|
Voici la 413e page demandée aujourd'hui.
|
 |
|||||||
 | |||||||
 | |||||||
 | |||||||
 | |||||||
 | |||||||
 | |||||||
 | |||||||
|
|
|||||||
|
| |||||||
|
|
|
Exploits et Vulnérabilités logiciel sur ground418
|
||||||||||||||||||||||||
|
Résumé / Abstract : Plusieurs vulnérabilités de Firefox 3.0 et Xulrunner 1.9 dans Ubuntu 8.04 LTS, 8.10 et 9.04. Texte original (anglais) : =========================================================== Ubuntu Security Notice USN-895-1 February 17, 2010 firefox-3.0, xulrunner-1.9 vulnerabilities CVE-2009-1571, CVE-2009-3988, CVE-2010-0159, CVE-2010-0160, CVE-2010-0162 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: firefox-3.0 3.0.18+build1+nobinonly-0ubuntu0.8.04.1 xulrunner-1.9 1.9.0.18+build1+nobinonly-0ubuntu0.8.04.1 Ubuntu 8.10: abrowser 3.0.18+build1+nobinonly-0ubuntu0.8.10.1 firefox-3.0 3.0.18+build1+nobinonly-0ubuntu0.8.10.1 xulrunner-1.9 1.9.0.18+build1+nobinonly-0ubuntu0.8.10.1 Ubuntu 9.04: abrowser 3.0.18+build1+nobinonly-0ubuntu0.9.04.1 firefox-3.0 3.0.18+build1+nobinonly-0ubuntu0.9.04.1 xulrunner-1.9 1.9.0.18+build1+nobinonly-0ubuntu0.9.04.1 After a standard system upgrade you need to restart Firefox and any applications that use xulrunner to effect the necessary changes. Details follow: Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-0159) Orlando Barrera II discovered a flaw in the Web Workers implementation of Firefox. If a user were tricked into posting to a malicious website, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-0160) Alin Rad Pop discovered that Firefox's HTML parser would incorrectly free memory under certain circumstances. If the browser could be made to access these freed memory objects, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-1571) Hidetake Jo discovered that the showModalDialog in Firefox did not always honor the same-origin policy. An attacker could exploit this to run untrusted JavaScript from other domains. (CVE-2009-3988) Georgi Guninski discovered that the same-origin check in Firefox could be bypassed by utilizing a crafted SVG image. If a user were tricked into viewing a malicious website, an attacker could exploit this to read data from other domains. (CVE-2010-0162) Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3. 0.18+build1+nobinonly-0ubuntu0.8.04.1.diff.gz Size/MD5: 106195 f12fd18051a424ac5e7b8fa2959e9465 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3. 0.18+build1+nobinonly-0ubuntu0.8.04.1.dsc Size/MD5: 2782 62dece31d3b5c6fdd7f666b160b5b233 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3. 0.18+build1+nobinonly.orig.tar.gz Size/MD5: 11195453 43f41d60599673f797cbac967deac00a http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1. 9_1.9.0.18+build1+nobinonly-0ubuntu0.8.04.1.diff.gz Size/MD5: 79798 59ce1a67e8147d66b4e5be5772875434 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1. 9_1.9.0.18+build1+nobinonly-0ubuntu0.8.04.1.dsc Size/MD5: 2833 a0a383c9bb050127951bc92994b1842d http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1. 9_1.9.0.18+build1+nobinonly.orig.tar.gz Size/MD5: 42044694 54ced22ec7c148b6189d0e0905537950 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-dev_3. 0.18+build1+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66526 55fbe8271376b2c5c24851e362976eaa http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-gnome- support_3.0.18+build1+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66532 4a7278e54cbe023f951e77a76bf4c878 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-granpa radiso-dev_3.0.18+build1+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66496 b399ab43052e39041ae1daf14ea14d6e http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-trunk- dev_3.0.18+build1+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66480 ade782aa7df5190dbeaa4fa070802f16 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox_3.0.18 +build1+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66636 1cc94120a7855f913c2d27fab34a8abe http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-3. 0-dom-inspector_3.0.18+build1+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66540 e88722e35eb1429210553a2c17e71b49 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-3. 0-venkman_3.0.18+build1+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66494 640f1cae67cc1dce239a25bfea430b82 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-do m-inspector_3.0.18+build1+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 8982 4d5fac6048ff3092c43780823b1465c4 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-gr anparadiso-dom-inspector_3.0.18+build1+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 8966 187f3337611396db8282e6cb7d2c68eb http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-gr anparadiso-gnome-support_3.0.18+build1+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66512 ed2f5e0ddc11a07dc3fb99498e65ce9f http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-gr anparadiso_3.0.18+build1+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66484 3daaa9cab0ffb6dba8cdae04f384b720 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-li bthai_3.0.18+build1+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66472 729d392003156d639d91ae24608cca41 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-tr unk-dom-inspector_3.0.18+build1+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 8954 01b3e6fcc86eb22afca9680301e654c1 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-tr unk-gnome-support_3.0.18+build1+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66502 0fa1fa663a0d9d80025ae1c93006ee20 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-tr unk-venkman_3.0.18+build1+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 8942 93280b2af0116eaf2776975d800f1049 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-tr unk_3.0.18+build1+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 66464 f09a922ee13ad87c2491169535714059 http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9/xulrunne r-1.9-dom-inspector_1.9.0.18+build1+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 126124 b0936daacae14158ed54cb1b402a5046 http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9/xulrunne r-1.9-venkman_1.9.0.18+build1+nobinonly-0ubuntu0.8.04.1_all.deb Size/MD5: 236144 1f55a91b7df6376d52bb66a9dd907740 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-de v_3.0.18+build1+nobinonly-0ubuntu0.8.04.1_amd64.deb Size/MD5: 9036 022b505854d2ca2bc038a75e39cc97a0 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-gn ome-support_3.0.18+build1+nobinonly-0ubuntu0.8.04.1_amd64.deb Size/MD5: 29584 2c23bd7eb5b1b49c24d739060be18aff http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3. 0.18+build1+nobinonly-0ubuntu0.8.04.1_amd64.deb Size/MD5: 1092652 84976da716c4ffc3119bac210fec0b5e http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1. 9-dev_1.9.0.18+build1+nobinonly-0ubuntu0.8.04.1_amd64.deb Size/MD5: 4657292 86115d257d31103c409ca94a35b11936 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1. 9-gnome-support_1.9.0.18+build1+nobinonly-0ubuntu0.8.04.1_amd64.deb Size/MD5: 48662 21af4403b8fd5280e11169ad2b5bf145 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1. 9_1.9.0.18+build1+nobinonly-0ubuntu0.8.04.1_amd64.deb Size/MD5: 9092618 50638ad08fdeedd4319ea5b2c6641a3b i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-de v_3.0.18+build1+nobinonly-0ubuntu0.8.04.1_i386.deb Size/MD5: 9028 25d7e1cb9632cb36b6a7dc62340396cd http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0-gn ome-support_3.0.18+build1+nobinonly-0ubuntu0.8.04.1_i386.deb Size/MD5: 25734 de898d27b1935f095073d06d7b298964 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3. 0.18+build1+nobinonly-0ubuntu0.8.04.1_i386.deb Size/MD5: 1071878 87db24f649c1f484590a7c6106b82a32 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1. 9-dev_1.9.0.18+build1+nobinonly-0ubuntu0.8.04.1_i386.deb Size/MD5: 4632478 13290f8c534384a536bfb570b6b48cc9 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1. 9-gnome-support_1.9.0.18+build1+nobinonly-0ubuntu0.8.04.1_i386.deb Size/MD5: 38512 c97aa1226d0b5195c4735295e78a436d http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1. 9_1.9.0.18+build1+nobinonly-0ubuntu0.8.04.1_i386.deb Size/MD5: 7816198 35cc097a6efb7e6b18c2200ae1400c27 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.18+b uild1+nobinonly-0ubuntu0.8.04.1_lpia.deb Size/MD5: 9034 eb41f410c6f8c4336abaad385e742e97 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-gnome-suppor t_3.0.18+build1+nobinonly-0ubuntu0.8.04.1_lpia.deb Size/MD5: 25354 069a9b4f7949d26c42b83fdc8773a89d http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0_3.0.18+build 1+nobinonly-0ubuntu0.8.04.1_lpia.deb Size/MD5: 1068486 bc8f471b20ed49feea9b307539596a5f http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9. 0.18+build1+nobinonly-0ubuntu0.8.04.1_lpia.deb Size/MD5: 4628510 6f63e5502534ea45ca7d48302f508eb4 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-su pport_1.9.0.18+build1+nobinonly-0ubuntu0.8.04.1_lpia.deb Size/MD5: 37610 d25f62cf7b8863ad0e437b28f8f9c321 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.18 +build1+nobinonly-0ubuntu0.8.04.1_lpia.deb Size/MD5: 7703254 fc29de22f54a5c0b23e075c4c475ce89 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-dev_3.0.18+b uild1+nobinonly-0ubuntu0.8.04.1_powerpc.deb Size/MD5: 9034 011cf18080af697c80a1bccb0f48c372 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0-gnome-suppor t_3.0.18+build1+nobinonly-0ubuntu0.8.04.1_powerpc.deb Size/MD5: 27510 8135f9b4073b4119353844f3d0f7b4e1 http://ports.ubuntu.com/pool/main/f/firefox-3.0/firefox-3.0_3.0.18+build 1+nobinonly-0ubuntu0.8.04.1_powerpc.deb Size/MD5: 1085830 95610a0624f911d8dc5ef70959e059a1 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-dev_1.9. 0.18+build1+nobinonly-0ubuntu0.8.04.1_powerpc.deb Size/MD5: 4624620 4b54b29ff86d93e52070ebd790a43b5b http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9-gnome-su pport_1.9.0.18+build1+nobinonly-0ubuntu0.8.04.1_powerpc.deb Size/MD5: 43684 9f7ac1cf272038a05b6cbabd0e681e47 http://ports.ubuntu.com/pool/main/x/xulrunner-1.9/xulrunner-1.9_1.9.0.18 +build1+nobinonly-0ubuntu0.8.04.1_powerpc.deb Size/MD5: 8666380 33e07816fcfc5867f596cf35dd1c73f2 Updated packages for Ubuntu 8.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3. 0.18+build1+nobinonly-0ubuntu0.8.10.1.diff.gz Size/MD5: 123228 4334378493ec7d09ae54e4a8a4722335 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3. 0.18+build1+nobinonly-0ubuntu0.8.10.1.dsc Size/MD5: 2837 ae707c690fa6b4df440a3c70209ac8f4 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-3.0_3. 0.18+build1+nobinonly.orig.tar.gz Size/MD5: 11195453 43f41d60599673f797cbac967deac00a http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1. 9_1.9.0.18+build1+nobinonly-0ubuntu0.8.10.1.diff.gz Size/MD5: 251273 3d4f7d018d5b1c25a0d2877f09f63648 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1. 9_1.9.0.18+build1+nobinonly-0ubuntu0.8.10.1.dsc Size/MD5: 2851 fc2421751d44580536c2666ee66d3904 http://security.ubuntu.com/ubuntu/pool/main/x/xulrunner-1.9/xulrunner-1. 9_1.9.0.18+build1+nobinonly.orig.tar.gz Size/MD5: 42044694 54ced22ec7c148b6189d0e0905537950 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/abrowser_3.0.1 8+build1+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69382 244e13fd127d272dcaca9b3051ea9dd2 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-dev_3. 0.18+build1+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69276 35ad39771486680bbc6a38bfbf973871 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-gnome- support_3.0.18+build1+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69288 67299d054a33c9360c314c63a52457de http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-granpa radiso-dev_3.0.18+build1+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69248 069c90357b890d4ec8818fe9e23bb5ff http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox-trunk- dev_3.0.18+build1+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69238 ecfcc9eb99c093dd04efe26e7249aa47 http://security.ubuntu.com/ubuntu/pool/main/f/firefox-3.0/firefox_3.0.18 +build1+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69374 f2cf14a3dd57f3abd31a624589cc37e9 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-3. 0-dom-inspector_3.0.18+build1+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69298 b595247327829a236b9843d726edc130 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-3. 0-venkman_3.0.18+build1+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69248 332c54fc4cb69629b7f6efa7e98f1925 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-do m-inspector_3.0.18+build1+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 8978 003191d32d6dd2f2a2b213f5babb66f2 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-gr anparadiso-dom-inspector_3.0.18+build1+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 8968 83211932aff06f9c3c50a29d76d96834 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-gr anparadiso-gnome-support_3.0.18+build1+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69272 2e05ac71775c538317a809acb52d878b http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-gr anparadiso_3.0.18+build1+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69240 ae0e73c62755a719af1abf824b08e07e http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-li bthai_3.0.18+build1+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69228 51fa6cec869e3dd6484cbef6c261d954 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-tr unk-dom-inspector_3.0.18+build1+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 8956 facfcada2d8a85a2d37e137f15c37883 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-tr unk-gnome-support_3.0.18+build1+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69262 1e4e74dc8373d48ab51d483465642b8f http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-tr unk-venkman_3.0.18+build1+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 8942 47980961738b7f1719e5f7cf5bdd8459 http://security.ubuntu.com/ubuntu/pool/universe/f/firefox-3.0/firefox-tr unk_3.0.18+build1+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 69224 be4cb23320949fba3c7120f0ac1f4327 http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9/xulrunne r-1.9-dom-inspector_1.9.0.18+build1+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 128076 ff82ae2c41df10cc84e39561d30cdbd0 http://security.ubuntu.com/ubuntu/pool/universe/x/xulrunner-1.9/xulrunne r-1.9-venkman_1.9.0.18+build1+nobinonly-0ubuntu0.8.10.1_all.deb Size/MD5: 237848 650532faa9820e23c80cc41767ec6fe8 amd64 architectur | ||||||||||||||||||||||||
| ||||||||||||||||||||||||
| partenaires |
|
|
|