Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2008.0136 -- [Win][UNIX/Linux][Debian]
New xulrunner packages fix several vulnerabilities
11 February 2008
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: xulrunner
Publisher: Debian
Operating System: Debian GNU/Linux 4.0
UNIX variants (UNIX, Linux, OSX)
Windows
Impact: Execute Arbitrary Code/Commands
Access Confidential Data
Increased Privileges
Denial of Service
Provide Misleading Information
Access: Remote/Unauthenticated
CVE Names: CVE-2008-0594 CVE-2008-0593 CVE-2008-0592
CVE-2008-0591 CVE-2008-0419 CVE-2008-0418
CVE-2008-0417 CVE-2008-0416 CVE-2008-0415
CVE-2008-0414 CVE-2008-0413 CVE-2008-0412
Ref: AA-2008.0014
Original Bulletin: http://www.debian.org/security/2008/dsa-1484
Comment: This advisory references vulnerabilities in products which run on
platforms other than Debian. It is recommended that administrators
running xulrunner check for an updated version of the software for
their operating system.
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - ------------------------------------------------------------------------
Debian Security Advisory DSA-1484-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
February 10, 2008 http://www.debian.org/security/faq
- - ------------------------------------------------------------------------
Package : xulrunner
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2008-0412 CVE-2008-0413 CVE-2008-0414 CVE-2008-0415 CVE-2008-0416 CVE-2008-0417 CVE-2008-0418 CVE-2008-0419 CVE-2008-0591 CVE-2008-0592 CVE-2008-0593 CVE-2008-0594
Several remote vulnerabilities have been discovered in Xulrunner, a
runtime environment for XUL applications. The Common Vulnerabilities and
Exposures project identifies the following problems:
CVE-2008-0412
Jesse Ruderman, Kai Engert, Martijn Wargers, Mats Palmgren and Paul
Nickerson discovered crashes in the layout engine, which might allow
the execution of arbitrary code.
CVE-2008-0413
Carsten Book, Wesley Garland, Igor Bukanov, "moz_bug_r_a4", "shutdown",
Philip Taylor and "tgirmann" discovered crashes in the Javascript
engine, which might allow the execution of arbitrary code.
CVE-2008-0414
"hong" and Gregory Fleisher discovered that file input focus
vulnerabilities in the file upload control could allow information
disclosure of local files.
CVE-2008-0415
"moz_bug_r_a4" and Boris Zbarsky discovered discovered several
vulnerabilities in Javascript handling, which could allow
privilege escalation.
CVE-2008-0417
Justin Dolske discovered that the password storage machanism could
be abused by malicious web sites to corrupt existing saved passwords.
CVE-2008-0418
Gerry Eisenhaur and "moz_bug_r_a4" discovered that a directory
traversal vulnerability in chrome: URI handling could lead to
information disclosure.
CVE-2008-0419
David Bloom discovered a race condition in the image handling of
designMode elements, which could lead to information disclosure or
potentially the execution of arbitrary code.
CVE-2008-0591
Michal Zalewski discovered that timers protecting security-sensitive
dialogs (which disable dialog elements until a timeout is reached)
could be bypassed by window focus changes through Javascript.
CVE-2008-0592
It was discovered that malformed content declarations of saved
attachments could prevent a user in the opening local files
with a ".txt" file name, resulting in minor denial of service.
CVE-2008-0593
Martin Straka discovered that insecure stylesheet handling during
redirects could lead to information disclosure.
CVE-2008-0594
Emil Ljungdahl and Lars-Olof Moilanen discovered that phishing
protections could be bypassed with <div> elements.
For the stable distribution (etch), these problems have been fixed in
version 1.8.0.15~pre080131b-0etch1.
The old stable distribution (sarge) doesn't contain xulrunner.
We recommend that you upgrade your xulrunner packages.
