| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 20 Apr 2010 20:53:00 +0200 From: security@...driva.com To: full-disclosure@...ts.grok.org.uk Subject: [ MDVSA-2010:070-1 ] firefox -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2010:070-1 http://www.mandriva.com/security/ _______________________________________________________________________ Package : firefox Date : April 20, 2010 Affected: 2009.0 _______________________________________________________________________ Problem Description: Security issues were identified and fixed in firefox: Security researcher regenrecht reported (via TippingPoint's Zero Day Initiative) a potential reuse of a deleted image frame in Firefox 3.6's handling of multipart/x-mixed-replace images. Although no exploit was shown, re-use of freed memory has led to exploitable vulnerabilities in the past (CVE-2010-0164). Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code (CVE-2010-0165, CVE-2010-0167). Mozilla developer Josh Soref of Nokia reported that documents failed to call certain security checks when attempting to preload images. Although the image content is not available to the page, it is possible to specify protocols that are normally not allowed in a web page such as file:. This includes internal schemes implemented by add-ons that might perform privileged actions resulting in something like a Cross-Site Request Forgery (CSRF) attack against the add-on. Potential severity would depend on the add-ons installed (CVE-2010-0168). Mozilla developer Blake Kaplan reported that the window.location object was made a normal overridable JavaScript object in the Firefox 3.6 browser engine (Gecko 1.9.2) because new mechanisms were developed to enforce the same-origin policy between windows and frames. This object is unfortunately also used by some plugins to determine the page origin used for access restrictions. A malicious page could override this object to fool a plugin into granting access to data on another site or the local file system. The behavior of older Firefox versions has been restored (CVE-2010-0170). Mozilla developer Justin Dolske reported that the new asynchronous Authorization Prompt (HTTP username and password) was not always attached to the correct window. Although we have not demonstrated this, it may be possible for a malicious page to convince a user to open a new tab or popup to a trusted service and then have the HTTP authorization prompt from the malicious page appear to be the login prompt for the trusted page. This potential attack is greatly mitigated by the fact that very few web sites use HTTP authorization, preferring instead to use web forms and cookies (CVE-2010-0172). Unspecified vulnerability in Mozilla Firefox 3.5.x through 3.5.8 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly have unknown other impact via vectors that might involve compressed data, a different vulnerability than CVE-2010-1028 (CVE-2010-1122). Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code (CVE-2010-0173, CVE-2010-0174) Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that a select event handler for XUL tree items could be called after the tree item was deleted. This results in the execution of previously freed memory which an attacker could use to crash a victim's browser and run arbitrary code on the victim's computer (CVE-2010-0175). Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an error in the way <option> elements are inserted into a XUL tree <optgroup>. In certain cases, the number of references to an <option> element is under-counted so that when the element is deleted, a live pointer to its old location is kept around and may later be used. An attacker could potentially use these conditions to run arbitrary code on a victim's computer (CVE-2010-0176). Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an error in the implementation of the window.navigator.plugins object. When a page reloads, the plugins array would reallocate all of its members without checking for existing references to each member. This could result in the deletion of objects for which valid pointers still exist. An attacker could use this vulnerability to crash a victim's browser and run arbitrary code on the victim's machine (CVE-2010-0177). Security researcher Paul Stone reported that a browser applet could be used to turn a simple mouse click into a drag-and-drop action, potentially resulting in the unintended loading of resources in a user's browser. This behavior could be used twice in succession to first load a privileged chrome: URL in a victim's browser, then load a malicious javascript: URL on top of the same document resulting in arbitrary script execution with chrome privileges (CVE-2010-0178). Mozilla security researcher moz_bug_r_a4 reported that the XMLHttpRequestSpy module in the Firebug add-on was exposing an underlying chrome privilege escalation vulnerability. When the XMLHttpRequestSpy object was created, it would attach various properties of itself to objects defined in web content, which were not being properly wrapped to prevent their exposure to chrome privileged objects. This could result in an attacker running arbitrary JavaScript on a victim's machine, though it required the victim to have Firebug installed, so the overall severity of the issue was determined to be High (CVE-2010-0179). phpBB developer Henry Sudhof reported that when an image tag points to a resource that redirects to a mailto: URL, the external mail handler application is launched. This issue poses no security threat to users but could create an annoyance when browsing a site that allows users to post arbitrary images (CVE-2010-0181). Mozilla community member Wladimir Palant reported that XML documents were failing to call certain security checks when loading new content. This could result in certain resources being loaded that would otherwise violate security policies set by the browser or installed add-ons (CVE-2010-0182). Note that to benefit from the fix for CVE-2009-3555 added in nss-3.12.6, Firefox 3.6 users will need to set their security.ssl.require_safe_negotiation preference to true. In Mandriva the default setting is false due to problems with some common sites. Since firefox-3.0.19 is the last 3.0.x release Mandriva opted to provide the latest 3.6.3 version for Mandriva Linux 2008.0/2009.0/2009.1/MES5/2010.0. Packages for 2008.0 and 2009.0 are provided due to the Extended Maintenance Program for those products. Additionally, some packages which require so, have been rebuilt and are being provided as updates. Update: Packages for 2009.0 are provided due to the Extended Maintenance Program. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0164 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0165 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0167 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0168 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0170 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0172 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1122 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0173 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0174 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0175 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0176 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0177 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0178 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0179 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0181 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0182 http://www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.3 _______________________________________________________________________ Updated Packages: Mandriva Linux 2009.0: c010232ec13300d13a09321fd53ab206 2009.0/i586/beagle-0.3.8-13.19mdv2009.0.i586.rpm 266c876250ff5406a82d0215596c4d13 2009.0/i586/beagle-crawl-system-0.3.8-13.19mdv2009.0.i586.rpm c6d7e2452846fecfc6b3a071c5b22ce7 2009.0/i586/beagle-doc-0.3.8-13.19mdv2009.0.i586.rpm 152b2987738620c04d985efc70f93deb 2009.0/i586/beagle-epiphany-0.3.8-13.19mdv2009.0.i586.rpm 4d90e5e91d6fb74d1226d72aaa3d5c82 2009.0/i586/beagle-evolution-0.3.8-13.19mdv2009.0.i586.rpm c0364126890604b6767052aae75c6e33 2009.0/i586/beagle-gui-0.3.8-13.19mdv2009.0.i586.rpm 570b286a25c85fa69457cbfb9b92c3a4 2009.0/i586/beagle-gui-qt-0.3.8-13.19mdv2009.0.i586.rpm 0cf57200876cd2d2396746139763e25f 2009.0/i586/beagle-libs-0.3.8-13.19mdv2009.0.i586.rpm 3171b8cbd0d1686c02a25dc6dfe73449 2009.0/i586/devhelp-0.21-3.13mdv2009.0.i586.rpm 2762fd987c8b7c858032db59e9650038 2009.0/i586/devhelp-plugins-0.21-3.13mdv2009.0.i586.rpm 1dc367c339853a8394fb0a8dd7defd3d 2009.0/i586/epiphany-2.24.3-0.1mdv2009.0.i586.rpm a79b5b45d9a2115822b161b8b4fa8b0e 2009.0/i586/epiphany-devel-2.24.3-0.1mdv2009.0.i586.rpm 9ba9059fddf3e3dc91a7fd1edcc3c93e 2009.0/i586/firefox-3.6.3-0.2mdv2009.0.i586.rpm a9784b1c11867fcb022bcb61f091a39e 2009.0/i586/firefox-af-3.6.3-0.1mdv2009.0.i586.rpm 6719a68cd54602337185026bfa075fb0 2009.0/i586/firefox-ar-3.6.3-0.1mdv2009.0.i586.rpm e7c8e52c44198f50b5e4d9b7ba332eca 2009.0/i586/firefox-be-3.6.3-0.1mdv2009.0.i586.rpm a0acbf770a2252fe68d225216fcde862 2009.0/i586/firefox-bg-3.6.3-0.1mdv2009.0.i586.rpm 03579a6cd3378c1f5a589e92c4590cfb 2009.0/i586/firefox-bn-3.6.3-0.1mdv2009.0.i586.rpm 3bb4310f4e7eaf367130e6b9ed21e481 2009.0/i586/firefox-ca-3.6.3-0.1mdv2009.0.i586.rpm c1d8fbe3d2760a9ecccc72249255991e 2009.0/i586/firefox-cs-3.6.3-0.1mdv2009.0.i586.rpm 966cde689e1858e00a6088c25cb737aa 2009.0/i586/firefox-cy-3.6.3-0.1mdv2009.0.i586.rpm a8bb0f98e29f08d08d09c73525d7f0fe 2009.0/i586/firefox-da-3.6.3-0.1mdv2009.0.i586.rpm e8bd212e342aaf67410a317bdef90f96 2009.0/i586/firefox-de-3.6.3-0.1mdv2009.0.i586.rpm 9ba8957caff7d084c9b768393dd9ad8f 2009.0/i586/firefox-devel-3.6.3-0.2mdv2009.0.i586.rpm 8b203803d02699cfd97a27ddfe4a5cc2 2009.0/i586/firefox-el-3.6.3-0.1mdv2009.0.i586.rpm 3977a8351e3561623eb40a530e0c330e 2009.0/i586/firefox-en_GB-3.6.3-0.1mdv2009.0.i586.rpm 62ea90acb1dd64bd17b4ea468a20edcd 2009.0/i586/firefox-eo-3.6.3-0.1mdv2009.0.i586.rpm c064df467bb014f83feca1de548fdadc 2009.0/i586/firefox-es_AR-3.6.3-0.1mdv2009.0.i586.rpm ab5c67b3a161aa885b65eae4d1ffdc86 2009.0/i586/firefox-es_ES-3.6.3-0.1mdv2009.0.i586.rpm c64c95501b1e995e14e0c405385eee54 2009.0/i586/firefox-et-3.6.3-0.1mdv2009.0.i586.rpm 47021232cbf2a6a11645de96d8319d03 