Jump to content

updated mozilla packages


Recommended Posts

Package name mozilla

Date August 12th, 2004

Advisory ID MDKSA-2004:082

Affected versions 9.2, 10.0

Synopsis Updated mozilla packages fix multiple vulnerabilities

 

 

Problem Description

 

A number of security vulnerabilities in mozilla are addressed by this update for Mandrakelinux 10.0 users, including a fix for frame spoofing, a fixed popup XPInstall/security dialog bug, a fix for untrusted chrome calls, a fix for SSL certificate spoofing, a fix for stealing secure HTTP Auth passwords via DNS spoofing, a fix for insecure matching of cert names for non-FQDNs, a fix for focus redefinition from another domain, a fix for a SOAP parameter overflow, a fix for text drag on file entry, a fix for certificate DoS, and a fix for lock icon and cert spoofing.

 

Additionally, mozilla for both Mandrakelinux 9.2 and 10.0 have been rebuilt to use the system libjpeg and libpng which addresses vulnerabilities discovered in libpng (ref: MDKSA-2004:079).

 

 

Updated Packages

 

 

Mandrakelinux 9.2

 

39f8a9919bf499e7e889d2f857fa930c 9.2/RPMS/libnspr4-1.4-13.3.92mdk.i586.rpm

0ca14f5d18f20b75015140db28c18751 9.2/RPMS/libnspr4-devel-1.4-13.3.92mdk.i586.rpm

f663c0295b8b27489802a913115660e1 9.2/RPMS/libnss3-1.4-13.3.92mdk.i586.rpm

cf80137d87041af69f724f4d3bae21ee 9.2/RPMS/libnss3-devel-1.4-13.3.92mdk.i586.rpm

eb592c81a204899305540827f831178f 9.2/RPMS/mozilla-1.4-13.3.92mdk.i586.rpm

7cef1eab0eb7c38aed0743570912dbc1 9.2/RPMS/mozilla-devel-1.4-13.3.92mdk.i586.rpm

cbbcb63f5db34ab4342bd79d9a0edbaa 9.2/RPMS/mozilla-dom-inspector-1.4-13.3.92mdk.i586.rpm

4a16188a7091803a643278d27c0bedd9 9.2/RPMS/mozilla-enigmail-1.4-13.3.92mdk.i586.rpm

2f247ec2b03fa15358bef296cbf5b5fa 9.2/RPMS/mozilla-enigmime-1.4-13.3.92mdk.i586.rpm

d372cb79f4137257a5ecc2f8bba50058 9.2/RPMS/mozilla-irc-1.4-13.3.92mdk.i586.rpm

7123054edd8308a9389eef15204db3f3 9.2/RPMS/mozilla-js-debugger-1.4-13.3.92mdk.i586.rpm

f4a920a8b551d78066dc23eb8c7a6520 9.2/RPMS/mozilla-mail-1.4-13.3.92mdk.i586.rpm

4b486d04fbf4c34217ec1fe272bde217 9.2/RPMS/mozilla-spellchecker-1.4-13.3.92mdk.i586.rpm

bbd208cba121308110ff629941999d4e 9.2/SRPMS/mozilla-1.4-13.3.92mdk.src.rpm

 

Mandrakelinux 9.2/AMD64

 

5a5ce0f34c6d517dac5bd796539d727b amd64/9.2/RPMS/lib64nspr4-1.4-13.3.92mdk.amd64.rpm

95ff73b58ff07df8658ba7db479a6409 amd64/9.2/RPMS/lib64nspr4-devel-1.4-13.3.92mdk.amd64.rpm

f47f3edc3305680e4dfe6fc4f11da651 amd64/9.2/RPMS/lib64nss3-1.4-13.3.92mdk.amd64.rpm

9ffc28e6db6dae88d3f61f647407a863 amd64/9.2/RPMS/lib64nss3-devel-1.4-13.3.92mdk.amd64.rpm

986fff85fd8f3826df7a503da6123cd8 amd64/9.2/RPMS/mozilla-1.4-13.3.92mdk.amd64.rpm

0b3800d499e9b0a38e7d45af293f93cc amd64/9.2/RPMS/mozilla-devel-1.4-13.3.92mdk.amd64.rpm

786af5e02f3a30b091155c7fbe361052 amd64/9.2/RPMS/mozilla-dom-inspector-1.4-13.3.92mdk.amd64.rpm

65987dda19d9f901d84e2bd364395970 amd64/9.2/RPMS/mozilla-enigmail-1.4-13.3.92mdk.amd64.rpm

0b4d182f8aeac8e5189aa58475de3368 amd64/9.2/RPMS/mozilla-enigmime-1.4-13.3.92mdk.amd64.rpm

7fefe5af19372137780d21fc286cce3c amd64/9.2/RPMS/mozilla-irc-1.4-13.3.92mdk.amd64.rpm

7dd3a9b2be038019e19a7839f015f952 amd64/9.2/RPMS/mozilla-js-debugger-1.4-13.3.92mdk.amd64.rpm

90e24a878db2c4dbad41322595c0f67c amd64/9.2/RPMS/mozilla-mail-1.4-13.3.92mdk.amd64.rpm

2225c48c1e6ef9113fffad76a278b7f8 amd64/9.2/RPMS/mozilla-spellchecker-1.4-13.3.92mdk.amd64.rpm

bbd208cba121308110ff629941999d4e amd64/9.2/SRPMS/mozilla-1.4-13.3.92mdk.src.rpm

 

Mandrakelinux 10.0

 

