lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1T6h5s-0005uH-NO@titan.mandriva.com>
Date: Wed, 29 Aug 2012 14:10:00 +0200
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDVSA-2012:146 ] firefox

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2012:146
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : firefox
 Date    : August 29, 2012
 Affected: Enterprise Server 5.0
 _______________________________________________________________________

 Problem Description:

 Security issues were identified and fixed in mozilla firefox:
 
 Mozilla developers identified and fixed several memory safety
 bugs in the browser engine used in Firefox and other Mozilla-based
 products. Some of these bugs showed evidence of memory corruption under
 certain circumstances, and we presume that with enough effort at least
 some of these could be exploited to run arbitrary code (CVE-2012-1971).
 
 Security researcher Abhishek Arya (Inferno) of Google Chrome Security
 Team discovered a series of use-after-free issues using the Address
 Sanitizer tool. Many of these issues are potentially exploitable,
 allowing for remote code execution (CVE-2012-1972, CVE-2012-1973,
 CVE-2012-1974, CVE-2012-1975, CVE-2012-1976, CVE-2012-3956,
 CVE-2012-3957, CVE-2012-3958, CVE-2012-3959, CVE-2012-3960,
 CVE-2012-3961, CVE-2012-3962, CVE-2012-3963, CVE-2012-3964).
 
 Security researcher Frederic Hoguin reported two related issues with
 the decoding of bitmap (.BMP) format images embedded in icon (.ICO)
 format files. When processing a negative height header value for
 the bitmap image, a memory corruption can be induced, allowing an
 attacker to write random memory and cause a crash. This crash may be
 potentially exploitable (CVE-2012-3966).
 
 Security researcher miaubiz used the Address Sanitizer tool to
 discover two WebGL issues. The first issue is a use-after-free when
 WebGL shaders are called after being destroyed. The second issue
 exposes a problem with Mesa drivers on Linux, leading to a potentially
 exploitable crash (CVE-2012-3968, CVE-2012-3967).
 
 Security researcher Arthur Gerkis used the Address Sanitizer
 tool to find two issues involving Scalable Vector Graphics (SVG)
 files. The first issue is a buffer overflow in Gecko&#039;s SVG filter
 code when the sum of two values is too large to be stored as a
 signed 32-bit integer, causing the function to write past the end
 of an array. The second issue is a use-after-free when an element
 with a requiredFeatures attribute is moved between documents. In that
 situation, the internal representation of the requiredFeatures value
 could be freed prematurely. Both issues are potentially exploitable
 (CVE-2012-3969, CVE-2012-3970).
 
 Security research Nicolas Gregoire used the Address Sanitizer tool to
 discover an out-of-bounds read in the format-number feature of XSLT,
 which can cause inaccurate formatting of numbers and information
 leakage. This is not directly exploitable (CVE-2012-3972).
 
 Security researcher Masato Kinugawa reported that if a crafted
 executable is placed in the root partition on a Windows file system,
 the Firefox and Thunderbird installer will launch this program after
 a standard installation instead of Firefox or Thunderbird, running
 this program with the user&#039;s privileges (CVE-2012-3974).
 
 Security researcher Mark Poticha reported an issue where incorrect SSL
 certificate information can be displayed on the addressbar, showing
 the SSL data for a previous site while another has been loaded. This
 is caused by two onLocationChange events being fired out of the
 expected order, leading to the displayed certificate data to not be
 updated. This can be used for phishing attacks by allowing the user
 to input form or other data on a newer, attacking, site while the
 credentials of an older site appear on the addressbar (CVE-2012-3976).
 
 Mozilla security researcher moz_bug_r_a4 reported that certain
 security checks in the location object can be bypassed if chrome code
 is called content in a specific manner. This allowed for the loading
 of restricted content. This can be combined with other issues to
 become potentially exploitable (CVE-2012-3978).
 
 Security researcher Colby Russell discovered that eval in the web
 console can execute injected code with chrome privileges, leading to
 the running of malicious code in a privileged context. This allows
 for arbitrary code execution through a malicious web page if the web
 console is invoked by the user (CVE-2012-3980).
 
