[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1T6h5s-0005uH-NO@titan.mandriva.com>
Date: Wed, 29 Aug 2012 14:10:00 +0200
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDVSA-2012:146 ] firefox
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2012:146
http://www.mandriva.com/security/
_______________________________________________________________________
Package : firefox
Date : August 29, 2012
Affected: Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
Security issues were identified and fixed in mozilla firefox:
Mozilla developers identified and fixed several memory safety
bugs in the browser engine used in Firefox and other Mozilla-based
products. Some of these bugs showed evidence of memory corruption under
certain circumstances, and we presume that with enough effort at least
some of these could be exploited to run arbitrary code (CVE-2012-1971).
Security researcher Abhishek Arya (Inferno) of Google Chrome Security
Team discovered a series of use-after-free issues using the Address
Sanitizer tool. Many of these issues are potentially exploitable,
allowing for remote code execution (CVE-2012-1972, CVE-2012-1973,
CVE-2012-1974, CVE-2012-1975, CVE-2012-1976, CVE-2012-3956,
CVE-2012-3957, CVE-2012-3958, CVE-2012-3959, CVE-2012-3960,
CVE-2012-3961, CVE-2012-3962, CVE-2012-3963, CVE-2012-3964).
Security researcher Frederic Hoguin reported two related issues with
the decoding of bitmap (.BMP) format images embedded in icon (.ICO)
format files. When processing a negative height header value for
the bitmap image, a memory corruption can be induced, allowing an
attacker to write random memory and cause a crash. This crash may be
potentially exploitable (CVE-2012-3966).
Security researcher miaubiz used the Address Sanitizer tool to
discover two WebGL issues. The first issue is a use-after-free when
WebGL shaders are called after being destroyed. The second issue
exposes a problem with Mesa drivers on Linux, leading to a potentially
exploitable crash (CVE-2012-3968, CVE-2012-3967).
Security researcher Arthur Gerkis used the Address Sanitizer
tool to find two issues involving Scalable Vector Graphics (SVG)
files. The first issue is a buffer overflow in Gecko's SVG filter
code when the sum of two values is too large to be stored as a
signed 32-bit integer, causing the function to write past the end
of an array. The second issue is a use-after-free when an element
with a requiredFeatures attribute is moved between documents. In that
situation, the internal representation of the requiredFeatures value
could be freed prematurely. Both issues are potentially exploitable
(CVE-2012-3969, CVE-2012-3970).
Security research Nicolas Gregoire used the Address Sanitizer tool to
discover an out-of-bounds read in the format-number feature of XSLT,
which can cause inaccurate formatting of numbers and information
leakage. This is not directly exploitable (CVE-2012-3972).
Security researcher Masato Kinugawa reported that if a crafted
executable is placed in the root partition on a Windows file system,
the Firefox and Thunderbird installer will launch this program after
a standard installation instead of Firefox or Thunderbird, running
this program with the user's privileges (CVE-2012-3974).
Security researcher Mark Poticha reported an issue where incorrect SSL
certificate information can be displayed on the addressbar, showing
the SSL data for a previous site while another has been loaded. This
is caused by two onLocationChange events being fired out of the
expected order, leading to the displayed certificate data to not be
updated. This can be used for phishing attacks by allowing the user
to input form or other data on a newer, attacking, site while the
credentials of an older site appear on the addressbar (CVE-2012-3976).
Mozilla security researcher moz_bug_r_a4 reported that certain
security checks in the location object can be bypassed if chrome code
is called content in a specific manner. This allowed for the loading
of restricted content. This can be combined with other issues to
become potentially exploitable (CVE-2012-3978).
Security researcher Colby Russell discovered that eval in the web
console can execute injected code with chrome privileges, leading to
the running of malicious code in a privileged context. This allows
for arbitrary code execution through a malicious web page if the web
console is invoked by the user (CVE-2012-3980).