Upgrade instructions
- - --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian 4.0 (stable)
- - -------------------
Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131b.orig.tar.gz
Size/MD5 checksum: 42973580 d79eb23c39acecdd77b75e21f60f1ed7
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131b-0etch1.dsc
Size/MD5 checksum: 1984 3be3e9cea71684c38875204f26b4991f
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131a-0etch1.dsc
Size/MD5 checksum: 1984 51d5d15af381b1cb1c7a53b86403eaaa
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131b-0etch1.diff.gz
Size/MD5 checksum: 146050 71b08cb7e88e9979cc95f8b266f32314
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131a.orig.tar.gz
Size/MD5 checksum: 42937342 47a9192461a2810f3c723886f7eca283
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131a-0etch1.diff.gz
Size/MD5 checksum: 145864 b0e482844e8b0868b8897a6800e77975
Architecture independent packages:
http://security.debian.org/pool/updates/main/x/xulrunner/libxul-dev_1.8.0.15~pre080131a-0etch1_all.deb
Size/MD5 checksum: 2633898 2c0c7ae96e9278637bb81af28fd7f925
http://security.debian.org/pool/updates/main/x/xulrunner/libxul-dev_1.8.0.15~pre080131b-0etch1_all.deb
Size/MD5 checksum: 2634120 2387467e43b34edc7e5bdabd0cd5f756
http://security.debian.org/pool/updates/main/x/xulrunner/libxul-common_1.8.0.15~pre080131b-0etch1_all.deb
Size/MD5 checksum: 1050378 ffe37ceeea4eda6261b77d25ec6b3f38
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.8.0.15~pre080131b-0etch1_all.deb
Size/MD5 checksum: 176062 af6d7a398fb5eabbc9f581d0c8c7f7ed
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-dev_1.8.0.15~pre080131a-0etch1_all.deb
Size/MD5 checksum: 230070 83c168fa21244c230c0d2df159626bb9
http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-dev_1.8.0.15~pre080131b-0etch1_all.deb
Size/MD5 checksum: 206794 de905a84614b3cb44f5fd54ebd416e2d
http://security.debian.org/pool/updates/main/x/xulrunner/libsmjs1_1.8.0.15~pre080131a-0etch1_all.deb
Size/MD5 checksum: 35414 b45b2ef1471867ca5c446023c7a46c3f
http://security.debian.org/pool/updates/main/x/xulrunner/libsmjs-dev_1.8.0.15~pre080131b-0etch1_all.deb
Size/MD5 checksum: 35822 1dc6f6b43e6cc7c38acd8943ef86d697
http://security.debian.org/pool/updates/main/x/xulrunner/libxul-common_1.8.0.15~pre080131a-0etch1_all.deb
Size/MD5 checksum: 1050002 52eec73387a5e36a5ffe8cbb5e7f3203
http://security.debian.org/pool/updates/main/x/xulrunner/libmozillainterfaces-java_1.8.0.15~pre080131a-0etch1_all.deb
Size/MD5 checksum: 1029292 81006ec854a8834da8e113c63e176d9a
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.8.0.15~pre080131a-0etch1_all.deb
Size/MD5 checksum: 175770 eb3affe3c479e8bf3005d586ce56fb5e
http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-dev_1.8.0.15~pre080131a-0etch1_all.deb
Size/MD5 checksum: 206536 37919c2a5d4ca2c021e09a7dfab052f1
http://security.debian.org/pool/updates/main/x/xulrunner/libsmjs1_1.8.0.15~pre080131b-0etch1_all.deb
Size/MD5 checksum: 35784 dc71cd4970b2cb41d13e39d03936a61a
http://security.debian.org/pool/updates/main/x/xulrunner/libsmjs-dev_1.8.0.15~pre080131a-0etch1_all.deb
Size/MD5 checksum: 35450 30ac22d7e6fef1e1e3c39ff95bdf7951
http://security.debian.org/pool/updates/main/x/xulrunner/libmozillainterfaces-java_1.8.0.15~pre080131b-0etch1_all.deb
Size/MD5 checksum: 1029436 8acd28a5da001860fb32d956a0c88c45
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-dev_1.8.0.15~pre080131b-0etch1_all.deb
Size/MD5 checksum: 230362 1ca1b510e995e263ed9354e66f4528eb
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d-dbg_1.8.0.15~pre080131b-0etch1_alpha.deb
Size/MD5 checksum: 300982 48d43a6cfd1600028589560d7b040265
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131b-0etch1_alpha.deb