 The mozilla firefox packages has been upgraded to the latest version
 which is unaffected by these security flaws.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1971
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1972
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1973
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1974
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1975
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1976
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3956
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3957
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3958
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3959
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3960
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3961
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3962
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3963
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3964
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3966
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3967
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3968
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3969
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3970
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3972
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3974
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3976
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3978
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3980
 http://www.mozilla.org/security/announce/2012/mfsa2012-57.html
 http://www.mozilla.org/security/announce/2012/mfsa2012-58.html
 http://www.mozilla.org/security/announce/2012/mfsa2012-61.html
 http://www.mozilla.org/security/announce/2012/mfsa2012-62.html
 http://www.mozilla.org/security/announce/2012/mfsa2012-63.html
 http://www.mozilla.org/security/announce/2012/mfsa2012-65.html
 http://www.mozilla.org/security/announce/2012/mfsa2012-67.html
 http://www.mozilla.org/security/announce/2012/mfsa2012-69.html
 http://www.mozilla.org/security/announce/2012/mfsa2012-70.html
 http://www.mozilla.org/security/announce/2012/mfsa2012-72.html
 _______________________________________________________________________

 Updated Packages:

 Mandriva Enterprise Server 5:
 fcbec55ba52e0b11c5947003e7066ecc  mes5/i586/firefox-10.0.7-0.1mdvmes5.2.i586.rpm
 69e781b76cf89b2b0dc1f6c5a2587f69  mes5/i586/firefox-af-10.0.7-0.1mdvmes5.2.i586.rpm
