-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2009:290-1 http://www.mandriva.com/security/ _______________________________________________________________________ Package : firefox Date : December 2, 2009 Affected: 2008.0 _______________________________________________________________________ Problem Description: Security issues were identified and fixed in firefox 3.0.x: Security researcher Alin Rad Pop of Secunia Research reported a heap-based buffer overflow in Mozilla's string to floating point number conversion routines. Using this vulnerability an attacker could craft some malicious JavaScript code containing a very long string to be converted to a floating point number which would result in improper memory allocation and the execution of an arbitrary memory location. This vulnerability could thus be leveraged by the attacker to run arbitrary code on a victim's computer (CVE-2009-1563). Security researcher Jeremy Brown reported that the file naming scheme used for downloading a file which already exists in the downloads folder is predictable. If an attacker had local access to a victim's computer and knew the name of a file the victim intended to open through the Download Manager, he could use this vulnerability to place a malicious file in the world-writable directory used to save temporary downloaded files and cause the browser to choose the incorrect file when opening it. Since this attack requires local access to the victim's machine, the severity of this vulnerability was determined to be low (CVE-2009-3274). Security researcher Paul Stone reported that a user's form history, both from web content as well as the smart location bar, was vulnerable to theft. A malicious web page could synthesize events such as mouse focus and key presses on behalf of the victim and trick the browser into auto-filling the form fields with history entries and then reading the entries (CVE-2009-3370). Security researcher Marco C. reported a flaw in the parsing of regular expressions used in Proxy Auto-configuration (PAC) files. In certain cases this flaw could be used by an attacker to crash a victim's browser and run arbitrary code on their computer. Since this vulnerability requires the victim to have PAC configured in their environment with specific regular expresssions which can trigger the crash, the severity of the issue was determined to be moderate (CVE-2009-3372). Security research firm iDefense reported that researcher regenrecht discovered a heap-based buffer overflow in Mozilla's GIF image parser. This vulnerability could potentially be used by an attacker to crash a victim's browser and run arbitrary code on their