The mozilla firefox packages has been upgraded to the latest version
which is unaffected by these security flaws.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1971
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1972
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1973
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1974
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1975
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1976
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3956
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3957
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3958
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3959
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3960
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3961
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3962
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3963
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3964
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3966
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3967
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3968
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3969
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3970
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3972
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3974
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3976
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3978
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3980
http://www.mozilla.org/security/announce/2012/mfsa2012-57.html
http://www.mozilla.org/security/announce/2012/mfsa2012-58.html
http://www.mozilla.org/security/announce/2012/mfsa2012-61.html
http://www.mozilla.org/security/announce/2012/mfsa2012-62.html
http://www.mozilla.org/security/announce/2012/mfsa2012-63.html
http://www.mozilla.org/security/announce/2012/mfsa2012-65.html
http://www.mozilla.org/security/announce/2012/mfsa2012-67.html
http://www.mozilla.org/security/announce/2012/mfsa2012-69.html
http://www.mozilla.org/security/announce/2012/mfsa2012-70.html
http://www.mozilla.org/security/announce/2012/mfsa2012-72.html
_______________________________________________________________________
Updated Packages:
Mandriva Enterprise Server 5:
fcbec55ba52e0b11c5947003e7066ecc mes5/i586/firefox-10.0.7-0.1mdvmes5.2.i586.rpm
69e781b76cf89b2b0dc1f6c5a2587f69 mes5/i586/firefox-af-10.0.7-0.1mdvmes5.2.i586.rpm
