Accepted firefox 1.5.dfsg+1.5.0.14~prepatch071011b-0ubuntu1 (source)

Ubuntu Installer archive at ubuntu.com
Mon Oct 22 23:57:35 BST 2007


Accepted:
 OK: firefox_1.5.dfsg+1.5.0.14~prepatch071011b.orig.tar.gz
 OK: firefox_1.5.dfsg+1.5.0.14~prepatch071011b-0ubuntu1.diff.gz
 OK: firefox_1.5.dfsg+1.5.0.14~prepatch071011b-0ubuntu1.dsc
     -> Component: main Section: web

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Thu, 18 Oct 2007 15:32:18 +0200
Source: firefox
Binary: libnspr4 firefox-dom-inspector firefox-dev mozilla-firefox mozilla-firefox-dev libnss3 libnspr-dev firefox-gnome-support firefox-dbg libnss-dev firefox
Architecture: source
Version: 1.5.dfsg+1.5.0.14~prepatch071011b-0ubuntu1
Distribution: dapper-security
Urgency: low
Maintainer: Eric Dorland <eric at debian.org>
Changed-By: Alexander Sack <asac at ubuntu.com>
Description: 
 firefox    - lightweight web browser based on Mozilla
 firefox-dbg - Debugging information for firefox
 firefox-dev - Development files for Mozilla Firefox
 firefox-dom-inspector - tool for inspecting the DOM of pages in Mozilla Firefox
 firefox-gnome-support - Support for Gnome in Mozilla Firefox
 libnspr-dev - Netscape Portable Runtime library - development files
 libnspr4   - Netscape Portable Runtime Library
 libnss-dev - Network Security Service Libraries - development
 libnss3    - Network Security Service Libraries - runtime
 mozilla-firefox - Transition package for firefox rename
 mozilla-firefox-dev - dummy transitional package
Changes: 
 firefox (1.5.dfsg+1.5.0.14~prepatch071011b-0ubuntu1) dapper-security; urgency=low
 .
   * New security/stability upstream release (v2.0.0.8) - 1.8.0.14 prepatches
     - CVE-2007-1095 - Trick the user when leaving the page
     - CVE-2007-5334 - Trick the user by changing the titlebar
     - CVE-2007-3511 - file input focus stealing vulnerability
     - CVE-2007-5335 - addMicrosummaryGenerator sidebar method can install from
       file URI (1.8.0 doesn't ship the affected feature)
     - CVE-2007-2292 - Browser Digest Authentication Request Splitting
     - CVE-2007-5336 - Notify on text changes before firing mutation events
     - CVE-2007-5337 - sftp protocol support
     - CVE-2007-5338 - Arbitrary code execution by polluting implicit
       XPCNativeWrapper
     - CVE-2007-5339 - crashes with evidence of memory corruption
       (layout + unsorted)
     - CVE-2007-5340 - crashes with evidence of memory corruption (javascript)
     - CVE-2007-5341 - Bugs in Venkman extension (not shipped)
     - CVE-2007-4841 - URIs with invalid % encodings launch wrong handler on
       WinXP+IE7 (not affected)
Files: 
 9a5194822dd56d0cd88291bb8fdd5147 1794 web optional firefox_1.5.dfsg+1.5.0.14~prepatch071011b-0ubuntu1.dsc
 8f9aaa57f7e5998681424fbb27e7dc49 46787289 web optional firefox_1.5.dfsg+1.5.0.14~prepatch071011b.orig.tar.gz
 1e6b9ea70815fd61ca0981e00ba6b4bf 177650 web optional firefox_1.5.dfsg+1.5.0.14~prepatch071011b-0ubuntu1.diff.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iQIVAwUBRxdi+KBE/gcUDGZkAQKPMw/+MnuQHZDQChQrBB+SeJ+bXphHDAyDX5+J
vnGHktf+cxgCR8v1oV8co0I0DgNISpVTtzEvWuufLdcU2jMsR/lCbtgDfUe4AE24
4LsJfPvYSbl1qYsBYg4+3Y+LnRhuWUD35mTNRUfKLt8sWpmlsGvY0yPoBp+b3beK
tZAvilWCxvrWvObxl8AiOsn2qv9CPElZISkm7SjCH0YXZ7NrQfynAPQFG3CAfP7o
V5TZIRTH8MoPdKMUN4RmeldvfvoXeTKM9vufXfTzWEg+BJeH4KIHMGvSI7iJH8Ei
tNqjQDNNeWTY26P9LV7fZhXXbBfc1cKOwNKGoJNXgSf7TBcdvLwOrB73sRK+MiMo
thdxECDBnjl82sDqkavOzTQBGJKn3Q8oG0GE52CRSNj2pjWpXJYa2gfV2vydvldy
6D5ro7daEd4AZFIXs8ZzCBeY73NJuOWQEm/3lHkbMkiO+VM+GCOlQvjIogGrt9Ks
vMukmiaClgPpem9TEcNUX2ezAhecZOMqQxWXzfGrRCzjwRg6G5CDOmnAC9Gbw3U4
4x+7AML/jVrn8zOFlsX1qZvLraHSDwe9B2B+t8pflzbfL0VVFghbQwMxcfOWI8Al
3Q7bSMfRXxuKbExGtk/iE7qyF9GzOl7sQPbIM2tZVx8DIFOjDjrY4vlUMsNrEADS
r2QL1FMXFsg=
=olpu
-----END PGP SIGNATURE-----





More information about the dapper-changes mailing list