RHSA-2005:323-01: Critical: mozilla security update
Posted on: 03/23/2005 03:04 PM

A mozilla security update is available for Red Hat Enterprise Linux 2.1 and 3

----------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Critical: mozilla security update
Advisory ID: RHSA-2005:323-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-323.html
Issue date: 2005-03-23
Updated on: 2005-03-23
Product: Red Hat Enterprise Linux
CVE Names: CAN-2004-0906 CAN-2004-1380 CAN-2004-1613 CAN-2005-0141 CAN-2005-0144 CAN-2005-0147 CAN-2005-0149 CAN-2005-0232 CAN-2005-0399
----------------------------------------------------------------------

1. Summary:

Updated mozilla packages that fix various bugs are now available.

This update has been rated as having critical security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

3. Problem description:

Mozilla is an open source Web browser, advanced email and newsgroup client,
IRC chat client, and HTML editor.

A buffer overflow bug was found in the way Mozilla processes GIF images. It
is possible for an attacker to create a specially crafted GIF image, which
when viewed by a victim will execute arbitrary code as the victim. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2005-0399 to this issue.

A bug was found in the way Mozilla displays dialog windows. It is possible
that a malicious web page which is being displayed in a background tab
could present the user with a dialog window appearing to come from the
active page. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-1380 to this issue.

A bug was found in the way Firefox allowed plug-ins to load privileged
content into a frame. It is possible that a malicious webpage could trick a
user into clicking in certain places to modify configuration settings or
execute arbitrary code. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2005-0232 to this issue.

A bug was found in the way Mozilla Mail handles cookies when loading
content over HTTP regardless of the user's preference. It is possible that
a particular user could be tracked through the use of malicious mail
messages which load content over HTTP. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2005-0149 to
this issue.

A bug was found in the way Mozilla responds to proxy auth requests. It is
possible for a malicious webserver to steal credentials from a victims
browser by issuing a 407 proxy authentication request. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2005-0147 to this issue.

A bug was found in the way Mozilla handles certain start tags followed by a
NULL character. A malicious web page could cause Mozilla to crash when
viewed by a victim. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-1613 to this issue.

A bug was found in the way Mozilla sets file permissions when installing
XPI packages. It is possible for an XPI package to install some files
world readable or writable, allowing a malicious local user to steal
information or execute arbitrary code. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2004-0906 to
this issue.

A bug was found in the way Mozilla loads links in a new tab which are
middle clicked. A malicious web page could read local files or modify
privileged chrom settings. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2005-0141 to this issue.

A bug was found in the way Mozilla displays the secure site icon. A
malicious web page can use a view-source URL targetted at a secure page,
while loading an insecure page, yet the secure site icon shows the previous
secure state. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2005-0144 to this issue.

Users of Mozilla are advised to upgrade to this updated package which
contains Mozilla version 1.4.4 and additional backported patches to correct
these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/):

145597 - CAN-2005-0141 Link opened in new tab can load a local file
145609 - CAN-2005-0144 Secure site lock can be spoofed with view-source:
145610 - CAN-2004-1380 Input stealing from other tabs (CAN-2004-1381)
145614 - CAN-2005-0147 Browser responds to proxy auth request from non-proxy server (ssl/https)
145615 - CAN-2005-0149 Mail responds to cookie requests
151209 -
151492 - CAN-2004-1613 Mozilla start tag NULL character DoS
151494 - CAN-2004-0906 Mozilla XPI installer insecure file creation
151496 - CAN-2005-0232 fireflashing vulnerability (CAN-2005-0527)

