[Full-disclosure] [ MDVSA-2012:031 ] firefox



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2012:031
http://www.mandriva.com/security/
_______________________________________________________________________

Package : firefox
Date : March 17, 2012
Affected: Enterprise Server 5.0
_______________________________________________________________________

Problem Description:

Security issues were identified and fixed in mozilla firefox:

Security researcher regenrecht reported via TippingPoint's Zero Day
Initiative that a flaw in the Mozilla SVG implementation could result
in an out-of-bounds memory access if SVG elements were removed during
a DOMAttrModified event handler (CVE-2011-3658).

Firefox prevents the dropping of javascript: links onto a frame
to prevent malicious sites from tricking users into performing
a cross-site scripting (XSS) attacks on themselves. Security
researcher Soroush Dalili reported a way to bypass this protection
(CVE-2012-0455).

Security researcher Atte Kettunen from OUSPG found two issues with
Firefox's handling of SVG using the Address Sanitizer tool. The first
issue, critically rated, is a use-after-free in SVG animation that
could potentially lead to arbitrary code execution. The second issue
is rated moderate and is an out of bounds read in SVG Filters. This
could potentially incorporate data from the user's memory, making it
accessible to the page content (CVE-2012-0456, CVE-2012-0457).

Security researcher Mariusz Mlynski reported that an attacker able
to convince a potential victim to set a new home page by dragging a
link to the home button can set that user's home page to a javascript:
URL. Once this is done the attacker's page can cause repeated crashes
of the browser, eventually getting the script URL loaded in the
privileged about:sessionrestore context (CVE-2012-0458).

Mozilla developers identified and fixed several memory safety
bugs in the browser engine used in Firefox and other Mozilla-based
products. Some of these bugs showed evidence of memory corruption
under certain circumstances, and we presume that with enough effort
at least some of these could be exploited to run arbitrary code
(CVE-2012-0461, CVE-2012-0464).

The mozilla firefox packages has been upgraded to the latest respective
versions which is not affected by these security flaws.

Additionally the NSS and NSPR packages has been upgraded to the latest
versions. The SQLite packages has been upgraded to the 3.7.7.1 version.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3658
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0455
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0456
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0457
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0458
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0461
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0464
http://www.mozilla.org/security/announce/2011/mfsa2011-55.html
http://www.mozilla.org/security/announce/2012/mfsa2012-13.html
http://www.mozilla.org/security/announce/2012/mfsa2012-14.html
http://www.mozilla.org/security/announce/2012/mfsa2012-16.html
http://www.mozilla.org/security/announce/2012/mfsa2012-19.html
_______________________________________________________________________

Updated Packages:

Mandriva Enterprise Server 5:
9da359366a532db7d051f323026d8e89 mes5/i586/firefox-3.6.28-0.1mdvmes5.2.i586.rpm
ffa6ad83d430be025a5d1588704dea14 mes5/i586/firefox-af-3.6.28-0.1mdvmes5.2.i586.rpm
190162788c9b02ea632b5a72beaaae82 mes5/i586/firefox-ar-3.6.28-0.1mdvmes5.2.i586.rpm
76202572cfea22e81b9d15c6328560fa mes5/i586/firefox-be-3.6.28-0.1mdvmes5.2.i586.rpm
e271034d6d95b4ba73827e5242223308 mes5/i586/firefox-bg-3.6.28-0.1mdvmes5.2.i586.rpm
aebf362cad349e3f99ab28a08b0edc5d mes5/i586/firefox-bn-3.6.28-0.1mdvmes5.2.i586.rpm
7807abc9ac13bbf493a98733b637ec1b mes5/i586/firefox-ca-3.6.28-0.1mdvmes5.2.i586.rpm
677e892a5614efeb279cf3b7a5fc8add mes5/i586/firefox-cs-3.6.28-0.1mdvmes5.2.i586.rpm
704795084baeec46f0e4e760abe336e2 mes5/i586/firefox-cy-3.6.28-0.1mdvmes5.2.i586.rpm
85fe9ced541a18ab6c414f74c2eeb2f3 mes5/i586/firefox-da-3.6.28-0.1mdvmes5.2.i586.rpm
67aa8d3a19ddf768d7ed37268e66aa27 mes5/i586/firefox-de-3.6.28-0.1mdvmes5.2.i586.rpm
09cc354663808a20d7aa538871ba8dc7 mes5/i586/firefox-devel-3.6.28-0.1mdvmes5.2.i586.rpm
fa5a8b34a67b348e6f7f9e037ed9796b mes5/i586/firefox-el-3.6.28-0.1mdvmes5.2.i586.rpm
01b5a31e4d7d8642d816f7dec9e370f5 mes5/i586/firefox-en_GB-3.6.28-0.1mdvmes5.2.i586.rpm
03a1b0b247f689ffc9494ed2d3e5556c mes5/i586/firefox-eo-3.6.28-0.1mdvmes5.2.i586.rpm
c4d70c66de3d4acc20b292c58e6f599f mes5/i586/firefox-es_AR-3.6.28-0.1mdvmes5.2.i586.rpm
36a89c9d091ac07bf9b3a939a3bf8d7f mes5/i586/firefox-es_ES-3.6.28-0.1mdvmes5.2.i586.rpm
039cccc498e0c9821d40c4a68478884d mes5/i586/firefox-et-3.6.28-0.1mdvmes5.2.i586.rpm
2d214395113fd6ace8d5b284b483bf59 mes5/i586/firefox-eu-3.6.28-0.1mdvmes5.2.i586.rpm
0d35abadf5a0b47d7e3367d1b855fc06 mes5/i586/firefox-fi-3.6.28-0.1mdvmes5.2.i586.rpm
448da26f3db98b6e6bc0bea11aab3ed9 mes5/i586/firefox-fr-3.6.28-0.1mdvmes5.2.i586.rpm
b02e57cfeeed255c4b36803aa37bfdda mes5/i586/firefox-fy-3.6.28-0.1mdvmes5.2.i586.rpm
dfac80eb01b7562f5df634714d290a7f mes5/i586/firefox-ga_IE-3.6.28-0.1mdvmes5.2.i586.rpm
2dfc7511a8c56c7757cf58caaae320f7 mes5/i586/firefox-gl-3.6.28-0.1mdvmes5.2.i586.rpm
d6b41ab6da170f1cfac431705a596854 mes5/i586/firefox-gu_IN-3.6.28-0.1mdvmes5.2.i586.rpm
231e746b6d68d68838660bc1263808fb mes5/i586/firefox-he-3.6.28-0.1mdvmes5.2.i586.rpm
892a03ed1204142ebbba9d0dce362689 mes5/i586/firefox-hi-3.6.28-0.1mdvmes5.2.i586.rpm
c1fb81a4d55156baa792b3d17c34fe16 mes5/i586/firefox-hu-3.6.28-0.1mdvmes5.2.i586.rpm
f301edbd45de2262d3bc5b16d2491980 mes5/i586/firefox-id-3.6.28-0.1mdvmes5.2.i586.rpm
032bb44838ee98cc55a7eed495f6ee69 mes5/i586/firefox-is-3.6.28-0.1mdvmes5.2.i586.rpm
2085e912bd8c33ae7d454a2c0372a1cd mes5/i586/firefox-it-3.6.28-0.1mdvmes5.2.i586.rpm
36392f42c55c5543ac24e675e08cb9f2 mes5/i586/firefox-ja-3.6.28-0.1mdvmes5.2.i586.rpm
ad998dc3b0a44c2c0c00628a2a1d13ea mes5/i586/firefox-ka-3.6.28-0.1mdvmes5.2.i586.rpm
cd508adb62d1fc5de851de10c58d3223 mes5/i586/firefox-kn-3.6.28-0.1mdvmes5.2.i586.rpm
908740befdd5692850714e1aa1c866bc mes5/i586/firefox-ko-3.6.28-0.1mdvmes5.2.i586.rpm
dc9f03dc69e7983ca03850ce0c866e0d mes5/i586/firefox-ku-3.6.28-0.1mdvmes5.2.i586.rpm
d7edc0b4f10955093f6eb098d826611c mes5/i586/firefox-lt-3.6.28-0.1mdvmes5.2.i586.rpm
aafc5c59092d506d1feba01fa0c273ac mes5/i586/firefox-lv-3.6.28-0.1mdvmes5.2.i586.rpm
9e8e95700e2b880bed4efaf42aa892d7 mes5/i586/firefox-mk-3.6.28-0.1mdvmes5.2.i586.rpm
19e5c96288624a336d48561627a5261e mes5/i586/firefox-mr-3.6.28-0.1mdvmes5.2.i586.rpm
e4f67407353c6344436d423bff45fab6 mes5/i586/firefox-nb_NO-3.6.28-0.1mdvmes5.2.i586.rpm
73457118af4eeea1b6aa6aff6d273d88 mes5/i586/firefox-nl-3.6.28-0.1mdvmes5.2.i586.rpm
7a771d05c11b93628566b5ce4247991b mes5/i586/firefox-nn_NO-3.6.28-0.1mdvmes5.2.i586.rpm
3b4cc9382cc97ab49b75ec06de1dc2c7 mes5/i586/firefox-oc-3.6.28-0.1mdvmes5.2.i586.rpm
8c5485d0caa8d962c2823059b832f361 mes5/i586/firefox-pa_IN-3.6.28-0.1mdvmes5.2.i586.rpm
6066ca7111aa26f3df5671d734d9a066 mes5/i586/firefox-pl-3.6.28-0.1mdvmes5.2.i586.rpm
daf0f0e6d8b4da9fc90765cbaf080137 mes5/i586/firefox-pt_BR-3.6.28-0.1mdvmes5.2.i586.rpm
882444235a2351dee96c65cda68c12c8 mes5/i586/firefox-pt_PT-3.6.28-0.1mdvmes5.2.i586.rpm
cff522fda42ad4c5626015db6756f660 mes5/i586/firefox-ro-3.6.28-0.1mdvmes5.2.i586.rpm
41bc4a7a149d5014e6cc1b11abd6b7fa mes5/i586/firefox-ru-3.6.28-0.1mdvmes5.2.i586.rpm
a811e4d2061d25f3e13719c6607cf902 mes5/i586/firefox-si-3.6.28-0.1mdvmes5.2.i586.rpm
54f2306c558ce305cc2e00bbad3ec7cb mes5/i586/firefox-sk-3.6.28-0.1mdvmes5.2.i586.rpm
d728c65bc06196672de2d7523b6bef8d mes5/i586/firefox-sl-3.6.28-0.1mdvmes5.2.i586.rpm
d26e9ea2cb8d062bb5a1df9c4f405383 mes5/i586/firefox-sq-3.6.28-0.1mdvmes5.2.i586.rpm
f2fbcfb428a83a5cad6efc0d6b6e2baf mes5/i586/firefox-sr-3.6.28-0.1mdvmes5.2.i586.rpm
f227afa829a94ff38bb070dfe002e281 mes5/i586/firefox-sv_SE-3.6.28-0.1mdvmes5.2.i586.rpm
eaeb940877446b5af16ce92f8cae58fd mes5/i586/firefox-te-3.6.28-0.1mdvmes5.2.i586.rpm
9f8f6ee9ceddc97f84a74ebd20b26450 mes5/i586/firefox-th-3.6.28-0.1mdvmes5.2.i586.rpm
088d1ffdd9b17919ed8f2111e5dae8eb mes5/i586/firefox-tr-3.6.28-0.1mdvmes5.2.i586.rpm
0ac5c6aa75442e17309b0df163348927 mes5/i586/firefox-uk-3.6.28-0.1mdvmes5.2.i586.rpm
70982832e0b74657844aa4463858f4b1 mes5/i586/firefox-zh_CN-3.6.28-0.1mdvmes5.2.i586.rpm
23c55ec61e2343e5bb7cf09af9188cde mes5/i586/firefox-zh_TW-3.6.28-0.1mdvmes5.2.i586.rpm
6ae01dcf4b05c637f8a9a5237c907818 mes5/i586/gnome-python-extras-2.19.1-20.37mdvmes5.2.i586.rpm
73cf63f3a71b28201d9608b22f5991b2 mes5/i586/gnome-python-gda-2.19.1-20.37mdvmes5.2.i586.rpm
b66302c4a5118811262987a31ed48c75 mes5/i586/gnome-python-gda-devel-2.19.1-20.37mdvmes5.2.i586.rpm
9ffe92c7876cc5c1f9fc823a46dd591f mes5/i586/gnome-python-gdl-2.19.1-20.37mdvmes5.2.i586.rpm
0d7124c21ae35b02445ef3c6ef5aca4c mes5/i586/gnome-python-gtkhtml2-2.19.1-20.37mdvmes5.2.i586.rpm
383802de748f42c64f098429bcaa8861 mes5/i586/gnome-python-gtkmozembed-2.19.1-20.37mdvmes5.2.i586.rpm
b7570814960e82002e4ca76a129d00c2 mes5/i586/gnome-python-gtkspell-2.19.1-20.37mdvmes5.2.i586.rpm
2b1587671848d1643ad93fc86e2cca07 mes5/i586/libnspr4-4.9.0-0.1mdvmes5.2.i586.rpm
973178b35e5c3f1092026e6f3e561ff4 mes5/i586/libnspr-devel-4.9.0-0.1mdvmes5.2.i586.rpm
09050f3f4572fc5e9885ebf21c5481d5 mes5/i586/libnss3-3.13.3-0.1mdvmes5.2.i586.rpm
db98fcfecd65a192fc68503752588067 mes5/i586/libnss-devel-3.13.3-0.1mdvmes5.2.i586.rpm
8cf14f2c8cedfa9735784bcc38fc32e7 mes5/i586/libnss-static-devel-3.13.3-0.1mdvmes5.2.i586.rpm
7760c26d9907395c66175a2bfb4811e6 mes5/i586/libsqlite3_0-3.7.7.1-0.1mdvmes5.2.i586.rpm
ff1ea0c6cbef8c913c9b8fb8e8192e96 mes5/i586/libsqlite3-devel-3.7.7.1-0.1mdvmes5.2.i586.rpm
c363ef14f770265dc751995254707dfa mes5/i586/libsqlite3-static-devel-3.7.7.1-0.1mdvmes5.2.i586.rpm
01cb02df8c3d6521bccb59019608ceda mes5/i586/libxulrunner1.9.2.28-1.9.2.28-0.1mdvmes5.2.i586.rpm
44c61e2cdf4674eb297028de462a5820 mes5/i586/libxulrunner-devel-1.9.2.28-0.1mdvmes5.2.i586.rpm
1b72de231b0f64b7f19f899f21bb151c mes5/i586/nss-3.13.3-0.1mdvmes5.2.i586.rpm
ebe86169ad1b6e890e0721f92be59729 mes5/i586/sqlite3-tools-3.7.7.1-0.1mdvmes5.2.i586.rpm
e69351b0de0e3227bdda400a1519b556 mes5/i586/xulrunner-1.9.2.28-0.1mdvmes5.2.i586.rpm
e8cb6eeb8f62c43e327690ba97a313f9 mes5/i586/yelp-2.24.0-3.38mdvmes5.2.i586.rpm
b7e03daa00968bdf4f763ae3c5adcd08 mes5/SRPMS/firefox-3.6.28-0.1mdvmes5.2.src.rpm
90687ce312bc3859244183d0d7addf0a mes5/SRPMS/firefox-l10n-3.6.28-0.1mdvmes5.2.src.rpm
5179b819a85caf44529fb5bff69741a4 mes5/SRPMS/gnome-python-extras-2.19.1-20.37mdvmes5.2.src.rpm
13ac1196fd16b327a2ff9806c7bf4d42 mes5/SRPMS/nspr-4.9.0-0.1mdvmes5.2.src.rpm
bf96b82670ffa0b689d01e188e05fff3 mes5/SRPMS/nss-3.13.3-0.1mdvmes5.2.src.rpm
4ccdb4e9713747b05d12635fd03998b8 mes5/SRPMS/sqlite3-3.7.7.1-0.1mdvmes5.2.src.rpm
3a074bf163e16dc5bd91ffa85c8989d6 mes5/SRPMS/xulrunner-1.9.2.28-0.1mdvmes5.2.src.rpm
287f03cbc95a8b3b35879a726645108a mes5/SRPMS/yelp-2.24.0-3.38mdvmes5.2.src.rpm

Mandriva Enterprise Server 5/X86_64:
d3bb41fc135336eb8b0be2a71e132b6b mes5/x86_64/firefox-3.6.28-0.1mdvmes5.2.x86_64.rpm
c364de30e4d7a2ca6ef2851551532502 mes5/x86_64/firefox-af-3.6.28-0.1mdvmes5.2.x86_64.rpm
da2dc924b37980f0277629c9ac7f8326 mes5/x86_64/firefox-ar-3.6.28-0.1mdvmes5.2.x86_64.rpm
6517c8141cbc7db35e4b2878d8eb60a7 mes5/x86_64/firefox-be-3.6.28-0.1mdvmes5.2.x86_64.rpm
80283123ef30cd3af473a6edb830c39d mes5/x86_64/firefox-bg-3.6.28-0.1mdvmes5.2.x86_64.rpm
5eb52b8c11132a3047816366e386782c mes5/x86_64/firefox-bn-3.6.28-0.1mdvmes5.2.x86_64.rpm
ce2f6fb974e3adf11dbc64a53dce7377 mes5/x86_64/firefox-ca-3.6.28-0.1mdvmes5.2.x86_64.rpm
15bc409e512b0dc5ce1819bfd47504e2 mes5/x86_64/firefox-cs-3.6.28-0.1mdvmes5.2.x86_64.rpm
e6cf31a01d82e42d099b72f8f6758e8a mes5/x86_64/firefox-cy-3.6.28-0.1mdvmes5.2.x86_64.rpm
6ce7c8c2b0860127ff96879f2ff22cfe mes5/x86_64/firefox-da-3.6.28-0.1mdvmes5.2.x86_64.rpm
fb4472f0145ecd2aa834e4430c4f2407 mes5/x86_64/firefox-de-3.6.28-0.1mdvmes5.2.x86_64.rpm
619faee1a24f20ba2b6a7c4659e62e42 mes5/x86_64/firefox-devel-3.6.28-0.1mdvmes5.2.x86_64.rpm
310cdc89f01128087adbeef5f131dc9d mes5/x86_64/firefox-el-3.6.28-0.1mdvmes5.2.x86_64.rpm
a2de0301e731920a45db1b4d1cbfd552 mes5/x86_64/firefox-en_GB-3.6.28-0.1mdvmes5.2.x86_64.rpm
10f7a39d88c8c22c5ef4122fa6958acb mes5/x86_64/firefox-eo-3.6.28-0.1mdvmes5.2.x86_64.rpm
2bd8eea931086f6e29e21962c49a890f mes5/x86_64/firefox-es_AR-3.6.28-0.1mdvmes5.2.x86_64.rpm
9a48c9adcb1963d1436e2a6ea32db9b2 mes5/x86_64/firefox-es_ES-3.6.28-0.1mdvmes5.2.x86_64.rpm
afc03669cf89736c87e6c02993cd0d7f mes5/x86_64/firefox-et-3.6.28-0.1mdvmes5.2.x86_64.rpm
1eef6f633e681cfa0a14e4a0e1f888b4 mes5/x86_64/firefox-eu-3.6.28-0.1mdvmes5.2.x86_64.rpm
d6f90299f5b63d5513b8c8a86dcbec8f mes5/x86_64/firefox-fi-3.6.28-0.1mdvmes5.2.x86_64.rpm
444562ba717a129e3a1d2d854d311450 mes5/x86_64/firefox-fr-3.6.28-0.1mdvmes5.2.x86_64.rpm
ad124cbace7d66673542575663cd118c mes5/x86_64/firefox-fy-3.6.28-0.1mdvmes5.2.x86_64.rpm
7d3e91f458da972b61daa987dd4508cb mes5/x86_64/firefox-ga_IE-3.6.28-0.1mdvmes5.2.x86_64.rpm
fef104cdf4e3d8775b69b71409aa957c mes5/x86_64/firefox-gl-3.6.28-0.1mdvmes5.2.x86_64.rpm
4360df18137f43158bee66f04b9c541e mes5/x86_64/firefox-gu_IN-3.6.28-0.1mdvmes5.2.x86_64.rpm
49c8de8b812863accf6fb0d29958538e mes5/x86_64/firefox-he-3.6.28-0.1mdvmes5.2.x86_64.rpm
d9c77128663b589ba2cfb69ff8d6a62a mes5/x86_64/firefox-hi-3.6.28-0.1mdvmes5.2.x86_64.rpm
598791fedfee28f91bdaa4411b1d85f8 mes5/x86_64/firefox-hu-3.6.28-0.1mdvmes5.2.x86_64.rpm
2383a0e456460371ee8fc29af3be125d mes5/x86_64/firefox-id-3.6.28-0.1mdvmes5.2.x86_64.rpm
4723b626cb004d280e17fd7b58a6dffd mes5/x86_64/firefox-is-3.6.28-0.1mdvmes5.2.x86_64.rpm
9d395fe387ecf0bea017350b8347b297 mes5/x86_64/firefox-it-3.6.28-0.1mdvmes5.2.x86_64.rpm