2009.0/i586/firefox-eu-3.6.3-0.1mdv2009.0.i586.rpm c404b6038d61ffd47f5468fff769c6b6 2009.0/i586/firefox-ext-beagle-0.3.8-13.19mdv2009.0.i586.rpm a419c35964176a21dbd2d5e8b895cfa8 2009.0/i586/firefox-ext-blogrovr-1.1.804-0.1mdv2009.0.i586.rpm 176a42a89e23a62dddfea862719c76c8 2009.0/i586/firefox-ext-mozvoikko-1.0-0.1mdv2009.0.i586.rpm 080765d3d288e772bbb3ea15125c8f38 2009.0/i586/firefox-ext-scribefire-3.5.1-0.1mdv2009.0.i586.rpm c7bbb49b1b42dd4947a721338971146a 2009.0/i586/firefox-ext-xmarks-3.5.10-0.1mdv2009.0.i586.rpm 445acb52bc111620104bf8cf5a55be94 2009.0/i586/firefox-fi-3.6.3-0.1mdv2009.0.i586.rpm e84c0560240d616fc243893b49628884 2009.0/i586/firefox-fr-3.6.3-0.1mdv2009.0.i586.rpm c2efcf63fcb58df1cb6b60a902117490 2009.0/i586/firefox-fy-3.6.3-0.1mdv2009.0.i586.rpm ece53c927f1ef6c83b9eb42cc840aac6 2009.0/i586/firefox-ga_IE-3.6.3-0.1mdv2009.0.i586.rpm ef915a175c190717992af7ff7f270683 2009.0/i586/firefox-gl-3.6.3-0.1mdv2009.0.i586.rpm 7436d05728b9dbaabd49cbfb821339b3 2009.0/i586/firefox-gu_IN-3.6.3-0.1mdv2009.0.i586.rpm c0be81db6c415fa67b7e5375767e0a1c 2009.0/i586/firefox-he-3.6.3-0.1mdv2009.0.i586.rpm 4f6eb984905f583e3f4f7e350a5ad560 2009.0/i586/firefox-hi-3.6.3-0.1mdv2009.0.i586.rpm cd57cd4f55a2e7303c1995d26addf862 2009.0/i586/firefox-hu-3.6.3-0.1mdv2009.0.i586.rpm 89f13bdc12a9c3212a873f0df61a253f 2009.0/i586/firefox-id-3.6.3-0.1mdv2009.0.i586.rpm 3e0053f19d1d17bea8a740f70ff9801e 2009.0/i586/firefox-is-3.6.3-0.1mdv2009.0.i586.rpm 74f43311f53fc13e4dda057995f8ad67 2009.0/i586/firefox-it-3.6.3-0.1mdv2009.0.i586.rpm b3b17965b3e9a4559722a68a3e9af618 2009.0/i586/firefox-ja-3.6.3-0.1mdv2009.0.i586.rpm 6e45f809bdb6ea515669b8155bbcdf15 2009.0/i586/firefox-kn-3.6.3-0.1mdv2009.0.i586.rpm e05d70fad3858edcbf917508f421443e 2009.0/i586/firefox-ko-3.6.3-0.1mdv2009.0.i586.rpm 6a4733f07a757012738a920d31fb9e6a 2009.0/i586/firefox-lt-3.6.3-0.1mdv2009.0.i586.rpm 9d5d79c9ea3dcb87396ba5d6654dc20b 2009.0/i586/firefox-lv-3.6.3-0.1mdv2009.0.i586.rpm 074a46d8f2cb3fc370fda83ab1d9f279 2009.0/i586/firefox-mk-3.6.3-0.1mdv2009.0.i586.rpm 40377c79638b0ecf7d7647209a22ca8c 2009.0/i586/firefox-mr-3.6.3-0.1mdv2009.0.i586.rpm 80ad0cdbeb4e8645cec5978e2c8ea52a 2009.0/i586/firefox-nb_NO-3.6.3-0.1mdv2009.0.i586.rpm d08440a3c934bce4a41ebd17e1e08798 2009.0/i586/firefox-nl-3.6.3-0.1mdv2009.0.i586.rpm bf64bafaf9838e2506dc3d267665006a 2009.0/i586/firefox-nn_NO-3.6.3-0.1mdv2009.0.i586.rpm 814433a4668a173843d9bbb3c4d207a0 2009.0/i586/firefox-pa_IN-3.6.3-0.1mdv2009.0.i586.rpm ce53ddfa3b7ec301c074b533ac6a57d1 2009.0/i586/firefox-pl-3.6.3-0.1mdv2009.0.i586.rpm 87a3ffe46281fdae60d2f86016105895 2009.0/i586/firefox-pt_BR-3.6.3-0.1mdv2009.0.i586.rpm 368eea6749c8064a42c525341e170ffa 2009.0/i586/firefox-pt_PT-3.6.3-0.1mdv2009.0.i586.rpm ee1e0c5fd5ab246c32e46c5f581486cf 2009.0/i586/firefox-ro-3.6.3-0.1mdv2009.0.i586.rpm cfd8897583871005116db79831cc6270 2009.0/i586/firefox-ru-3.6.3-0.1mdv2009.0.i586.rpm 46d633f669aa0654a2cacbfabf0b4258 2009.0/i586/firefox-si-3.6.3-0.1mdv2009.0.i586.rpm 27f71e05393a0f87e488315b1639ace4 2009.0/i586/firefox-sk-3.6.3-0.1mdv2009.0.i586.rpm d0d8adf3a4fe7abb2ca0ec508fccc1fb 2009.0/i586/firefox-sl-3.6.3-0.1mdv2009.0.i586.rpm 35a1dc6e50a902f548dc2a8e51156c88 2009.0/i586/firefox-sq-3.6.3-0.1mdv2009.0.i586.rpm b82061ef747654762ea1a3e9fa2c604d 2009.0/i586/firefox-sv_SE-3.6.3-0.1mdv2009.0.i586.rpm d338d6fd68fe6b949f5dc7d5be57d729 2009.0/i586/firefox-te-3.6.3-0.1mdv2009.0.i586.rpm 8e6f2a4f31ae192ccf9fabee3b3ab9e0 