Submitted by KeesCook on Thu, 2005-07-28 12:02
Referenced CVEs:
CAN-2004-1156, CAN-2004-1381, CAN-2005-0141, CAN-2005-0142, CAN-2005-0143, CAN-2005-0144, CAN-2005-0145, CAN-2005-0146, CAN-2005-0147, CAN-2005-0150, CAN-2005-0230, CAN-2005-0231, CAN-2005-0232, CAN-2005-0233, CAN-2005-0255, CAN-2005-0399, CAN-2005-0401, CAN-2005-0402, CAN-2005-0578, CAN-2005-0584, CAN-2005-0585, CAN-2005-0586, CAN-2005-0587, CAN-2005-0588, CAN-2005-0589, CAN-2005-0590, CAN-2005-0591, CAN-2005-0592, CAN-2005-0593, CAN-2005-0752, CAN-2005-0989, CAN-2005-1153, CAN-2005-1154, CAN-2005-1155, CAN-2005-1156, CAN-2005-1157, CAN-2005-1158, CAN-2005-1159, CAN-2005-1160, CAN-2005-1531, CAN-2005-1532, CAN-2005-1937, CAN-2005-2260, CAN-2005-2261, CAN-2005-2262, CAN-2005-2263, CAN-2005-2264, CAN-2005-2265, CAN-2005-2266, CAN-2005-2267, CAN-2005-2268, CAN-2005-2269, CAN-2005-2270
Description:
===========================================================
Ubuntu Security Notice USN-149-3 July 28, 2005
mozilla-firefox vulnerabilities
CAN-2004-1156, CAN-2004-1381, CAN-2005-0141, CAN-2005-0142,
CAN-2005-0143, CAN-2005-0144, CAN-2005-0145, CAN-2005-0146,
CAN-2005-0147, CAN-2005-0150, CAN-2005-0230, CAN-2005-0231,
CAN-2005-0232, CAN-2005-0233, CAN-2005-0255, CAN-2005-0399,
CAN-2005-0401, CAN-2005-0402, CAN-2005-0578, CAN-2005-0584,
CAN-2005-0585, CAN-2005-0586, CAN-2005-0587, CAN-2005-0588,
CAN-2005-0589, CAN-2005-0590, CAN-2005-0591, CAN-2005-0592,
CAN-2005-0593, CAN-2005-0752, CAN-2005-0989, CAN-2005-1153,
CAN-2005-1154, CAN-2005-1155, CAN-2005-1156, CAN-2005-1157,
CAN-2005-1158, CAN-2005-1159, CAN-2005-1160, CAN-2005-1531,
CAN-2005-1532, CAN-2005-1937, CAN-2005-2260, CAN-2005-2261,
CAN-2005-2262, CAN-2005-2263, CAN-2005-2264, CAN-2005-2265,
CAN-2005-2266, CAN-2005-2267, CAN-2005-2268, CAN-2005-2269,
CAN-2005-2270
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog)
The following packages are affected:
mozilla-firefox
mozilla-firefox-locale-ca
mozilla-firefox-locale-de
mozilla-firefox-locale-es
mozilla-firefox-locale-fr
mozilla-firefox-locale-it
mozilla-firefox-locale-ja
mozilla-firefox-locale-nb
mozilla-firefox-locale-pl
mozilla-firefox-locale-tr
mozilla-firefox-locale-uk
The problem can be corrected by upgrading the affected package to
version 1.0.6-0ubuntu0.0.1 (mozilla-firefox) and 1.0.6-0ubuntu0.1
(mozilla-firefox-locale-... packages).
Please note that the new version does not work with the already
existing translation packages (mozilla-firefox-locale-...). New
packages have been provided which are compatible to the new Firefox
version of this security update, so they need to be upgraded as well
(a standard system upgrade will take care of this).
After a standard system upgrade you need to restart Firefox to effect
the necessary changes.
We apologize for the huge delay of this update; we changed our update
strategy for Mozilla products to make sure that such long delays will
not happen again.
