Ubuntu update for firefox and xulrunner - Secunia Advisories - Vulnerability Intelligence

Ubuntu update for firefox and xulrunner
Secunia Advisory:	SA31270	Advisory Toolbox: Issue ticket Save in to-do list Mark as handled Exploit information Download as PDF Review actions Add comment
Release Date:	2008-07-29
Last Update:	2008-08-05
Popularity:	1,412 views

Critical:	Highly critical
Impact:	Security Bypass Spoofing DoS System access
Where:	From remote
Solution Status:	Vendor Patch

OS:	Ubuntu Linux 8.04

Subscribe:	Instant alerts on relevant vulnerabilities

CVE reference:	CVE-2008-2785 CVE-2008-2933 CVE-2008-2934

Description: Ubuntu has issued an update for firefox and xulrunner. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, potentially conduct spoofing attacks, or compromise a user's system. For more information: SA30761 SA31106 Solution: Apply updated packages. -- Ubuntu 8.04 LTS -- Source archives: http://security.ubuntu.com/ubuntu/poo...ld1+nobinonly-0ubuntu0.8.04.3.diff.gz Size/MD5: 105875 20bf75de131b805b31602d03f76edcdb http://security.ubuntu.com/ubuntu/poo...+build1+nobinonly-0ubuntu0.8.04.3.dsc Size/MD5: 1605 0a4c85fb6f3771e494cb2596eb174f42 http://security.ubuntu.com/ubuntu/poo....0_3.0.1+build1+nobinonly.orig.tar.gz Size/MD5: 10830088 546304d00e486587023418bef4c8c17e http://security.ubuntu.com/ubuntu/poo...ld1+nobinonly-0ubuntu0.8.04.3.diff.gz Size/MD5: 77642 dd673f6d7523c5129df6775c369f55b1 http://security.ubuntu.com/ubuntu/poo...+build1+nobinonly-0ubuntu0.8.04.3.dsc Size/MD5: 1669 7fbd2e794a99288141e6c5fd6ca7bb8b http://security.ubuntu.com/ubuntu/poo..._1.9.0.1+build1+nobinonly.orig.tar.gz Size/MD5: 40083410 802b0c07675ba0d1cc1819a6dac22c94 Architecture independent packages: http://security.ubuntu.com/ubuntu/poo...ld1+nobinonly-0ubuntu0.8.04.3_all.deb Size/MD5: 65808 9fb1bd4f57c4ddaf255dec745cfb6394 http://security.ubuntu.com/ubuntu/poo...ld1+nobinonly-0ubuntu0.8.04.3_all.deb Size/MD5: 65824 9352e1cba510bcaed37478516413e41a http://security.ubuntu.com/ubuntu/poo...ld1+nobinonly-0ubuntu0.8.04.3_all.deb Size/MD5: 65784 3ef3e033acca41bf431e196289ff3075 http://security.ubuntu.com/ubuntu/poo...ld1+nobinonly-0ubuntu0.8.04.3_all.deb Size/MD5: 65776 30a60ceed5a490065dddb86dcbc44917 http://security.ubuntu.com/ubuntu/poo...ld1+nobinonly-0ubuntu0.8.04.3_all.deb Size/MD5: 65926 093d9772c250695694846c4a862151e4 http://security.ubuntu.com/ubuntu/poo...ld1+nobinonly-0ubuntu0.8.04.3_all.deb Size/MD5: 65832 2f47d1abc1cfee76a537e665c2a961e3 http://security.ubuntu.com/ubuntu/poo...ld1+nobinonly-0ubuntu0.8.04.3_all.deb Size/MD5: 65782 852eac738d3bf243f6f3ab707cab7de1 http://security.ubuntu.com/ubuntu/poo...ld1+nobinonly-0ubuntu0.8.04.3_all.deb Size/MD5: 8978 4ee6943368ba1582827914b014aa0b12 http://security.ubuntu.com/ubuntu/poo...ld1+nobinonly-0ubuntu0.8.04.3_all.deb Size/MD5: 8964 9df1e05f125072a41decae2f03ed796d