5e1143f4a36b0f0fa9f9fa5dbe69bf74 mes5/i586/firefox-ar-10.0.7-0.1mdvmes5.2.i586.rpm
a5b6d0986d5d50643c0f63652d0cf6da mes5/i586/firefox-be-10.0.7-0.1mdvmes5.2.i586.rpm
de46085aed77ece7bcf3410fed855218 mes5/i586/firefox-bg-10.0.7-0.1mdvmes5.2.i586.rpm
033d26d8b7ffa30990566775f71ed014 mes5/i586/firefox-bn-10.0.7-0.1mdvmes5.2.i586.rpm
bd9c33de8f6e9739e3e532322ea907cc mes5/i586/firefox-ca-10.0.7-0.1mdvmes5.2.i586.rpm
278b9725691d87285327b25cf9df4f19 mes5/i586/firefox-cs-10.0.7-0.1mdvmes5.2.i586.rpm
e07e6b77227b3e5a6c8e693f7897a7c6 mes5/i586/firefox-cy-10.0.7-0.1mdvmes5.2.i586.rpm
1be7b0df137ae53163c53639db38b249 mes5/i586/firefox-da-10.0.7-0.1mdvmes5.2.i586.rpm
a473ba890d3e693ceff6d7b28b8db459 mes5/i586/firefox-de-10.0.7-0.1mdvmes5.2.i586.rpm
e706eb394a3b93c92d2f5cb41eb2d482 mes5/i586/firefox-devel-10.0.7-0.1mdvmes5.2.i586.rpm
35fefe64f1847a234f14d6454c36dfdd mes5/i586/firefox-el-10.0.7-0.1mdvmes5.2.i586.rpm
f67d327d07f01b5dc35b0788b6029e4f mes5/i586/firefox-en_GB-10.0.7-0.1mdvmes5.2.i586.rpm
efb2a36d66d0943cfc5a0f50c44cafbe mes5/i586/firefox-eo-10.0.7-0.1mdvmes5.2.i586.rpm
a515630d9e9f75a4e07324c49fe0f39f mes5/i586/firefox-es_AR-10.0.7-0.1mdvmes5.2.i586.rpm
e7289d7d4f715b602f9b5b219722fde5 mes5/i586/firefox-es_ES-10.0.7-0.1mdvmes5.2.i586.rpm
356623e92b60dd0ec8e5aa21d023f476 mes5/i586/firefox-et-10.0.7-0.1mdvmes5.2.i586.rpm
db379659607cb563f461a82ba2151414 mes5/i586/firefox-eu-10.0.7-0.1mdvmes5.2.i586.rpm
dc76516e74caa6c8059c9bc451d4d3d0 mes5/i586/firefox-fi-10.0.7-0.1mdvmes5.2.i586.rpm
feed65342fc82b9b892d9bc87eba193e mes5/i586/firefox-fr-10.0.7-0.1mdvmes5.2.i586.rpm
22473ff07a3f3b4a6651154805517e27 mes5/i586/firefox-fy-10.0.7-0.1mdvmes5.2.i586.rpm
f0fa6e4a6db83bfc5d99264b26d055a5 mes5/i586/firefox-ga_IE-10.0.7-0.1mdvmes5.2.i586.rpm
f2b2be55e8970a0df807229a60590e16 mes5/i586/firefox-gl-10.0.7-0.1mdvmes5.2.i586.rpm
b73947e4b1c2de2b0905a400e357c1a8 mes5/i586/firefox-gu_IN-10.0.7-0.1mdvmes5.2.i586.rpm
49e816a9a06268a94f2c20d278640f6a mes5/i586/firefox-he-10.0.7-0.1mdvmes5.2.i586.rpm
44f7ccad39468747fb00256a0c76b27a mes5/i586/firefox-hi-10.0.7-0.1mdvmes5.2.i586.rpm
91a0c7ec4815510fd2ce94ac3fd3b4d8 mes5/i586/firefox-hu-10.0.7-0.1mdvmes5.2.i586.rpm
a94730bb2ee63bdaf10105dfb074262f mes5/i586/firefox-id-10.0.7-0.1mdvmes5.2.i586.rpm
86e5c5103acdd6b4135552c9f58f3bfe mes5/i586/firefox-is-10.0.7-0.1mdvmes5.2.i586.rpm
d2aeb48e643846c8ac6a6b7a5b2fcd85 mes5/i586/firefox-it-10.0.7-0.1mdvmes5.2.i586.rpm