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/galeon-1.2.13-6.2.1.src.rpm
bfa6d2b47049ca23b8b8b320749b7ea2 galeon-1.2.13-6.2.1.src.rpm
ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/mozilla-1.4.4-1.2.3.src.rpm
492ba66de02ce249a94226f7da5cb1a8 mozilla-1.4.4-1.2.3.src.rpm

i386:
640ead171aa0fc4cdf6367e63df5652c galeon-1.2.13-6.2.1.i386.rpm
6f3df40d9ceea897b0b4d6bbcf08f32f mozilla-1.4.4-1.2.3.i386.rpm
1b885fa495058785d4d726c52119ef6e mozilla-chat-1.4.4-1.2.3.i386.rpm
af7ed1e862811a591b6d70df4c21ee95 mozilla-devel-1.4.4-1.2.3.i386.rpm
ae51fad443b9f7f86019f9da87534499 mozilla-dom-inspector-1.4.4-1.2.3.i386.rpm
b5f9b2fd48e520c0548024f062d3be4a mozilla-js-debugger-1.4.4-1.2.3.i386.rpm
26f5a720479169d6ee2618a1df2876cf mozilla-mail-1.4.4-1.2.3.i386.rpm
53988d7daa3f6b92dbbf8a4638fde336 mozilla-nspr-1.4.4-1.2.3.i386.rpm
fd1a43ab2e3dfa370989a2806ee7fa10 mozilla-nspr-devel-1.4.4-1.2.3.i386.rpm
38851672d0ec94d06447bf082cf58d96 mozilla-nss-1.4.4-1.2.3.i386.rpm
6e826549e1c1526af249034bd6c3de26 mozilla-nss-devel-1.4.4-1.2.3.i386.rpm

ia64:
32ad65318604c36cf95b25f2124ec223 galeon-1.2.13-6.2.1.ia64.rpm
6cb59d01995e11204ab23a54568c9f9f mozilla-1.4.4-1.2.3.ia64.rpm
1f25d7f9d3c80cade1f8efd8b0ee98b7 mozilla-chat-1.4.4-1.2.3.ia64.rpm
01cc33ec4c371a843a411ac869f94ca0 mozilla-devel-1.4.4-1.2.3.ia64.rpm
5d779ebb2e5dab692710ca931fed6f79 mozilla-dom-inspector-1.4.4-1.2.3.ia64.rpm
2fc3624b90c331946afdf14352711f27 mozilla-js-debugger-1.4.4-1.2.3.ia64.rpm
e20163a2bc4cb9237735bebb5949bd09 mozilla-mail-1.4.4-1.2.3.ia64.rpm
280721615940ff5cf20592b0aff50cd3 mozilla-nspr-1.4.4-1.2.3.ia64.rpm
dedc936c50f2d93712a1a85ed391fb49 mozilla-nspr-devel-1.4.4-1.2.3.ia64.rpm
bb0524cc191752bbd6c1e4380d978640 mozilla-nss-1.4.4-1.2.3.ia64.rpm
62c1a1ebb38cc6374697247699c121df mozilla-nss-devel-1.4.4-1.2.3.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/galeon-1.2.13-6.2.1.src.rpm
bfa6d2b47049ca23b8b8b320749b7ea2 galeon-1.2.13-6.2.1.src.rpm
ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/mozilla-1.4.4-1.2.3.src.rpm
492ba66de02ce249a94226f7da5cb1a8 mozilla-1.4.4-1.2.3.src.rpm

ia64:
32ad65318604c36cf95b25f2124ec223 galeon-1.2.13-6.2.1.ia64.rpm
6cb59d01995e11204ab23a54568c9f9f mozilla-1.4.4-1.2.3.ia64.rpm
1f25d7f9d3c80cade1f8efd8b0ee98b7 mozilla-chat-1.4.4-1.2.3.ia64.rpm
01cc33ec4c371a843a411ac869f94ca0 mozilla-devel-1.4.4-1.2.3.ia64.rpm
5d779ebb2e5dab692710ca931fed6f79 mozilla-dom-inspector-1.4.4-1.2.3.ia64.rpm
2fc3624b90c331946afdf14352711f27 mozilla-js-debugger-1.4.4-1.2.3.ia64.rpm
e20163a2bc4cb9237735bebb5949bd09 mozilla-mail-1.4.4-1.2.3.ia64.rpm
280721615940ff5cf20592b0aff50cd3 mozilla-nspr-1.4.4-1.2.3.ia64.rpm
dedc936c50f2d93712a1a85ed391fb49 mozilla-nspr-devel-1.4.4-1.2.3.ia64.rpm
bb0524cc191752bbd6c1e4380d978640 mozilla-nss-1.4.4-1.2.3.ia64.rpm
62c1a1ebb38cc6374697247699c121df mozilla-nss-devel-1.4.4-1.2.3.ia64.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/galeon-1.2.13-6.2.1.src.rpm
bfa6d2b47049ca23b8b8b320749b7ea2 galeon-1.2.13-6.2.1.src.rpm
ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/mozilla-1.4.4-1.2.3.src.rpm
492ba66de02ce249a94226f7da5cb1a8 mozilla-1.4.4-1.2.3.src.rpm

