Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2010.0808 New xulrunner packages fix several vulnerabilities 9 September 2010 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: xulrunner Publisher: Debian Operating System: Debian GNU/Linux 5 Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Cross-site Scripting -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2010-3169 CVE-2010-3168 CVE-2010-3167 CVE-2010-2769 CVE-2010-2768 CVE-2010-2767 CVE-2010-2766 CVE-2010-2765 CVE-2010-2763 CVE-2010-2760 Reference: ASB-2010.0202 ESB-2010.0806 Original Bulletin: http://www.debian.org/security/2010/dsa-2106 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - ------------------------------------------------------------------------ Debian Security Advisory DSA-2106-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff September 08, 2010 http://www.debian.org/security/faq - - ------------------------------------------------------------------------ Package : xulrunner Vulnerability : several Problem type : remote Debian-specific: no CVE Id(s) : CVE-2010-2760 CVE-2010-2763 CVE-2010-2765 CVE-2010-2766 CVE-2010-2767 CVE-2010-2768 CVE-2010-2769 CVE-2010-3167 CVE-2010-3168 CVE-2010-3169 Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems: - - - Implementation errors in XUL processing allow the execution of arbitrary code (CVE-2010-2760, CVE-2010-3167, CVE-2010-3168) - - - An implementation error in the XPCSafeJSObjectWrapper wrapper allows the bypass of the same origin policy (CVE-2010-2763) - - - An integer overflow in frame handling allows the execution of arbitrary code (CVE-2010-2765) - - - An implementation error in DOM handling allows the execution of arbitrary code (CVE-2010-2766) - - - Incorrect pointer handling in the plugin code allow the execution of arbitrary code (CVE-2010-2767) - - - Incorrect handling of an object tag may lead to the bypass of cross site scripting filters (CVE-2010-2768) - - - Incorrect copy and paste handling could lead to cross site scripting (CVE-2010-2769) - - - Crashes in the layout engine may lead to the execution of arbitrary code (CVE-2010-3169) For the stable distribution (lenny), these problems have been fixed in version 1.9.0.19-4. For the unstable distribution (sid), these problems have been fixed in version 3.5.12-1 of the iceweasel source package (which now builds the xulrunner library binary packages). For the experimental distribution, these problems have been fixed in version 3.6.9-1 of the iceweasel source package (which now builds the xulrunner library binary packages). We recommend that you upgrade your xulrunner packages. Upgrade instructions - - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 5.0 alias lenny - - -------------------------------- Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19.orig.tar.gz Size/MD5 checksum: 44174623 83667df1e46399960593fdd8832e958e http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19-4.diff.gz Size/MD5 checksum: 163042 fef37900325a35cd19e6fadc7b4792ba http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19-4.dsc Size/MD5 checksum: 1755 4a3fc8eba2063cc8f2dec2016aa6da77 Architecture independent packages: http://security.debian.org/pool/updates/main/x/xulrunner/libmozillainterfaces-java_1.9.0.19-4_all.deb Size/MD5 checksum: 1466308 50ff44ff08dec48d4b2d652163ae7ea9 alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-4_alpha.deb Size/MD5 checksum: 223088 32227bedc240220da932e33d4abee362 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-4_alpha.deb Size/MD5 checksum: 9506836 c75cf0d768abbbe316c017fbfbb4eec0 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-4_alpha.deb Size/MD5 checksum: 939496 1d749f3b219ad21bcc4fbf22c1690a8b http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-4_alpha.deb Size/MD5 checksum: 433784 fac95b65081eb740e059bd3a90588d7a http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-4_alpha.deb Size/MD5 checksum: 164794 ae2bf12bb04caaf48b6a84fb52cfd763 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-4_alpha.deb Size/MD5 checksum: 3656062 888ebb75dc6d5237f3416c637f91c5f2 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-4_alpha.deb Size/MD5 checksum: 51196990 b0fee4e0bbdb80d69dc97e365e8ff43e http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-4_alpha.deb Size/MD5 checksum: 72720 879d51d99d5fb64da182fa88c5d9f98c http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-4_alpha.deb Size/MD5 checksum: 113584 6fb11bf561ed1dcabae7796cbb89598c amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-4_amd64.deb Size/MD5 checksum: 223374 6cbdbbb59698f1ec9d12dcdccaca5d86 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-4_amd64.deb