lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1SvnnU-0005nO-Kn@titan.mandriva.com>
Date: Mon, 30 Jul 2012 13:06:00 +0200
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDVSA-2012:110-1 ] mozilla

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                       MDVSA-2012:110-1
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : mozilla
 Date    : July 30, 2012
 Affected: 2011.
 _______________________________________________________________________

 Problem Description:

 Security issues were identified and fixed in mozilla firefox and
 thunderbird:
 
 Mozilla developers identified and fixed several memory safety
 bugs in the browser engine used in Firefox and other Mozilla-based
 products. Some of these bugs showed evidence of memory corruption
 under certain circumstances, and we presume that with enough effort
 at least some of these could be exploited to run arbitrary code
 (CVE-2012-1949, CVE-2012-1948).
 
 Security researcher Mario Gomes andresearch firm Code Audit Labs
 reported a mechanism to short-circuit page loads through drag and drop
 to the addressbar by canceling the page load. This causes the address
 of the previously site entered to be displayed in the addressbar
 instead of the currently loaded page. This could lead to potential
 phishing attacks on users (CVE-2012-1950).
 
 Google security researcher Abhishek Arya used the Address Sanitizer
 tool to uncover four issues: two use-after-free problems, one out of
 bounds read bug, and a bad cast. The first use-after-free problem is
 caused when an array of nsSMILTimeValueSpec objects is destroyed but
 attempts are made to call into objects in this array later. The second
 use-after-free problem is in nsDocument::AdoptNode when it adopts into
 an empty document and then adopts into another document, emptying the
 first one. The heap buffer overflow is in ElementAnimations when data
 is read off of end of an array and then pointers are dereferenced. The
 bad cast happens when nsTableFrame::InsertFrames is called with
 frames in aFrameList that are a mix of row group frames and column
 group frames. AppendFrames is not able to handle this mix. All four of
 these issues are potentially exploitable (CVE-2012-1951, CVE-2012-1954,
 CVE-2012-1953, CVE-2012-1952).
 
 Security researcher Mariusz Mlynski reported an issue with spoofing
 of the location property. In this issue, calls to history.forward
 and history.back are used to navigate to a site while displaying the
 previous site in the addressbar but changing the baseURI to the newer
 site. This can be used for phishing by allowing the user input form
 or other data on the newer, attacking, site while appearing to be on
 the older, displayed site (CVE-2012-1955).
 
 Mozilla security researcher moz_bug_r_a4 reported a cross-site
 scripting (XSS) attack through the context menu using a data: URL. In
 this issue, context menu functionality (View Image, Show only this
 frame, and View background image) are disallowed in a javascript:
 URL but allowed in a data: URL, allowing for XSS. This can lead to
 arbitrary code execution (CVE-2012-1966).
 
 Security researcher Mario Heiderich reported that javascript could
 be executed in the HTML feed-view using &lt;embed&gt; tag within the RSS
 &lt;description&gt;. This problem is due to &lt;embed&gt; tags not being filtered
 out during parsing and can lead to a potential cross-site scripting
 (XSS) attack. The flaw existed in a parser utility class and could
 affect other parts of the browser or add-ons which rely on that class
 to sanitize untrusted input (CVE-2012-1957).
 
 Security researcher Arthur Gerkis used the Address Sanitizer
 tool to find a use-after-free in nsGlobalWindow::PageHidden
 when mFocusedContent is released and oldFocusedContent is used
 afterwards. This use-after-free could possibly allow for remote code
 execution (CVE-2012-1958).
 
 Mozilla developer Bobby Holley found that same-compartment
 security wrappers (SCSW) can be bypassed by passing them to another
 compartment. Cross-compartment wrappers often do not go through SCSW,
 but have a filtering policy built into them. When an object is wrapped
 cross-compartment, the SCSW is stripped off and, when the object is
 read read back, it is not known that SCSW was previously present,
 resulting in a bypassing of SCSW. This could result in untrusted
 content having access to the XBL that implements browser functionality
 (CVE-2012-1959).
 
 Google developer Tony Payne reported an out of bounds (OOB) read in
 QCMS, Mozillas color management library. With a carefully crafted
 color profile portions of a user&#039;s memory could be incorporated into
 a transformed image and possibly deciphered (CVE-2012-1960).
 