2009.0/i586/firefox-th-3.6.3-0.1mdv2009.0.i586.rpm b443fb3b6d4b8c275412c5a5d2f60347 2009.0/i586/firefox-theme-kfirefox-0.16-0.1mdv2009.0.i586.rpm 324030a99e7b8d9df3d52f296c75b7a1 2009.0/i586/firefox-tr-3.6.3-0.1mdv2009.0.i586.rpm 5db53d4a190bcc3b959e00a1a5012c93 2009.0/i586/firefox-uk-3.6.3-0.1mdv2009.0.i586.rpm f65b52812827e96ebb2a7c47cd349712 2009.0/i586/firefox-zh_CN-3.6.3-0.1mdv2009.0.i586.rpm f7f66d69e2f941d581306082681bf98d 2009.0/i586/firefox-zh_TW-3.6.3-0.1mdv2009.0.i586.rpm 458df4a0f9d8ae560671983222f23d4d 2009.0/i586/gnome-python-extras-2.19.1-20.13mdv2009.0.i586.rpm 59eb47cafbc3cc338082685c10b14b78 2009.0/i586/gnome-python-gda-2.19.1-20.13mdv2009.0.i586.rpm 3579aa43a44ba292a33377af8dcc0392 2009.0/i586/gnome-python-gda-devel-2.19.1-20.13mdv2009.0.i586.rpm 090322c61ce38ee4b93a7c3cd8a881f6 2009.0/i586/gnome-python-gdl-2.19.1-20.13mdv2009.0.i586.rpm 57fab596462f37dc9375982ada297bf1 2009.0/i586/gnome-python-gtkhtml2-2.19.1-20.13mdv2009.0.i586.rpm a0dfb244f3bb0192001f4cc6014c8d94 2009.0/i586/gnome-python-gtkmozembed-2.19.1-20.13mdv2009.0.i586.rpm 211f52f9c377a5bbb9508e5ec9d6bdb7 2009.0/i586/gnome-python-gtkspell-2.19.1-20.13mdv2009.0.i586.rpm 502c81f17f95f03850e31f58c0860637 2009.0/i586/lemon-3.6.23.1-0.1mdv2009.0.i586.rpm b6badf6dc890e49d79af18f041644fbd 2009.0/i586/libdevhelp-1_0-0.21-3.13mdv2009.0.i586.rpm dd8f5a416ec4020b90cf6a5f264b4ca0 2009.0/i586/libdevhelp-1-devel-0.21-3.13mdv2009.0.i586.rpm 81b38c87d799fd04838a4ec0f317e4c9 2009.0/i586/libsqlite3_0-3.6.23.1-0.1mdv2009.0.i586.rpm 4ee9df528f54ea410410ea7890886523 2009.0/i586/libsqlite3-devel-3.6.23.1-0.1mdv2009.0.i586.rpm 7c7470631b02f710b9813eefd9e8b959 2009.0/i586/libsqlite3-static-devel-3.6.23.1-0.1mdv2009.0.i586.rpm c0a9909050a21de8be5eee71f5dc0e4d 2009.0/i586/libxulrunner1.9.2.3-1.9.2.3-0.2mdv2009.0.i586.rpm 5c7e2efba88646c6ee2f51523a767e96 2009.0/i586/libxulrunner-devel-1.9.2.3-0.2mdv2009.0.i586.rpm 207532513315297ab2cf0713e5418699 2009.0/i586/mozilla-thunderbird-beagle-0.3.8-13.19mdv2009.0.i586.rpm 24075185dd34f652d67ce35a949d2ec7 2009.0/i586/sqlite3-tools-3.6.23.1-0.1mdv2009.0.i586.rpm aa658e51a250c9e6c07c235c63cc28f3 2009.0/i586/tcl-sqlite3-3.6.23.1-0.1mdv2009.0.i586.rpm a9b44e66baccec725e9e88b466bf437d 2009.0/i586/xulrunner-1.9.2.3-0.2mdv2009.0.i586.rpm 80034d32b295a0aa28144bbf298a95c6 2009.0/i586/yelp-2.24.0-3.13mdv2009.0.i586.rpm be1deab60f8a725f6b8bfbdb8a238599 2009.0/SRPMS/beagle-0.3.8-13.19mdv2009.0.src.rpm 958d586e0f51b3eb27c2f8f52e7829db 2009.0/SRPMS/devhelp-0.21-3.13mdv2009.0.src.rpm 4792b42cbf525647004d34d274d6682d 2009.0/SRPMS/epiphany-2.24.3-0.1mdv2009.0.src.rpm 7e6b40730ae28d3084d6177fb3403037 2009.0/SRPMS/firefox-3.6.3-0.2mdv2009.0.src.rpm 4c7598ff3fa6a31f94e709d181ca2f09 2009.0/SRPMS/firefox-ext-blogrovr-1.1.804-0.1mdv2009.0.src.rpm 025b7f312ccccfd2067f120a810a919a 2009.0/SRPMS/firefox-ext-mozvoikko-1.0-0.1mdv2009.0.src.rpm 8918fef155fcc90af164c9150baeaaa5 2009.0/SRPMS/firefox-ext-scribefire-3.5.1-0.1mdv2009.0.src.rpm 227410c21b1116934dd9ea09294625ca 2009.0/SRPMS/firefox-ext-xmarks-3.5.10-0.1mdv2009.0.src.rpm 07425c1f47917b38e1d0234885e1965f 2009.0/SRPMS/firefox-l10n-3.6.3-0.1mdv2009.0.src.rpm 3d37604eec701b6cf4af3d1838e909f3 2009.0/SRPMS/firefox-theme-kfirefox-0.16-0.1mdv2009.0.src.rpm c7182e1d6cf288efab29adfda90e96f3 2009.0/SRPMS/gnome-python-extras-2.19.1-20.13mdv2009.0.src.rpm e6ea77abf2cedcbbfeb7800a35c2caf3 2009.0/SRPMS/sqlite3-3.6.23.1-0.1mdv2009.0.src.rpm 86f62d2fb87e6ac0839ad62d76528e66 