 5e1143f4a36b0f0fa9f9fa5dbe69bf74  mes5/i586/firefox-ar-10.0.7-0.1mdvmes5.2.i586.rpm
 a5b6d0986d5d50643c0f63652d0cf6da  mes5/i586/firefox-be-10.0.7-0.1mdvmes5.2.i586.rpm
 de46085aed77ece7bcf3410fed855218  mes5/i586/firefox-bg-10.0.7-0.1mdvmes5.2.i586.rpm
 033d26d8b7ffa30990566775f71ed014  mes5/i586/firefox-bn-10.0.7-0.1mdvmes5.2.i586.rpm
 bd9c33de8f6e9739e3e532322ea907cc  mes5/i586/firefox-ca-10.0.7-0.1mdvmes5.2.i586.rpm
 278b9725691d87285327b25cf9df4f19  mes5/i586/firefox-cs-10.0.7-0.1mdvmes5.2.i586.rpm
 e07e6b77227b3e5a6c8e693f7897a7c6  mes5/i586/firefox-cy-10.0.7-0.1mdvmes5.2.i586.rpm
 1be7b0df137ae53163c53639db38b249  mes5/i586/firefox-da-10.0.7-0.1mdvmes5.2.i586.rpm
 a473ba890d3e693ceff6d7b28b8db459  mes5/i586/firefox-de-10.0.7-0.1mdvmes5.2.i586.rpm
 e706eb394a3b93c92d2f5cb41eb2d482  mes5/i586/firefox-devel-10.0.7-0.1mdvmes5.2.i586.rpm
 35fefe64f1847a234f14d6454c36dfdd  mes5/i586/firefox-el-10.0.7-0.1mdvmes5.2.i586.rpm
 f67d327d07f01b5dc35b0788b6029e4f  mes5/i586/firefox-en_GB-10.0.7-0.1mdvmes5.2.i586.rpm
 efb2a36d66d0943cfc5a0f50c44cafbe  mes5/i586/firefox-eo-10.0.7-0.1mdvmes5.2.i586.rpm
 a515630d9e9f75a4e07324c49fe0f39f  mes5/i586/firefox-es_AR-10.0.7-0.1mdvmes5.2.i586.rpm
 e7289d7d4f715b602f9b5b219722fde5  mes5/i586/firefox-es_ES-10.0.7-0.1mdvmes5.2.i586.rpm
 356623e92b60dd0ec8e5aa21d023f476  mes5/i586/firefox-et-10.0.7-0.1mdvmes5.2.i586.rpm
 db379659607cb563f461a82ba2151414  mes5/i586/firefox-eu-10.0.7-0.1mdvmes5.2.i586.rpm
 dc76516e74caa6c8059c9bc451d4d3d0  mes5/i586/firefox-fi-10.0.7-0.1mdvmes5.2.i586.rpm
 feed65342fc82b9b892d9bc87eba193e  mes5/i586/firefox-fr-10.0.7-0.1mdvmes5.2.i586.rpm
 22473ff07a3f3b4a6651154805517e27  mes5/i586/firefox-fy-10.0.7-0.1mdvmes5.2.i586.rpm
 f0fa6e4a6db83bfc5d99264b26d055a5  mes5/i586/firefox-ga_IE-10.0.7-0.1mdvmes5.2.i586.rpm
 f2b2be55e8970a0df807229a60590e16  mes5/i586/firefox-gl-10.0.7-0.1mdvmes5.2.i586.rpm
 b73947e4b1c2de2b0905a400e357c1a8  mes5/i586/firefox-gu_IN-10.0.7-0.1mdvmes5.2.i586.rpm
 49e816a9a06268a94f2c20d278640f6a  mes5/i586/firefox-he-10.0.7-0.1mdvmes5.2.i586.rpm
 44f7ccad39468747fb00256a0c76b27a  mes5/i586/firefox-hi-10.0.7-0.1mdvmes5.2.i586.rpm
 91a0c7ec4815510fd2ce94ac3fd3b4d8  mes5/i586/firefox-hu-10.0.7-0.1mdvmes5.2.i586.rpm
 a94730bb2ee63bdaf10105dfb074262f  mes5/i586/firefox-id-10.0.7-0.1mdvmes5.2.i586.rpm
 86e5c5103acdd6b4135552c9f58f3bfe  mes5/i586/firefox-is-10.0.7-0.1mdvmes5.2.i586.rpm
 d2aeb48e643846c8ac6a6b7a5b2fcd85  mes5/i586/firefox-it-10.0.7-0.1mdvmes5.2.i586.rpm
