rpm 208435a4d629bee649dc22440a174203 2009.0/i586/firefox-es_ES-3.0.10-0.1mdv2009.0.i586.rpm bac010ff6be1a42cfbef6aff68a8380c 2009.0/i586/firefox-et-3.0.10-0.1mdv2009.0.i586.rpm 319256fe0b2e3fa32fb27b880fd12519 2009.0/i586/firefox-eu-3.0.10-0.1mdv2009.0.i586.rpm 9ac30eebf8c9505ba0c99158e372b303 2009.0/i586/firefox-fi-3.0.10-0.1mdv2009.0.i586.rpm 03560e30d2bd62520cf9665184c37f9d 2009.0/i586/firefox-fr-3.0.10-0.1mdv2009.0.i586.rpm ae16ba2e645c66b80c893fecd5bb0866 2009.0/i586/firefox-fy-3.0.10-0.1mdv2009.0.i586.rpm 849c6cc485543fee318dd00d1e011b96 2009.0/i586/firefox-ga_IE-3.0.10-0.1mdv2009.0.i586.rpm 00c4f1e1c75be22c9749bcb6e19ee1a8 2009.0/i586/firefox-gl-3.0.10-0.1mdv2009.0.i586.rpm 80bb9fe95926ada2c82e50d4247acfff 2009.0/i586/firefox-gu_IN-3.0.10-0.1mdv2009.0.i586.rpm db271c92cbc88a0750b5ab8b4b805c34 2009.0/i586/firefox-he-3.0.10-0.1mdv2009.0.i586.rpm 79ff9ecae9384330c16922406c51ffd6 2009.0/i586/firefox-hi-3.0.10-0.1mdv2009.0.i586.rpm 7e87efe5ddaf54e6966d1886a746dcfe 2009.0/i586/firefox-hu-3.0.10-0.1mdv2009.0.i586.rpm add0fd84eb10233c260950b01a594595 2009.0/i586/firefox-id-3.0.10-0.1mdv2009.0.i586.rpm bc52e2cb6e992d7fb27ac61be4047f35 2009.0/i586/firefox-is-3.0.10-0.1mdv2009.0.i586.rpm 7bb1d34c83b53b4a30dac101bcb7da1c 2009.0/i586/firefox-it-3.0.10-0.1mdv2009.0.i586.rpm 7a159b8384a18577b0ccc3aa0564fe33 2009.0/i586/firefox-ja-3.0.10-0.1mdv2009.0.i586.rpm b67641682152447b0045a977011de2d0 2009.0/i586/firefox-ka-3.0.10-0.1mdv2009.0.i586.rpm 954202831867180681e99be7e9d5cbca 2009.0/i586/firefox-kn-3.0.10-0.1mdv2009.0.i586.rpm 309d434c54f9c9f54384b7addd7fecfa 2009.0/i586/firefox-ko-3.0.10-0.1mdv2009.0.i586.rpm 90ac6957b7aef991c472db9de707b7e1 2009.0/i586/firefox-ku-3.0.10-0.1mdv2009.0.i586.rpm b5e27ae12543ab1eefb2864d51ef5f3b 2009.0/i586/firefox-lt-3.0.10-0.1mdv2009.0.i586.rpm 5262f12accb78398ae4f33d368b2d3c8 2009.0/i586/firefox-lv-3.0.10-0.1mdv2009.0.i586.rpm 87770cc2e9bffa12e0a9810b8c2264bf 2009.0/i586/firefox-mk-3.0.10-0.1mdv2009.0.i586.rpm 7f71f9c789c541e482f7dbc826b1e75d 2009.0/i586/firefox-mn-3.0.10-0.1mdv2009.0.i586.rpm 5ed115f431f83bc1710461172340cc5c 2009.0/i586/firefox-mr-3.0.10-0.1mdv2009.0.i586.rpm 94f7104e6c94b19528b68d7fec02b116 2009.0/i586/firefox-nb_NO-3.0.10-0.1mdv2009.0.i586.rpm 358ba12b0dd138d5a07e699b62c2e0c9 2009.0/i586/firefox-nl-3.0.10-0.1mdv2009.0.i586.rpm 316299848df0100cd7dbf9c3f40b957f 2009.0/i586/firefox-nn_NO-3.0.10-0.1mdv2009.0.i586.rpm 3c557eaa35fcb14b458389dab8e89956 2009.0/i586/firefox-oc-3.0.10-0.1mdv2009.0.i586.rpm 