e0f37fed0e57efd1f71fab446a0075d2 mes5/i586/firefox-ja-10.0.7-0.1mdvmes5.2.i586.rpm
a4238b4bb39b9b4060ba243710fcc79c mes5/i586/firefox-ka-10.0.7-0.1mdvmes5.2.i586.rpm
4f001ec7bff801cfe4886e5ca87e1200 mes5/i586/firefox-kn-10.0.7-0.1mdvmes5.2.i586.rpm
8feef3bbe7606e591c2dd82943cf637e mes5/i586/firefox-ko-10.0.7-0.1mdvmes5.2.i586.rpm
b6e7a09db5fbaef9c73c844b6eaf1139 mes5/i586/firefox-ku-10.0.7-0.1mdvmes5.2.i586.rpm
5ef011c320877fec059ed69b10cfa49a mes5/i586/firefox-lt-10.0.7-0.1mdvmes5.2.i586.rpm
ee494281fb58ae03e384bdd2f71f5484 mes5/i586/firefox-lv-10.0.7-0.1mdvmes5.2.i586.rpm
79edd7d81be4e7493bab7a224b85fd60 mes5/i586/firefox-mk-10.0.7-0.1mdvmes5.2.i586.rpm
eafbb3d587a6054f412326dd06d95605 mes5/i586/firefox-mr-10.0.7-0.1mdvmes5.2.i586.rpm
bf2db73e5309abcd5f915d214c2769ce mes5/i586/firefox-nb_NO-10.0.7-0.1mdvmes5.2.i586.rpm
8903f2a4955552c9982370efb87b955e mes5/i586/firefox-nl-10.0.7-0.1mdvmes5.2.i586.rpm
37fedb60e08f22a7fc989036090ea09b mes5/i586/firefox-nn_NO-10.0.7-0.1mdvmes5.2.i586.rpm
335925f314b59f1a861db9b75c6eacf7 mes5/i586/firefox-oc-10.0.7-0.1mdvmes5.2.i586.rpm
67a746d463f233312883998a3c40af7e mes5/i586/firefox-pa_IN-10.0.7-0.1mdvmes5.2.i586.rpm
b6337c34a276004a804084d766419103 mes5/i586/firefox-pl-10.0.7-0.1mdvmes5.2.i586.rpm
f534017d734dd62f0f76175bddee1960 mes5/i586/firefox-pt_BR-10.0.7-0.1mdvmes5.2.i586.rpm
323a67ee2fce99cf4bed625759259c69 mes5/i586/firefox-pt_PT-10.0.7-0.1mdvmes5.2.i586.rpm
0af98ffa7b4b244198dfebfe34214b98 mes5/i586/firefox-ro-10.0.7-0.1mdvmes5.2.i586.rpm
b453d83222d1c55228decb8b6d386236 mes5/i586/firefox-ru-10.0.7-0.1mdvmes5.2.i586.rpm
fa8961b65b7ede9a5ac1a7493c109342 mes5/i586/firefox-si-10.0.7-0.1mdvmes5.2.i586.rpm
a04986d5fc842e471cd9706ace414cd9 mes5/i586/firefox-sk-10.0.7-0.1mdvmes5.2.i586.rpm
ba9ed46aad81f3c759583de439b4e957 mes5/i586/firefox-sl-10.0.7-0.1mdvmes5.2.i586.rpm
c8ff2dfa554ba675d5d73d39dc454f90 mes5/i586/firefox-sq-10.0.7-0.1mdvmes5.2.i586.rpm
30e4e7f0e21fedc3a3f90089c5971637 mes5/i586/firefox-sr-10.0.7-0.1mdvmes5.2.i586.rpm
22061d7dacccba1bc17c5ceccf75f79e mes5/i586/firefox-sv_SE-10.0.7-0.1mdvmes5.2.i586.rpm
f055e92f37b6bd62e14ad5d6b9d318c3 mes5/i586/firefox-te-10.0.7-0.1mdvmes5.2.i586.rpm
6c757b14598b6d694962095b8599cb64 mes5/i586/firefox-th-10.0.7-0.1mdvmes5.2.i586.rpm
e8037822bc768d574a06d1882d617bea mes5/i586/firefox-tr-10.0.7-0.1mdvmes5.2.i586.rpm
3cbd2655202e74c55eeedba1e80ad48b mes5/i586/firefox-uk-10.0.7-0.1mdvmes5.2.i586.rpm