 e0f37fed0e57efd1f71fab446a0075d2  mes5/i586/firefox-ja-10.0.7-0.1mdvmes5.2.i586.rpm
 a4238b4bb39b9b4060ba243710fcc79c  mes5/i586/firefox-ka-10.0.7-0.1mdvmes5.2.i586.rpm
 4f001ec7bff801cfe4886e5ca87e1200  mes5/i586/firefox-kn-10.0.7-0.1mdvmes5.2.i586.rpm
 8feef3bbe7606e591c2dd82943cf637e  mes5/i586/firefox-ko-10.0.7-0.1mdvmes5.2.i586.rpm
 b6e7a09db5fbaef9c73c844b6eaf1139  mes5/i586/firefox-ku-10.0.7-0.1mdvmes5.2.i586.rpm
 5ef011c320877fec059ed69b10cfa49a  mes5/i586/firefox-lt-10.0.7-0.1mdvmes5.2.i586.rpm
 ee494281fb58ae03e384bdd2f71f5484  mes5/i586/firefox-lv-10.0.7-0.1mdvmes5.2.i586.rpm
 79edd7d81be4e7493bab7a224b85fd60  mes5/i586/firefox-mk-10.0.7-0.1mdvmes5.2.i586.rpm
 eafbb3d587a6054f412326dd06d95605  mes5/i586/firefox-mr-10.0.7-0.1mdvmes5.2.i586.rpm
 bf2db73e5309abcd5f915d214c2769ce  mes5/i586/firefox-nb_NO-10.0.7-0.1mdvmes5.2.i586.rpm
 8903f2a4955552c9982370efb87b955e  mes5/i586/firefox-nl-10.0.7-0.1mdvmes5.2.i586.rpm
 37fedb60e08f22a7fc989036090ea09b  mes5/i586/firefox-nn_NO-10.0.7-0.1mdvmes5.2.i586.rpm
 335925f314b59f1a861db9b75c6eacf7  mes5/i586/firefox-oc-10.0.7-0.1mdvmes5.2.i586.rpm
 67a746d463f233312883998a3c40af7e  mes5/i586/firefox-pa_IN-10.0.7-0.1mdvmes5.2.i586.rpm
 b6337c34a276004a804084d766419103  mes5/i586/firefox-pl-10.0.7-0.1mdvmes5.2.i586.rpm
 f534017d734dd62f0f76175bddee1960  mes5/i586/firefox-pt_BR-10.0.7-0.1mdvmes5.2.i586.rpm
 323a67ee2fce99cf4bed625759259c69  mes5/i586/firefox-pt_PT-10.0.7-0.1mdvmes5.2.i586.rpm
 0af98ffa7b4b244198dfebfe34214b98  mes5/i586/firefox-ro-10.0.7-0.1mdvmes5.2.i586.rpm
 b453d83222d1c55228decb8b6d386236  mes5/i586/firefox-ru-10.0.7-0.1mdvmes5.2.i586.rpm
 fa8961b65b7ede9a5ac1a7493c109342  mes5/i586/firefox-si-10.0.7-0.1mdvmes5.2.i586.rpm
 a04986d5fc842e471cd9706ace414cd9  mes5/i586/firefox-sk-10.0.7-0.1mdvmes5.2.i586.rpm
 ba9ed46aad81f3c759583de439b4e957  mes5/i586/firefox-sl-10.0.7-0.1mdvmes5.2.i586.rpm
 c8ff2dfa554ba675d5d73d39dc454f90  mes5/i586/firefox-sq-10.0.7-0.1mdvmes5.2.i586.rpm
 30e4e7f0e21fedc3a3f90089c5971637  mes5/i586/firefox-sr-10.0.7-0.1mdvmes5.2.i586.rpm
 22061d7dacccba1bc17c5ceccf75f79e  mes5/i586/firefox-sv_SE-10.0.7-0.1mdvmes5.2.i586.rpm
 f055e92f37b6bd62e14ad5d6b9d318c3  mes5/i586/firefox-te-10.0.7-0.1mdvmes5.2.i586.rpm
 6c757b14598b6d694962095b8599cb64  mes5/i586/firefox-th-10.0.7-0.1mdvmes5.2.i586.rpm
 e8037822bc768d574a06d1882d617bea  mes5/i586/firefox-tr-10.0.7-0.1mdvmes5.2.i586.rpm
 3cbd2655202e74c55eeedba1e80ad48b  mes5/i586/firefox-uk-10.0.7-0.1mdvmes5.2.i586.rpm
 aeaceee83de43535fb4d1e74ea66312d  mes5/i586/firefox-zh_CN-10.0.7-0.1mdvmes5.2.i586.rpm