computer (CVE-2009-3373). Mozilla security researcher moz_bug_r_a4 reported that the XPCOM utility XPCVariant::VariantDataToJS unwrapped doubly-wrapped objects before returning them to chrome callers. This could result in chrome privileged code calling methods on an object which had previously been created or modified by web content, potentially executing malicious JavaScript code with chrome privileges (CVE-2009-3374). Security researcher Gregory Fleischer reported that text within a selection on a web page can be read by JavaScript in a different domain using the document.getSelection function, violating the same-origin policy. Since this vulnerability requires user interaction to exploit, its severity was determined to be moderate (CVE-2009-3375). Mozilla security researchers Jesse Ruderman and Sid Stamm reported that when downloading a file containing a right-to-left override character (RTL) in the filename, the name displayed in the dialog title bar conflicts with the name of the file shown in the dialog body. An attacker could use this vulnerability to obfuscate the name and file extension of a file to be downloaded and opened, potentially causing a user to run an executable file when they expected to open a non-executable file (CVE-2009-3376). Mozilla developers and community members identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Vladimir Vukicevic, Jesse Ruderman, Martijn Wargers, Daniel Banchero, David Keeler, and Boris Zbarsky reported crashes in the browser engine which affected both Firefox 3 and Firefox 3.5 (CVE-2009-3380). Carsten Book reported a crash in the browser engine which affected only Firefox 3 (CVE-2009-3382). This update provides the latest Mozilla Firefox 3.0.x to correct these issues. Additionally, some packages which require so, have been rebuilt and are being provided as updates. Update: Packages for 2008.0 are being provided due to extended support for Corporate products. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1563 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3274 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3370 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3372 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3373 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3374 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3375 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3376 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3380 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3382 http://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.15 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.0: 12373cd058ce529a7c9c196eccdf1cfe 