aeaceee83de43535fb4d1e74ea66312d mes5/i586/firefox-zh_CN-10.0.7-0.1mdvmes5.2.i586.rpm
a2ad10b6c7937024d3ec105fb8e623e7 mes5/i586/firefox-zh_TW-10.0.7-0.1mdvmes5.2.i586.rpm
4ae9534d1028f935cca162d4865269b5 mes5/i586/icedtea-web-1.1.6-0.2mdvmes5.2.i586.rpm
4f889d64c942ca2acadc52255e9338e8 mes5/i586/icedtea-web-javadoc-1.1.6-0.2mdvmes5.2.i586.rpm
8aeb8b16115649e33b7c4fb29c07852d mes5/i586/libxulrunner10.0.7-10.0.7-0.1mdvmes5.2.i586.rpm
2702ec86b13931d056e9221b09813b10 mes5/i586/libxulrunner-devel-10.0.7-0.1mdvmes5.2.i586.rpm
775d71f59824b05203b85d5a48eb0d8c mes5/i586/xulrunner-10.0.7-0.1mdvmes5.2.i586.rpm
8b6ad945fd5bc40c57a54bce818654f3 mes5/SRPMS/firefox-10.0.7-0.1mdvmes5.2.src.rpm
1ab20cf712f7345436d46731207eb21b mes5/SRPMS/firefox-l10n-10.0.7-0.1mdvmes5.2.src.rpm
c7584ce8930548c9ccbb10cff962893e mes5/SRPMS/icedtea-web-1.1.6-0.2mdvmes5.2.src.rpm
0f22e9452893ca7990e5a2947196d308 mes5/SRPMS/xulrunner-10.0.7-0.1mdvmes5.2.src.rpm
Mandriva Enterprise Server 5/X86_64:
1db11a3e3ac125f7ec9221c47a8eac04 mes5/x86_64/firefox-10.0.7-0.1mdvmes5.2.x86_64.rpm
b4ecb7f804b068f0a8def9f159c0b6d8 mes5/x86_64/firefox-af-10.0.7-0.1mdvmes5.2.x86_64.rpm
ca34b4f257e28020f5a2dfce1e411c94 mes5/x86_64/firefox-ar-10.0.7-0.1mdvmes5.2.x86_64.rpm
086f7e4ca20c45e016ebfb5a9938e48d mes5/x86_64/firefox-be-10.0.7-0.1mdvmes5.2.x86_64.rpm
cec1a690f6c37f7509b8728c8467dfda mes5/x86_64/firefox-bg-10.0.7-0.1mdvmes5.2.x86_64.rpm
558ebb730fe275fa3657c9fd3d4e8778 mes5/x86_64/firefox-bn-10.0.7-0.1mdvmes5.2.x86_64.rpm
ac9745e603d678877fdecf75609d83b9 mes5/x86_64/firefox-ca-10.0.7-0.1mdvmes5.2.x86_64.rpm
d200271764cfc86833ab7b1246cbcbf3 mes5/x86_64/firefox-cs-10.0.7-0.1mdvmes5.2.x86_64.rpm
f5c75c5923d7787eee634f5f1cb7dcdc mes5/x86_64/firefox-cy-10.0.7-0.1mdvmes5.2.x86_64.rpm
c68c9c15dbf5145b74991ac2b03be7e8 mes5/x86_64/firefox-da-10.0.7-0.1mdvmes5.2.x86_64.rpm
a344f6833ca0be9769e8dba8f7097845 mes5/x86_64/firefox-de-10.0.7-0.1mdvmes5.2.x86_64.rpm
f20e3d27aa35e2ba3e1bf785d5bc20dc mes5/x86_64/firefox-devel-10.0.7-0.1mdvmes5.2.x86_64.rpm
2ace8fac90df64b9930f7e3095588ce6 mes5/x86_64/firefox-el-10.0.7-0.1mdvmes5.2.x86_64.rpm
76a950078304f62b3f00b52ac66ba47b mes5/x86_64/firefox-en_GB-10.0.7-0.1mdvmes5.2.x86_64.rpm
d83301827d81e09407779411777219ca mes5/x86_64/firefox-eo-10.0.7-0.1mdvmes5.2.x86_64.rpm
821745b1cdf10f439feda4438191483f mes5/x86_64/firefox-es_AR-10.0.7-0.1mdvmes5.2.x86_64.rpm
d1969451b54e985da3af0efb9f6fa68e mes5/x86_64/firefox-es_ES-10.0.7-0.1mdvmes5.2.x86_64.rpm
