From: [email protected]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------ Debian Security Advisory DSA-1649-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 08, 2008 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : iceweasel
Vulnerability : several
Problem-Type : remote
Debian-specific: no
CVE ID : CVE-2008-0016 CVE-2008-3835 CVE-2008-3836 CVE-2008-3837 CVE-2008-4058 CVE-2008-4059 CVE-2008-4060 CVE-2008-4061 CVE-2008-4062 CVE-2008-4065 CVE-2008-4066 CVE-2008-4067 CVE-2008-4068 CVE-2008-4069

Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems:

CVE-2008-0016

Justin Schuh, Tom Cross and Peter Williams discovered a buffer
overflow in the parser for UTF-8 URLs, which may lead to the
execution of arbitrary code.

CVE-2008-3835

"moz_bug_r_a4" discovered that the same-origin check in
nsXMLDocument::OnChannelRedirect() could by bypassed.

CVE-2008-3836

"moz_bug_r_a4" discovered that several vulnerabilities in
feedWriter could lead to Chrome privilege escalation.

CVE-2008-3837

Paul Nickerson discovered that an attacker could move windows
during a mouse click, resulting in unwanted action triggered by
drag-and-drop.

CVE-2008-4058

"moz_bug_r_a4" discovered a vulnerability which can result in
Chrome privilege escalation through XPCNativeWrappers.

CVE-2008-4059

"moz_bug_r_a4" discovered a vulnerability which can result in
Chrome privilege escalation through XPCNativeWrappers.

CVE-2008-4060

Olli Pettay and "moz_bug_r_a4" discovered a Chrome privilege
escalation vulnerability in XSLT handling.

CVE-2008-4061

Jesse Ruderman discovered a crash in the layout engine, which might
allow the execution of arbitrary code.

CVE-2008-4062

Igor Bukanov, Philip Taylor, Georgi Guninski and Antoine Labour
discovered crashes in the Javascript engine, which might allow the
execution of arbitrary code.

CVE-2008-4065

Dave Reed discovered that some Unicode byte order marks are
stripped from Javascript code before execution, which can result in
code being executed, which were otherwise part of a quoted string.

CVE-2008-4066

Gareth Heyes discovered that some Unicode surrogate characters are
ignored by the HTML parser.

CVE-2008-4067

Boris Zbarsky discovered that resource: URls allow directory
traversal when using URL-encoded slashes.

CVE-2008-4068

Georgi Guninski discovered that resource: URLs could bypass local
access restrictions.

CVE-2008-4069

Billy Hoffman discovered that the XBM decoder could reveal
uninitialised memory.

For the stable distribution (etch), these problems have been fixed in
version 2.0.0.17-0etch1. Packages for hppa will be provided later.

For the unstable distribution (sid), these problems have been fixed in
version 3.0.3 of iceweasel and 1.9.0.3-1 of xulrunner.

We recommend that you upgrade your iceweasel package.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch
- -------------------------------

Stable updates are available for alpha, amd64, arm, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel_2.0.0.17.orig.tar.gz
Size/MD5 checksum: 47264462 caa85228cc0f4d309e85d6991cb95305
http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel_2.0.0.17-0etch1.dsc
Size/MD5 checksum: 1289 84dfa301f786f84a1d64baf4ed3db782
http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel_2.0.0.17-0etch1.diff.gz
Size/MD5 checksum: 186694 8e6e9a55fde52af390122189070fca57

Architecture independent packages:

http://security.debian.org/pool/updates/main/i/iceweasel/firefox_2.0.0.17-0etch1_all.deb
Size/MD5 checksum: 54634 b2fd3414c31cebfcf9a1433dcc1d2e93
http://security.debian.org/pool/updates/main/i/iceweasel/firefox-dom-inspector_2.0.0.17-0etch1_all.deb
Size/MD5 checksum: 54530 fc5fb66d2eaf4027d945dd0a28b2d846
http://security.debian.org/pool/updates/main/i/iceweasel/mozilla-firefox-dom-inspector_2.0.0.17-0etch1_all.deb
Size/MD5 checksum: 54384 21762949b8e2fd39ac79476fa24b03d1
http://security.debian.org/pool/updates/main/i/iceweasel/mozilla-firefox-gnome-support_2.0.0.17-0etch1_all.deb
Size/MD5 checksum: 54384 9df9c09b5351c290fee72c24b47a331d
http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-dom-inspector_2.0.0.17-0etch1_all.deb
Size/MD5 checksum: 239720 644c28cc69b5ffa408b0c57b92152ec3
http://security.debian.org/pool/updates/main/i/iceweasel/mozilla-firefox_2.0.0.17-0etch1_all.deb
Size/MD5 checksum: 55170 5d191251cab8743fdd8537c757e39abc
http://security.debian.org/pool/updates/main/i/iceweasel/firefox-gnome-support_2.0.0.17-0etch1_all.deb
Size/MD5 checksum: 54494 bf8060f4a48856e3221988210417ebd6

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel_2.0.0.17-0etch1_alpha.deb
Size/MD5 checksum: 11578586 a8c71f32151faca4674a1a09e3b66545
http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-dbg_2.0.0.17-0etch1_alpha.deb
Size/MD5 checksum: 51173558 6361a1e6926eb32d5ede6c74671d86f1
http://security.debian.org/pool/updates/main/i/iceweasel/iceweasel-gnome-support_2.0.0.17-0etch1_alpha.deb
Size/MD5 checksum: 90252 569480998f4eac60ba8c0f6e62cb275e

amd64 architecture (AMD x86_64 (AMD64))


[continued in next message]

--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)