 Bugzilla developer Fredric Buclin reported that the X-Frame-Options
 header is ignored when the value is duplicated, for example
 X-Frame-Options: SAMEORIGIN, SAMEORIGIN. This duplication occurs
 for unknown reasons on some websites and when it occurs results in
 Mozilla browsers not being protected against possible clickjacking
 attacks on those pages (CVE-2012-1961).
 
 Security researcher Bill Keese reported a memory corruption. This
 is caused by JSDependentString::undepend changing a dependent
 string into a fixed string when there are additional dependent
 strings relying on the same base. When the undepend occurs during
 conversion, the base data is freed, leaving other dependent strings
 with dangling pointers. This can lead to a potentially exploitable
 crash (CVE-2012-1962).
 
 Security researcher Karthikeyan Bhargavan of Prosecco at INRIA reported
 Content Security Policy (CSP) 1.0 implementation errors. CSP violation
 reports generated by Firefox and sent to the report-uri location
 include sensitive data within the blocked-uri parameter. These include
 fragment components and query strings even if the blocked-uri parameter
 has a different origin than the protected resource. This can be used
 to retrieve a user&#039;s OAuth 2.0 access tokens and OpenID credentials
 by malicious sites (CVE-2012-1963).
 
 Security Researcher Matt McCutchen reported that a clickjacking attack
 using the certificate warning page. A man-in-the-middle (MITM) attacker
 can use an iframe to display its own certificate error warning page
 (about:certerror) with the Add Exception button of a real warning page
 from a malicious site. This can mislead users to adding a certificate
 exception for a different site than the perceived one. This can lead
 to compromised communications with the user perceived site through
 the MITM attack once the certificate exception has been added
 (CVE-2012-1964).
 
 Security researchers Mario Gomes and Soroush Dalili reported that
 since Mozilla allows the pseudo-protocol feed: to prefix any valid
 URL, it is possible to construct feed:javascript: URLs that will
 execute scripts in some contexts. On some sites it may be possible
 to use this to evade output filtering that would otherwise strip
 javascript: URLs and thus contribute to cross-site scripting (XSS)
 problems on these sites (CVE-2012-1965).
 
 Mozilla security researcher moz_bug_r_a4 reported a arbitrary code
 execution attack using a javascript: URL. The Gecko engine features
 a JavaScript sandbox utility that allows the browser or add-ons to
 safely execute script in the context of a web page. In certain cases,
 javascript: URLs are executed in such a sandbox with insufficient
 context that can allow those scripts to escape from the sandbox and
 run with elevated privilege. This can lead to arbitrary code execution
 (CVE-2012-1967).
 
 The mozilla firefox and thunderbird packages has been upgraded to the
 latest respective versions which is unaffected by these security flaws.
 
 Additionally the rootcerts packages has been upgraded to the latest
 version which brings updated root CA data.

 Update:

 Localization packages for firefox was missing with the MDVSA-2012:110
 advisory and is being provided with this advisory.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1949
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1948
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1950
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1951
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1954
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1953
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1952
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1955
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1966
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1957
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1958
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1959
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1960
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1961
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1962
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1963
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1964
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1965
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1967
 http://www.mozilla.org/security/announce/2012/mfsa2012-42.html
 http://www.mozilla.org/security/announce/2012/mfsa2012-43.html
 http://www.mozilla.org/security/announce/2012/mfsa2012-44.html
 http://www.mozilla.org/security/announce/2012/mfsa2012-45.html
 http://www.mozilla.org/security/announce/2012/mfsa2012-46.html
 http://www.mozilla.org/security/announce/2012/mfsa2012-47.html
 http://www.mozilla.org/security/announce/2012/mfsa2012-48.html
 http://www.mozilla.org/security/announce/2012/mfsa2012-49.html
 http://www.mozilla.org/security/announce/2012/mfsa2012-50.html
 http://www.mozilla.org/security/announce/2012/mfsa2012-51.html
 http://www.mozilla.org/security/announce/2012/mfsa2012-52.html
 http://www.mozilla.org/security/announce/2012/mfsa2012-53.html
 http://www.mozilla.org/security/announce/2012/mfsa2012-54.html
 http://www.mozilla.org/security/announce/2012/mfsa2012-55.html
 http://www.mozilla.org/security/announce/2012/mfsa2012-55.html
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2011:
 43bc01ccc98b75363d4b4077b941fa95  2011/i586/firefox-af-14.0.1-0.1-mdv2011.0.noarch.rpm
 5cf9843d9fae1a9a41177d7b82fa84ff  2011/i586/firefox-ar-14.0.1-0.1-mdv2011.0.noarch.rpm
 c8e2042e6d876ae8c9bb06c0667cb02c  2011/i586/firefox-ast-14.0.1-0.1-mdv2011.0.noarch.rpm
 09cd4087379bd7b7f1802094483f75b8  2011/i586/firefox-be-14.0.1-0.1-mdv2011.0.noarch.rpm
 d5bdaad3a816acec3e1a2dd1ad0aa37a  2011/i586/firefox-bg-14.0.1-0.1-mdv2011.0.noarch.rpm
 92bcaa32a97d02fbef760d684984b2e6  2011/i586/firefox-bn_BD-14.0.1-0.1-mdv2011.0.noarch.rpm
 f85f08aae1036bbcb3988dd6284ec7ff  2011/i586/firefox-bn_IN-14.0.1-0.1-mdv2011.0.noarch.rpm
 4e3820c412ec1d024c243fda18980598  2011/i586/firefox-br-14.0.1-0.1-mdv2011.0.noarch.rpm
 7e717ec91d749e64a032ca150cb239c4  2011/i586/firefox-bs-14.0.1-0.1-mdv2011.0.noarch.rpm
 1baf657cd13b5f395ebc662c85069d0d  2011/i586/firefox-ca-14.0.1-0.1-mdv2011.0.noarch.rpm