2008.0/i586/firefox-3.0.15-0.1mdv2008.0.i586.rpm 6a164ea511053b6acf425aaf95994c5d 2008.0/i586/firefox-af-3.0.15-0.1mdv2008.0.i586.rpm e05c67424d3a3c789f3a5c0d9a22c458 2008.0/i586/firefox-ar-3.0.15-0.1mdv2008.0.i586.rpm ccc54fc54d92a094c058025ed9b52148 2008.0/i586/firefox-be-3.0.15-0.1mdv2008.0.i586.rpm 8bc4de7c8b9e4fbcdf33aa41780a94f4 2008.0/i586/firefox-bg-3.0.15-0.1mdv2008.0.i586.rpm cdc167d6b6e4f69e71a6aeff1f60e0b0 2008.0/i586/firefox-bn-3.0.15-0.1mdv2008.0.i586.rpm 86ad88b3edb3336dc6ea501e82d19137 2008.0/i586/firefox-ca-3.0.15-0.1mdv2008.0.i586.rpm dcb1cdf0167e1de986956843a3b893c2 2008.0/i586/firefox-cs-3.0.15-0.1mdv2008.0.i586.rpm 8c3dac5a041584513f8b7437c67331c1 2008.0/i586/firefox-cy-3.0.15-0.1mdv2008.0.i586.rpm b96341b21877652410c92399d041ca09 2008.0/i586/firefox-da-3.0.15-0.1mdv2008.0.i586.rpm 8b3072fbc2b14f302e033d7ffae9d65b 2008.0/i586/firefox-de-3.0.15-0.1mdv2008.0.i586.rpm 3e6da893be209cbf4769aa6ab6c7f3f0 2008.0/i586/firefox-el-3.0.15-0.1mdv2008.0.i586.rpm d1a45a2a1ff45724c0bac1f607815623 2008.0/i586/firefox-en_GB-3.0.15-0.1mdv2008.0.i586.rpm c17da9640a2007fb9394621fe4da78a9 2008.0/i586/firefox-eo-3.0.15-0.1mdv2008.0.i586.rpm 51c9480aa70a8801244a418f76f086b3 2008.0/i586/firefox-es_AR-3.0.15-0.1mdv2008.0.i586.rpm b5b36cb4e1052fdcd4287a1a54cb23aa 2008.0/i586/firefox-es_ES-3.0.15-0.1mdv2008.0.i586.rpm cca12f10e0d64087f0bd6fc547854e76 2008.0/i586/firefox-et-3.0.15-0.1mdv2008.0.i586.rpm 661620c045f2fb463be665cf80e0bd90 2008.0/i586/firefox-eu-3.0.15-0.1mdv2008.0.i586.rpm 64b6c6262792f6f192278cb93d0b879d 2008.0/i586/firefox-fi-3.0.15-0.1mdv2008.0.i586.rpm 669794223def8db189a716a9791b703b 2008.0/i586/firefox-fr-3.0.15-0.1mdv2008.0.i586.rpm aa5e4bd61658576530996b6c225a1e73 2008.0/i586/firefox-fy-3.0.15-0.1mdv2008.0.i586.rpm eb7a96e511de721728d1824d3936059e 2008.0/i586/firefox-ga_IE-3.0.15-0.1mdv2008.0.i586.rpm fc2920befc11e1839546e7f79f3193c6 2008.0/i586/firefox-gl-3.0.15-0.1mdv2008.0.i586.rpm 74a5fe7427a0906441c5c46d5a308291 2008.0/i586/firefox-gu_IN-3.0.15-0.1mdv2008.0.i586.rpm 9e5a743f3ec1a9d9251643bdf91c5811 2008.0/i586/firefox-he-3.0.15-0.1mdv2008.0.i586.rpm 9aa5637651f8a841ad40a816f24b22f6 2008.0/i586/firefox-hi-3.0.15-0.1mdv2008.0.i586.rpm 07604280c814bae760b67a13df870342 2008.0/i586/firefox-hu-3.0.15-0.1mdv2008.0.i586.rpm 35baa370e5f6948058b2f39fe6b90f5f 2008.0/i586/firefox-id-3.0.15-0.1mdv2008.0.i586.rpm b55b606375fb66d82a05d796cd4a3757 2008.0/i586/firefox-is-3.0.15-0.1mdv2008.0.i586.rpm 815e14f6edb1b526fbb149256625d16b 2008.0/i586/firefox-it-3.0.15-0.1mdv2008.0.i586.rpm e1aba26dd9f6f081f7ac02d7d05baffb 2008.0/i586/firefox-ja-3.0.15-0.1mdv2008.0.i586.rpm ffbfe62f6ae84e75631e6b0518c25021 2008.0/i586/firefox-ka-3.0.15-0.1mdv2008.0.i586.rpm 