06b6728b585e436ae1a366ae45e99cab 2009.0/i586/firefox-pa_IN-3.0.10-0.1mdv2009.0.i586.rpm eca2a2427556ed69b0ee5cf05b1eb946 2009.0/i586/firefox-pl-3.0.10-0.1mdv2009.0.i586.rpm 700b9b8705803e5b5cfdb450eb2d18f4 2009.0/i586/firefox-pt_BR-3.0.10-0.1mdv2009.0.i586.rpm 34f35eb9f2f5fb474bd369eaa3e25b41 2009.0/i586/firefox-pt_PT-3.0.10-0.1mdv2009.0.i586.rpm 1aa56aee2364433d1f86d1639703f11d 2009.0/i586/firefox-ro-3.0.10-0.1mdv2009.0.i586.rpm 8ad17c722f9e1156f0f0d1413961673a 2009.0/i586/firefox-ru-3.0.10-0.1mdv2009.0.i586.rpm a35265f3dcf9d96685670efabebe87d3 2009.0/i586/firefox-si-3.0.10-0.1mdv2009.0.i586.rpm 40dae6edeff38b75a913bd2db75281b0 2009.0/i586/firefox-sk-3.0.10-0.1mdv2009.0.i586.rpm 209a8c7738fa61f9ccfb1292ac0454fd 2009.0/i586/firefox-sl-3.0.10-0.1mdv2009.0.i586.rpm d9511239f8a809c1fa52069d80d86e9f 2009.0/i586/firefox-sq-3.0.10-0.1mdv2009.0.i586.rpm caaaa484cab9070ce73bd05df6f0686b 2009.0/i586/firefox-sr-3.0.10-0.1mdv2009.0.i586.rpm 7c6b0bb2f85ed561baeed515e489c50c 2009.0/i586/firefox-sv_SE-3.0.10-0.1mdv2009.0.i586.rpm e7e062eee2533692dc969580ee0afc9c 2009.0/i586/firefox-te-3.0.10-0.1mdv2009.0.i586.rpm c3fcaa0ebe8018cd7a48cf7429a6f508 2009.0/i586/firefox-th-3.0.10-0.1mdv2009.0.i586.rpm 11e0e6016b3aa56faf6653be4afca38a 2009.0/i586/firefox-tr-3.0.10-0.1mdv2009.0.i586.rpm 46221144f9edcea10195d68013aa306f 2009.0/i586/firefox-uk-3.0.10-0.1mdv2009.0.i586.rpm 2d8125037fa940ac1af678a88f6159e0 2009.0/i586/firefox-zh_CN-3.0.10-0.1mdv2009.0.i586.rpm ff8679f9794607e6a746024791575219 2009.0/i586/firefox-zh_TW-3.0.10-0.1mdv2009.0.i586.rpm 1054337c6d40a6cf130f7059724b4e4b 2009.0/SRPMS/firefox-l10n-3.0.10-0.1mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: 258457851c723bb4cdd364e4743a3584 2009.0/x86_64/firefox-af-3.0.10-0.1mdv2009.0.x86_64.rpm 8e3c428f56b6df607a382a66b34c0c90 2009.0/x86_64/firefox-ar-3.0.10-0.1mdv2009.0.x86_64.rpm 116a63099398699fde88879070f4ce48 2009.0/x86_64/firefox-be-3.0.10-0.1mdv2009.0.x86_64.rpm f51b22c0cdc236c65a5cc6183a973dec 2009.0/x86_64/firefox-bg-3.0.10-0.1mdv2009.0.x86_64.rpm 3ab96f66e8c4ba8c433dd33922b52a69 2009.0/x86_64/firefox-bn-3.0.10-0.1mdv2009.0.x86_64.rpm aafd552bda0fac22cfeb3ee806dd4bab 2009.0/x86_64/firefox-ca-3.0.10-0.1mdv2009.0.x86_64.rpm 306ab5ea0fb84ee1e65583bf3c2987e4 2009.0/x86_64/firefox-cs-3.0.10-0.1mdv2009.0.x86_64.rpm d11104e846f9595a79d60475815716b3 2009.0/x86_64/firefox-cy-3.0.10-0.1mdv2009.0.x86_64.rpm 56551fcffd2cdddc288472a2d602db54 2009.0/x86_64/firefox-da-3.0.10-0.1mdv2009.0.x86_64.rpm 