what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2007.050

Mandriva Linux Security Advisory 2007.050
Posted Mar 8, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 1.5.0.10.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2006-6077, CVE-2007-0008, CVE-2007-0009, CVE-2007-0775, CVE-2007-0777, CVE-2007-0778, CVE-2007-0779, CVE-2007-0780, CVE-2007-0800, CVE-2007-0981, CVE-2007-0995, CVE-2007-0996, CVE-2007-1092
SHA-256 | a6c727c9c55b7a3d9a6b157a2ab03de066cd8481902e55ee8a61cf7b1109a114

Mandriva Linux Security Advisory 2007.050

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2007:050-1
https://www.mandriva.com/security/
_______________________________________________________________________

Package : mozilla-firefox
Date : March 2, 2007
Affected: 2007.0, Corporate 3.0, Corporate 4.0
_______________________________________________________________________

Problem Description:

A number of security vulnerabilities have been discovered and corrected
in the latest Mozilla Firefox program, version 1.5.0.10.

This update provides the latest Firefox to correct these issues.

Update:

A regression was found in the latest Firefox packages provided where
changes to library paths caused applications that depended on the NSS
libraries (such as Thunderbird and Evolution) to fail to start or fail
to load certain SSL-related security components. These new packages
correct that problem and we apologize for any inconvenience the
previous update may have caused.
_______________________________________________________________________

References:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6077
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0008
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0009
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0775
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0777
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0778
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0779
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0780
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0800
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0981
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0995
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0996
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1092
https://www.mozilla.org/security/announce/2007/mfsa2007-01.html
https://www.mozilla.org/security/announce/2007/mfsa2007-02.html
https://www.mozilla.org/security/announce/2007/mfsa2007-03.html
https://www.mozilla.org/security/announce/2007/mfsa2007-04.html
https://www.mozilla.org/security/announce/2007/mfsa2007-05.html
https://www.mozilla.org/security/announce/2007/mfsa2007-06.html
https://www.mozilla.org/security/announce/2007/mfsa2007-07.html
https://www.mozilla.org/security/announce/2007/mfsa2007-08.html
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2007.0:
411bc0bdd8dc32950a84c77ed3319508 2007.0/i586/libmozilla-firefox1.5.0.10-1.5.0.10-2mdv2007.0.i586.rpm
9ceb031931003fb861882f4455c6648b 2007.0/i586/libmozilla-firefox1.5.0.10-devel-1.5.0.10-2mdv2007.0.i586.rpm
db615eadf763927182c8657d11b1ae54 2007.0/i586/libnspr4-1.5.0.10-2mdv2007.0.i586.rpm
bd7dca3e972f552b5dd347822e17f1e1 2007.0/i586/libnspr4-devel-1.5.0.10-2mdv2007.0.i586.rpm
bb4709aa4bf277e32c25e07d93641802 2007.0/i586/libnspr4-static-devel-1.5.0.10-2mdv2007.0.i586.rpm
babf7d44d0340cd51f45249d3002180e 2007.0/i586/libnss3-1.5.0.10-2mdv2007.0.i586.rpm
19a967982b748b879b1904d5bcea174d 2007.0/i586/libnss3-devel-1.5.0.10-2mdv2007.0.i586.rpm
6333bab7a5d530836fa5a64383bcdd30 2007.0/i586/mozilla-firefox-1.5.0.10-2mdv2007.0.i586.rpm
72672b4bbfcc4f13d5820a4c11bca547 2007.0/SRPMS/mozilla-firefox-1.5.0.10-2mdv2007.0.src.rpm

Mandriva Linux 2007.0/X86_64:
9fe9779d9d02f0aa73d28096cc237d00 2007.0/x86_64/lib64mozilla-firefox1.5.0.10-1.5.0.10-2mdv2007.0.x86_64.rpm
3c0a879b450f5c2569eb81d397a82906 2007.0/x86_64/lib64mozilla-firefox1.5.0.10-devel-1.5.0.10-2mdv2007.0.x86_64.rpm
338d81330e754d5ffd22dea67c2fbfd2 2007.0/x86_64/lib64nspr4-1.5.0.10-2mdv2007.0.x86_64.rpm
0c840ec9a78c48d975db6bca80e53caa 2007.0/x86_64/lib64nspr4-devel-1.5.0.10-2mdv2007.0.x86_64.rpm
3f1ba2da63bf990b3958f184bdf4d96f 2007.0/x86_64/lib64nspr4-static-devel-1.5.0.10-2mdv2007.0.x86_64.rpm
cd9ef9efe9f859467a07bfc20899156d 2007.0/x86_64/lib64nss3-1.5.0.10-2mdv2007.0.x86_64.rpm
d6243e7d7c76a5ff5a418f7304cdcff2 2007.0/x86_64/lib64nss3-devel-1.5.0.10-2mdv2007.0.x86_64.rpm
0fec2d70c6a797521304598b802d03b1 2007.0/x86_64/mozilla-firefox-1.5.0.10-2mdv2007.0.x86_64.rpm
72672b4bbfcc4f13d5820a4c11bca547 2007.0/SRPMS/mozilla-firefox-1.5.0.10-2mdv2007.0.src.rpm

