[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20051011060028.GA8824@piware.de>
Date: Tue, 11 Oct 2005 08:00:28 +0200
From: Martin Pitt <martin.pitt@...onical.com>
To: ubuntu-security-announce@...ts.ubuntu.com
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: [USN-200-1] Thunderbird vulnerabilities
===========================================================
Ubuntu Security Notice USN-200-1 October 11, 2005
mozilla-thunderbird vulnerabilities
CAN-2005-2701, CAN-2005-2702, CAN-2005-2703, CAN-2005-2704,
CAN-2005-2705, CAN-2005-2706, CAN-2005-2707, CAN-2005-2968
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)
The following packages are affected:
mozilla-thunderbird
The problem can be corrected by upgrading the affected package to
version 1.0.7-0ubuntu04.10 (for Ubuntu 4.10), or 1.0.7-0ubuntu05.04
(for Ubuntu 5.04). After a standard system upgrade you need to
restart Thunderbird to effect the necessary changes.
Details follow:
A buffer overflow was discovered in the XBM image handler. By tricking
an user into opening a specially crafted XBM image, an attacker could
exploit this to execute arbitrary code with the user's privileges.
(CAN-2005-2701)
Mats Palmgren discovered a buffer overflow in the Unicode string
parser. Unicode strings that contained "zero-width non-joiner"
characters caused a browser crash, which could possibly even exploited
to execute arbitrary code with the user's privileges.
(CAN-2005-2702)
Georgi Guninski reported an integer overflow in the JavaScript engine.
This could be exploited to run arbitrary code under some conditions.
(CAN-2005-2705)
Peter Zelezny discovered that URLs which are passed to Thunderbird on the
command line are not correctly protected against interpretation by the shell.
If Thunderbird is configured as the default handler for "mailto:" URLs, this
could be exploited to execute arbitrary code with user privileges by tricking
the user into clicking on a specially crafted URL (for example, in an email or
chat client). (CAN-2005-2968)
This update also fixes some less critical issues which are described
at http://www.mozilla.org/security/announce/mfsa2005-58.html.
(CAN-2005-2703, CAN-2005-2704, CAN-2005-2706, CAN-2005-2707)
The "enigmail" plugin has been updated to work with the new
Thunderbird and Mozilla versions.
Updated packages for Ubuntu 4.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.7-0ubuntu04.10.diff.gz
Size/MD5: 79613 f9bde38c0670fa1425a90cb8ce4b0185
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.7-0ubuntu04.10.dsc
Size/MD5: 942 707e6e98a71dee959646fc729323fcf8
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.7.orig.tar.gz
Size/MD5: 32910701 6db01051ce21d9faadd119a1b88383b7
http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/enigmail_0.92-1ubuntu04.10.2.diff.gz
Size/MD5: 17273 13d3e8b980bacb933f76c5705f507af2
http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/enigmail_0.92-1ubuntu04.10.2.dsc
Size/MD5: 892 5072d001bb1b206877d11508a069f13f
http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/enigmail_0.92.orig.tar.gz
Size/MD5: 2038607 c79925633b9e01fa6737d75c2e7acb89
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.7-0ubuntu04.10_amd64.deb
Size/MD5: 3345028 b04933e0f9cad6333998a0dfae666173
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.7-0ubuntu04.10_amd64.deb
Size/MD5: 144016 156792439201556a8fd6bf9c1a6d985f
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.7-0ubuntu04.10_amd64.deb
Size/MD5: 26556 015d82c959ee206ceb2c09220a0fd6f4
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.7-0ubuntu04.10_amd64.deb
Size/MD5: 81636 f9331c7d54dc993721c18934398732e4
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.7-0ubuntu04.10_amd64.deb
Size/MD5: 12260290 5c5df9f4ca8502a0d6d084145989649f
http://security.ubuntu.com/ubuntu/pool/universe/e/enigmail/mozilla-enigmail_0.92-1ubuntu04.10.2_amd64.deb
Size/MD5: 326932 eaad6317faffbfe400f49969137b718e
http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/mozilla-thunderbird-enigmail_0.92-1ubuntu04.10.2_amd64.deb
Size/MD5: 332914 a523cf68e0f4a123919f160efc27146b
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.7-0ubuntu04.10_i386.deb
Size/MD5: 3338654 c0abd1899e6a8359a4f6793ccd8ea4af
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.7-0ubuntu04.10_i386.deb
Size/MD5: 139126 190afe37f6e2da0fa3dc2d8104be281c
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.7-0ubuntu04.10_i386.deb
Size/MD5: 26552 ab522a27164827f14ef71cb132e290ef
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.7-0ubuntu04.10_i386.deb
Size/MD5: 79288 0613543b80f24e73e91e5b2e271b62dc
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.7-0ubuntu04.10_i386.deb
Size/MD5: 11342604 a55bf50bc133c38da9fb2fd29fcf783d
http://security.ubuntu.com/ubuntu/pool/universe/e/enigmail/mozilla-enigmail_0.92-1ubuntu04.10.2_i386.deb
Size/MD5: 310660 3234927815cbf29ba5e185c9b9b95b11
http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/mozilla-thunderbird-enigmail_0.92-1ubuntu04.10.2_i386.deb
