USN-350-1: Thunderbird vulnerabilities
Posted on: 09/21/2006 06:10 PM

A new Thunderbird vulnerabilities update is available for Ubuntu Linux. Here the announcement:

Ubuntu Security Notice USN-350-1 September 21, 2006
mozilla-thunderbird vulnerabilities
CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3804,
CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3809,
CVE-2006-3810, CVE-2006-3811, CVE-2006-3812, CVE-2006-4253,
CVE-2006-4340, CVE-2006-4565, CVE-2006-4566, CVE-2006-4567,
CVE-2006-4570, CVE-2006-4571
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D

A security issue affects the following Ubuntu releases:

Ubuntu 5.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 5.10:
mozilla-thunderbird 1.5.0.7-0ubuntu0.5.10
mozilla-thunderbird-locale-ca 1.5-ubuntu5.10
mozilla-thunderbird-locale-de 1.5-ubuntu5.10
mozilla-thunderbird-locale-fr 1.5-ubuntu5.10
mozilla-thunderbird-locale-it 1.5-ubuntu5.10
mozilla-thunderbird-locale-nl 1.5-ubuntu5.10
mozilla-thunderbird-locale-pl 1.5-ubuntu5.10
mozilla-thunderbird-locale-uk 1.5-ubuntu5.10
mozilla-thunderbird-enigmail 2:0.94-0ubuntu0.5.10
mozilla-thunderbird-inspector 1.5.0.7-0ubuntu0.5.10
mozilla-thunderbird-typeaheadfind 1.5.0.7-0ubuntu0.5.10

After a standard system upgrade you need to restart Thunderbird to
effect the necessary changes.

Please note that Thunderbird 1.0.8 in Ubuntu 5.04 is also affected by
these problems. An update will be provided shortly.

Details follow:

This update upgrades Thunderbird from 1.0.8 to 1.5.0.7. This step was
necessary since the 1.0.x series is not supported by upstream any
more.

Various flaws have been reported that allow an attacker to execute
arbitrary code with user privileges by tricking the user into opening
a malicious email containing JavaScript. Please note that JavaScript
is disabled by default for emails, and it is not recommended to enable
it. (CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3805,
CVE-2006-3806, CVE-2006-3807, CVE-2006-3809, CVE-2006-3810,
CVE-2006-3811, CVE-2006-3812, CVE-2006-4253, CVE-2006-4565,
CVE-2006-4566, CVE-2006-4571)

A buffer overflow has been discovered in the handling of .vcard files.
By tricking a user into importing a malicious vcard into his contacts,
this could be exploited to execute arbitrary code with the user's
privileges. (CVE-2006-3804)

The NSS library did not sufficiently check the padding of PKCS #1 v1.5
signatures if the exponent of the public key is 3 (which is widely
used for CAs). This could be exploited to forge valid signatures
without the need of the secret key. (CVE-2006-4340)

Jon Oberheide reported a way how a remote attacker could trick users
into downloading arbitrary extensions with circumventing the normal
SSL certificate check. The attacker would have to be in a position to
spoof the victim's DNS, causing them to connect to sites of the
attacker's choosing rather than the sites intended by the victim. If
they gained that control and the victim accepted the attacker's cert
for the Mozilla update site, then the next update check could be
hijacked and redirected to the attacker's site without detection.
(CVE-2006-4567)

Georgi Guninski discovered that even with JavaScript disabled, a
malicous email could still execute JavaScript when the message is
viewed, replied to, or forwarded by putting the script in a remote XBL
file loaded by the message. (CVE-2006-4570)

The "enigmail" plugin and the translation packages have been updated
to work with the new Thunderbird version.


Updated packages for Ubuntu 5.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozil=
la-thunderbird_1.5.0.7-0ubuntu0.5.10.diff.gz
Size/MD5: 451765 f226c2d1fb27ff7d1901563c0e7ae6aa
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozil=
la-thunderbird_1.5.0.7-0ubuntu0.5.10.dsc
Size/MD5: 960 33f4c6cf8f964b3bbf0cb7bf2a9b3a41
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozil=
la-thunderbird_1.5.0.7.orig.tar.gz
Size/MD5: 35412353 4e43a174c53adf09382a4f959b86abe6
http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/enigmail_0.94-0u=
buntu0.5.10.diff.gz
Size/MD5: 20864 3aee73c8c9d639372dc3f28a5f145324
http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/enigmail_0.94-0u=
buntu0.5.10.dsc
Size/MD5: 785 25206240fb199da5bbb5ab080600b0d5
http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/enigmail_0.94.or=
ig.tar.gz
Size/MD5: 3126659 7e34cbe51f5a1faca2e26fa0edfd6a06
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird-local=
e-ca/mozilla-thunderbird-locale-ca_1.5-ubuntu5.10.dsc
Size/MD5: 598 1d99f1f9e4dee5e65e3783a5f97dd263
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird-local=
e-ca/mozilla-thunderbird-locale-ca_1.5-ubuntu5.10.tar.gz
Size/MD5: 194758 ef06a28aee74c384480bc0ab4b4b884c
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird-local=
e-de/mozilla-thunderbird-locale-de_1.5-ubuntu5.10.dsc
Size/MD5: 596 4fa9a37540021ec258720b4870bb96d7
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird-local=
e-de/mozilla-thunderbird-locale-de_1.5-ubuntu5.10.tar.gz
Size/MD5: 169713 7c1002115108c1ed63d270a8d679b039
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird-local=
e-fr/mozilla-thunderbird-locale-fr_1.5-ubuntu5.10.dsc
Size/MD5: 599 ef565a49f01984cf671542e909fc9585
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird-local=
e-fr/mozilla-thunderbird-locale-fr_1.5-ubuntu5.10.tar.gz
Size/MD5: 204062 8a1ef43eccb78e45895bd1bff458d0fe
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird-local=
e-it/mozilla-thunderbird-locale-it_1.5-ubuntu5.10.dsc
Size/MD5: 601 90e8f323e3bc9a5f46c4a97a509cfc93
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird-local=
e-it/mozilla-thunderbird-locale-it_1.5-ubuntu5.10.tar.gz
Size/MD5: 158517 cddf397975e97c0dbd7152f387655303
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird-local=
e-nl/mozilla-thunderbird-locale-nl_1.5-ubuntu5.10.dsc
Size/MD5: 596 b4d740d0e33dde12c978b8f7385f690d
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird-local=
e-nl/mozilla-thunderbird-locale-nl_1.5-ubuntu5.10.tar.gz
Size/MD5: 195416 fc5bc7dc7388131564bdbbd16ab10b93
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird-local=
e-pl/mozilla-thunderbird-locale-pl_1.5-ubuntu5.10.dsc
Size/MD5: 632 de741d572f4ab22f99793aa3cfbe20e3
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird-local=
e-pl/mozilla-thunderbird-locale-pl_1.5-ubuntu5.10.tar.gz
Size/MD5: 192583 5cf008def5286ed0054a0a5015607cf7
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird-local=
e-uk/mozilla-thunderbird-locale-uk_1.5-ubuntu5.10.dsc
Size/MD5: 589 330958f8cb291d10cdc0196768233ad0
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird-local=
e-uk/mozilla-thunderbird-locale-uk_1.5-ubuntu5.10.tar.gz
Size/MD5: 11499 dd66aaa9efadb412e3122657a2da25fa

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird-local=
e-ca/mozilla-thunderbird-locale-ca_1.5-ubuntu5.10_all.deb
Size/MD5: 189666 473e996d047d43f6dd7bec92d53cfa03
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird-local=
e-de/mozilla-thunderbird-locale-de_1.5-ubuntu5.10_all.deb
Size/MD5: 167484 20623a5c44dc5b2196da99eed084b8b8
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird-local=
e-fr/mozilla-thunderbird-locale-fr_1.5-ubuntu5.10_all.deb
Size/MD5: 197384 6a49d6b1d63c6fbf5a5ba552916d933a
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird-local=
e-it/mozilla-thunderbird-locale-it_1.5-ubuntu5.10_all.deb
Size/MD5: 153016 c1e4f810878dfb4ea7a98422e566bab7
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird-local=
e-nl/mozilla-thunderbird-locale-nl_1.5-ubuntu5.10_all.deb
Size/MD5: 195206 a2b2c8189f2bdbd52ba207e467404e18
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird-local=
e-pl/mozilla-thunderbird-locale-pl_1.5-ubuntu5.10_all.deb
Size/MD5: 186030 4d1c2103ee676e569c0feb553161107c
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird-local=
e-uk/mozilla-thunderbird-locale-uk_1.5-ubuntu5.10_all.deb
Size/MD5: 11860 088e396b7bc681bbf773232e1fc62b7d

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozil=
la-thunderbird-dev_1.5.0.7-0ubuntu0.5.10_amd64.deb
Size/MD5: 3523522 a76de9534e4f7062f6ca1089ba190b95
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozil=
la-thunderbird-inspector_1.5.0.7-0ubuntu0.5.10_amd64.deb
Size/MD5: 190306 74bda8f95e40506db2eb9522ff5a0aad
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozil=
la-thunderbird-typeaheadfind_1.5.0.7-0ubuntu0.5.10_amd64.deb
Size/MD5: 55528 5bba85b882ef03b8d6abf6a30ee87581
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozil=
la-thunderbird_1.5.0.7-0ubuntu0.5.10_amd64.deb
Size/MD5: 11976232 2d6fd4f9dfc0f141d9deb7321d8c3d4f
http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/mozilla-thunderb=
ird-enigmail_0.94-0ubuntu0.5.10_amd64.deb
Size/MD5: 334962 a958117e8d86e698a1e0486169086c96

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozil=
la-thunderbird-dev_1.5.0.7-0ubuntu0.5.10_i386.deb
Size/MD5: 3516366 c0f3feae48b1c6aa62f3423279be2725
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozil=
la-thunderbird-inspector_1.5.0.7-0ubuntu0.5.10_i386.deb
Size/MD5: 183652 664776fcb3fcc35bb58e7edbc3a5492b
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozil=
la-thunderbird-typeaheadfind_1.5.0.7-0ubuntu0.5.10_i386.deb
Size/MD5: 51154 d35f0c9b0ad24a3ecb16c3ce29cd5427
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozil=
la-thunderbird_1.5.0.7-0ubuntu0.5.10_i386.deb
Size/MD5: 10282110 16ef30b246a84f1872129c6ecd9d0a75
http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/mozilla-thunderb=
ird-enigmail_0.94-0ubuntu0.5.10_i386.deb
Size/MD5: 322874 fdfb2bb51b8b360734169d9a6362bfb7

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozil=
la-thunderbird-dev_1.5.0.7-0ubuntu0.5.10_powerpc.deb
Size/MD5: 3520948 5d6db52b3aa4ea827dae5d2d1d42ade1
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozil=
la-thunderbird-inspector_1.5.0.7-0ubuntu0.5.10_powerpc.deb
Size/MD5: 187002 2998ab2a9287273f9b80ad7ce9ba5829
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozil=
la-thunderbird-typeaheadfind_1.5.0.7-0ubuntu0.5.10_powerpc.deb
Size/MD5: 54712 73da47232d65de50c846c0d287ccd4ca
http://security.ubuntu.com/ubuntu/pool/main/m/mozilla-thunderbird/mozil=
la-thunderbird_1.5.0.7-0ubuntu0.5.10_powerpc.deb
Size/MD5: 11523006 c8d86889f60569a3d578241e63f89f11
http://security.ubuntu.com/ubuntu/pool/main/e/enigmail/mozilla-thunderb=
ird-enigmail_0.94-0ubuntu0.5.10_powerpc.deb
Size/MD5: 326204 f25574cc20db03e78e0879b941a36600

--Qz2CZ664xQdCRdPu
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFFEqj0DecnbV4Fd/IRAuIUAJ9omnAhn3hQ1NsWhBIh1AAA2utyCwCg4Kse
cNQhFNyLNiuDDEi/S6wSLMo=
=8W6R
-----END PGP SIGNATURE-----



Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/usn_350_1_thunderbird_vulnerabilities.html)