lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Wed Jun  7 00:26:57 2006
From: marcdeslauriers at videotron.ca (Marc Deslauriers)
Subject: [FLSA-2006:189137-1] Updated mozilla packages fix
	security issues

---------------------------------------------------------------------
               Fedora Legacy Update Advisory

Synopsis:       Updated mozilla packages fix security issues
Advisory ID:    FLSA:189137-1
Issue date:     2006-06-06
Product:        Red Hat Linux, Fedora Core
Keywords:       Bugfix, Security
CVE Names:      CVE-2006-0748 CVE-2006-0749 CVE-2006-0884 CVE-2006-1727
		CVE-2006-1728 CVE-2006-1729 CVE-2006-1730 CVE-2006-1731
		CVE-2006-1732 CVE-2006-1733 CVE-2006-1734 CVE-2006-1735
		CVE-2006-1737 CVE-2006-1738 CVE-2006-1739 CVE-2006-1740
		CVE-2006-1741 CVE-2006-1742 CVE-2006-1790
---------------------------------------------------------------------


---------------------------------------------------------------------
1. Topic:

Updated mozilla packages that fix several security bugs are now
available.

Mozilla is an open source Web browser, advanced email and newsgroup
client, IRC chat client, and HTML editor.

2. Relevant releases/architectures:

Red Hat Linux 7.3 - i386
Red Hat Linux 9 - i386
Fedora Core 1 - i386
Fedora Core 2 - i386
Fedora Core 3 - i386, x86_64

3. Problem description:

Several bugs were found in the way Mozilla processes malformed
javascript. A malicious web page could modify the content of a different
open web page, possibly stealing sensitive information or conducting a
cross-site scripting attack. (CVE-2006-1731, CVE-2006-1732,
CVE-2006-1741)

Several bugs were found in the way Mozilla processes certain javascript
actions. A malicious web page could execute arbitrary javascript
instructions with the permissions of "chrome", allowing the page to
steal sensitive information or install browser malware. (CVE-2006-1727,
CVE-2006-1728, CVE-2006-1733, CVE-2006-1734, CVE-2006-1735,
CVE-2006-1742)

Several bugs were found in the way Mozilla processes malformed web
pages. A carefully crafted malicious web page could cause the execution
of arbitrary code as the user running Mozilla. (CVE-2006-0748,
CVE-2006-0749, CVE-2006-1730, CVE-2006-1737, CVE-2006-1738,
CVE-2006-1739, CVE-2006-1790)

A bug was found in the way Mozilla displays the secure site icon. If a
browser is configured to display the non-default secure site modal
warning dialog, it may be possible to trick a user into believing they
are viewing a secure site. (CVE-2006-1740)

A bug was found in the way Mozilla allows javascript mutation events on
"input" form elements. A malicious web page could be created in such a
way that when a user submits a form, an arbitrary file could be uploaded
to the attacker. (CVE-2006-1729)

A bug was found in the way Mozilla executes in-line mail forwarding. If
a user can be tricked into forwarding a maliciously crafted mail message
as in-line content, it is possible for the message to execute javascript
with the permissions of "chrome". (CVE-2006-0884)

Users of Mozilla are advised to upgrade to these updated packages
containing Mozilla version 1.7.13 which corrects these issues.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.  Only those
RPMs which are currently installed will be updated.  Those RPMs which
are not installed but included in the list will not be updated.  Note
that you can also use wildcards (*.rpm) if your current directory *only*
contains the desired RPMs.

Please note that this update is also available via yum and apt.  Many
people find this an easier way to apply updates.  To use yum issue:

yum update

or to use apt:

apt-get update; apt-get upgrade

This will start an interactive process that will result in the
appropriate RPMs being upgraded on your system.  This assumes that you
have yum or apt-get configured for obtaining Fedora Legacy content.
Please visit http://www.fedoralegacy.org/docs for directions on how to
configure yum and apt-get.