Size/MD5 checksum: 291128 3b4dcdb6e4ecd609a1c6056b728ca288
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d_1.8.0.15~pre080131b-0etch1_alpha.deb
Size/MD5 checksum: 906354 4feeaee98fdb8d5f56860bcf94954564
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d-dbg_1.8.0.15~pre080131b-0etch1_alpha.deb
Size/MD5 checksum: 3186292 2557eac0d85c069fcfdb5830f1f75590
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d-dbg_1.8.0.15~pre080131b-0etch1_alpha.deb
Size/MD5 checksum: 764336 cd2af94cc30bed1ee9cd2327d2589143
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d_1.8.0.15~pre080131b-0etch1_alpha.deb
Size/MD5 checksum: 385230 25c81071ee590a4eae5ac7555986acce
http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d_1.8.0.15~pre080131b-0etch1_alpha.deb
Size/MD5 checksum: 7329400 fb6d733eddc6bfbdfbb6193f4f65310f
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.8.0.15~pre080131b-0etch1_alpha.deb
Size/MD5 checksum: 130240 162aefa99f09b206ae7f3a3d1f420699
http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d-dbg_1.8.0.15~pre080131b-0etch1_alpha.deb
Size/MD5 checksum: 45948622 3426f00b33d6097ee98f3fc09495a1c9
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.8.0.15~pre080131b-0etch1_alpha.deb
Size/MD5 checksum: 52342 e1cc8197d761872f98e5992d5aa8fee6
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-tools_1.8.0.15~pre080131b-0etch1_alpha.deb
Size/MD5 checksum: 738446 ab60bbfa0fd9530d9bce9fa3c93376b6
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-gnome-support_1.8.0.15~pre080131b-0etch1_alpha.deb
Size/MD5 checksum: 70402 0cec5fa10dcb21a2378a9f0e7c8f189d
http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d_1.8.0.15~pre080131b-0etch1_alpha.deb
Size/MD5 checksum: 161168 f46b0777b133822c5c5ad389829d0194
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d-dbg_1.8.0.15~pre080131b-0etch1_amd64.deb
Size/MD5 checksum: 753432 c8c962830a17b8ab975d8aeef960e803
http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d_1.8.0.15~pre080131a-0etch1_amd64.deb
Size/MD5 checksum: 147500 b37b5d6a85d991db43a18c6c94bbcf8c
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-gnome-support_1.8.0.15~pre080131b-0etch1_amd64.deb
Size/MD5 checksum: 68282 35d18dd0fdbc3948e696a6fe4d12afc1
http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d-dbg_1.8.0.15~pre080131a-0etch1_amd64.deb
Size/MD5 checksum: 45145750 59972f75638dbd035a86341b39f79832
http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d-dbg_1.8.0.15~pre080131b-0etch1_amd64.deb
Size/MD5 checksum: 303680 69dec62893e18e9dda4ef28f9832ee7c
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131a-0etch1_amd64.deb
Size/MD5 checksum: 276986 650983885aaef6ba70dda601b07d8ecb
http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d-dbg_1.8.0.15~pre080131b-0etch1_amd64.deb
Size/MD5 checksum: 45147940 ec7a996914e129b796acfcb86abac487
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.8.0.15~pre080131b-0etch1_amd64.deb
Size/MD5 checksum: 125210 c50e21bfbf2edfc9277c67caa0ac163b
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d_1.8.0.15~pre080131a-0etch1_amd64.deb
Size/MD5 checksum: 808142 9f8593791ce1752eefafc9ec88c5dcd4
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d-dbg_1.8.0.15~pre080131b-0etch1_amd64.deb
Size/MD5 checksum: 3174014 7426545d5a3f56ce648019a76d8c0867
http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d-dbg_1.8.0.15~pre080131a-0etch1_amd64.deb
Size/MD5 checksum: 303446 73757ffad29d0a1e742711fbda071665
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.8.0.15~pre080131a-0etch1_amd64.deb
Size/MD5 checksum: 51678 84e1b4e4747b081883c05d825b88a36a
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d-dbg_1.8.0.15~pre080131a-0etch1_amd64.deb
