SuSE: 2004-036: mozilla Security Update
Summary
-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________
SUSE Security Announcement
Package: mozilla
Announcement-ID: SUSE-SA:2004:036
Date: Wednesday, Oct 6th 14:36:39 MEST 2004
Affected products: 8.1, 8.2, 9.0, 9.1
SUSE Linux Enterprise Server 8, 9
SUSE Linux Desktop 1.0
Vulnerability Type: various vulnerabilities
Severity (1-10): 5
SUSE default package: yes
Cross References: https://www.mozilla.org/en-US/security/
Content of this advisory:
1) security vulnerability resolved:
- various vulnerabilities
problem description
2) solution/workaround
3) special instructions and notes
4) package location and checksums
5) pending vulnerabilities, solutions, workarounds:
- openmotif
6) standard appendix (further information)
______________________________________________________________________________
1) problem description, brief discussion
During the last months a number of security problems have been fixed
in Mozilla and Mozilla based brwosers. These include:
- CAN-2004-0718: content in unrelated windows could be modified
- CAN-2004-0722: integer overflow in the SOAPParameter object constructor
- CAN-2004-0757: heap-based buffer overflow in the SendUidl of POP3 code
- CAN-2004-0758: denial-of-service with malicious SSL certificates
- CAN-2004-0759: read files via JavaScript
- CAN-2004-0760: MIME code handles %00 incorrectly
- CAN-2004-0761: spoofing of security lock icon
- CAN-2004-0762: manipulation of XPInstall Security dialog box
- CAN-2004-0763: spoofing of SSL certificates by using redirects and
JavaScript
- CAN-2004-0764: hijacking the user interface via the "chrome" flag and
XML User Interface Language (XUL) files
- CAN-2004-0765: spoofing SSL certificates due to incorrecting comparsion
of hostnames
- CAN-2004-0902: Several heap based buffer overflows in Mozilla Browsers.
- CAN-2004-0903: Stack-based buffer overflow in the writeGroup function
in vcard handling.
- CAN-2004-0904: Overflow in BMP bitmap decoding.
- CAN-2004-0905: Crossdomain scripting and possible code execution by
javascript drag and drop.
- CAN-2004-0906: XPI Installer sets insecure permissions, allowing local
users to overwrite files of the user.
- CAN-2004-0908: Allow untrusted javascript code to read and write to the
clipboard.
- CAN-2004-0909: Allow remote attackers to trick the user into performing
dangerous operations by modifying security relevant dialog boxes.
2) solution/workaround
Since there is no workaround, we recommend an update in any case
if you use the mozilla browser.
3) special instructions and notes
After successfully updating the package(s) you need to close
all instances of the web browser and restart it again.
4) package location and checksums
Due to the large amount of updated packages and dependencies we do
not provide MD5-sums this time. The updates are cryptographically
signed and are available for download via the Yast Online Update.
______________________________________________________________________________
5) Pending vulnerabilities in SUSE Distributions and Workarounds:
- openmotif
The XPM security problems within openmotif have been fixed. New packages
are available on our ftp servers.
______________________________________________________________________________
6) standard appendix: authenticity verification, additional information
- Package authenticity verification:
SUSE update packages are available on many mirror ftp servers all over
the world. While this service is being considered valuable and important
to the free and open source software community, many users wish to be
sure about the origin of the package and its content before installing
the package. There are two verification methods that can be used
independently from each other to prove the authenticity of a downloaded
file or rpm package:
1) md5sums as provided in the (cryptographically signed) announcement.
2) using the internal gpg signatures of the rpm package.
1) execute the command
md5sum
References