5. Bug IDs fixed:

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189137

6. RPMs required:

Red Hat Linux 7.3:

SRPM:
http://download.fedoralegacy.org/redhat/7.3/updates/SRPMS/mozilla-1.7.13-0.73.1.legacy.src.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/SRPMS/galeon-1.2.14-0.73.6.legacy.src.rpm

i386:
http://download.fedoralegacy.org/redhat/7.3/updates/i386/mozilla-1.7.13-0.73.1.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/mozilla-chat-1.7.13-0.73.1.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/mozilla-devel-1.7.13-0.73.1.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/mozilla-dom-inspector-1.7.13-0.73.1.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/mozilla-js-debugger-1.7.13-0.73.1.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/mozilla-mail-1.7.13-0.73.1.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/mozilla-nspr-1.7.13-0.73.1.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/mozilla-nspr-devel-1.7.13-0.73.1.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/mozilla-nss-1.7.13-0.73.1.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/mozilla-nss-devel-1.7.13-0.73.1.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/galeon-1.2.14-0.73.6.legacy.i386.rpm

Red Hat Linux 9:

SRPM:
http://download.fedoralegacy.org/redhat/9/updates/SRPMS/mozilla-1.7.13-0.90.1.legacy.src.rpm
http://download.fedoralegacy.org/redhat/9/updates/SRPMS/galeon-1.2.14-0.90.6.legacy.src.rpM

i386:
http://download.fedoralegacy.org/redhat/9/updates/i386/mozilla-1.7.13-0.90.1.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/mozilla-chat-1.7.13-0.90.1.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/mozilla-devel-1.7.13-0.90.1.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/mozilla-dom-inspector-1.7.13-0.90.1.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/mozilla-js-debugger-1.7.13-0.90.1.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/mozilla-mail-1.7.13-0.90.1.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/mozilla-nspr-1.7.13-0.90.1.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/mozilla-nspr-devel-1.7.13-0.90.1.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/mozilla-nss-1.7.13-0.90.1.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/mozilla-nss-devel-1.7.13-0.90.1.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/galeon-1.2.14-0.90.6.legacy.i386.rpm

Fedora Core 1:

SRPM:
http://download.fedoralegacy.org/fedora/1/updates/SRPMS/mozilla-1.7.13-1.1.1.legacy.src.rpm
http://download.fedoralegacy.org/fedora/1/updates/SRPMS/epiphany-1.0.8-1.fc1.6.legacy.src.rpm

i386:
http://download.fedoralegacy.org/fedora/1/updates/i386/mozilla-1.7.13-1.1.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/mozilla-chat-1.7.13-1.1.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/mozilla-devel-1.7.13-1.1.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/mozilla-dom-inspector-1.7.13-1.1.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/mozilla-js-debugger-1.7.13-1.1.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/mozilla-mail-1.7.13-1.1.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/mozilla-nspr-1.7.13-1.1.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/mozilla-nspr-devel-1.7.13-1.1.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/mozilla-nss-1.7.13-1.1.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/mozilla-nss-devel-1.7.13-1.1.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/epiphany-1.0.8-1.fc1.6.legacy.i386.rpm

Fedora Core 2:

SRPM:
http://download.fedoralegacy.org/fedora/2/updates/SRPMS/mozilla-1.7.13-1.2.1.legacy.src.rpm
http://download.fedoralegacy.org/fedora/2/updates/SRPMS/epiphany-1.2.10-0.2.7.legacy.src.rpm
http://download.fedoralegacy.org/fedora/2/updates/SRPMS/devhelp-0.9.1-0.2.10.legacy.src.rpm

