lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <1279879009.29936.15.camel@luna>
Date: Fri, 23 Jul 2010 11:56:49 +0200
From: Jamie Strandboge <jamie@...onical.com>
To: ubuntu-security-announce <ubuntu-security-announce@...ts.ubuntu.com>
Cc: full-disclosure <full-disclosure@...ts.grok.org.uk>,
	bugtraq <bugtraq@...urityfocus.com>
Subject: [USN-930-4] Firefox and Xulrunner vulnerabilities

===========================================================
Ubuntu Security Notice USN-930-4              July 23, 2010
firefox-3.0, firefox-3.5, xulrunner-1.9.2 vulnerabilities
CVE-2008-5913, CVE-2010-0654, CVE-2010-1121, CVE-2010-1125,
CVE-2010-1196, CVE-2010-1197, CVE-2010-1198, CVE-2010-1199,
CVE-2010-1200, CVE-2010-1201, CVE-2010-1202, CVE-2010-1203,
CVE-2010-1205, CVE-2010-1206, CVE-2010-1207, CVE-2010-1208,
CVE-2010-1209, CVE-2010-1210, CVE-2010-1211, CVE-2010-1212,
CVE-2010-1213, CVE-2010-1214, CVE-2010-1215, CVE-2010-2751,
CVE-2010-2752, CVE-2010-2753, CVE-2010-2754
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 9.04
Ubuntu 9.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 9.04:
  abrowser                        3.6.7+build2+nobinonly-0ubuntu0.9.04.1
  firefox-3.0                     3.6.7+build2+nobinonly-0ubuntu0.9.04.1
  xulrunner-1.9.2                 1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2

Ubuntu 9.10:
  firefox-3.5                     3.6.7+build2+nobinonly-0ubuntu0.9.10.1
  xulrunner-1.9.2                 1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2

Mozilla has changed the support model for Firefox and they no longer
support version 3.0 of the browser and will only support version 3.5 of the
browser for a while longer. As a result, Ubuntu is providing an upgrade to
Firefox 3.6 for Ubuntu 9.04 and 9.10 users, which is the most current
stable release of Firefox supported by Mozilla. When upgrading, users
should be aware of the following:

- Firefox 3.6 does not support version 5 of the Sun Java plugin. Please use
  icedtea6-plugin or sun-java6-plugin instead.
- After upgrading to Firefox 3.6.6, users may be prompted to upgrade 3rd
  party Add-Ons. In some cases, an Add-On will not be compatible with
  Firefox 3.6.6 and have no update available. In these cases, Firefox will
  notify the user that it is disabling the Add-On.
- Font configuration cannot be controlled via Gnome settings. This is a
  known issue being tracked in https://launchpad.net/bugs/559149 and will
  be fixed in a later update.
- helix-player is not currently supported in Firefox 3.6. This is a known
  issue and may be fixed in a future update.
- Plugins using external helpers (such as Totem) may not close when using
  the Epiphany browser. This is a known issue being tracked in
  https://launchpad.net/bugs/599796 and will be fixed in a later update.
  This issue only affects Ubuntu 9.04.
- The OpenJDK java plugin is not available in Ubuntu 9.04 on Sparc
  hardware. This will be fixed in a future update.

After a standard system upgrade you need to restart Firefox and any
applications that use Xulrunner to effect the necessary changes.

Details follow:

USN-930-1 fixed vulnerabilities in Firefox and Xulrunner. This update
provides the corresponding updates for Ubuntu 9.04 and 9.10, along with
additional updates affecting Firefox 3.6.6.

Several flaws were discovered in the browser engine of Firefox. If a user
were tricked into viewing a malicious site, a remote attacker could use
this to crash the browser or possibly run arbitrary code as the user
invoking the program. (CVE-2010-1208, CVE-2010-1209, CVE-2010-1211,
CVE-2010-1212)

An integer overflow was discovered in how Firefox processed plugin
parameters. An attacker could exploit this to crash the browser or possibly
run arbitrary code as the user invoking the program. (CVE-2010-1214)

A flaw was discovered in the Firefox JavaScript engine. If a user were
tricked into viewing a malicious site, a remote attacker code execute
arbitrary JavaScript with chrome privileges. (CVE-2010-1215)

An integer overflow was discovered in how Firefox processed CSS values. An
attacker could exploit this to crash the browser or possibly run arbitrary
code as the user invoking the program. (CVE-2010-2752)

An integer overflow was discovered in how Firefox interpreted the XUL
<tree> element. If a user were tricked into viewing a malicious site, a
remote attacker could use this to crash the browser or possibly run
arbitrary code as the user invoking the program. (CVE-2010-2753)

Aki Helin discovered that libpng did not properly handle certain malformed
PNG images. If a user were tricked into opening a crafted PNG file, an
attacker could cause a denial of service or possibly execute arbitrary code
with the privileges of the user invoking the program. (CVE-2010-1205)

Yosuke Hasegawa and Vladimir Vukicevic discovered that the same-origin
check in Firefox could be bypassed by utilizing the importScripts Web
Worker method. If a user were tricked into viewing a malicious website, an
attacker could exploit this to read data from other domains.
(CVE-2010-1213, CVE-2010-1207)

O. Andersen that Firefox did not properly map undefined positions within
certain 8 bit encodings. An attacker could utilize this to perform
cross-site scripting attacks. (CVE-2010-1210)

Michal Zalewski discovered flaws in how Firefox processed the HTTP 204 (no
content) code. An attacker could exploit this to spoof the location bar,
such as in a phishing attack. (CVE-2010-1206)

Jordi Chancel discovered that Firefox did not properly handle when a server
responds to an HTTPS request with plaintext and then processes JavaScript
history events. An attacker could exploit this to spoof the location bar,
such as in a phishing attack. (CVE-2010-2751)

Chris Evans discovered that Firefox did not properly process improper CSS
selectors. If a user were tricked into viewing a malicious website, an
attacker could exploit this to read data from other domains.
(CVE-2010-0654)

Soroush Dalili discovered that Firefox did not properly handle script error
output. An attacker could use this to access URL parameters from other
domains. (CVE-2010-2754)

Original advisory details:

 If was discovered that Firefox could be made to access freed memory. If a
 user were tricked into viewing a malicious site, a remote attacker could
 cause a denial of service or possibly execute arbitrary code with the
 privileges of the user invoking the program. (CVE-2010-1121)
 
 Several flaws were discovered in the browser engine of Firefox. If a
 user were tricked into viewing a malicious site, a remote attacker could
 cause a denial of service or possibly execute arbitrary code with the
 privileges of the user invoking the program. (CVE-2010-1200, CVE-2010-1201,
 CVE-2010-1202, CVE-2010-1203)
 
 A flaw was discovered in the way plugin instances interacted. An attacker
 could potentially exploit this and use one plugin to access freed memory from a
 second plugin to execute arbitrary code with the privileges of the user
 invoking the program. (CVE-2010-1198)
 
 An integer overflow was discovered in Firefox. If a user were tricked into
 viewing a malicious site, an attacker could overflow a buffer and cause a
 denial of service or possibly execute arbitrary code with the privileges of
 the user invoking the program. (CVE-2010-1196)
 
 Martin Barbella discovered an integer overflow in an XSLT node sorting
 routine. An attacker could exploit this to overflow a buffer and cause a
 denial of service or possibly execute arbitrary code with the privileges of
 the user invoking the program. (CVE-2010-1199)
 
 Michal Zalewski discovered that the focus behavior of Firefox could be
 subverted. If a user were tricked into viewing a malicious site, a remote
 attacker could use this to capture keystrokes. (CVE-2010-1125)
 
 Ilja van Sprundel discovered that the 'Content-Disposition: attachment'
 HTTP header was ignored when 'Content-Type: multipart' was also present.
 Under certain circumstances, this could potentially lead to cross-site
 scripting attacks. (CVE-2010-1197)
 
 Amit Klein discovered that Firefox did not seed its random number generator
 often enough. An attacker could exploit this to identify and track users
 across different web sites. (CVE-2008-5913)


Updated packages for Ubuntu 9.04:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/
      Size/MD5:    67119 0d7f276c870914e97be8016c470c0acc
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.04.1.diff.gz
      Size/MD5:   144826 b71440bbda1a9a19aa3434ad6a00c486
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.04.1.dsc
      Size/MD5:     2552 0e63965d7e1ba8d0c024793dae18a651
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly.orig.tar.gz
      Size/MD5: 49883446 e3bdceebdf5bcc94f0f901ce8744a6df

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/abrowser-3.0-branding_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
      Size/MD5:    72226 e41f4ba0e1ee2812d09f178ce649be97
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/abrowser_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
      Size/MD5:    72392 fb339d706ee66252e70e96d62c33b305
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-branding_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
      Size/MD5:    72228 d3b045b5cafba2c50b75eb3c5c0a590a
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
      Size/MD5:    72218 6a5c7d950490e1b8265bac1bc15abeb1
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
      Size/MD5:    72240 e1de71fa375ab4896e29dafcca783dba
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
      Size/MD5:    72574 f4cb1ee7572ed2ab316313ecbb3ed84f
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-granparadiso-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
      Size/MD5:    72236 2dece76f652e27494e7487f4e68f646a
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-trunk-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
      Size/MD5:    72222 c4aebcd1ce9c8b621b7297b7088d2ef4
    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
      Size/MD5:    72256 3caf1296c3c06121157b6614170e1083
    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-granparadiso_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
      Size/MD5:    72226 d1f70077a0e3ed2fee170c02bfb03e7c
    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-libthai_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
      Size/MD5:    72212 133df734e76a4477af91dec984aa2694
    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
      Size/MD5:    72240 6efcfef2ed5164204686ce075d23332d
    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-trunk_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_all.deb
      Size/MD5:    72210 07339b8304124d7afbacf53943f0500f

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/
      Size/MD5:  7798876 759f27c1d6635a6d04b07c9a73f54f3c
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_amd64.deb
      Size/MD5:    72330 b9692de7b7947e32c1f678a9d554effa
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_amd64.deb
      Size/MD5:    72764 706e5682afbbc54334bb823fe92e9d0c
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_amd64.deb
      Size/MD5: 12504700 0c81c0201b8a6b3aef72d2213d9d38b2
    http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_amd64.deb
      Size/MD5:    29308 4174c5e062a927f5f4fd445bc3f2b7ce

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/
      Size/MD5:  9913748 ad706c2a0c670ea9bc6de7109211c8e4
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_i386.deb
      Size/MD5:    72340 b19f20096548fc8981367cd9d431379f
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_i386.deb
      Size/MD5:    72762 faaacee4aa7e2fd7fa961a88c4b86d0f
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_i386.deb
      Size/MD5: 11192572 5adae55773b0ca8e438c7252046f705b
    http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_i386.deb
      Size/MD5:    29308 ca6a787a65220583746b55366ae9ac44

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/
      Size/MD5:  4830218 0d3caf5b20aba2975f9f7e423c6b3b69
    http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_lpia.deb
      Size/MD5:    72332 099275f779e538dc54e913593084b7bc
    http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_lpia.deb
      Size/MD5:    72762 ee7361261892014edfc1a69365672c17
    http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_lpia.deb
      Size/MD5: 10687418 2a010333c02ed1112cbef0544cf73cf1
    http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_lpia.deb
      Size/MD5:    29308 5fb3d21190e1e8012b08b694c4b9239c

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/
      Size/MD5:  4812772 94b728d013dee6371b8cc4ebef11430c
    http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-dev_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_powerpc.deb
      Size/MD5:    72340 6318359d26cfa32d4e1eeda6c8916aa4
    http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_powerpc.deb
      Size/MD5:    72770 e5449bcbe442fa1385d7b2ecbc8c1831
    http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.04.1_powerpc.deb
      Size/MD5: 11583662 a73467d63e46af2f21b2e46fa0f29797
    http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_powerpc.deb
      Size/MD5:    29310 69a2c47902bb366a50c2bb3fa9053131

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/
      Size/MD5:    75512 a49a96a5d589e39a77720fe70706da03
    http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2_sparc.deb
      Size/MD5:    29312 e66a94b78d1d6476b05736a82c4ed49c

Updated packages for Ubuntu 9.10:

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/
      Size/MD5:     2621 74297592edce6f55313193967daaebeb
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5_3.6.7+build2+nobinonly-0ubuntu0.9.10.1.diff.gz
      Size/MD5:   155727 0e58cb5f9e5293c40564e944e50437a6
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5_3.6.7+build2+nobinonly-0ubuntu0.9.10.1.dsc
      Size/MD5:     2758 e6647365f000313a96f9a72b4dc8022f
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5_3.6.7+build2+nobinonly.orig.tar.gz
      Size/MD5: 49883446 e3bdceebdf5bcc94f0f901ce8744a6df

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/
      Size/MD5:    29714 b4ee604ee0d4dbdc448a74f6f746528c
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/abrowser-3.5-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
      Size/MD5:    75716 8ec52b07f2b60dbb381909a6b7e5f039
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/abrowser_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
      Size/MD5:    75964 69b4baf1c2b4ce75ced092dbdb44266b
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.0-dev_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
      Size/MD5:    75700 22bd34473ba1abe7501b247f7d8980b5
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.1-dbg_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
      Size/MD5:    75702 3dc765e62e9300dd5a57d512be2e3c3b
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.1-dev_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
      Size/MD5:    75700 1ae9b7c023259e8f9fa994c24efeb07f
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
      Size/MD5:    75706 f4a1b34f657927ca5eaf15cf9976e336
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-dbg_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
      Size/MD5:    75704 80434fb6b98bd5ddafbd0d9d472b9416
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-dev_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
      Size/MD5:    75698 1e6cffa413775771f086d3238ed84a6b
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
      Size/MD5:    75722 b3dea417d76e06235b1f7c267d4871fe
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-3.5_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
      Size/MD5:    76052 9c59d599f01a4af2337515c224164b11
    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.0-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
      Size/MD5:    75718 70e6d5d57e356e78500d8558e6ec7f72
    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
      Size/MD5:     8938 3085a96f8f815fbb01b21dd67d4b423d
    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.1-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
      Size/MD5:    75710 45b7c94ece697097b83adb8bc09b5769
    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.1_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
      Size/MD5:     8940 8d60975aeb324b31426a64d0a1485320
    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/abrowser-3.5_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
      Size/MD5:     8930 e9c41de371986cf16137aa0a8baa1635
    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
      Size/MD5:    75710 191d51d184569650814b7d1e87e808a3
    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0-dom-inspector_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
      Size/MD5:    75720 f18da780b4b8e57685667bb94faeac19
    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
      Size/MD5:    75726 6bef8a651c1763ca5fdd3140bd7ae915
    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0-venkman_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
      Size/MD5:    75714 408c0fa73ac828fa9acae2a7ff02e6f7
    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.0_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
      Size/MD5:    75692 3c4f3ef8332997b0a72bda0e436ab0fe
    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.1-branding_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
      Size/MD5:    75708 c3f238accf868508d1d44a3984a0deda
    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.1-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
      Size/MD5:    75722 41bf0606552717a9988db2bd929b3862
    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-3.1_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
      Size/MD5:    75692 e27ae8b4a4875eff55fedd2c3da9499e
    http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.5/firefox-dom-inspector_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_all.deb
      Size/MD5:    75710 49ada82e615b86ac74f5880b656d8914

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):

    http://security.ubuntu.com/ubuntu/pool/
      Size/MD5: 10675764 276cf6fd80197d8edf64b2c885c5e540
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_amd64.deb
      Size/MD5:    76196 ec574586607cd1da65dd5ee7c1f17317
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_amd64.deb
      Size/MD5: 12502768 ef8749c8ba4b15a29631f69baccf6984
    http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_amd64.deb
      Size/MD5:    29196 766569469e7d1d805a16b659607cb228

  i386 architecture (x86 compatible Intel/AMD):

    http://security.ubuntu.com/ubuntu/pool/
      Size/MD5:    43286 e1e37c33ecc0918fcd518e5748c767e2
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_i386.deb
      Size/MD5:    76198 06d415ebee45883afa9de06a4bf00ba2
    http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.5/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_i386.deb
      Size/MD5: 11217372 c3ddffd8a035d3be397ffc112c17e0a9
    http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_i386.deb
      Size/MD5:    29190 c59e1bbc03df75b63c72a956530ecdff

  lpia architecture (Low Power Intel Architecture):

    http://ports.ubuntu.com/pool/
      Size/MD5:  4794796 0f04c58b1898ef6ff8c42e9f696cf943
    http://ports.ubuntu.com/pool/main/f/firefox-3.5/firefox-gnome-support_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_lpia.deb
      Size/MD5:    76192 ac0e4a03520b896085dbc4b1e524c397
    http://ports.ubuntu.com/pool/main/f/firefox-3.5/firefox_3.6.7+build2+nobinonly-0ubuntu0.9.10.1_lpia.deb
      Size/MD5: 10720482 e9459f2ddd0b28adc40e37bc46de87d8
    http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_lpia.deb
      Size/MD5:    29194 b5c356758ef5adb4468c85577660061a

  powerpc architecture (Apple Macintosh G3/G4/G5):

    http://ports.ubuntu.com/pool/
      Size/MD5: 64642040 19a96c0ae2726790da3efb566ac4fdb0
    http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_powerpc.deb
      Size/MD5:    29200 69d071a75fcd766841f7f428ec9eb806

  sparc architecture (Sun SPARC/UltraSPARC):

    http://ports.ubuntu.com/pool/
      Size/MD5:  7629538 5042de0cdebf36ad17e6485b966ec94f
    http://ports.ubuntu.com/pool/main/x/xulrunner-1.9.2/xulrunner-dev_1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2_sparc.deb
      Size/MD5:    29194 f154cda4e06288f639db4d6024c26695




Download attachment "signature.asc" of type "application/pgp-signature" (199 bytes)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