2009.0/SRPMS/xulrunner-1.9.2.3-0.2mdv2009.0.src.rpm 1b06f8c1ef094dc481bad8e0f43223e6 2009.0/SRPMS/yelp-2.24.0-3.13mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: 4030cd99306a14ef5af556b69e810730 2009.0/x86_64/beagle-0.3.8-13.19mdv2009.0.x86_64.rpm ff8b44286445fe6c26fbbd233898843f 2009.0/x86_64/beagle-crawl-system-0.3.8-13.19mdv2009.0.x86_64.rpm 803653b787f41199cb7e0e46be67dbea 2009.0/x86_64/beagle-doc-0.3.8-13.19mdv2009.0.x86_64.rpm 7195749c6fad30582e2138ec83cd6257 2009.0/x86_64/beagle-epiphany-0.3.8-13.19mdv2009.0.x86_64.rpm 1af4bd833fa9ca010e41131f838cbbfa 2009.0/x86_64/beagle-evolution-0.3.8-13.19mdv2009.0.x86_64.rpm eeb48bc921e2e3091203a18e31e0113d 2009.0/x86_64/beagle-gui-0.3.8-13.19mdv2009.0.x86_64.rpm c87ca77b25493fbf5e032b082ae52034 2009.0/x86_64/beagle-gui-qt-0.3.8-13.19mdv2009.0.x86_64.rpm 861e1e257a359f1c59e5e26368f5139c 2009.0/x86_64/beagle-libs-0.3.8-13.19mdv2009.0.x86_64.rpm 69d73c982942378a21ee3e98889a0ed5 2009.0/x86_64/devhelp-0.21-3.13mdv2009.0.x86_64.rpm a7d732cc0da6c950ef585a85046ed743 2009.0/x86_64/devhelp-plugins-0.21-3.13mdv2009.0.x86_64.rpm 2d191ac392466c3477c7875e34a9f2da 2009.0/x86_64/epiphany-2.24.3-0.1mdv2009.0.x86_64.rpm a6c7a8ca3bcf34e9f3833e6a8b91e3b1 2009.0/x86_64/epiphany-devel-2.24.3-0.1mdv2009.0.x86_64.rpm d0e7e3245fa77b5ef8960a79ce21bb06 2009.0/x86_64/firefox-3.6.3-0.2mdv2009.0.x86_64.rpm 63e520ba7588c1a239f52650a409abe3 2009.0/x86_64/firefox-af-3.6.3-0.1mdv2009.0.x86_64.rpm 0a0514ae5279278dd543d8e9d5a74ea6 2009.0/x86_64/firefox-ar-3.6.3-0.1mdv2009.0.x86_64.rpm b046e1f2e21cfcc0dafcf2d1f2147e8d 2009.0/x86_64/firefox-be-3.6.3-0.1mdv2009.0.x86_64.rpm 5b3934364b8700447e9d9535e250bd8f 2009.0/x86_64/firefox-bg-3.6.3-0.1mdv2009.0.x86_64.rpm 6ddd1531777cf7ce67ea9716ba8cfddb 2009.0/x86_64/firefox-bn-3.6.3-0.1mdv2009.0.x86_64.rpm 40fd81dd4a0149b65ae2966d22ea79cb 2009.0/x86_64/firefox-ca-3.6.3-0.1mdv2009.0.x86_64.rpm 6dc1fa26932922f2e2fe3b7eafa96278 2009.0/x86_64/firefox-cs-3.6.3-0.1mdv2009.0.x86_64.rpm 1c8d2e4d63dc840f5ff7336cf9a95f94 2009.0/x86_64/firefox-cy-3.6.3-0.1mdv2009.0.x86_64.rpm 855f2c7dba3d39b2d18341e0e2b60142 2009.0/x86_64/firefox-da-3.6.3-0.1mdv2009.0.x86_64.rpm 03a5d24dc0ac395cdb5863ad0d8a08a1 2009.0/x86_64/firefox-de-3.6.3-0.1mdv2009.0.x86_64.rpm e15eca0c2cf300641408dcae79dad35d 2009.0/x86_64/firefox-devel-3.6.3-0.2mdv2009.0.x86_64.rpm b873681e2b2bcf740ad1922d73c4fc3b 2009.0/x86_64/firefox-el-3.6.3-0.1mdv2009.0.x86_64.rpm 255836fc16b38a3e9cff98fdec593d72 2009.0/x86_64/firefox-en_GB-3.6.3-0.1mdv2009.0.x86_64.rpm 9d7f41999589a4ad2b9f3f302c2dadb1 2009.0/x86_64/firefox-eo-3.6.3-0.1mdv2009.0.x86_64.rpm 34eb9899867ff82b381c0365e810734e 2009.0/x86_64/firefox-es_AR-3.6.3-0.1mdv2009.0.x86_64.rpm c04c9699007e522ecec8307222c30a02 2009.0/x86_64/firefox-es_ES-3.6.3-0.1mdv2009.0.x86_64.rpm 062b0004b51f26ccce27a27653bb2bee 2009.0/x86_64/firefox-et-3.6.3-0.1mdv2009.0.x86_64.rpm fd7f4352375a80467def99dfba699e99 2009.0/x86_64/firefox-eu-3.6.3-0.1mdv2009.0.x86_64.rpm 705f3472e2d3169ec363196510479912 2009.0/x86_64/firefox-ext-beagle-0.3.8-13.19mdv2009.0.x86_64.rpm 1173a4b4fd3f38dd889af0d9ed59f6d1 2009.0/x86_64/firefox-ext-blogrovr-1.1.804-0.1mdv2009.0.x86_64.rpm 41d89e33528a880294418ca6261ac2e7 2009.0/x86_64/firefox-ext-mozvoikko-1.0-0.1mdv2009.0.x86_64.rpm e6b4bbf44220b013c55cda04d1032b23 2009.0/x86_64/firefox-ext-scribefire-3.5.1-0.1mdv2009.0.x86_64.rpm 38eff8b6559ebf17b31f4a55954efbf9 2009.0/x86_64/firefox-ext-xmarks-3.5.10-0.1mdv2009.0.x86_64.rpm b85b8ac568e02dec7e8b05b0de0ec9e9 2009.0/x86_64/firefox-fi-3.6.3-0.1mdv2009.0.x86_64.rpm 5198ebe263a2800e0855b5ab1b5daeb9 2009.0/x86_64/firefox-fr-3.6.3-0.1mdv2009.0.x86_64.rpm 05a37422c185c8b78a927b7046c2cad4 2009.0/x86_64/firefox-fy-3.6.3-0.1mdv2009.0.x86_64.rpm fb204ed00d4395e66642c2591e25d886 2009.0/x86_64/firefox-ga_IE-3.6.3-0.1mdv2009.0.x86_64.rpm 7cde20e5c00181fce1c7ed0804c943fc 2009.0/x86_64/firefox-gl-3.6.3-0.1mdv2009.0.x86_64.rpm 16d879121afa8fbb5e62fb79380a5c18 2009.0/x86_64/firefox-gu_IN-3.6.3-0.1mdv2009.0.x86_64.rpm 931dadf42aeeeab516958a1ed007c6ef 2009.0/x86_64/firefox-he-3.6.3-0.1mdv2009.0.x86_64.rpm e9b6aa923e51c47616a8017637d5de35 2009.0/x86_64/firefox-hi-3.6.3-0.1mdv2009.0.x86_64.rpm 6308d8595b6ecaeb1e21158ef6c68e88 2009.0/x86_64/firefox-hu-3.6.3-0.1mdv2009.0.x86_64.rpm 1f3c56761fc6d167118da0e418b1963c 2009.0/x86_64/firefox-id-3.6.3-0.1mdv2009.0.x86_64.rpm b3f7f06b2dc1edca418d0d261f8baf82 2009.0/x86_64/firefox-is-3.6.3-0.1mdv2009.0.x86_64.rpm 003945e3312360dc940af96f42d92fc7 2009.0/x86_64/firefox-it-3.6.3-0.1mdv2009.0.x86_64.rpm 92c7a0e85cd1b95dd1d7d5955feac97f 2009.0/x86_64/firefox-ja-3.6.3-0.1mdv2009.0.x86_64.rpm 197c6e8f4f1bdc3837695bdc041698be 2009.0/x86_64/firefox-kn-3.6.3-0.1mdv2009.0.x86_64.rpm 119ed791ce67b84b07748ca2f0732b9c 2009.0/x86_64/firefox-ko-3.6.3-0.1mdv2009.0.x86_64.rpm b3ff00bb4864619033660a743012c463 2009.0/x86_64/firefox-lt-3.6.3-0.1mdv2009.0.x86_64.rpm 29930fc9606f24675855adbc8b4b2b6a 2009.0/x86_64/firefox-lv-3.6.3-0.1mdv2009.0.x86_64.rpm 082522a456ea74880c61bef4c2dcc4db 2009.0/x86_64/firefox-mk-3.6.3-0.1mdv2009.0.x86_64.rpm 185f51ee26d47112b7d3a722623b1ad7 2009.0/x86_64/firefox-mr-3.6.3-0.1mdv2009.0.x86_64.rpm b9740341cfd4122dd60e6d5c9b127e61 2009.0/x86_64/firefox-nb_NO-3.6.3-0.1mdv2009.0.x86_64.rpm 9624abaf7c0b8c2725c88628cbcb1c96 2009.0/x86_64/firefox-nl-3.6.3-0.1mdv2009.0.x86_64.rpm f1439430df34b78d5a0acb9b27577dda 2009.0/x86_64/firefox-nn_NO-3.6.3-0.1mdv2009.0.x86_64.rpm 232d7f3748d59ff80a584096ec1f4187 2009.0/x86_64/firefox-pa_IN-3.6.3-0.1mdv2009.0.x86_64.rpm db9619c8da4b591aed632bbc253024a5 2009.0/x86_64/firefox-pl-3.6.3-0.1mdv2009.0.x86_64.rpm 7a49d10b6dffc66c0339a2b289bffcf1 2009.0/x86_64/firefox-pt_BR-3.6.3-0.1mdv2009.0.x86_64.rpm b3095daf59caab458dcb66d44cf2715d 2009.0/x86_64/firefox-pt_PT-3.6.3-0.1mdv2009.0.x86_64.rpm ec2eb386bba46dfc82afc3b9a23c59dc 2009.0/x86_64/firefox-ro-3.6.3-0.1mdv2009.0.x86_64.rpm 264e54e90afde4d91291f8e9513a35d0 2009.0/x86_64/firefox-ru-3.6.3-0.1mdv2009.0.x86_64.rpm d28cbbb51cd8af115d6aa19fdcbc667e 2009.0/x86_64/firefox-si-3.6.3-0.1mdv2009.0.x86_64.rpm e4a453357b85ffbc06a68272258d713b 2009.0/x86_64/firefox-sk-3.6.3-0.1mdv2009.0.x86_64.rpm 0a5ee1c5390c9ad8219264124c740932 2009.0/x86_64/firefox-sl-3.6.3-0.1mdv2009.0.x86_64.rpm 98dedcba8df7ba5fffe380fe9e42a91c 2009.0/x86_64/firefox-sq-3.6.3-0.1mdv2009.0.x86_64.rpm 77c4d8206b02b1e3c3a9105db657dba1 2009.0/x86_64/firefox-sv_SE-3.6.3-0.1mdv2009.0.x86_64.rpm 6d495b355a354f1cc41aa7c09853ff02 2009.0/x86_64/firefox-te-3.6.3-0.1mdv2009.0.x86_64.rpm 619b1af0add310a0bc8f26af85ac5e4f 2009.0/x86_64/firefox-th-3.6.3-0.1mdv2009.0.x86_64.rpm 641a6560edb4d3535bdcf5f2a3274ded 2009.0/x86_64/firefox-theme-kfirefox-0.16-0.1mdv2009.0.x86_64.rpm 93dd62dde6f7acf1d8a005b4f0a125d4 2009.0/x86_64/firefox-tr-3.6.3-0.1mdv2009.0.x86_64.rpm 063148775c8f70727edd8acc17ebba66 2009.0/x86_64/firefox-uk-3.6.3-0.1mdv2009.0.x86_64.rpm 53209116b8df0c78b102d33d2bfe2e53 2009.0/x86_64/firefox-zh_CN-3.6.3-0.1mdv2009.0.x86_64.rpm