i386:
http://download.fedoralegacy.org/fedora/2/updates/i386/mozilla-1.7.13-1.2.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/2/updates/i386/mozilla-chat-1.7.13-1.2.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/2/updates/i386/mozilla-devel-1.7.13-1.2.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/2/updates/i386/mozilla-dom-inspector-1.7.13-1.2.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/2/updates/i386/mozilla-js-debugger-1.7.13-1.2.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/2/updates/i386/mozilla-mail-1.7.13-1.2.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/2/updates/i386/mozilla-nspr-1.7.13-1.2.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/2/updates/i386/mozilla-nspr-devel-1.7.13-1.2.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/2/updates/i386/mozilla-nss-1.7.13-1.2.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/2/updates/i386/mozilla-nss-devel-1.7.13-1.2.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/2/updates/i386/epiphany-1.2.10-0.2.7.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/2/updates/i386/devhelp-0.9.1-0.2.10.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/2/updates/i386/devhelp-devel-0.9.1-0.2.10.legacy.i386.rpm

Fedora Core 3:

SRPM:
http://download.fedoralegacy.org/fedora/3/updates/SRPMS/mozilla-1.7.13-1.3.1.legacy.src.rpm
http://download.fedoralegacy.org/fedora/3/updates/SRPMS/epiphany-1.4.9-1.1.legacy.src.rpm
http://download.fedoralegacy.org/fedora/3/updates/SRPMS/devhelp-0.9.2-2.3.7.legacy.src.rpm

i386:
http://download.fedoralegacy.org/fedora/3/updates/i386/mozilla-1.7.13-1.3.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/mozilla-chat-1.7.13-1.3.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/mozilla-devel-1.7.13-1.3.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/mozilla-dom-inspector-1.7.13-1.3.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/mozilla-js-debugger-1.7.13-1.3.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/mozilla-mail-1.7.13-1.3.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/mozilla-nspr-1.7.13-1.3.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/mozilla-nspr-devel-1.7.13-1.3.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/mozilla-nss-1.7.13-1.3.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/mozilla-nss-devel-1.7.13-1.3.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/epiphany-1.4.9-1.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/epiphany-devel-1.4.9-1.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/devhelp-0.9.2-2.3.7.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/devhelp-devel-0.9.2-2.3.7.legacy.i386.rpm

x86_64:
http://download.fedoralegacy.org/fedora/3/updates/x86_64/mozilla-1.7.13-1.3.1.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/mozilla-chat-1.7.13-1.3.1.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/mozilla-devel-1.7.13-1.3.1.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/mozilla-dom-inspector-1.7.13-1.3.1.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/mozilla-js-debugger-1.7.13-1.3.1.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/mozilla-mail-1.7.13-1.3.1.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/mozilla-nspr-1.7.13-1.3.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/mozilla-nspr-1.7.13-1.3.1.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/mozilla-nspr-devel-1.7.13-1.3.1.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/mozilla-nss-1.7.13-1.3.1.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/mozilla-nss-1.7.13-1.3.1.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/mozilla-nss-devel-1.7.13-1.3.1.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/epiphany-1.4.9-1.1.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/epiphany-devel-1.4.9-1.1.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/devhelp-0.9.2-2.3.7.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/devhelp-devel-0.9.2-2.3.7.legacy.x86_64.rpm


7. Verification:

SHA1 sum                                 Package Name
---------------------------------------------------------------------