Size/MD5 checksum: 50427988 bf8ac74b4d39dd0994a1c37511bd4c45 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-4_amd64.deb Size/MD5 checksum: 3292136 dbac5ae619a1f623e86a12d653153aa4 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-4_amd64.deb Size/MD5 checksum: 374794 71050edabc4c0e781cd96852946f8f12 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-4_amd64.deb Size/MD5 checksum: 101890 14ee3f51274befd9684905c0eea52bbe http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-4_amd64.deb Size/MD5 checksum: 7736376 f2e78eab4bcf0e2363cdeb94f04773b1 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-4_amd64.deb Size/MD5 checksum: 152338 d1a367d3afac973bb58fa4031205dbeb http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-4_amd64.deb Size/MD5 checksum: 891084 05fd7b1a7c4a9dc47a38451317aa488d http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-4_amd64.deb Size/MD5 checksum: 70288 d6d988ee37acff17e95787171f9ddf77 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-4_i386.deb Size/MD5 checksum: 68510 af4187f4addc059838b52024fd435191 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-4_i386.deb Size/MD5 checksum: 82864 8aa9afb20752a8f61255be8752855702 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-4_i386.deb Size/MD5 checksum: 49601488 c6ce39264a1a12b1492c02f848fdee95 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-4_i386.deb Size/MD5 checksum: 3571770 ffedb609c359cbecc06ef68a280b2277 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-4_i386.deb Size/MD5 checksum: 351474 cbd564d6ca1cbb312fc03523c7c88621 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-4_i386.deb Size/MD5 checksum: 141214 3c6b35f4d2bf2017e55b4e37bf6c5c2e http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-4_i386.deb Size/MD5 checksum: 222280 ed01a03f1a4c202850521801169925ae http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-4_i386.deb Size/MD5 checksum: 852478 2d8fd42dc9db80787df1eea444e2721c http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-4_i386.deb Size/MD5 checksum: 6609706 77ced17bf3c65fcda31f2a2eb210e4e3 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-4_ia64.deb Size/MD5 checksum: 180544 5b9afd460f42c6207313893d45356e57 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-4_ia64.deb Size/MD5 checksum: 542680 5d53abb5ce3c5a1a2ac6cb47bf06e7f0 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-4_ia64.deb Size/MD5 checksum: 76854 c504085a15276af4dec0898023090815 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-4_ia64.deb Size/MD5 checksum: 811746 35050579dfb783a57c9f801dd47cb77d http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-4_ia64.deb Size/MD5 checksum: 223454 aee920a2592ad6a2ad5e201f9d36970c http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-4_ia64.deb Size/MD5 checksum: 49784168 a8453682d6932ec7b8d5108f814898df http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-4_ia64.deb Size/MD5 checksum: 121848 34041de673ea9b4aad4f9ed7db7c9623 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-4_ia64.deb Size/MD5 checksum: 3401030 8de1452f6de11a6be66e7c3b40561d53 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-4_ia64.deb Size/MD5 checksum: 11318018 3920554c5ee4358aa7b256ff7b169485 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-4_mips.deb Size/MD5 checksum: 51951594 4555607e71857f2053912db9ec91bf48 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-4_mips.deb Size/MD5 checksum: 223174 8fde28c6b933f8b5f82efb856b972ec4 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-4_mips.deb Size/MD5 checksum: 381072 a978bdff0bd65a0f20e34102fb9af20a http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-4_mips.deb Size/MD5 checksum: 96992 cd7dcdb81bade0f8f5ec5e10f2675d29 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-4_mips.deb Size/MD5 checksum: 7680508 f6590391d407dc68c405c9d464010106 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-4_mips.deb Size/MD5 checksum: 3612302 ea53a5ece7fef3a699a52e117f691b41 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-4_mips.deb Size/MD5 checksum: 145620 82731970f4a31f6b2a088c42496311e1 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-4_mips.deb Size/MD5 checksum: 919462 4b9eabba75d4a70f681e5b9986f61615 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-4_mips.deb Size/MD5 checksum: 70474 8412c9ce5621f084913f62778cb587e7 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-4_mipsel.deb Size/MD5 checksum: 3311772 a3d121bc2928f4ab948a411ddab6cb0e http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-4_mipsel.deb Size/MD5 checksum: 223464 de9217213aecfbed53af59b46f9806a3 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-4_mipsel.deb Size/MD5 checksum: 97096 ec07fe0010434909bff6ef3d4126ff9e http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-4_mipsel.deb Size/MD5 checksum: 900734 6b7caed7430888170545117167d6ae59 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-4_mipsel.deb Size/MD5 checksum: 70224 471a514dc9c60591e220f9b674e1ad50 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-4_mipsel.deb Size/MD5 checksum: 50083292 06be5a87a9ba46401fba448155724d4e http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-4_mipsel.deb Size/MD5 checksum: 7387952 2bf8d6a025f4996d99c4fbad1655024c http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-4_mipsel.deb Size/MD5 checksum: 145374 9db362428ff8af75ddfdc3f301906003 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-4_mipsel.deb Size/MD5 checksum: 379188 2d20115192f46f115618030fb2aea107 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-4_powerpc.deb Size/MD5 checksum: 73706 e4a146433743abf48e01b6be3608fb47 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-4_powerpc.deb Size/MD5 checksum: 94702 a1243857e644e20ca51b20266fbbf24e http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-4_powerpc.deb Size/MD5 checksum: 363848 dc4e8ddc4739f6c117bd505a334246e9 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-4_powerpc.deb Size/MD5 checksum: 152902 da40086b552b926909e4790c4ed2652e http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-4_powerpc.deb Size/MD5 checksum: 223502 7d647c800390c200b20eb2fb6c6796fe http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-4_powerpc.deb Size/MD5 checksum: 888818 00f93699976688018767f92127c92146 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-4_powerpc.deb Size/MD5 checksum: 7309922 d55db0fc573736750274978dc3fe3919 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-4_powerpc.deb Size/MD5 checksum: 3594314 2b90465786a3d5bd41985f02bebf3e92 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-4_powerpc.deb Size/MD5 checksum: 51511192 2c5ca2520c427369b77f410fb2428324 s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-4_s390.deb Size/MD5 checksum: 223256 8b29a37034de2b6918587ae3d4cdbbea http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-4_s390.deb Size/MD5 checksum: 407590 1480834a695a03d01a594027417c43c8 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-4_s390.deb Size/MD5 checksum: 909590 05c3cf3fd63e0bb07c80078a919a7ab5 http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-4_s390.deb Size/MD5 checksum: 73560 e03a2f2529faa1dd1d08fab11461a90c http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-4_s390.deb Size/MD5 checksum: 155494 536d0d61dfbc28627519c61c4c9e655a http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-4_s390.deb Size/MD5 checksum: 51290136 09cdceb2f94f0acd6b6e6c1c0226d247 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-4_s390.deb Size/MD5 checksum: 3609494 383710d8ce2fffb224b0be4b8758c202 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-4_s390.deb Size/MD5 checksum: 8425642 49bf86be9b3028f4bd759ff04a64b929 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-4_s390.deb Size/MD5 checksum: 105762 17b7441c2ba313b1168ea7074060e4fb sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-4_sparc.deb Size/MD5 checksum: 350660 024d0b9c15a66f4b68b2df03aa48d74f http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-4_sparc.deb Size/MD5 checksum: 821924 4a376e82b02d887e16339716b094267f http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-4_sparc.deb Size/MD5 checksum: 3572840 a34ee3db29b64acb294925c11ee4519a http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-4_sparc.deb Size/MD5 checksum: 7184752 d261fa9654eb60e211815790119b755d http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-4_sparc.deb Size/MD5 checksum: 49453574 edcf736213987e621a58bb28c06b0a81 http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-4_sparc.deb Size/MD5 checksum: 143848 a40609056043b8005ff085eae3cac102 http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-4_sparc.deb Size/MD5 checksum: 88568 e909584468eeb7e33f6fc5176b1d2a2c http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-4_sparc.deb Size/MD5 checksum: 69646 f006bb1a7a54590072a23c30e53a2872 http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-4_sparc.deb Size/MD5 checksum: 224258 e841c8d1bc29c1fc650de716b247cd4e These files will probably be moved into the stable distribution on its next update. - - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkyHzKcACgkQXm3vHE4uylqx8QCgp1juHiXAT+2Q5mp4RIQWQSPA W7YAoLQT0RFODyQPrnTQxEPvqfxuYnXX =OHyF - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iD8DBQFMiDHi/iFOrG6YcBERAnfRAJ9PLm/wG3rQuS1ABo1HDmDcetkylgCgvluZ R9qcfPJVuR+MlQPMIPWeoRY= =KPAj -----END PGP SIGNATURE-----