Size/MD5 checksum: 3173420 ca68b574627a63924fb19ebca8c672c4
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d_1.8.0.15~pre080131a-0etch1_amd64.deb
Size/MD5 checksum: 354378 9e67f3e42f33ca7a5e44a0544b92b4ec
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-tools_1.8.0.15~pre080131a-0etch1_amd64.deb
Size/MD5 checksum: 669282 1ad49fa8d4698bac3b0f6bd7886bbe30
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d_1.8.0.15~pre080131b-0etch1_amd64.deb
Size/MD5 checksum: 808492 a99f3db09934b7bdd3e00ebe81889f66
http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d_1.8.0.15~pre080131a-0etch1_amd64.deb
Size/MD5 checksum: 6327570 c17bfaef24a64d8d0cb8c730dc023baf
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.8.0.15~pre080131b-0etch1_amd64.deb
Size/MD5 checksum: 52062 7de4f3fe458386edce1c1e832476e64e
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.8.0.15~pre080131a-0etch1_amd64.deb
Size/MD5 checksum: 124804 1005cc5d3d6f505d6a303db0f179cf4d
http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d_1.8.0.15~pre080131b-0etch1_amd64.deb
Size/MD5 checksum: 147864 6e083997dd2452e26982fc0dd2c8e719
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d-dbg_1.8.0.15~pre080131a-0etch1_amd64.deb
Size/MD5 checksum: 752848 2ea7f2567a7ca60fa4476dea03241278
http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d_1.8.0.15~pre080131b-0etch1_amd64.deb
Size/MD5 checksum: 6328008 7b8f4db75a18132fac5b103d12d81d3c
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-tools_1.8.0.15~pre080131b-0etch1_amd64.deb
Size/MD5 checksum: 669644 6587efbb34209f66048072eb052ab833
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d_1.8.0.15~pre080131b-0etch1_amd64.deb
Size/MD5 checksum: 354708 041297ad5a40f025fef6c235a94afb43
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131b-0etch1_amd64.deb
Size/MD5 checksum: 277434 7fa6328b4d0d66fcd1b1908fcfe5fe9f
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-gnome-support_1.8.0.15~pre080131a-0etch1_amd64.deb
Size/MD5 checksum: 67946 44d5fc415eb1d43b6869523926747738
arm architecture (ARM)
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.8.0.15~pre080131b-0etch1_arm.deb
Size/MD5 checksum: 49456 22e65d343a41af6443408bc0223992eb
http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d_1.8.0.15~pre080131b-0etch1_arm.deb
Size/MD5 checksum: 135634 17f99aa17baaceb02a769fdeda294cd0
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d_1.8.0.15~pre080131b-0etch1_arm.deb
Size/MD5 checksum: 324576 7521322a51ac65c32c8e67f8a2095ef0
http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d-dbg_1.8.0.15~pre080131b-0etch1_arm.deb
Size/MD5 checksum: 44664474 fbff4a59f8b2034fb108fef12a6c12ae
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.8.0.15~pre080131b-0etch1_arm.deb
Size/MD5 checksum: 117832 5496f9db06bb197885ae1ff7371daed0
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d_1.8.0.15~pre080131b-0etch1_arm.deb
Size/MD5 checksum: 730656 c2a86cce88556d00553cd703cfd2c12f
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d-dbg_1.8.0.15~pre080131b-0etch1_arm.deb
Size/MD5 checksum: 2968402 4e5ba6e87b2fb6967b4f821680b64a58
http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d_1.8.0.15~pre080131b-0etch1_arm.deb
Size/MD5 checksum: 5355970 369f8776b78c73b6db7d51fb46850e62
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-gnome-support_1.8.0.15~pre080131b-0etch1_arm.deb
Size/MD5 checksum: 61692 b9a3d7e1b32e271a25b7b2b8173e0f33
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131b-0etch1_arm.deb
Size/MD5 checksum: 258892 49d11772c74e03931100e9d02f23f35d
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-tools_1.8.0.15~pre080131b-0etch1_arm.deb
Size/MD5 checksum: 593128 9e31d92168b146532d07a21e6bc7bdfd