7253128e7851d3713e8455c4cc5a2309 2009.0/x86_64/firefox-de-3.0.10-0.1mdv2009.0.x86_64.rpm 109e6f2e7dac22e0b2171ec5d05e078d 2009.0/x86_64/firefox-el-3.0.10-0.1mdv2009.0.x86_64.rpm bab45adcc5b17c7859d0b40a5cdb1d8d 2009.0/x86_64/firefox-en_GB-3.0.10-0.1mdv2009.0.x86_64.rpm 1575ad3adf3c43762c48c0078b340854 2009.0/x86_64/firefox-eo-3.0.10-0.1mdv2009.0.x86_64.rpm dddf6533ca6612de289353c984301128 2009.0/x86_64/firefox-es_AR-3.0.10-0.1mdv2009.0.x86_64.rpm 50b3e769444edf9a022c46b794cd4e0a 2009.0/x86_64/firefox-es_ES-3.0.10-0.1mdv2009.0.x86_64.rpm da53bd9533860d698ba31fcfe43864c8 2009.0/x86_64/firefox-et-3.0.10-0.1mdv2009.0.x86_64.rpm 62f0494ed4f8ec3e70ffe336210ab5a7 2009.0/x86_64/firefox-eu-3.0.10-0.1mdv2009.0.x86_64.rpm a6246bef4fd6867a3e100303280fcd6f 2009.0/x86_64/firefox-fi-3.0.10-0.1mdv2009.0.x86_64.rpm e79b2e3b97d1ca86d5216c3587db2755 2009.0/x86_64/firefox-fr-3.0.10-0.1mdv2009.0.x86_64.rpm baac4499ec49448578c45a6fe4b9e6ef 2009.0/x86_64/firefox-fy-3.0.10-0.1mdv2009.0.x86_64.rpm e537484f39efc61f0ba8893ffd028b90 2009.0/x86_64/firefox-ga_IE-3.0.10-0.1mdv2009.0.x86_64.rpm d56241d4771d4f3d268dcee41d02affb 2009.0/x86_64/firefox-gl-3.0.10-0.1mdv2009.0.x86_64.rpm 9b83b5370b86365486f46198625b822b 2009.0/x86_64/firefox-gu_IN-3.0.10-0.1mdv2009.0.x86_64.rpm 79cef5592e2c1507f1934f5a1cfdf4f1 2009.0/x86_64/firefox-he-3.0.10-0.1mdv2009.0.x86_64.rpm b85e65c0fec12b11cff313c6c89bd7eb 2009.0/x86_64/firefox-hi-3.0.10-0.1mdv2009.0.x86_64.rpm cee173655a5c7837fffcedda0a6a61c4 2009.0/x86_64/firefox-hu-3.0.10-0.1mdv2009.0.x86_64.rpm e74fd5eba3f509cb8079acde1d59b4ec 2009.0/x86_64/firefox-id-3.0.10-0.1mdv2009.0.x86_64.rpm 8a6c41c86561e40e79d1cb8168e2eb99 2009.0/x86_64/firefox-is-3.0.10-0.1mdv2009.0.x86_64.rpm 261fea23c41776cae90872350bc4373c 2009.0/x86_64/firefox-it-3.0.10-0.1mdv2009.0.x86_64.rpm 31feb1619ffd6a790b0f05578d67b79c 2009.0/x86_64/firefox-ja-3.0.10-0.1mdv2009.0.x86_64.rpm 710db16d2abe8081875bc415fc19e68d 2009.0/x86_64/firefox-ka-3.0.10-0.1mdv2009.0.x86_64.rpm 9def35657fb3728cc278afd935855e1d 2009.0/x86_64/firefox-kn-3.0.10-0.1mdv2009.0.x86_64.rpm 8e668d4b602c3331a35a3f082584a4a5 2009.0/x86_64/firefox-ko-3.0.10-0.1mdv2009.0.x86_64.rpm 2d9b8cbcd122caedf7e48b64275f0ae8 2009.0/x86_64/firefox-ku-3.0.10-0.1mdv2009.0.x86_64.rpm 15bf192d4264faff185fb674104a0572 2009.0/x86_64/firefox-lt-3.0.10-0.1mdv2009.0.x86_64.rpm b1a39c5e6ee027f820a6ab12ac8536f1 2009.0/x86_64/firefox-lv-3.0.10-0.1mdv2009.0.x86_64.rpm 2aaa1d49c0ba25f6e7353f546de8e872 