|
|
|
From: Slackware Security Team <security@slackware.com>
To: slackware-security@slackware.com
Subject: [slackware-security] Mozilla/Firefox (SSA:2005-135-01)
Date: Sun, 15 May 2005 23:54:22 -0700 (PDT) |
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[slackware-security] Mozilla/Firefox (SSA:2005-135-01)
New Mozilla packages are available for Slackware 10.0, 10.1, and -current
to fix various security issues and bugs. See the Mozilla site for a complete
list of the issues patched:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#Mozilla
Also updated is Firefox in Slackware -current.
New versions of the mozilla-plugins symlink creation package are also out for
Slackware 10.0 and 10.1, and a new version of the jre-symlink package for
Slackware -current.
Here are the details from the Slackware 10.1 ChangeLog:
+--------------------------+
patches/packages/mozilla-plugins-1.7.8-noarch-1.tgz: Upgraded Java(TM)
symlink for Mozilla.
patches/packages/mozilla-1.7.8-i486-1.tgz: Upgraded to mozilla-1.7.8.
Two vulnerabilities found in Mozilla Firefox 1.0.3 when combined allow an
attacker to run arbitrary code. The Mozilla Suite version 1.7.7 is only
partially vulnerable. For more details, see:
http://www.mozilla.org/security/announce/mfsa2005-42.html
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
Updated packages for Slackware 10.0:
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/mozilla-1.7.8-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/mozilla-plugins-1.7.8-noarch-1.tgz
Updated packages for Slackware 10.1:
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/mozilla-1.7.8-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/mozilla-plugins-1.7.8-noarch-1.tgz
Updated packages for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/jre-symlink-1.0.4-noarch-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/mozilla-1.7.8-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/mozilla-firefox-1.0.4-i686-1.tgz
MD5 signatures:
+-------------+
Slackware 10.0 packages:
fa412bdee8c1f1971f710c87e9a6fc94 mozilla-1.7.8-i486-1.tgz
a70a4e7e5c0e7e3bf916eebfb25a4e99 mozilla-plugins-1.7.8-noarch-1.tgz
Slackware 10.1 packages:
e3c9c5acdd01db0cda3f73e7bea1e4ad mozilla-1.7.8-i486-1.tgz
12df49ed6bab71e4ad8ec27781477609 mozilla-plugins-1.7.8-noarch-1.tgz
Slackware -current packages:
40f9f9f2c048dede809698042b801784 jre-symlink-1.0.4-noarch-1.tgz
e510ab3d049bc31877e49efa7dcb668c mozilla-1.7.8-i486-1.tgz
e62f390e7f4fdc1d46352fbb90a7580c mozilla-firefox-1.0.4-i686-1.tgz
Installation instructions:
+------------------------+
Upgrade the packages as root:
# upgradepkg mozilla-1.7.8-i486-1.tgz mozilla-plugins-1.7.8-noarch-1.tgz
+-----+
Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com
+------------------------------------------------------------------------+
| To leave the slackware-security mailing list: |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. |
+------------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.7 (GNU/Linux)
iD4DBQFCiDkIakRjwEAQIjMRAj/AAJjfPa/ARLm9e+KgAhNoV2heMdoLAJ0XbbNx
ORt9A/fzUC5qYZqicLHQUA==
=TPsj
-----END PGP SIGNATURE-----
|
|
|