http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d-dbg_1.8.0.15~pre080131b-0etch1_arm.deb
Size/MD5 checksum: 289292 0f902cb061feaf34cee6e60d46e6ef47
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d-dbg_1.8.0.15~pre080131b-0etch1_arm.deb
Size/MD5 checksum: 703358 6649a66e3c628d932de2345a4ecef221
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d-dbg_1.8.0.15~pre080131b-0etch1_i386.deb
Size/MD5 checksum: 710732 397aa33947cc7f0da183ac261274ffa3
http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d-dbg_1.8.0.15~pre080131b-0etch1_i386.deb
Size/MD5 checksum: 295572 b6e2e388939b49af9a396debf1e90b66
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-tools_1.8.0.15~pre080131b-0etch1_i386.deb
Size/MD5 checksum: 627208 8048ec98892b5cebeb7e17a55b9a7d6f
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-gnome-support_1.8.0.15~pre080131b-0etch1_i386.deb
Size/MD5 checksum: 62710 89595874bc60ef85b36270580e20613b
http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d_1.8.0.15~pre080131b-0etch1_i386.deb
Size/MD5 checksum: 5368326 f7664ccc035943f851f01e3992681b5d
http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d-dbg_1.8.0.15~pre080131b-0etch1_i386.deb
Size/MD5 checksum: 44624964 770c4b5ad23a1d6f200425a564f84e45
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.8.0.15~pre080131b-0etch1_i386.deb
Size/MD5 checksum: 49588 023481e8c7f2e78e11561a040a3a1693
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.8.0.15~pre080131b-0etch1_i386.deb
Size/MD5 checksum: 116676 a9e74b2ae216480367d0c8bafae57054
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131b-0etch1_i386.deb
Size/MD5 checksum: 266700 fbbf2519f94a17ed2427a5dbf916c784
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d_1.8.0.15~pre080131b-0etch1_i386.deb
Size/MD5 checksum: 741590 a205d2bdc8889cd78c1adb8c99804f28
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d_1.8.0.15~pre080131b-0etch1_i386.deb
Size/MD5 checksum: 334708 944e8037955e913e0c8157c3257d71a6
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d-dbg_1.8.0.15~pre080131b-0etch1_i386.deb
Size/MD5 checksum: 3032758 663e70e607fa567760f68362da20b19a
http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d_1.8.0.15~pre080131b-0etch1_i386.deb
Size/MD5 checksum: 138698 cc1fcfeef25b88a8b94ed853c0af67ad
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.8.0.15~pre080131b-0etch1_ia64.deb
Size/MD5 checksum: 56574 0bbeccb1ce17be00a8887e0902829e0f
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d_1.8.0.15~pre080131b-0etch1_ia64.deb
Size/MD5 checksum: 531052 770b95f6a5e30262b102bb04a684dadb
http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d-dbg_1.8.0.15~pre080131b-0etch1_ia64.deb
Size/MD5 checksum: 286474 7932d0a227db4dbed963bab2b38890b0
http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d-dbg_1.8.0.15~pre080131b-0etch1_ia64.deb
Size/MD5 checksum: 45357506 339751b77c0e193d43f016b46eca0635
http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d_1.8.0.15~pre080131b-0etch1_ia64.deb
Size/MD5 checksum: 197948 30bffc4adc86f7e49292c145a0ef455e
http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d_1.8.0.15~pre080131b-0etch1_ia64.deb
Size/MD5 checksum: 9663880 e103905d48fa01fe650323a522ff6954
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-gnome-support_1.8.0.15~pre080131b-0etch1_ia64.deb
Size/MD5 checksum: 79762 b789747fdbf8b08dea00a16ebb6f924c
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d-dbg_1.8.0.15~pre080131b-0etch1_ia64.deb
Size/MD5 checksum: 3051164 28f374f15fecccd28bea59064b0c52fd
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-tools_1.8.0.15~pre080131b-0etch1_ia64.deb
Size/MD5 checksum: 936678 692aa35342cbbfb656cdd43a0f355ab3
