Bug#308620: mozilla-firefox: 2 additional flaws

Thu, 12 May 2005 04:08:15 -0700 

Package: mozilla-firefox
Version: 1.0.3-2
Followup-For: Bug #308620

Please note that there are two additional flaws listed here:

http://www.frsirt.com/english/advisories/2005/0530

A demonstration is here:

http://www.heise.de/security/dienste/browsercheck/demos/nc/mozdemo3.shtml

Clicking "Test ausführen" on this page opens a shell window which
displays ls output.

Firefox 1.0.4 and Mozilla 1.7.8 are released.

Regards,

Sebastian

-- System Information:
Debian Release: 3.0
Architecture: i386
Kernel: Linux lain 2.6.11.6 #2 Thu Mar 31 12:52:06 CEST 2005 i686
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED]

Versions of packages mozilla-firefox depends on:
ii  debianutils                 2.6          Miscellaneous utilities specific t
ii  fontconfig                  2.2.2-2      generic font configuration library
ii  libatk1.0-0                 1.8.0-3      The ATK accessibility toolkit
ii  libc6                       2.3.2.ds1-21 GNU C Library: Shared libraries an
ii  libfontconfig1              2.3.1-2      generic font configuration library
ii  libfreetype6                2.1.7-1.1    FreeType 2 font engine, shared lib
ii  libgcc1                     1:3.4.1-3    GCC support library
ii  libglib2.0-0                2.6.2-1      The GLib library of C routines
ii  libgtk2.0-0                 2.6.2-3      The GTK+ graphical user interface 
ii  libidl0                     0.8.3-1      library for parsing CORBA IDL file
ii  libjpeg62                   6b-6         The Independent JPEG Group's JPEG 
ii  libkrb53                    1.3.6-1      MIT Kerberos runtime libraries
ii  libpango1.0-0               1.8.1-1      Layout and rendering of internatio
ii  libpng12-0                  1.2.8rel-1   PNG library - runtime
ii  libstdc++5                  1:3.3.4-5    The GNU Standard C++ Library v3
ii  libx11-6                    4.3.0-7      X Window System protocol client li
ii  libxext6                    4.3.0-7      X Window System miscellaneous exte
ii  libxft2                     2.1.2-6      FreeType-based font drawing librar
ii  libxp6                      4.3.0-7      X Window System printing extension
ii  libxt6                      4.3.0-7      X Toolkit Intrinsics
ii  psmisc                      21.2-1       Utilities that use the proc filesy
ii  xlibs                       4.3.0-7      X Window System client libraries m
ii  zlib1g                      1:1.2.1-3    compression library - runtime

-- no debconf information


-- 
InterNetX GmbH
Sebastian Wiesinger
System Administration
Maximilianstrasse 6
D-93047 Regensburg

Tel. +49 941 59559-0
Fax  +49 941 59559-245

eMail: [EMAIL PROTECTED]
nic-hdl: SW1421-RIPE

GPG-Key         : 0x97F5A1D8 (0x8431335F97F5A1D8)
GPG-Fingerprint : 6181 B041 3554 0B6F 4EF3  1B12 8431 335F 97F5 A1D8

Reply via email to