75e33c252b9f80afb35cdd5387c5d734 2008.0/i586/firefox-kn-3.0.15-0.1mdv2008.0.i586.rpm 46e747a886a35c3f7630e24d868c98d8 2008.0/i586/firefox-ko-3.0.15-0.1mdv2008.0.i586.rpm 3f62f86595774fdba45fdd7d7b325c52 2008.0/i586/firefox-ku-3.0.15-0.1mdv2008.0.i586.rpm 78b768a8f407689f4971bc651d1d52db 2008.0/i586/firefox-lt-3.0.15-0.1mdv2008.0.i586.rpm 9fed2d1e0daf10ac8f737c91301554ce 2008.0/i586/firefox-lv-3.0.15-0.1mdv2008.0.i586.rpm ba96c671527e07cd083194d8f6ae9dc7 2008.0/i586/firefox-mk-3.0.15-0.1mdv2008.0.i586.rpm 872974c1d04df5f03df1cf4e191ad282 2008.0/i586/firefox-mn-3.0.15-0.1mdv2008.0.i586.rpm 089286a24b365b6068917ba88a59b07c 2008.0/i586/firefox-mr-3.0.15-0.1mdv2008.0.i586.rpm 11fb3a65834c081d1d806d46c0b76f9b 2008.0/i586/firefox-nb_NO-3.0.15-0.1mdv2008.0.i586.rpm c39785e5d4652793a48ff3a9fb31a577 2008.0/i586/firefox-nl-3.0.15-0.1mdv2008.0.i586.rpm ff43bf0f9fe09d37897f1bd066fcb14e 2008.0/i586/firefox-nn_NO-3.0.15-0.1mdv2008.0.i586.rpm 570554e3e763d4b4fe6f83ad995e96c2 2008.0/i586/firefox-oc-3.0.15-0.1mdv2008.0.i586.rpm 384e14e90b68d0f60df5485e7a6d3b14 2008.0/i586/firefox-pa_IN-3.0.15-0.1mdv2008.0.i586.rpm eb9de20b54401f4d8d080b1e740f3e62 2008.0/i586/firefox-pl-3.0.15-0.1mdv2008.0.i586.rpm 8299f2a8cd8470cf517e208654fc47be 2008.0/i586/firefox-pt_BR-3.0.15-0.1mdv2008.0.i586.rpm f132072df971b40352311db4de3a04b5 2008.0/i586/firefox-pt_PT-3.0.15-0.1mdv2008.0.i586.rpm b5826e9969484186b9383e51a23062ee 2008.0/i586/firefox-ro-3.0.15-0.1mdv2008.0.i586.rpm b4b1db2ba5f2a5363f990e3f839a6b1b 2008.0/i586/firefox-ru-3.0.15-0.1mdv2008.0.i586.rpm 1578873755476c782f0393cae52d930f 2008.0/i586/firefox-si-3.0.15-0.1mdv2008.0.i586.rpm 8416d97ab349f605105a3a0488cf50af 2008.0/i586/firefox-sk-3.0.15-0.1mdv2008.0.i586.rpm 452066cbd6ecc439a126a69de6126ab1 2008.0/i586/firefox-sl-3.0.15-0.1mdv2008.0.i586.rpm 8d6dcc54c823a1b0d15c9327471421f8 2008.0/i586/firefox-sq-3.0.15-0.1mdv2008.0.i586.rpm a36479587244475ebfe78905f229d6d5 2008.0/i586/firefox-sr-3.0.15-0.1mdv2008.0.i586.rpm cad5437cdde77aa575ce9f30d7627436 2008.0/i586/firefox-sv_SE-3.0.15-0.1mdv2008.0.i586.rpm df470c3cc420f9baa09b92a3fda3f5b8 2008.0/i586/firefox-te-3.0.15-0.1mdv2008.0.i586.rpm 93e159f834bf3bb24b2235cd62037308 2008.0/i586/firefox-th-3.0.15-0.1mdv2008.0.i586.rpm 6955c3b49e9eb861b1547f48818dc063 2008.0/i586/firefox-tr-3.0.15-0.1mdv2008.0.i586.rpm 7fd0b0839c5041831b7ee923ad6cebbf 2008.0/i586/firefox-uk-3.0.15-0.1mdv2008.0.i586.rpm e5244bb6d3959487cdce1173567869ff 2008.0/i586/firefox-zh_CN-3.0.15-0.1mdv2008.0.i586.rpm a726035db84c597ccf8aff9f5f62c5f6 2008.0/i586/firefox-zh_TW-3.0.15-0.1mdv2008.0.i586.rpm ae7ae10d008d97d749c65304a336069d 2008.0/i586/librarian0-0.8.0-0.1mdv2008.0.i586.rpm 