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d-dbg_1.8.0.15~pre080131b-0etch1_ia64.deb
Size/MD5 checksum: 755838 e55303e75fa0dcaab2c893eebd7695fa
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d_1.8.0.15~pre080131b-0etch1_ia64.deb
Size/MD5 checksum: 1121196 4f382bd65f60b39c17e6e66faeb4108a
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131b-0etch1_ia64.deb
Size/MD5 checksum: 332634 5ec04e80c91099cd2dde29047316244a
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.8.0.15~pre080131b-0etch1_ia64.deb
Size/MD5 checksum: 149144 15ebb931cd15a83f4fb539e22982cd39
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d-dbg_1.8.0.15~pre080131b-0etch1_mips.deb
Size/MD5 checksum: 784330 e89bba3330bc0a61ad525e165819e69e
http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d-dbg_1.8.0.15~pre080131b-0etch1_mips.deb
Size/MD5 checksum: 311760 351292979a7488097b17f907a1e92820
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d_1.8.0.15~pre080131b-0etch1_mips.deb
Size/MD5 checksum: 808276 ee9acac231e6fff310ceb0c626c6d1cb
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d_1.8.0.15~pre080131b-0etch1_mips.deb
Size/MD5 checksum: 351380 06ecbda29c2cea54510c941b6ed31134
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.8.0.15~pre080131b-0etch1_mips.deb
Size/MD5 checksum: 118024 049421e624a450aada091b2d07ba70ba
http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d_1.8.0.15~pre080131b-0etch1_mips.deb
Size/MD5 checksum: 145710 14c35662677be2aed778ee7400c2c79b
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131b-0etch1_mips.deb
Size/MD5 checksum: 274308 7c68191e462f1460927c7be8bdb7e182
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-tools_1.8.0.15~pre080131b-0etch1_mips.deb
Size/MD5 checksum: 669768 557b80e4f86e977f42b9e2b996880a86
http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d-dbg_1.8.0.15~pre080131b-0etch1_mips.deb
Size/MD5 checksum: 46687762 ef81d10fea89271a855e01b334833717
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d-dbg_1.8.0.15~pre080131b-0etch1_mips.deb
Size/MD5 checksum: 3289098 054cae9b445a045e43c12dfc93cd3356
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.8.0.15~pre080131b-0etch1_mips.deb
Size/MD5 checksum: 50716 e733f66563d7bb1f764e7c34709fda37
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-gnome-support_1.8.0.15~pre080131b-0etch1_mips.deb
Size/MD5 checksum: 63434 3a69abf92a663bfe95f684ccefe4983f
http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d_1.8.0.15~pre080131b-0etch1_mips.deb
Size/MD5 checksum: 5944088 e08a07f98ed2adeaa9e74a4e0a7d213c
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131b-0etch1_mipsel.deb
Size/MD5 checksum: 273732 fe3e41fc6cbe013c8262215834a28119
http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d-dbg_1.8.0.15~pre080131b-0etch1_mipsel.deb
Size/MD5 checksum: 304800 50416b404580e7188876d94d8eb9015c
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d-dbg_1.8.0.15~pre080131b-0etch1_mipsel.deb
Size/MD5 checksum: 3186108 070e831b5104759d2803b16ecddb17da
http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d_1.8.0.15~pre080131b-0etch1_mipsel.deb
Size/MD5 checksum: 5739368 0eccc3edddac7afaa2cf484c4469aaf7
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d_1.8.0.15~pre080131b-0etch1_mipsel.deb
Size/MD5 checksum: 349968 1bc48c752746f6f2c34a60b22fdb38ee
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-tools_1.8.0.15~pre080131b-0etch1_mipsel.deb
Size/MD5 checksum: 669626 55f71a4cfd9ac9ba5a091a3dd41d268a
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-gnome-support_1.8.0.15~pre080131b-0etch1_mipsel.deb
Size/MD5 checksum: 64012 9353c1b44e4ee9f494d8478c11573fb5
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.8.0.15~pre080131b-0etch1_mipsel.deb