cf2a47231da1c9a7e3866a888f820c7f mes5/x86_64/firefox-et-10.0.7-0.1mdvmes5.2.x86_64.rpm
1feda9d4a5ada97bb48fbf3b1ab4670e mes5/x86_64/firefox-eu-10.0.7-0.1mdvmes5.2.x86_64.rpm
391e978061d9ec83a924513dc264115d mes5/x86_64/firefox-fi-10.0.7-0.1mdvmes5.2.x86_64.rpm
a0b4a471830ed3125965edd0e69535eb mes5/x86_64/firefox-fr-10.0.7-0.1mdvmes5.2.x86_64.rpm
edd0c6ea652e265f2beaa7699614290e mes5/x86_64/firefox-fy-10.0.7-0.1mdvmes5.2.x86_64.rpm
4280eea7d44a9c5d69da159735624791 mes5/x86_64/firefox-ga_IE-10.0.7-0.1mdvmes5.2.x86_64.rpm
d02eeddf04af89b14bc9c7e35b2adebc mes5/x86_64/firefox-gl-10.0.7-0.1mdvmes5.2.x86_64.rpm
48a835d6b2dd0e27a5a03060bd62e319 mes5/x86_64/firefox-gu_IN-10.0.7-0.1mdvmes5.2.x86_64.rpm
5ea3a3b83745915550418c2fbfe376d9 mes5/x86_64/firefox-he-10.0.7-0.1mdvmes5.2.x86_64.rpm
3c5441222490068d3b2397c1e91f3a0a mes5/x86_64/firefox-hi-10.0.7-0.1mdvmes5.2.x86_64.rpm
e6b8c86fb3a66ae810ab2420b2bfd94c mes5/x86_64/firefox-hu-10.0.7-0.1mdvmes5.2.x86_64.rpm
a278ad98d9a9e7cb14636240432f04f4 mes5/x86_64/firefox-id-10.0.7-0.1mdvmes5.2.x86_64.rpm
57a4cdf10099e4540ee6b9487d35625f mes5/x86_64/firefox-is-10.0.7-0.1mdvmes5.2.x86_64.rpm
4a2d70e9f87bbc8a71c994eb4aa028a2 mes5/x86_64/firefox-it-10.0.7-0.1mdvmes5.2.x86_64.rpm
294aeb71e002b3fa1f2104e616acf017 mes5/x86_64/firefox-ja-10.0.7-0.1mdvmes5.2.x86_64.rpm
9c8a326e939128894a9ef17ffb24914e mes5/x86_64/firefox-ka-10.0.7-0.1mdvmes5.2.x86_64.rpm
b7743c262b27b927cc3e7bdd3252826e mes5/x86_64/firefox-kn-10.0.7-0.1mdvmes5.2.x86_64.rpm
15c7ed4a69f3d0f64e19585d287c35c2 mes5/x86_64/firefox-ko-10.0.7-0.1mdvmes5.2.x86_64.rpm
c8248281dcb7f48b4bffbae4064c5538 mes5/x86_64/firefox-ku-10.0.7-0.1mdvmes5.2.x86_64.rpm
dcbb3ab3cef14c812456298bd0cbf8ec mes5/x86_64/firefox-lt-10.0.7-0.1mdvmes5.2.x86_64.rpm
1b3cc568441fed8727d7fb2bc9d8e4d0 mes5/x86_64/firefox-lv-10.0.7-0.1mdvmes5.2.x86_64.rpm
fb61b984b2a0887c3f4515c62fc6fbaa mes5/x86_64/firefox-mk-10.0.7-0.1mdvmes5.2.x86_64.rpm
2e3fa27765d3ddc7cd6b627f082f7ef4 mes5/x86_64/firefox-mr-10.0.7-0.1mdvmes5.2.x86_64.rpm
dc44a85a1e0053a3c43bf935c454ccce mes5/x86_64/firefox-nb_NO-10.0.7-0.1mdvmes5.2.x86_64.rpm
285bba7945465696325bb90cdbb8ba61 mes5/x86_64/firefox-nl-10.0.7-0.1mdvmes5.2.x86_64.rpm
5e9bfbf8863d8950eca2f5da36f9d64e mes5/x86_64/firefox-nn_NO-10.0.7-0.1mdvmes5.2.x86_64.rpm
2d791ff5959f201dbe87c0b9f4e169e2 mes5/x86_64/firefox-oc-10.0.7-0.1mdvmes5.2.x86_64.rpm
c0441ff82b0e7a180ca8b2aef1582f5d mes5/x86_64/firefox-pa_IN-10.0.7-0.1mdvmes5.2.x86_64.rpm