 a2ad10b6c7937024d3ec105fb8e623e7  mes5/i586/firefox-zh_TW-10.0.7-0.1mdvmes5.2.i586.rpm
 4ae9534d1028f935cca162d4865269b5  mes5/i586/icedtea-web-1.1.6-0.2mdvmes5.2.i586.rpm
 4f889d64c942ca2acadc52255e9338e8  mes5/i586/icedtea-web-javadoc-1.1.6-0.2mdvmes5.2.i586.rpm
 8aeb8b16115649e33b7c4fb29c07852d  mes5/i586/libxulrunner10.0.7-10.0.7-0.1mdvmes5.2.i586.rpm
 2702ec86b13931d056e9221b09813b10  mes5/i586/libxulrunner-devel-10.0.7-0.1mdvmes5.2.i586.rpm
 775d71f59824b05203b85d5a48eb0d8c  mes5/i586/xulrunner-10.0.7-0.1mdvmes5.2.i586.rpm 
 8b6ad945fd5bc40c57a54bce818654f3  mes5/SRPMS/firefox-10.0.7-0.1mdvmes5.2.src.rpm
 1ab20cf712f7345436d46731207eb21b  mes5/SRPMS/firefox-l10n-10.0.7-0.1mdvmes5.2.src.rpm
 c7584ce8930548c9ccbb10cff962893e  mes5/SRPMS/icedtea-web-1.1.6-0.2mdvmes5.2.src.rpm
 0f22e9452893ca7990e5a2947196d308  mes5/SRPMS/xulrunner-10.0.7-0.1mdvmes5.2.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 1db11a3e3ac125f7ec9221c47a8eac04  mes5/x86_64/firefox-10.0.7-0.1mdvmes5.2.x86_64.rpm
 b4ecb7f804b068f0a8def9f159c0b6d8  mes5/x86_64/firefox-af-10.0.7-0.1mdvmes5.2.x86_64.rpm
 ca34b4f257e28020f5a2dfce1e411c94  mes5/x86_64/firefox-ar-10.0.7-0.1mdvmes5.2.x86_64.rpm
 086f7e4ca20c45e016ebfb5a9938e48d  mes5/x86_64/firefox-be-10.0.7-0.1mdvmes5.2.x86_64.rpm
 cec1a690f6c37f7509b8728c8467dfda  mes5/x86_64/firefox-bg-10.0.7-0.1mdvmes5.2.x86_64.rpm
 558ebb730fe275fa3657c9fd3d4e8778  mes5/x86_64/firefox-bn-10.0.7-0.1mdvmes5.2.x86_64.rpm
 ac9745e603d678877fdecf75609d83b9  mes5/x86_64/firefox-ca-10.0.7-0.1mdvmes5.2.x86_64.rpm
 d200271764cfc86833ab7b1246cbcbf3  mes5/x86_64/firefox-cs-10.0.7-0.1mdvmes5.2.x86_64.rpm
 f5c75c5923d7787eee634f5f1cb7dcdc  mes5/x86_64/firefox-cy-10.0.7-0.1mdvmes5.2.x86_64.rpm
 c68c9c15dbf5145b74991ac2b03be7e8  mes5/x86_64/firefox-da-10.0.7-0.1mdvmes5.2.x86_64.rpm
 a344f6833ca0be9769e8dba8f7097845  mes5/x86_64/firefox-de-10.0.7-0.1mdvmes5.2.x86_64.rpm
 f20e3d27aa35e2ba3e1bf785d5bc20dc  mes5/x86_64/firefox-devel-10.0.7-0.1mdvmes5.2.x86_64.rpm
 2ace8fac90df64b9930f7e3095588ce6  mes5/x86_64/firefox-el-10.0.7-0.1mdvmes5.2.x86_64.rpm
 76a950078304f62b3f00b52ac66ba47b  mes5/x86_64/firefox-en_GB-10.0.7-0.1mdvmes5.2.x86_64.rpm
 d83301827d81e09407779411777219ca  mes5/x86_64/firefox-eo-10.0.7-0.1mdvmes5.2.x86_64.rpm
 821745b1cdf10f439feda4438191483f  mes5/x86_64/firefox-es_AR-10.0.7-0.1mdvmes5.2.x86_64.rpm
 d1969451b54e985da3af0efb9f6fa68e  mes5/x86_64/firefox-es_ES-10.0.7-0.1mdvmes5.2.x86_64.rpm
 cf2a47231da1c9a7e3866a888f820c7f  mes5/x86_64/firefox-et-10.0.7-0.1mdvmes5.2.x86_64.rpm
 1feda9d4a5ada97bb48fbf3b1ab4670e  mes5/x86_64/firefox-eu-10.0.7-0.1mdvmes5.2.x86_64.rpm
 391e978061d9ec83a924513dc264115d  mes5/x86_64/firefox-fi-10.0.7-0.1mdvmes5.2.x86_64.rpm
 a0b4a471830ed3125965edd0e69535eb  mes5/x86_64/firefox-fr-10.0.7-0.1mdvmes5.2.x86_64.rpm
 edd0c6ea652e265f2beaa7699614290e  mes5/x86_64/firefox-fy-10.0.7-0.1mdvmes5.2.x86_64.rpm
 4280eea7d44a9c5d69da159735624791  mes5/x86_64/firefox-ga_IE-10.0.7-0.1mdvmes5.2.x86_64.rpm
 d02eeddf04af89b14bc9c7e35b2adebc  mes5/x86_64/firefox-gl-10.0.7-0.1mdvmes5.2.x86_64.rpm
 48a835d6b2dd0e27a5a03060bd62e319  mes5/x86_64/firefox-gu_IN-10.0.7-0.1mdvmes5.2.x86_64.rpm
 5ea3a3b83745915550418c2fbfe376d9  mes5/x86_64/firefox-he-10.0.7-0.1mdvmes5.2.x86_64.rpm
 3c5441222490068d3b2397c1e91f3a0a  mes5/x86_64/firefox-hi-10.0.7-0.1mdvmes5.2.x86_64.rpm
 e6b8c86fb3a66ae810ab2420b2bfd94c  mes5/x86_64/firefox-hu-10.0.7-0.1mdvmes5.2.x86_64.rpm
 a278ad98d9a9e7cb14636240432f04f4  mes5/x86_64/firefox-id-10.0.7-0.1mdvmes5.2.x86_64.rpm
 57a4cdf10099e4540ee6b9487d35625f  mes5/x86_64/firefox-is-10.0.7-0.1mdvmes5.2.x86_64.rpm
 4a2d70e9f87bbc8a71c994eb4aa028a2  mes5/x86_64/firefox-it-10.0.7-0.1mdvmes5.2.x86_64.rpm
 294aeb71e002b3fa1f2104e616acf017  mes5/x86_64/firefox-ja-10.0.7-0.1mdvmes5.2.x86_64.rpm
 9c8a326e939128894a9ef17ffb24914e  mes5/x86_64/firefox-ka-10.0.7-0.1mdvmes5.2.x86_64.rpm
 b7743c262b27b927cc3e7bdd3252826e  mes5/x86_64/firefox-kn-10.0.7-0.1mdvmes5.2.x86_64.rpm
 15c7ed4a69f3d0f64e19585d287c35c2  mes5/x86_64/firefox-ko-10.0.7-0.1mdvmes5.2.x86_64.rpm
 c8248281dcb7f48b4bffbae4064c5538  mes5/x86_64/firefox-ku-10.0.7-0.1mdvmes5.2.x86_64.rpm
 dcbb3ab3cef14c812456298bd0cbf8ec  mes5/x86_64/firefox-lt-10.0.7-0.1mdvmes5.2.x86_64.rpm
 1b3cc568441fed8727d7fb2bc9d8e4d0  mes5/x86_64/firefox-lv-10.0.7-0.1mdvmes5.2.x86_64.rpm
 fb61b984b2a0887c3f4515c62fc6fbaa  mes5/x86_64/firefox-mk-10.0.7-0.1mdvmes5.2.x86_64.rpm
 2e3fa27765d3ddc7cd6b627f082f7ef4  mes5/x86_64/firefox-mr-10.0.7-0.1mdvmes5.2.x86_64.rpm
 dc44a85a1e0053a3c43bf935c454ccce  mes5/x86_64/firefox-nb_NO-10.0.7-0.1mdvmes5.2.x86_64.rpm
 285bba7945465696325bb90cdbb8ba61  mes5/x86_64/firefox-nl-10.0.7-0.1mdvmes5.2.x86_64.rpm
 5e9bfbf8863d8950eca2f5da36f9d64e  mes5/x86_64/firefox-nn_NO-10.0.7-0.1mdvmes5.2.x86_64.rpm
 2d791ff5959f201dbe87c0b9f4e169e2  mes5/x86_64/firefox-oc-10.0.7-0.1mdvmes5.2.x86_64.rpm
 c0441ff82b0e7a180ca8b2aef1582f5d  mes5/x86_64/firefox-pa_IN-10.0.7-0.1mdvmes5.2.x86_64.rpm
