Joey Hess
2005-Aug-28 21:13 UTC
[secure-testing-announce] [DTSA-8-1] New mozilla-firefox packages fix several vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------------ Debian Testing Security Advisory DTSA-8-1 http://secure-testing.debian.net secure-testing-team@lists.alioth.debian.org Joey Hess August 28th, 2005 - ------------------------------------------------------------------------------ Package : mozilla-firefox Vulnerability : several vulnerabilities Problem-Scope : remote Debian-specific: No CVE ID : CAN-2004-0718 CAN-2005-1937 CAN-2005-2260 CAN-2005-2261 CAN-2005-2262 CAN-2005-2263 CAN-2005-2264 CAN-2005-2265 CAN-2005-2266 CAN-2005-2267 CAN-2005-2268 CAN-2005-2269 CAN-2005-2270 Several problems were discovered in Mozilla Firefox: CAN-2004-0718 CAN-2005-1937 A vulnerability has been discovered in Mozilla Firefox that allows remote attackers to inject arbitrary Javascript from one page into the frameset of another site. CAN-2005-2260 The browser user interface does not properly distinguish between user-generated events and untrusted synthetic events, which makes it easier for remote attackers to perform dangerous actions that normally could only be performed manually by the user. CAN-2005-2261 XML scripts ran even when Javascript disabled. CAN-2005-2262 The user can be tricked to executing arbitrary JavaScript code by using a JavaScript URL as wallpaper. CAN-2005-2263 It is possible for a remote attacker to execute a callback function in the context of another domain (i.e. frame). CAN-2005-2264 By opening a malicious link in the sidebar it is possible for remote attackers to steal sensitive information. CAN-2005-2265 Missing input sanitising of InstallVersion.compareTo() can cause the application to crash. CAN-2005-2266 Remote attackers could steal sensitive information such as cookies and passwords from web sites by accessing data in alien frames. CAN-2005-2267 By using standalone applications such as Flash and QuickTime to open a javascript: URL, it is possible for a remote attacker to steal sensitive information and possibly execute arbitrary code. CAN-2005-2268 It is possible for a Javascript dialog box to spoof a dialog box from a trusted site and facilitates phishing attacks. CAN-2005-2269 Remote attackers could modify certain tag properties of DOM nodes that could lead to the execution of arbitrary script or code. CAN-2005-2270 The Mozilla browser family does not properly clone base objects, which allows remote attackers to execute arbitrary code. For the testing distribution (etch) this is fixed in version 1.0.4-2sarge2 For the unstable distribution (sid) this is fixed in version 1.0.6-3 This upgrade is recommended if you use mozilla-firefox. Note that this is the same set of security fixes put into stable in DSA-775 and DSA-779. Upgrade Instructions - -------------------- To use the Debian testing security archive, add the following lines to your /etc/apt/sources.list: deb http://secure-testing.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free deb-src http://secure-testing.debian.net/debian-security-updates etch-proposed-updates/security-updates main contrib non-free The archive signing key can be downloaded from http://secure-testing.debian.net/ziyi-2005-7.asc To install the update, run this command as root: apt-get update && apt-get install mozilla-firefox For further information about the Debian testing security team, please refer to http://secure-testing.debian.net/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDEh1q2tp5zXiKP0wRAhMzAKDKk+Tm9iWgZ1YA4mBUrGfHYlRsGQCgoorI RMW+6/cLJdl4vdhVSH3Gc+A=uS3a -----END PGP SIGNATURE-----