i386:
640ead171aa0fc4cdf6367e63df5652c galeon-1.2.13-6.2.1.i386.rpm
6f3df40d9ceea897b0b4d6bbcf08f32f mozilla-1.4.4-1.2.3.i386.rpm
1b885fa495058785d4d726c52119ef6e mozilla-chat-1.4.4-1.2.3.i386.rpm
af7ed1e862811a591b6d70df4c21ee95 mozilla-devel-1.4.4-1.2.3.i386.rpm
ae51fad443b9f7f86019f9da87534499 mozilla-dom-inspector-1.4.4-1.2.3.i386.rpm
b5f9b2fd48e520c0548024f062d3be4a mozilla-js-debugger-1.4.4-1.2.3.i386.rpm
26f5a720479169d6ee2618a1df2876cf mozilla-mail-1.4.4-1.2.3.i386.rpm
53988d7daa3f6b92dbbf8a4638fde336 mozilla-nspr-1.4.4-1.2.3.i386.rpm
fd1a43ab2e3dfa370989a2806ee7fa10 mozilla-nspr-devel-1.4.4-1.2.3.i386.rpm
38851672d0ec94d06447bf082cf58d96 mozilla-nss-1.4.4-1.2.3.i386.rpm
6e826549e1c1526af249034bd6c3de26 mozilla-nss-devel-1.4.4-1.2.3.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/galeon-1.2.13-6.2.1.src.rpm
bfa6d2b47049ca23b8b8b320749b7ea2 galeon-1.2.13-6.2.1.src.rpm
ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/mozilla-1.4.4-1.2.3.src.rpm
492ba66de02ce249a94226f7da5cb1a8 mozilla-1.4.4-1.2.3.src.rpm

i386:
640ead171aa0fc4cdf6367e63df5652c galeon-1.2.13-6.2.1.i386.rpm
6f3df40d9ceea897b0b4d6bbcf08f32f mozilla-1.4.4-1.2.3.i386.rpm
1b885fa495058785d4d726c52119ef6e mozilla-chat-1.4.4-1.2.3.i386.rpm
af7ed1e862811a591b6d70df4c21ee95 mozilla-devel-1.4.4-1.2.3.i386.rpm
ae51fad443b9f7f86019f9da87534499 mozilla-dom-inspector-1.4.4-1.2.3.i386.rpm
b5f9b2fd48e520c0548024f062d3be4a mozilla-js-debugger-1.4.4-1.2.3.i386.rpm
26f5a720479169d6ee2618a1df2876cf mozilla-mail-1.4.4-1.2.3.i386.rpm
53988d7daa3f6b92dbbf8a4638fde336 mozilla-nspr-1.4.4-1.2.3.i386.rpm
fd1a43ab2e3dfa370989a2806ee7fa10 mozilla-nspr-devel-1.4.4-1.2.3.i386.rpm
38851672d0ec94d06447bf082cf58d96 mozilla-nss-1.4.4-1.2.3.i386.rpm
6e826549e1c1526af249034bd6c3de26 mozilla-nss-devel-1.4.4-1.2.3.i386.rpm