http://security.ubuntu.com/ubuntu/poo...ld1+nobinonly-0ubuntu0.8.04.3_all.deb Size/MD5: 65808 4cdc3a9a27af41bd6fadf4f9f1271af0 http://security.ubuntu.com/ubuntu/poo...ld1+nobinonly-0ubuntu0.8.04.3_all.deb Size/MD5: 65774 a12883abab5cdc8fd1be41abec1d2553 http://security.ubuntu.com/ubuntu/poo...ld1+nobinonly-0ubuntu0.8.04.3_all.deb Size/MD5: 65768 d30e21a3afcf4897450a2220b0448c52 http://security.ubuntu.com/ubuntu/poo...ld1+nobinonly-0ubuntu0.8.04.3_all.deb Size/MD5: 8944 ddb77e423b0d2fa01775998de6d16074 http://security.ubuntu.com/ubuntu/poo...ld1+nobinonly-0ubuntu0.8.04.3_all.deb Size/MD5: 65792 662c3740f2451030de9dbeef8915cd53 http://security.ubuntu.com/ubuntu/poo...ld1+nobinonly-0ubuntu0.8.04.3_all.deb Size/MD5: 8938 19647a69ea1a19fb20c3d832efb3f667 http://security.ubuntu.com/ubuntu/poo...ld1+nobinonly-0ubuntu0.8.04.3_all.deb Size/MD5: 65762 2948beefbc937ce8014246761aa5c42f http://security.ubuntu.com/ubuntu/poo...ld1+nobinonly-0ubuntu0.8.04.3_all.deb Size/MD5: 125048 61ddef6346ed04823e4e08cb8b5915ad http://security.ubuntu.com/ubuntu/poo...ld1+nobinonly-0ubuntu0.8.04.3_all.deb Size/MD5: 235166 7dcc225d1e6a35d1c72d83478b264b03 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/poo...1+nobinonly-0ubuntu0.8.04.3_amd64.deb Size/MD5: 9030 51c56b6eb17a90596664e5de1efcfaf0 http://security.ubuntu.com/ubuntu/poo...1+nobinonly-0ubuntu0.8.04.3_amd64.deb Size/MD5: 29598 bdb8fd33fbb551fba94829b6de8f48c8 http://security.ubuntu.com/ubuntu/poo...1+nobinonly-0ubuntu0.8.04.3_amd64.deb Size/MD5: 1086692 9e85d93762021da9663079eb43a806ec http://security.ubuntu.com/ubuntu/poo...1+nobinonly-0ubuntu0.8.04.3_amd64.deb Size/MD5: 4034992 ded5cd52011190445b8cdbbc387dbb0e http://security.ubuntu.com/ubuntu/poo...1+nobinonly-0ubuntu0.8.04.3_amd64.deb Size/MD5: 48708 63a365a1ed33bdd9f3e86c704639c54b http://security.ubuntu.com/ubuntu/poo...1+nobinonly-0ubuntu0.8.04.3_amd64.deb Size/MD5: 9020046 ce8df3e6a4d09ac7c1429f63a69bb164 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/poo...d1+nobinonly-0ubuntu0.8.04.3_i386.deb Size/MD5: 9032 9655df6f35d580fcd316fdbe35b25c44 http://security.ubuntu.com/ubuntu/poo...d1+nobinonly-0ubuntu0.8.04.3_i386.deb Size/MD5: 25740 b449c8c524b7cb50e05a5092bb1692ad http://security.ubuntu.com/ubuntu/poo...d1+nobinonly-0ubuntu0.8.04.3_i386.deb Size/MD5: 1064456 58ffa05cc64086c5c51ff694beca780d http://security.ubuntu.com/ubuntu/poo...d1+nobinonly-0ubuntu0.8.04.3_i386.deb Size/MD5: 4016584 3c8e123c09ff04f63cde52effc867f0d http://security.ubuntu.com/ubuntu/poo...d1+nobinonly-0ubuntu0.8.04.3_i386.deb Size/MD5: 38500 8934fc3c6cdfa988ad9dee140be7373d http://security.ubuntu.com/ubuntu/poo...d1+nobinonly-0ubuntu0.8.04.3_i386.deb Size/MD5: 7749536 7ef6da6f25b7e0878419acccc052da3f lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/f/f...d1+nobinonly-0ubuntu0.8.04.3_lpia.deb Size/MD5: 9028 fdd61fb530a3339c1fffbd9ece833d8e