a1b2d3a30fb8a3bd0edb34467aae6f06 mes5/x86_64/firefox-ja-3.6.28-0.1mdvmes5.2.x86_64.rpm
67be026d628785d2b247459867c6f9e6 mes5/x86_64/firefox-ka-3.6.28-0.1mdvmes5.2.x86_64.rpm
917bb7853fdbc6c5fdd8711b3a848d41 mes5/x86_64/firefox-kn-3.6.28-0.1mdvmes5.2.x86_64.rpm
936fb8a7485c3c0517f7032d4b0dc39d mes5/x86_64/firefox-ko-3.6.28-0.1mdvmes5.2.x86_64.rpm
81d5588ef43cfb5396de46cf8d0e7fea mes5/x86_64/firefox-ku-3.6.28-0.1mdvmes5.2.x86_64.rpm
eafdb163713505e2c0687e0e413e3794 mes5/x86_64/firefox-lt-3.6.28-0.1mdvmes5.2.x86_64.rpm
2b11364dc5a5a9ea115283bde80ce66e mes5/x86_64/firefox-lv-3.6.28-0.1mdvmes5.2.x86_64.rpm
45639ec7581eba62d734a2195009af31 mes5/x86_64/firefox-mk-3.6.28-0.1mdvmes5.2.x86_64.rpm
acf047b5e5e3c9a507ffad3b3c44fa9b mes5/x86_64/firefox-mr-3.6.28-0.1mdvmes5.2.x86_64.rpm
6cb814d2f418cd4afa94e2f2da0900a1 mes5/x86_64/firefox-nb_NO-3.6.28-0.1mdvmes5.2.x86_64.rpm
6dedd3d5c5f817fa838a790d9ee207fa mes5/x86_64/firefox-nl-3.6.28-0.1mdvmes5.2.x86_64.rpm
ce9c552d44485597e582e60caa46b004 mes5/x86_64/firefox-nn_NO-3.6.28-0.1mdvmes5.2.x86_64.rpm
d415704d53a0f62e9b77d0f43c8b57a7 mes5/x86_64/firefox-oc-3.6.28-0.1mdvmes5.2.x86_64.rpm
3ed8730465f6ebe64a50716078a77f6f mes5/x86_64/firefox-pa_IN-3.6.28-0.1mdvmes5.2.x86_64.rpm
642c5e2442fe13526e00f7df2e8e507e mes5/x86_64/firefox-pl-3.6.28-0.1mdvmes5.2.x86_64.rpm
34fe130d2ed32f2c01e49a71c7e1a447 mes5/x86_64/firefox-pt_BR-3.6.28-0.1mdvmes5.2.x86_64.rpm
58188ea1e751081bba7f975546a3b029 mes5/x86_64/firefox-pt_PT-3.6.28-0.1mdvmes5.2.x86_64.rpm
45614de038f35e3cc52395cd1ae230a7 mes5/x86_64/firefox-ro-3.6.28-0.1mdvmes5.2.x86_64.rpm
25ad60d00821f7dcb9dd7877e8b2884b mes5/x86_64/firefox-ru-3.6.28-0.1mdvmes5.2.x86_64.rpm
95df3ad3c0863ce457ec980294ef3a28 mes5/x86_64/firefox-si-3.6.28-0.1mdvmes5.2.x86_64.rpm
ecbb2b364891395d3d0d2536579e42ec mes5/x86_64/firefox-sk-3.6.28-0.1mdvmes5.2.x86_64.rpm
2d52428c87d5c5def9f3dc87a21c6a11 mes5/x86_64/firefox-sl-3.6.28-0.1mdvmes5.2.x86_64.rpm
87f4573f6bb96fa17f84a793051b176b mes5/x86_64/firefox-sq-3.6.28-0.1mdvmes5.2.x86_64.rpm
ac0e3dd123b73981a2c21a1775e6e43c mes5/x86_64/firefox-sr-3.6.28-0.1mdvmes5.2.x86_64.rpm
5a761ea654ee7bf0d493a46d8b7fadd7 mes5/x86_64/firefox-sv_SE-3.6.28-0.1mdvmes5.2.x86_64.rpm
b101ceee4290e83b6c98f1a861ca689d mes5/x86_64/firefox-te-3.6.28-0.1mdvmes5.2.x86_64.rpm
60e6e7ae427e29dbbade52fefd68c292 mes5/x86_64/firefox-th-3.6.28-0.1mdvmes5.2.x86_64.rpm
854a5fab0244951fe90ad4072335638a mes5/x86_64/firefox-tr-3.6.28-0.1mdvmes5.2.x86_64.rpm
cc51858b721402f70fb2ef8be1b1dd75 mes5/x86_64/firefox-uk-3.6.28-0.1mdvmes5.2.x86_64.rpm
16de62f081a84e0bf20891ff7f39bec7 mes5/x86_64/firefox-zh_CN-3.6.28-0.1mdvmes5.2.x86_64.rpm
57d2232818d572fe451a13997bebfda7 mes5/x86_64/firefox-zh_TW-3.6.28-0.1mdvmes5.2.x86_64.rpm
e09f0d6753ba4b6b950887200f106493 mes5/x86_64/gnome-python-extras-2.19.1-20.37mdvmes5.2.x86_64.rpm
c5f14875ee85d8ead8149ff0fd77d5ea mes5/x86_64/gnome-python-gda-2.19.1-20.37mdvmes5.2.x86_64.rpm
6b51d1b49857710e477e839ab4d4a497 mes5/x86_64/gnome-python-gda-devel-2.19.1-20.37mdvmes5.2.x86_64.rpm
9c0e105ada286084037e0ec36510e9a7 mes5/x86_64/gnome-python-gdl-2.19.1-20.37mdvmes5.2.x86_64.rpm
01444253ba96f83d8e3198c3fffd6a8a mes5/x86_64/gnome-python-gtkhtml2-2.19.1-20.37mdvmes5.2.x86_64.rpm
693e1fb01e343d6bf56d295a52260250 mes5/x86_64/gnome-python-gtkmozembed-2.19.1-20.37mdvmes5.2.x86_64.rpm
3470c9dc3a98286f664fbebdd0fd0707 mes5/x86_64/gnome-python-gtkspell-2.19.1-20.37mdvmes5.2.x86_64.rpm
65b20c59f0cd2de1cbfedf8fdd39ef97 mes5/x86_64/lib64nspr4-4.9.0-0.1mdvmes5.2.x86_64.rpm
37e009252daafa2f994f3d086b894610 mes5/x86_64/lib64nspr-devel-4.9.0-0.1mdvmes5.2.x86_64.rpm
2d948bc8cb66b40fd7c09f70f1c8c50b mes5/x86_64/lib64nss3-3.13.3-0.1mdvmes5.2.x86_64.rpm
523ca013d45b407625d0340b7af612d7 mes5/x86_64/lib64nss-devel-3.13.3-0.1mdvmes5.2.x86_64.rpm
922f0ed18fa82a192aeeb164ede072f9 mes5/x86_64/lib64nss-static-devel-3.13.3-0.1mdvmes5.2.x86_64.rpm
ad5ec53cd3fc8bf3dce11780b24fb690 mes5/x86_64/lib64sqlite3_0-3.7.7.1-0.1mdvmes5.2.x86_64.rpm
c758865df850ad1a1048ab5177f1aad8 mes5/x86_64/lib64sqlite3-devel-3.7.7.1-0.1mdvmes5.2.x86_64.rpm
0456e6fad9ed8d0d715187c1f9437a66 mes5/x86_64/lib64sqlite3-static-devel-3.7.7.1-0.1mdvmes5.2.x86_64.rpm
6db8a6cfcde6b4c88a69bcf629d6342d mes5/x86_64/lib64xulrunner1.9.2.28-1.9.2.28-0.1mdvmes5.2.x86_64.rpm
52f0556e8306df1af8e3ac9c28da3c46 mes5/x86_64/lib64xulrunner-devel-1.9.2.28-0.1mdvmes5.2.x86_64.rpm
9a69345d8afbbd159fec594b074c1b0a mes5/x86_64/nss-3.13.3-0.1mdvmes5.2.x86_64.rpm
8f6f6aa411ac66d155415a839bcb1ccd mes5/x86_64/sqlite3-tools-3.7.7.1-0.1mdvmes5.2.x86_64.rpm
e2b5073a526d429b1a227954f338f6cc mes5/x86_64/xulrunner-1.9.2.28-0.1mdvmes5.2.x86_64.rpm
d96cb22f20299d547bb730e5bb37097d mes5/x86_64/yelp-2.24.0-3.38mdvmes5.2.x86_64.rpm
b7e03daa00968bdf4f763ae3c5adcd08 mes5/SRPMS/firefox-3.6.28-0.1mdvmes5.2.src.rpm
90687ce312bc3859244183d0d7addf0a mes5/SRPMS/firefox-l10n-3.6.28-0.1mdvmes5.2.src.rpm
5179b819a85caf44529fb5bff69741a4 mes5/SRPMS/gnome-python-extras-2.19.1-20.37mdvmes5.2.src.rpm
13ac1196fd16b327a2ff9806c7bf4d42 mes5/SRPMS/nspr-4.9.0-0.1mdvmes5.2.src.rpm
bf96b82670ffa0b689d01e188e05fff3 mes5/SRPMS/nss-3.13.3-0.1mdvmes5.2.src.rpm
4ccdb4e9713747b05d12635fd03998b8 mes5/SRPMS/sqlite3-3.7.7.1-0.1mdvmes5.2.src.rpm
3a074bf163e16dc5bd91ffa85c8989d6 mes5/SRPMS/xulrunner-1.9.2.28-0.1mdvmes5.2.src.rpm
287f03cbc95a8b3b35879a726645108a mes5/SRPMS/yelp-2.24.0-3.38mdvmes5.2.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQFPZI2emqjQ0CJFipgRAjHsAKCyVBOcfOHyrlsycafkx003L1+v8wCfXN6K
p5Xal1rBXS2NTtJPymr/XH4=
=SH2Y
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



Relevant Pages

  • [Full-disclosure] [ MDVSA-2013:269 ] firefox
    ... Multiple security issues was identified and fixed in mozilla NSPR, ... The mozilla firefox packages has been upgraded to the latest ESR ... Mandriva Enterprise Server 5/X86_64: ...
    (Full-Disclosure)
  • [ MDVSA-2013:269 ] firefox
    ... Multiple security issues was identified and fixed in mozilla NSPR, ... The mozilla firefox packages has been upgraded to the latest ESR ... Mandriva Enterprise Server 5/X86_64: ...
    (Bugtraq)
  • [Full-disclosure] [ MDVSA-2013:270 ] nss
    ... Package: nss ... Multiple security issues was identified and fixed in mozilla NSPR ... The NSPR packages has been upgraded to the 4.10.2 version and the NSS ...
    (Full-Disclosure)
  • [ MDVSA-2013:270 ] nss
    ... Package: nss ... Multiple security issues was identified and fixed in mozilla NSPR ... The NSPR packages has been upgraded to the 4.10.2 version and the NSS ...
    (Bugtraq)
  • Re: Browsers browsers
    ... ive been using firefox for about the same amount of time as i have IE ... MSFT to remove IE from the OS integration and just let us use Windows ... mozilla has never claimed their software is perfect, ... "Security, cool features of FireFox Web Browser beat Microsoft's IE". ...
    (microsoft.public.scripting.jscript)