lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1NGJ8f-00021M-9u@titan.mandriva.com>
Date: Thu, 03 Dec 2009 22:23:01 +0100
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDVSA-2009:290-1 ] firefox


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                       MDVSA-2009:290-1
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : firefox
 Date    : December 2, 2009
 Affected: 2008.0
 _______________________________________________________________________

 Problem Description:

 Security issues were identified and fixed in firefox 3.0.x:
 
 Security researcher Alin Rad Pop of Secunia Research reported a
 heap-based buffer overflow in Mozilla's string to floating point
 number conversion routines. Using this vulnerability an attacker
 could craft some malicious JavaScript code containing a very long
 string to be converted to a floating point number which would result
 in improper memory allocation and the execution of an arbitrary memory
 location. This vulnerability could thus be leveraged by the attacker
 to run arbitrary code on a victim's computer (CVE-2009-1563).
 
 Security researcher Jeremy Brown reported that the file naming scheme
 used for downloading a file which already exists in the downloads
 folder is predictable. If an attacker had local access to a victim's
 computer and knew the name of a file the victim intended to open
 through the Download Manager, he could use this vulnerability to
 place a malicious file in the world-writable directory used to save
 temporary downloaded files and cause the browser to choose the
 incorrect file when opening it. Since this attack requires local
 access to the victim's machine, the severity of this vulnerability
 was determined to be low (CVE-2009-3274).
 
 Security researcher Paul Stone reported that a user's form history,
 both from web content as well as the smart location bar, was vulnerable
 to theft. A malicious web page could synthesize events such as mouse
 focus and key presses on behalf of the victim and trick the browser
 into auto-filling the form fields with history entries and then
 reading the entries (CVE-2009-3370).
 
 Security researcher Marco C. reported a flaw in the parsing of regular
 expressions used in Proxy Auto-configuration (PAC) files. In certain
 cases this flaw could be used by an attacker to crash a victim's
 browser and run arbitrary code on their computer. Since this
 vulnerability requires the victim to have PAC configured in their
 environment with specific regular expresssions which can trigger
 the crash, the severity of the issue was determined to be moderate
 (CVE-2009-3372).
 
 Security research firm iDefense reported that researcher regenrecht
 discovered a heap-based buffer overflow in Mozilla's GIF image
 parser. This vulnerability could potentially be used by an attacker
 to crash a victim's browser and run arbitrary code on their computer
 (CVE-2009-3373).
 
 Mozilla security researcher moz_bug_r_a4 reported that the XPCOM
 utility XPCVariant::VariantDataToJS unwrapped doubly-wrapped objects
 before returning them to chrome callers. This could result in chrome
 privileged code calling methods on an object which had previously been
 created or modified by web content, potentially executing malicious
 JavaScript code with chrome privileges (CVE-2009-3374).
 
 Security researcher Gregory Fleischer reported that text within a
 selection on a web page can be read by JavaScript in a different domain
 using the document.getSelection function, violating the same-origin
 policy. Since this vulnerability requires user interaction to exploit,
 its severity was determined to be moderate (CVE-2009-3375).
 
 Mozilla security researchers Jesse Ruderman and Sid Stamm reported
 that when downloading a file containing a right-to-left override
 character (RTL) in the filename, the name displayed in the dialog
 title bar conflicts with the name of the file shown in the dialog
 body. An attacker could use this vulnerability to obfuscate the name
 and file extension of a file to be downloaded and opened, potentially
 causing a user to run an executable file when they expected to open
 a non-executable file (CVE-2009-3376).
 
 Mozilla developers and community members identified and fixed
 several stability bugs in the browser engine used in Firefox and
 other Mozilla-based products. Some of these crashes showed evidence
 of memory corruption under certain circumstances and we presume that
 with enough effort at least some of these could be exploited to run
 arbitrary code. Vladimir Vukicevic, Jesse Ruderman, Martijn Wargers,
 Daniel Banchero, David Keeler, and Boris Zbarsky reported crashes
 in the browser engine which affected both Firefox 3 and Firefox 3.5
 (CVE-2009-3380). Carsten Book reported a crash in the browser engine
 which affected only Firefox 3 (CVE-2009-3382).
 
 This update provides the latest Mozilla Firefox 3.0.x to correct
 these issues.
 