Corporate 3.0:
24fbf58752279b3a5ec8d186d7c6142b corporate/3.0/i586/libnspr4-1.5.0.10-1.1.C30mdk.i586.rpm
cc59dd85bcdc065ed4ee7f3d299e971a corporate/3.0/i586/libnspr4-devel-1.5.0.10-1.1.C30mdk.i586.rpm
284b6bf1210fb854361a9af3062528e1 corporate/3.0/i586/libnspr4-static-devel-1.5.0.10-1.1.C30mdk.i586.rpm
cf17ffa7ff1734b850c7f7a5b7f780ee corporate/3.0/i586/libnss3-1.5.0.10-1.1.C30mdk.i586.rpm
82e74bce4abb564958d0225bc94687d6 corporate/3.0/i586/libnss3-devel-1.5.0.10-1.1.C30mdk.i586.rpm
5af5da7a1f51c609568f03b2026c0687 corporate/3.0/i586/mozilla-firefox-1.5.0.10-1.1.C30mdk.i586.rpm
df2d940bf4af073e1dc983c1143a8079 corporate/3.0/i586/mozilla-firefox-devel-1.5.0.10-1.1.C30mdk.i586.rpm
efd17411a1dc5bed3d7e79f0a28b4073 corporate/3.0/SRPMS/mozilla-firefox-1.5.0.10-1.1.C30mdk.src.rpm

Corporate 3.0/X86_64:
be6fa4a501b973f9016716ae6ffb1b25 corporate/3.0/x86_64/lib64nspr4-1.5.0.10-1.1.C30mdk.x86_64.rpm
a06bb78d6531ffac3e750236a0cb13de corporate/3.0/x86_64/lib64nspr4-devel-1.5.0.10-1.1.C30mdk.x86_64.rpm
2f2dd393236be80e8f8ca226145115e7 corporate/3.0/x86_64/lib64nspr4-static-devel-1.5.0.10-1.1.C30mdk.x86_64.rpm
3a42bca7fd7ab26e65bf0a4ca7485db1 corporate/3.0/x86_64/lib64nss3-1.5.0.10-1.1.C30mdk.x86_64.rpm
68cef069c9e2d4f1336c58e8e5f126ca corporate/3.0/x86_64/lib64nss3-devel-1.5.0.10-1.1.C30mdk.x86_64.rpm
0bd6c6adc8fd1be8d3b02fb5505c9330 corporate/3.0/x86_64/mozilla-firefox-1.5.0.10-1.1.C30mdk.x86_64.rpm
27262a966199c19006327fa21dab1f69 corporate/3.0/x86_64/mozilla-firefox-devel-1.5.0.10-1.1.C30mdk.x86_64.rpm
efd17411a1dc5bed3d7e79f0a28b4073 corporate/3.0/SRPMS/mozilla-firefox-1.5.0.10-1.1.C30mdk.src.rpm

Corporate 4.0:
0f782ea68bc9177e333dd77c26eeec7f corporate/4.0/i586/libnspr4-1.5.0.10-1.1.20060mlcs4.i586.rpm
408511a886dd0619f4ae9a1d93137eeb corporate/4.0/i586/libnspr4-devel-1.5.0.10-1.1.20060mlcs4.i586.rpm
6b3ad9cf7c2f4b7a008c6fd9c584289b corporate/4.0/i586/libnspr4-static-devel-1.5.0.10-1.1.20060mlcs4.i586.rpm
31927dd82ca439052fe166e6b2864e07 corporate/4.0/i586/libnss3-1.5.0.10-1.1.20060mlcs4.i586.rpm
021eef345d030d8112f227b0b2c3a0f6 corporate/4.0/i586/libnss3-devel-1.5.0.10-1.1.20060mlcs4.i586.rpm
2485f65a1860840e7abe7cd5a447c538 corporate/4.0/i586/mozilla-firefox-1.5.0.10-1.1.20060mlcs4.i586.rpm
ef609ec54c3e70b47067668f68c74e65 corporate/4.0/i586/mozilla-firefox-devel-1.5.0.10-1.1.20060mlcs4.i586.rpm
64e5ea6cd7dc856aa4f7eda630e40d14 corporate/4.0/SRPMS/mozilla-firefox-1.5.0.10-1.1.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
fab1a497ea9801a29637f049e520422b corporate/4.0/x86_64/lib64nspr4-1.5.0.10-1.1.20060mlcs4.x86_64.rpm
647d403327794eb30e81e6b91b407dd1 corporate/4.0/x86_64/lib64nspr4-devel-1.5.0.10-1.1.20060mlcs4.x86_64.rpm
247c6c555fe4917bbdf3ae884ac309ba corporate/4.0/x86_64/lib64nspr4-static-devel-1.5.0.10-1.1.20060mlcs4.x86_64.rpm
710e426e4200912e2b4718d1c0613c58 corporate/4.0/x86_64/lib64nss3-1.5.0.10-1.1.20060mlcs4.x86_64.rpm
2efe3ddeb772f3d706f429bccd34675c corporate/4.0/x86_64/lib64nss3-devel-1.5.0.10-1.1.20060mlcs4.x86_64.rpm
13e414365c4f1d3768a375cf29a40aa4 corporate/4.0/x86_64/mozilla-firefox-1.5.0.10-1.1.20060mlcs4.x86_64.rpm
261d63f5547804f20ee022290429c866 corporate/4.0/x86_64/mozilla-firefox-devel-1.5.0.10-1.1.20060mlcs4.x86_64.rpm
64e5ea6cd7dc856aa4f7eda630e40d14 corporate/4.0/SRPMS/mozilla-firefox-1.5.0.10-1.1.20060mlcs4.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

https://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFF6H18mqjQ0CJFipgRAna2AJ9Qa8Vf923jNIzai9QzQOOS4NRETgCgyICD
+eNPSjeb5EQGZ6E5dYWPNSM=
=AgMP
-----END PGP SIGNATURE-----

Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close