Lucene search

K
debianDebianDEBIAN:DSA-2124-1:76CD5
HistoryNov 01, 2010 - 8:38 p.m.

[SECURITY] [DSA 2124-1] New Xulrunner packages fix several vulnerabilities

2010-11-0120:38:35
lists.debian.org
33

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

10

Confidence

High

EPSS

0.969

Percentile

99.8%


Debian Security Advisory DSA-2124-1 [email protected]
http://www.debian.org/security/ Florian Weimer
November 01, 2010 http://www.debian.org/security/faq


Package : xulrunner
Vulnerability : several
Problem type : local (remote)
Debian-specific: no
CVE Id(s) : CVE-2010-3765 CVE-2010-3174 CVE-2010-3176 CVE-2010-3177 CVE-2010-3178 CVE-2010-3179 CVE-2010-3180 CVE-2010-3183

Several vulnerabilities have been discovered in Xulrunner, the
component that provides the core functionality of Iceweasel, Debian's
variant of Mozilla's browser technology.

The Common Vulnerabilities and Exposures project identifies the
following problems:

CVE-2010-3765
Xulrunner allows remote attackers to execute arbitrary code
via vectors related to nsCSSFrameConstructor::ContentAppended,
the appendChild method, incorrect index tracking, and the
creation of multiple frames, which triggers memory corruption.

CVE-2010-3174
CVE-2010-3176
Multiple unspecified vulnerabilities in the browser engine in
Xulrunner allow remote attackers to cause a denial of service
(memory corruption and application crash) or possibly execute
arbitrary code via unknown vectors.

CVE-2010-3177
Multiple cross-site scripting (XSS) vulnerabilities in the
Gopher parser in Xulrunner allow remote attackers to inject
arbitrary web script or HTML via a crafted name of a (1) file
or (2) directory on a Gopher server.

CVE-2010-3178
Xulrunner does not properly handle certain modal calls made by
javascript: URLs in circumstances related to opening a new
window and performing cross-domain navigation, which allows
remote attackers to bypass the Same Origin Policy via a
crafted HTML document.

CVE-2010-3179
Stack-based buffer overflow in the text-rendering
functionality in Xulrunner allows remote attackers to execute
arbitrary code or cause a denial of service (memory corruption
and application crash) via a long argument to the
document.write method.

CVE-2010-3180
Use-after-free vulnerability in the nsBarProp function in
Xulrunner allows remote attackers to execute arbitrary code by
accessing the locationbar property of a closed window.

CVE-2010-3183
The LookupGetterOrSetter function in Xulrunner does not
properly support window.lookupGetter function calls that
lack arguments, which allows remote attackers to execute
arbitrary code or cause a denial of service (incorrect pointer
dereference and application crash) via a crafted HTML
document.

In addition, this security update includes corrections for regressions
caused by the fixes for CVE-2010-0654 and CVE-2010-2769 in DSA-2075-1
and DSA-2106-1.

For the stable distribution (lenny), these problems have been fixed in
version 1.9.0.19-6.

For the unstable distribution (sid) and the upcoming stable
distribution (squeeze), these problems have been fixed in version
3.5.15-1 of the iceweasel package.

We recommend that you upgrade your Xulrunner packages.

Upgrade instructions


wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 5.0 alias lenny


Source archives:

http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19-6.dsc
Size/MD5 checksum: 1755 e07e9c6f05d92caf3c5a068b8cf249e1
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19.orig.tar.gz
Size/MD5 checksum: 44174623 83667df1e46399960593fdd8832e958e
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner_1.9.0.19-6.diff.gz
Size/MD5 checksum: 176924 9ac56cbdededbd37f30b2fbf85724ba1

Architecture independent packages:

http://security.debian.org/pool/updates/main/x/xulrunner/libmozillainterfaces-java_1.9.0.19-6_all.deb
Size/MD5 checksum: 1466740 4db5a3cb380642680fc8584bbd559c1c

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-6_alpha.deb
Size/MD5 checksum: 223584 461a28c6405acd4f9bb0576e2982da4e
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-6_alpha.deb
Size/MD5 checksum: 9491974 d636e29b64c83a2a43d7cf50231ef343
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-6_alpha.deb
Size/MD5 checksum: 3358362 08e9f79784ad3ba52a30aa1e71553d95
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-6_alpha.deb
Size/MD5 checksum: 113684 95e4be0c1b10b218859e810ded67ce0d
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-6_alpha.deb
Size/MD5 checksum: 51201246 ad06f952e5d32680b1739970c0af38d3
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-6_alpha.deb
Size/MD5 checksum: 165678 3336d43295e15ec246acb9d65aa1684b
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-6_alpha.deb
Size/MD5 checksum: 940892 45e2a60037bb7bff9c73c882d87d7dbc
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-6_alpha.deb
Size/MD5 checksum: 72724 742cc5e1c363163a192c6cb6fdb5205a
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-6_alpha.deb
Size/MD5 checksum: 433560 ea475e8ea28eef6f33881499cfe4179a

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-6_amd64.deb
Size/MD5 checksum: 70560 9b6ee7fb354dae5d78b03911ee5de94c
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-6_amd64.deb
Size/MD5 checksum: 102210 3ec67b7e662e5a28228422676408138a
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-6_amd64.deb
Size/MD5 checksum: 891472 54b7b88accdfc1afe4f3e35669323c26
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-6_amd64.deb
Size/MD5 checksum: 375598 8c057b0858c9518ec39c64a9e378998c
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-6_amd64.deb
Size/MD5 checksum: 153740 d3803bab845ace63025958f0035cee51
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-6_amd64.deb
Size/MD5 checksum: 3298226 4832e7665e19a3301587f45657613c8a
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-6_amd64.deb
Size/MD5 checksum: 223568 f464b4aa584a79a5639d3c7361df8437
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-6_amd64.deb
Size/MD5 checksum: 50454656 0743e8ba1643eef745c87c59cc17c554
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-6_amd64.deb
Size/MD5 checksum: 7734448 c872c7bf80990a6d80e79d1147cf4701

arm architecture (ARM)

http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-6_arm.deb
Size/MD5 checksum: 351476 6b3d9c8fe879e8963523443c4c9a0741
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-6_arm.deb
Size/MD5 checksum: 68742 41a546be60e4d7c1c5d03e9e994b89f9
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-6_arm.deb
Size/MD5 checksum: 141078 99a1ca3e81b9b8d8769d044115f7e349
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-6_arm.deb
Size/MD5 checksum: 3586576 9eccd861365ab77dc6ced37bf9430e58
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-6_arm.deb
Size/MD5 checksum: 49403312 80ee2609ed8657844eb34d12096f17b0
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-6_arm.deb
Size/MD5 checksum: 84422 242a44cfe822e79975f291553cf26d86
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-6_arm.deb
Size/MD5 checksum: 815626 453e7cb1e3823a9196cf4a4338116834
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-6_arm.deb
Size/MD5 checksum: 6807342 ff5e6f9aaeb25dff90ce89dd2cc60652
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-6_arm.deb
Size/MD5 checksum: 222578 5bc459b6b8e2af17cac9b18dfc1b82e3

armel architecture (ARM EABI)

http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-6_armel.deb
Size/MD5 checksum: 71074 755a0a4267349287b1da5de5e9be0021
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-6_armel.deb
Size/MD5 checksum: 50231752 b2bb2fbb6964339ea465f495a19dea81
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-6_armel.deb
Size/MD5 checksum: 223724 ead62af874d36c771f1f25c146982d84
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-6_armel.deb
Size/MD5 checksum: 353748 1606af72d97b8ca06792f90326f23b8d
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-6_armel.deb
Size/MD5 checksum: 84326 9737260affb7e38ea553d72c07b4ecd2
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-6_armel.deb
Size/MD5 checksum: 142212 973e6e0e3eba1bcb451fbf9519cb261b
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-6_armel.deb
Size/MD5 checksum: 3583542 0c64d395a9b6d8295438e4163110bb58
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-6_armel.deb
Size/MD5 checksum: 6967098 be90fb28695ebf960668af8787923749
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-6_armel.deb
Size/MD5 checksum: 824452 b210f74f1d99e6c1d9adbfb5e55225cb

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-6_i386.deb
Size/MD5 checksum: 6614408 93c72cde788476b48dacd580a8f0f0b8
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-6_i386.deb
Size/MD5 checksum: 143160 b5e3590ebdbf7223c0bac024af05b5f2
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-6_i386.deb
Size/MD5 checksum: 49607238 0f4cd75a85c5ae2e17e340c52481cb77
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-6_i386.deb
Size/MD5 checksum: 852434 78449aa7888666a397684634e96070d5
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-6_i386.deb
Size/MD5 checksum: 69152 9e8724cdf374b7b228f534f04a631f72
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-6_i386.deb
Size/MD5 checksum: 79750 c3e7e841531ea35242fe2a2d511ef704
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-6_i386.deb
Size/MD5 checksum: 224634 51de208fab610ca69ae485c5621aca72
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-6_i386.deb
Size/MD5 checksum: 352144 5b52b17bfdf01bf8f30305e4ed7e48b1
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-6_i386.deb
Size/MD5 checksum: 3574880 c443390f8b9ef56b5e0ce7b4edfc91e0

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-6_ia64.deb
Size/MD5 checksum: 121966 55eb541ff1cce6c6f8edf6f8ed4d0ea2
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-6_ia64.deb
Size/MD5 checksum: 223578 c2bd9d8d641d2e57a31621613fa19fa7
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-6_ia64.deb
Size/MD5 checksum: 3401224 1f5b77b79cdd20fc741ed9fac2cffc87
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-6_ia64.deb
Size/MD5 checksum: 49791322 7cfc30611f2acaa91cabee8f0a7c6259
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-6_ia64.deb
Size/MD5 checksum: 76990 e59e3e9eadd95fb0a5cc6453bdaeff0b
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-6_ia64.deb
Size/MD5 checksum: 542938 17a363bae7a8fbc5973ce38e2d99b8ee
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-6_ia64.deb
Size/MD5 checksum: 180670 f1bfb87d0370d165254c7192d066764f
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-6_ia64.deb
Size/MD5 checksum: 811756 046cde5fd861d4fdae89b079726ce972
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-6_ia64.deb
Size/MD5 checksum: 11320366 9893c16ece56647f42702eb2e173e671

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-6_mips.deb
Size/MD5 checksum: 96770 0fac3de71825c688751b5c40b95c8d98
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-6_mips.deb
Size/MD5 checksum: 69814 8a8b34fedb2d35fcea5c281aa252c8ae
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-6_mips.deb
Size/MD5 checksum: 222760 54aa507a287a89f2f395c46d10ced43b
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-6_mips.deb
Size/MD5 checksum: 917958 27ac8e895138f658dd88fdadaef6d453
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-6_mips.deb
Size/MD5 checksum: 7674738 68b41bbb0ade1076f3ff9d502e07e683
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-6_mips.deb
Size/MD5 checksum: 3612480 bfe2fe243bc6a63445c8afed1d8f42f4
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-6_mips.deb
Size/MD5 checksum: 51958928 caf4012f9054b5ddb9d1034d4f6a2310
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-6_mips.deb
Size/MD5 checksum: 380340 607b465eab33052962ed2e2bf407b202
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-6_mips.deb
Size/MD5 checksum: 144924 c668c26f27148096fdd00b4ccdf57603

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-6_mipsel.deb
Size/MD5 checksum: 145522 d9ab5a31361170b1929e5e3fc8d3737f
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-6_mipsel.deb
Size/MD5 checksum: 901150 93a76c67627dcede38ede95ef0dbab24
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-6_mipsel.deb
Size/MD5 checksum: 379500 cdd76a729549920fa7c43ad34904876a
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-6_mipsel.deb
Size/MD5 checksum: 3312100 42d95093bed6583e44f9ada333663b96
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-6_mipsel.deb
Size/MD5 checksum: 97214 7ac3fe244d75bd86ed505057c88b38b5
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-6_mipsel.deb
Size/MD5 checksum: 50087916 974829f5edf774ccad8a7960db5c504f
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-6_mipsel.deb
Size/MD5 checksum: 70344 f53cab5743dd5d1909e5258715cd1086
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-6_mipsel.deb
Size/MD5 checksum: 7389996 f1b3960ade2639292a0da9fcbd61f02c
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-6_mipsel.deb
Size/MD5 checksum: 223582 edc6ad64cd525b4daae6fd999c8d19d7

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-6_powerpc.deb
Size/MD5 checksum: 94838 a4e8fa67eeaff37d5a446e77267258c9
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-6_powerpc.deb
Size/MD5 checksum: 363960 2d4c97ca00e68f6bd6e27afd48de5f1f
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-6_powerpc.deb
Size/MD5 checksum: 7310408 1d29190b38183dc74fa0875ff711ffd3
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-6_powerpc.deb
Size/MD5 checksum: 153028 670b97cca442bed3a3e4650e2627009f
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-6_powerpc.deb
Size/MD5 checksum: 51515576 c4c9a54f4a99ba7091101e110e28f017
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-6_powerpc.deb
Size/MD5 checksum: 73840 becb987c75679d68d168a0cc48c74808
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-6_powerpc.deb
Size/MD5 checksum: 3594708 66e0554415ceeebf5d82dce11fbc7085
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-6_powerpc.deb
Size/MD5 checksum: 223610 a449f47ed74e8b0b63bea10db09a426d
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-6_powerpc.deb
Size/MD5 checksum: 889260 a38eca26e981a4a6f3b6d4ee66a5844b

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-6_s390.deb
Size/MD5 checksum: 8428652 b9c392806759ca7581f0f145b99de35a
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-6_s390.deb
Size/MD5 checksum: 223378 1be85952bf41e41bf5b54731b33a3ab6
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-6_s390.deb
Size/MD5 checksum: 3609788 9487f101466ff241d70aae1fe3065833
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-6_s390.deb
Size/MD5 checksum: 51305860 158c80447223be1274ba3989c40c9c66
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-6_s390.deb
Size/MD5 checksum: 105898 710c5b7e247627f1b71d0f45fadc6f49
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-6_s390.deb
Size/MD5 checksum: 909890 cc44415e624fb85ec0c15701ad9323f4
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-6_s390.deb
Size/MD5 checksum: 155634 9bf9c3e1112b7e375c093344811ad80e
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-6_s390.deb
Size/MD5 checksum: 407812 d8a32aaca5153e1a7b1a16eb845adeca
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-6_s390.deb
Size/MD5 checksum: 73694 4c6e5f8fe51261b53bedf2c2a86c253b

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d_1.9.0.19-6_sparc.deb
Size/MD5 checksum: 350814 3fca198c20594b5186c6af4374137441
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-dev_1.9.0.19-6_sparc.deb
Size/MD5 checksum: 3573188 4e66692a21ba0b801e0738755622b32d
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs1d-dbg_1.9.0.19-6_sparc.deb
Size/MD5 checksum: 822252 d8d12bad98ff28922292dd6ac0033d41
http://security.debian.org/pool/updates/main/x/xulrunner/python-xpcom_1.9.0.19-6_sparc.deb
Size/MD5 checksum: 143946 62c97e42c256b5f1b00a296929dca270
http://security.debian.org/pool/updates/main/x/xulrunner/spidermonkey-bin_1.9.0.19-6_sparc.deb
Size/MD5 checksum: 69772 2589d7c12b722e1143a481c9f950830a
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-gnome-support_1.9.0.19-6_sparc.deb
Size/MD5 checksum: 88688 d8ad8c57f7a2323c56030ae63d2af1a3
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9_1.9.0.19-6_sparc.deb
Size/MD5 checksum: 7185904 6decab3add2327b2e45f92b7fc11f607
http://security.debian.org/pool/updates/main/x/xulrunner/libmozjs-dev_1.9.0.19-6_sparc.deb
Size/MD5 checksum: 224374 ce1dc6ac823828c32fd31d440590d099
http://security.debian.org/pool/updates/main/x/xulrunner/xulrunner-1.9-dbg_1.9.0.19-6_sparc.deb
Size/MD5 checksum: 49466464 5b94316f597a4c08377976e5075483c5

These files will probably be moved into the stable distribution on
its next update.


For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: [email protected]
Package info: `apt-cache show <pkg>' and http://packages.debian.org/&lt;pkg&gt;

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

10

Confidence

High

EPSS

0.969

Percentile

99.8%