 Additionally, some packages which require so, have been rebuilt and
 are being provided as updates.

 Update:

 Packages for 2008.0 are being provided due to extended support for
 Corporate products.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1563
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3274
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3370
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3372
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3373
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3374
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3375
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3376
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3380
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3382
 http://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.15
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2008.0:
 12373cd058ce529a7c9c196eccdf1cfe  2008.0/i586/firefox-3.0.15-0.1mdv2008.0.i586.rpm
 6a164ea511053b6acf425aaf95994c5d  2008.0/i586/firefox-af-3.0.15-0.1mdv2008.0.i586.rpm
 e05c67424d3a3c789f3a5c0d9a22c458  2008.0/i586/firefox-ar-3.0.15-0.1mdv2008.0.i586.rpm
 ccc54fc54d92a094c058025ed9b52148  2008.0/i586/firefox-be-3.0.15-0.1mdv2008.0.i586.rpm
 8bc4de7c8b9e4fbcdf33aa41780a94f4  2008.0/i586/firefox-bg-3.0.15-0.1mdv2008.0.i586.rpm
 cdc167d6b6e4f69e71a6aeff1f60e0b0  2008.0/i586/firefox-bn-3.0.15-0.1mdv2008.0.i586.rpm
 86ad88b3edb3336dc6ea501e82d19137  2008.0/i586/firefox-ca-3.0.15-0.1mdv2008.0.i586.rpm
 dcb1cdf0167e1de986956843a3b893c2  2008.0/i586/firefox-cs-3.0.15-0.1mdv2008.0.i586.rpm
 8c3dac5a041584513f8b7437c67331c1  2008.0/i586/firefox-cy-3.0.15-0.1mdv2008.0.i586.rpm
 b96341b21877652410c92399d041ca09  2008.0/i586/firefox-da-3.0.15-0.1mdv2008.0.i586.rpm
 8b3072fbc2b14f302e033d7ffae9d65b  2008.0/i586/firefox-de-3.0.15-0.1mdv2008.0.i586.rpm
 3e6da893be209cbf4769aa6ab6c7f3f0  2008.0/i586/firefox-el-3.0.15-0.1mdv2008.0.i586.rpm
 d1a45a2a1ff45724c0bac1f607815623  2008.0/i586/firefox-en_GB-3.0.15-0.1mdv2008.0.i586.rpm
 c17da9640a2007fb9394621fe4da78a9  2008.0/i586/firefox-eo-3.0.15-0.1mdv2008.0.i586.rpm
 51c9480aa70a8801244a418f76f086b3  2008.0/i586/firefox-es_AR-3.0.15-0.1mdv2008.0.i586.rpm
 b5b36cb4e1052fdcd4287a1a54cb23aa  2008.0/i586/firefox-es_ES-3.0.15-0.1mdv2008.0.i586.rpm
 cca12f10e0d64087f0bd6fc547854e76  2008.0/i586/firefox-et-3.0.15-0.1mdv2008.0.i586.rpm
 661620c045f2fb463be665cf80e0bd90  2008.0/i586/firefox-eu-3.0.15-0.1mdv2008.0.i586.rpm