 77459e9f9403766f58cb5559bc72d138  2011/i586/firefox-cs-14.0.1-0.1-mdv2011.0.noarch.rpm
 7d7586d2550ab01b62f882e9f9189b7e  2011/i586/firefox-cy-14.0.1-0.1-mdv2011.0.noarch.rpm
 a594f80302c0e8b9ef497a01ba7c6e88  2011/i586/firefox-da-14.0.1-0.1-mdv2011.0.noarch.rpm
 4e04b8a1fa7c713051e1053074c1d893  2011/i586/firefox-de-14.0.1-0.1-mdv2011.0.noarch.rpm
 9f015ef33a79fafaccd5f34f0dba5a47  2011/i586/firefox-el-14.0.1-0.1-mdv2011.0.noarch.rpm
 192795ac582de44102cdb55628062abd  2011/i586/firefox-en_GB-14.0.1-0.1-mdv2011.0.noarch.rpm
 6f9c8eb0e73312a292622d6949f94bd4  2011/i586/firefox-en_ZA-14.0.1-0.1-mdv2011.0.noarch.rpm
 7bc76c6cd5bbb407023051243ad4645f  2011/i586/firefox-eo-14.0.1-0.1-mdv2011.0.noarch.rpm
 894e1b85db41a38c58acce97169e6637  2011/i586/firefox-es_AR-14.0.1-0.1-mdv2011.0.noarch.rpm
 503639942c9c76b7448ba3750d05b04b  2011/i586/firefox-es_CL-14.0.1-0.1-mdv2011.0.noarch.rpm
 630c50be622f38c3ad0f9960eac058e8  2011/i586/firefox-es_ES-14.0.1-0.1-mdv2011.0.noarch.rpm
 8ff53c0a20cdac5b6b6b94bc4e4324f6  2011/i586/firefox-es_MX-14.0.1-0.1-mdv2011.0.noarch.rpm
 5c62325eb7cef9d28fe59813dd511268  2011/i586/firefox-et-14.0.1-0.1-mdv2011.0.noarch.rpm
 cb69b8277417a197f8e28f2cbeea38a9  2011/i586/firefox-eu-14.0.1-0.1-mdv2011.0.noarch.rpm
 c944b502988dc54ecc366b927982fd5f  2011/i586/firefox-fa-14.0.1-0.1-mdv2011.0.noarch.rpm
 f8ce2b2d103f9d2804a798877f1b08da  2011/i586/firefox-fi-14.0.1-0.1-mdv2011.0.noarch.rpm
 07b94b1c0672a93cea29cdd152fc0ed9  2011/i586/firefox-fr-14.0.1-0.1-mdv2011.0.noarch.rpm
 09a7b66abc54664696c7cc8026fc4a34  2011/i586/firefox-fy-14.0.1-0.1-mdv2011.0.noarch.rpm
 da0b97c3384c7c77a6a0e10ea58c4607  2011/i586/firefox-ga_IE-14.0.1-0.1-mdv2011.0.noarch.rpm
 9ab97af29d6600c225e4bdb66edf2f7f  2011/i586/firefox-gd-14.0.1-0.1-mdv2011.0.noarch.rpm
 856b18f2b73adfdecc78db40d413094f  2011/i586/firefox-gl-14.0.1-0.1-mdv2011.0.noarch.rpm
 a4704eafd1495f59da8ad0b93ae5c3c9  2011/i586/firefox-gu_IN-14.0.1-0.1-mdv2011.0.noarch.rpm
 979792f24a7a8285134e0b2fb4d1db64  2011/i586/firefox-he-14.0.1-0.1-mdv2011.0.noarch.rpm
 1016e55c395f913d45fe8f16d4d95b0a  2011/i586/firefox-hi-14.0.1-0.1-mdv2011.0.noarch.rpm
 f71278e4dc9fbd485c06e3db12d58fa6  2011/i586/firefox-hr-14.0.1-0.1-mdv2011.0.noarch.rpm
 cdf886a3a41b7cd06331167e9edd8d03  2011/i586/firefox-hu-14.0.1-0.1-mdv2011.0.noarch.rpm
 8406531f69f43148553ed0939d011ca5  2011/i586/firefox-hy-14.0.1-0.1-mdv2011.0.noarch.rpm
 8c3db8bc829576fa90ca527ebb3e4445  2011/i586/firefox-id-14.0.1-0.1-mdv2011.0.noarch.rpm
 de0449aa2e281d0eeb86a5685a2a9c45  2011/i586/firefox-is-14.0.1-0.1-mdv2011.0.noarch.rpm
 101bf9b896099ae748513118c534b750  2011/i586/firefox-it-14.0.1-0.1-mdv2011.0.noarch.rpm
 8372a468aa4b5ff646ae0ac85f2f4455  2011/i586/firefox-ja-14.0.1-0.1-mdv2011.0.noarch.rpm
 f70fd9c5cd6ff7a127573dd1c555a049  2011/i586/firefox-kk-14.0.1-0.1-mdv2011.0.noarch.rpm
 ffe94a0418739a39db28106aa9ffcc7b  2011/i586/firefox-kn-14.0.1-0.1-mdv2011.0.noarch.rpm
 2dea5e4a34d2a7c370e322a774fedfec  2011/i586/firefox-ko-14.0.1-0.1-mdv2011.0.noarch.rpm
 a30c85b798ec5b74d0d42a5000359df0  2011/i586/firefox-ku-14.0.1-0.1-mdv2011.0.noarch.rpm