rh7.3:
b7616c52ee2776f3577fcda0a0628c5ec6cffae7
redhat/7.3/updates/i386/mozilla-1.7.13-0.73.1.legacy.i386.rpm
a6234bd3b89616ce5b924a36c95ba1421b6b8ecf
redhat/7.3/updates/i386/mozilla-chat-1.7.13-0.73.1.legacy.i386.rpm
3d7b92d47b825f5a936c54ca63679916f428917e
redhat/7.3/updates/i386/mozilla-devel-1.7.13-0.73.1.legacy.i386.rpm
2b4c765543b3f4fc5ac04127ca70c70a33fddaec
redhat/7.3/updates/i386/mozilla-dom-inspector-1.7.13-0.73.1.legacy.i386.rpm
c15eceb55105a87f8d5dc0db24b9cf95e815a5a2
redhat/7.3/updates/i386/mozilla-js-debugger-1.7.13-0.73.1.legacy.i386.rpm
09dcdb176779a013efc6b1819e5391854d94a751
redhat/7.3/updates/i386/mozilla-mail-1.7.13-0.73.1.legacy.i386.rpm
5126d56d8ff98dfdcd69ed6864821120fc959c55
redhat/7.3/updates/i386/mozilla-nspr-1.7.13-0.73.1.legacy.i386.rpm
d2db357f5fe0d1ffce22db18f7d95c96dcfcffa3
redhat/7.3/updates/i386/mozilla-nspr-devel-1.7.13-0.73.1.legacy.i386.rpm
7b3a403f4981d5ffa676aa38e5699fca9e7c2f18
redhat/7.3/updates/i386/mozilla-nss-1.7.13-0.73.1.legacy.i386.rpm
3eea1812fa6a6ef13ed8826cd7734bd266c9b0fb
redhat/7.3/updates/i386/mozilla-nss-devel-1.7.13-0.73.1.legacy.i386.rpm
46393b4afb72fcd8100de2c61b6531d9ffe1dbf5
redhat/7.3/updates/i386/galeon-1.2.14-0.73.6.legacy.i386.rpm
d7222582e0c6d2cb635e07d91f6ffd4f85d36a49
redhat/7.3/updates/SRPMS/mozilla-1.7.13-0.73.1.legacy.src.rpm
b437ce5a3b53a11730c42590f28f8a8437622a2f
redhat/7.3/updates/SRPMS/galeon-1.2.14-0.73.6.legacy.src.rpm

rh9:
624c5f90520fba704ad4f66dbf90b1f1c957b13c
redhat/9/updates/i386/mozilla-1.7.13-0.90.1.legacy.i386.rpm
d774d70acfa13e6fdfaed04fe99dc72f6d2ff9e8
redhat/9/updates/i386/mozilla-chat-1.7.13-0.90.1.legacy.i386.rpm
c97b2a1d23cdcec966ad0f578ae7ed54298e0539
redhat/9/updates/i386/mozilla-devel-1.7.13-0.90.1.legacy.i386.rpm
494506d66fe98871e624009969ac642c98a1f812
redhat/9/updates/i386/mozilla-dom-inspector-1.7.13-0.90.1.legacy.i386.rpm
b844468a52354d6e9233a3f2b423c21879c7ca2f
redhat/9/updates/i386/mozilla-js-debugger-1.7.13-0.90.1.legacy.i386.rpm
2313fc46b0f7192d2e50675b978a6132fef9c7e3
redhat/9/updates/i386/mozilla-mail-1.7.13-0.90.1.legacy.i386.rpm
c37ce58b4bc86d84585e53c97ef63f3733ffa038
redhat/9/updates/i386/mozilla-nspr-1.7.13-0.90.1.legacy.i386.rpm
c99c3912597d83cdb161c1e2d4476985ebbe301f
redhat/9/updates/i386/mozilla-nspr-devel-1.7.13-0.90.1.legacy.i386.rpm
82f292d71571e66844a0b6b59252271bcf26c5a9
redhat/9/updates/i386/mozilla-nss-1.7.13-0.90.1.legacy.i386.rpm
8da1e54eed9099c2dbb4c04e97157bf742128488
redhat/9/updates/i386/mozilla-nss-devel-1.7.13-0.90.1.legacy.i386.rpm
99041c948b0fb28092be0b817e2f631b76a05614
redhat/9/updates/i386/galeon-1.2.14-0.90.6.legacy.i386.rpm
d20d8e1985145c55a185f67e4209a01f1654c0ac
redhat/9/updates/SRPMS/mozilla-1.7.13-0.90.1.legacy.src.rpm
aa35ab30634d4f5018e3f3e7bb4c290a23e8b1f0
redhat/9/updates/SRPMS/galeon-1.2.14-0.90.6.legacy.src.rpm