Size/MD5: 318280 4fd58af2f3741c214b423a5c56574a80
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.7-0ubuntu04.10_powerpc.deb
Size/MD5: 3333802 030aced3c33f475e172db83e791df525
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.7-0ubuntu04.10_powerpc.deb
Size/MD5: 137894 2716caa9d79e6eedaaaa2d56a53ddc9a
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.7-0ubuntu04.10_powerpc.deb
Size/MD5: 26552 d7a3b05a93f84b2a1fc3dbcf088a2639
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.7-0ubuntu04.10_powerpc.deb
Size/MD5: 73418 03b28536712653dc9394972399121cae
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.7-0ubuntu04.10_powerpc.deb
Size/MD5: 10896852 2e40122393db4aec2ecb17758464bd48
http://security.ubuntu.com/ubuntu/pool/universe/e/enigmail/mozilla-enigmail_0.92-1ubuntu04.10.2_powerpc.deb
Size/MD5: 312894 b76c35805b1a190d35a82ae36e79faf4
http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/mozilla-thunderbird-enigmail_0.92-1ubuntu04.10.2_powerpc.deb
Size/MD5: 320138 603c5ef819898111cc7534c8a2ade052
Updated packages for Ubuntu 5.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.7-0ubuntu05.04.diff.gz
Size/MD5: 79568 927f7fb3e2fa0d91e3e2929a3fbb022f
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.7-0ubuntu05.04.dsc
Size/MD5: 942 e644b0e7b01047b3014b63fc9a334a45
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.7.orig.tar.gz
Size/MD5: 32910701 6db01051ce21d9faadd119a1b88383b7
http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/enigmail_0.92-1ubuntu05.04.2.diff.gz
Size/MD5: 17263 bc977ffccd94a895507a89fab00c0740
http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/enigmail_0.92-1ubuntu05.04.2.dsc
Size/MD5: 892 8c5e2196917a692743a46aeee4c1742a
http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/enigmail_0.92.orig.tar.gz
Size/MD5: 2038607 c79925633b9e01fa6737d75c2e7acb89
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.7-0ubuntu05.04_amd64.deb
Size/MD5: 3344886 15f56aecc9a8c76a69479f75f0559ee4
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.7-0ubuntu05.04_amd64.deb
Size/MD5: 144006 4e60bcf3fb0c32d57a0b24d162feb23a
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.7-0ubuntu05.04_amd64.deb
Size/MD5: 26524 b2b1b1e7f6b7432c44b9e46f13528d1f
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.7-0ubuntu05.04_amd64.deb
Size/MD5: 81504 89cfb1ce5708c1c3cf41082bc486c403
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.7-0ubuntu05.04_amd64.deb
Size/MD5: 11953616 80eaa1ccacbd8bbc343ed05603431c7b
http://security.ubuntu.com/ubuntu/pool/universe/e/enigmail/mozilla-enigmail_0.92-1ubuntu05.04.2_amd64.deb
Size/MD5: 326942 358d55b0964721b909d0a5d1c7f99d41
http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/mozilla-thunderbird-enigmail_0.92-1ubuntu05.04.2_amd64.deb
Size/MD5: 332960 91f90a97e9ad7dd36e91daf95d48068a
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.7-0ubuntu05.04_i386.deb
Size/MD5: 3338534 c23ffedc8034495f9c4b672597b3301c
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.7-0ubuntu05.04_i386.deb
Size/MD5: 139102 8dfdcc3cecd98f6553c2f6e1294f3131
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.7-0ubuntu05.04_i386.deb
Size/MD5: 26520 7ddb9e9fa4bd2a4a4b25a74c49fbffea
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.7-0ubuntu05.04_i386.deb
Size/MD5: 79248 13adc727d9bf951eff938d3c352f7fc9
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.7-0ubuntu05.04_i386.deb
Size/MD5: 10901960 96bdb11e0ac8fe09cf83ccc49ae19351
http://security.ubuntu.com/ubuntu/pool/universe/e/enigmail/mozilla-enigmail_0.92-1ubuntu05.04.2_i386.deb
Size/MD5: 310688 8513c0c249978caa18d56b2e8a8141be
http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/mozilla-thunderbird-enigmail_0.92-1ubuntu05.04.2_i386.deb
Size/MD5: 318308 61e86fa897f1b3a9609769633c63485a
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-dev_1.0.7-0ubuntu05.04_powerpc.deb
Size/MD5: 3333732 d0914dd3b69c3d16e3e5404d8eb69e7b
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-inspector_1.0.7-0ubuntu05.04_powerpc.deb
Size/MD5: 137880 9656e69890c3d1abe624e530b1480c25
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-offline_1.0.7-0ubuntu05.04_powerpc.deb
Size/MD5: 26530 d58893a55c9d6da837223e868d2ef523
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird-typeaheadfind_1.0.7-0ubuntu05.04_powerpc.deb
Size/MD5: 73480 52011db0bc524f75ec78f69d1dc2736e
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozilla-thunderbird_1.0.7-0ubuntu05.04_powerpc.deb
Size/MD5: 10447288 6289932038b021a33926ff180990c755
http://security.ubuntu.com/ubuntu/pool/universe/e/enigmail/mozilla-enigmail_0.92-1ubuntu05.04.2_powerpc.deb
Size/MD5: 313004 5174b8c1afd1063b80d638f14d0dfe9c
http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/mozilla-thunderbird-enigmail_0.92-1ubuntu05.04.2_powerpc.deb
Size/MD5: 320088 90895e1af1e604ded4ff5e9eb9eec95a
Download attachment "signature.asc" of type "application/pgp-signature" (190 bytes)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists