Ubuntu
firefox package

firefox 1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1 source package in Ubuntu

Changelog

firefox (1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1) dapper-security; urgency=low

  * New upstream security update:
  * MFSA2007-01 - Crashes with evidence of memory corruption
    (rv:1.8.0.10/1.8.1.2):
     - CVE-2007-0775 - layout engine crashes
     - CVE-2007-0776 - SVG
     - CVE-2007-0777 - javascript engine corruption
  * MFSA2007-02 - Improvements to help protect against Cross-Site
    Scripting attacks:
     - CVE-2007-0995 - Invalid trailing characters in HTML tag attributes
     - CVE-2007-0996 - Child frame character set inheritance
     - CVE-2006-6077 - Injected password forms
  * MFSA2007-03 aka CVE-2007-0778: Information disclosure through cache
    collisions
  * MFSA2007-04 aka CVE-2007-0779: Spoofing using custom cursor and CSS3
    hotspot
  * MFSA2007-05 aka CVE-2007-0780, CVE-2007-0800: XSS and local file access
    by opening blocked popups
  * MFSA2007-06 aka CVE-2007-0008, CVE-2007-0009: Mozilla Network Security
    Services (NSS) SSLv2 buffer overflow
  * MFSA2007-07 aka CVE-2007-0981: Embedded nulls in location.hostname
    confuse same-domain checks
  * security/nss/lib/freebl/unix_rand.c: dropping preprocessor condition
    as an equivalent check has been introduced upstream (#ifndef LINUX
    -> #ifdef DO_NETSTAT)
  * security/coreconf/rules.mk: adapted patch to changed upstream code base
  * security/coreconf/Linux.mk: dropping ppc64 OS_TEST as it has been
    applied upstream
  * toolkit/components/passwordmgr/base/nsPasswordManager.cpp: adapting
    patch to updated code-base.

 -- Alexander Sack <email address hidden>   Wed, 21 Feb 2007 18:05:00 -0800

Upload details

Uploaded by:
Alexander Sack
Uploaded to:
Dapper
Original maintainer:
Eric Dorland
Architectures:
any
Section:
web
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
firefox_1.5.dfsg+1.5.0.10.orig.tar.gz 42.6 MiB 2bc6418d86a2ce1b57fa78f47bf1dc101f5baef62f58cdbab002d26f5faeec23
firefox_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1.diff.gz 173.4 KiB fbc4814af9abf4343f39bb78d62eac3e0113fd37c9b08bd2765bfedaada51c88
firefox_1.5.dfsg+1.5.0.10-0ubuntu0.6.06.1.dsc 1.1 KiB 2e48f4e35aaf9d288d27505a68a7e82fbf6869e78ce623615c80d89e988f26c3

View changes file

Binary packages built by this source

firefox: No summary available for firefox in ubuntu dapper.

No description available for firefox in ubuntu dapper.

firefox-dbg: No summary available for firefox-dbg in ubuntu dapper.

No description available for firefox-dbg in ubuntu dapper.

firefox-dev: No summary available for firefox-dev in ubuntu dapper.

No description available for firefox-dev in ubuntu dapper.

firefox-dom-inspector: No summary available for firefox-dom-inspector in ubuntu dapper.

No description available for firefox-dom-inspector in ubuntu dapper.

firefox-gnome-support: No summary available for firefox-gnome-support in ubuntu dapper.

No description available for firefox-gnome-support in ubuntu dapper.

libnspr-dev: No summary available for libnspr-dev in ubuntu dapper.

No description available for libnspr-dev in ubuntu dapper.

libnspr4: No summary available for libnspr4 in ubuntu dapper.

No description available for libnspr4 in ubuntu dapper.

libnss-dev: No summary available for libnss-dev in ubuntu dapper.

No description available for libnss-dev in ubuntu dapper.

libnss3: No summary available for libnss3 in ubuntu dapper.

No description available for libnss3 in ubuntu dapper.

mozilla-firefox: No summary available for mozilla-firefox in ubuntu dapper.

No description available for mozilla-firefox in ubuntu dapper.

mozilla-firefox-dev: No summary available for mozilla-firefox-dev in ubuntu dapper.

No description available for mozilla-firefox-dev in ubuntu dapper.