Mozilla/Firefox (SSA:2005-135-01)
Posted on: 05/16/2005 06:22 AM

New Mozilla packages are available for Slackware 10.0, 10.1, and -current to fix various security issues and bugs. See the Mozilla site for a complete list of the issues patched:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#Mozilla

Also updated is Firefox in Slackware -current.

New versions of the mozilla-plugins symlink creation package are also out for Slackware 10.0 and 10.1, and a new version of the jre-symlink package for Slackware -current.

Here are the details from the Slackware 10.1 ChangeLog:
+--------------------------+
patches/packages/mozilla-plugins-1.7.8-noarch-1.tgz: Upgraded Java(TM)
symlink for Mozilla.
patches/packages/mozilla-1.7.8-i486-1.tgz: Upgraded to mozilla-1.7.8.
Two vulnerabilities found in Mozilla Firefox 1.0.3 when combined allow an
attacker to run arbitrary code. The Mozilla Suite version 1.7.7 is only
partially vulnerable. For more details, see:
http://www.mozilla.org/security/announce/mfsa2005-42.html
(* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

Updated packages for Slackware 10.0:
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/mozilla-1.7.8-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/mozilla-plugins-1.7.8-noarch-1.tgz

Updated packages for Slackware 10.1:
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/mozilla-1.7.8-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/mozilla-plugins-1.7.8-noarch-1.tgz

Updated packages for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/jre-symlink-1.0.4-noarch-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/mozilla-1.7.8-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/mozilla-firefox-1.0.4-i686-1.tgz


MD5 signatures:
+-------------+

Slackware 10.0 packages:
fa412bdee8c1f1971f710c87e9a6fc94 mozilla-1.7.8-i486-1.tgz
a70a4e7e5c0e7e3bf916eebfb25a4e99 mozilla-plugins-1.7.8-noarch-1.tgz

Slackware 10.1 packages:
e3c9c5acdd01db0cda3f73e7bea1e4ad mozilla-1.7.8-i486-1.tgz
12df49ed6bab71e4ad8ec27781477609 mozilla-plugins-1.7.8-noarch-1.tgz

Slackware -current packages:
40f9f9f2c048dede809698042b801784 jre-symlink-1.0.4-noarch-1.tgz
e510ab3d049bc31877e49efa7dcb668c mozilla-1.7.8-i486-1.tgz
e62f390e7f4fdc1d46352fbb90a7580c mozilla-firefox-1.0.4-i686-1.tgz


Installation instructions:
+------------------------+

Upgrade the packages as root:
# upgradepkg mozilla-1.7.8-i486-1.tgz mozilla-plugins-1.7.8-noarch-1.tgz


+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com


Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/mozillafirefox_ssa2005_135_01.html)