19b31b7ed83a5bfd62872777f48c2251 10.0/RPMS/libnspr4-1.6-12.1.100mdk.i586.rpm

2c751db4638e066a8089dde8eb2b940b 10.0/RPMS/libnspr4-devel-1.6-12.1.100mdk.i586.rpm

f44262d9e905090a756ebee318b00e14 10.0/RPMS/libnss3-1.6-12.1.100mdk.i586.rpm

ac3f3659e97a43a62ce6e574885a7ddf 10.0/RPMS/libnss3-devel-1.6-12.1.100mdk.i586.rpm

c60181755c6de63f125940311bb0d075 10.0/RPMS/mozilla-1.6-12.1.100mdk.i586.rpm

880ed64c45f293c64f9756b39334b82d 10.0/RPMS/mozilla-devel-1.6-12.1.100mdk.i586.rpm

f14a0240536662e2a43b4133ba2fd1b2 10.0/RPMS/mozilla-dom-inspector-1.6-12.1.100mdk.i586.rpm

0f5f524ff411923f3c542a40d81caab3 10.0/RPMS/mozilla-enigmail-1.6-12.1.100mdk.i586.rpm

2138a4308f6287b2a26a0ee509c732a4 10.0/RPMS/mozilla-enigmime-1.6-12.1.100mdk.i586.rpm

ac4f3906cf8db1d57722a2485eb5fba5 10.0/RPMS/mozilla-irc-1.6-12.1.100mdk.i586.rpm

bc535199a712e47ca30d93ad448513c1 10.0/RPMS/mozilla-js-debugger-1.6-12.1.100mdk.i586.rpm

4e1c2b9fae3b96a8a4821386f8cde4a0 10.0/RPMS/mozilla-mail-1.6-12.1.100mdk.i586.rpm

60384666732ca5895ea1696fd0088d45 10.0/RPMS/mozilla-spellchecker-1.6-12.1.100mdk.i586.rpm

4261307ca2dfbc1bf7ee53fa0d9cadda 10.0/SRPMS/mozilla-1.6-12.1.100mdk.src.rpm

 

Mandrakelinux 10.0/AMD64

 

f950ed0e8c533c272b89242b285bfb51 amd64/10.0/RPMS/lib64nspr4-1.6-12.1.100mdk.amd64.rpm

1da39ad805ac3dfb6e15f4e2a4b81395 amd64/10.0/RPMS/lib64nspr4-devel-1.6-12.1.100mdk.amd64.rpm

82541944b78f9ae28b8fbaad7d8cff7f amd64/10.0/RPMS/lib64nss3-1.6-12.1.100mdk.amd64.rpm

7a1755840c9e86c6d9d3b0700fe22a64 amd64/10.0/RPMS/lib64nss3-devel-1.6-12.1.100mdk.amd64.rpm

bbad752b3e6173227dbe3e10d2e22b7e amd64/10.0/RPMS/mozilla-1.6-12.1.100mdk.amd64.rpm

160581d9505230143d3af6c0a68dbb50 amd64/10.0/RPMS/mozilla-devel-1.6-12.1.100mdk.amd64.rpm

a1e933df64ffb535c48f58efcb56f744 amd64/10.0/RPMS/mozilla-dom-inspector-1.6-12.1.100mdk.amd64.rpm

5b72c641ece4f0f086b9aac12623e4a5 amd64/10.0/RPMS/mozilla-enigmail-1.6-12.1.100mdk.amd64.rpm

6c55c3641ce9af81569179f2e0883571 amd64/10.0/RPMS/mozilla-enigmime-1.6-12.1.100mdk.amd64.rpm

de69eccc5e36ee64808b6465cdd2f2cf amd64/10.0/RPMS/mozilla-irc-1.6-12.1.100mdk.amd64.rpm

c8bfd663339969ee8ed98f5fcb489772 amd64/10.0/RPMS/mozilla-js-debugger-1.6-12.1.100mdk.amd64.rpm

36aaa030ab4cce56c7e213f36e899662 amd64/10.0/RPMS/mozilla-mail-1.6-12.1.100mdk.amd64.rpm

f617cce1aca29d7b55c22c7d71cbe706 amd64/10.0/RPMS/mozilla-spellchecker-1.6-12.1.100mdk.amd64.rpm

4261307ca2dfbc1bf7ee53fa0d9cadda amd64/10.0/SRPMS/mozilla-1.6-12.1.100mdk.src.rpm

 

References

 

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0597

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0598

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0599

http://bugzilla.mozilla.org/show_bug.cgi?id=246448

http://bugzilla.mozilla.org/show_bug.cgi?id=162020

http://bugzilla.mozilla.org/show_bug.cgi?id=149478

http://bugzilla.mozilla.org/show_bug.cgi?id=239580

http://bugzilla.mozilla.org/show_bug.cgi?id=244965

http://bugzilla.mozilla.org/show_bug.cgi?id=229374

http://bugzilla.mozilla.org/show_bug.cgi?id=240053

http://bugzilla.mozilla.org/show_bug.cgi?id=226278

http://bugzilla.mozilla.org/show_bug.cgi?id=234058

http://bugzilla.mozilla.org/show_bug.cgi?id=86028

http://bugzilla.mozilla.org/show_bug.cgi?id=236618

http://bugzilla.mozilla.org/show_bug.cgi?id=206859

http://bugzilla.mozilla.org/show_bug.cgi?id=249004

http://bugzilla.mozilla.org/show_bug.cgi?id=253121

 

 

Upgrade

 

 

To upgrade automatically, use MandrakeUpdate.

 

Verification

 

 

Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command:

 

rpm --checksig package.rpm

 

 

You can get the GPG public key of the Mandrakelinux Security Team to verify the GPG signature of each RPM.

 

If you use MandrakeUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.

Link to comment
Share on other sites

 Share

×
×
  • Create New...