 64b6c6262792f6f192278cb93d0b879d  2008.0/i586/firefox-fi-3.0.15-0.1mdv2008.0.i586.rpm
 669794223def8db189a716a9791b703b  2008.0/i586/firefox-fr-3.0.15-0.1mdv2008.0.i586.rpm
 aa5e4bd61658576530996b6c225a1e73  2008.0/i586/firefox-fy-3.0.15-0.1mdv2008.0.i586.rpm
 eb7a96e511de721728d1824d3936059e  2008.0/i586/firefox-ga_IE-3.0.15-0.1mdv2008.0.i586.rpm
 fc2920befc11e1839546e7f79f3193c6  2008.0/i586/firefox-gl-3.0.15-0.1mdv2008.0.i586.rpm
 74a5fe7427a0906441c5c46d5a308291  2008.0/i586/firefox-gu_IN-3.0.15-0.1mdv2008.0.i586.rpm
 9e5a743f3ec1a9d9251643bdf91c5811  2008.0/i586/firefox-he-3.0.15-0.1mdv2008.0.i586.rpm
 9aa5637651f8a841ad40a816f24b22f6  2008.0/i586/firefox-hi-3.0.15-0.1mdv2008.0.i586.rpm
 07604280c814bae760b67a13df870342  2008.0/i586/firefox-hu-3.0.15-0.1mdv2008.0.i586.rpm
 35baa370e5f6948058b2f39fe6b90f5f  2008.0/i586/firefox-id-3.0.15-0.1mdv2008.0.i586.rpm
 b55b606375fb66d82a05d796cd4a3757  2008.0/i586/firefox-is-3.0.15-0.1mdv2008.0.i586.rpm
 815e14f6edb1b526fbb149256625d16b  2008.0/i586/firefox-it-3.0.15-0.1mdv2008.0.i586.rpm
 e1aba26dd9f6f081f7ac02d7d05baffb  2008.0/i586/firefox-ja-3.0.15-0.1mdv2008.0.i586.rpm
 ffbfe62f6ae84e75631e6b0518c25021  2008.0/i586/firefox-ka-3.0.15-0.1mdv2008.0.i586.rpm
 75e33c252b9f80afb35cdd5387c5d734  2008.0/i586/firefox-kn-3.0.15-0.1mdv2008.0.i586.rpm
 46e747a886a35c3f7630e24d868c98d8  2008.0/i586/firefox-ko-3.0.15-0.1mdv2008.0.i586.rpm
 3f62f86595774fdba45fdd7d7b325c52  2008.0/i586/firefox-ku-3.0.15-0.1mdv2008.0.i586.rpm
 78b768a8f407689f4971bc651d1d52db  2008.0/i586/firefox-lt-3.0.15-0.1mdv2008.0.i586.rpm
 9fed2d1e0daf10ac8f737c91301554ce  2008.0/i586/firefox-lv-3.0.15-0.1mdv2008.0.i586.rpm
 ba96c671527e07cd083194d8f6ae9dc7  2008.0/i586/firefox-mk-3.0.15-0.1mdv2008.0.i586.rpm
 872974c1d04df5f03df1cf4e191ad282  2008.0/i586/firefox-mn-3.0.15-0.1mdv2008.0.i586.rpm
 089286a24b365b6068917ba88a59b07c  2008.0/i586/firefox-mr-3.0.15-0.1mdv2008.0.i586.rpm
 11fb3a65834c081d1d806d46c0b76f9b  2008.0/i586/firefox-nb_NO-3.0.15-0.1mdv2008.0.i586.rpm
 c39785e5d4652793a48ff3a9fb31a577  2008.0/i586/firefox-nl-3.0.15-0.1mdv2008.0.i586.rpm
 ff43bf0f9fe09d37897f1bd066fcb14e  2008.0/i586/firefox-nn_NO-3.0.15-0.1mdv2008.0.i586.rpm
 570554e3e763d4b4fe6f83ad995e96c2  2008.0/i586/firefox-oc-3.0.15-0.1mdv2008.0.i586.rpm
 384e14e90b68d0f60df5485e7a6d3b14  2008.0/i586/firefox-pa_IN-3.0.15-0.1mdv2008.0.i586.rpm
 eb9de20b54401f4d8d080b1e740f3e62  2008.0/i586/firefox-pl-3.0.15-0.1mdv2008.0.i586.rpm
 8299f2a8cd8470cf517e208654fc47be  2008.0/i586/firefox-pt_BR-3.0.15-0.1mdv2008.0.i586.rpm
 f132072df971b40352311db4de3a04b5  2008.0/i586/firefox-pt_PT-3.0.15-0.1mdv2008.0.i586.rpm
 b5826e9969484186b9383e51a23062ee  2008.0/i586/firefox-ro-3.0.15-0.1mdv2008.0.i586.rpm
 b4b1db2ba5f2a5363f990e3f839a6b1b  2008.0/i586/firefox-ru-3.0.15-0.1mdv2008.0.i586.rpm
 1578873755476c782f0393cae52d930f  2008.0/i586/firefox-si-3.0.15-0.1mdv2008.0.i586.rpm
 8416d97ab349f605105a3a0488cf50af  2008.0/i586/firefox-sk-3.0.15-0.1mdv2008.0.i586.rpm
 452066cbd6ecc439a126a69de6126ab1  2008.0/i586/firefox-sl-3.0.15-0.1mdv2008.0.i586.rpm
 8d6dcc54c823a1b0d15c9327471421f8  2008.0/i586/firefox-sq-3.0.15-0.1mdv2008.0.i586.rpm
 a36479587244475ebfe78905f229d6d5  2008.0/i586/firefox-sr-3.0.15-0.1mdv2008.0.i586.rpm
 cad5437cdde77aa575ce9f30d7627436  2008.0/i586/firefox-sv_SE-3.0.15-0.1mdv2008.0.i586.rpm
 df470c3cc420f9baa09b92a3fda3f5b8  2008.0/i586/firefox-te-3.0.15-0.1mdv2008.0.i586.rpm
 93e159f834bf3bb24b2235cd62037308  2008.0/i586/firefox-th-3.0.15-0.1mdv2008.0.i586.rpm
 6955c3b49e9eb861b1547f48818dc063  2008.0/i586/firefox-tr-3.0.15-0.1mdv2008.0.i586.rpm
 7fd0b0839c5041831b7ee923ad6cebbf  2008.0/i586/firefox-uk-3.0.15-0.1mdv2008.0.i586.rpm
 e5244bb6d3959487cdce1173567869ff  2008.0/i586/firefox-zh_CN-3.0.15-0.1mdv2008.0.i586.rpm
 a726035db84c597ccf8aff9f5f62c5f6  2008.0/i586/firefox-zh_TW-3.0.15-0.1mdv2008.0.i586.rpm
 ae7ae10d008d97d749c65304a336069d  2008.0/i586/librarian0-0.8.0-0.1mdv2008.0.i586.rpm
 73f76546da72860a65abe38c2799b7e1  2008.0/i586/librarian-devel-0.8.0-0.1mdv2008.0.i586.rpm
 11274dc82ea59d1756cd69ace5e49f92  2008.0/i586/libtotem-plparser7-2.20.1-1.9mdv2008.0.i586.rpm
 bab6e437dc6afea6a3b4dfdf37a7aa6b  2008.0/i586/libtotem-plparser-devel-2.20.1-1.9mdv2008.0.i586.rpm
 d8118e94809cd1c1b7ccfa1475c0632b  2008.0/i586/libxulrunner1.9-1.9.0.15-0.1mdv2008.0.i586.rpm
 34792ea8022691987581fc213d6c0105  2008.0/i586/libxulrunner-devel-1.9.0.15-0.1mdv2008.0.i586.rpm
 57013e308fd8bdefc83b6ba2f506e184  2008.0/i586/libxulrunner-unstable-devel-1.9.0.15-0.1mdv2008.0.i586.rpm
 c2c818aabd86eb82f07ab6f8301abadb  2008.0/i586/mozilla-firefox-ext-blogrovr-1.1.798-0.1mdv2008.0.i586.rpm
 95fa8a898d2ea637e1de0b834d9652ce  2008.0/i586/mozilla-firefox-ext-foxmarks-2.7.2-0.1mdv2008.0.i586.rpm
 6916055a5de229dd9eade32fa95c2f8e  2008.0/i586/mozilla-firefox-ext-scribefire-3.2.3-0.1mdv2008.0.i586.rpm
 711d85e93f14e8fff50d46d14f01c7ad  2008.0/i586/rarian-0.8.0-0.1mdv2008.0.i586.rpm
 ad03e43345dc80f155f4f32023f18059  2008.0/i586/totem-2.20.1-1.9mdv2008.0.i586.rpm
 5327b31f7b433742af9c1c58d729001d  2008.0/i586/totem-common-2.20.1-1.9mdv2008.0.i586.rpm
 8c38cf847129ee96812425f67a59a806  2008.0/i586/totem-gstreamer-2.20.1-1.9mdv2008.0.i586.rpm
 93dc78c0c032aaadda66c3e50f300cae  2008.0/i586/totem-mozilla-2.20.1-1.9mdv2008.0.i586.rpm
 9d1d1929166a589a7728fb4d6f390c42  2008.0/i586/totem-mozilla-gstreamer-2.20.1-1.9mdv2008.0.i586.rpm
 65ead511b3f3821e14296d7765f635a0  2008.0/i586/xulrunner-1.9.0.15-0.1mdv2008.0.i586.rpm
 f5ac07e5e16fa4ae664c26daa737c982  2008.0/i586/yelp-2.22.1-0.1mdv2008.0.i586.rpm 
 d179874cb1679378705722a046b2e79f  2008.0/SRPMS/firefox-3.0.15-0.1mdv2008.0.src.rpm
 5d93c52d92e9d91e9f09789499776cbb  2008.0/SRPMS/firefox-l10n-3.0.15-0.1mdv2008.0.src.rpm
 eb9675d488261eb7c7b48bf517698b08  2008.0/SRPMS/mozilla-firefox-ext-blogrovr-1.1.798-0.1mdv2008.0.src.rpm
 86df6dc3efa632aa71d6600e6ac5c1de  2008.0/SRPMS/mozilla-firefox-ext-foxmarks-2.7.2-0.1mdv2008.0.src.rpm
 c5690af5e35d01db5a626e206e83f6e0  2008.0/SRPMS/mozilla-firefox-ext-scribefire-3.2.3-0.1mdv2008.0.src.rpm
 d6e2ab7654052e0795b97fa09b28f49c  2008.0/SRPMS/rarian-0.8.0-0.1mdv2008.0.src.rpm
 b9d7680838c669ec341b689b83979d01  2008.0/SRPMS/totem-2.20.1-1.9mdv2008.0.src.rpm
 3a59f30ec62603a99ad52421133d081b  2008.0/SRPMS/xulrunner-1.9.0.15-0.1mdv2008.0.src.rpm
 9a2e88de84689ebf04c21e677bea5bb8  2008.0/SRPMS/yelp-2.22.1-0.1mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 3c230c33386ba3cfabb8869715bd36be  2008.0/x86_64/firefox-3.0.15-0.1mdv2008.0.x86_64.rpm
 a3d5c1b0434526f960aaa622bc635c5a  2008.0/x86_64/firefox-af-3.0.15-0.1mdv2008.0.x86_64.rpm
 7d89d6cf062a511b1c98167c06ecc62d  2008.0/x86_64/firefox-ar-3.0.15-0.1mdv2008.0.x86_64.rpm
 1b1c232a3c9cf9044a60ff146f1d3503  2008.0/x86_64/firefox-be-3.0.15-0.1mdv2008.0.x86_64.rpm
 b1d5d714711c3294fb19c2ccba5d68b0  2008.0/x86_64/firefox-bg-3.0.15-0.1mdv2008.0.x86_64.rpm
 8150de0f197fab5384f5b3c208594981  2008.0/x86_64/firefox-bn-3.0.15-0.1mdv2008.0.x86_64.rpm
 d638801431490a245280423af1baab4e  2008.0/x86_64/firefox-ca-3.0.15-0.1mdv2008.0.x86_64.rpm
 d0d3aef5c13a786f7b60dd4a48d8ca6c  2008.0/x86_64/firefox-cs-3.0.15-0.1mdv2008.0.x86_64.rpm
 5369517bc501038283c1b44a82821b58  2008.0/x86_64/firefox-cy-3.0.15-0.1mdv2008.0.x86_64.rpm
 56e6c89cbeb52ff129eec5c7fbde8974  2008.0/x86_64/firefox-da-3.0.15-0.1mdv2008.0.x86_64.rpm
 152ce37cb51a4e65ac8b8753db361516  2008.0/x86_64/firefox-de-3.0.15-0.1mdv2008.0.x86_64.rpm
 acbbabc8d1bb05288c5d55ffade711ad  2008.0/x86_64/firefox-el-3.0.15-0.1mdv2008.0.x86_64.rpm
 95d60fb96e4302f2fb4fbfda6523e59d  2008.0/x86_64/firefox-en_GB-3.0.15-0.1mdv2008.0.x86_64.rpm
 26d0b6ac1e266bac32ffc0ddc631c725  2008.0/x86_64/firefox-eo-3.0.15-0.1mdv2008.0.x86_64.rpm
 5dc63055cdce1c2c6d302bd4b6a4f981  2008.0/x86_64/firefox-es_AR-3.0.15-0.1mdv2008.0.x86_64.rpm
 473c662a84ef189ad264f0cdde1b9c9d  2008.0/x86_64/firefox-es_ES-3.0.15-0.1mdv2008.0.x86_64.rpm
 fb50f2d6548bc2328b8a5974a5d827e7  2008.0/x86_64/firefox-et-3.0.15-0.1mdv2008.0.x86_64.rpm
 5900c2879a24f47656643a948e37819a  2008.0/x86_64/firefox-eu-3.0.15-0.1mdv2008.0.x86_64.rpm
 3393470f7c1ce272e3a3ff62e5a11de4  2008.0/x86_64/firefox-fi-3.0.15-0.1mdv2008.0.x86_64.rpm
 7dd11d4aa9d8b5fb6dc5a115dcae3623  2008.0/x86_64/firefox-fr-3.0.15-0.1mdv2008.0.x86_64.rpm
 91ead9a397668ab5daa1c1388ac373de  2008.0/x86_64/firefox-fy-3.0.15-0.1mdv2008.0.x86_64.rpm
 821f5064a655275ba44d41b0339a79b4  2008.0/x86_64/firefox-ga_IE-3.0.15-0.1mdv2008.0.x86_64.rpm
 d5c0581c078bf7539bb7996b05be43e9  2008.0/x86_64/firefox-gl-3.0.15-0.1mdv2008.0.x86_64.rpm
 ac590e4f59fbdc7b01d505da987e0c78  2008.0/x86_64/firefox-gu_IN-3.0.15-0.1mdv2008.0.x86_64.rpm
 56db6b3d57ce43ea9f58d83069ff96e2  2008.0/x86_64/firefox-he-3.0.15-0.1mdv2008.0.x86_64.rpm
 47a5e03dd45c9aa4bf0d9d9786ccfadf  2008.0/x86_64/firefox-hi-3.0.15-0.1mdv2008.0.x86_64.rpm
 8a320e187bc815ae2a32f5b3733a0547  2008.0/x86_64/firefox-hu-3.0.15-0.1mdv2008.0.x86_64.rpm
 2b0010d9f964a4be72645e382979f155  2008.0/x86_64/firefox-id-3.0.15-0.1mdv2008.0.x86_64.rpm
 52ab19597915e18f333becde60125b3a  2008.0/x86_64/firefox-is-3.0.15-0.1mdv2008.0.x86_64.rpm
 ac290289eabbefd33b0fc02608ecf60e  2008.0/x86_64/firefox-it-3.0.15-0.1mdv2008.0.x86_64.rpm
 fb1fb664b1741b799e96fd7c5d83d70b  2008.0/x86_64/firefox-ja-3.0.15-0.1mdv2008.0.x86_64.rpm
 98f1277a545a1842d52962e2c853c7a4  2008.0/x86_64/firefox-ka-3.0.15-0.1mdv2008.0.x86_64.rpm
 ffde944180d2862d36b0f7cf697887d3  2008.0/x86_64/firefox-kn-3.0.15-0.1mdv2008.0.x86_64.rpm
 7171b91477d7da795aba85395c189eeb  2008.0/x86_64/firefox-ko-3.0.15-0.1mdv2008.0.x86_64.rpm
 bacb6d1ecc13e3395ee1d41a94cc1945  2008.0/x86_64/firefox-ku-3.0.15-0.1mdv2008.0.x86_64.rpm
 ff22e0c6e1cb984a237c683292da8df6  2008.0/x86_64/firefox-lt-3.0.15-0.1mdv2008.0.x86_64.rpm
 d4f7fd19782cb6355f25eca9f387371b  2008.0/x86_64/firefox-lv-3.0.15-0.1mdv2008.0.x86_64.rpm
 bc9c8140d1b5a1db4928100c7ec6576c  2008.0/x86_64/firefox-mk-3.0.15-0.1mdv2008.0.x86_64.rpm
 dd3f05cb445010912f18281d4bbf25dd  2008.0/x86_64/firefox-mn-3.0.15-0.1mdv2008.0.x86_64.rpm
 e41b1c954066437ecb29e0bc8eafcc5a  2008.0/x86_64/firefox-mr-3.0.15-0.1mdv2008.0.x86_64.rpm
 96007b6e31bceed34aa850fa7eca4b0b  2008.0/x86_64/firefox-nb_NO-3.0.15-0.1mdv2008.0.x86_64.rpm
 685ea205f1a4fa8a983fd53c2d714a88  2008.0/x86_64/firefox-nl-3.0.15-0.1mdv2008.0.x86_64.rpm
 90d4cc328c37b4c463e6fae64a3de428  2008.0/x86_64/firefox-nn_NO-3.0.15-0.1mdv2008.0.x86_64.rpm
 b321efe125f09f00f0e5c9ac14c054be  2008.0/x86_64/firefox-oc-3.0.15-0.1mdv2008.0.x86_64.rpm
 059f5501a4a8bed6b48754e2e07b82e9  2008.0/x86_64/firefox-pa_IN-3.0.15-0.1mdv2008.0.x86_64.rpm
 6b8f220f29ef17d4e7c6f25640004772  2008.0/x86_64/firefox-pl-3.0.15-0.1mdv2008.0.x86_64.rpm
 1b5d5dc952892b0fdbfa441c4fdfd3da  2008.0/x86_64/firefox-pt_BR-3.0.15-0.1mdv2008.0.x86_64.rpm
 3164f85e321ef11637e48235af7d9fa5  2008.0/x86_64/firefox-pt_PT-3.0.15-0.1mdv2008.0.x86_64.rpm
 ebb8a064121f57cab7de5cfb38eea910  2008.0/x86_64/firefox-ro-3.0.15-0.1mdv2008.0.x86_64.rpm
 27583d84905fc24396cc15d5d8bb2999  2008.0/x86_64/firefox-ru-3.0.15-0.1mdv2008.0.x86_64.rpm
 9bb03bbb171b1fb322ac63fee5967b8b  2008.0/x86_64/firefox-si-3.0.15-0.1mdv2008.0.x86_64.rpm
 56f26f73e197662f8873c1364858a6a5  2008.0/x86_64/firefox-sk-3.0.15-0.1mdv2008.0.x86_64.rpm
 33b9f772306ae80070e98ac7fd3bc8ff  2008.0/x86_64/firefox-sl-3.0.15-0.1mdv2008.0.x86_64.rpm
 6303dcce929e44536ee20e596f955cd3  2008.0/x86_64/firefox-sq-3.0.15-0.1mdv2008.0.x86_64.rpm
 e1ff8b70a7d9cb23034f8f18bec0bc12  2008.0/x86_64/firefox-sr-3.0.15-0.1mdv2008.0.x86_64.rpm
 a63de2a55fdf97097025c7cd46f88004  2008.0/x86_64/firefox-sv_SE-3.0.15-0.1mdv2008.0.x86_64.rpm
 67cc6d04dc28b56288bc54353fd73a35  2008.0/x86_64/firefox-te-3.0.15-0.1mdv2008.0.x86_64.rpm
 c135e46fe5ea4a89a0eacf2421095df1  2008.0/x86_64/firefox-th-3.0.15-0.1mdv2008.0.x86_64.rpm
 88b30a5091dd3e61c06c4ae46721840a  2008.0/x86_64/firefox-tr-3.0.15-0.1mdv2008.0.x86_64.rpm
 18901803e48f8f8784eb3f74206b311c  2008.0/x86_64/firefox-uk-3.0.15-0.1mdv2008.0.x86_64.rpm
 aa10aded8511a440c855ffe7fd0876fe  2008.0/x86_64/firefox-zh_CN-3.0.15-0.1mdv2008.0.x86_64.rpm
 4123f661b719e0fc0b322404090211e2  2008.0/x86_64/firefox-zh_TW-3.0.15-0.1mdv2008.0.x86_64.rpm
 8af9e3bfef0dcce473e7983e0e60c2df  2008.0/x86_64/lib64rarian0-0.8.0-0.1mdv2008.0.x86_64.rpm
 083df56e031ee7db74abacdabcb401aa  2008.0/x86_64/lib64rarian-devel-0.8.0-0.1mdv2008.0.x86_64.rpm
 f8c24af88c6d035477d3a5bc060e256c  2008.0/x86_64/lib64totem-plparser7-2.20.1-1.9mdv2008.0.x86_64.rpm