 f00dd512f2d3ebfb7a0dc1b8ae370bb9  mes5/x86_64/firefox-pl-10.0.7-0.1mdvmes5.2.x86_64.rpm
 406ff5f761f72e02686fd17cda5e3631  mes5/x86_64/firefox-pt_BR-10.0.7-0.1mdvmes5.2.x86_64.rpm
 2a303fabb8e65cfdeed1a8e0bf3b0c1a  mes5/x86_64/firefox-pt_PT-10.0.7-0.1mdvmes5.2.x86_64.rpm
 f2ca00d91890435844016f9326632df8  mes5/x86_64/firefox-ro-10.0.7-0.1mdvmes5.2.x86_64.rpm
 a912734fdfecd3a8f16ee86ab0b36b26  mes5/x86_64/firefox-ru-10.0.7-0.1mdvmes5.2.x86_64.rpm
 7ed6bc27f528e3d5b7cdb70e0c702f5f  mes5/x86_64/firefox-si-10.0.7-0.1mdvmes5.2.x86_64.rpm
 cb42f6b4a41e33551586649b4be9c4b1  mes5/x86_64/firefox-sk-10.0.7-0.1mdvmes5.2.x86_64.rpm
 603dab1ad3b242d71fb9a5c85a7cac0d  mes5/x86_64/firefox-sl-10.0.7-0.1mdvmes5.2.x86_64.rpm
 47a35ac761cbdb9d580904a6d543eb38  mes5/x86_64/firefox-sq-10.0.7-0.1mdvmes5.2.x86_64.rpm
 7a52ffaf01a4fdb52031d3d3f23511cf  mes5/x86_64/firefox-sr-10.0.7-0.1mdvmes5.2.x86_64.rpm
 8378248455687366ebbd770aec46946f  mes5/x86_64/firefox-sv_SE-10.0.7-0.1mdvmes5.2.x86_64.rpm
 16761ec116a4d45836d3985dfff28bfc  mes5/x86_64/firefox-te-10.0.7-0.1mdvmes5.2.x86_64.rpm
 128ee75f12bcfdafc7dc6b2e9dfd91a0  mes5/x86_64/firefox-th-10.0.7-0.1mdvmes5.2.x86_64.rpm
 4a687c9ce1a6003ff87f9f49b4757d64  mes5/x86_64/firefox-tr-10.0.7-0.1mdvmes5.2.x86_64.rpm
 a1f0983099bade0f341084a6366e8867  mes5/x86_64/firefox-uk-10.0.7-0.1mdvmes5.2.x86_64.rpm
 e5061439a7a8332aea6e20595b349f43  mes5/x86_64/firefox-zh_CN-10.0.7-0.1mdvmes5.2.x86_64.rpm
 998e45c4a5bb3fc2e4b58216d6b2ad7e  mes5/x86_64/firefox-zh_TW-10.0.7-0.1mdvmes5.2.x86_64.rpm
 213aebc998ef70cd83d026018e4978d1  mes5/x86_64/icedtea-web-1.1.6-0.2mdvmes5.2.x86_64.rpm
 41e1974a399250c0d1ebe6fc56a2b962  mes5/x86_64/icedtea-web-javadoc-1.1.6-0.2mdvmes5.2.x86_64.rpm
 c376e9649d45036bcd9bb5f6897450ef  mes5/x86_64/lib64xulrunner10.0.7-10.0.7-0.1mdvmes5.2.x86_64.rpm
 ea4bfd9b54f44ecd69ed3173c56330be  mes5/x86_64/lib64xulrunner-devel-10.0.7-0.1mdvmes5.2.x86_64.rpm
 aac422eca0b954a452b9c3cfa6c9268d  mes5/x86_64/xulrunner-10.0.7-0.1mdvmes5.2.x86_64.rpm 
 8b6ad945fd5bc40c57a54bce818654f3  mes5/SRPMS/firefox-10.0.7-0.1mdvmes5.2.src.rpm
 1ab20cf712f7345436d46731207eb21b  mes5/SRPMS/firefox-l10n-10.0.7-0.1mdvmes5.2.src.rpm
 c7584ce8930548c9ccbb10cff962893e  mes5/SRPMS/icedtea-web-1.1.6-0.2mdvmes5.2.src.rpm
 0f22e9452893ca7990e5a2947196d308  mes5/SRPMS/xulrunner-10.0.7-0.1mdvmes5.2.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQFQPdrJmqjQ0CJFipgRAiqbAKCfwUxpe50rZn0/LzkL9jHGJyfxwACfUbMl
tImPHeex3t8I1P/c7QXF5Y4=
=eOt9
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