2009.0/x86_64/firefox-mk-3.0.10-0.1mdv2009.0.x86_64.rpm ddfff353e9158597a1f05d8684538a15 2009.0/x86_64/firefox-mn-3.0.10-0.1mdv2009.0.x86_64.rpm a12226a3b68ebfa8f96836fa1da9201f 2009.0/x86_64/firefox-mr-3.0.10-0.1mdv2009.0.x86_64.rpm 78a72a996ede70c6f2b939370381c089 2009.0/x86_64/firefox-nb_NO-3.0.10-0.1mdv2009.0.x86_64.rpm 24402fa976b38e277d419e6e62143f2b 2009.0/x86_64/firefox-nl-3.0.10-0.1mdv2009.0.x86_64.rpm 17718338453a1ea9263269e9a91d6f1b 2009.0/x86_64/firefox-nn_NO-3.0.10-0.1mdv2009.0.x86_64.rpm 8ee74c9d82ed5f0c1087315dba51938c 2009.0/x86_64/firefox-oc-3.0.10-0.1mdv2009.0.x86_64.rpm 9273d5773e8e90960c8276eaf50db994 2009.0/x86_64/firefox-pa_IN-3.0.10-0.1mdv2009.0.x86_64.rpm b0455ebf6902b3e944b6179c1682b6fe 2009.0/x86_64/firefox-pl-3.0.10-0.1mdv2009.0.x86_64.rpm 654e22f863ed0442578cf8bfa8e6b14e 2009.0/x86_64/firefox-pt_BR-3.0.10-0.1mdv2009.0.x86_64.rpm e5dfcbca7d7c7b581deb3c51838e3ed7 2009.0/x86_64/firefox-pt_PT-3.0.10-0.1mdv2009.0.x86_64.rpm fca939bd4cfc3042564931b066e9be18 2009.0/x86_64/firefox-ro-3.0.10-0.1mdv2009.0.x86_64.rpm c5e966eca1ba5a99eb0d42ffb3a162c7 2009.0/x86_64/firefox-ru-3.0.10-0.1mdv2009.0.x86_64.rpm 1c83187f3052cc683a6932c2a835c437 2009.0/x86_64/firefox-si-3.0.10-0.1mdv2009.0.x86_64.rpm 9bb1eab01429b4d6a38f84f842b6b8bc 2009.0/x86_64/firefox-sk-3.0.10-0.1mdv2009.0.x86_64.rpm 70b59b3f110a3d6745202ab51a16c244 2009.0/x86_64/firefox-sl-3.0.10-0.1mdv2009.0.x86_64.rpm 27180ec7383f330d647e6ca6975d7d18 2009.0/x86_64/firefox-sq-3.0.10-0.1mdv2009.0.x86_64.rpm fe1ce31dedf9c4061db8c2d6565c85b4 2009.0/x86_64/firefox-sr-3.0.10-0.1mdv2009.0.x86_64.rpm 1520424e6bfddd3c25fb9aa912f08307 2009.0/x86_64/firefox-sv_SE-3.0.10-0.1mdv2009.0.x86_64.rpm a2b966a6416b366fe860de72dce1bfbb 2009.0/x86_64/firefox-te-3.0.10-0.1mdv2009.0.x86_64.rpm 0803f48aa31eab91c8b71f942007c7e1 2009.0/x86_64/firefox-th-3.0.10-0.1mdv2009.0.x86_64.rpm b75a72861f5b942a496dabea5b3d9566 2009.0/x86_64/firefox-tr-3.0.10-0.1mdv2009.0.x86_64.rpm 68c9128ce5b1a302f7c77bff6b8ee17b 2009.0/x86_64/firefox-uk-3.0.10-0.1mdv2009.0.x86_64.rpm b7be4e78992bddffa18ae7a78d53882b 2009.0/x86_64/firefox-zh_CN-3.0.10-0.1mdv2009.0.x86_64.rpm d78d8595ace51ebd3999c246e9913255 2009.0/x86_64/firefox-zh_TW-3.0.10-0.1mdv2009.0.x86_64.rpm 1054337c6d40a6cf130f7059724b4e4b 2009.0/SRPMS/firefox-l10n-3.0.10-0.1mdv2009.0.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFKCp1mmqjQ0CJFipgRAntBAKCY8I97u4bg+51olIhxCTmkPMnVPACglKFk tGgHPCCFzG03mmVCIvEh3bU= =segW -----END PGP SIGNATURE-----