Size/MD5 checksum: 51284 b6312a4640f0d138871ba08df9f948fc
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.8.0.15~pre080131b-0etch1_mipsel.deb
Size/MD5 checksum: 117726 da80f2a5b2c8c8192351d017cd9b0d68
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d-dbg_1.8.0.15~pre080131b-0etch1_mipsel.deb
Size/MD5 checksum: 765160 9cbf5e4f1e664a282a8d76ce8bad69a2
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d_1.8.0.15~pre080131b-0etch1_mipsel.deb
Size/MD5 checksum: 784644 8b52671434cb8e15818eb13d33bc665e
http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d_1.8.0.15~pre080131b-0etch1_mipsel.deb
Size/MD5 checksum: 145286 3adcf75154f79421081e4d18d59d22d6
http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d-dbg_1.8.0.15~pre080131b-0etch1_mipsel.deb
Size/MD5 checksum: 45292438 ca6193ec62287b980a58a711d62cffcc
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.8.0.15~pre080131b-0etch1_powerpc.deb
Size/MD5 checksum: 52536 a9ec3762768c9ad67ed70b7a8cd6edc0
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-tools_1.8.0.15~pre080131b-0etch1_powerpc.deb
Size/MD5 checksum: 639322 7e0aa68f51162bf3d5597954e66c7385
http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d-dbg_1.8.0.15~pre080131b-0etch1_powerpc.deb
Size/MD5 checksum: 310200 36d405b11f1cd0ace489150394d741bd
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-gnome-support_1.8.0.15~pre080131b-0etch1_powerpc.deb
Size/MD5 checksum: 63916 03451c765e218e3548a5dc2d53f1a2e8
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d-dbg_1.8.0.15~pre080131b-0etch1_powerpc.deb
Size/MD5 checksum: 772648 4ea5bdf6b37ff7832948ac76e5766139
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d_1.8.0.15~pre080131b-0etch1_powerpc.deb
Size/MD5 checksum: 348628 8da80d959e39efee0e5cd20251cc39bb
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131b-0etch1_powerpc.deb
Size/MD5 checksum: 277876 8bb9e0b00e4f46c07ad604b45a4f4eeb
http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d_1.8.0.15~pre080131b-0etch1_powerpc.deb
Size/MD5 checksum: 147032 78d723c27aafbdd33e83901d13722a14
http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d-dbg_1.8.0.15~pre080131b-0etch1_powerpc.deb
Size/MD5 checksum: 46874596 f2e11607412d686b798f878361deeeff
http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d_1.8.0.15~pre080131b-0etch1_powerpc.deb
Size/MD5 checksum: 6099098 50dde844e2f1fae3452307098a12d08c
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d-dbg_1.8.0.15~pre080131b-0etch1_powerpc.deb
Size/MD5 checksum: 3207150 5428a19c432e674817b061b5e31e1f02
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d_1.8.0.15~pre080131b-0etch1_powerpc.deb
Size/MD5 checksum: 809362 45fa89e5a2af0c2dcbeadc06c27bd36a
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.8.0.15~pre080131b-0etch1_powerpc.deb
Size/MD5 checksum: 123126 754648cbc07a2cc987321d68d6a78b3f
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131b-0etch1_s390.deb
Size/MD5 checksum: 281618 1bd2653b2fd2113706d81b02b150a560
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d-dbg_1.8.0.15~pre080131b-0etch1_s390.deb
Size/MD5 checksum: 755162 dcbac1d2a435ff374aa305aad5f72464
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d_1.8.0.15~pre080131b-0etch1_s390.deb
Size/MD5 checksum: 371488 d6ea73f2efa87c87f32401998a7f99ea
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d_1.8.0.15~pre080131b-0etch1_s390.deb
Size/MD5 checksum: 898132 011e5bed5cb5d4f2a457882938acae81
http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d-dbg_1.8.0.15~pre080131b-0etch1_s390.deb
Size/MD5 checksum: 305854 22d76ea19b1920a5a2572ae1a497d983
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d-dbg_1.8.0.15~pre080131b-0etch1_s390.deb