73f76546da72860a65abe38c2799b7e1 2008.0/i586/librarian-devel-0.8.0-0.1mdv2008.0.i586.rpm 11274dc82ea59d1756cd69ace5e49f92 2008.0/i586/libtotem-plparser7-2.20.1-1.9mdv2008.0.i586.rpm bab6e437dc6afea6a3b4dfdf37a7aa6b 2008.0/i586/libtotem-plparser-devel-2.20.1-1.9mdv2008.0.i586.rpm d8118e94809cd1c1b7ccfa1475c0632b 2008.0/i586/libxulrunner1.9-1.9.0.15-0.1mdv2008.0.i586.rpm 34792ea8022691987581fc213d6c0105 2008.0/i586/libxulrunner-devel-1.9.0.15-0.1mdv2008.0.i586.rpm 57013e308fd8bdefc83b6ba2f506e184 2008.0/i586/libxulrunner-unstable-devel-1.9.0.15-0.1mdv2008.0.i586.rpm c2c818aabd86eb82f07ab6f8301abadb 2008.0/i586/mozilla-firefox-ext-blogrovr-1.1.798-0.1mdv2008.0.i586.rpm 95fa8a898d2ea637e1de0b834d9652ce 2008.0/i586/mozilla-firefox-ext-foxmarks-2.7.2-0.1mdv2008.0.i586.rpm 6916055a5de229dd9eade32fa95c2f8e 2008.0/i586/mozilla-firefox-ext-scribefire-3.2.3-0.1mdv2008.0.i586.rpm 711d85e93f14e8fff50d46d14f01c7ad 2008.0/i586/rarian-0.8.0-0.1mdv2008.0.i586.rpm ad03e43345dc80f155f4f32023f18059 2008.0/i586/totem-2.20.1-1.9mdv2008.0.i586.rpm 5327b31f7b433742af9c1c58d729001d 2008.0/i586/totem-common-2.20.1-1.9mdv2008.0.i586.rpm 8c38cf847129ee96812425f67a59a806 2008.0/i586/totem-gstreamer-2.20.1-1.9mdv2008.0.i586.rpm 93dc78c0c032aaadda66c3e50f300cae 2008.0/i586/totem-mozilla-2.20.1-1.9mdv2008.0.i586.rpm 9d1d1929166a589a7728fb4d6f390c42 2008.0/i586/totem-mozilla-gstreamer-2.20.1-1.9mdv2008.0.i586.rpm 65ead511b3f3821e14296d7765f635a0 2008.0/i586/xulrunner-1.9.0.15-0.1mdv2008.0.i586.rpm f5ac07e5e16fa4ae664c26daa737c982 2008.0/i586/yelp-2.22.1-0.1mdv2008.0.i586.rpm d179874cb1679378705722a046b2e79f 2008.0/SRPMS/firefox-3.0.15-0.1mdv2008.0.src.rpm 5d93c52d92e9d91e9f09789499776cbb 2008.0/SRPMS/firefox-l10n-3.0.15-0.1mdv2008.0.src.rpm eb9675d488261eb7c7b48bf517698b08 2008.0/SRPMS/mozilla-firefox-ext-blogrovr-1.1.798-0.1mdv2008.0.src.rpm 86df6dc3efa632aa71d6600e6ac5c1de 2008.0/SRPMS/mozilla-firefox-ext-foxmarks-2.7.2-0.1mdv2008.0.src.rpm c5690af5e35d01db5a626e206e83f6e0 2008.0/SRPMS/mozilla-firefox-ext-scribefire-3.2.3-0.1mdv2008.0.src.rpm d6e2ab7654052e0795b97fa09b28f49c 2008.0/SRPMS/rarian-0.8.0-0.1mdv2008.0.src.rpm b9d7680838c669ec341b689b83979d01 2008.0/SRPMS/totem-2.20.1-1.9mdv2008.0.src.rpm 3a59f30ec62603a99ad52421133d081b 2008.0/SRPMS/xulrunner-1.9.0.15-0.1mdv2008.0.src.rpm 9a2e88de84689ebf04c21e677bea5bb8 2008.0/SRPMS/yelp-2.22.1-0.1mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: 3c230c33386ba3cfabb8869715bd36be 2008.0/x86_64/firefox-3.0.15-0.1mdv2008.0.x86_64.rpm a3d5c1b0434526f960aaa622bc635c5a 2008.0/x86_64/firefox-af-3.0.15-0.1mdv2008.0.x86_64.rpm 7d89d6cf062a511b1c98167c06ecc62d 2008.0/x86_64/firefox-ar-3.0.15-0.1mdv2008.0.x86_64.rpm 