 6e589f62337aae0cdafcaaf23d58e0e8  2008.0/x86_64/lib64totem-plparser-devel-2.20.1-1.9mdv2008.0.x86_64.rpm
 78ceb6bb946328cd1023e1e20d7c0799  2008.0/x86_64/lib64xulrunner1.9-1.9.0.15-0.1mdv2008.0.x86_64.rpm
 bb61af20a5df658f20d2e4d7f9a2467f  2008.0/x86_64/lib64xulrunner-devel-1.9.0.15-0.1mdv2008.0.x86_64.rpm
 011ffa6ae08117ccc2f42c2b379aed84  2008.0/x86_64/lib64xulrunner-unstable-devel-1.9.0.15-0.1mdv2008.0.x86_64.rpm
 719394196e517f48d5eba1448d1447ec  2008.0/x86_64/mozilla-firefox-ext-blogrovr-1.1.798-0.1mdv2008.0.x86_64.rpm
 4d2d61c0dfa2f8a417e31b9c727bcd44  2008.0/x86_64/mozilla-firefox-ext-foxmarks-2.7.2-0.1mdv2008.0.x86_64.rpm
 37d949449831e7027dfe28594e831d2b  2008.0/x86_64/mozilla-firefox-ext-scribefire-3.2.3-0.1mdv2008.0.x86_64.rpm
 bba169ba0b1533f832bd993b2d5cf654  2008.0/x86_64/rarian-0.8.0-0.1mdv2008.0.x86_64.rpm
 57296c81b7063e2e25303a50864308a3  2008.0/x86_64/totem-2.20.1-1.9mdv2008.0.x86_64.rpm
 1dfc091b90c55f0d55230a15add42d48  2008.0/x86_64/totem-common-2.20.1-1.9mdv2008.0.x86_64.rpm
 57cd56e78f3daa8dc5b14fbbe62569f0  2008.0/x86_64/totem-gstreamer-2.20.1-1.9mdv2008.0.x86_64.rpm
 89d7479e4ac4eed0a5f6208a85315d71  2008.0/x86_64/totem-mozilla-2.20.1-1.9mdv2008.0.x86_64.rpm
 9ca4552cab8d58375229b9b4a9d8ca09  2008.0/x86_64/totem-mozilla-gstreamer-2.20.1-1.9mdv2008.0.x86_64.rpm
 7315b15e9f625f9bee0749492ef07d25  2008.0/x86_64/xulrunner-1.9.0.15-0.1mdv2008.0.x86_64.rpm
 eb876f2a7def5f95aa74fc09021b59d6  2008.0/x86_64/yelp-2.22.1-0.1mdv2008.0.x86_64.rpm 
 d179874cb1679378705722a046b2e79f  2008.0/SRPMS/firefox-3.0.15-0.1mdv2008.0.src.rpm
 5d93c52d92e9d91e9f09789499776cbb  2008.0/SRPMS/firefox-l10n-3.0.15-0.1mdv2008.0.src.rpm
 eb9675d488261eb7c7b48bf517698b08  2008.0/SRPMS/mozilla-firefox-ext-blogrovr-1.1.798-0.1mdv2008.0.src.rpm
 86df6dc3efa632aa71d6600e6ac5c1de  2008.0/SRPMS/mozilla-firefox-ext-foxmarks-2.7.2-0.1mdv2008.0.src.rpm
 c5690af5e35d01db5a626e206e83f6e0  2008.0/SRPMS/mozilla-firefox-ext-scribefire-3.2.3-0.1mdv2008.0.src.rpm
 d6e2ab7654052e0795b97fa09b28f49c  2008.0/SRPMS/rarian-0.8.0-0.1mdv2008.0.src.rpm
 b9d7680838c669ec341b689b83979d01  2008.0/SRPMS/totem-2.20.1-1.9mdv2008.0.src.rpm
 3a59f30ec62603a99ad52421133d081b  2008.0/SRPMS/xulrunner-1.9.0.15-0.1mdv2008.0.src.rpm
 9a2e88de84689ebf04c21e677bea5bb8  2008.0/SRPMS/yelp-2.22.1-0.1mdv2008.0.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFLGAEDmqjQ0CJFipgRAkqqAJkB8gZJYwBfNDlE3XyBV1VSC7n7FACeJUIv
/71G3HucXRWvkY2USlym/kE=
=hoXy
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