 eaca75ab4cf18be892c56a5aaa10e04c  2011/i586/firefox-lg-14.0.1-0.1-mdv2011.0.noarch.rpm
 70c1db3b65529680d46a707332dfab40  2011/i586/firefox-lt-14.0.1-0.1-mdv2011.0.noarch.rpm
 a328f4c11f47ae0fb124b338c0405df0  2011/i586/firefox-lv-14.0.1-0.1-mdv2011.0.noarch.rpm
 5fcf1ae7fc2aede068899522d07f2bf5  2011/i586/firefox-mai-14.0.1-0.1-mdv2011.0.noarch.rpm
 b0596139c6a91bc1edcf9649bcdc7846  2011/i586/firefox-mk-14.0.1-0.1-mdv2011.0.noarch.rpm
 9f010b17083218b84b383eacbc63aecb  2011/i586/firefox-ml-14.0.1-0.1-mdv2011.0.noarch.rpm
 d70187cdc8e2ef02337c6249fe544375  2011/i586/firefox-mr-14.0.1-0.1-mdv2011.0.noarch.rpm
 0a57e69dfcabead6b506bed994ad05ef  2011/i586/firefox-nb_NO-14.0.1-0.1-mdv2011.0.noarch.rpm
 04144ffe3227a619976dc82c7f688bf0  2011/i586/firefox-nl-14.0.1-0.1-mdv2011.0.noarch.rpm
 b16e5fc2a317db3f1975a2619806acc6  2011/i586/firefox-nn_NO-14.0.1-0.1-mdv2011.0.noarch.rpm
 a694a6967405181a4a9f3c25ffad8044  2011/i586/firefox-nso-14.0.1-0.1-mdv2011.0.noarch.rpm
 c168d6a441153e4105b645707be2830c  2011/i586/firefox-or-14.0.1-0.1-mdv2011.0.noarch.rpm
 675c74b5f63b2f201ca0590d49317b30  2011/i586/firefox-pa_IN-14.0.1-0.1-mdv2011.0.noarch.rpm
 2750a583420d0936ba5bdbfc0dca4a63  2011/i586/firefox-pl-14.0.1-0.1-mdv2011.0.noarch.rpm
 4fb3435d1bf3deed172d55f44d046047  2011/i586/firefox-pt_BR-14.0.1-0.1-mdv2011.0.noarch.rpm
 6bde33144f6753a87785228eec87518b  2011/i586/firefox-pt_PT-14.0.1-0.1-mdv2011.0.noarch.rpm
 94f93cce16dd9f3d0905801861a4f736  2011/i586/firefox-ro-14.0.1-0.1-mdv2011.0.noarch.rpm
 87cee184faf238fb7a26a5ac1b5247b3  2011/i586/firefox-ru-14.0.1-0.1-mdv2011.0.noarch.rpm
 885f993edd7a40018b4b59f9e0111e0c  2011/i586/firefox-si-14.0.1-0.1-mdv2011.0.noarch.rpm
 b1298a8456b1ed2aaa4dec50b3eaf4b7  2011/i586/firefox-sk-14.0.1-0.1-mdv2011.0.noarch.rpm
 6749f45f11e3fb8861b468acc63675aa  2011/i586/firefox-sl-14.0.1-0.1-mdv2011.0.noarch.rpm
 4f83842b913895d6e68ff7413bbc48c2  2011/i586/firefox-sq-14.0.1-0.1-mdv2011.0.noarch.rpm
 55806da67fb4c3379129d1eb7cb7fc55  2011/i586/firefox-sr-14.0.1-0.1-mdv2011.0.noarch.rpm
 708b8c6cb0fbce415edf0a4b3a98cb18  2011/i586/firefox-sv_SE-14.0.1-0.1-mdv2011.0.noarch.rpm
 5ecc9585249bb7f65783cbe143489e38  2011/i586/firefox-ta-14.0.1-0.1-mdv2011.0.noarch.rpm
 3a20bf6d9c0f4dd138105812f5d108f9  2011/i586/firefox-ta_LK-14.0.1-0.1-mdv2011.0.noarch.rpm
 b4d876ff38f7ade56ad4c0873065a690  2011/i586/firefox-te-14.0.1-0.1-mdv2011.0.noarch.rpm
 f5efc023d2909b94e2f7c99d5238ff75  2011/i586/firefox-th-14.0.1-0.1-mdv2011.0.noarch.rpm
 7d5876c112c9efc6944460bc936ca11d  2011/i586/firefox-tr-14.0.1-0.1-mdv2011.0.noarch.rpm
 21e9f383b72fbe6ecd5bf6a404ddf223  2011/i586/firefox-uk-14.0.1-0.1-mdv2011.0.noarch.rpm
 dc5a805bb27e1a54f166e5fdb9b7cd77  2011/i586/firefox-vi-14.0.1-0.1-mdv2011.0.noarch.rpm
 c6809103f7b4b01348a48dda9d091c5b  2011/i586/firefox-zh_CN-14.0.1-0.1-mdv2011.0.noarch.rpm
 81a2b6bd3e0faef551580412e5ed3f2e  2011/i586/firefox-zh_TW-14.0.1-0.1-mdv2011.0.noarch.rpm
 1be0b4a24474dc690779dedd9ff3080d  2011/i586/firefox-zu-14.0.1-0.1-mdv2011.0.noarch.rpm 
 24084d5193151ca4653ae9cd9075ba49  2011/SRPMS/firefox-l10n-14.0.1-0.1.src.rpm