fc1:
3d510a0a221fd0af801d32075cfec02b54e07422
fedora/1/updates/i386/mozilla-1.7.13-1.1.1.legacy.i386.rpm
becd9c7a44a82ccfbe3cf6b03f051ecd4a273131
fedora/1/updates/i386/mozilla-chat-1.7.13-1.1.1.legacy.i386.rpm
1ba6d5e1f14397c25baebb208b3f94de04d46131
fedora/1/updates/i386/mozilla-devel-1.7.13-1.1.1.legacy.i386.rpm
bc3d9984f60bbe6794c205e3222c9ea2335bd42e
fedora/1/updates/i386/mozilla-dom-inspector-1.7.13-1.1.1.legacy.i386.rpm
27b23b8f5be8a15c8294a1a40b62aafd0c8b8da8
fedora/1/updates/i386/mozilla-js-debugger-1.7.13-1.1.1.legacy.i386.rpm
fac226fb8ed3c08bd5c38729ca4bdcb7cbfa7155
fedora/1/updates/i386/mozilla-mail-1.7.13-1.1.1.legacy.i386.rpm
50de7263571cfdca103af679b2b4824cf5e4b733
fedora/1/updates/i386/mozilla-nspr-1.7.13-1.1.1.legacy.i386.rpm
6864171e9ad26571bc9fae8c22d9b713e790e217
fedora/1/updates/i386/mozilla-nspr-devel-1.7.13-1.1.1.legacy.i386.rpm
231222af647baca7cf8ad3aa70102baf065844ea
fedora/1/updates/i386/mozilla-nss-1.7.13-1.1.1.legacy.i386.rpm
b2a45de48fd072f61c4887c9fb7b1e28d5ceb724
fedora/1/updates/i386/mozilla-nss-devel-1.7.13-1.1.1.legacy.i386.rpm
4278190ae02b1ba55ab8f7bff797aa0b7c6367cf
fedora/1/updates/i386/epiphany-1.0.8-1.fc1.6.legacy.i386.rpm
d7698a730ded9bf23f9cf50af0b311344d6a32c9
fedora/1/updates/SRPMS/mozilla-1.7.13-1.1.1.legacy.src.rpm
98e8156234d0d70503b2e35958b6c16fd6af9839
fedora/1/updates/SRPMS/epiphany-1.0.8-1.fc1.6.legacy.src.rpm

fc2:
159c63cf7ea9fdc986cea0e5f5385dfb5b6305b4
fedora/2/updates/i386/mozilla-1.7.13-1.2.1.legacy.i386.rpm
f407853505e31c18da4b7f6cb381eda08f92e95a
fedora/2/updates/i386/mozilla-chat-1.7.13-1.2.1.legacy.i386.rpm
34b9bfcbadd11a46d9c8e83bb74cadb20f5e4923
fedora/2/updates/i386/mozilla-devel-1.7.13-1.2.1.legacy.i386.rpm
dee1265fd2e11184729411971ebbf78cb563a0e5
fedora/2/updates/i386/mozilla-dom-inspector-1.7.13-1.2.1.legacy.i386.rpm
c04910085005cd7e6df6f94ef59c97df8825c07b
fedora/2/updates/i386/mozilla-js-debugger-1.7.13-1.2.1.legacy.i386.rpm
4d7705a6ca92e8508dfc129f9d230b655fcaf1d5
fedora/2/updates/i386/mozilla-mail-1.7.13-1.2.1.legacy.i386.rpm
a77cbd95adaf8033fd41a79c8fa5834f5bf6966b
fedora/2/updates/i386/mozilla-nspr-1.7.13-1.2.1.legacy.i386.rpm
bac22ca27bd47b5568016b836655c0205f412f07
fedora/2/updates/i386/mozilla-nspr-devel-1.7.13-1.2.1.legacy.i386.rpm
a2a5c35a60ce9a77776ca68f85540f4b36a5d687
fedora/2/updates/i386/mozilla-nss-1.7.13-1.2.1.legacy.i386.rpm
bc9bed78a37a55ee2c7c0447e28454117d75b2f5
fedora/2/updates/i386/mozilla-nss-devel-1.7.13-1.2.1.legacy.i386.rpm
82050caf931b8f86483430536d1044ca0e18e26c
fedora/2/updates/i386/epiphany-1.2.10-0.2.7.legacy.i386.rpm
fd3a6e7733046ab57d5d0578942b63039f60549f
fedora/2/updates/i386/devhelp-0.9.1-0.2.10.legacy.i386.rpm
dbfc536e2d5fb26ae710550517d00eb7b5c1c425
fedora/2/updates/i386/devhelp-devel-0.9.1-0.2.10.legacy.i386.rpm
7d3714941a249cf2706860c80d5fdd2f6f9d6a49
fedora/2/updates/SRPMS/mozilla-1.7.13-1.2.1.legacy.src.rpm
b63f40f2d2c84c6a23ba9668a0ad523600208b88
fedora/2/updates/SRPMS/epiphany-1.2.10-0.2.7.legacy.src.rpm
e0d504c88489904fe8c94cf552ba4c91ba78dd69
fedora/2/updates/SRPMS/devhelp-0.9.1-0.2.10.legacy.src.rpm