1b1c232a3c9cf9044a60ff146f1d3503 2008.0/x86_64/firefox-be-3.0.15-0.1mdv2008.0.x86_64.rpm b1d5d714711c3294fb19c2ccba5d68b0 2008.0/x86_64/firefox-bg-3.0.15-0.1mdv2008.0.x86_64.rpm 8150de0f197fab5384f5b3c208594981 2008.0/x86_64/firefox-bn-3.0.15-0.1mdv2008.0.x86_64.rpm d638801431490a245280423af1baab4e 2008.0/x86_64/firefox-ca-3.0.15-0.1mdv2008.0.x86_64.rpm d0d3aef5c13a786f7b60dd4a48d8ca6c 2008.0/x86_64/firefox-cs-3.0.15-0.1mdv2008.0.x86_64.rpm 5369517bc501038283c1b44a82821b58 2008.0/x86_64/firefox-cy-3.0.15-0.1mdv2008.0.x86_64.rpm 56e6c89cbeb52ff129eec5c7fbde8974 2008.0/x86_64/firefox-da-3.0.15-0.1mdv2008.0.x86_64.rpm 152ce37cb51a4e65ac8b8753db361516 2008.0/x86_64/firefox-de-3.0.15-0.1mdv2008.0.x86_64.rpm acbbabc8d1bb05288c5d55ffade711ad 2008.0/x86_64/firefox-el-3.0.15-0.1mdv2008.0.x86_64.rpm 95d60fb96e4302f2fb4fbfda6523e59d 2008.0/x86_64/firefox-en_GB-3.0.15-0.1mdv2008.0.x86_64.rpm 26d0b6ac1e266bac32ffc0ddc631c725 2008.0/x86_64/firefox-eo-3.0.15-0.1mdv2008.0.x86_64.rpm 5dc63055cdce1c2c6d302bd4b6a4f981 2008.0/x86_64/firefox-es_AR-3.0.15-0.1mdv2008.0.x86_64.rpm 473c662a84ef189ad264f0cdde1b9c9d 2008.0/x86_64/firefox-es_ES-3.0.15-0.1mdv2008.0.x86_64.rpm fb50f2d6548bc2328b8a5974a5d827e7 2008.0/x86_64/firefox-et-3.0.15-0.1mdv2008.0.x86_64.rpm 5900c2879a24f47656643a948e37819a 2008.0/x86_64/firefox-eu-3.0.15-0.1mdv2008.0.x86_64.rpm 3393470f7c1ce272e3a3ff62e5a11de4 2008.0/x86_64/firefox-fi-3.0.15-0.1mdv2008.0.x86_64.rpm 7dd11d4aa9d8b5fb6dc5a115dcae3623 2008.0/x86_64/firefox-fr-3.0.15-0.1mdv2008.0.x86_64.rpm 91ead9a397668ab5daa1c1388ac373de 2008.0/x86_64/firefox-fy-3.0.15-0.1mdv2008.0.x86_64.rpm 821f5064a655275ba44d41b0339a79b4 2008.0/x86_64/firefox-ga_IE-3.0.15-0.1mdv2008.0.x86_64.rpm d5c0581c078bf7539bb7996b05be43e9 2008.0/x86_64/firefox-gl-3.0.15-0.1mdv2008.0.x86_64.rpm ac590e4f59fbdc7b01d505da987e0c78 2008.0/x86_64/firefox-gu_IN-3.0.15-0.1mdv2008.0.x86_64.rpm 56db6b3d57ce43ea9f58d83069ff96e2 2008.0/x86_64/firefox-he-3.0.15-0.1mdv2008.0.x86_64.rpm 47a5e03dd45c9aa4bf0d9d9786ccfadf 2008.0/x86_64/firefox-hi-3.0.15-0.1mdv2008.0.x86_64.rpm 8a320e187bc815ae2a32f5b3733a0547 2008.0/x86_64/firefox-hu-3.0.15-0.1mdv2008.0.x86_64.rpm 2b0010d9f964a4be72645e382979f155 2008.0/x86_64/firefox-id-3.0.15-0.1mdv2008.0.x86_64.rpm 52ab19597915e18f333becde60125b3a 2008.0/x86_64/firefox-is-3.0.15-0.1mdv2008.0.x86_64.rpm ac290289eabbefd33b0fc02608ecf60e 2008.0/x86_64/firefox-it-3.0.15-0.1mdv2008.0.x86_64.rpm fb1fb664b1741b799e96fd7c5d83d70b 2008.0/x86_64/firefox-ja-3.0.15-0.1mdv2008.0.x86_64.rpm 98f1277a545a1842d52962e2c853c7a4 2008.0/x86_64/firefox-ka-3.0.15-0.1mdv2008.0.x86_64.rpm ffde944180d2862d36b0f7cf697887d3 2008.0/x86_64/firefox-kn-3.0.15-0.1mdv2008.0.x86_64.rpm 