This upload fixes it :
firefox (1.5.dfsg+1.5.0.2-0ubuntu1) dapper; urgency=low
.
* New upstream version, 1.5.0.2.
Described as `stability and security fixes' by upstream but many
changes are included and producing a complete list is infeasible :-(.
Fixes are known to be included for:
- MFSA 2006-29, CVE-2006-1725: Spoofing with translucent windows
- MFSA 2006-28, CVE-2006-1726: Security check of js_ValueToFunctionObject() can be circumvented
- MFSA 2006-27, CVE-2006-0748: Table Rebuilding Code Execution Vulnerability
- MFSA 2006-25, CVE-2006-1727: Privilege escalation through Print Preview
- MFSA 2006-24, CVE-2006-1728: Privilege escalation using crypto.generateCRMFRequest
- MFSA 2006-23, CVE-2006-1729: File stealing by changing input type
- MFSA 2006-22, CVE-2006-1730: CSS Letter-Spacing Heap Overflow Vulnerability
- MFSA 2006-20, CVE-2006-1529, CVE-2006-1530, CVE-2006-1531, CVE-2006-1723, CVE-2006-1724: Crashes with evidence of memory corruption.
This package is based on Debian's firefox_1.5.dfsg+1.5.0.2.orig.tar.gz
but has none of the corresponding Debian changes.
This upload fixes it : 1.5.0.2- 0ubuntu1) dapper; urgency=low
js_ValueToFu nctionObject( ) can be circumvented
Vulnerabilit y
crypto. generateCRMFReq uest
Vulnerabilit y
CVE-2006- 1723, CVE-2006-1724: Crashes with evidence of memory
corruption. 1.5.dfsg+ 1.5.0.2. orig.tar. gz
firefox (1.5.dfsg+
.
* New upstream version, 1.5.0.2.
Described as `stability and security fixes' by upstream but many
changes are included and producing a complete list is infeasible :-(.
Fixes are known to be included for:
- MFSA 2006-29, CVE-2006-1725: Spoofing with translucent windows
- MFSA 2006-28, CVE-2006-1726: Security check of
- MFSA 2006-27, CVE-2006-0748: Table Rebuilding Code Execution
- MFSA 2006-25, CVE-2006-1727: Privilege escalation through Print Preview
- MFSA 2006-24, CVE-2006-1728: Privilege escalation using
- MFSA 2006-23, CVE-2006-1729: File stealing by changing input type
- MFSA 2006-22, CVE-2006-1730: CSS Letter-Spacing Heap Overflow
- MFSA 2006-20, CVE-2006-1529, CVE-2006-1530, CVE-2006-1531,
This package is based on Debian's firefox_
but has none of the corresponding Debian changes.