fc3:
fc30ba78ef98ffc0f4d7830a293a5a45532487a1
fedora/3/updates/i386/mozilla-1.7.13-1.3.1.legacy.i386.rpm
6046bfef309c48de5545ded1dff026bda82aa12a
fedora/3/updates/i386/mozilla-chat-1.7.13-1.3.1.legacy.i386.rpm
2cb20e33c2931ce7f12a0149b8a2f1992ff47459
fedora/3/updates/i386/mozilla-devel-1.7.13-1.3.1.legacy.i386.rpm
182a9e1a32e9d354b6ffedb5b7be7dd49192b119
fedora/3/updates/i386/mozilla-dom-inspector-1.7.13-1.3.1.legacy.i386.rpm
fbac943985224c5bdbbce8b83157614f48f2c11d
fedora/3/updates/i386/mozilla-js-debugger-1.7.13-1.3.1.legacy.i386.rpm
dc733cb3312c3d105e4414bf969e84ddfa5ff435
fedora/3/updates/i386/mozilla-mail-1.7.13-1.3.1.legacy.i386.rpm
fd7ef3c6ab771fd368c81bd1925c0194c0503dc7
fedora/3/updates/i386/mozilla-nspr-1.7.13-1.3.1.legacy.i386.rpm
6ca450fb3bda3d9acc3e9dcd86c7480fda7c881b
fedora/3/updates/i386/mozilla-nspr-devel-1.7.13-1.3.1.legacy.i386.rpm
25d618ca1f740e9ce6a8d18878dcef447f0dcfbe
fedora/3/updates/i386/mozilla-nss-1.7.13-1.3.1.legacy.i386.rpm
f61c46c5e3a6bbfcd84c1d1db0948ad351568cfb
fedora/3/updates/i386/mozilla-nss-devel-1.7.13-1.3.1.legacy.i386.rpm
3d0a3210e82fe5059d4dd97dfad797522a8dd566
fedora/3/updates/i386/epiphany-1.4.9-1.1.legacy.i386.rpm
9e1b3c5029b1da72303b87566d0fe98ae80316ad
fedora/3/updates/i386/epiphany-devel-1.4.9-1.1.legacy.i386.rpm
2700c95dbed803c53f4a632d818df4e6045abede
fedora/3/updates/i386/devhelp-0.9.2-2.3.7.legacy.i386.rpm
0635473154c90a0654938e15eea3e0fab24cbcee
fedora/3/updates/i386/devhelp-devel-0.9.2-2.3.7.legacy.i386.rpm
2b9902cc94ef38dac784342d1330cdb34a0308c2
fedora/3/updates/x86_64/mozilla-1.7.13-1.3.1.legacy.x86_64.rpm
d6c6635c7a9004b90a20ff32330f3e2aef755e7e
fedora/3/updates/x86_64/mozilla-chat-1.7.13-1.3.1.legacy.x86_64.rpm
ec5ca5851ea31e60f5211d4f308b2d4eae65e97b
fedora/3/updates/x86_64/mozilla-devel-1.7.13-1.3.1.legacy.x86_64.rpm
74ac4472c45fecb4562fe73c1aba2c8fbc381da6
fedora/3/updates/x86_64/mozilla-dom-inspector-1.7.13-1.3.1.legacy.x86_64.rpm
0b136eb099b9262271d29d1c55f08e3623fd9b9e
fedora/3/updates/x86_64/mozilla-js-debugger-1.7.13-1.3.1.legacy.x86_64.rpm
45aaade65400ab18d12525de0949a96d06c1d784
fedora/3/updates/x86_64/mozilla-mail-1.7.13-1.3.1.legacy.x86_64.rpm
fd7ef3c6ab771fd368c81bd1925c0194c0503dc7
fedora/3/updates/x86_64/mozilla-nspr-1.7.13-1.3.1.legacy.i386.rpm
19919ed666049efdb10a571441b32733e3a928c9
fedora/3/updates/x86_64/mozilla-nspr-1.7.13-1.3.1.legacy.x86_64.rpm
2020bad33430a1c9cf6e9298fb3ea8f264262e23
fedora/3/updates/x86_64/mozilla-nspr-devel-1.7.13-1.3.1.legacy.x86_64.rpm
25d618ca1f740e9ce6a8d18878dcef447f0dcfbe
fedora/3/updates/x86_64/mozilla-nss-1.7.13-1.3.1.legacy.i386.rpm
1c9d432246665f03ad4c24c7a21ed2d40eea736c