7171b91477d7da795aba85395c189eeb 2008.0/x86_64/firefox-ko-3.0.15-0.1mdv2008.0.x86_64.rpm bacb6d1ecc13e3395ee1d41a94cc1945 2008.0/x86_64/firefox-ku-3.0.15-0.1mdv2008.0.x86_64.rpm ff22e0c6e1cb984a237c683292da8df6 2008.0/x86_64/firefox-lt-3.0.15-0.1mdv2008.0.x86_64.rpm d4f7fd19782cb6355f25eca9f387371b 2008.0/x86_64/firefox-lv-3.0.15-0.1mdv2008.0.x86_64.rpm bc9c8140d1b5a1db4928100c7ec6576c 2008.0/x86_64/firefox-mk-3.0.15-0.1mdv2008.0.x86_64.rpm dd3f05cb445010912f18281d4bbf25dd 2008.0/x86_64/firefox-mn-3.0.15-0.1mdv2008.0.x86_64.rpm e41b1c954066437ecb29e0bc8eafcc5a 2008.0/x86_64/firefox-mr-3.0.15-0.1mdv2008.0.x86_64.rpm 96007b6e31bceed34aa850fa7eca4b0b 2008.0/x86_64/firefox-nb_NO-3.0.15-0.1mdv2008.0.x86_64.rpm 685ea205f1a4fa8a983fd53c2d714a88 2008.0/x86_64/firefox-nl-3.0.15-0.1mdv2008.0.x86_64.rpm 90d4cc328c37b4c463e6fae64a3de428 2008.0/x86_64/firefox-nn_NO-3.0.15-0.1mdv2008.0.x86_64.rpm b321efe125f09f00f0e5c9ac14c054be 2008.0/x86_64/firefox-oc-3.0.15-0.1mdv2008.0.x86_64.rpm 059f5501a4a8bed6b48754e2e07b82e9 2008.0/x86_64/firefox-pa_IN-3.0.15-0.1mdv2008.0.x86_64.rpm 6b8f220f29ef17d4e7c6f25640004772 2008.0/x86_64/firefox-pl-3.0.15-0.1mdv2008.0.x86_64.rpm 1b5d5dc952892b0fdbfa441c4fdfd3da 2008.0/x86_64/firefox-pt_BR-3.0.15-0.1mdv2008.0.x86_64.rpm 3164f85e321ef11637e48235af7d9fa5 2008.0/x86_64/firefox-pt_PT-3.0.15-0.1mdv2008.0.x86_64.rpm ebb8a064121f57cab7de5cfb38eea910 2008.0/x86_64/firefox-ro-3.0.15-0.1mdv2008.0.x86_64.rpm 27583d84905fc24396cc15d5d8bb2999 2008.0/x86_64/firefox-ru-3.0.15-0.1mdv2008.0.x86_64.rpm 9bb03bbb171b1fb322ac63fee5967b8b 2008.0/x86_64/firefox-si-3.0.15-0.1mdv2008.0.x86_64.rpm 56f26f73e197662f8873c1364858a6a5 2008.0/x86_64/firefox-sk-3.0.15-0.1mdv2008.0.x86_64.rpm 33b9f772306ae80070e98ac7fd3bc8ff 2008.0/x86_64/firefox-sl-3.0.15-0.1mdv2008.0.x86_64.rpm 6303dcce929e44536ee20e596f955cd3 2008.0/x86_64/firefox-sq-3.0.15-0.1mdv2008.0.x86_64.rpm e1ff8b70a7d9cb23034f8f18bec0bc12 2008.0/x86_64/firefox-sr-3.0.15-0.1mdv2008.0.x86_64.rpm a63de2a55fdf97097025c7cd46f88004 2008.0/x86_64/firefox-sv_SE-3.0.15-0.1mdv2008.0.x86_64.rpm 67cc6d04dc28b56288bc54353fd73a35 2008.0/x86_64/firefox-te-3.0.15-0.1mdv2008.0.x86_64.rpm c135e46fe5ea4a89a0eacf2421095df1 2008.0/x86_64/firefox-th-3.0.15-0.1mdv2008.0.x86_64.rpm 88b30a5091dd3e61c06c4ae46721840a 2008.0/x86_64/firefox-tr-3.0.15-0.1mdv2008.0.x86_64.rpm 18901803e48f8f8784eb3f74206b311c 2008.0/x86_64/firefox-uk-3.0.15-0.1mdv2008.0.x86_64.rpm aa10aded8511a440c855ffe7fd0876fe 2008.0/x86_64/firefox-zh_CN-3.0.15-0.1mdv2008.0.x86_64.rpm 4123f661b719e0fc0b322404090211e2 2008.0/x86_64/firefox-zh_TW-3.0.15-0.1mdv2008.0.x86_64.rpm 8af9e3bfef0dcce473e7983e0e60c2df 