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/mozilla-1.4.4-1.3.5.src.rpm
56deb276290446e580ffd03b99f00a36 mozilla-1.4.4-1.3.5.src.rpm

i386:
d3b673160835e792151148f10fda5ed6 mozilla-1.4.4-1.3.5.i386.rpm
324e811245840ab2ec24307a4d0e7256 mozilla-chat-1.4.4-1.3.5.i386.rpm
750a4982a9eb9094a65ada2c00caa4a1 mozilla-devel-1.4.4-1.3.5.i386.rpm
98b5256945b2da77115f9a1332222b2e mozilla-dom-inspector-1.4.4-1.3.5.i386.rpm
02de930daf3662e48bbe40fef64ede15 mozilla-js-debugger-1.4.4-1.3.5.i386.rpm
bc76919e0e6cbbb9d6e3af1d8890ffa9 mozilla-mail-1.4.4-1.3.5.i386.rpm
2ed41ea030dad2f34bf005ab71d1f7a7 mozilla-nspr-1.4.4-1.3.5.i386.rpm
0a92c035db2cabb1d9bcdf6d14e766ac mozilla-nspr-devel-1.4.4-1.3.5.i386.rpm
140ff2ec99a45e891adfa52c799a1a79 mozilla-nss-1.4.4-1.3.5.i386.rpm
17510499ca4880110cfdb82924a791a7 mozilla-nss-devel-1.4.4-1.3.5.i386.rpm

ia64:
0d7d91dad11ae959d141d18ea19b079c mozilla-1.4.4-1.3.5.ia64.rpm
fbd29b9381da91a7425c4c1534d7726f mozilla-chat-1.4.4-1.3.5.ia64.rpm
44edbce53caa6cd7e182232209c5d40b mozilla-devel-1.4.4-1.3.5.ia64.rpm
482435ed8f2a040e2ec0326909fae3c3 mozilla-dom-inspector-1.4.4-1.3.5.ia64.rpm
532d2fd41430b9455bc3188be7c637c2 mozilla-js-debugger-1.4.4-1.3.5.ia64.rpm
80db174298676c72b910f8c81c2405c3 mozilla-mail-1.4.4-1.3.5.ia64.rpm
f40ffd6e3a1aeee6879ddf049060b151 mozilla-nspr-1.4.4-1.3.5.ia64.rpm
2ed41ea030dad2f34bf005ab71d1f7a7 mozilla-nspr-1.4.4-1.3.5.i386.rpm
03ca5f59bac9685b1eed7870c9f3a5a1 mozilla-nspr-devel-1.4.4-1.3.5.ia64.rpm
604b09728acd2bd90c2331cefd1b6ed0 mozilla-nss-1.4.4-1.3.5.ia64.rpm
140ff2ec99a45e891adfa52c799a1a79 mozilla-nss-1.4.4-1.3.5.i386.rpm
d328d20773f0af370f89a0113844557d mozilla-nss-devel-1.4.4-1.3.5.ia64.rpm

ppc:
696f7f714ea9bf4e9c85aa76fb05fc43 mozilla-1.4.4-1.3.5.ppc.rpm
e633b0cc0581ba5cb69307dd7c1d3501 mozilla-chat-1.4.4-1.3.5.ppc.rpm
94a938d734de1cca883de9d442b9cf48 mozilla-devel-1.4.4-1.3.5.ppc.rpm
c7b55219bf541e824163e816eeba3d72 mozilla-dom-inspector-1.4.4-1.3.5.ppc.rpm
08b74fe5d8232682ce1f35a0cf75e88e mozilla-js-debugger-1.4.4-1.3.5.ppc.rpm
0343e582869923b903ed7ae8d56e017a mozilla-mail-1.4.4-1.3.5.ppc.rpm
ab2df03107e250927edfc3cba6691545 mozilla-nspr-1.4.4-1.3.5.ppc.rpm
b2da2cdfeb834c96805884424791100e mozilla-nspr-devel-1.4.4-1.3.5.ppc.rpm
ec1ecbe8ca70613e62bfdbbedf079baf mozilla-nss-1.4.4-1.3.5.ppc.rpm
ba0a5df973bc99840589cddfb616e8ad mozilla-nss-devel-1.4.4-1.3.5.ppc.rpm

s390:
69c69d46957f35f9569ffbed352e14f6 mozilla-1.4.4-1.3.5.s390.rpm
63180be7a03aad0ca5522eadb7ff1400 mozilla-chat-1.4.4-1.3.5.s390.rpm
b9610f2d1ff6aa38c02cfaad1470f83e mozilla-devel-1.4.4-1.3.5.s390.rpm
13113afec61e781a5b610e2a04456297 mozilla-dom-inspector-1.4.4-1.3.5.s390.rpm
5a30f4a136abc86024480c40dfadeb6a mozilla-js-debugger-1.4.4-1.3.5.s390.rpm
c1f3021e4a7c3dcd2acda6a7e5887c54 mozilla-mail-1.4.4-1.3.5.s390.rpm
d324540741c273908a4a00936dbd59b1 mozilla-nspr-1.4.4-1.3.5.s390.rpm
e2d51cbdc8f6fdbf514c1a5be547c8df mozilla-nspr-devel-1.4.4-1.3.5.s390.rpm
9db13f5be1e758119e136db280f71527 mozilla-nss-1.4.4-1.3.5.s390.rpm
d947f511e8a48536fd2b06ee53a4cabb mozilla-nss-devel-1.4.4-1.3.5.s390.rpm

s390x:
ff3936f6df6c69f5125ed9f2b2030cc5 mozilla-1.4.4-1.3.5.s390x.rpm
a462bb974a53dd44a3e894b6b343ac7e mozilla-chat-1.4.4-1.3.5.s390x.rpm
ff84589153c55746448ea1bf219f27ce mozilla-devel-1.4.4-1.3.5.s390x.rpm
99bf1ba3f5a7ecdb5723f0d8e869414b mozilla-dom-inspector-1.4.4-1.3.5.s390x.rpm
407ddbbeb04586281f8ffcdbba602d0b mozilla-js-debugger-1.4.4-1.3.5.s390x.rpm
4472d0efc6042c1ef09219f3952eb942 mozilla-mail-1.4.4-1.3.5.s390x.rpm
c9b3244b5f18e625cbcd5e8e78c4a655 mozilla-nspr-1.4.4-1.3.5.s390x.rpm
d324540741c273908a4a00936dbd59b1 mozilla-nspr-1.4.4-1.3.5.s390.rpm
090e7e4d9e68ee705d8f91e31bfd82b3 mozilla-nspr-devel-1.4.4-1.3.5.s390x.rpm
8d903c5aa0038c9c241eac3e37e99335 mozilla-nss-1.4.4-1.3.5.s390x.rpm
9db13f5be1e758119e136db280f71527 mozilla-nss-1.4.4-1.3.5.s390.rpm
dcc2b2d9dc3499d7235eed6473c6a7fb mozilla-nss-devel-1.4.4-1.3.5.s390x.rpm

x86_64:
d7497f99749a268d76820f09af460174 mozilla-1.4.4-1.3.5.x86_64.rpm
d3b673160835e792151148f10fda5ed6 mozilla-1.4.4-1.3.5.i386.rpm
3315e273014d7dc28d8363e4e140eca6 mozilla-chat-1.4.4-1.3.5.x86_64.rpm
7841d99372a61f3432a98745f707dff9 mozilla-devel-1.4.4-1.3.5.x86_64.rpm
c7b97fae2a4427bca52878168c0bac31 mozilla-dom-inspector-1.4.4-1.3.5.x86_64.rpm
f2377c82623e615338b916d1e18d2138 mozilla-js-debugger-1.4.4-1.3.5.x86_64.rpm
663be710f1808de2112010ae65018f61 mozilla-mail-1.4.4-1.3.5.x86_64.rpm
747dc266316d11a04692801353e41ac5 mozilla-nspr-1.4.4-1.3.5.x86_64.rpm
2ed41ea030dad2f34bf005ab71d1f7a7 mozilla-nspr-1.4.4-1.3.5.i386.rpm
94a2afad4561d6d18271bfe4d9b1f1db mozilla-nspr-devel-1.4.4-1.3.5.x86_64.rpm
72005829614f14512916a5e4e1044cff mozilla-nss-1.4.4-1.3.5.x86_64.rpm
140ff2ec99a45e891adfa52c799a1a79 mozilla-nss-1.4.4-1.3.5.i386.rpm
6c7c2e51226bde6c1484290e21ed1e14 mozilla-nss-devel-1.4.4-1.3.5.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/mozilla-1.4.4-1.3.5.src.rpm
56deb276290446e580ffd03b99f00a36 mozilla-1.4.4-1.3.5.src.rpm

i386:
d3b673160835e792151148f10fda5ed6 mozilla-1.4.4-1.3.5.i386.rpm
324e811245840ab2ec24307a4d0e7256 mozilla-chat-1.4.4-1.3.5.i386.rpm
750a4982a9eb9094a65ada2c00caa4a1 mozilla-devel-1.4.4-1.3.5.i386.rpm
98b5256945b2da77115f9a1332222b2e mozilla-dom-inspector-1.4.4-1.3.5.i386.rpm
02de930daf3662e48bbe40fef64ede15 mozilla-js-debugger-1.4.4-1.3.5.i386.rpm
bc76919e0e6cbbb9d6e3af1d8890ffa9 mozilla-mail-1.4.4-1.3.5.i386.rpm
2ed41ea030dad2f34bf005ab71d1f7a7 mozilla-nspr-1.4.4-1.3.5.i386.rpm
0a92c035db2cabb1d9bcdf6d14e766ac mozilla-nspr-devel-1.4.4-1.3.5.i386.rpm
140ff2ec99a45e891adfa52c799a1a79 mozilla-nss-1.4.4-1.3.5.i386.rpm
17510499ca4880110cfdb82924a791a7 mozilla-nss-devel-1.4.4-1.3.5.i386.rpm

x86_64:
d7497f99749a268d76820f09af460174 mozilla-1.4.4-1.3.5.x86_64.rpm
d3b673160835e792151148f10fda5ed6 mozilla-1.4.4-1.3.5.i386.rpm
3315e273014d7dc28d8363e4e140eca6 mozilla-chat-1.4.4-1.3.5.x86_64.rpm
7841d99372a61f3432a98745f707dff9 mozilla-devel-1.4.4-1.3.5.x86_64.rpm
c7b97fae2a4427bca52878168c0bac31 mozilla-dom-inspector-1.4.4-1.3.5.x86_64.rpm
f2377c82623e615338b916d1e18d2138 mozilla-js-debugger-1.4.4-1.3.5.x86_64.rpm
663be710f1808de2112010ae65018f61 mozilla-mail-1.4.4-1.3.5.x86_64.rpm
747dc266316d11a04692801353e41ac5 mozilla-nspr-1.4.4-1.3.5.x86_64.rpm
2ed41ea030dad2f34bf005ab71d1f7a7 mozilla-nspr-1.4.4-1.3.5.i386.rpm
94a2afad4561d6d18271bfe4d9b1f1db mozilla-nspr-devel-1.4.4-1.3.5.x86_64.rpm
72005829614f14512916a5e4e1044cff mozilla-nss-1.4.4-1.3.5.x86_64.rpm
140ff2ec99a45e891adfa52c799a1a79 mozilla-nss-1.4.4-1.3.5.i386.rpm
6c7c2e51226bde6c1484290e21ed1e14 mozilla-nss-devel-1.4.4-1.3.5.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/mozilla-1.4.4-1.3.5.src.rpm
56deb276290446e580ffd03b99f00a36 mozilla-1.4.4-1.3.5.src.rpm

i386:
d3b673160835e792151148f10fda5ed6 mozilla-1.4.4-1.3.5.i386.rpm
324e811245840ab2ec24307a4d0e7256 mozilla-chat-1.4.4-1.3.5.i386.rpm
750a4982a9eb9094a65ada2c00caa4a1 mozilla-devel-1.4.4-1.3.5.i386.rpm
98b5256945b2da77115f9a1332222b2e mozilla-dom-inspector-1.4.4-1.3.5.i386.rpm
02de930daf3662e48bbe40fef64ede15 mozilla-js-debugger-1.4.4-1.3.5.i386.rpm
bc76919e0e6cbbb9d6e3af1d8890ffa9 mozilla-mail-1.4.4-1.3.5.i386.rpm
2ed41ea030dad2f34bf005ab71d1f7a7 mozilla-nspr-1.4.4-1.3.5.i386.rpm
0a92c035db2cabb1d9bcdf6d14e766ac mozilla-nspr-devel-1.4.4-1.3.5.i386.rpm
140ff2ec99a45e891adfa52c799a1a79 mozilla-nss-1.4.4-1.3.5.i386.rpm
17510499ca4880110cfdb82924a791a7 mozilla-nss-devel-1.4.4-1.3.5.i386.rpm

ia64:
0d7d91dad11ae959d141d18ea19b079c mozilla-1.4.4-1.3.5.ia64.rpm
fbd29b9381da91a7425c4c1534d7726f mozilla-chat-1.4.4-1.3.5.ia64.rpm
44edbce53caa6cd7e182232209c5d40b mozilla-devel-1.4.4-1.3.5.ia64.rpm
482435ed8f2a040e2ec0326909fae3c3 mozilla-dom-inspector-1.4.4-1.3.5.ia64.rpm
532d2fd41430b9455bc3188be7c637c2 mozilla-js-debugger-1.4.4-1.3.5.ia64.rpm
80db174298676c72b910f8c81c2405c3 mozilla-mail-1.4.4-1.3.5.ia64.rpm
f40ffd6e3a1aeee6879ddf049060b151 mozilla-nspr-1.4.4-1.3.5.ia64.rpm
2ed41ea030dad2f34bf005ab71d1f7a7 mozilla-nspr-1.4.4-1.3.5.i386.rpm
03ca5f59bac9685b1eed7870c9f3a5a1 mozilla-nspr-devel-1.4.4-1.3.5.ia64.rpm
604b09728acd2bd90c2331cefd1b6ed0 mozilla-nss-1.4.4-1.3.5.ia64.rpm
140ff2ec99a45e891adfa52c799a1a79 mozilla-nss-1.4.4-1.3.5.i386.rpm
d328d20773f0af370f89a0113844557d mozilla-nss-devel-1.4.4-1.3.5.ia64.rpm

x86_64:
d7497f99749a268d76820f09af460174 mozilla-1.4.4-1.3.5.x86_64.rpm
d3b673160835e792151148f10fda5ed6 mozilla-1.4.4-1.3.5.i386.rpm
3315e273014d7dc28d8363e4e140eca6 mozilla-chat-1.4.4-1.3.5.x86_64.rpm
7841d99372a61f3432a98745f707dff9 mozilla-devel-1.4.4-1.3.5.x86_64.rpm
c7b97fae2a4427bca52878168c0bac31 mozilla-dom-inspector-1.4.4-1.3.5.x86_64.rpm
f2377c82623e615338b916d1e18d2138 mozilla-js-debugger-1.4.4-1.3.5.x86_64.rpm
663be710f1808de2112010ae65018f61 mozilla-mail-1.4.4-1.3.5.x86_64.rpm
747dc266316d11a04692801353e41ac5 mozilla-nspr-1.4.4-1.3.5.x86_64.rpm
2ed41ea030dad2f34bf005ab71d1f7a7 mozilla-nspr-1.4.4-1.3.5.i386.rpm
94a2afad4561d6d18271bfe4d9b1f1db mozilla-nspr-devel-1.4.4-1.3.5.x86_64.rpm
72005829614f14512916a5e4e1044cff mozilla-nss-1.4.4-1.3.5.x86_64.rpm
140ff2ec99a45e891adfa52c799a1a79 mozilla-nss-1.4.4-1.3.5.i386.rpm
6c7c2e51226bde6c1484290e21ed1e14 mozilla-nss-devel-1.4.4-1.3.5.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/mozilla-1.4.4-1.3.5.src.rpm
56deb276290446e580ffd03b99f00a36 mozilla-1.4.4-1.3.5.src.rpm

i386:
d3b673160835e792151148f10fda5ed6 mozilla-1.4.4-1.3.5.i386.rpm
324e811245840ab2ec24307a4d0e7256 mozilla-chat-1.4.4-1.3.5.i386.rpm
750a4982a9eb9094a65ada2c00caa4a1 mozilla-devel-1.4.4-1.3.5.i386.rpm
98b5256945b2da77115f9a1332222b2e mozilla-dom-inspector-1.4.4-1.3.5.i386.rpm
02de930daf3662e48bbe40fef64ede15 mozilla-js-debugger-1.4.4-1.3.5.i386.rpm
bc76919e0e6cbbb9d6e3af1d8890ffa9 mozilla-mail-1.4.4-1.3.5.i386.rpm
2ed41ea030dad2f34bf005ab71d1f7a7 mozilla-nspr-1.4.4-1.3.5.i386.rpm
0a92c035db2cabb1d9bcdf6d14e766ac mozilla-nspr-devel-1.4.4-1.3.5.i386.rpm
140ff2ec99a45e891adfa52c799a1a79 mozilla-nss-1.4.4-1.3.5.i386.rpm
17510499ca4880110cfdb82924a791a7 mozilla-nss-devel-1.4.4-1.3.5.i386.rpm

ia64:
0d7d91dad11ae959d141d18ea19b079c mozilla-1.4.4-1.3.5.ia64.rpm
fbd29b9381da91a7425c4c1534d7726f mozilla-chat-1.4.4-1.3.5.ia64.rpm
44edbce53caa6cd7e182232209c5d40b mozilla-devel-1.4.4-1.3.5.ia64.rpm
482435ed8f2a040e2ec0326909fae3c3 mozilla-dom-inspector-1.4.4-1.3.5.ia64.rpm
532d2fd41430b9455bc3188be7c637c2 mozilla-js-debugger-1.4.4-1.3.5.ia64.rpm
80db174298676c72b910f8c81c2405c3 mozilla-mail-1.4.4-1.3.5.ia64.rpm
f40ffd6e3a1aeee6879ddf049060b151 mozilla-nspr-1.4.4-1.3.5.ia64.rpm
2ed41ea030dad2f34bf005ab71d1f7a7 mozilla-nspr-1.4.4-1.3.5.i386.rpm
03ca5f59bac9685b1eed7870c9f3a5a1 mozilla-nspr-devel-1.4.4-1.3.5.ia64.rpm
604b09728acd2bd90c2331cefd1b6ed0 mozilla-nss-1.4.4-1.3.5.ia64.rpm
140ff2ec99a45e891adfa52c799a1a79 mozilla-nss-1.4.4-1.3.5.i386.rpm
d328d20773f0af370f89a0113844557d mozilla-nss-devel-1.4.4-1.3.5.ia64.rpm

x86_64:
d7497f99749a268d76820f09af460174 mozilla-1.4.4-1.3.5.x86_64.rpm
d3b673160835e792151148f10fda5ed6 mozilla-1.4.4-1.3.5.i386.rpm
3315e273014d7dc28d8363e4e140eca6 mozilla-chat-1.4.4-1.3.5.x86_64.rpm
7841d99372a61f3432a98745f707dff9 mozilla-devel-1.4.4-1.3.5.x86_64.rpm
c7b97fae2a4427bca52878168c0bac31 mozilla-dom-inspector-1.4.4-1.3.5.x86_64.rpm
f2377c82623e615338b916d1e18d2138 mozilla-js-debugger-1.4.4-1.3.5.x86_64.rpm
663be710f1808de2112010ae65018f61 mozilla-mail-1.4.4-1.3.5.x86_64.rpm
747dc266316d11a04692801353e41ac5 mozilla-nspr-1.4.4-1.3.5.x86_64.rpm
2ed41ea030dad2f34bf005ab71d1f7a7 mozilla-nspr-1.4.4-1.3.5.i386.rpm
94a2afad4561d6d18271bfe4d9b1f1db mozilla-nspr-devel-1.4.4-1.3.5.x86_64.rpm
72005829614f14512916a5e4e1044cff mozilla-nss-1.4.4-1.3.5.x86_64.rpm
140ff2ec99a45e891adfa52c799a1a79 mozilla-nss-1.4.4-1.3.5.i386.rpm
6c7c2e51226bde6c1484290e21ed1e14 mozilla-nss-devel-1.4.4-1.3.5.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0906
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1380
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1613
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0141
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0144
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0147
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0149
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0232
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0399

8. Contact:

The Red Hat security contact is lt;secalert@redhat.comgt;. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.


Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/rhsa_2005323_01_critical_mozilla_security_update.html)