fedora/3/updates/x86_64/mozilla-nss-1.7.13-1.3.1.legacy.x86_64.rpm
2e47b9e82c433533cd3e39c2380c511e03e9b320
fedora/3/updates/x86_64/mozilla-nss-devel-1.7.13-1.3.1.legacy.x86_64.rpm
8e763b21f9289a454484fa65ed27053f87b83527
fedora/3/updates/x86_64/epiphany-1.4.9-1.1.legacy.x86_64.rpm
a5b5f6d6dbbb2385a13d8b5290d92c119c837c43
fedora/3/updates/x86_64/epiphany-devel-1.4.9-1.1.legacy.x86_64.rpm
54b0234a8abf2b04f45b8062806bc500347a0ce2
fedora/3/updates/x86_64/devhelp-0.9.2-2.3.7.legacy.x86_64.rpm
18374065d2a67b4d0838e4c63bff44d25658ff53
fedora/3/updates/x86_64/devhelp-devel-0.9.2-2.3.7.legacy.x86_64.rpm
5a9ebd563c86b57673ee717a777b2b828cb6f7ae
fedora/3/updates/SRPMS/mozilla-1.7.13-1.3.1.legacy.src.rpm
9b7f3d9405d50fb5f52931ef8f18d9e1f2b4fe58
fedora/3/updates/SRPMS/epiphany-1.4.9-1.1.legacy.src.rpm
71a4112fbd0411c57a8b37ba2179b7ec5b8f024e
fedora/3/updates/SRPMS/devhelp-0.9.2-2.3.7.legacy.src.rpm


These packages are GPG signed by Fedora Legacy for security.  Our key is
available from http://www.fedoralegacy.org/about/security.php

You can verify each package with the following command:

    rpm --checksig -v <filename>

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the sha1sum with the following command:

    sha1sum <filename>

8. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0748
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0749
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0884
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1727
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1728
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1729
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1730
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1731
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1732
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1733
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1734
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1735
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1737
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1738
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1739
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1740
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1741
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1742
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1790

9. Contact:

The Fedora Legacy security contact is <secnotice@...oralegacy.org>. More
project details at http://www.fedoralegacy.org

---------------------------------------------------------------------


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060606/19846460/signature.bin

Powered by blists - more mailing lists