News

=========================================================== Ubuntu Security Notice USN-354-1 October 02, 2006 firefox vulnerabilities CVE-2006-3113, CVE-2006-3677, CVE-2006-3801, CVE-2006-3802, CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811, CVE-2006-3812, CVE-2006-4253, CVE-2006-4340, CVE-2006-4565, CVE-2006-4566, CVE-2006-4567, CVE-2006-4568, CVE-2006-4569, CVE-2006-4571 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.10: firefox 1.5.dfsg+1.5.0.7-0ubuntu5.10.3 firefox-dom-inspector 1.5.dfsg+1.5.0.7-0ubuntu5.10.3 firefox-gnome-support 1.5.dfsg+1.5.0.7-0ubuntu5.10.3 devhelp 0.10-1ubuntu2.1 devhelp-common 0.10-1ubuntu2.1 epiphany-browser 1.8.2-0ubuntu1.1 epiphany-browser-dev 1.8.2-0ubuntu1.1 gnome-app-install 0+20051005.1 libdevhelp-1-0 0.10-1ubuntu2.1 libdevhelp-1-dev 0.10-1ubuntu2.1 mozilla-firefox-locale-af-za 1.5-ubuntu5.10-1 mozilla-firefox-locale-ast-es 1.5-ubuntu5.10-1 mozilla-firefox-locale-bg-bg 1.5-ubuntu5.10-1 mozilla-firefox-locale-cs-cz 1.5-ubuntu5.10-1 mozilla-firefox-locale-da-dk 1.5-ubuntu5.10-1 mozilla-firefox-locale-de 1.5-ubuntu5.10-1 mozilla-firefox-locale-de-de 1.5-ubuntu5.10-1 mozilla-firefox-locale-en-gb 1.5-ubuntu5.10-1 mozilla-firefox-locale-es 1.5-ubuntu5.10-1 mozilla-firefox-locale-es-ar 1.5-ubuntu5.10-1 mozilla-firefox-locale-es-es 1.5-ubuntu5.10-1 mozilla-firefox-locale-fi-fi 1.5-ubuntu5.10-1 mozilla-firefox-locale-fr 1.5-ubuntu5.10-1 mozilla-firefox-locale-fr-fr 1.5-ubuntu5.10-1 mozilla-firefox-locale-ga-ie 1.5-ubuntu5.10-1 mozilla-firefox-locale-gu-in 1.5-ubuntu5.10-1 mozilla-firefox-locale-he-il 1.5-ubuntu5.10-1 mozilla-firefox-locale-hu-hu 1.5-ubuntu5.10-1 mozilla-firefox-locale-mk-mk 1.5-ubuntu5.10-1 mozilla-firefox-locale-nl-nl 1.5-ubuntu5.10-1 mozilla-firefox-locale-pa-in 1.5-ubuntu5.10-1 mozilla-firefox-locale-pl 1.5-ubuntu5.10-1 mozilla-firefox-locale-pl-pl 1.5-ubuntu5.10-1 mozilla-firefox-locale-pt-br 1.5-ubuntu5.10-1 mozilla-firefox-locale-pt-pt 1.5-ubuntu5.10-1 mozilla-firefox-locale-ro-ro 1.5-ubuntu5.10-1 mozilla-firefox-locale-ru-ru 1.5-ubuntu5.10-1 mozilla-firefox-locale-sl-si 1.5-ubuntu5.10-1 mozilla-firefox-locale-sq-al 1.5-ubuntu5.10-1 mozilla-firefox-locale-sv 1.5-ubuntu5.10-1 mozilla-firefox-locale-sv-se 1.5-ubuntu5.10-1 mozilla-firefox-locale-tr-tr 1.5-ubuntu5.10-1 mozilla-firefox-locale-xh-za 1.5-ubuntu5.10-1 mozilla-firefox-locale-zh-cn 1.5-ubuntu5.10-1 mozilla-firefox-locale-zh-tw 1.5-ubuntu5.10-1 yelp 2.12.1-0ubuntu1.1 After a standard system upgrade you need to restart Firefox to effect the necessary changes. Since the 1.0.x series of Firefox is not supported any more, this update introduces the firefox 1.5 series into Ubuntu 5.10. Please check whether all your extensions still work as expected. Details follow: Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious URL. (CVE-2006-3113, CVE-2006-3677, CVE-2006-3801, CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3809, CVE-2006-3811, CVE-2006-3812, CVE-2006-4253, CVE-2006-4565, CVE-2006-4566, CVE-2006-4568, CVE-2006-4569 CVE-2006-4571) Cross-site scripting vulnerabilities were found in the XPCNativeWrapper() function and native DOM method handlers. A malicious web site could exploit these to modify the contents or steal confidential data (such as passwords) from other opened web pages. (CVE-2006-3802, CVE-2006-3810) A bug was found in the script handler for automatic proxy configuration. A malicious proxy could send scripts which could execute arbitrary code with the user's privileges. (CVE-2006-3808) The NSS library did not sufficiently check the padding of PKCS #1 v1.5 signatures if the exponent of the public key is 3 (which is widely used for CAs). This could be exploited to forge valid signatures without the need of the secret key. (CVE-2006-4340) Jon Oberheide reported a way how a remote attacker could trick users into downloading arbitrary extensions with circumventing the normal SSL certificate check. The attacker would have to be in a position to spoof the victim's DNS, causing them to connect to sites of the attacker's choosing rather than the sites intended by the victim. If they gained that control and the victim accepted the attacker's cert for the Mozilla update site, then the next update check could be hijacked and redirected to the attacker's site without detection. (CVE-2006-4567) Packages which embed or extend Firefox have been updated to work with the new version.