http://ports.ubuntu.com/pool/main/f/f...d1+nobinonly-0ubuntu0.8.04.3_lpia.deb Size/MD5: 25344 7666413c6a56eb14c3708ad2e16470c7 http://ports.ubuntu.com/pool/main/f/f...d1+nobinonly-0ubuntu0.8.04.3_lpia.deb Size/MD5: 1062684 ec46a573876b24eb4748bd01a2bb5435 http://ports.ubuntu.com/pool/main/x/x...d1+nobinonly-0ubuntu0.8.04.3_lpia.deb Size/MD5: 4012106 243d516f2dc244758d3568e4ead4839f http://ports.ubuntu.com/pool/main/x/x...d1+nobinonly-0ubuntu0.8.04.3_lpia.deb Size/MD5: 37592 d9c551a6e990c7e63b457d7c6166113a http://ports.ubuntu.com/pool/main/x/x...d1+nobinonly-0ubuntu0.8.04.3_lpia.deb Size/MD5: 7639310 ff4c7144795f6fa0a38b0f065c04db8e powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/f/f...nobinonly-0ubuntu0.8.04.3_powerpc.deb Size/MD5: 9032 5ffb1ce496a65cc0cfa57405a249426c http://ports.ubuntu.com/pool/main/f/f...nobinonly-0ubuntu0.8.04.3_powerpc.deb Size/MD5: 27506 ee4f59f65df53fdf3e09fa271e290dbc http://ports.ubuntu.com/pool/main/f/f...nobinonly-0ubuntu0.8.04.3_powerpc.deb Size/MD5: 1078404 8ee97515994e3deac2fe7aabbbbe15ab http://ports.ubuntu.com/pool/main/x/x...nobinonly-0ubuntu0.8.04.3_powerpc.deb Size/MD5: 4023136 5342ffc1f46ff68174dca7b3621eeab0 http://ports.ubuntu.com/pool/main/x/x...nobinonly-0ubuntu0.8.04.3_powerpc.deb Size/MD5: 43654 649fa96e5214857fff22b53455e99bac http://ports.ubuntu.com/pool/main/x/x...nobinonly-0ubuntu0.8.04.3_powerpc.deb Size/MD5: 8595530 7a92e064fe96a000b0d9a507c0827555 Source archives: http://security.ubuntu.com/ubuntu/poo.../devhelp_0.19-1ubuntu1.8.04.3.diff.gz Size/MD5: 31298 9c7bb3906f79ab2c1f190cbefb703f82 http://security.ubuntu.com/ubuntu/poo...help/devhelp_0.19-1ubuntu1.8.04.3.dsc Size/MD5: 1114 bb5bf149ce7b8df7a16d7ab7c411d5ed http://security.ubuntu.com/ubuntu/pool/main/d/devhelp/devhelp_0.19.orig.tar.gz Size/MD5: 675357 3a9cb38f83d7f20391b19e305608f289 http://security.ubuntu.com/ubuntu/poo...rowser_2.22.2-0ubuntu0.8.04.5.diff.gz Size/MD5: 41819 89fa0f8815e04a0f634241b6c1f364d3 http://security.ubuntu.com/ubuntu/poo...ny-browser_2.22.2-0ubuntu0.8.04.5.dsc Size/MD5: 1589 61c107f668ad8b4aa25c398b0c93fe1d http://security.ubuntu.com/ubuntu/poo...r/epiphany-browser_2.22.2.orig.tar.gz Size/MD5: 7126288 cdc44e20c2ebaba1fe71c1154030dcd9 http://security.ubuntu.com/ubuntu/poo...ser/midbrowser_0.3.0rc1a-1~8.04.2.dsc Size/MD5: 1081 fcc8bc8330370aa9df477a6b6f6fb819 http://security.ubuntu.com/ubuntu/poo.../midbrowser_0.3.0rc1a-1~8.04.2.tar.gz Size/MD5: 46625228 e35bc6b300ba8ba6795cc3c8544c1c70 http://security.ubuntu.com/ubuntu/poo...p/yelp_2.22.1-0ubuntu2.8.04.2.diff.gz Size/MD5: 1268814 35076923ad47e759c7944548421dee51 http://security.ubuntu.com/ubuntu/poo.../yelp/yelp_2.22.1-0ubuntu2.8.04.2.dsc Size/MD5: 1230 bd4fda6dd2e3c57f2db67e635e805a5b http://security.ubuntu.com/ubuntu/pool/main/y/yelp/yelp_2.22.1.orig.tar.gz Size/MD5: 1528478 e97a18f7e002d293394726004fc110b7 Architecture independent packages: http://security.ubuntu.com/ubuntu/poo...p-common_0.19-1ubuntu1.8.04.3_all.deb Size/MD5: 38486 95c5a3b17fd74b4dd632e7c8a2c559ec http://security.ubuntu.com/ubuntu/poo...r-data_2.22.2-0ubuntu0.8.04.5_all.deb Size/MD5: 3296778 b77676d76c4a5ba0728fca33aadc238a http://security.ubuntu.com/ubuntu/poo...er-dev_2.22.2-0ubuntu0.8.04.5_all.deb Size/MD5: 115802 30f9179b2bbeb7fc0170ec9156deedd5 http://security.ubuntu.com/ubuntu/poo...rowser_2.22.2-0ubuntu0.8.04.5_all.deb Size/MD5: 49494 bb116eb3227198464792497dbf1b1fa3 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/poo...evhelp_0.19-1ubuntu1.8.04.3_amd64.deb Size/MD5: 17026 5fd05c053b42d0ab1228e97953aa8775 http://security.ubuntu.com/ubuntu/poo...lp-1-0_0.19-1ubuntu1.8.04.3_amd64.deb Size/MD5: 100988 c8f2b1a6898df9a34715ed306ce0f28d http://security.ubuntu.com/ubuntu/poo...-1-dev_0.19-1ubuntu1.8.04.3_amd64.deb Size/MD5: 6702 35a0280af7c5ad62333b6ad64c612bd9 http://security.ubuntu.com/ubuntu/poo...-dbg_2.22.2-0ubuntu0.8.04.5_amd64.deb Size/MD5: 1948612 87efe42bb7facafb8f5c24ecb7d256ef http://security.ubuntu.com/ubuntu/poo...ecko_2.22.2-0ubuntu0.8.04.5_amd64.deb Size/MD5: 579338 3e65b363fad9bb0f9364d13312d438c1 http://security.ubuntu.com/ubuntu/poo...dbrowser_0.3.0rc1a-1~8.04.2_amd64.deb Size/MD5: 1222428 1ec764e382c763932d3485062f9d30a8 http://security.ubuntu.com/ubuntu/poo...yelp_2.22.1-0ubuntu2.8.04.2_amd64.deb Size/MD5: 359272 22eda6f6103d5b22a7fd6734941ce57a i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/poo...devhelp_0.19-1ubuntu1.8.04.3_i386.deb Size/MD5: 31736 3930e413a69542a6fe692da52e122bf6 http://security.ubuntu.com/ubuntu/poo...elp-1-0_0.19-1ubuntu1.8.04.3_i386.deb Size/MD5: 79106 7d4f9e0bca4834ffe03160a25fd5d915 http://security.ubuntu.com/ubuntu/poo...p-1-dev_0.19-1ubuntu1.8.04.3_i386.deb Size/MD5: 21908 4da4fbb4969b6f50dfdd970e6b330434 http://security.ubuntu.com/ubuntu/poo...r-dbg_2.22.2-0ubuntu0.8.04.5_i386.deb Size/MD5: 1863560 670d52c0413ae0f34b7d515e75f35022 http://security.ubuntu.com/ubuntu/poo...gecko_2.22.2-0ubuntu0.8.04.5_i386.deb Size/MD5: 545286 900c7fe883d5b0a134e6f562d91dfdff http://security.ubuntu.com/ubuntu/poo...idbrowser_0.3.0rc1a-1~8.04.2_i386.deb Size/MD5: 1192374 75f56b11566863c175d97f2015c8c4e0 http://security.ubuntu.com/ubuntu/poo.../yelp_2.22.1-0ubuntu2.8.04.2_i386.deb Size/MD5: 346632 08944188ce8e4e48b76f63c6bead71f9 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/d/d...devhelp_0.19-1ubuntu1.8.04.3_lpia.deb Size/MD5: 16710 9eca7f0fe03d7555b777e2f3bbd69444 http://ports.ubuntu.com/pool/main/d/d...elp-1-0_0.19-1ubuntu1.8.04.3_lpia.deb Size/MD5: 92962 6ebfa49dcabb3d76a43c929d0ad9b86d http://ports.ubuntu.com/pool/main/d/d...p-1-dev_0.19-1ubuntu1.8.04.3_lpia.deb Size/MD5: 6708 1e479fcf05f054761cb6c5f645691272 http://ports.ubuntu.com/pool/main/e/e...r-dbg_2.22.2-0ubuntu0.8.04.5_lpia.deb Size/MD5: 1881282 9acc6a2939b1a0f25d9957170fb2be0d