 Mandriva Linux 2011/X86_64:
 583b4f8a075d037659abf27c2a159657  2011/x86_64/firefox-af-14.0.1-0.1-mdv2011.0.noarch.rpm
 82cd3e5871e6213f9ea1c9b7079bafe0  2011/x86_64/firefox-ar-14.0.1-0.1-mdv2011.0.noarch.rpm
 b507014516db7f3337fe94d1a4ec9ac7  2011/x86_64/firefox-ast-14.0.1-0.1-mdv2011.0.noarch.rpm
 cd5ed30105a099d27f9d90acb9bc6407  2011/x86_64/firefox-be-14.0.1-0.1-mdv2011.0.noarch.rpm
 fb8b606ec1b036993db362c756eaca0a  2011/x86_64/firefox-bg-14.0.1-0.1-mdv2011.0.noarch.rpm
 edac0138d1db7216fe454fb3f753e9db  2011/x86_64/firefox-bn_BD-14.0.1-0.1-mdv2011.0.noarch.rpm
 9af860ab0127e23595fd2f18b3fc0176  2011/x86_64/firefox-bn_IN-14.0.1-0.1-mdv2011.0.noarch.rpm
 101bdf75c8c2aba63c3e5f067424d080  2011/x86_64/firefox-br-14.0.1-0.1-mdv2011.0.noarch.rpm
 7bd4bcbe8215b94d3b5343408c17e4ed  2011/x86_64/firefox-bs-14.0.1-0.1-mdv2011.0.noarch.rpm
 767269ccd10a5a29cff117b2fdc85d9e  2011/x86_64/firefox-ca-14.0.1-0.1-mdv2011.0.noarch.rpm
 3062dc29310e151931de3d38b50a8147  2011/x86_64/firefox-cs-14.0.1-0.1-mdv2011.0.noarch.rpm
 f2a5c1c799c16f8d22921d7874bab2b1  2011/x86_64/firefox-cy-14.0.1-0.1-mdv2011.0.noarch.rpm
 3f80742881dac3ea726ec729904d06af  2011/x86_64/firefox-da-14.0.1-0.1-mdv2011.0.noarch.rpm
 58d0e28dc04f104789d255beb53907b9  2011/x86_64/firefox-de-14.0.1-0.1-mdv2011.0.noarch.rpm
 465dd46ca7a945a9610a47ada145841d  2011/x86_64/firefox-el-14.0.1-0.1-mdv2011.0.noarch.rpm
 76e641c297092488d80d9cc3aa5d760a  2011/x86_64/firefox-en_GB-14.0.1-0.1-mdv2011.0.noarch.rpm
 9c32d0e7a870c61cbed79d2d7202b641  2011/x86_64/firefox-en_ZA-14.0.1-0.1-mdv2011.0.noarch.rpm
 8b98eb9a48ff7ebfaa08e776037edbd1  2011/x86_64/firefox-eo-14.0.1-0.1-mdv2011.0.noarch.rpm
 1529caa60d614a9c67ed6d63408163f3  2011/x86_64/firefox-es_AR-14.0.1-0.1-mdv2011.0.noarch.rpm
 deb3f3dd2ebcf75d9a5d6191680f604b  2011/x86_64/firefox-es_CL-14.0.1-0.1-mdv2011.0.noarch.rpm
 590457b838ab681886869b9b1d9be270  2011/x86_64/firefox-es_ES-14.0.1-0.1-mdv2011.0.noarch.rpm
 8eacf08eefba46c5d3b43effcb211ec9  2011/x86_64/firefox-es_MX-14.0.1-0.1-mdv2011.0.noarch.rpm
 a14a00665bf7711cfded3a25ed57f966  2011/x86_64/firefox-et-14.0.1-0.1-mdv2011.0.noarch.rpm
 750428654dad1b2e8ab61714fdf3d3e7  2011/x86_64/firefox-eu-14.0.1-0.1-mdv2011.0.noarch.rpm
 cdafed47648d2d9ba744cdcca1c78a1e  2011/x86_64/firefox-fa-14.0.1-0.1-mdv2011.0.noarch.rpm
 ac25f45e17c108cf6d476fadbd19f382  2011/x86_64/firefox-fi-14.0.1-0.1-mdv2011.0.noarch.rpm
 972eb883ac84bd9260af33760aaff05a  2011/x86_64/firefox-fr-14.0.1-0.1-mdv2011.0.noarch.rpm