2008.0/x86_64/lib64rarian0-0.8.0-0.1mdv2008.0.x86_64.rpm 083df56e031ee7db74abacdabcb401aa 2008.0/x86_64/lib64rarian-devel-0.8.0-0.1mdv2008.0.x86_64.rpm f8c24af88c6d035477d3a5bc060e256c 2008.0/x86_64/lib64totem-plparser7-2.20.1-1.9mdv2008.0.x86_64.rpm 6e589f62337aae0cdafcaaf23d58e0e8 2008.0/x86_64/lib64totem-plparser-devel-2.20.1-1.9mdv2008.0.x86_64.rpm 78ceb6bb946328cd1023e1e20d7c0799 2008.0/x86_64/lib64xulrunner1.9-1.9.0.15-0.1mdv2008.0.x86_64.rpm bb61af20a5df658f20d2e4d7f9a2467f 2008.0/x86_64/lib64xulrunner-devel-1.9.0.15-0.1mdv2008.0.x86_64.rpm 011ffa6ae08117ccc2f42c2b379aed84 2008.0/x86_64/lib64xulrunner-unstable-devel-1.9.0.15-0.1mdv2008.0.x86_64.rpm 719394196e517f48d5eba1448d1447ec 2008.0/x86_64/mozilla-firefox-ext-blogrovr-1.1.798-0.1mdv2008.0.x86_64.rpm 4d2d61c0dfa2f8a417e31b9c727bcd44 2008.0/x86_64/mozilla-firefox-ext-foxmarks-2.7.2-0.1mdv2008.0.x86_64.rpm 37d949449831e7027dfe28594e831d2b 2008.0/x86_64/mozilla-firefox-ext-scribefire-3.2.3-0.1mdv2008.0.x86_64.rpm bba169ba0b1533f832bd993b2d5cf654 2008.0/x86_64/rarian-0.8.0-0.1mdv2008.0.x86_64.rpm 57296c81b7063e2e25303a50864308a3 2008.0/x86_64/totem-2.20.1-1.9mdv2008.0.x86_64.rpm 1dfc091b90c55f0d55230a15add42d48 2008.0/x86_64/totem-common-2.20.1-1.9mdv2008.0.x86_64.rpm 57cd56e78f3daa8dc5b14fbbe62569f0 2008.0/x86_64/totem-gstreamer-2.20.1-1.9mdv2008.0.x86_64.rpm 89d7479e4ac4eed0a5f6208a85315d71 2008.0/x86_64/totem-mozilla-2.20.1-1.9mdv2008.0.x86_64.rpm 9ca4552cab8d58375229b9b4a9d8ca09 2008.0/x86_64/totem-mozilla-gstreamer-2.20.1-1.9mdv2008.0.x86_64.rpm 7315b15e9f625f9bee0749492ef07d25 2008.0/x86_64/xulrunner-1.9.0.15-0.1mdv2008.0.x86_64.rpm eb876f2a7def5f95aa74fc09021b59d6 2008.0/x86_64/yelp-2.22.1-0.1mdv2008.0.x86_64.rpm d179874cb1679378705722a046b2e79f 2008.0/SRPMS/firefox-3.0.15-0.1mdv2008.0.src.rpm 5d93c52d92e9d91e9f09789499776cbb 2008.0/SRPMS/firefox-l10n-3.0.15-0.1mdv2008.0.src.rpm eb9675d488261eb7c7b48bf517698b08 2008.0/SRPMS/mozilla-firefox-ext-blogrovr-1.1.798-0.1mdv2008.0.src.rpm 86df6dc3efa632aa71d6600e6ac5c1de 2008.0/SRPMS/mozilla-firefox-ext-foxmarks-2.7.2-0.1mdv2008.0.src.rpm c5690af5e35d01db5a626e206e83f6e0 2008.0/SRPMS/mozilla-firefox-ext-scribefire-3.2.3-0.1mdv2008.0.src.rpm d6e2ab7654052e0795b97fa09b28f49c 2008.0/SRPMS/rarian-0.8.0-0.1mdv2008.0.src.rpm b9d7680838c669ec341b689b83979d01 2008.0/SRPMS/totem-2.20.1-1.9mdv2008.0.src.rpm 3a59f30ec62603a99ad52421133d081b 2008.0/SRPMS/xulrunner-1.9.0.15-0.1mdv2008.0.src.rpm 9a2e88de84689ebf04c21e677bea5bb8 2008.0/SRPMS/yelp-2.22.1-0.1mdv2008.0.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFLGAEDmqjQ0CJFipgRAkqqAJkB8gZJYwBfNDlE3XyBV1VSC7n7FACeJUIv /71G3HucXRWvkY2USlym/kE= =hoXy -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/