http://ports.ubuntu.com/pool/main/e/e...gecko_2.22.2-0ubuntu0.8.04.5_lpia.deb Size/MD5: 540030 f21b130d59e6765fcf62145741edfb31 http://ports.ubuntu.com/pool/main/m/m...idbrowser_0.3.0rc1a-1~8.04.2_lpia.deb Size/MD5: 1187040 8b9a8b1a869b4126113c1a42144fa749 http://ports.ubuntu.com/pool/main/y/yelp/yelp_2.22.1-0ubuntu2.8.04.2_lpia.deb Size/MD5: 347230 bb2cf6e1ffd5251a3fdc0ca040591720 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/d/d...help_0.19-1ubuntu1.8.04.3_powerpc.deb Size/MD5: 19474 c8238d336c7d5809ffd284e23e583258 http://ports.ubuntu.com/pool/main/d/d...-1-0_0.19-1ubuntu1.8.04.3_powerpc.deb Size/MD5: 101252 71fc2e25b914d62b9dcc84fa34a37bb5 http://ports.ubuntu.com/pool/main/d/d...-dev_0.19-1ubuntu1.8.04.3_powerpc.deb Size/MD5: 6712 f02cac506dc419a8d6bbea10f17f6c31 http://ports.ubuntu.com/pool/main/e/e...bg_2.22.2-0ubuntu0.8.04.5_powerpc.deb Size/MD5: 1931954 959869f5deb73dc20ad999df7db6db29 http://ports.ubuntu.com/pool/main/e/e...ko_2.22.2-0ubuntu0.8.04.5_powerpc.deb Size/MD5: 576138 a07f45bdb84eda63783fda40635d12a8 http://ports.ubuntu.com/pool/main/m/m...rowser_0.3.0rc1a-1~8.04.2_powerpc.deb Size/MD5: 1212598 1e1c5ab7e9e4e1ad45763faffc0e2d83 http://ports.ubuntu.com/pool/main/y/yelp/yelp_2.22.1-0ubuntu2.8.04.2_powerpc.deb Size/MD5: 361420 7f1093eb894d3c55c8d15efd793ae451 Changelog: 2008-08-05: Updated "Solution" section to include information about updated packages with dependencies on xulrunner. Added link to "Original Advisory" section. Original Advisory: https://lists.ubuntu.com/archives/ubuntu-security-announce/2008-July/000735.html https://lists.ubuntu.com/archives/ubu...rity-announce/2008-August/000739.html Other References: SA30761: http://secunia.com/advisories/30761/ SA31106: http://secunia.com/advisories/31106/

Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released. Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise. Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

Latest Advisories

2nd Dec, 2008

New advisories:	14
New vulnerabilities:	21
Updated advisories:	26

Less // 410 views

Linksys WRT160N Cross-Site Scripting Vulnerability

Less // 390 views

IBM Rational ClearQuest Multiple Vulnerabilities

Not // 314 views

Debian update for flamethrower

Not // 305 views

flamethrower Insecure Temporary Files

Less // 363 views

IBM Rational ClearCase Cross-Site Scripting Vulnerability

Not // 352 views

DAHDI "ZT_SPANCONFIG" IOCTL Privilege Escalation Vulnerability

Not // 346 views

Zaptel "ZT_SPANCONFIG" IOCTL Privilege Escalation Vulnerabilities

Moderately // 335 views

Rumpus Multiple Vulnerabilities

Less // 351 views

bcoos "cid" SQL Injection Vulnerability

Moderately // 364 views

ASP Portal "ASPPortal.mdb" Database Disclosure Security Issue

Solutions | More...

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com. Ideas, suggestions, and other feedback are most welcome.