 d378fc6f17f4223c915f98d83ced2302  2011/x86_64/firefox-fy-14.0.1-0.1-mdv2011.0.noarch.rpm
 45282406f804b4fab9042344432a48cb  2011/x86_64/firefox-ga_IE-14.0.1-0.1-mdv2011.0.noarch.rpm
 08aea6931aaa47a6c800b2b4e243a5f3  2011/x86_64/firefox-gd-14.0.1-0.1-mdv2011.0.noarch.rpm
 abd5a648d4bb501b084d7e34ee83b89c  2011/x86_64/firefox-gl-14.0.1-0.1-mdv2011.0.noarch.rpm
 107031305a5e8aca8bf2ef324256d730  2011/x86_64/firefox-gu_IN-14.0.1-0.1-mdv2011.0.noarch.rpm
 d58fe4de769bfc6d031ce0f0b7264bb0  2011/x86_64/firefox-he-14.0.1-0.1-mdv2011.0.noarch.rpm
 2f051401cc1bcc7b98de8b89e6af2c28  2011/x86_64/firefox-hi-14.0.1-0.1-mdv2011.0.noarch.rpm
 6a6e6454e463106d5309f9043fda260f  2011/x86_64/firefox-hr-14.0.1-0.1-mdv2011.0.noarch.rpm
 1761853278941f6d3a1248bb8c388729  2011/x86_64/firefox-hu-14.0.1-0.1-mdv2011.0.noarch.rpm
 6411f1be310184d571eabf01ec8e3922  2011/x86_64/firefox-hy-14.0.1-0.1-mdv2011.0.noarch.rpm
 57f8fb7828e71ad74652dd35cb47df07  2011/x86_64/firefox-id-14.0.1-0.1-mdv2011.0.noarch.rpm
 3167b1dcfc28bc29cbeebc85b62bb51b  2011/x86_64/firefox-is-14.0.1-0.1-mdv2011.0.noarch.rpm
 f0ca2c60d87269db012c2b5cd2b2cee2  2011/x86_64/firefox-it-14.0.1-0.1-mdv2011.0.noarch.rpm
 cd0b86c806187d842757ade1303693cd  2011/x86_64/firefox-ja-14.0.1-0.1-mdv2011.0.noarch.rpm
 fbd9a1e8d6f31d93252c5999ae3be705  2011/x86_64/firefox-kk-14.0.1-0.1-mdv2011.0.noarch.rpm
 1be6287965defee8cccabb9748825615  2011/x86_64/firefox-kn-14.0.1-0.1-mdv2011.0.noarch.rpm
 6b740d8e2e819e5ac67d9fb33fae6935  2011/x86_64/firefox-ko-14.0.1-0.1-mdv2011.0.noarch.rpm
 aee4f1e192a19aef60e8bca7b6c4eadb  2011/x86_64/firefox-ku-14.0.1-0.1-mdv2011.0.noarch.rpm
 089de0fdd810e2c051433dac80a59bf0  2011/x86_64/firefox-lg-14.0.1-0.1-mdv2011.0.noarch.rpm
 57cb2dc0080448dc5dfcd776aebf060f  2011/x86_64/firefox-lt-14.0.1-0.1-mdv2011.0.noarch.rpm
 c47b64c555918a01fa67ec0c4824a240  2011/x86_64/firefox-lv-14.0.1-0.1-mdv2011.0.noarch.rpm
 6549a50879429511a3f680e62ac2415b  2011/x86_64/firefox-mai-14.0.1-0.1-mdv2011.0.noarch.rpm
 c3424e83bde73981714627b33507aa94  2011/x86_64/firefox-mk-14.0.1-0.1-mdv2011.0.noarch.rpm
 01ce1ebf6b7577854d4800c7a2ba8814  2011/x86_64/firefox-ml-14.0.1-0.1-mdv2011.0.noarch.rpm
 c6134bed062508fc28e11a5dc8c7d7c6  2011/x86_64/firefox-mr-14.0.1-0.1-mdv2011.0.noarch.rpm
 c23404bb4ba22bd31cea4f6f0e3663ef  2011/x86_64/firefox-nb_NO-14.0.1-0.1-mdv2011.0.noarch.rpm
 7331c629802311de0cfe1f7c32e7e1f1  2011/x86_64/firefox-nl-14.0.1-0.1-mdv2011.0.noarch.rpm
 afdd8a7a5fabc05738c9f759398c672d  2011/x86_64/firefox-nn_NO-14.0.1-0.1-mdv2011.0.noarch.rpm
 fcfce875f899c0c3dd5614fadd240872  2011/x86_64/firefox-nso-14.0.1-0.1-mdv2011.0.noarch.rpm
 e6df6d30da7f7e705889b933d0db8e51  2011/x86_64/firefox-or-14.0.1-0.1-mdv2011.0.noarch.rpm
 ef0fe33071e61127d64b2324c448371f  2011/x86_64/firefox-pa_IN-14.0.1-0.1-mdv2011.0.noarch.rpm
 0c434f4308209054b675e89205c2a76c  2011/x86_64/firefox-pl-14.0.1-0.1-mdv2011.0.noarch.rpm
 b633c3061de8467be426d22b8c5ed794  2011/x86_64/firefox-pt_BR-14.0.1-0.1-mdv2011.0.noarch.rpm
 aad5cb82fffa1fcbb8e5b244b72dd6e4  2011/x86_64/firefox-pt_PT-14.0.1-0.1-mdv2011.0.noarch.rpm
 9bf5739c054f2fc7853853dfeb9c42f6  2011/x86_64/firefox-ro-14.0.1-0.1-mdv2011.0.noarch.rpm
 26fd39aa5de53990561a2eea50f4a1bf  2011/x86_64/firefox-ru-14.0.1-0.1-mdv2011.0.noarch.rpm
 8fcf23326ee56437d04c60161196925c  2011/x86_64/firefox-si-14.0.1-0.1-mdv2011.0.noarch.rpm
 6dc3cc97f319c14dc3091434352ae062  2011/x86_64/firefox-sk-14.0.1-0.1-mdv2011.0.noarch.rpm
 0c50b613eb4eedd4611a15ed1eb41659  2011/x86_64/firefox-sl-14.0.1-0.1-mdv2011.0.noarch.rpm
 d371f7e2f3fa8fa10b0f28424b1ce1a9  2011/x86_64/firefox-sq-14.0.1-0.1-mdv2011.0.noarch.rpm
 e4e25da1ff6216c8380322fa4894d710  2011/x86_64/firefox-sr-14.0.1-0.1-mdv2011.0.noarch.rpm
 48290e1445b3cc1499edd9dfcc501ce3  2011/x86_64/firefox-sv_SE-14.0.1-0.1-mdv2011.0.noarch.rpm
 5cd7952638955430695a7043ce372ffb  2011/x86_64/firefox-ta-14.0.1-0.1-mdv2011.0.noarch.rpm
 6e2d7b698d0a91a7a12365be5e7fbeb4  2011/x86_64/firefox-ta_LK-14.0.1-0.1-mdv2011.0.noarch.rpm
 39be666ac815865b0f060587d8d5717f  2011/x86_64/firefox-te-14.0.1-0.1-mdv2011.0.noarch.rpm
 e9730d2897852dcc311a767a25d4b027  2011/x86_64/firefox-th-14.0.1-0.1-mdv2011.0.noarch.rpm
 c3df099cc3bc2da41b8afdf516696592  2011/x86_64/firefox-tr-14.0.1-0.1-mdv2011.0.noarch.rpm
 496066aaa8fe88c2bcf655f4c93536a5  2011/x86_64/firefox-uk-14.0.1-0.1-mdv2011.0.noarch.rpm
 5ef2c4881cc33f54bc24083f5b9ee09c  2011/x86_64/firefox-vi-14.0.1-0.1-mdv2011.0.noarch.rpm
 17ee6c1f6b001f5db6c1610de1606c54  2011/x86_64/firefox-zh_CN-14.0.1-0.1-mdv2011.0.noarch.rpm
 6928a192c4b658c1974ffc0e5bf116e4  2011/x86_64/firefox-zh_TW-14.0.1-0.1-mdv2011.0.noarch.rpm
 1857a8720a04b1c7da4d7f40c9ff1556  2011/x86_64/firefox-zu-14.0.1-0.1-mdv2011.0.noarch.rpm 
 24084d5193151ca4653ae9cd9075ba49  2011/SRPMS/firefox-l10n-14.0.1-0.1.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQFQFj80mqjQ0CJFipgRAl1PAJ96POZmK9rQ5tK4aBzYu1xkdKgq5QCeLzFe
qYIGRcEG3uPulQ/9t1j/SEE=
=+MjY
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