mozilla-firefox - several vulnerabilities

The latest security updates of Mozilla Firefox introduced a regression
that led to a dysfunctional attachment panel which warrants a
correction to fix this issue. For reference please find below the
original advisory text:

>
> Several security related problems have been discovered in Mozilla and
> derived products like Mozilla Firefox. The Common Vulnerabilities and
> Exposures project identifies the following vulnerabilities:
>
>
> * CVE-2006-3805
> The Javascript engine might allow remote attackers to execute
> arbitrary code. [MFSA-2006-50]
> * CVE-2006-3806
> Multiple integer overflows in the Javascript engine might allow
> remote attackers to execute arbitrary code. [MFSA-2006-50]
> * CVE-2006-3807
> Specially crafted Javascript allows remote attackers to execute
> arbitrary code. [MFSA-2006-51]
> * CVE-2006-3808
> Remote Proxy AutoConfig (PAC) servers could execute code with elevated
> privileges via a specially crafted PAC script. [MFSA-2006-52]
> * CVE-2006-3809
> Scripts with the UniversalBrowserRead privilege could gain
> UniversalXPConnect privileges and possibly execute code or obtain
> sensitive data. [MFSA-2006-53]
> * CVE-2006-3811
> Multiple vulnerabilities allow remote attackers to cause a denial
> of service (crash) and possibly execute arbitrary code.
> [MFSA-2006-55]
>
>
>

For the stable distribution (sarge) these problems have been fixed in
version 1.0.4-2sarge11.

For the unstable distribution (sid) these problems have been fixed in
version 1.5.dfsg+1.5.0.5-1.

We recommend that you upgrade your mozilla-firefox package.