e84fc88f0ff0f41466714d2b190dbcd7 2009.0/x86_64/firefox-zh_TW-3.6.3-0.1mdv2009.0.x86_64.rpm e94543ceb17503f17b461a176103a7e2 2009.0/x86_64/gnome-python-extras-2.19.1-20.13mdv2009.0.x86_64.rpm b63735f07ddc070cf2de9292321cf09e 2009.0/x86_64/gnome-python-gda-2.19.1-20.13mdv2009.0.x86_64.rpm e71637f9f5d358d618c7332cf05255d6 2009.0/x86_64/gnome-python-gda-devel-2.19.1-20.13mdv2009.0.x86_64.rpm bfed42f6df08ef6ccdad497afecddf2d 2009.0/x86_64/gnome-python-gdl-2.19.1-20.13mdv2009.0.x86_64.rpm 9dc71957bcf1a93143eee7e3dc39e2d3 2009.0/x86_64/gnome-python-gtkhtml2-2.19.1-20.13mdv2009.0.x86_64.rpm fa197ed3a2e7f518d407dc766b792090 2009.0/x86_64/gnome-python-gtkmozembed-2.19.1-20.13mdv2009.0.x86_64.rpm 5a4ee3b2f453dff90584d13c9017ca19 2009.0/x86_64/gnome-python-gtkspell-2.19.1-20.13mdv2009.0.x86_64.rpm 8f36eb149978ab777d024e3957326c2e 2009.0/x86_64/lemon-3.6.23.1-0.1mdv2009.0.x86_64.rpm 73956a58b0e05d086d715d04763163cd 2009.0/x86_64/lib64devhelp-1_0-0.21-3.13mdv2009.0.x86_64.rpm 132e693099e379bd9640dd509a1a03a9 2009.0/x86_64/lib64devhelp-1-devel-0.21-3.13mdv2009.0.x86_64.rpm 4ae6a7a7cf956414b89b13c83281044e 2009.0/x86_64/lib64sqlite3_0-3.6.23.1-0.1mdv2009.0.x86_64.rpm ee27f0c9e50f1014863bb55d13de33f6 2009.0/x86_64/lib64sqlite3-devel-3.6.23.1-0.1mdv2009.0.x86_64.rpm 40de413fac8f9cc4852025ddd3c7c1d4 2009.0/x86_64/lib64sqlite3-static-devel-3.6.23.1-0.1mdv2009.0.x86_64.rpm b461aaa3bedd440fe64016cc7884c008 2009.0/x86_64/lib64xulrunner1.9.2.3-1.9.2.3-0.2mdv2009.0.x86_64.rpm d0a615dffd6f8994c65afb35e903b7cb 2009.0/x86_64/lib64xulrunner-devel-1.9.2.3-0.2mdv2009.0.x86_64.rpm 725550e9353b2363ac9c2762af7b312d 2009.0/x86_64/mozilla-thunderbird-beagle-0.3.8-13.19mdv2009.0.x86_64.rpm bd2b864a41009c5be5f2089b24a23ec2 2009.0/x86_64/sqlite3-tools-3.6.23.1-0.1mdv2009.0.x86_64.rpm fcbdb22765c0c97bbc2c564ee830136f 2009.0/x86_64/tcl-sqlite3-3.6.23.1-0.1mdv2009.0.x86_64.rpm 908aaacd5ab6f41316d7ddf994a8d816 2009.0/x86_64/xulrunner-1.9.2.3-0.2mdv2009.0.x86_64.rpm 80ca2d23beb4614c6bb2a93d3ce030f7 2009.0/x86_64/yelp-2.24.0-3.13mdv2009.0.x86_64.rpm be1deab60f8a725f6b8bfbdb8a238599 2009.0/SRPMS/beagle-0.3.8-13.19mdv2009.0.src.rpm 958d586e0f51b3eb27c2f8f52e7829db 2009.0/SRPMS/devhelp-0.21-3.13mdv2009.0.src.rpm 4792b42cbf525647004d34d274d6682d 2009.0/SRPMS/epiphany-2.24.3-0.1mdv2009.0.src.rpm 7e6b40730ae28d3084d6177fb3403037 2009.0/SRPMS/firefox-3.6.3-0.2mdv2009.0.src.rpm 4c7598ff3fa6a31f94e709d181ca2f09 2009.0/SRPMS/firefox-ext-blogrovr-1.1.804-0.1mdv2009.0.src.rpm 025b7f312ccccfd2067f120a810a919a 2009.0/SRPMS/firefox-ext-mozvoikko-1.0-0.1mdv2009.0.src.rpm 8918fef155fcc90af164c9150baeaaa5 2009.0/SRPMS/firefox-ext-scribefire-3.5.1-0.1mdv2009.0.src.rpm 227410c21b1116934dd9ea09294625ca 2009.0/SRPMS/firefox-ext-xmarks-3.5.10-0.1mdv2009.0.src.rpm 07425c1f47917b38e1d0234885e1965f 2009.0/SRPMS/firefox-l10n-3.6.3-0.1mdv2009.0.src.rpm 3d37604eec701b6cf4af3d1838e909f3 2009.0/SRPMS/firefox-theme-kfirefox-0.16-0.1mdv2009.0.src.rpm c7182e1d6cf288efab29adfda90e96f3 2009.0/SRPMS/gnome-python-extras-2.19.1-20.13mdv2009.0.src.rpm e6ea77abf2cedcbbfeb7800a35c2caf3 2009.0/SRPMS/sqlite3-3.6.23.1-0.1mdv2009.0.src.rpm 86f62d2fb87e6ac0839ad62d76528e66 2009.0/SRPMS/xulrunner-1.9.2.3-0.2mdv2009.0.src.rpm 1b06f8c1ef094dc481bad8e0f43223e6 2009.0/SRPMS/yelp-2.24.0-3.13mdv2009.0.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFLzcvxmqjQ0CJFipgRAtNGAKDEqh4LRf1/oRYyO5JD1KnyY8XLIgCeMdT4 Jz48CUUPft0pgWj9ornc5zI= =8WEi -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists