USN-149-3: Ubuntu 4.10 update for Firefox vulnerabilities
Posted on: 07/28/2005 11:39 AM

An Ubuntu 4.10 update for the Firefox vulnerabilities has been released

Ubuntu Security Notice USN-149-3 July 28, 2005
mozilla-firefox vulnerabilities
CAN-2004-1156, CAN-2004-1381, CAN-2005-0141, CAN-2005-0142,
CAN-2005-0143, CAN-2005-0144, CAN-2005-0145, CAN-2005-0146,
CAN-2005-0147, CAN-2005-0150, CAN-2005-0230, CAN-2005-0231,
CAN-2005-0232, CAN-2005-0233, CAN-2005-0255, CAN-2005-0399,
CAN-2005-0401, CAN-2005-0402, CAN-2005-0578, CAN-2005-0584,
CAN-2005-0585, CAN-2005-0586, CAN-2005-0587, CAN-2005-0588,
CAN-2005-0589, CAN-2005-0590, CAN-2005-0591, CAN-2005-0592,
CAN-2005-0593, CAN-2005-0752, CAN-2005-0989, CAN-2005-1153,
CAN-2005-1154, CAN-2005-1155, CAN-2005-1156, CAN-2005-1157,
CAN-2005-1158, CAN-2005-1159, CAN-2005-1160, CAN-2005-1531,
CAN-2005-1532, CAN-2005-1937, CAN-2005-2260, CAN-2005-2261,
CAN-2005-2262, CAN-2005-2263, CAN-2005-2264, CAN-2005-2265,
CAN-2005-2266, CAN-2005-2267, CAN-2005-2268, CAN-2005-2269,

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:


The problem can be corrected by upgrading the affected package to version 1.0.6-0ubuntu0.0.1 (mozilla-firefox) and 1.0.6-0ubuntu0.1 (mozilla-firefox-locale-... packages).

Please note that the new version does not work with the already existing translation packages (mozilla-firefox-locale-...). New packages have been provided which are compatible to the new Firefox version of this security update, so they need to be upgraded as well (a standard system upgrade will take care of this).

After a standard system upgrade you need to restart Firefox to effect the necessary changes.

We apologize for the huge delay of this update; we changed our update strategy for Mozilla products to make sure that such long delays will not happen again.

Details follow:

USN-149-1 fixed some vulnerabilities in the Ubuntu 5.04 (Hoary Hedgehog) version of Firefox. The version shipped with Ubuntu 4.10 (Warty Warthog) is also vulnerable to these flaws, so it needs to be upgraded as well. Please see

for the original advisory.

This update also fixes several older vulnerabilities; Some of them could be exploited to execute arbitrary code with full user privileges if the user visited a malicious web site. (MFSA-2005-01 to MFSA-2005-44; please see the following web site for details:

Source archives:
Size/MD5: 586 c6a4ba172beb50212cc8dd63cf53fe21
Size/MD5: 413206 818b085a5c467e10da863e9d08d0fe20
Size/MD5: 634 ce6ada2229be234d78b7a3ed9b51c6f7
Size/MD5: 378461 cf83507e00cbcbde71a983143c8b2d08
Size/MD5: 601 0a97fd79d8862e5482e0d558e995c539
Size/MD5: 99717 8cbf0adeb41feb8d6b018608a962dab6
Size/MD5: 578 b1568bcc4255541cee642fcf4f01b026
Size/MD5: 411735 51e401a49e6622b063c5abc44c0338b4
Size/MD5: 623 77ab520968ac64c4ff032b9d1a348dbf
Size/MD5: 378699 5dc1756e4e5177ca07bc0b89a53fb4b5
Size/MD5: 612 b2858d47a7d517efe9fd16a4e8fd6435
Size/MD5: 169527 f580ce82d1768dedf952f816614fd176
Size/MD5: 587 d5fb0d5f4a17e2a92e094c0f94c41de5
Size/MD5: 849909 7a3e92d44123b91e6e431ac8c961c4e4
Size/MD5: 620 153b29244c33886c6590f8d4560f1668
Size/MD5: 779142 5fc8e81e27ff3a93a86282ec5381a650
Size/MD5: 582 fee3e204e79115f5b5cb7aab4bd6e18e
Size/MD5: 86633 3669dd55cf3b945638af495a1179abe6
Size/MD5: 578 830521a0572242e5c84d90fdf89b003f
Size/MD5: 119114 717e7522a6824b4af9004fd5fa479b6d
Size/MD5: 232845 81ff86fde63392bec52076c5c222669f
Size/MD5: 987 abbcca4640b3c8fe9435b935f0c305b7
Size/MD5: 40214302 5b3ad16b600896478d8ba6fe9321e4e1

Architecture independent packages:
Size/MD5: 410280 fdeb997e756e0d4511d26476cdcbcdb5
Size/MD5: 375336 c6e0e4a5c7669474ce7d1bdcc4ac886f
Size/MD5: 99100 e4b16d51ddb909984f49646e50071f37
Size/MD5: 410730 61f1c94f99b77af55e716eb1fe79c072
Size/MD5: 376952 f6756bc0d15480a1e6684fe54c8a05e9
Size/MD5: 169420 251604405347e9bdebc131b9be2a1f35
Size/MD5: 850174 9e566347c0666b80293492222d506dd1
Size/MD5: 777800 6aae0f82e190eeeca89b604858bb6728
Size/MD5: 85352 884bbc4ad0d50f08d4f7c1abc0bb6a5d
Size/MD5: 120272 ce1588fae7a1854e08a5b6d523876258

amd64 architecture (Athlon64, Opteron, EM64T Xeon)
Size/MD5: 147374 1a8aa083386d98e3fb74e6965090acb1
Size/MD5: 10673248 f90ed3698968b4609102d6e0737600d7

i386 architecture (x86 compatible Intel/AMD)
Size/MD5: 142280 7988203c7c0c7ff141a551a517a28b1c
Size/MD5: 9844756 b216dfb17fbdfb90b2deba1b2f1cc4f3

powerpc architecture (Apple Macintosh G3/G4/G5)
Size/MD5: 141018 4a5925ed52aa151843d3f1cbb1d951c9
Size/MD5: 9502076 2ce0a7d8260fdac867001461a15b6e69

Printed from Linux Compatible (