Size/MD5 checksum: 3180818 62b62889a169b71c07ca3d03f35704d1
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.8.0.15~pre080131b-0etch1_s390.deb
Size/MD5 checksum: 52772 4c8f071150c61fbb402cbd891dd6ac66
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-gnome-support_1.8.0.15~pre080131b-0etch1_s390.deb
Size/MD5 checksum: 68908 0ede3f190162f44e8b70aad56daa6229
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-tools_1.8.0.15~pre080131b-0etch1_s390.deb
Size/MD5 checksum: 687716 30847b7306c14e25b498e73e9fd7dd0a
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.8.0.15~pre080131b-0etch1_s390.deb
Size/MD5 checksum: 126058 795a33ce780ebae00a31998d0ef37057
http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d_1.8.0.15~pre080131b-0etch1_s390.deb
Size/MD5 checksum: 159618 573178b3a9c6d426ee31178d5a129c35
http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d_1.8.0.15~pre080131b-0etch1_s390.deb
Size/MD5 checksum: 6801218 5824b818bb24185d2313f4bc21d61a7c
http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d-dbg_1.8.0.15~pre080131b-0etch1_s390.deb
Size/MD5 checksum: 46003092 8cbe685cb014f00d9ad20320166c84de
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d_1.8.0.15~pre080131b-0etch1_sparc.deb
Size/MD5 checksum: 135832 e9fb59db7db4cf8115b0f0c31e9fa02d
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d-dbg_1.8.0.15~pre080131b-0etch1_sparc.deb
Size/MD5 checksum: 2853772 1a5ba8494429e218af457c41e386ffa4
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.8.0.15~pre080131b-0etch1_sparc.deb
Size/MD5 checksum: 117874 e0f3af0c4ad032d8733ecdbcbde742bd
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-0d_1.8.0.15~pre080131b-0etch1_sparc.deb
Size/MD5 checksum: 718812 26e1bcaa5c6e9c8ba33bf38ba9ca5094
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.8.0.15~pre080131b-0etch1_sparc.deb
Size/MD5 checksum: 260112 3a376a641bcd399fa7edfd6aeeda02a6
http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d_1.8.0.15~pre080131b-0etch1_sparc.deb
Size/MD5 checksum: 5676820 6ef1646cdaaa3f92b27a9f1e5fee2ae4
http://security.debian.org/pool/updates/main/x/xulrunner/libxul0d-dbg_1.8.0.15~pre080131b-0etch1_sparc.deb
Size/MD5 checksum: 44719838 da7ac96f4867146786a4e4c0d6394aa3
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d-dbg_1.8.0.15~pre080131b-0etch1_sparc.deb
Size/MD5 checksum: 673966 23dd041a33c8358ef3670e572ad35b2d
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs0d_1.8.0.15~pre080131b-0etch1_sparc.deb
Size/MD5 checksum: 322360 b1495cfeabbb859be0ad55779ba90d04
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.8.0.15~pre080131b-0etch1_sparc.deb
Size/MD5 checksum: 50658 52359135ca3b9e3304de344c671ee659
http://security.debian.org/pool/updates/main/x/xulrunner/libnspr4-0d-dbg_1.8.0.15~pre080131b-0etch1_sparc.deb
Size/MD5 checksum: 283234 7675926943bd9f7d5f296c5360bae2c3
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-gnome-support_1.8.0.15~pre080131b-0etch1_sparc.deb
Size/MD5 checksum: 62208 52394124b19e044fe376363c82fce3b4
http://security.debian.org/pool/updates/main/x/xulrunner/libnss3-tools_1.8.0.15~pre080131b-0etch1_sparc.deb
Size/MD5 checksum: 585246 26a306c978adab161746d1ba6d4d0f2a
These files will probably be moved into the stable distribution on
its next update.
- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHr10aXm3vHE4uyloRAnZpAKCj1FVwZ+WHS3QR9b1Khn2gys+9IQCeJX/o
mMZYsCXfn6MFZCNR/Od5Ljs=
=PkI/
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBR6+KyCh9+71yA2DNAQKbLgP+KlMgp7+p4e/D67Lwl6O0S0mR8guutlDf
0lBaEUnJxbZIJhpj64xv9JZ1Y2ZQuj4KUf2C2MynoT7Qh+cOo6U2JFBKSqByrWOn
0NADxl4KpJgEsb2VgXrKdbTMSSD/UFU0j1SxqhijIbWs02YakAyWExVekL7t0tUp
e0WHv+dmcbg=
=3woL
-----END PGP SIGNATURE-----