f00dd512f2d3ebfb7a0dc1b8ae370bb9 mes5/x86_64/firefox-pl-10.0.7-0.1mdvmes5.2.x86_64.rpm
406ff5f761f72e02686fd17cda5e3631 mes5/x86_64/firefox-pt_BR-10.0.7-0.1mdvmes5.2.x86_64.rpm
2a303fabb8e65cfdeed1a8e0bf3b0c1a mes5/x86_64/firefox-pt_PT-10.0.7-0.1mdvmes5.2.x86_64.rpm
f2ca00d91890435844016f9326632df8 mes5/x86_64/firefox-ro-10.0.7-0.1mdvmes5.2.x86_64.rpm
a912734fdfecd3a8f16ee86ab0b36b26 mes5/x86_64/firefox-ru-10.0.7-0.1mdvmes5.2.x86_64.rpm
7ed6bc27f528e3d5b7cdb70e0c702f5f mes5/x86_64/firefox-si-10.0.7-0.1mdvmes5.2.x86_64.rpm
cb42f6b4a41e33551586649b4be9c4b1 mes5/x86_64/firefox-sk-10.0.7-0.1mdvmes5.2.x86_64.rpm
603dab1ad3b242d71fb9a5c85a7cac0d mes5/x86_64/firefox-sl-10.0.7-0.1mdvmes5.2.x86_64.rpm
47a35ac761cbdb9d580904a6d543eb38 mes5/x86_64/firefox-sq-10.0.7-0.1mdvmes5.2.x86_64.rpm
7a52ffaf01a4fdb52031d3d3f23511cf mes5/x86_64/firefox-sr-10.0.7-0.1mdvmes5.2.x86_64.rpm
8378248455687366ebbd770aec46946f mes5/x86_64/firefox-sv_SE-10.0.7-0.1mdvmes5.2.x86_64.rpm
16761ec116a4d45836d3985dfff28bfc mes5/x86_64/firefox-te-10.0.7-0.1mdvmes5.2.x86_64.rpm
128ee75f12bcfdafc7dc6b2e9dfd91a0 mes5/x86_64/firefox-th-10.0.7-0.1mdvmes5.2.x86_64.rpm
4a687c9ce1a6003ff87f9f49b4757d64 mes5/x86_64/firefox-tr-10.0.7-0.1mdvmes5.2.x86_64.rpm
a1f0983099bade0f341084a6366e8867 mes5/x86_64/firefox-uk-10.0.7-0.1mdvmes5.2.x86_64.rpm
e5061439a7a8332aea6e20595b349f43 mes5/x86_64/firefox-zh_CN-10.0.7-0.1mdvmes5.2.x86_64.rpm
998e45c4a5bb3fc2e4b58216d6b2ad7e mes5/x86_64/firefox-zh_TW-10.0.7-0.1mdvmes5.2.x86_64.rpm
213aebc998ef70cd83d026018e4978d1 mes5/x86_64/icedtea-web-1.1.6-0.2mdvmes5.2.x86_64.rpm
41e1974a399250c0d1ebe6fc56a2b962 mes5/x86_64/icedtea-web-javadoc-1.1.6-0.2mdvmes5.2.x86_64.rpm
c376e9649d45036bcd9bb5f6897450ef mes5/x86_64/lib64xulrunner10.0.7-10.0.7-0.1mdvmes5.2.x86_64.rpm
ea4bfd9b54f44ecd69ed3173c56330be mes5/x86_64/lib64xulrunner-devel-10.0.7-0.1mdvmes5.2.x86_64.rpm
aac422eca0b954a452b9c3cfa6c9268d mes5/x86_64/xulrunner-10.0.7-0.1mdvmes5.2.x86_64.rpm
8b6ad945fd5bc40c57a54bce818654f3 mes5/SRPMS/firefox-10.0.7-0.1mdvmes5.2.src.rpm
1ab20cf712f7345436d46731207eb21b mes5/SRPMS/firefox-l10n-10.0.7-0.1mdvmes5.2.src.rpm
c7584ce8930548c9ccbb10cff962893e mes5/SRPMS/icedtea-web-1.1.6-0.2mdvmes5.2.src.rpm
0f22e9452893ca7990e5a2947196d308 mes5/SRPMS/xulrunner-10.0.7-0.1mdvmes5.2.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFQPdrJmqjQ0CJFipgRAiqbAKCfwUxpe50rZn0/LzkL9jHGJyfxwACfUbMl
tImPHeex3t8I1P/c7QXF5Y4=
=eOt9
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists